<?php
include "../include/db.php";
include "../include/general.php";
# External access support (authenticate only if no key provided, or if invalid access key provided)
$k = getvalescaped("k", "");
if ($k == "" || !check_access_key(getvalescaped("ref", "", true), $k)) {
include "../include/authenticate.php";
}
include_once "../include/collections_functions.php";
include "../include/resource_functions.php";
include "../include/search_functions.php";
$ref = getvalescaped("ref", "", true);
$collection = getvalescaped("collection", "", true);
# Fetch collection data
$cinfo = get_collection($collection);
if ($cinfo === false) {
exit("Collection not found.");
}
$commentdata = get_collection_resource_comment($ref, $collection);
$comment = $commentdata["comment"];
$rating = $commentdata["rating"];
# Check access
if (!collection_readable($collection)) {
exit("Access denied.");
}
if (getval("submitted", "") != "") {
# Save comment
$comment = trim(getvalescaped("comment", ""));
$rating = trim(getvalescaped("rating", ""));
save_collection_resource_comment($ref, $collection, $comment, $rating);
if ($go == "next" && $pos < $n - 1) {
$ref = $result[$pos + 1]["ref"];
if ($pos + 1 >= $offset + 72) {
$offset = $pos + 1;
}
}
# move to next page if we've advanced far enough
}
}
# Option to replace the key via a plugin (used by resourceconnect plugin).
$newkey = hook("nextpreviewregeneratekey");
if (is_string($newkey)) {
$k = $newkey;
}
# Check access permissions for this new resource, if an external user.
if ($k != "" && !check_access_key($ref, $k)) {
$ref = $origref;
}
# Cancel the move.
}
$resource = get_resource_data($ref);
$ext = "jpg";
if ($ext != "" && $ext != "gif" && $ext != "jpg" && $ext != "png") {
$ext = "jpg";
$border = false;
}
# Supports types that have been created using ImageMagick
# Load access level
$access = get_resource_access($ref);
$use_watermark = check_use_watermark($ref);
# check permissions (error message is not pretty but they shouldn't ever arrive at this page unless entering a URL manually)
function check_access_key_collection($collection, $key)
{
if ($collection == "" || !is_numeric($collection)) {
return false;
}
$r = get_collection_resources($collection);
if (count($r) == 0) {
return false;
}
for ($n = 0; $n < count($r); $n++) {
# Verify a supplied external access key for all resources in a collection
if (!check_access_key($r[$n], $key)) {
return false;
}
}
# Set the 'last used' date for this key
sql_query("update external_access_keys set lastused=now() where collection='{$collection}' and access_key='{$key}'");
return true;
}
{
if ($result[$n]["ref"]==$ref) {$pos=$n;}
}
if ($pos!=-1)
{
if (($go=="previous") && ($pos>0)) {$ref=$result[$pos-1]["ref"];}
if (($go=="next") && ($pos<($n-1))) {$ref=$result[$pos+1]["ref"];if (($pos+1)>=($offset+72)) {$offset=$pos+1;}} # move to next page if we've advanced far enough
}
}
# Option to replace the key via a plugin (used by resourceconnect plugin).
$newkey = hook("nextpreviewregeneratekey");
if (is_string($newkey)) {$k = $newkey;}
# Check access permissions for this new resource, if an external user.
if ($k!="" && !check_access_key($ref, $k)) {$ref = $origref;} # Cancel the move.
}
$resource=get_resource_data($ref);
$ext="jpg";
if ($ext!="" && $ext!="gif" && $ext!="jpg" && $ext!="png") {$ext="jpg";$border=false;} # Supports types that have been created using ImageMagick
# Load access level
$access=get_resource_access($ref);
$use_watermark=check_use_watermark($ref);
# check permissions (error message is not pretty but they shouldn't ever arrive at this page unless entering a URL manually)
if ($access==2)
<?php
include "../include/db.php";
include "../include/general.php";
# External access support (authenticate only if no key provided, or if invalid access key provided)
$k=getvalescaped("k","");if (($k=="") || (!check_access_key(getvalescaped("ref","",true),$k))) {include "../include/authenticate.php";}
include "../include/search_functions.php";
include_once "../include/collections_functions.php";
include "../include/resource_functions.php";
$backto=getval("backto","");
$col_order_by=getval("col_order_by","");
$colref=getval("ref","");
$collection=getval("ref","");
$ext="jpg";
$height=getval("height",600);
$vertical=getval("vertical",$preview_all_default_orientation);
