/**
* Handles an album for printAlbumMenuList
*
* @param array $albums albums array
* @param string $folder
* @param string $option see printAlbumMenuList
* @param string $showcount see printAlbumMenuList
* @param int $showsubs see printAlbumMenuList
* @param string $css_class see printAlbumMenuList
* @param string $css_class_topactive see printAlbumMenuList
* @param string $css_class_active see printAlbumMenuList
* @param bool $firstimagelink If set to TRUE and if the album has images the link will point to page of the first image instead the album thumbnail page
* @param bool $keeptopactive If set to TRUE the toplevel album entry will stay marked as active if within its subalbums ("list" only)
* @param int $limit truncation of display text
*/
function printAlbumMenuListAlbum($albums, $folder, $option, $showcount, $showsubs, $css_class, $css_class_topactive, $css_class_active, $firstimagelink, $keeptopactive, $limit = NULL)
{
global $_zp_gallery, $_zp_current_album, $_zp_current_search, $_recursion_limiter;
if (is_null($limit)) {
$limit = MENU_TRUNCATE_STRING;
}
if (is_null($showcount)) {
$showcount = ALBUM_MENU_COUNT;
}
if (is_null($showsubs)) {
$showsubs = ALBUM_MENU_SHOWSUBS;
}
if ($showsubs && !is_numeric($showsubs)) {
$showsubs = 9999999999.0;
}
$pagelevel = count(explode('/', $folder));
$currenturalbumname = "";
foreach ($albums as $album) {
$level = count(explode('/', $album));
$process = $level < $showsubs && $option == "list" || $option != 'list-top' && strpos($folder, $album) === 0 && $level <= $pagelevel;
if ($process && hasDynamicAlbumSuffix($album) && !is_dir(ALBUM_FOLDER_SERVERPATH . $album)) {
if (in_array($album, $_recursion_limiter)) {
$process = false;
}
// skip already seen dynamic albums
}
$topalbum = newAlbum($album, true);
if ($level > 1 || $option != 'omit-top') {
// listing current level album
if ($level == 1) {
$css_class_t = $css_class_topactive;
} else {
$css_class_t = $css_class_active;
}
if ($keeptopactive) {
if (isset($_zp_current_album) && is_object($_zp_current_album)) {
$currenturalbum = getUrAlbum($_zp_current_album);
$currenturalbumname = $currenturalbum->name;
}
}
$count = "";
if ($showcount) {
$toplevelsubalbums = $topalbum->getAlbums();
$toplevelsubalbums = count($toplevelsubalbums);
$topalbumnumimages = $topalbum->getNumImages();
if ($topalbumnumimages + $toplevelsubalbums > 0) {
$count = ' <span style="white-space:nowrap;"><small>(';
if ($toplevelsubalbums > 0) {
$count .= sprintf(ngettext('%u album', '%u albums', $toplevelsubalbums), $toplevelsubalbums);
}
if ($topalbumnumimages > 0) {
if ($toplevelsubalbums) {
$count .= ' ';
}
$count .= sprintf(ngettext('%u image', '%u images', $topalbumnumimages), $topalbumnumimages);
}
$count .= ')</small></span>';
}
}
if (in_context(ZP_ALBUM) && !in_context(ZP_SEARCH_LINKED) && (@$_zp_current_album->getID() == $topalbum->getID() || $topalbum->name == $currenturalbumname) || in_context(ZP_SEARCH_LINKED) && ($a = $_zp_current_search->getDynamicAlbum()) && $a->name == $topalbum->name) {
$current = $css_class_t . ' ';
} else {
$current = "";
}
$title = $topalbum->getTitle();
if ($limit) {
$display = shortenContent($title, $limit, MENU_TRUNCATE_INDICATOR);
} else {
$display = $title;
}
if ($firstimagelink && $topalbum->getNumImages() != 0) {
$link = "<li><a " . $current . "href='" . html_encode($topalbum->getImage(0)->getLink()) . "' title='" . html_encode($title) . "'>" . html_encode($display) . "</a>" . $count;
} else {
$link = "<li><a " . $current . "href='" . html_encode($topalbum->getLink(1)) . "' title='" . html_encode($title) . "'>" . html_encode($display) . "</a>" . $count;
}
echo $link;
}
if ($process) {
// listing subalbums
$subalbums = $topalbum->getAlbums();
if (!empty($subalbums)) {
echo "\n<ul" . $css_class . ">\n";
array_push($_recursion_limiter, $album);
printAlbumMenuListAlbum($subalbums, $folder, $option, $showcount, $showsubs, $css_class, $css_class_topactive, $css_class_active, $firstimagelink, false, $limit);
array_pop($_recursion_limiter);
echo "\n</ul>\n";
}
}
if ($option == 'list' || $option == 'list-top' || $level > 1) {
// close the LI
echo "\n</li>\n";
}
}
}
/**
* Returns the URL of the main gallery index page. If a custom index page is set this returns that page.
