Пример #1
0
 protected function _element($data, $tab, $start)
 {
     static $start;
     $eof = EOL;
     $output = '';
     $attrs = '';
     $tab = str_repeat("\t", $start);
     if (!is_array($data)) {
         return $data . $eof;
     } else {
         foreach ($data as $k => $v) {
             if (isRealNumeric($k)) {
                 $value = $k;
                 $k = 'li';
             } else {
                 $value = NULL;
             }
             $end = prefix(Arrays::getFirst(explode(' ', $k)));
             if (!is_array($v)) {
                 $output .= "{$tab}<{$k}>{$v}<{$end}>{$eof}";
             } else {
                 if (stripos($k, 'ul') !== 0 && stripos($k, 'ol') !== 0 && $k !== 'li') {
                     $value = $k;
                     $k = 'li';
                     $end = prefix($k);
                 } else {
                     $value = NULL;
                 }
                 $output .= $tab . "<{$k}>{$value}{$eof}" . $this->_element($v, $tab, $start++) . $tab . "<{$end}>" . $tab . $eof;
                 $start--;
             }
         }
     }
     return $output;
 }
Пример #2
0
 static function new_image($image)
 {
     global $_zp_exifvars;
     $entry_locale = getUserLocale();
     $languages = generateLanguageList();
     $languageTags = $element = array();
     $candidates = self::getTaggingItems();
     foreach ($candidates as $key) {
         if ($meta = $image->get($key)) {
             setupCurrentLocale('en_US');
             $en_us = $element[] = exifTranslate($meta);
             foreach ($languages as $language) {
                 setupCurrentLocale($language);
                 $xlated = exifTranslate($meta);
                 if ($xlated != $en_us) {
                     // the string has a translation in this language
                     $element[] = $xlated;
                     $languageTags[$language] = $xlated;
                 }
             }
         }
     }
     setupCurrentLocale($entry_locale);
     $element = array_unique(array_merge($image->getTags(), $element));
     $image->setTags($element);
     $image->save();
     foreach ($languageTags as $language => $tag) {
         $sql = 'UPDATE ' . prefix('tags') . ' SET `language`=' . db_quote($language) . ' WHERE `name`=' . db_quote($tag) . ' AND `language`=NULL OR `language` LIKE ""';
         query($sql, false);
     }
     return $image;
 }
Пример #3
0
 public static function delete($view, $id)
 {
     $view->actions(function ($view) {
         $view->submit(__('admin::account.delete.buttons.delete'), 'primary');
         $view->button(prefix('admin') . 'account', __('admin::account.delete.buttons.cancel'));
     });
 }
Пример #4
0
 function handleOption($option, $currentValue)
 {
     if ($option == "zenpage_homepage") {
         $unpublishedpages = query_full_array("SELECT titlelink FROM " . prefix('pages') . " WHERE `show` != 1 ORDER by `sort_order`");
         if (empty($unpublishedpages)) {
             echo gettext("No unpublished pages available");
             // clear option if no unpublished pages are available or have been published meanwhile
             // so that the normal gallery index appears and no page is accidentally set if set to unpublished again.
             setOption("zenpage_homepage", "none", true);
         } else {
             echo '<input type="hidden" name="' . CUSTOM_OPTION_PREFIX . 'selector-zenpage_homepage" value="0" />' . "\n";
             echo '<select id="' . $option . '" name="zenpage_homepage">' . "\n";
             if ($currentValue === "none") {
                 $selected = " selected = 'selected'";
             } else {
                 $selected = "";
             }
             echo "<option{$selected}>" . gettext("none") . "</option>";
             foreach ($unpublishedpages as $page) {
                 if ($currentValue === $page["titlelink"]) {
                     $selected = " selected = 'selected'";
                 } else {
                     $selected = "";
                 }
                 echo "<option{$selected}>" . $page["titlelink"] . "</option>";
             }
             echo "</select>\n";
         }
     }
 }
Пример #5
0
 function getOptionsSupported()
 {
     $unpublishedpages = query_full_array("SELECT title,titlelink FROM " . prefix('pages') . " WHERE `show` != 1 ORDER by `sort_order`");
     $list = array();
     foreach ($unpublishedpages as $page) {
         $list[get_language_string($page['title'])] = $page['titlelink'];
     }
     return array(gettext('Allow search') => array('key' => 'Allow_search', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Check to enable search form.')), gettext('News on index page') => array('key' => 'zenpage_zp_index_news', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext("Enable this if you want to show the news section’s first page on the <code>index.php</code> page.")), gettext('Homepage') => array('key' => 'zenpage_homepage', 'type' => OPTION_TYPE_SELECTOR, 'selections' => $list, 'null_selection' => gettext('none'), 'desc' => gettext("Choose here any <em>un-published Zenpage page</em> (listed by <em>titlelink</em>) to act as your site’s homepage instead the normal gallery index.") . "<p class='notebox'>" . gettext("<strong>Note:</strong> This of course overrides the <em>News on index page</em> option and your theme must be setup for this feature! Visit the theming tutorial for details.") . "</p>"), gettext('Use standard contact page') => array('key' => 'zenpage_contactpage', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Disable this if you do not want to use the separate contact page with the contact form. You can also use the codeblock of a page for this. See the contact_form plugin documentation for more info.')), gettext('Use custom menu') => array('key' => 'zenpage_custommenu', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Check this if you want to use the <em>menu_manager</em> plugin if enabled to build a custom menu instead of the separate standard ones. A standard menu named "zenpage" is created and used automatically.')));
 }
Пример #6
0
 /**
  *
  * Logs User searches
  * @param array $search_statistics the search criteria
  * @param string $type 'album', 'image', etc.
