static function on_index_begin() { global $page; $is_ajax = isset($_GET['rvts']); if (!$is_ajax) { if (empty($page['items'])) { add_event_handler('loc_end_index', array('RVTS', 'on_end_index')); } else { add_event_handler('loc_end_index_thumbnails', array('RVTS', 'on_index_thumbnails'), EVENT_HANDLER_PRIORITY_NEUTRAL, 1); } } else { $adj = (int) @$_GET['adj']; if ($adj) { $mult = pwg_get_session_var('rvts_mult', 1); if ($adj > 0 && $mult < 5) { pwg_set_session_var('rvts_mult', ++$mult); } if ($adj < 0 && $mult > 1) { pwg_set_session_var('rvts_mult', --$mult); } } $page['nb_image_page'] = (int) $_GET['rvts']; add_event_handler('loc_end_index_thumbnails', array('RVTS', 'on_index_thumbnails_ajax'), EVENT_HANDLER_PRIORITY_NEUTRAL + 5, 1); $page['root_path'] = get_absolute_root_url(false); $page['body_id'] = 'scroll'; global $user, $template, $conf; include PHPWG_ROOT_PATH . 'include/category_default.inc.php'; } }
function osm_render_category() { global $template, $page, $conf, $filter; include_once dirname(__FILE__) . '/include/functions.php'; include_once dirname(__FILE__) . '/include/functions_map.php'; osm_load_language(); load_language('plugin.lang', OSM_PATH); // TF, 20160102: pass config as parameter $js_data = osm_get_items($conf, $page); if ($js_data != array()) { $local_conf = array(); $local_conf['contextmenu'] = 'false'; $local_conf['control'] = true; $local_conf['img_popup'] = false; $local_conf['popup'] = 1; $local_conf['center_lat'] = 0; $local_conf['center_lng'] = 0; $local_conf['zoom'] = 2; $local_conf['auto_center'] = 1; // TF, 20160102: pass config as parameter $local_conf['paths'] = osm_get_gps($conf, $page); $height = isset($conf['osm_conf']['category_description']['height']) ? $conf['osm_conf']['category_description']['height'] : '200'; $width = isset($conf['osm_conf']['category_description']['width']) ? $conf['osm_conf']['category_description']['width'] : 'auto'; $js = osm_get_js($conf, $local_conf, $js_data); $template->set_filename('map', dirname(__FILE__) . '/template/osm-category.tpl'); $template->assign(array('CONTENT_ENCODING' => get_pwg_charset(), 'OSM_PATH' => embellish_url(get_gallery_home_url() . OSM_PATH), 'HOME' => make_index_url(), 'HOME_PREV' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : get_absolute_root_url(), 'HOME_NAME' => l10n("Home"), 'HOME_PREV_NAME' => l10n("Previous"), 'OSMJS' => $js, 'HEIGHT' => $height, 'WIDTH' => $width)); $osm_content = $template->parse('map', true); //$osm_content = '<div id="osmmap"><div class="map_title">'.l10n('EDIT_MAP').'</div>' . $osm_content . '</div>'; $index = isset($conf['osm_conf']['category_description']['index']) ? $conf['osm_conf']['category_description']['index'] : 0; // 0 - PLUGIN_INDEX_CONTENT_BEGIN // 1 - PLUGIN_INDEX_CONTENT_COMMENT // 2 - PLUGIN_INDEX_CONTENT_END if ($index <= 1) { // From index category comment at L300 if ($page['start'] == 0 and !isset($page['chronology_field'])) { if (empty($page['comment'])) { $page['comment'] = $osm_content; } else { if ($index == 0) { $page['comment'] = '<div>' . $osm_content . $page['comment'] . '</div>'; } else { $page['comment'] = '<div>' . $page['comment'] . $osm_content . '</div>'; } } } } else { $osm_content = '<div id="osmmap">' . $osm_content . '</div>'; $template->concat('PLUGIN_INDEX_CONTENT_END', "\n" . $osm_content); } } }
function TAT_tour_setup() { global $template, $TAT_restart, $conf; $tour_to_launch = pwg_get_session_var('tour_to_launch'); load_language('plugin.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK')); list(, $tour_name) = explode('/', $tour_to_launch); load_language('tour_' . $tour_name . '.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK')); $template->set_filename('TAT_js_css', PHPWG_PLUGINS_PATH . 'TakeATour/tpl/js_css.tpl'); $template->assign('ADMIN_THEME', $conf['admin_theme']); $template->parse('TAT_js_css'); if (isset($TAT_restart) and $TAT_restart) { $TAT_restart = false; $template->assign('TAT_restart', true); } $tat_path = str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']); $template->assign('TAT_path', $tat_path); $template->assign('ABS_U_ADMIN', get_absolute_root_url()); // absolute one due to public pages and $conf['question_mark_in_urls'] = false+$conf['php_extension_in_urls'] = false; include $tour_to_launch . '/config.inc.php'; $template->set_filename('TAT_tour_tpl', $TOUR_PATH); $template->parse('TAT_tour_tpl'); }
