function MG_access_denied()
{
global $LANG_MG00, $LANG_ACCESS;
$display = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . '<br' . XHTML . '>' . $LANG_MG00['access_denied_msg'] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
function MG_invalidRequest()
{
global $LANG_MG02;
$display = COM_showMessageText($LANG_MG02['generic_error']);
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
if (strpos($referrer, $_CONF['site_url']) !== false) {
$allowed = 1;
}
}
if ($allowed == 0) {
return;
}
$mid = isset($_GET['mid']) ? COM_applyFilter($_GET['mid']) : '';
if (empty($mid)) {
return;
}
$aid = DB_getItem($_TABLES['mg_media_albums'], 'album_id', 'media_id="' . addslashes($mid) . '"');
$album_data = MG_getAlbumData($aid, array('album_id'), true);
if ($album_data['access'] == 0) {
$display = COM_startBlock($LANG_ACCESS['accessdenied'], '', COM_getBlockTemplate('_msg_block', 'header')) . '<br' . XHTML . '>' . $LANG_MG00['access_denied_msg'] . COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
$sql = "SELECT * FROM {$_TABLES['mg_media']} WHERE media_id='" . addslashes($mid) . "'";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
$filename = $A['media_original_filename'];
if (empty($filename)) {
$filename = $A['media_filename'] . '.' . $A['media_mime_ext'];
}
$mime_type = $A['mime_type'];
if ($mime_type == 'application/octet-stream' && strtolower($A['media_mime_ext']) == 'pdf') {
$mime_type = 'application/pdf';
}
if (!SEC_hasRights('mediagallery.admin')) {
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +--------------------------------------------------------------------------+
require_once '../lib-common.php';
if (!in_array('mediagallery', $_PLUGINS)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
if (COM_isAnonUser() && $_MG_CONF['loginrequired'] == 1) {
$display = SEC_loginRequiredForm();
$display .= MG_createHTMLDocument($display);
COM_output($display);
exit;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/common.php';
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-media.php';
$msg = isset($_REQUEST['msg']) ? COM_applyFilter($_REQUEST['msg'], true) : '';
$full = isset($_REQUEST['f']) ? COM_applyFilter($_REQUEST['f'], true) : 0;
$mid = isset($_REQUEST['s']) ? COM_applyFilter($_REQUEST['s'], true) : 0;
$sortOrder = isset($_REQUEST['sort']) ? COM_applyFilter($_REQUEST['sort'], true) : 0;
$page = isset($_REQUEST['p']) ? COM_applyFilter($_REQUEST['p'], true) : 0;
list($ptitle, $content, $album_id) = MG_displayMedia($mid, $full, $sortOrder, 1, $page);
$skin = DB_getItem($_TABLES['mg_albums'], 'skin', "album_id = " . intval($album_id));
MG_getThemePublicJSandCSS($skin);
$display = '';
if ($msg != '') {
$display .= COM_showMessage($msg, 'mediagallery');
}
$display .= $content;
$display = MG_createHTMLDocument($display, $ptitle);
COM_output($display);
function MG_processDir($dir, $album_id, $purgefiles, $recurse)
{
global $_TABLES, $LANG_MG02;
if (!@is_dir($dir)) {
$display = COM_showMessageText($LANG_MG02['invalid_directory'] . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
if (!($dh = @opendir($dir))) {
$display = COM_showMessageText($LANG_MG02['directory_error'] . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
while (($file = readdir($dh)) != false) {
if ($file == '..' || $file == '.') {
continue;
}
set_time_limit(60);
$filename = $file;