* So this is not necessarily the home page of the site!
* @return string
*/
function getGalleryIndexURL()
{
global $_zp_current_album, $_zp_gallery_page;
if (func_num_args() !== 0) {
internal_deprecations::getGalleryIndexURL();
}
$custom_index = getOption('custom_index_page');
if ($custom_index) {
$link = rewrite_path('/' . _PAGE_ . '/' . $custom_index, "/index.php?p=" . $custom_index);
} else {
$link = WEBPATH . "/";
}
if (in_context(ZP_ALBUM) && $_zp_gallery_page != 'index.php') {
$album = getUrAlbum($_zp_current_album);
if (($page = $album->getGalleryPage()) > 1) {
if ($custom_index) {
$link = rewrite_path('/' . _PAGE_ . '/' . $custom_index . '/' . $page, "/index.php?p=" . $custom_index . "&page=" . $page);
} else {
$link = rewrite_path('/' . _PAGE_ . '/' . $page, "/index.php?" . "page=" . $page);
}
}
}
return zp_apply_filter('getLink', $link, 'index.php', NULL);
}
/**
* Returns the theme folder
* If there is an album theme, loads the theme options.
*
* @param object $album album object if override desired
*
* @return string
*/
function setupTheme($album = NULL)
{
global $_zp_gallery, $_zp_current_album, $_zp_current_search, $_zp_themeroot;
$albumtheme = '';
if (is_null($album)) {
if (in_context(ZP_SEARCH_LINKED)) {
if (!($album = $_zp_current_search->getDynamicAlbum())) {
$album = $_zp_current_album;
}
} else {
$album = $_zp_current_album;
}
}
$theme = $_zp_gallery->getCurrentTheme();
$id = 0;
if (!is_null($album)) {
$parent = getUrAlbum($album);
$albumtheme = $parent->getAlbumTheme();
if (!empty($albumtheme)) {
$theme = $albumtheme;
$id = $parent->getID();
}
}
$theme = zp_apply_filter('setupTheme', $theme);
$_zp_gallery->setCurrentTheme($theme);
$themeindex = getPlugin('index.php', $theme);
if (empty($theme) || empty($themeindex)) {
header('Last-Modified: ' . ZP_LAST_MODIFIED);
header('Content-Type: text/html; charset=' . LOCAL_CHARSET);
?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
<strong><?php
printf(gettext('Zenphoto found no theme scripts. Please check the <em>%s</em> folder of your installation.'), THEMEFOLDER);
?>
</strong>
</body>
</html>
<?php
exitZP();
} else {
loadLocalOptions($id, $theme);
$_zp_themeroot = WEBPATH . "/" . THEMEFOLDER . "/{$theme}";
}
return $theme;
}
/**
* Returns the theme folder
* If there is an album theme, loads the theme options.
*
* @return string
*/
function setupTheme()
{
global $_zp_gallery, $_zp_current_album, $_zp_current_search, $_zp_options, $_zp_themeroot;
$albumtheme = '';
if (in_context(ZP_SEARCH_LINKED)) {
$name = $_zp_current_search->dynalbumname;
if (!empty($name)) {
$album = new Album($_zp_gallery, $name);
} else {
$album = NULL;
}
} else {
$album = $_zp_current_album;
}
$theme = $_zp_gallery->getCurrentTheme();
if (!is_null($album)) {
$parent = getUrAlbum($album);
$albumtheme = $parent->getAlbumTheme();
}
if (!(false === ($requirePath = getPlugin('themeoptions.php', $theme)))) {
require_once $requirePath;
$optionHandler = new ThemeOptions();
/* prime the theme options */
}
if (!empty($albumtheme)) {
$theme = $albumtheme;
$tbl = prefix('options') . ' WHERE `ownerid`=' . $parent->id;
//load the album theme options
$sql = "SELECT `name`, `value` FROM " . $tbl;
$optionlist = query_full_array($sql, true);
if ($optionlist !== false) {
foreach ($optionlist as $option) {
$_zp_options[$option['name']] = $option['value'];
}
}
}
$_zp_themeroot = WEBPATH . "/" . THEMEFOLDER . "/{$theme}";
return $theme;
}
function loadAlbum($album)
{