  * @param bool $success	did the search return a result
  * @param bool $dynamic was it from a dynamic album
  * @param int $iteration count of the filters since the search engine instantiation
  */
 static function handler($search_statistics, $type, $success, $dynamic, $iteration)
 {
     if (!$dynamic) {
         // log unique user searches
         $store = array('type' => $type, 'success' => $success, 'iteration' => $iteration, 'data' => $search_statistics);
         $sql = 'INSERT INTO ' . prefix('plugin_storage') . ' (`type`, `aux`,`data`) VALUES ("search_statistics", ' . db_quote(getUserIP()) . ',' . db_quote(serialize($store)) . ')';
         query($sql);
     }
     return $search_statistics;
 }
Пример #7
0
 public function get_dom_article($limit = 8)
 {
     return $this->ci->db->query('
         SELECT a.*, c.link AS cat_link, c.name AS cat_name
         FROM ' . prefix('article') . ' AS a JOIN ' . prefix('category') . ' AS c
         ON a.cid=c.cid
         WHERE a.state=1
         ORDER BY rand()
         DESC LIMIT ' . $limit)->result();
 }
Пример #8
0
 static function getLatestImages($limit = 3)
 {
     if (!isset($limit) || !is_numeric($limit)) {
         $limit = 3;
     }
     $t_images = prefix("images");
     $t_albums = prefix("albums");
     $query = "SELECT i.filename, i.title, a.folder FROM {$t_images} i " . "LEFT JOIN {$t_albums} a ON i.albumid=a.id " . "ORDER BY i.id DESC LIMIT {$limit}";
     $result = query_full_array($query);
     return self::createImages($result);
 }
Пример #9
0
 public function tag_list($tid, $start, $offset)
 {
     return $this->db->query('
         SELECT a.*, c.link AS cat_link, c.name AS cat_name
         FROM ' . prefix('relation') . ' AS r, ' . prefix('article') . ' AS a
         LEFT JOIN ' . prefix('category AS c') . ' ON a.cid=c.cid
         WHERE r.aid=a.aid AND r.tid=' . $tid . ' AND a.state=1
         LIMIT ' . $start . ', ' . $offset . '
     ')->result();
     // return $this->db->query('SELECT p.*, c.id AS cate_id, c.name AS cate_name, c.alias AS cate_alias, c.keywords AS cate_keywords, c.description
     // AS cate_description FROM '.tn('posts').' AS p, '.tn('categories').' AS c, '.tn('tagrelas').' AS t WHERE p.cid=c.id AND t.oid=p.id AND
     // t.tid='.(int) $tid.' AND p.status=1 LIMIT '.(int) $start.', '.(int) $offset);
     // return $query->result_array();
 }
Пример #10
0
 static function setCurrentNewsPage()
 {
     global $_zp_current_zenpage_news, $_zp_page;
     if (isset($_zp_current_zenpage_news)) {
         $table = prefix('zenpage_news');
         $id = $_zp_current_zenpage_news->getID();
         $query = "SELECT count(id) ct FROM {$table} where id >= {$id} AND `show`=1";
         $result = query_single_row($query);
         $count = $result['ct'];
         $pageNumber = ceil($count / max(1, getOption("zenpage_articles_per_page")));
         $_GET["page"] = $pageNumber;
         $_zp_page = $pageNumber;
     }
 }
Пример #11
0
function zenphoto_recent_comments()
{
    ////////////////////////////////////////////////////////////////////
    /*------------------- START OF CONFIGURATION ---------------------*/
    /*MySQL Settings*/
    $zen_db = '';
    //The name of the database
    $zen_username = '';
    //Your MySQL username
    $zen_password = '';
    //...and password
    $zen_host = 'localhost';
    //99% chance you won't need to change this value
    $mysql_prefix = '';
    //Zen Database Tables prefix (if any)
    /*More...*/
    $num_of_comments = '10';
    //Number of comments you want to show up.
    $mods_rewrite = true;
    //If you have Apache mod_rewrite, put true here, and you'll get nice cruft-free URLs.
