static function on_index_begin()
{
global $page;
$is_ajax = isset($_GET['rvts']);
if (!$is_ajax) {
if (empty($page['items'])) {
add_event_handler('loc_end_index', array('RVTS', 'on_end_index'));
} else {
add_event_handler('loc_end_index_thumbnails', array('RVTS', 'on_index_thumbnails'), EVENT_HANDLER_PRIORITY_NEUTRAL, 1);
}
} else {
$adj = (int) @$_GET['adj'];
if ($adj) {
$mult = pwg_get_session_var('rvts_mult', 1);
if ($adj > 0 && $mult < 5) {
pwg_set_session_var('rvts_mult', ++$mult);
}
if ($adj < 0 && $mult > 1) {
pwg_set_session_var('rvts_mult', --$mult);
}
}
$page['nb_image_page'] = (int) $_GET['rvts'];
add_event_handler('loc_end_index_thumbnails', array('RVTS', 'on_index_thumbnails_ajax'), EVENT_HANDLER_PRIORITY_NEUTRAL + 5, 1);
$page['root_path'] = get_absolute_root_url(false);
$page['body_id'] = 'scroll';
global $user, $template, $conf;
include PHPWG_ROOT_PATH . 'include/category_default.inc.php';
}
}
function osm_render_category()
{
global $template, $page, $conf, $filter;
include_once dirname(__FILE__) . '/include/functions.php';
include_once dirname(__FILE__) . '/include/functions_map.php';
osm_load_language();
load_language('plugin.lang', OSM_PATH);
// TF, 20160102: pass config as parameter
$js_data = osm_get_items($conf, $page);
if ($js_data != array()) {
$local_conf = array();
$local_conf['contextmenu'] = 'false';
$local_conf['control'] = true;
$local_conf['img_popup'] = false;
$local_conf['popup'] = 1;
$local_conf['center_lat'] = 0;
$local_conf['center_lng'] = 0;
$local_conf['zoom'] = 2;
$local_conf['auto_center'] = 1;
// TF, 20160102: pass config as parameter
$local_conf['paths'] = osm_get_gps($conf, $page);
$height = isset($conf['osm_conf']['category_description']['height']) ? $conf['osm_conf']['category_description']['height'] : '200';
$width = isset($conf['osm_conf']['category_description']['width']) ? $conf['osm_conf']['category_description']['width'] : 'auto';
$js = osm_get_js($conf, $local_conf, $js_data);
$template->set_filename('map', dirname(__FILE__) . '/template/osm-category.tpl');
$template->assign(array('CONTENT_ENCODING' => get_pwg_charset(), 'OSM_PATH' => embellish_url(get_gallery_home_url() . OSM_PATH), 'HOME' => make_index_url(), 'HOME_PREV' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : get_absolute_root_url(), 'HOME_NAME' => l10n("Home"), 'HOME_PREV_NAME' => l10n("Previous"), 'OSMJS' => $js, 'HEIGHT' => $height, 'WIDTH' => $width));
$osm_content = $template->parse('map', true);
//$osm_content = '<div id="osmmap"><div class="map_title">'.l10n('EDIT_MAP').'</div>' . $osm_content . '</div>';
$index = isset($conf['osm_conf']['category_description']['index']) ? $conf['osm_conf']['category_description']['index'] : 0;
// 0 - PLUGIN_INDEX_CONTENT_BEGIN
// 1 - PLUGIN_INDEX_CONTENT_COMMENT
// 2 - PLUGIN_INDEX_CONTENT_END
if ($index <= 1) {
// From index category comment at L300
if ($page['start'] == 0 and !isset($page['chronology_field'])) {
if (empty($page['comment'])) {
$page['comment'] = $osm_content;
} else {
if ($index == 0) {
$page['comment'] = '<div>' . $osm_content . $page['comment'] . '</div>';
} else {
$page['comment'] = '<div>' . $page['comment'] . $osm_content . '</div>';
}
}
}
} else {
$osm_content = '<div id="osmmap">' . $osm_content . '</div>';
$template->concat('PLUGIN_INDEX_CONTENT_END', "\n" . $osm_content);
}
}
}
function TAT_tour_setup()
{
global $template, $TAT_restart, $conf;
$tour_to_launch = pwg_get_session_var('tour_to_launch');