global $gallery, $_zp_current_album, $_zp_current_image;
$subalbums = $album->getAlbums();
$started = false;
$tcount = $count = 0;
foreach ($subalbums as $folder) {
$subalbum = new Album($gallery, $folder);
if (!$subalbum->isDynamic()) {
$tcount = $tcount + loadAlbum($subalbum);
}
}
$theme = $gallery->getCurrentTheme();
$id = 0;
$parent = getUrAlbum($album);
$albumtheme = $parent->getAlbumTheme();
if (!empty($albumtheme)) {
$theme = $albumtheme;
$id = $parent->id;
}
loadLocalOptions($id, $theme);
$_zp_current_album = $album;
if ($album->getNumImages() > 0) {
echo "<br />" . $album->name . ' ';
while (next_image(true)) {
$thumb = getImageThumb();
if (strpos($thumb, 'i.php?') === false) {
$thumb = NULL;
}
if (isImagePhoto($_zp_current_image)) {
$image = getDefaultSizedImage();
if (strpos($image, 'i.php?') === false) {
$image = NULL;
}
} else {
$image = NULL;
if ($_zp_current_image->objectsThumb == NULL) {
$thumb = NULL;
}
}
if (!empty($thumb) || !empty($image)) {
if (!$count) {
$started = true;
echo "{ ";
} else {
echo ' | ';
}
}
if (!empty($thumb)) {
echo '<img src="' . $thumb . '" height="8" width="8" /> ';
}
if (!empty($image)) {
echo ' <img src="' . $image . '" height="20" width="20" />';
}
if (!empty($thumb) || !empty($image)) {
echo "\n";
}
$count++;
}
if ($started) {
echo ' } ';
}
printf(ngettext('[%u image]', '[%u images]', $count), $count);
echo "<br />\n";
}
return $count + $tcount;
}
function loadAlbum($album)
{
global $_zp_current_album, $_zp_current_image, $_zp_gallery, $custom, $enabled;
$subalbums = $album->getAlbums();
$started = false;
$tcount = $count = 0;
foreach ($subalbums as $folder) {
$subalbum = newAlbum($folder);
if (!$subalbum->isDynamic()) {
$tcount = $tcount + loadAlbum($subalbum);
}
}
$theme = $_zp_gallery->getCurrentTheme();
$id = 0;
$parent = getUrAlbum($album);
$albumtheme = $parent->getAlbumTheme();
if (!empty($albumtheme)) {
$theme = $albumtheme;
$id = $parent->getID();
}
loadLocalOptions($id, $theme);
$_zp_current_album = $album;
if ($album->getNumImages() > 0) {
echo "<br />" . $album->name . ' ';
while (next_image(true)) {
if (isImagePhoto($_zp_current_image)) {
$countit = 0;
if (in_array('*', $enabled)) {
$uri = getFullImageURL(NULL, 'Protected view');
if (strpos($uri, 'full-image.php?') !== false) {
if (!($count + $countit)) {
echo "{ ";
} else {
echo ' | ';
}
$countit = 1;
?>
<a href="<?php
echo html_encode($uri);
?>
&debug">
<?php
echo '<img src="' . html_encode(pathurlencode($uri)) . '" height="30" width="30" alt="X" />' . "\n";
?>
</a>
<?php
}
}
foreach ($custom as $key => $cacheimage) {
if (in_array($key, $enabled)) {
$size = isset($cacheimage['image_size']) ? $cacheimage['image_size'] : NULL;
$width = isset($cacheimage['image_width']) ? $cacheimage['image_width'] : NULL;
$height = isset($cacheimage['image_height']) ? $cacheimage['image_height'] : NULL;
$thumbstandin = isset($cacheimage['thumb']) ? $cacheimage['thumb'] : NULL;
if ($special = $thumbstandin === true) {
list($special, $cw, $ch, $cx, $cy) = $_zp_current_image->getThumbCropping($size, $width, $height);
}
if (!$special) {
$cw = isset($cacheimage['crop_width']) ? $cacheimage['crop_width'] : NULL;
$ch = isset($cacheimage['crop_height']) ? $cacheimage['crop_height'] : NULL;
$cx = isset($cacheimage['crop_x']) ? $cacheimage['crop_x'] : NULL;
$cy = isset($cacheimage['crop_y']) ? $cacheimage['crop_y'] : NULL;
}
$effects = isset($cacheimage['gray']) ? $cacheimage['gray'] : NULL;
if (isset($cacheimage['wmk'])) {
