/** * Returns a list of image IDs that the current viewer is not allowed to see * * @return array */ function getNotViewableImages() { global $_zp_not_viewable_image_list; if (zp_loggedin(ADMIN_RIGHTS | MANAGE_ALL_ALBUM_RIGHTS)) { return array(); //admins can see all } $hidealbums = getNotViewableAlbums(); $where = ''; if (!is_null($hidealbums)) { foreach ($hidealbums as $id) { $where .= ' AND `albumid` = ' . $id; } } if (is_null($_zp_not_viewable_image_list)) { $sql = 'SELECT `id` FROM ' . prefix('images') . ' WHERE `show`= 0' . $where; $result = query($sql); if ($result) { $_zp_not_viewable_image_list = array(); while ($row = db_fetch_assoc($result)) { $_zp_not_viewable_image_list[] = $row['id']; } } } return $_zp_not_viewable_image_list; }
/** * Retrieves a list of all unique years & months from the images in the gallery * * @param string $order set to 'desc' for the list to be in descending order * @return array */ function getAllDates($order = 'asc') { $alldates = array(); $cleandates = array(); $sql = "SELECT `date` FROM " . prefix('images'); if (!zp_loggedin()) { $sql .= " WHERE `show` = 1"; } $hidealbums = getNotViewableAlbums(); if (!is_null($hidealbums)) { if (zp_loggedin()) { $sql .= ' WHERE '; } else { $sql .= ' AND '; } foreach ($hidealbums as $id) { $sql .= '`albumid`!=' . $id . ' AND '; } $sql = substr($sql, 0, -5); } $result = query($sql); if ($result) { while ($row = db_fetch_assoc($result)) { $alldates[] = $row['date']; } db_free_result($result); } foreach ($alldates as $adate) { if (!empty($adate)) { $cleandates[] = substr($adate, 0, 7) . "-01"; } } $datecount = array_count_values($cleandates); if ($order == 'desc') { krsort($datecount); } else { ksort($datecount); } return $datecount; }
/** * returns the results of a date search * @param string $searchstring the search target * @param string $searchdate the date target * @param string $tbl the database table to search * @param string $sorttype what to sort on * @param string $sortdirection what direction * @return string * @since 1.1.3 */ function searchDate($searchstring, $searchdate, $tbl, $sorttype, $sortdirection, $whichdate = 'date') { global $_zp_current_album, $_zp_gallery; $sql = 'SELECT DISTINCT `id`, `show`,`title`'; switch ($tbl) { case 'pages': case 'news': $sql .= ',`titlelink` '; break; case 'albums': $sql .= ",`desc`,`folder` "; break; default: $sql .= ",`desc`,`albumid`,`filename` "; break; } $sql .= "FROM " . prefix($tbl) . " WHERE "; if (!zp_loggedin()) { $sql .= "`show` = 1 AND ("; } if (!empty($searchdate)) { if ($searchdate == "0000-00") { $sql .= "`{$whichdate}`=\"0000-00-00 00:00:00\""; } else { $datesize = sizeof(explode('-', $searchdate)); // search by day if ($datesize == 3) { $d1 = $searchdate . " 00:00:00"; $d2 = $searchdate . " 23:59:59"; $sql .= "`{$whichdate}` >= \"{$d1}\" AND `{$whichdate}` < \"{$d2}\""; } else { if ($datesize == 2) { $d1 = $searchdate . "-01 00:00:00"; $d = strtotime($d1); $d = strtotime('+ 1 month', $d); $d2 = substr(date('Y-m-d H:m:s', $d), 0, 7) . "-01 00:00:00"; $sql .= "`{$whichdate}` >= \"{$d1}\" AND `{$whichdate}` < \"{$d2}\""; } else { $sql .= "`{$whichdate}`<\"0000-00-00 00:00:00\""; } } } } if (!zp_loggedin()) { $sql .= ")"; } switch ($tbl) { case 'news': if (empty($sorttype)) { $key = '`date` DESC'; } else { $key = trim($sorttype . ' ' . $sortdirection); } break; case 'pages': $key = 'sort_order'; break; case 'albums': if (is_null($sorttype)) { if (empty($this->album)) { list($key, $sortdirection) = $this->sortKey($_zp_gallery->getSortType(), $sortdirection, 'title', 'albums'); if (trim($key . '`') != 'sort_order') { if ($_zp_gallery->getSortDirection()) { $key .