    $gallery_folder = 'zenphoto';
    //eg. http://mysite.com/zenphoto
    /*--------------------- END OF CONFIGURATION ---------------------*/
    ////////////////////////////////////////////////////////////////////
    //we will try to connect to the database
    @($mysql_connection = mysql_connect($zen_host, $zen_username, $zen_password)) or die('Could not connect to database.');
    //selecting zenphoto database
    @mysql_select_db($zen_db) or die('Could not select database.');
    $sql = "SELECT c.id, i.title, i.filename, a.folder, a.title AS albumtitle, c.name, c.website," . " c.date, c.comment FROM " . prefix('comments') . " AS c, " . prefix('images') . " AS i, " . prefix('albums') . " AS a " . " WHERE c.imageid = i.id AND i.albumid = a.id ORDER BY c.id DESC LIMIT 10";
    $result = mysql_query($sql, $mysql_connection) or die('MySQL Query ( ' . $sql . ' ) Failed. Error: ' . mysql_error());
    $allrows = array();
    while ($row = mysql_fetch_assoc($result)) {
        $allrows[] = $row;
    }
    foreach ($allrows as $comment) {
        $author = $comment['name'];
        $album = $comment['folder'];
        $image = $comment['filename'];
        $albumtitle = $comment['albumtitle'];
        if ($comment['title'] == "") {
            $title = $image;
        } else {
            $title = $comment['title'];
        }
        $website = $comment['website'];
        $comment = truncate_string($comment['comment'], 123);
        echo "<li><div>{$author} on <a href=\"" . ($mods_rewrite ? "../{$gallery_folder}/{$album}/{$image}" : "../{$gallery_folder}/index.php?album=" . urlencode($album) . "&image=" . urlencode($image)) . "\">{$albumtitle} / {$title}</a>:</div><div>{$comment}</div></li>";
    }
}
Пример #12
0
 /**
  * generates a Mollom captcha for comments
  *
  * Returns the captcha code string and image URL (via the $image parameter).
  *
  * @return string;
  */
 function generateCaptcha(&$image)
 {
     Mollom::setPublicKey(getOption('public_key'));
     Mollom::setPrivateKey(getOption('private_key'));
     $servers = Mollom::getServerList();
     Mollom::setServerList($servers);
     // get captcha
     $captcha = Mollom::getImageCaptcha();
     $session_id = $captcha['session_id'];
     query('DELETE FROM ' . prefix('captcha') . ' WHERE `ptime`<' . (time() - 3600), true);
     // expired tickets
     query("INSERT INTO " . prefix('captcha') . " (ptime, hash) VALUES ('" . escape(time()) . "','" . escape($session_id) . "')", true);
     $image = $captcha['url'];
     return $session_id;
 }
Пример #13
0
 /**
  * 显示搜索结果
  * 
  * @access public
  * @return void
  */
 public function index()
 {
     $start = ($this->_page - 1) * $this->_prepage;
     $rows = $this->db->query('SELECT * FROM ' . prefix('article') . ' WHERE `title` LIKE "%' . $this->_keys . '%" OR `description` LIKE "%' . $this->_keys . '%"');
     $list = $this->db->query('SELECT * FROM ' . prefix('article') . ' WHERE `title` LIKE "%' . $this->_keys . '%" OR `description` LIKE "%' . $this->_keys . '%" LIMIT ' . $start . ', ' . $this->_prepage . '');
     $data['rows'] = $rows->num_rows();
     $data['pres'] = $this->_prepage;
     $data['list'] = $list->result();
     $data['page'] = $this->_setpagestring($data['rows']);
     $data['keys'] = $this->_keys;
     if ($data['rows']) {
         $this->load->model('search_model');
         $this->search_model->insert_keyword($this->_keys);
     }
     $this->load->view('site_search', $data);
 }
Пример #14
0
function auto_id($prefix = '', $n = 1)
{
    if ($prefix == '') {
        $prefix = prefix();
    }
    $sql = "select id from `{$prefix}counter`";
    $q = query($sql, '', 1);
    if (!$q) {
        $q = create_autoid($prefix);
    }
    $r = fetch($q);
    $id = $r['id'] + $n;
    $sql = "UPDATE `{$prefix}counter` SET  `id` =  '{$id}' ";
    $q = query($sql);
    return $id;
}
Пример #15
0
function getTitle($table, $row)
{
    switch ($table) {
        case 'images':
            $album = query_single_row('SELECT `folder` FROM ' . prefix('albums') . ' WHERE `id`=' . $row[albumid]);
            $title = sprintf(gettext('%1$s: image %2$s'), $album['folder'], $row[$filename]);
            break;
        case 'albums':
            $title = sprintf(gettext('album %s'), $row[$folder]);
            break;
        case 'news':
        case 'pages':
            $title = sprintf(gettext('%1$s: %2$s'), $table, $row['titlelink']);
            break;
    }
    return $title;
}
Пример #16
0
 static function clones()
 {
     global $_zp_current_admin_obj;
     $clones = array();
     if ($result = query('SELECT * FROM ' . prefix('plugin_storage') . ' WHERE `type`="clone"')) {
         while ($row = db_fetch_assoc($result)) {
             if (file_exists($row['aux'] . '/' . DATA_FOLDER . '/zenphoto.cfg.php')) {
                 $clones[$row['aux']] = $row['data'] . '/';
                 $_SESSION['admin'][bin2hex($row['aux'])] = serialize($_zp_current_admin_obj);
             } else {
                 query('DELETE FROM ' . prefix('plugin_storage') . ' WHERE `id` = ' . $row['id']);
             }
         }
         db_free_result($result);
     }