$passedWM = $cacheimage['wmk'];
} else {
if ($thumbstandin) {
$passedWM = getWatermarkParam($_zp_current_image, WATERMARK_THUMB);
} else {
$passedWM = getWatermarkParam($_zp_current_image, WATERMARK_IMAGE);
}
}
if (isset($cacheimage['maxspace'])) {
getMaxSpaceContainer($width, $height, $_zp_current_image, $thumbstandin);
}
$args = array($size, $width, $height, $cw, $ch, $cx, $cy, NULL, $thumbstandin, NULL, $thumbstandin, $passedWM, NULL, $effects);
$args = getImageParameters($args, $album->name);
$uri = getImageURI($args, $album->name, $_zp_current_image->filename, $_zp_current_image->filemtime);
if (strpos($uri, 'i.php?') !== false) {
if (!($count + $countit)) {
echo "{ ";
} else {
echo ' | ';
}
$countit = 1;
?>
<a href="<?php
echo html_encode($uri);
?>
&debug">
<?php
if ($thumbstandin) {
echo '<img src="' . html_encode(pathurlencode($uri)) . '" height="15" width="15" alt="x" />' . "\n";
} else {
echo '<img src="' . html_encode(pathurlencode($uri)) . '" height="20" width="20" alt="X" />' . "\n";
}
?>
</a>
<?php
}
}
}
$count = $count + $countit;
}
}
if ($count) {
echo '
} ';
}
printf(ngettext('[%u image]', '[%u images]', $count), $count);
echo "<br />\n";
}
return $count + $tcount;
}
/**
*
* sets up for loading p=page pages
* @return string
*/
function prepareCustomPage()
{
global $_zp_current_album, $_zp_current_image, $_zp_gallery_page, $_zp_script, $_zp_current_search;
$searchalbums = handleSearchParms('page', $_zp_current_album, $_zp_current_image);
$album = NULL;
$page = str_replace(array('/', '\\', '.'), '', sanitize($_GET['p']));
if (isset($_GET['z'])) {
// system page
if ($subfolder = sanitize($_GET['z'])) {
$subfolder .= '/';
}
$_zp_gallery_page = $page . '.php';
$_zp_script = ZENFOLDER . '/' . $subfolder . $page . '.php';
} else {
$_zp_gallery_page = $page . '.php';
switch ($_zp_gallery_page) {
case 'search.php':
if (!empty($searchalbums)) {
// we are within a search of a specific album(s)
$albums = array();
foreach ($searchalbums as $analbum) {
$parent = getUrAlbum(newAlbum($analbum));
$albums[$parent->getID()] = $parent;
}
if (count($albums) == 1) {
// there is only one parent album for the search
$album = array_shift($albums);
}
}
break;
}
}
$theme = setupTheme($album);
if (empty($_zp_script)) {
$_zp_script = THEMEFOLDER . "/{$theme}/{$page}.php";
}
return $theme;
}
/**
* Returns an array of image names found in the search
*
* @param string $sorttype what to sort on
* @param string $sortdirection what direction
* @param bool $mine set true/false to overried ownership
* @return array
*/
private function getSearchImages($sorttype, $sortdirection, $mine = NULL)
{
if (getOption('search_no_images') || $this->search_no_images) {
return array();
}
list($sorttype, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'images');
if (is_null($mine) && zp_loggedin(MANAGE_ALL_ALBUM_RIGHTS)) {
$mine = true;
}
$searchstring = $this->getSearchString();
$searchdate = $this->dates;
if (empty($searchstring) && empty($searchdate)) {
return array();
}
// nothing to find
$criteria = $this->getCacheTag('images', serialize($searchstring) . ' ' . $searchdate, $sorttype . ' ' . $sortdirection . ' ' . $mine);
if ($criteria == $this->searches['images']) {
return $this->images;
}
$images = $this->getCachedSearch($criteria);
if (is_null($images)) {
if (empty($searchdate)) {
list($search_query, $weights) = $this->searchFieldsAndTags($searchstring, 'images', $sorttype, $sortdirection);
} else {