load_language('plugin.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK'));
list(, $tour_name) = explode('/', $tour_to_launch);
load_language('tour_' . $tour_name . '.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('force_fallback' => 'en_UK'));
$template->set_filename('TAT_js_css', PHPWG_PLUGINS_PATH . 'TakeATour/tpl/js_css.tpl');
$template->assign('ADMIN_THEME', $conf['admin_theme']);
$template->parse('TAT_js_css');
if (isset($TAT_restart) and $TAT_restart) {
$TAT_restart = false;
$template->assign('TAT_restart', true);
}
$tat_path = str_replace(basename($_SERVER['SCRIPT_NAME']), '', $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']);
$template->assign('TAT_path', $tat_path);
$template->assign('ABS_U_ADMIN', get_absolute_root_url());
// absolute one due to public pages and $conf['question_mark_in_urls'] = false+$conf['php_extension_in_urls'] = false;
include $tour_to_launch . '/config.inc.php';
$template->set_filename('TAT_tour_tpl', $TOUR_PATH);
$template->parse('TAT_tour_tpl');
}
/**
* Creates a new user.
*
* @param string $login
* @param string $password
* @param string $mail_adress
* @param bool $notify_admin
* @param array &$errors populated with error messages
* @param bool $notify_user
* @return int|false user id or false
*/
function register_user($login, $password, $mail_address, $notify_admin = true, &$errors = array(), $notify_user = false)
{
global $conf;
if ($login == '') {
$errors[] = l10n('Please, enter a login');
}
if (preg_match('/^.* $/', $login)) {
$errors[] = l10n('login mustn\'t end with a space character');
}
if (preg_match('/^ .*$/', $login)) {
$errors[] = l10n('login mustn\'t start with a space character');
}
if (get_userid($login)) {
$errors[] = l10n('this login is already used');
}
if ($login != strip_tags($login)) {
$errors[] = l10n('html tags are not allowed in login');
}
$mail_error = validate_mail_address(null, $mail_address);
if ('' != $mail_error) {
$errors[] = $mail_error;
}
if ($conf['insensitive_case_logon'] == true) {
$login_error = validate_login_case($login);
if ($login_error != '') {
$errors[] = $login_error;
}
}
$errors = trigger_change('register_user_check', $errors, array('username' => $login, 'password' => $password, 'email' => $mail_address));
// if no error until here, registration of the user
if (count($errors) == 0) {
$insert = array($conf['user_fields']['username'] => pwg_db_real_escape_string($login), $conf['user_fields']['password'] => $conf['password_hash']($password), $conf['user_fields']['email'] => $mail_address);
single_insert(USERS_TABLE, $insert);
$user_id = pwg_db_insert_id();
// Assign by default groups
$query = '
SELECT id
FROM ' . GROUPS_TABLE . '
WHERE is_default = \'' . boolean_to_string(true) . '\'
ORDER BY id ASC
;';
$result = pwg_query($query);
$inserts = array();
while ($row = pwg_db_fetch_assoc($result)) {
$inserts[] = array('user_id' => $user_id, 'group_id' => $row['id']);
}
if (count($inserts) != 0) {
mass_inserts(USER_GROUP_TABLE, array('user_id', 'group_id'), $inserts);
}
$override = array();
if ($language = get_browser_language()) {
$override['language'] = $language;
}
create_user_infos($user_id, $override);
if ($notify_admin and $conf['email_admin_on_new_user']) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$admin_url = get_absolute_root_url() . 'admin.php?page=user_list&username='******'User: %s', stripslashes($login)), get_l10n_args('Email: %s', $mail_address), get_l10n_args(''), get_l10n_args('Admin: %s', $admin_url));
