/** * Gets the statistic for pages, news articles or categories as an unordered list * * @param int $number The number of news items to get * @param string $option "all" pages, articles and categories * "news" for news articles * "categories" for news categories * "pages" for pages * @param string $mode "popular" most viewed for pages, news articles and categories * "mostrated" for news articles and pages * "toprated" for news articles and pages * "random" for pages and news articles * @param string $sortdirection "asc" for ascending otherwise descending (default) * @return array */ function getZenpageStatistic($number = 10, $option = "all", $mode = "popular", $sortdirection = 'desc') { global $_zp_zenpage, $_zp_current_zenpage_news, $_zp_current_zenpage_pages; $sortdir = strtolower($sortdirection) != 'asc'; $statsarticles = array(); $statscats = array(); $statspages = array(); if ($option == "all" || $option == "news") { $articles = $_zp_zenpage->getArticles($number, NULL, true, $mode, $sortdir, false); $counter = ""; $statsarticles = array(); foreach ($articles as $article) { $counter++; $obj = new ZenpageNews($article['titlelink']); $statsarticles[$counter] = array("id" => $obj->getID(), "title" => $obj->getTitle(), "titlelink" => $article['titlelink'], "hitcounter" => $obj->getHitcounter(), "total_votes" => $obj->getTotal_votes(), "rating" => $obj->getRating(), "content" => $obj->getContent(), "date" => $obj->getDateTime(), "type" => "News"); } $stats = $statsarticles; } if (($option == "all" || $option == "categories") && $mode != "mostrated" && $mode != "toprated") { $categories = $_zp_zenpage->getAllCategories(true, $mode, $sortdir); $counter = ""; $statscats = array(); foreach ($categories as $cat) { $counter++; $statscats[$counter] = array("id" => $cat['id'], "title" => html_encode(get_language_string($cat['title'])), "titlelink" => getNewsCategoryURL($cat['titlelink']), "hitcounter" => $cat['hitcounter'], "total_votes" => "", "rating" => "", "content" => '', "date" => '', "type" => "Category"); } $stats = $statscats; } if ($option == "all" || $option == "pages") { $pages = $_zp_zenpage->getPages(NULL, false, $number, $mode, $sortdir); $counter = ""; $statspages = array(); foreach ($pages as $page) { $counter++; $pageobj = new ZenpagePage($page['titlelink']); $statspages[$counter] = array("id" => $pageobj->getID(), "title" => $pageobj->getTitle(), "titlelink" => $page['titlelink'], "hitcounter" => $pageobj->getHitcounter(), "total_votes" => $pageobj->get('total_votes'), "rating" => $pageobj->get('rating'), "content" => $pageobj->getContent(), "date" => $pageobj->getDateTime(), "type" => "Page"); } $stats = $statspages; } if ($option == "all") { $stats = array_merge($statsarticles, $statscats, $statspages); if ($mode == 'random') { shuffle($stats); } else { switch ($sortdir) { case 'asc': $desc = false; break; case 'desc': $desc = true; break; } $stats = sortMultiArray($stats, $mode, $desc); } } return $stats; }
/** * Gets the statistic for pages, news articles or categories as an unordered list * * @param int $number The number of news items to get * @param string $option "all" pages, articles and categories * "news" for news articles * "categories" for news categories * "pages" for pages * @param string $mode "popular" most viewed for pages, news articles and categories * "mostrated" for news articles and pages * "toprated" for news articles and pages * @return array */ function getZenpageStatistic($number = 10, $option = "all", $mode = "popular") { global $_zp_current_zenpage_news, $_zp_current_zenpage_pages; $statsarticles = array(); $statscats = array(); $statspages = array(); switch ($mode) { case "popular": $sortorder = "hitcounter"; break; case "mostrated": $sortorder = "total_votes"; break; case "toprated": $sortorder = "rating"; break; } if ($option == "all" or $option == "news") { $articles = query_full_array("SELECT titlelink FROM " . prefix('news') . " ORDER BY {$sortorder} DESC LIMIT {$number}"); $counter = ""; $statsarticles = array(); foreach ($articles as $article) { $counter++; $obj = new ZenpageNews($article['titlelink']); $statsarticles[$counter] = array("id" => $obj->getID(), "title" => $obj->getTitle(), "titlelink" => $article['titlelink'], "hitcounter" => $obj->getHitcounter(), "total_votes" => $obj->get('total_votes'), "rating" => $obj->get('rating'), "content" => $obj->getContent(), "date" => $obj->getDateTime(), "type" => "News"); } $stats = $statsarticles; } if (($option == "all" or $option == "categories") && $mode != "mostrated" && $mode != "toprated") { $categories = query_full_array("SELECT id, titlelink as title, title as titlelink, hitcounter FROM " . prefix('news_categories') . " ORDER BY {$sortorder} DESC LIMIT {$number}"); $counter = ""; $statscats = array(); foreach ($categories as $cat) { $counter++; $statscats[$counter] = array("id" => $cat['id'], "title" => html_encode(get_language_string($cat['title'])), "titlelink" => getNewsCategoryURL($cat['titlelink']), "hitcounter" => $cat['hitcounter'], "total_votes" => "", "rating" => "", "content" => '', "date" => '', "type" => "Category"); } $stats = $statscats; } if ($option == "all" or $option == "pages") { $pages = query_full_array("SELECT titlelink FROM " . prefix('pages') . " ORDER BY {$sortorder} DESC LIMIT {$number}"); $counter = ""; $statspages = array(); foreach ($pages as $page) { $counter++; $pageobj = new ZenpagePage($page['titlelink']); $statspages[$counter] = array("id" => $pageobj->getID(), "title" => $pageobj->getTitle(), "titlelink" => $page['titlelink'], "hitcounter" => $pageobj->getHitcounter(), "total_votes" => $pageobj->get('total_votes'), "rating" => $pageobj->get('rating'), "content" => $pageobj->getContent(), "date" => $pageobj->getDateTime(), "type" => "Page"); } $stats = $statspages; } if ($option == "all") { $stats = array_merge($statsarticles, $statscats, $statspages); } $stats = sortMultiArray($stats, $sortorder, true); return $stats; }
/** * Checks if user is allowed to access the page * @param $hint * @param $show */ function checkforGuest(&$hint = NULL, &$show = NULL) { if (!parent::checkForGuest()) { return false; } $pageobj = $this; $hash = $pageobj->getPassword(); while (empty($hash) && !is_null($pageobj)) { $parentID = $pageobj->getParentID(); if (empty($parentID)) { $pageobj = NULL; } else { $sql = 'SELECT `titlelink` FROM ' . prefix('pages') . ' WHERE `id`=' . $parentID; $result = query_single_row($sql); $pageobj = new ZenpagePage($result['titlelink']); $hash = $pageobj->getPassword(); } } if (empty($hash)) { // no password required return 'zp_public_access'; } else { $authType = "zp_page_auth_" . $pageobj->get('id'); $saved_auth = zp_getCookie($authType); if ($saved_auth == $hash) { return $authType; } else { $user = $pageobj->getUser(); $show = !empty($user); $hint = $pageobj->getPasswordHint(); return false; } } }