$search_query = $this->searchDate($searchstring, $searchdate, 'images', $sorttype, $sortdirection);
}
if (empty($search_query)) {
$search_result = false;
} else {
$search_result = query($search_query);
}
$albums_seen = $images = array();
if ($search_result) {
while ($row = db_fetch_assoc($search_result)) {
$albumid = $row['albumid'];
if (array_key_exists($albumid, $albums_seen)) {
$albumrow = $albums_seen[$albumid];
} else {
$query = "SELECT folder, `show` FROM " . prefix('albums') . " WHERE id = {$albumid}";
$row2 = query_single_row($query);
// id is unique
if ($row2) {
$albumname = $row2['folder'];
$allow = false;
$album = newAlbum($albumname);
$uralbum = getUrAlbum($album);
$viewUnpublished = $this->search_unpublished || zp_loggedin() && $uralbum->albumSubRights() & (MANAGED_OBJECT_RIGHTS_EDIT | MANAGED_OBJECT_RIGHTS_VIEW);
switch (checkPublishDates($row)) {
case 1:
$imageobj = newImage($this, $row['filename']);
$imageobj->setShow(0);
$imageobj->save();
case 2:
$row['show'] = 0;
break;
}
if ($mine || is_null($mine) && ($album->isMyItem(LIST_RIGHTS) || checkAlbumPassword($albumname) && ($album->getShow() || $viewUnpublished))) {
$allow = empty($this->album_list) || in_array($albumname, $this->album_list);
}
$albums_seen[$albumid] = $albumrow = array('allow' => $allow, 'viewUnpublished' => $viewUnpublished, 'folder' => $albumname, 'localpath' => ALBUM_FOLDER_SERVERPATH . internalToFilesystem($albumname) . '/');
} else {
$albums_seen[$albumid] = $albumrow = array('allow' => false, 'viewUnpublished' => false, 'folder' => '', 'localpath' => '');
}
}
if ($albumrow['allow'] && ($row['show'] || $albumrow['viewUnpublished'])) {
if (file_exists($albumrow['localpath'] . internalToFilesystem($row['filename']))) {
// still exists
$data = array('title' => $row['title'], 'filename' => $row['filename'], 'folder' => $albumrow['folder']);
if (isset($weights)) {
$data['weight'] = $weights[$row['id']];
}
$images[] = $data;
}
}
}
db_free_result($search_result);
if (is_null($sorttype) && isset($weights)) {
$images = sortMultiArray($images, 'weight', true, true, false, false, array('weight'));
}
if ($sorttype == '`title`') {
$images = sortByMultilingual($images, 'title', $sortdirection);
}
}
if (empty($searchdate)) {
zp_apply_filter('search_statistics', $searchstring, 'images', !empty($images), $this->dynalbumname, $this->iteration++);
}
$this->cacheSearch($criteria, $images);
}
$this->searches['images'] = $criteria;
return $images;
}
/**
* Produces the url to a custom page (e.g. one that is not album.php, image.php, or index.php)
*
* @param string $linktext Text for the URL
* @param string $page page name to include in URL
* @param string $q query string to add to url
* @return string
*/
function getCustomPageURL($page, $q = '')
{
global $_zp_current_album, $_zp_conf_vars, $_zp_gallery_page;
if (array_key_exists($page, $_zp_conf_vars['special_pages'])) {
$result_r = preg_replace('~^_PAGE_/~', _PAGE_ . '/', $_zp_conf_vars['special_pages'][$page]['rewrite']);
} else {
$result_r = '/' . _PAGE_ . '/' . $page;
}
$result = "index.php?p={$page}";
if (in_context(ZP_ALBUM) && $_zp_gallery_page != $page . '.php') {
$album = getUrAlbum($_zp_current_album);
if (($pageno = $album->getGalleryPage()) > 1) {
$result_r .= '/' . $pageno . '/';
$result .= '&page=' . $pageno;
}
}
if (!empty($q)) {
$result_r .= "?{$q}";
$result .= "&{$q}";
}
return zp_apply_filter('getLink', rewrite_path($result_r, $result), $page . '.php', NULL);
}
/**
* returns the mitigated album rights.