pwg_mail_notification_admins(get_l10n_args('Registration of %s', stripslashes($login)), $keyargs_content);
}
if ($notify_user and email_check_format($mail_address)) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$keyargs_content = array(get_l10n_args('Hello %s,', stripslashes($login)), get_l10n_args('Thank you for registering at %s!', $conf['gallery_title']), get_l10n_args('', ''), get_l10n_args('Here are your connection settings', ''), get_l10n_args('', ''), get_l10n_args('Link: %s', get_absolute_root_url()), get_l10n_args('Username: %s', stripslashes($login)), get_l10n_args('Password: %s', stripslashes($password)), get_l10n_args('Email: %s', $mail_address), get_l10n_args('', ''), get_l10n_args('If you think you\'ve received this email in error, please contact us at %s', get_webmaster_mail_address()));
pwg_mail($mail_address, array('subject' => '[' . $conf['gallery_title'] . '] ' . l10n('Registration'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain'));
}
trigger_notify('register_user', array('id' => $user_id, 'username' => $login, 'email' => $mail_address));
return $user_id;
} else {
return false;
}
}
function send_derivative($expires)
{
global $page;
if (isset($_GET['ajaxload']) and $_GET['ajaxload'] == 'true') {
include_once PHPWG_ROOT_PATH . 'include/functions_cookie.inc.php';
include_once PHPWG_ROOT_PATH . 'include/functions_url.inc.php';
echo json_encode(array('url' => embellish_url(get_absolute_root_url() . $page['derivative_path'])));
return;
}
$fp = fopen($page['derivative_path'], 'rb');
$fstat = fstat($fp);
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $fstat['mtime']) . ' GMT');
if ($expires !== false) {
header('Expires: ' . gmdate('D, d M Y H:i:s', $expires) . ' GMT');
}
header('Content-length: ' . $fstat['size']);
header('Connection: close');
$ctype = "application/octet-stream";
switch (strtolower($page['derivative_ext'])) {
case ".jpe":
case ".jpeg":
case ".jpg":
$ctype = "image/jpeg";
break;
case ".png":
$ctype = "image/png";
break;
case ".gif":
$ctype = "image/gif";
break;
}
header("Content-Type: {$ctype}");
fpassthru($fp);
fclose($fp);
}
if ($conf['gallery_locked']) {
$header_msgs[] = l10n('The gallery is locked for maintenance. Please, come back later.');
if (script_basename() != 'identification' and !is_admin()) {
set_status_header(503, 'Service Unavailable');
@header('Retry-After: 900');
header('Content-Type: text/html; charset=' . get_pwg_charset());
echo '<a href="' . get_absolute_root_url(false) . 'identification.php">' . l10n('The gallery is locked for maintenance. Please, come back later.') . '</a>';
echo str_repeat(' ', 512);
//IE6 doesn't error output if below a size
exit;
}
}
if ($conf['check_upgrade_feed']) {
include_once PHPWG_ROOT_PATH . 'admin/include/functions_upgrade.php';
if (check_upgrade_feed()) {
$header_msgs[] = 'Some database upgrades are missing, ' . '<a href="' . get_absolute_root_url(false) . 'upgrade_feed.php">upgrade now</a>';
}
}
if (count($header_msgs) > 0) {
$template->assign('header_msgs', $header_msgs);
$header_msgs = array();
}
if (!empty($conf['filter_pages']) and get_filter_page_value('used')) {
include PHPWG_ROOT_PATH . 'include/filter.inc.php';
} else {
$filter['enabled'] = false;
}
if (isset($conf['header_notes'])) {
$header_notes = array_merge($header_notes, $conf['header_notes']);
}
// default event handlers
/**
* Resolves relative links in CSS file.
*
* @param string $css file content
* @param string $dir
* @param string $header CSS directives that must appear first in
* the minified file.