if (PHP_OS == "WINNT") {
$filetmp = $dir . "\\" . $file;
} else {
$filetmp = $dir . '/' . $file;
}
if (is_dir($filetmp)) {
if ($recurse) {
$statusMsg .= MG_processDir($filetmp, $album_id, $purgefiles, $recurse);
}
} else {
$max_filesize = DB_getItem($_TABLES['mg_albums'], 'max_filesize', 'album_id=' . intval($album_id));
if ($max_filesize != 0 && filesize($filetmp) > $max_filesize) {
COM_errorLog("MG Upload: File " . $file . " exceeds maximum filesize for this album.");
$statusMsg = sprintf($LANG_MG02['upload_exceeds_max_filesize'] . '<br' . XHTML . '>', $file);
continue;
}
$filetype = "application/force-download";
$opt = array('upload' => 0, 'purgefiles' => $purgefiles, 'filetype' => $filetype);
list($rc, $msg) = MG_getFile($filetmp, $file, $album_id, $opt);
$statusMsg .= $file . ' ' . $msg . '<br' . XHTML . '>';
}
}
closedir($dh);
return $statusMsg;
}
function MG_ftpProcess($album_id)
{
global $_TABLES, $_MG_CONF, $LANG_MG01;
$session_description = $LANG_MG01['ftp_media'];
$origin = $album_id == 0 ? '/index.php' : '/album.php?aid=' . $album_id;
$session_id = MG_beginSession('ftpimport', $_MG_CONF['site_url'] . $origin, $session_description);
$purgefiles = COM_applyFilter($_POST['purgefiles'], true);
$count = count($_POST['pic']);
if ($count < 1) {
if ($album_id == 0) {
echo COM_refresh($_MG_CONF['site_url'] . '/index.php');
} else {
echo COM_refresh($_MG_CONF['site_url'] . '/album.php?aid=' . $album_id);
}
exit;
}
foreach ($_POST['pic'] as $pic_id) {
$album_lb_id = COM_applyFilter($_POST['album_lb_id_' . $pic_id]);
$aid = COM_applyFilter($_POST[$album_lb_id], true);
$filename = COM_applyFilter($_POST['picfile_' . $pic_id]);
// full path and name
$file = basename($filename);
// basefilename
$mid = is_dir($filename) ? 1 : 0;
MG_registerSession(array('session_id' => $session_id, 'mid' => $mid, 'aid' => $aid, 'data' => $filename, 'data2' => $purgefiles, 'data3' => $file));
}
$display = MG_continueSession($session_id, 0, $_MG_CONF['def_refresh_rate']);
$display = MG_createHTMLDocument($display);
echo $display;
exit;
}
$sort_user = $_USER['uid'];
}
$sort_datetime = time();
$referer = addslashes($referer);
$keywords = addslashes($keywords);
if ($f_all == true || !empty($keywords)) {
$sql = "INSERT INTO {$_TABLES['mg_sort']} (sort_id,sort_user,sort_query,sort_results,sort_datetime,referer,keywords)\n VALUES ('{$sort_id}',{$sort_user},'{$sqltmp}',{$numresults},{$sort_datetime},'{$referer}','{$keywords}')";
$result = DB_query($sql);
if (DB_error()) {
COM_errorLog("Media Gallery: Error placing sort query into database");
}
$display .= MG_search($sort_id, 1, $searchinfo);
} else {
$display .= MG_showSearchForm($searchinfo);
}
$sort_purge = time() - 3660;
// 43200;
DB_query("DELETE FROM {$_TABLES['mg_sort']} WHERE sort_datetime < " . $sort_purge);
} elseif ($mode == $LANG_MG01['cancel']) {
echo COM_refresh($_MG_CONF['site_url'] . '/index.php');
exit;
} elseif (isset($_GET['id'])) {
$id = COM_applyFilter($_GET['id']);
$page = intval(COM_applyFilter($_GET['page'], true));
if ($page < 1 || empty($page)) {
$page = 1;
}
$display .= MG_search($id, $page, $searchinfo);
}
$display = MG_createHTMLDocument($display, $LANG_MG00['results']);
COM_output($display);
function MG_albumRebuildThumbs($aid, $actionURL)
{
global $_CONF, $_TABLES, $_MG_CONF, $LANG_MG01;
$album_data = MG_getAlbumData($aid, array('album_title'), true);