* returns NULL if not a managed album
*/
function subRights()
{
global $_zp_admin_album_list;
if (!is_null($this->subrights)) {
return $this->subrights;
}
$this->subrights = 0;
if (zp_loggedin()) {
if (zp_loggedin(MANAGE_ALL_ALBUM_RIGHTS)) {
$this->subrights = MANAGED_OBJECT_RIGHTS_EDIT | MANAGED_OBJECT_RIGHTS_UPLOAD | MANAGED_OBJECT_RIGHTS_VIEW;
return $this->subrights;
}
getManagedAlbumList();
if (count($_zp_admin_album_list) > 0) {
$uralbum = getUrAlbum($this);
if ($uralbum->name == $this->name) {
if (isset($_zp_admin_album_list[$uralbum->name])) {
$this->subrights = $_zp_admin_album_list[$uralbum->name] | MANAGED_OBJECT_MEMBER;
if (zp_loggedin(VIEW_UNPUBLISHED_RIGHTS)) {
$this->subrights = $this->subrights | MANAGED_OBJECT_RIGHTS_VIEW;
}
}
} else {
$this->subrights = $uralbum->subRights();
}
}
}
return $this->subrights;
}
/**
* Returns the name of the currently active theme
*
* @return string
*/
function getCurrentTheme()
{
global $_zp_gallery, $_zp_current_album;
$theme = $_zp_gallery->getCurrentTheme();
if (in_context(ZP_ALBUM)) {
$parent = getUrAlbum($_zp_current_album);
$albumtheme = $parent->getAlbumTheme();
if (!empty($albumtheme)) {
return $albumtheme;
}
}
return $theme;
}
/**
* Returns the URL of the main gallery page containing the current album
*
* @param bool $relative set to false to get the true index page
* @return string
*/
function getGalleryIndexURL($relative = true)
{
global $_zp_current_album, $_zp_gallery_page;
if ($relative && $_zp_gallery_page != 'index.php' && in_context(ZP_ALBUM)) {
$album = getUrAlbum($_zp_current_album);
$page = $album->getGalleryPage();
} else {
$page = 0;
}
$gallink1 = '';
$gallink2 = '';
$specialpage = false;
if ($relative && ($specialpage = getOption('custom_index_page'))) {
if (file_exists(SERVERPATH . '/' . THEMEFOLDER . '/' . getOption('current_theme') . '/' . UTF8ToFilesystem($specialpage) . '.php')) {
$gallink1 = $specialpage . '/';
$gallink2 = 'p=' . $specialpage . '&';
} else {
$specialpage = false;
}
}
if ($page > 1) {
return rewrite_path("/page/" . $gallink1 . $page, "/index.php?" . $gallink2 . "page=" . $page);
} else {
if ($specialpage) {
return rewrite_path('/page/' . $gallink1, '?' . substr($gallink2, 0, -1));
}
return WEBPATH . "/";
}
}
/**
* Generic comment adding routine. Called by album objects or image objects
* to add comments.
*
* Returns a comment object
*
* @param string $name Comment author name
* @param string $email Comment author email
* @param string $website Comment author website
* @param string $comment body of the comment
* @param string $code CAPTCHA code entered
* @param string $code_ok CAPTCHA hash expected
* @param string $type 'albums' if it is an album or 'images' if it is an image comment
* @param object $receiver the object (image or album) to which to post the comment
* @param string $ip the IP address of the comment poster
* @param bool $private set to true if the comment is for the admin only
* @param bool $anon set to true if the poster wishes to remain anonymous
* @param string $customdata
* @param bit $check bitmask of which fields must be checked. If set overrides the options
* @return object
*/
function comment_form_addComment($name, $email, $website, $comment, $code, $code_ok, $receiver, $ip, $private, $anon, $customdata, $check = false)
{
global $_zp_captcha, $_zp_gallery, $_zp_authority, $_zp_comment_on_hold, $_zp_spamFilter;
if ($check === false) {
$whattocheck = 0;
if (getOption('comment_email_required') == 'required') {
$whattocheck = $whattocheck | COMMENT_EMAIL_REQUIRED;
}
if (getOption('comment_name_required')) {
$whattocheck = $whattocheck | COMMENT_NAME_REQUIRED;
}
if (getOption('comment_web_required') == 'required') {
$whattocheck = $whattocheck | COMMENT_WEB_REQUIRED;
}
switch (getOption('Use_Captcha')) {
case 0:
break;
case 2:
if (zp_loggedin(POST_COMMENT_RIGHTS)) {
break;
}
default:
$whattocheck = $whattocheck | USE_CAPTCHA;
break;
}
if (getOption('comment_body_requiired')) {
$whattocheck = $whattocheck | COMMENT_BODY_REQUIRED;
}
if (getOption('email_new_comments')) {
$whattocheck = $whattocheck | COMMENT_SEND_EMAIL;
}
} else {
$whattocheck = $check;
}
$type = $receiver->table;
$receiver->getComments();
$name = trim($name);
$email = trim($email);
$website = trim($website);
// Let the comment have trailing line breaks and space? Nah...
// Also (in)validate HTML here, and in $name.
$comment = trim($comment);
$receiverid = $receiver->getID();
$goodMessage = 2;
if ($private) {
$private = 1;
} else {
$private = 0;
}
if ($anon) {
$anon = 1;
} else {
$anon = 0;
}
$commentobj = new Comment();
$commentobj->transient = false;
// otherwise we won't be able to save it....