     return $clones;
 }
Пример #17
0
 public function update($view, $page)
 {
     $view->form(function ($view) use($page) {
         $view->page_header(function ($view) {
             $view->title(__('admin::page.update.title'));
         });
         $view->text('lang[' . $page->lang->language_id . '][meta_title]', __('admin::page.update.form.lang.meta_title'), $page->lang->meta_title);
         $view->text('lang[' . $page->lang->language_id . '][meta_keywords]', __('admin::page.update.form.lang.meta_keywords'), $page->lang->meta_keywords);
         $view->textarea('lang[' . $page->lang->language_id . '][meta_description]', __('admin::page.update.form.lang.meta_description'), $page->lang->meta_description);
         /**
          * @todo stop laravel from adding id's to the form fields
          */
         $view->text('lang[' . $page->lang->language_id . '][menu]', __('admin::page.update.form.lang.menu'), $page->lang->menu);
         $view->text('lang[' . $page->lang->language_id . '][url]', __('admin::page.update.form.lang.url'), $page->lang->url);
         $view->actions(function ($view) {
             $view->submit(__('admin::page.update.buttons.edit'), 'primary');
         });
     }, 'PUT', prefix('admin') . 'page/' . $page->lang->slug . '/edit');
 }
Пример #18
0
 function __construct()
 {
     global $_zp_authority, $_userAddressFields;
     $firstTime = false;
     $tablecols = db_list_fields('administrators');
     foreach ($tablecols as $key => $datum) {
         if ($datum['Field'] == 'custom_data') {
             $firstTime = true;
             enableExtension('userAddressFields', true);
             break;
         }
     }
     parent::constructor('userAddressFields', self::fields());
     if ($firstTime) {
         //	migrate the custom data user data
         $result = query('SELECT * FROM ' . prefix('administrators') . ' WHERE `valid`!=0');
         if ($result) {
             while ($row = db_fetch_assoc($result)) {
                 $custom = getSerializedArray($row['custom_data']);
                 if (!empty($custom)) {
                     $sql = 'UPDATE ' . prefix('administrators') . ' SET ';
                     foreach ($custom as $field => $val) {
                         $sql .= '`' . $field . '`=' . db_quote($val) . ',';
                     }
                     setupQuery($sql);
                 }
             }
             db_free_result($result);
         }
         setupQuery('ALTER TABLE ' . prefix('administrators') . ' DROP `custom_data`');
     }
     $cloneid = bin2hex(FULLWEBPATH);
     if (OFFSET_PATH == 2 && isset($_SESSION['admin'][$cloneid])) {
         $user = unserialize($_SESSION['admin'][$cloneid]);
         $user2 = $_zp_authority->getAnAdmin(array('`user`=' => $user->getUser(), '`pass`=' => $user->getPass(), '`valid`=' => 1));
         if ($user2) {
             foreach (userAddressFields::fields() as $field) {
                 $user2->set($field['name'], $user->get($field['name']));
             }
             $user2->save();
         }
     }
 }
Пример #19
0
 function handleOption($option, $currentValue)
 {
     switch ($option) {
         case 'garland_menu':
             $menusets = array();
             echo '<select id="garland_menuset" name="garland_menu"';
             if (function_exists('printCustomMenu') && getThemeOption('custom_index_page', NULL, 'garland') === 'gallery') {
                 $result = query_full_array("SELECT DISTINCT menuset FROM " . prefix('menu') . " ORDER BY menuset");
                 foreach ($result as $set) {
                     $menusets[$set['menuset']] = $set['menuset'];
                 }
             } else {
                 echo ' disabled="disabled"';
             }
             echo ">\n";
             echo '<option value="" style="background-color:LightGray">' . gettext('*standard menu') . '</option>';
             generateListFromArray(array($currentValue), $menusets, false, false);
             echo "</select>\n";
             break;
     }
 }
Пример #20
0
 public function delete($view, $id)
 {
     // Get the Account
     $response = API::get(array('module', $id));
     // Handle response codes other than 200 OK
     if (!$response->success) {
         return Event::first($response->code);
     }
     // The response body is the Account
     $module = $response->get();
     $view->page_header(function ($view) {
         $view->float_right(function ($view) {
             $view->search();
         });
         $view->title(__('admin::module.delete.title'));
     });
     $view->well(function ($view) use($module) {
         $view->raw(__('admin::module.delete.message', array('name' => $module->name, 'email' => $module->email)));
     });
     $view->form(Module::form('module.delete', $id), 'DELETE', prefix('admin') . 'module/delete/' . $id);
 }
Пример #21
0
 /**
  *
  * This method establishes the current set of database fields. It will add the
  * fields to the database if they are not already present. Fields from previous
  * constructor calls that are no longer in the list will be removed from the
  * database (along with any data associated with them.)