/** * Creates a new user. * * @param string $login * @param string $password * @param string $mail_adress * @param bool $notify_admin * @param array &$errors populated with error messages * @param bool $notify_user * @return int|false user id or false */ function register_user($login, $password, $mail_address, $notify_admin = true, &$errors = array(), $notify_user = false) { global $conf; if ($login == '') { $errors[] = l10n('Please, enter a login'); } if (preg_match('/^.* $/', $login)) { $errors[] = l10n('login mustn\'t end with a space character'); } if (preg_match('/^ .*$/', $login)) { $errors[] = l10n('login mustn\'t start with a space character'); } if (get_userid($login)) { $errors[] = l10n('this login is already used'); } if ($login != strip_tags($login)) { $errors[] = l10n('html tags are not allowed in login'); } $mail_error = validate_mail_address(null, $mail_address); if ('' != $mail_error) { $errors[] = $mail_error; } if ($conf['insensitive_case_logon'] == true) { $login_error = validate_login_case($login); if ($login_error != '') { $errors[] = $login_error; } } $errors = trigger_change('register_user_check', $errors, array('username' => $login, 'password' => $password, 'email' => $mail_address)); // if no error until here, registration of the user if (count($errors) == 0) { $insert = array($conf['user_fields']['username'] => pwg_db_real_escape_string($login), $conf['user_fields']['password'] => $conf['password_hash']($password), $conf['user_fields']['email'] => $mail_address); single_insert(USERS_TABLE, $insert); $user_id = pwg_db_insert_id(); // Assign by default groups $query = ' SELECT id FROM ' . GROUPS_TABLE . ' WHERE is_default = \'' . boolean_to_string(true) . '\' ORDER BY id ASC ;'; $result = pwg_query($query); $inserts = array(); while ($row = pwg_db_fetch_assoc($result)) { $inserts[] = array('user_id' => $user_id, 'group_id' => $row['id']); } if (count($inserts) != 0) { mass_inserts(USER_GROUP_TABLE, array('user_id', 'group_id'), $inserts); } $override = array(); if ($language = get_browser_language()) { $override['language'] = $language; } create_user_infos($user_id, $override); if ($notify_admin and $conf['email_admin_on_new_user']) { include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; $admin_url = get_absolute_root_url() . 'admin.php?page=user_list&username='******'User: %s', stripslashes($login)), get_l10n_args('Email: %s', $mail_address), get_l10n_args(''), get_l10n_args('Admin: %s', $admin_url)); pwg_mail_notification_admins(get_l10n_args('Registration of %s', stripslashes($login)), $keyargs_content); } if ($notify_user and email_check_format($mail_address)) { include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; $keyargs_content = array(get_l10n_args('Hello %s,', stripslashes($login)), get_l10n_args('Thank you for registering at %s!', $conf['gallery_title']), get_l10n_args('', ''), get_l10n_args('Here are your connection settings', ''), get_l10n_args('', ''), get_l10n_args('Link: %s', get_absolute_root_url()), get_l10n_args('Username: %s', stripslashes($login)), get_l10n_args('Password: %s', stripslashes($password)), get_l10n_args('Email: %s', $mail_address), get_l10n_args('', ''), get_l10n_args('If you think you\'ve received this email in error, please contact us at %s', get_webmaster_mail_address())); pwg_mail($mail_address, array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Registration'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain')); } trigger_notify('register_user', array('id' => $user_id, 'username' => $login, 'email' => $mail_address)); return $user_id; } else { return false; } }
function send_derivative($expires) { global $page; if (isset($_GET['ajaxload']) and $_GET['ajaxload'] == 'true') { include_once PHPWG_ROOT_PATH . 'include/functions_cookie.inc.php'; include_once PHPWG_ROOT_PATH . 'include/functions_url.inc.php'; echo json_encode(array('url' => embellish_url(get_absolute_root_url() . $page['derivative_path']))); return; } $fp = fopen($page['derivative_path'], 'rb'); $fstat = fstat($fp); header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $fstat['mtime']) . ' GMT'); if ($expires !== false) { header('Expires: ' . gmdate('D, d M Y H:i:s', $expires) . ' GMT'); } header('Content-length: ' . $fstat['size']); header('Connection: close'); $ctype = "application/octet-stream"; switch (strtolower($page['derivative_ext'])) { case ".jpe": case ".jpeg": case ".jpg": $ctype = "image/jpeg"; break; case ".png": $ctype = "image/png"; break; case ".gif": $ctype = "image/gif"; break; } header("Content-Type: {$ctype}"); fpassthru($fp); fclose($fp); }