$commentobj->setOwnerID($receiverid);
$commentobj->setName($name);
$commentobj->setEmail($email);
$commentobj->setWebsite($website);
$commentobj->setComment($comment);
$commentobj->setType($type);
$commentobj->setIP($ip);
$commentobj->setPrivate($private);
$commentobj->setAnon($anon);
$commentobj->setInModeration(0);
$commentobj->setCustomData($customdata);
if ($whattocheck & COMMENT_EMAIL_REQUIRED && (empty($email) || !is_valid_email_zp($email))) {
$commentobj->setInModeration(-2);
$commentobj->comment_error_text .= ' ' . gettext("You must supply an e-mail address.");
$goodMessage = false;
}
if ($whattocheck & COMMENT_NAME_REQUIRED && empty($name)) {
$commentobj->setInModeration(-3);
$commentobj->comment_error_text .= ' ' . gettext("You must enter your name.");
$goodMessage = false;
}
if ($whattocheck & COMMENT_WEB_REQUIRED && (empty($website) || !isValidURL($website))) {
$commentobj->setInModeration(-4);
$commentobj->comment_error_text .= ' ' . gettext("You must supply a WEB page URL.");
$goodMessage = false;
}
if ($whattocheck & USE_CAPTCHA) {
if (!$_zp_captcha->checkCaptcha($code, $code_ok)) {
$commentobj->setInModeration(-5);
$commentobj->comment_error_text .= ' ' . gettext("CAPTCHA verification failed.");
$goodMessage = false;
}
}
if ($whattocheck & COMMENT_BODY_REQUIRED && empty($comment)) {
$commentobj->setInModeration(-6);
$commentobj->comment_error_text .= ' ' . gettext("You must enter something in the comment text.");
$goodMessage = false;
}
$moderate = 0;
if ($goodMessage && isset($_zp_spamFilter)) {
$goodMessage = $_zp_spamFilter->filterMessage($name, $email, $website, $comment, $receiver, $ip);
switch ($goodMessage) {
case 0:
$commentobj->setInModeration(2);
$commentobj->comment_error_text .= sprintf(gettext('Your comment was rejected by the <em>%s</em> SPAM filter.'), $_zp_spamFilter->name);
$goodMessage = false;
break;
case 1:
$_zp_comment_on_hold = sprintf(gettext('Your comment has been marked for moderation by the <em>%s</em> SPAM filter.'), $_zp_spamFilter->name);
$commentobj->comment_error_text .= $_zp_comment_on_hold;
$commentobj->setInModeration(1);
$moderate = 1;
break;
case 2:
$commentobj->setInModeration(0);
break;
}
}
$localerrors = $commentobj->getInModeration();
zp_apply_filter('comment_post', $commentobj, $receiver);
if ($check === false) {
// ignore filter provided errors if caller is supplying the fields to check
$localerrors = $commentobj->getInModeration();
}
if ($goodMessage && $localerrors >= 0) {
// Update the database entry with the new comment
$commentobj->save();
// add to comments array and notify the admin user
if (!$moderate) {
$receiver->comments[] = array('name' => $commentobj->getname(), 'email' => $commentobj->getEmail(), 'website' => $commentobj->getWebsite(), 'comment' => $commentobj->getComment(), 'date' => $commentobj->getDateTime(), 'custom_data' => $commentobj->getCustomData());
}
switch ($type) {
case "albums":
$url = "album=" . pathurlencode($receiver->name);
$ur_album = getUrAlbum($receiver);
if ($moderate) {
$action = sprintf(gettext('A comment has been placed in moderation on your album “%1$s”.'), $receiver->name);
} else {
$action = sprintf(gettext('A comment has been posted on your album “%1$s”.'), $receiver->name);
}
break;
case "news":
$url = "p=news&title=" . urlencode($receiver->getTitlelink());
if ($moderate) {
$action = sprintf(gettext('A comment has been placed in moderation on your article “%1$s”.'), $receiver->getTitlelink());
} else {
$action = sprintf(gettext('A comment has been posted on your article “%1$s”.'), $receiver->getTitlelink());
}
break;
case "pages":
$url = "p=pages&title=" . urlencode($receiver->getTitlelink());
if ($moderate) {
$action = sprintf(gettext('A comment has been placed in moderation on your page “%1$s”.'), $receiver->getTitlelink());
} else {