  *
  * @param array $newfields
  */
 function constructor($me, $newfields)
 {
     $previous = getSerializedArray(getOption(get_class($this) . '_addedFields'));
     $current = $fields = array();
     if (extensionEnabled($me)) {
         //need to update the database tables.
         foreach ($newfields as $newfield) {
             $current[$newfield['table']][$newfield['name']] = true;
             unset($previous[$newfield['table']][$newfield['name']]);
             switch (strtolower($newfield['type'])) {
                 default:
                     $dbType = strtoupper($newfield['type']);
                     break;
                 case 'int':
                 case 'varchar':
                     $dbType = strtoupper($newfield['type']) . '(' . min(255, $newfield['size']) . ')';
                     break;
             }
             $sql = 'ALTER TABLE ' . prefix($newfield['table']) . ' ADD COLUMN `' . $newfield['name'] . '` ' . $dbType;
             if (query($sql, false) && in_array($newfield['table'], array('albums', 'images', 'news', 'news_categories', 'pages'))) {
                 $fields[] = strtolower($newfield['name']);
             }
         }
         setOption(get_class($this) . '_addedFields', serialize($current));
     } else {
         purgeOption(get_class($this) . '_addedFields');
     }
     $set_fields = array_flip(explode(',', getOption('search_fields')));
     foreach ($previous as $table => $orpahed) {
         //drop fields no longer defined
         foreach ($orpahed as $field => $v) {
             unset($set_fields[$field]);
             $sql = 'ALTER TABLE ' . prefix($table) . ' DROP `' . $field . '`';
             query($sql, false);
         }
     }
     $set_fields = array_unique(array_merge($fields, array_flip($set_fields)));
     setOption('search_fields', implode(',', $set_fields));
 }
Пример #22
0
    public function home()
    {
        $sql = 'SELECT *
			FROM _store s, _store_fields f
			WHERE s.store_field = f.field_id
			ORDER BY store_field';
        $store = _rowset($sql, 'store_assoc', false, true);
        $a_country = array('Alemania' => 82, 'Argentina' => 10, 'Bolivia' => 26, 'Chile' => 43, 'Colombia' => 47, 'Ecuador' => 63, 'El Salvador' => 65, 'Espana' => 197, 'Francia' => 74, 'Greece' => 85, 'Guatemala' => 90, 'Honduras' => 97, 'Italia' => 107, 'Mexico' => 140, 'Paraguay' => 168, 'Peru' => 169, 'Uruguay' => 227, 'Venezuela' => 230);
        foreach ($store as $i => $row) {
            $nickname = '';
            $address = '';
            $birthday = '';
            $country = '';
            foreach ($row as $field) {
                switch ($field['field_alias']) {
                    case 'nickname':
                        $nickname = $field['store_value'];
                        break;
                    case 'address':
                        $address = $field['store_value'];
                        break;
                    case 'birthday':
                        $temp = explode('/', $field['store_value']);
                        $birthday = $temp[2] . '' . $temp[1] . '' . $temp[0];
                        break;
                    case 'country':
                        $country = $a_country[$field['store_value']];
                        break;
                }
            }
            $sql_insert = array('type' => 1, 'active' => 0, 'username' => $nickname, 'password' => '', 'registration' => time(), 'lastvisit' => 0, 'lastpage' => '', 'country' => $country, 'email' => $address, 'birthday' => $birthday, 'birthday_last' => 0, 'gender' => 0, 'date' => 0, 'dateformat' => 'd M Y H:i', 'timezone' => -6, 'dst' => 0, 'login_tries' => 0);
            $sql = 'INSERT INTO _members' . _build_array('INSERT', prefix('user', $sql_insert));
            _sql($sql);
            //_pre($sql);
        }
        $this->e('Done.');
        return;
    }
Пример #23
0
/**
* Returns true if the IP has voted
*
* @param string $ip the IP address to check
* @param int $id the record ID of the image
* @param string $option 'image' or 'album' depending on the requestor
* @return bool
*/
function checkForIp($ip, $id, $option)
{
    global $_rating_current_IPlist;
    switch ($option) {
        case "image":
            $dbtable = prefix('images');
            break;
        case "album":
            $dbtable = prefix('albums');
            break;
    }
    $IPlist = query_single_row("SELECT used_ips FROM {$dbtable} WHERE id= {$id}");
    if (is_array($IPlist)) {
        if (empty($IPlist['used_ips'])) {
            $_rating_current_IPlist = array();
            return false;
        }
        $_rating_current_IPlist = unserialize($IPlist['used_ips']);
        return in_array($ip, $_rating_current_IPlist);
    } else {
        $_rating_current_IPlist = array();
        return false;
    }
}
Пример #24
0
/**
 * The main query function. Runs the SQL on the connection and handles errors.
 * @param string $sql sql code
 * @param bool $noerrmsg set to true to supress the error message
 * @return results of the sql statements
 * @since 0.6
 */
function query($sql, $noerrmsg = false)
{
    global $mysql_connection, $_zp_query_count, $_zp_conf_vars;
    if ($mysql_connection == null) {
        db_connect();
    }
    $result = mysql_query($sql, $mysql_connection);
    if (!$result) {
        if ($noerrmsg) {
            return false;
        } else {
            $sql = sanitize($sql, 3);
            $error = sprintf(gettext('MySQL Query ( <em>%1$s</em> ) failed. Error: %2$s'), $sql, mysql_error());
            // Changed this to mysql_query - *never* call query functions recursively...