if ($conf['gallery_locked']) { $header_msgs[] = l10n('The gallery is locked for maintenance. Please, come back later.'); if (script_basename() != 'identification' and !is_admin()) { set_status_header(503, 'Service Unavailable'); @header('Retry-After: 900'); header('Content-Type: text/html; charset=' . get_pwg_charset()); echo '<a href="' . get_absolute_root_url(false) . 'identification.php">' . l10n('The gallery is locked for maintenance. Please, come back later.') . '</a>'; echo str_repeat(' ', 512); //IE6 doesn't error output if below a size exit; } } if ($conf['check_upgrade_feed']) { include_once PHPWG_ROOT_PATH . 'admin/include/functions_upgrade.php'; if (check_upgrade_feed()) { $header_msgs[] = 'Some database upgrades are missing, ' . '<a href="' . get_absolute_root_url(false) . 'upgrade_feed.php">upgrade now</a>'; } } if (count($header_msgs) > 0) { $template->assign('header_msgs', $header_msgs); $header_msgs = array(); } if (!empty($conf['filter_pages']) and get_filter_page_value('used')) { include PHPWG_ROOT_PATH . 'include/filter.inc.php'; } else { $filter['enabled'] = false; } if (isset($conf['header_notes'])) { $header_notes = array_merge($header_notes, $conf['header_notes']); } // default event handlers
/** * Resolves relative links in CSS file. * * @param string $css file content * @param string $dir * @param string $header CSS directives that must appear first in * the minified file. * @return string */ private static function process_css_rec($css, $dir, &$header) { static $PATTERN_URL = "#url\\(\\s*['|\"]{0,1}(.*?)['|\"]{0,1}\\s*\\)#"; static $PATTERN_IMPORT = "#@import\\s*['|\"]{0,1}(.*?)['|\"]{0,1};#"; if (preg_match_all($PATTERN_URL, $css, $matches, PREG_SET_ORDER)) { $search = $replace = array(); foreach ($matches as $match) { if (!url_is_remote($match[1]) && $match[1][0] != '/' && strpos($match[1], 'data:image/') === false) { $relative = $dir . "/{$match['1']}"; $search[] = $match[0]; $replace[] = 'url(' . embellish_url(get_absolute_root_url(false) . $relative) . ')'; } } $css = str_replace($search, $replace, $css); } if (preg_match_all($PATTERN_IMPORT, $css, $matches, PREG_SET_ORDER)) { $search = $replace = array(); foreach ($matches as $match) { $search[] = $match[0]; if (strpos($match[1], '..') !== false or strpos($match[1], '://') !== false or !is_readable(PHPWG_ROOT_PATH . $dir . '/' . $match[1])) { // If anything is suspicious, don't try to process the // @import. Since @import need to be first and we are // concatenating several CSS files, remove it from here and return // it through $header. $header .= $match[0]; $replace[] = ''; } else { $sub_css = file_get_contents(PHPWG_ROOT_PATH . $dir . "/{$match['1']}"); $replace[] = self::process_css_rec($sub_css, dirname($dir . "/{$match['1']}"), $header); } } $css = str_replace($search, $replace, $css); } return $css; }
function pfemail_check_accounts() { global $conf, $user; conf_update_param('pfemail_last_check', date('Y-m-d H:i:s')); require_once PFEMAIL_PATH . 'include/ImapMailbox.php'; $image_ids = array(); $query = ' SELECT * FROM ' . PFEMAIL_MAILBOXES_TABLE . ' ;'; $accounts = query2array($query); foreach ($accounts as $account) { $mailbox = new ImapMailbox($account['path'], $account['login'], $account['password'], $conf['upload_dir'] . '/buffer', 'utf-8'); $mails = array(); // Get some mail $mailsIds = $mailbox->searchMailBox('UNSEEN'); if (!$mailsIds) { continue; // check next email account } $mailId = reset($mailsIds); $mail = $mailbox->getMail($mailId); $attachments = $mail->getAttachments(); include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php'; foreach ($attachments as $attachment) { $extension = strtolower(get_extension($attachment->{'name'})); if (!in_array($extension, $conf['picture_ext'])) { // the file has been downloaded, we have to remove it now unlink($attachment->{'filePath'}); continue; } $moderate = get_boolean($account['moderated']); $image_id = add_uploaded_file($attachment->{'filePath'}, stripslashes($attachment->{'name'}), array($account['category_id']), $moderate ? 