/** * checks password posting * * @param string $authType override of athorization type */ function zp_handle_password($authType = NULL, $check_auth = NULL, $check_user = NULL) { global $_zp_loggedin, $_zp_login_error, $_zp_current_album, $_zp_authority, $_zp_current_zenpage_page, $_zp_gallery; if (empty($authType)) { // not supplied by caller $check_auth = ''; if (isset($_GET['z']) && $_GET['p'] == 'full-image' || isset($_GET['p']) && $_GET['p'] == '*full-image') { $authType = 'zp_image_auth'; $check_auth = getOption('protected_image_password'); $check_user = getOption('protected_image_user'); } else { if (in_context(ZP_SEARCH)) { // search page $authType = 'zp_search_auth'; $check_auth = getOption('search_password'); $check_user = getOption('search_user'); } else { if (in_context(ZP_ALBUM)) { // album page $authType = "zp_album_auth_" . $_zp_current_album->get('id'); $check_auth = $_zp_current_album->getPassword(); $check_user = $_zp_current_album->getUser(); if (empty($check_auth)) { $parent = $_zp_current_album->getParent(); while (!is_null($parent)) { $check_auth = $parent->getPassword(); $check_user = $parent->getUser(); $authType = "zp_album_auth_" . $parent->get('id'); if (!empty($check_auth)) { break; } $parent = $parent->getParent(); } } } else { if (in_context(ZP_ZENPAGE_PAGE)) { $authType = "zp_page_auth_" . $_zp_current_zenpage_page->get('id'); $check_auth = $_zp_current_zenpage_page->getPassword(); $check_user = $_zp_current_zenpage_page->getUser(); if (empty($check_auth)) { $pageobj = $_zp_current_zenpage_page; while (empty($check_auth)) { $parentID = $pageobj->getParentID(); if ($parentID == 0) { break; } $sql = 'SELECT `titlelink` FROM ' . prefix('pages') . ' WHERE `id`=' . $parentID; $result = query_single_row($sql); $pageobj = new ZenpagePage($result['titlelink']); $authType = "zp_page_auth_" . $pageobj->get('id'); $check_auth = $pageobj->getPassword(); $check_user = $pageobj->getUser(); } } } } } } if (empty($check_auth)) { // anything else is controlled by the gallery credentials $authType = 'zp_gallery_auth'; $check_auth = $_zp_gallery->getPassword(); $check_user = $_zp_gallery->getUser(); } } // Handle the login form. if (DEBUG_LOGIN) { debugLog("zp_handle_password: \$authType={$authType}; \$check_auth={$check_auth}; \$check_user={$check_user}; "); } if (isset($_POST['password']) && isset($_POST['pass'])) { // process login form if (isset($_POST['user'])) { $post_user = sanitize($_POST['user']); } else { $post_user = ''; } $post_pass = sanitize($_POST['pass']); $auth = $_zp_authority->passwordHash($post_user, $post_pass); if (DEBUG_LOGIN) { debugLog("zp_handle_password: \$post_user={$post_user}; \$post_pass={$post_pass}; \$auth={$auth}; "); } $redirect_to = sanitize($_POST['redirect'], 0); if (substr($redirect_to, 0, 1) == '/') { $initial = '/'; } else { $initial = ''; } $redirect_to = $initial . sanitize_path($_POST['redirect']); if (strpos($redirect_to, WEBPATH . '/') === 0) { $redirect_to = substr($redirect_to, strlen(WEBPATH) + 1); } $success = $auth == $check_auth && $post_user == $check_user; $success = zp_apply_filter('guest_login_attempt', $success, $post_user, $post_pass, $authType); if ($success) { // Correct auth info. Set the cookie. if (DEBUG_LOGIN) { debugLog("zp_handle_password: valid credentials"); } zp_setCookie($authType, $auth); if (isset($_POST['redirect']) && !empty($_POST['redirect'])) { header("Location: " . FULLWEBPATH . "/" . $redirect_to); exit; } } else { // Clear the cookie, just in case if (DEBUG_LOGIN) { debugLog("zp_handle_password: invalid credentials"); } zp_setCookie($authType, "", -368000); $_zp_login_error = true; } return; } if (empty($check_auth)) { //no password on record or admin logged in return; } if (($saved_auth = zp_getCookie($authType)) != '') { if ($saved_auth == $check_auth) { if (DEBUG_LOGIN) { debugLog("zp_handle_password: valid cookie"); } return; } else { // Clear the cookie if (DEBUG_LOGIN) { debugLog("zp_handle_password: invalid cookie"); } zp_setCookie($authType, "", -368000); } } }