            if (!mysql_query("SELECT 1 FROM " . prefix('albums') . " LIMIT 0", $mysql_connection)) {
                $error .= "<br />" . gettext("It looks like your zenphoto tables haven't been created.") . ' ' . sprintf(gettext('You may need to run <a href="%s/%s/setup.php">the setup script.</a>'), WEBPATH, ZENFOLDER);
            }
            zp_error($error);
            return false;
        }
    }
    $_zp_query_count++;
    return $result;
}
Пример #25
0
 function __construct()
 {
     global $_userAddressFields;
     $firstTime = extensionEnabled('userAddressFields') && is_null(getOption('userAddressFields_addedFields'));
     parent::constructor('userAddressFields', self::fields());
     if ($firstTime) {
         //	migrate the custom data user data
         $result = query('SELECT * FROM ' . prefix('administrators') . ' WHERE `valid`!=0');
         if ($result) {
             while ($row = db_fetch_assoc($result)) {
                 $custom = getSerializedArray($row['custom_data']);
                 if (!empty($custom)) {
                     $sql = 'UPDATE ' . prefix('administrators') . ' SET ';
                     foreach ($custom as $field => $val) {
                         $sql .= '`' . $field . '`=' . db_quote($val) . ',';
                     }
                     $sql .= '`custom_data`=NULL WHERE `id`=' . $row['id'];
                     query($sql);
                 }
             }
             db_free_result($result);
         }
     }
 }
/**
 * Monitors blocked accesses to Admin pages
 * @param bool $allow ignored
 * @param string $page ignored
 */
function failed_access_blocker_adminGate($allow, $page)
{
    //	clean out expired attempts
    $sql = 'DELETE FROM ' . prefix('plugin_storage') . ' WHERE `type`="failed_access" AND `aux` < "' . (time() - getOption('failed_access_blocker_timeout') * 60) . '"';
    query($sql);
    //	add this attempt
    $sql = 'INSERT INTO ' . prefix('plugin_storage') . ' (`type`, `aux`,`data`) VALUES ("failed_access", "' . time() . '","' . getUserIP() . '")';
    query($sql);
    //	check how many times this has happened recently
    $sql = 'SELECT COUNT(*) FROM ' . prefix('plugin_storage') . 'WHERE `type`="failed_access" AND `data`="' . getUserIP() . '"';
    $result = query($sql);
    $count = db_result($result, 0);
    if ($count >= getOption('failed_access_blocker_attempt_threshold')) {
        $block = getOption('failed_access_blocker_forbidden');
        if ($block) {
            $block = unserialize($block);
        } else {
            $block = array();
        }
        $block[getUserIP()] = time();
        setOption('failed_access_blocker_forbidden', serialize($block));
    }
    return $allow;
}
Пример #27
0
 static function getRandomImages($limit = 3, $albums = NULL)
 {
     if ($limit == 0) {
         $limit = 1;
     }
     $t_images = prefix("images");
     $t_albums = prefix("albums");
     $idQuery = "select img.id from {$t_images} img";
     $where = "";
     if (!is_null($albums) && count($albums) > 0) {
         $all = '';
         for ($u = 0; $u < count($albums); $u++) {
             if ($u > 0) {
                 $all .= ", ";
             }
             $all .= "'" . $albums[$u] . "'";
         }
         $where = " LEFT JOIN {$t_albums} album ON img.albumid=album.id " . "WHERE album.folder IN ({$all}) ORDER BY img.id";
     }
     $idQuery .= $where;
     $result = query_full_array($idQuery);
     $rowCount = count($result);
     $u = 0;
     $ids = "";
     while ($u < $limit) {
         $id = rand(0, $rowCount - 1);
         if ($u > 0) {
             $ids .= ", ";
         }
         $ids .= $result[$id]['id'];
         $u++;
     }
     $query = "SELECT i.filename, i.title, a.folder FROM {$t_images} i " . "LEFT JOIN {$t_albums} a ON i.albumid=a.id WHERE i.id IN ({$ids})";
     $result = query_full_array($query);
     return self::createImages($result);
 }
Пример #28
0
 /**
  * For every image in the album, look for its file. Delete from the database
  * if the file does not exist. Same for each sub-directory/album.
  *
  * @param bool $deep set to true for a thorough cleansing
  */
 function garbageCollect($deep = false)
 {
     if (is_null($this->images)) {
         $this->getImages();
     }
     $result = query("SELECT * FROM " . prefix('images') . " WHERE `albumid` = '" . $this->id . "'");
     $dead = array();
     $live = array();
     $files = $this->loadFileNames();
     // Does the filename from the db row match any in the files on disk?
     while ($row = db_fetch_assoc($result)) {
         if (!in_array($row['filename'], $files)) {
             // In the database but not on disk. Kill it.
             $dead[] = $row['id'];
         } else {
             if (in_array($row['filename'], $live)) {
                 // Duplicate in the database. Kill it.
                 $dead[] = $row['id'];
                 // Do something else here? Compare titles/descriptions/metadata/update dates to see which is the latest?
             } else {
                 $live[] = $row['filename'];
             }
         }
     }
     db_free_result($result);
     if (count($dead) > 0) {
         $sql = "DELETE FROM " . prefix('images') . " WHERE `id` = '" . array_pop($dead) . "'";
         $sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
         foreach ($dead as $id) {
             $sql .= " OR `id` = '{$id}'";
             $sql2 .= " OR `ownerid` = '{$id}'";
         }
         query($sql);
         query($sql2);
     }
     // Get all sub-albums and make sure they exist.