16 : 0, null); // the photo is added by nobody (using the current user may make the // photo editable by her with Admin Tools...) single_update(IMAGES_TABLE, array('added_by' => null, 'name' => pfemail_clean_email_subject($mail->subject)), array('id' => $image_id)); $state = 'auto_validated'; if ($moderate) { $state = 'moderation_pending'; } list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();')); single_insert(PFEMAIL_PENDINGS_TABLE, array('image_id' => $image_id, 'state' => $state, 'added_on' => $dbnow, 'from_name' => $mail->fromName, 'from_address' => $mail->fromAddress, 'subject' => $mail->subject)); $image_ids[] = $image_id; } } if (count($image_ids) > 0) { include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; invalidate_user_cache(); // let's notify administrators $query = ' SELECT id FROM ' . GROUPS_TABLE . ' ;'; $group_ids = query2array($query, null, 'id'); if (count($group_ids) > 0) { include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; $thumb_urls = array(); // force $conf['derivative_url_style'] to 2 (script) to make sure we // will use i.php?/upload and not _data/i/upload because you don't // know when the cache will be flushed $previous_derivative_url_style = $conf['derivative_url_style']; $conf['derivative_url_style'] = 2; $query = ' SELECT id, path FROM ' . IMAGES_TABLE . ' WHERE id IN (' . implode(',', $image_ids) . ') ;'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { $thumb = DerivativeImage::thumb_url(array('id' => $row['id'], 'path' => $row['path'])); $thumb_urls[] = $thumb; } // restore configuration setting $conf['derivative_url_style'] = $previous_derivative_url_style; $thumbs_html_string = ''; foreach ($thumb_urls as $thumb_url) { if (!empty($thumbs_html_string)) { $thumbs_html_string .= ' '; } $thumbs_html_string .= '<img src="' . $thumb_url . '">'; } $content = $thumbs_html_string; // how many photos pending? $pendings = pfemail_get_pending_ids(); if (count($pendings) > 0) { $content .= '<br><br>'; $content .= '<a href="' . get_absolute_root_url() . 'admin.php?page=plugin-photo_from_email-pendings' . '">'; $content .= l10n('%d photos pending for validation', count($pendings)); $content .= '</a>'; } $real_user_id = $user['id']; $user['id'] = $conf['guest_id']; $subject = l10n('%d photos added by email', count($thumb_urls)); foreach ($group_ids as $group_id) { pwg_mail_group($group_id, array('subject' => '[' . $conf['gallery_title'] . '] ' . $subject, 'mail_title' => $conf['gallery_title'], 'mail_subtitle' => $subject, 'content' => $content, 'content_format' => 'text/html')); } } // restore current user $user['id'] = $real_user_id; } }
*/ defined('PHPWG_ROOT_PATH') or die('Hacking attempt!'); if (basename(dirname(__FILE__)) != 'GuestBook') { add_event_handler('init', 'guestbook_error'); function guestbook_error() { global $page; $page['errors'][] = 'GuestBook folder name is incorrect, uninstall the plugin and rename it to "GuestBook"'; } return; } global $conf, $prefixeTable; define('GUESTBOOK_PATH', PHPWG_PLUGINS_PATH . 'GuestBook/'); define('GUESTBOOK_TABLE', $prefixeTable . 'guestbook'); define('GUESTBOOK_ADMIN', get_root_url() . 'admin.php?page=plugin-GuestBook'); define('GUESTBOOK_URL', get_absolute_root_url() . make_index_url(array('section' => 'guestbook'))); $conf['guestbook'] = safe_unserialize($conf['guestbook']); include_once GUESTBOOK_PATH . 'include/events.inc.php'; add_event_handler('loading_lang', 'guestbook_loading_lang'); if (defined('IN_ADMIN')) { add_event_handler('get_admin_plugin_menu_links', 'gb_admin_menu'); } else { add_event_handler('loc_end_section_init', 'gb_section_init'); add_event_handler('loc_end_index', 'gb_index'); } if ($conf['guestbook']['menu_link']) { add_event_handler('blockmanager_apply', 'gb_menubar_apply', EVENT_HANDLER_PRIORITY_NEUTRAL + 10); } function guestbook_loading_lang() { load_language('plugin.lang', GUESTBOOK_PATH);