= " DESC"; } } } else { $key = $this->album->getAlbumSortKey(); if (trim($key . '`') != 'sort_order' && $key != 'RAND()') { if ($this->album->getSortDirection('album')) { $key .= " DESC"; } } } } else { list($key, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'albums'); $key = trim($key . ' ' . $sortdirection); } break; default: $hidealbums = getNotViewableAlbums(); if (!empty($hidealbums)) { $sql .= ' AND `albumid` NOT IN (' . implode(',', $hidealbums) . ')'; } if (is_null($sorttype)) { if (empty($this->album)) { list($key, $sortdirection) = $this->sortKey(IMAGE_SORT_TYPE, $sortdirection, 'title', 'images'); if (trim($key . '`') != 'sort_order') { if (IMAGE_SORT_DIRECTION) { $key .= " DESC"; } } } else { $key = $thie->album->getImageSortKey(); if (trim($key . '`') != 'sort_order' && $key != 'RAND()') { if ($this->album->getSortDirection('image')) { $key .= " DESC"; } } } } else { list($key, $sortdirection) = $this->sortKey($sorttype, $sortdirection, 'title', 'images'); $key = trim($key . ' ' . $sortdirection); } break; } $sql .= " ORDER BY " . $key; return $sql; }
/** * returns the results of a date search * @param string $searchstring the search target * @param string $searchdate the date target * @param string $tbl the database table to search * @param string $sorttype what to sort on * @param string $sortdirection what direction * @return string * @since 1.1.3 */ function searchDate($searchstring, $searchdate, $tbl, $sorttype, $sortdirection, $whichdate = 'date') { global $_zp_current_album; $sql = 'SELECT DISTINCT `id`, `show`,`title`'; switch ($tbl) { case 'pages': case 'news': $sql .= ',`titlelink` '; break; case 'albums': $sql .= ",`desc`,`folder` "; break; default: $sql .= ",`desc`,`albumid`,`filename`,`location`,`city`,`state`,`country` "; break; } $sql .= "FROM " . prefix($tbl) . " WHERE "; if (!zp_loggedin()) { $sql .= "`show` = 1 AND ("; } if (!empty($searchdate)) { if ($searchdate == "0000-00") { $sql .= "`{$whichdate}`=\"0000-00-00 00:00:00\""; } else { $datesize = sizeof(explode('-', $searchdate)); // search by day if ($datesize == 3) { $d1 = $searchdate . " 00:00:00"; $d2 = $searchdate . " 23:59:59"; $sql .= "`{$whichdate}` >= \"{$d1}\" AND `{$whichdate}` < \"{$d2}\""; } else { if ($datesize == 2) { $d1 = $searchdate . "-01 00:00:00"; $d = strtotime($d1); $d = strtotime('+ 1 month', $d); $d2 = substr(date('Y-m-d H:m:s', $d), 0, 7) . "-01 00:00:00"; $sql .= "`{$whichdate}` >= \"{$d1}\" AND `{$whichdate}` < \"{$d2}\""; } } } } if (!zp_loggedin()) { $sql .= ")"; } switch ($tbl) { case 'news': if (empty($sorttype)) { $key = '`date` DESC'; } else { $key = trim('`' . $sorttype . '`' . ' ' . $sortdirection); } break; case 'pages': $key = '`sort_order`'; break; case 'albums': if (is_null($sorttype)) { if (empty($this->dynalbumname)) { $key = lookupSortKey($this->gallery->getSortType(), 'sort_order', 'folder'); if ($key != '`sort_order`') { if ($this->gallery->getSortDirection()) { $key .= " DESC"; } } } else { $gallery = new Gallery(); $album = new Album($gallery, $this->dynalbumname); $key = $album->getAlbumSortKey(); if ($key != '`sort_order`' && $key != 'RAND()') { if ($album->getSortDirection('album')) { $key .= " DESC"; } } } } else { $sorttype = lookupSortKey($sorttype, 'sort_order', 'folder'); $key = trim($sorttype . ' ' . $sortdirection); } break; default: $hidealbums = getNotViewableAlbums(); if (!is_null($hidealbums)) { foreach ($hidealbums as $id) { $sql .= ' AND `albumid`!=' . $id; } } if (is_null($sorttype)) { if (empty($this->dynalbumname)) { $key = lookupSortKey(IMAGE_SORT_TYPE, 'filename', 'filename'); if ($key != '`sort_order`') { if (IMAGE_SORT_DIRECTION) { $key .