     $result = query("SELECT * FROM " . prefix('albums') . " WHERE `folder` LIKE " . db_quote(db_LIKE_escape($this->name) . '%'));
     $dead = array();
     $live = array();
     // Does the dirname from the db row exist on disk?
     while ($row = db_fetch_assoc($result)) {
         if (!is_dir(ALBUM_FOLDER_SERVERPATH . internalToFilesystem($row['folder'])) || in_array($row['folder'], $live) || substr($row['folder'], -1) == '/' || substr($row['folder'], 0, 1) == '/') {
             $dead[] = $row['id'];
         } else {
             $live[] = $row['folder'];
         }
     }
     db_free_result($result);
     if (count($dead) > 0) {
         $sql = "DELETE FROM " . prefix('albums') . " WHERE `id` = '" . array_pop($dead) . "'";
         $sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
         foreach ($dead as $albumid) {
             $sql .= " OR `id` = '{$albumid}'";
             $sql2 .= " OR `ownerid` = '{$albumid}'";
         }
         query($sql);
         query($sql2);
     }
     if ($deep) {
         foreach ($this->getAlbums(0) as $dir) {
             $subalbum = newAlbum($dir);
             // Could have been deleted if it didn't exist above...
             if ($subalbum->exists) {
                 $subalbum->garbageCollect($deep);
             }
         }
     }
 }
Пример #29
0
    protected function _cat_create()
    {
        gfatal();
        $v = $this->__(array('group' => 0, 'name'));
        if (!f($v['name'])) {
            $this->_error('#FIELD_IS_EMPTY');
        }
        if ($v['group']) {
            $sql = 'SELECT group_id
				FROM _groups
				WHERE group_id = ?';
            if (!_fieldrow(sql_filter($sql, $v['group']))) {
                $this->_error('#GROUPS_NO_EXISTS');
            }
        }
        $sql = 'INSERT INTO _tickets_cat' . _build_array('INSERT', prefix('cat', $v));
        _sql($sql);
        return $this->e('~OK');
    }
Пример #30
0
 /**
  * Gets news articles and images of a gallery to show them together on the news section
  *
  * NOTE: This function does not exclude articles that are password protected via a category
  *
  * @param int $articles_per_page The number of articles to get
  * @param string $mode 	"latestimages-thumbnail"
  * 											"latestimages-thumbnail-customcrop"
  * 											"latestimages-sizedimage"
  * 											"latestalbums-thumbnail"
  * 		 									"latestalbums-thumbnail-customcrop"
  * 		 									"latestalbums-sizedimage"
  * 		 									"latestimagesbyalbum-thumbnail"
  * 		 									"latestimagesbyalbum-thumbnail-customcrop"
  * 		 									"latestimagesbyalbum-sizedimage"
  * 		 									"latestupdatedalbums-thumbnail" (for RSS and getLatestNews() used only)
  * 		 									"latestupdatedalbums-thumbnail-customcrop" (for RSS and getLatestNews() used only)
  * 		 									"latestupdatedalbums-sizedimage" (for RSS and getLatestNews() used only)
  * 	NOTE: The "latestupdatedalbums" variants do NOT support pagination as required on the news loop!
  *
  * @param string $published "published" for published articles,
  * 													"unpublished" for un-published articles,
  * 													"all" for all articles
  * @param string $sortorder 	id, date or mtime, only for latestimages-... modes
  * @param bool $sticky set to true to place "sticky" articles at the front of the list.
  * @param string $direction 	"desc" or "asc"
  * @return array
  * @deprecated since version 1.4.6
  */
 protected function getCombiNews($articles_per_page = '', $mode = '', $published = NULL, $sortorder = NULL, $sticky = true, $sortdirection = 'desc')
 {
     global $_zp_combiNews_cache, $_zp_gallery;
     if (is_null($published)) {
         if (zp_loggedin(ZENPAGE_NEWS_RIGHTS | ALL_NEWS_RIGHTS)) {
             $published = "all";
         } else {
             $published = "published";
         }
     }
     if (empty($mode)) {
         $mode = getOption('zenpage_combinews_mode');
     }
     if (isset($_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection])) {
         return $_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection];
     }
     if ($published == "published") {
         $show = " WHERE `show` = 1 AND date <= '" . date('Y-m-d H:i:s') . "'";
         $imagesshow = " AND images.show = 1 ";
     } else {
         $show = "";
         $imagesshow = "";
     }
     getAllAccessibleAlbums($_zp_gallery, $albumlist, false);
     if (empty($albumlist)) {
         $albumWhere = 'albums.`id` is NULL';
     } else {
         $albumWhere = 'albums.`id` in (' . implode(',', $albumlist) . ')';
     }
     if ($articles_per_page) {
         $offset = self::getOffset($articles_per_page);
     } else {
         $offset = 0;
     }
     if (empty($sortorder)) {
         $combinews_sortorder = getOption("zenpage_combinews_sortorder");
     } else {
         $combinews_sortorder = $sortorder;
     }
     $stickyorder = '';
     if ($sticky) {
         $stickyorder = 'sticky DESC,';
     }
     switch (strtolower($sortdirection)) {
         case 'desc':
         default:
             $sortdir = 'DESC';
             break;
         case 'asc':
             $sortdir = 'ASC';
             break;
     }
     $type3 = query("SET @type3:='0'");
     switch ($mode) {
         case "latestimages-thumbnail":
         case "latestimages-thumbnail-customcrop":
         case "latestimages-sizedimage":
         case "latestimages-sizedimage-maxspace":
         case "latestimages-fullimage":
             $albumWhere = ' AND ' . $albumWhere;
             $sortorder = $combinews_sortorder;
             $type1 = query("SET @type1:='news'");
             $type2 = query("SET @type2:='images'");
             switch ($combinews_sortorder) {
                 case 'id':
                 case 'date':
                     $imagequery = "(SELECT albums.folder, images.filename, images.date, @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                     break;