//add_event_handler('get_high_url', 'cdnplus_debug'); // ? add_event_handler('get_src_image_url', 'cdnplus_update_url', EVENT_HANDLER_PRIORITY_NEUTRAL, 4); // picture page add_event_handler('get_derivative_url', 'cdnplus_update_url', EVENT_HANDLER_PRIORITY_NEUTRAL, 4); // thumbnailCategory & thumbnail & navThumb //add_event_handler('get_src_image_url', 'cdnplus_update_url'); // picture page //add_event_handler('get_derivative_url', 'cdnplus_update_url'); // thumbnailCategory & thumbnail & navThumb // Find which CDN to use for theme and enabled the trigger for ($i = 1; $i <= 5; $i++) { if (!empty($conf['cdnplus_conf']['cdn_' . $i]['host']) && !empty($conf['cdnplus_conf']['cdn_' . $i]['theme'])) { $cdnUrl = 'http://'; if (!empty($_SERVER['HTTPS']) && !empty($conf['cdnplus_conf']['cdn_' . $i]['keep_https'])) { $cdnUrl = 'https://'; } define('CDNPLUS', $cdnUrl . $conf['cdnplus_conf']['cdn_' . $i]['host']); define('CDNPLUS_ROOT_URL', CDNPLUS . get_absolute_root_url(false)); add_event_handler('get_combined_css', 'cdnplus_combined_css', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); // update CSS add_event_handler('combined_script', 'cdnplus_combined_script', EVENT_HANDLER_PRIORITY_NEUTRAL, 2); // update Javascript add_event_handler('combined_css_postfilter', 'cdnplus_combined_css_postfilter'); // ? } } } function cdnplus_prefilter($source, &$smarty) { $source = str_replace('src="{$ROOT_URL}{$themeconf.icon_dir}/', 'src="' . CDNPLUS_ROOT_URL . '{$themeconf.icon_dir}/', $source); $source = str_replace('url({$' . 'ROOT_URL}', 'url(' . CDNPLUS_ROOT_URL, $source); return $source; }
Author URI: http://www.strangeplanet.fr */ defined('PHPWG_ROOT_PATH') or die('Hacking attempt!'); if (basename(dirname(__FILE__)) != 'oAuth') { add_event_handler('init', 'ouath_error'); function ouath_error() { global $page; $page['errors'][] = 'Social Connect folder name is incorrect, uninstall the plugin and rename it to "oAuth"'; } return; } define('OAUTH_PATH', PHPWG_PLUGINS_PATH . 'oAuth/'); define('OAUTH_ADMIN', get_root_url() . 'admin.php?page=plugin-oAuth'); define('OAUTH_CONFIG', PWG_LOCAL_DIR . 'config/hybridauth.inc.php'); define('OAUTH_PUBLIC', get_absolute_root_url() . ltrim(OAUTH_PATH, './') . 'include/hybridauth/'); include_once OAUTH_PATH . 'include/functions.inc.php'; // try to load hybridauth config global $hybridauth_conf; load_hybridauth_conf(); add_event_handler('init', 'oauth_init'); if (defined('IN_ADMIN')) { add_event_handler('get_admin_plugin_menu_links', 'oauth_admin_plugin_menu_links'); add_event_handler('user_list_columns', 'oauth_user_list_columns'); add_event_handler('after_render_user_list', 'oauth_user_list_render'); add_event_handler('loc_begin_admin_page', 'oauth_user_list'); include_once OAUTH_PATH . 'include/admin_events.inc.php'; } else { if (!empty($hybridauth_conf) and function_exists('curl_init')) { add_event_handler('loc_begin_identification', 'oauth_begin_identification'); add_event_handler('loc_begin_register', 'oauth_begin_register');
/** * Returns keys to identify the state of main tables. A key consists of the * last modification timestamp and the total of items (separated by a _). * Additionally returns the hash of root path. * Used to invalidate LocalStorage cache on admin pages. * * @param string|string[] list of keys to retrieve (categories,groups,images,tags,users) * @return string[] */ function get_admin_client_cache_keys($requested = array()) { $tables = array('categories' => CATEGORIES_TABLE, 'groups' => GROUPS_TABLE, 'images' => IMAGES_TABLE, 'tags' => TAGS_TABLE, 'users' => USER_INFOS_TABLE); if (!is_array($requested)) { $requested = array($requested); } if (empty($requested)) { $requested = array_keys($tables); } else { $requested = array_intersect($requested, array_keys($tables)); } $keys = array('_hash' => md5(get_absolute_root_url())); foreach ($requested as $item) { $query = ' SELECT CONCAT( UNIX_TIMESTAMP(MAX(lastmodified)), "_", COUNT(*) ) FROM ' . $tables[$item] . ' ;'; list($keys[$item]) = pwg_db_fetch_row(pwg_query($query)); } return $keys; }