= " DESC"; } } } else { $gallery = new Gallery(); $album = new Album($gallery, $this->dynalbumname); $key = $album->getImageSortKey(); if ($key != '`sort_order`' && $key != 'RAND()') { if ($album->getSortDirection('image')) { $key .= " DESC"; } } } } else { $sorttype = lookupSortKey($sorttype, 'filename', 'filename'); $key = trim($sorttype . ' ' . $sortdirection); } break; } $sql .= " ORDER BY " . $key; $result = query_full_array($sql); if (!$result) { return array(); } return $result; }
/** * returns the sql string for a search * @param string $searchstring the search target * @param string $searchdate the date target * @param string $tbl the database table to search * @param int $fields which fields to perform the search on * @return string * @since 1.1.3 */ function getSearchSQL($searchstring, $searchdate, $tbl, $fields) { global $_zp_current_album; $sql = 'SELECT DISTINCT `id`, `show`,`title`,`desc`'; if ($tbl == 'albums') { $fields = $fields & SEARCH_TITLE + SEARCH_DESC + SEARCH_FILENAME; // these are all albums have $sql .= ",`folder`"; } else { $sql .= ",`albumid`,`filename`,`location`,`city`,`state`,`country`"; } $sql .= " FROM " . prefix($tbl) . " WHERE "; if (!zp_loggedin()) { $sql .= "`show` = 1 AND ("; } $join = ""; $nrt = 0; foreach ($searchstring as $singlesearchstring) { switch ($singlesearchstring) { case '&': $join .= " AND "; break; case '!': $join .= " NOT "; break; case '|': $join .= " OR "; break; case '(': case ')': $join .= $singlesearchstring; break; default: $subsql = ""; $nr = 0; $singlesearchstring = sanitize($singlesearchstring, 3); foreach ($this->zp_search_fieldnames as $fieldname => $value) { if ($value & $fields) { if ($value == SEARCH_FILENAME) { if ($tbl == 'albums') { $fieldname = 'folder'; } else { $fieldname = 'filename'; } } else { $fieldname = strtolower($fieldname); } $nr++; if ($nr > 1) { $subsql .= " OR "; } // add OR for more searchstrings $subsql .= ' `' . $fieldname . '` LIKE "%' . mysql_real_escape_string($singlesearchstring) . '%"'; } } if ($nr > 0) { $nrt++; $sql .= $join; $join = ""; $sql .= "({$subsql})"; } } } $sql .= $join; if (!empty($searchdate)) { if ($nrt > 1) { $sql = $sql . " AND "; } $nrt++; if ($searchdate == "0000-00") { $sql .= "`date`=\"0000-00-00 00:00:00\""; } else { $d1 = $searchdate . "-01 00:00:00"; $d = strtotime($d1); $d = strtotime('+ 1 month', $d); $d2 = substr(date('Y-m-d H:m:s', $d), 0, 7) . "-01 00:00:00"; $sql .= "`date` >= \"{$d1}\" AND `date` < \"{$d2}\""; } } if (!zp_loggedin()) { $sql .= ")"; } if ($nrt == 0) { return NULL; } // no valid fields if ($tbl == 'albums') { if (empty($this->dynalbumname)) { $key = subalbumSortKey(getOption('gallery_sorttype')); if ($key != '`sort_order`') { if (getOption('gallery_sortdirection')) { $key .= " DESC"; } } } else { $gallery = new Gallery(); $album = new Album($gallery, $this->dynalbumname); $key = $album->getSubalbumSortKey(); if ($key != '`sort_order`') { if ($album->getSortDirection('album')) { $key .= " DESC"; } } } } else { $hidealbums = getNotViewableAlbums(); if (!is_null($hidealbums)) { foreach ($hidealbums as $id) { $sql .= ' AND `albumid`!=' . $id; } } if (empty($this->dynalbumname)) { $key = albumSortKey(getOption('image_sorttype')); if ($key != '`sort_order`') { if (getOption('image_sortdirection')) { $key .= " DESC"; } } } else { $gallery = new Gallery(); $album = new Album($gallery, $this->dynalbumname); $key = $album->getSortKey(); if ($key != '`sort_order`') { if ($album->getSortDirection('image')) { $key .= " DESC"; } } } } $sql .= " ORDER BY " . $key; return $sql; }