                 case 'publishdate':
                     $imagequery = "(SELECT albums.folder, images.filename, IFNULL(images.publishdate,images.date), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                 case 'mtime':
                     $imagequery = "(SELECT albums.folder, images.filename, FROM_UNIXTIME(images.mtime), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                     break;
             }
             $result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $imagequery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
             break;
         case "latestalbums-thumbnail":
         case "latestalbums-thumbnail-customcrop":
         case "latestalbums-sizedimage":
         case "latestalbums-sizedimage-maxspace":
         case "latestalbums-fullimage":
         default:
             if (empty($show)) {
                 $albumWhere = ' WHERE ' . $albumWhere;
             } else {
                 $albumWhere = ' AND ' . $albumWhere;
             }
             $sortorder = $combinews_sortorder;
             $type1 = query("SET @type1:='news'");
             $type2 = query("SET @type2:='albums'");
             switch ($combinews_sortorder) {
                 case 'id':
                 case 'date':
                     $albumquery = "(SELECT albums.folder, albums.title, albums.date, @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
                     break;
                 case 'publishdate':
                     $albumquery = "(SELECT albums.folder, albums.title, IFNULL(albums.publishdate,albums.date), @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
                     break;
                 case 'mtime':
                 default:
                     $albumquery = "(SELECT albums.folder, albums.title, FROM_UNIXTIME(albums.mtime), @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
                     break;
             }
             $result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $albumquery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
             break;
         case "latestimagesbyalbum-thumbnail":
         case "latestimagesbyalbum-thumbnail-customcrop":
         case "latestimagesbyalbum-sizedimage":
         case "latestimagesbyalbum-sizedimage-maxspace":
         case "latestimagesbyalbum-fullimage":
             $albumWhere = ' AND ' . $albumWhere;
             $type1 = query("SET @type1:='news'");
             $type2 = query("SET @type2:='albums'");
             if (empty($combinews_sortorder) || $combinews_sortorder != "date" || $combinews_sortorder != "mtime" || $combinews_sortorder != "publishdate") {
                 $combinews_sortorder = "date";
             }
             $sortorder = "images." . $combinews_sortorder;
             switch ($combinews_sortorder) {
                 case "date":
                     $imagequery = "(SELECT DISTINCT DATE_FORMAT(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.date,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                     break;
                 case "mtime":
                     $imagequery = "(SELECT DISTINCT FROM_UNIXTIME(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.mtime,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                 case "publishdate":
                     $imagequery = "(SELECT DISTINCT FROM_UNIXTIME(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.publishdate,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
                     break;
             }
             $result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $imagequery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER By {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
             break;
         case "latestupdatedalbums-thumbnail":
         case "latestupdatedalbums-thumbnail-customcrop":
         case "latestupdatedalbums-sizedimage":
         case "latestupdatedalbums-sizedimage-maxspace":
         case "latestupdatedalbums-fullimage":
             $latest = $this->getArticles($articles_per_page, NULL, true, 'date', $sortdirection);
             $counter = '';
             foreach ($latest as $news) {
                 $article = new ZenpageNews($news['titlelink']);
                 if ($article->checkAccess()) {
                     $counter++;
                     $latestnews[$counter] = array("albumname" => $article->getTitle(), "titlelink" => $article->getTitlelink(), "date" => $article->getDateTime(), "type" => "news");
                 }
             }
             $albums = getAlbumStatistic($articles_per_page, "latestupdated", '', $sortdirection);
             $latestalbums = array();
             $counter = "";
             foreach ($albums as $album) {
                 $counter++;
                 $tempalbum = $album;
                 $tempalbumthumb = $tempalbum->getAlbumThumbImage();
                 $timestamp = $tempalbum->get('mtime');
                 if ($timestamp == 0) {
                     $albumdate = $tempalbum->getDateTime();
                 } else {
                     $albumdate = strftime('%Y-%m-%d %H:%M:%S', $timestamp);
                 }
                 $latestalbums[$counter] = array("albumname" => $tempalbum->getFileName(), "titlelink" => $tempalbum->getTitle(), "date" => $albumdate, "type" => 'albums');
             }
             //$latestalbums = array_merge($latestalbums, $item);
             $latest = array_merge($latestnews, $latestalbums);
             $result = sortMultiArray($latest, "date", $sortdirection != 'asc');
             if (count($result) > $articles_per_page) {
                 $result = array_slice($result, 0, $articles_per_page);
             }
             break;
     }
     $_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection] = $result;
     return $result;
 }