/** * Tries to update a user comment * only admin can update all comments * users can edit their own comments if admin allow them * * @param array $comment * @param string $post_key secret key sent back to the browser * @return string validate, moderate, reject */ function update_user_comment($comment, $post_key) { global $conf, $page; $comment_action = 'validate'; if (!verify_ephemeral_key($post_key, $comment['image_id'])) { $comment_action = 'reject'; } elseif (!$conf['comments_validation'] or is_admin()) { $comment_action = 'validate'; //one of validate, moderate, reject } else { $comment_action = 'moderate'; //one of validate, moderate, reject } // perform more spam check $comment_action = trigger_change('user_comment_check', $comment_action, array_merge($comment, array('author' => $GLOBALS['user']['username']))); // website if (!empty($comment['website_url'])) { $comm['website_url'] = strip_tags($comm['website_url']); if (!preg_match('/^https?/i', $comment['website_url'])) { $comment['website_url'] = 'http://' . $comment['website_url']; } if (!url_check_format($comment['website_url'])) { $page['errors'][] = l10n('Your website URL is invalid'); $comment_action = 'reject'; } } if ($comment_action != 'reject') { $user_where_clause = ''; if (!is_admin()) { $user_where_clause = ' AND author_id = \'' . $GLOBALS['user']['id'] . '\''; } $query = ' UPDATE ' . COMMENTS_TABLE . ' SET content = \'' . $comment['content'] . '\', website_url = ' . (!empty($comment['website_url']) ? '\'' . $comment['website_url'] . '\'' : 'NULL') . ', validated = \'' . ($comment_action == 'validate' ? 'true' : 'false') . '\', validation_date = ' . ($comment_action == 'validate' ? 'NOW()' : 'NULL') . ' WHERE id = ' . $comment['comment_id'] . $user_where_clause . ' ;'; $result = pwg_query($query); // mail admin and ask to validate the comment if ($result and $conf['email_admin_on_comment_validation'] and 'moderate' == $comment_action) { include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; $comment_url = get_absolute_root_url() . 'comments.php?comment_id=' . $comment['comment_id']; $keyargs_content = array(get_l10n_args('Author: %s', stripslashes($GLOBALS['user']['username'])), get_l10n_args('Comment: %s', stripslashes($comment['content'])), get_l10n_args(''), get_l10n_args('Manage this user comment: %s', $comment_url), get_l10n_args('(!) This comment requires validation')); pwg_mail_notification_admins(get_l10n_args('Comment by %s', stripslashes($GLOBALS['user']['username'])), $keyargs_content); } elseif ($result) { email_admin('edit', array('author' => $GLOBALS['user']['username'], 'content' => stripslashes($comment['content']))); } } return $comment_action; }
<?php defined('FLICKR_PATH') or die('Hacking attempt!'); if (isset($_POST['save_config'])) { $conf['flickr2piwigo'] = array('api_key' => trim($_POST['api_key']), 'secret_key' => trim($_POST['secret_key'])); unset($_SESSION['phpFlickr_auth_token']); conf_update_param('flickr2piwigo', $conf['flickr2piwigo']); $page['infos'][] = l10n('Information data registered in database'); } $template->assign(array('flickr2piwigo' => $conf['flickr2piwigo'], 'FLICKR_HELP_CONTENT' => load_language('help_api_key.html', FLICKR_PATH, array('return' => true)), 'FLICKR_CALLBACK' => get_absolute_root_url() . FLICKR_ADMIN . '-import')); $template->set_filename('flickr2piwigo', realpath(FLICKR_PATH . 'admin/template/config.tpl'));
} $local_conf = array(); $local_conf['contextmenu'] = 'false'; $local_conf['control'] = true; $local_conf['img_popup'] = false; $local_conf['popup'] = 2; $local_conf['center_lat'] = $lat; $local_conf['center_lng'] = $lon; $local_conf['zoom'] = $zoom; $local_conf['editor'] = true; $pathurl = get_absolute_root_url() . "i.php?" . $picture['pathurl']; $js_data = array(array($lat, $lon, null, $pathurl, null, null, null, null)); $js = osm_get_js($conf, $local_conf, $js_data); // Fetch the template. global $prefixeTable; // Easy access define('osm_place_table', $prefixeTable . 'osm_places'); // Save location, eg Place $query = ' SELECT id, name, latitude, longitude FROM ' . osm_place_table . ' ;'; $result = pwg_query($query); // JS for the template while ($row = pwg_db_fetch_assoc($result)) { $list_of_places[$row['id']] = [$row['name'], $row['latitude'], $row['longitude']]; $available_places[$row['id']] = $row['name']; } $jsplaces = "\nvar arr_places = " . json_encode($list_of_places) . ";\n"; $template->assign(array('PWG_TOKEN' => get_pwg_token(), 'F_ACTION' => $self_url, 'TN_SRC' => DerivativeImage::thumb_url($picture) . '?' . time(), 'TITLE' => render_element_name($picture), 'OSM_PATH' => embellish_url(get_absolute_root_url() . OSM_PATH), 'OSM_JS' => $js, 'LAT' => $lat, 'LON' => $lon, 'AVAILABLE_PLACES' => $available_places, 'LIST_PLACES' => $jsplaces)); $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