# Load collection info.
$cinfo=get_collection($usercollection);
$skip=false;
# Check to see if the user can edit this collection.
$allow_reorder=false;
# Fetch and set the values
$search=getvalescaped("search","");
if (strpos($search,"!")===false) {setcookie("search",$search, 0, '', '', false, true);} # store the search in a cookie if not a special search
$offset=getvalescaped("offset",0);if (strpos($search,"!")===false) {setcookie("saved_offset",$offset, 0, '', '', false, true);}
if ((!is_numeric($offset)) || ($offset<0)) {$offset=0;}
$order_by=getvalescaped("order_by",$default_sort);if (strpos($search,"!")===false) {setcookie("saved_order_by",$order_by, 0, '', '', false, true);}
<?php
include "include/db.php";
include "include/general.php";
include "include/collections_functions.php";
if (getval("rp", "") != "") {
# quick redirect to reset password
$rp = getvalescaped("rp", "");
$topurl = "pages/user/user_change_password.php?rp=" . $rp;
redirect($topurl);
}
# External access support (authenticate only if no key provided, or if invalid access key provided)
$k = getvalescaped("k", "");
if ($k == "" || !check_access_key_collection(getvalescaped("c", ""), $k) && !check_access_key(getvalescaped("r", ""), $k)) {
include "include/authenticate.php";
}
if (!hook("replacetopurl")) {
$topurl = "pages/" . $default_home_page;
if ($use_theme_as_home) {
$topurl = "pages/themes.php";
}
if ($use_recent_as_home) {
$topurl = "pages/search.php?search=" . urlencode("!last" . $recent_search_quantity);
}
}
/* end hook replacetopurl */
if (getval("c", "") != "") {
# quick redirect to a collection (from e-mails, keep the URL nice and short)
$c = getvalescaped("c", "");
$topurl = "pages/search.php?search=" . urlencode("!collection" . $c) . "&k=" . $k;
if ($k != "") {
<?php
include "../include/db.php";
include "../include/general.php";
# External access support (authenticate only if no key provided, or if invalid access key provided)
$k = getvalescaped("k", '');
if ($k == '' || !check_access_key(getvalescaped("ref", '', true), $k)) {
include "../include/authenticate.php";
}
$ref = getval("ref", '');
$col = getval('collection', -1, true);
$size = getval("size", '');
$ext = getval("ext", '');
$alternative = getval("alternative", -1);
hook("pageevaluation");
$download_url_suffix = hook("addtodownloadquerystring");
if (getval("save", '') != '') {
$usage = getvalescaped("usage", '');
$usagecomment = getvalescaped("usagecomment", '');
$download_url_suffix .= $download_url_suffix == '' ? '?' : '&';
if ($download_usage && getval('col', -1, true) != -1) {
$col = getval('col', -1, true);
$download_url_suffix .= "collection=" . urlencode($col);
$redirect_url = "pages/collection_download.php";
} else {
$download_url_suffix .= "ref=" . urlencode($ref);
$redirect_url = "pages/download_progress.php";
}
$download_url_suffix .= "&size=" . urlencode($size) . "&ext=" . urlencode($ext) . "&k=" . urlencode($k) . "&alternative=" . urlencode($alternative) . "&usage=" . urlencode($usage) . "&usagecomment=" . urlencode($usagecomment) . "&offset=" . urlencode(getval("saved_offset", getval("offset", ''))) . "&order_by=" . urlencode(getval("saved_order_by", getval("order_by", ''))) . "&sort=" . urlencode(getval("saved_sort", getval("sort", ''))) . "&archive=" . urlencode(getval("saved_archive", getval("archive", '')));
hook('before_usage_redirect');
redirect($redirect_url . $download_url_suffix);
<?php
include "../../include/db.php";
include "../../include/general.php";
include "../../include/resource_functions.php";
$ref = getvalescaped("ref", "", true);
$k = getvalescaped("k", "");
if ($k == "" || !check_access_key($ref, $k)) {
include "../../include/authenticate.php";
}
//Get resource info and access, would usually be available as included in view.php
# Load resource data
$resource = get_resource_data($ref);
if ($resource === false) {
exit($lang['resourcenotfound']);
}
# Load resource field data
$fields = get_resource_field_data($ref, false, !hook("customgetresourceperms"), -1, $k != "", $use_order_by_tab_view);
$edit_access = get_edit_access($ref, $resource["archive"], $fields, $resource);
if ($k != "") {
$edit_access = 0;
}
$geolocation_panel_only = true;
// If we are here we have specifically requested it so make sure it is displayed
include "../../include/geocoding_view.php";