if ($album_data['access'] != 3) {
echo COM_refresh($actionURL);
exit;
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$sql = MG_buildMediaSql(array('album_id' => $aid, 'where' => "m.media_type = 0", 'sortorder' => -1));
$result = DB_query($sql);
$nRows = DB_numRows($result);
if ($nRows <= 0) {
echo COM_refresh($actionURL);
exit;
}
$session_description = sprintf($LANG_MG01['batch_rebuild_thumbs'], $album_data['album_title']);
$session_id = MG_beginSession('rebuildthumb', $actionURL, $session_description);
for ($x = 0; $x < $nRows; $x++) {
$row = DB_fetchArray($result);
$srcImage = '';
$imageDisplay = '';
$mfn = $row['media_filename'][0] . '/' . $row['media_filename'];
if ($_MG_CONF['discard_original'] == 1) {
$ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn);
if (!empty($ext)) {
$srcImage = $_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn . $ext;
$imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext;
$row['mime_type'] = '';
}
} else {
$ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'orig/' . $mfn);
if (!empty($ext)) {
$srcImage = $_MG_CONF['path_mediaobjects'] . 'orig/' . $mfn . $ext;
$imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext;
}
}
if ($srcImage == '' || !file_exists($srcImage)) {
$ext = MG_getMediaExt($_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn);
if (!empty($ext)) {
$srcImage = $_MG_CONF['path_mediaobjects'] . 'disp/' . $mfn . $ext;
$imageDisplay = $_MG_CONF['path_mediaobjects'] . 'tn/' . $mfn . $ext;
$row['mime_type'] = '';
$row['media_mime_ext'] = $ext;
}
}
if ($srcImage == '') {
continue;
}
MG_registerSession(array('session_id' => $session_id, 'mid' => $row['mime_type'], 'aid' => $row['album_id'], 'data' => $srcImage, 'data2' => $imageDisplay, 'data3' => $row['media_mime_ext']));
}
$display = MG_continueSession($session_id, 0, $_MG_CONF['def_refresh_rate']);
$display = MG_createHTMLDocument($display, 'album_rebuild_thumbs');
echo $display;
exit;
}
function MG_saveEnroll()
{
global $_CONF, $_MG_CONF, $_TABLES, $_USER, $LANG_MG03;
if ($_MG_CONF['member_albums'] != 1) {
echo COM_refresh($_MG_CONF['site_url'] . '/index.php');
exit;
}
if (!isset($_MG_CONF['member_quota'])) {
$_MG_CONF['member_quota'] = 0;
}
$sql = "SELECT album_id FROM {$_TABLES['mg_albums']} " . "WHERE owner_id=" . intval($_USER['uid']) . " AND album_parent=" . intval($_MG_CONF['member_album_root']);
$result = DB_query($sql);
$nRows = DB_numRows($result);
if ($nRows > 0) {
$display = COM_startBlock('', '', COM_getBlockTemplate('_msg_block', 'header'));
$display .= $LANG_MG03['existing_member_album'];
$display .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$display = MG_createHTMLDocument($display);
COM_output($display);
exit;
}
$uid = $_USER['uid'];
$aid = plugin_user_create_mediagallery($uid, 1);
DB_change($_TABLES['mg_userprefs'], 'member_gallery', 1, 'uid', $uid);
DB_change($_TABLES['mg_userprefs'], 'quota', intval($_MG_CONF['member_quota']), 'uid', $uid);
if (DB_error()) {
$sql = "INSERT INTO {$_TABLES['mg_userprefs']} " . "(uid, active, display_rows, display_columns, mp3_player, playback_mode, tn_size, quota, member_gallery) " . "VALUES (" . $uid . ",1,0,0,-1,-1,-1," . intval($_MG_CONF['member_quota']) . ",1)";
DB_query($sql, 1);
}
echo COM_refresh($_MG_CONF['site_url'] . '/album.php?aid=' . $aid);
exit;
}