function osm_gen_template($conf, $js, $js_data, $tmpl, $template) { $linkname = isset($conf['osm_conf']['left_menu']['link']) ? $conf['osm_conf']['left_menu']['link'] : l10n('OSWorldMap'); $template->set_filename('map', dirname(__FILE__) . '/../template/' . $tmpl); $template->assign(array('CONTENT_ENCODING' => get_pwg_charset(), 'OSM_PATH' => embellish_url(get_gallery_home_url() . OSM_PATH), 'GALLERY_TITLE' => $linkname . ' - ' . $conf['gallery_title'], 'HOME' => make_index_url(), 'HOME_PREV' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : get_absolute_root_url(), 'HOME_NAME' => l10n("Home"), 'HOME_PREV_NAME' => l10n("Previous"), 'TOTAL' => sprintf(l10n('ITEMS'), count($js_data)), 'OSMJS' => $js, 'MYROOT_URL' => get_absolute_root_url(), 'default_baselayer' => $conf['osm_conf']['map']['baselayer'])); if ($conf['osm_conf']['map']['baselayer'] == 'custom') { $iconbaselayer = $conf['osm_conf']['map']['custombaselayerurl']; $iconbaselayer = str_replace('{s}', 'a', $iconbaselayer); $iconbaselayer = str_replace('{z}', '5', $iconbaselayer); $iconbaselayer = str_replace('{x}', '15', $iconbaselayer); $iconbaselayer = str_replace('{y}', '11', $iconbaselayer); $template->assign(array('custombaselayer' => $conf['osm_conf']['map']['custombaselayer'], 'custombaselayerurl' => $conf['osm_conf']['map']['custombaselayerurl'], 'iconbaselayer' => $iconbaselayer)); } $template->pparse('map'); $template->p(); }
function ws_pshare_share_create($params, &$service) { global $conf, $user; if (!pshare_is_active()) { return new PwgError(401, "permission denied"); } $query = ' SELECT * FROM ' . IMAGES_TABLE . ' WHERE id = ' . $params['image_id'] . ' ;'; $images = query2array($query); if (count($images) == 0) { return new PwgError(404, "image not found"); } $image = $images[0]; if (!pshare_is_photo_visible($params['image_id'])) { return new PwgError(401, "permissions denied"); } if (!email_check_format($params['email'])) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid email address')); } // TODO check the expires_in is in the defined list $query = ' SELECT NOW(), ADDDATE(NOW(), INTERVAL ' . $params['expires_in'] . ' DAY) ;'; list($now, $expire) = pwg_db_fetch_row(pwg_query($query)); $key_uuid = pshare_get_key(); single_insert(PSHARE_KEYS_TABLE, array('uuid' => $key_uuid, 'user_id' => $user['id'], 'image_id' => $params['image_id'], 'sent_to' => $params['email'], 'created_on' => $now, 'duration' => $params['expires_in'], 'expire_on' => $expire)); $query = ' SELECT * FROM ' . PSHARE_KEYS_TABLE . ' WHERE uuid = \'' . $key_uuid . '\' ;'; $shares = query2array($query); if (count($shares) == 0) { return new PwgError(500, "share not created"); } $share = $shares[0]; // // Send the email // include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; // force $conf['derivative_url_style'] to 2 (script) to make sure we // will use i.php?/upload and not _data/i/upload because you don't // know when the cache will be flushed $previous_derivative_url_style = $conf['derivative_url_style']; $conf['derivative_url_style'] = 2; $thumb_url = DerivativeImage::thumb_url(array('id' => $image['id'], 'path' => $image['path'])); // restore configuration setting $conf['derivative_url_style'] = $previous_derivative_url_style; $link = get_absolute_root_url() . 'index.php?/pshare/' . $share['uuid']; $content = '<p style="text-align:center">'; $content .= l10n('%s has shared a photo with you', $user['username']); $content .= '<br><br><a href="' . $link . '"><img src="' . $thumb_url . '"></a>'; $content .= '<br><br><a href="' . $link . '">' . l10n('clic to view') . '</a>'; $content .= '</p>'; $subject = l10n('Photo shared'); pwg_mail($params['email'], array('subject' => '[' . $conf['gallery_title'] . '] ' . $subject, 'mail_title' => $conf['gallery_title'], 'mail_subtitle' => $subject, 'content' => $content, 'content_format' => 'text/html')); return array('message' => l10n('Email sent to %s', $share['sent_to'])); }