$action = sprintf(gettext('A comment has been posted on your page “%1$s”.'), $receiver->getTitlelink());
}
break;
default:
// all image types
$album = $receiver->getAlbum();
$url = "album=" . pathurlencode($album->name) . "&image=" . urlencode($receiver->filename);
$ur_album = getUrAlbum($album);
if ($moderate) {
$action = sprintf(gettext('A comment has been placed in moderation on your image “%1$s” in the album “%2$s”.'), $receiver->getTitle(), $album->name);
} else {
$action = sprintf(gettext('A comment has been posted on your image “%1$s” in the album “%2$s”.'), $receiver->getTitle(), $album->name);
}
break;
}
if ($whattocheck & COMMENT_SEND_EMAIL) {
$message = $action . "\n\n" . sprintf(gettext('Author: %1$s' . "\n" . 'Email: %2$s' . "\n" . 'Website: %3$s' . "\n" . 'Comment:' . "\n\n" . '%4$s'), $commentobj->getname(), $commentobj->getEmail(), $commentobj->getWebsite(), $commentobj->getComment()) . "\n\n" . sprintf(gettext('You can view all comments about this item here:' . "\n" . '%1$s'), 'http://' . $_SERVER['SERVER_NAME'] . WEBPATH . '/index.php?' . $url) . "\n\n" . sprintf(gettext('You can edit the comment here:' . "\n" . '%1$s'), 'http://' . $_SERVER['SERVER_NAME'] . WEBPATH . '/' . ZENFOLDER . '/' . PLUGIN_FOLDER . '/comment_form/admin-comments.php?page=editcomment&id=' . $commentobj->getID());
$emails = array();
$admin_users = $_zp_authority->getAdministrators();
foreach ($admin_users as $admin) {
// mail anyone with full rights
if (!empty($admin['email']) && ($admin['rights'] & ADMIN_RIGHTS || ($admin['rights'] & (MANAGE_ALL_ALBUM_RIGHTS | COMMENT_RIGHTS)) == (MANAGE_ALL_ALBUM_RIGHTS | COMMENT_RIGHTS))) {
$emails[] = $admin['email'];
unset($admin_users[$admin['id']]);
}
}
if ($type === "images" or $type === "albums") {
// mail to album admins
$id = $ur_album->getID();
$sql = 'SELECT `adminid` FROM ' . prefix('admin_to_object') . ' WHERE `objectid`=' . $id . ' AND `type` LIKE "album%"';
$result = query($sql);
if ($result) {
while ($anadmin = db_fetch_assoc($result)) {
$id = $anadmin['adminid'];
if (array_key_exists($id, $admin_users)) {
$admin = $admin_users[$id];
if ($admin['rights'] & COMMENT_RIGHTS && !empty($admin['email'])) {
$emails[] = $admin['email'];
}
}
}
db_free_result($result);
}
}
$on = gettext('Comment posted');
$result = zp_mail("[" . $_zp_gallery->getTitle() . "] {$on}", $message, $emails);
if ($result) {
$commentobj->setInModeration(-12);
$commentobj->comment_error_text = $result;
}
}
}
return $commentobj;
}
/**
* Returns the theme folder
* If there is an album theme, loads the theme options.
*
* @return string
*/
function setupTheme()
{
global $_zp_gallery, $_zp_current_album, $_zp_current_search, $_zp_themeroot, $_zp_last_modified;
if (!is_object($_zp_gallery)) {
$_zp_gallery = new Gallery();
}
$albumtheme = '';
if (in_context(ZP_SEARCH_LINKED)) {
$name = $_zp_current_search->dynalbumname;
if (!empty($name)) {
$album = new Album($_zp_gallery, $name);
} else {
$album = NULL;
}
} else {
$album = $_zp_current_album;
}
$theme = $_zp_gallery->getCurrentTheme();
$id = 0;
if (!is_null($album)) {
$parent = getUrAlbum($album);
$albumtheme = $parent->getAlbumTheme();
if (!empty($albumtheme)) {
$theme = $albumtheme;
$id = $parent->id;
}
}
$theme = zp_apply_filter('setupTheme', $theme);
$themeindex = getPlugin('index.php', $theme);
if (empty($theme) || empty($themeindex)) {
header('Last-Modified: ' . $_zp_last_modified);
header('Content-Type: text/html; charset=' . LOCAL_CHARSET);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
<strong><?php
printf(gettext('Zenphoto found no theme scripts. Please check the <em>%s</em> folder of your installation.'), THEMEFOLDER);
?>
</strong>
</body>
</html>
<?php
exit;
} else {
loadLocalOptions($id, $theme);
$_zp_themeroot = WEBPATH . "/" . THEMEFOLDER . "/{$theme}";
}
return $theme;
}