$count_enabled++; } if ($PROVIDERS_CONFIG[$id]['new_app_link'] and $data['enabled']) { if (empty($data['keys']['secret']) or @$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['id']) or !@$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['key'])) { $page['errors'][] = l10n('%s: invalid keys', $PROVIDERS_CONFIG[$id]['name']); } } if (isset($PROVIDERS_CONFIG[$id]['scope'])) { $data['scope'] = $PROVIDERS_CONFIG[$id]['scope']; } if (is_array(@$data['keys'])) { $data['keys'] = array_map('trim', $data['keys']); } $data['name'] = $PROVIDERS_CONFIG[$id]['name']; $providers[$id] = $data; } $hybridauth_conf['providers'] = $providers; $hybridauth_conf['total'] = count($hybridauth_conf['providers']); $hybridauth_conf['enabled'] = $count_enabled; if (!count($page['errors'])) { // generate config file $content = "<?php\ndefined('PHPWG_ROOT_PATH') or die('Hacking attempt!');\n\nreturn "; $content .= var_export(array_intersect_key($hybridauth_conf, array_flip(array('providers', 'total', 'enabled'))), true); $content .= ";\n?>"; file_put_contents(OAUTH_CONFIG, $content); $page['infos'][] = l10n('Information data registered in database'); } } $template->assign(array('PROVIDERS' => $PROVIDERS_CONFIG, 'CONFIG' => $hybridauth_conf['providers'], 'SERVERNAME' => get_servername(), 'WEBSITE' => get_absolute_root_url(), 'OAUTH_CALLBACK' => OAUTH_PUBLIC . '?hauth.done=')); // define template file $template->set_filename('oauth_content', realpath(OAUTH_PATH . 'admin/template/providers.tpl'));
/** * Function called from UAM_admin.php to reset validation key * * @param : User id * * @return : Build validation key in URL * */ function ResetConfirmMail($user_id) { global $conf; $Confirm_Mail_ID = FindAvailableConfirmMailID(); $dbnow = date("Y-m-d H:i:s"); if (isset($Confirm_Mail_ID)) { $query = ' UPDATE ' . USER_CONFIRM_MAIL_TABLE . ' SET id = "' . $Confirm_Mail_ID . '" WHERE user_id = ' . $user_id . ' ;'; pwg_query($query); $query = ' UPDATE ' . USER_INFOS_TABLE . ' SET registration_date = "' . $dbnow . '" WHERE user_id = ' . $user_id . ' ;'; pwg_query($query); if ($conf['guest_access']) { return get_absolute_root_url() . '?key=' . $Confirm_Mail_ID . '&userid=' . $user_id; } else { return get_absolute_root_url() . 'identification.php?key=' . $Confirm_Mail_ID . '&userid=' . $user_id; } } }
if (isset($error_copy)) { $errors[] = $error_copy; } else { session_set_save_handler('pwg_session_open', 'pwg_session_close', 'pwg_session_read', 'pwg_session_write', 'pwg_session_destroy', 'pwg_session_gc'); if (function_exists('ini_set')) { ini_set('session.use_cookies', $conf['session_use_cookies']); ini_set('session.use_only_cookies', $conf['session_use_only_cookies']); ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid'])); ini_set('session.cookie_httponly', 1); } session_name($conf['session_name']); session_set_cookie_params(0, cookie_path()); register_shutdown_function('session_write_close'); $user = build_user(1, true); log_user($user['id'], false); // email notification if (isset($_POST['send_password_by_mail'])) { include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'; $keyargs_content = array(get_l10n_args('Hello %s,', $admin_name), get_l10n_args('Welcome to your new installation of Piwigo!', ''), get_l10n_args('', ''), get_l10n_args('Here are your connection settings', ''), get_l10n_args('', ''), get_l10n_args('Link: %s', get_absolute_root_url()), get_l10n_args('Username: %s', $admin_name), get_l10n_args('Password: %s', $admin_pass1), get_l10n_args('Email: %s', $admin_mail), get_l10n_args('', ''), get_l10n_args('Don\'t hesitate to consult our forums for any help: %s', PHPWG_URL)); pwg_mail($admin_mail, array('subject' => l10n('Just another Piwigo gallery'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain')); } } } if (count($errors) != 0) { $template->assign('errors', $errors); } if (count($infos) != 0) { $template->assign('infos', $infos); } //----------------------------------------------------------- html code display $template->pparse('install');
/** * Indicate to build url with full path * * @param null * @return null */ function set_make_full_url() { global $page; if (!isset($page['save_root_path'])) { if (isset($page['root_path'])) { $page['save_root_path']['path'] = $page['root_path']; } $page['save_root_path']['count'] = 1; $page['root_path'] = get_absolute_root_url(); } else { $page['save_root_path']['count'] += 1; } }