* @return string
*/
private static function process_css_rec($css, $dir, &$header)
{
static $PATTERN_URL = "#url\\(\\s*['|\"]{0,1}(.*?)['|\"]{0,1}\\s*\\)#";
static $PATTERN_IMPORT = "#@import\\s*['|\"]{0,1}(.*?)['|\"]{0,1};#";
if (preg_match_all($PATTERN_URL, $css, $matches, PREG_SET_ORDER)) {
$search = $replace = array();
foreach ($matches as $match) {
if (!url_is_remote($match[1]) && $match[1][0] != '/' && strpos($match[1], 'data:image/') === false) {
$relative = $dir . "/{$match['1']}";
$search[] = $match[0];
$replace[] = 'url(' . embellish_url(get_absolute_root_url(false) . $relative) . ')';
}
}
$css = str_replace($search, $replace, $css);
}
if (preg_match_all($PATTERN_IMPORT, $css, $matches, PREG_SET_ORDER)) {
$search = $replace = array();
foreach ($matches as $match) {
$search[] = $match[0];
if (strpos($match[1], '..') !== false or strpos($match[1], '://') !== false or !is_readable(PHPWG_ROOT_PATH . $dir . '/' . $match[1])) {
// If anything is suspicious, don't try to process the
// @import. Since @import need to be first and we are
// concatenating several CSS files, remove it from here and return
// it through $header.
$header .= $match[0];
$replace[] = '';
} else {
$sub_css = file_get_contents(PHPWG_ROOT_PATH . $dir . "/{$match['1']}");
$replace[] = self::process_css_rec($sub_css, dirname($dir . "/{$match['1']}"), $header);
}
}
$css = str_replace($search, $replace, $css);
}
return $css;
}
function pfemail_check_accounts()
{
global $conf, $user;
conf_update_param('pfemail_last_check', date('Y-m-d H:i:s'));
require_once PFEMAIL_PATH . 'include/ImapMailbox.php';
$image_ids = array();
$query = '
SELECT
*
FROM ' . PFEMAIL_MAILBOXES_TABLE . '
;';
$accounts = query2array($query);
foreach ($accounts as $account) {
$mailbox = new ImapMailbox($account['path'], $account['login'], $account['password'], $conf['upload_dir'] . '/buffer', 'utf-8');
$mails = array();
// Get some mail
$mailsIds = $mailbox->searchMailBox('UNSEEN');
if (!$mailsIds) {
continue;
// check next email account
}
$mailId = reset($mailsIds);
$mail = $mailbox->getMail($mailId);
$attachments = $mail->getAttachments();
include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php';
foreach ($attachments as $attachment) {
$extension = strtolower(get_extension($attachment->{'name'}));
if (!in_array($extension, $conf['picture_ext'])) {
// the file has been downloaded, we have to remove it now
unlink($attachment->{'filePath'});
continue;
}
$moderate = get_boolean($account['moderated']);
$image_id = add_uploaded_file($attachment->{'filePath'}, stripslashes($attachment->{'name'}), array($account['category_id']), $moderate ? 16 : 0, null);
// the photo is added by nobody (using the current user may make the
// photo editable by her with Admin Tools...)
single_update(IMAGES_TABLE, array('added_by' => null, 'name' => pfemail_clean_email_subject($mail->subject)), array('id' => $image_id));
$state = 'auto_validated';
if ($moderate) {
$state = 'moderation_pending';
}
list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
single_insert(PFEMAIL_PENDINGS_TABLE, array('image_id' => $image_id, 'state' => $state, 'added_on' => $dbnow, 'from_name' => $mail->fromName, 'from_address' => $mail->fromAddress, 'subject' => $mail->subject));
$image_ids[] = $image_id;
}
}
if (count($image_ids) > 0) {
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
invalidate_user_cache();
// let's notify administrators
$query = '
SELECT id
FROM ' . GROUPS_TABLE . '
;';
$group_ids = query2array($query, null, 'id');
if (count($group_ids) > 0) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$thumb_urls = array();
// force $conf['derivative_url_style'] to 2 (script) to make sure we
// will use i.php?/upload and not _data/i/upload because you don't
// know when the cache will be flushed
$previous_derivative_url_style = $conf['derivative_url_style'];
$conf['derivative_url_style'] = 2;
$query = '
SELECT
id,
path
FROM ' . IMAGES_TABLE . '
WHERE id IN (' . implode(',', $image_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$thumb = DerivativeImage::thumb_url(array('id' => $row['id'], 'path' => $row['path']));
$thumb_urls[] = $thumb;
}
// restore configuration setting
$conf['derivative_url_style'] = $previous_derivative_url_style;
$thumbs_html_string = '';
foreach ($thumb_urls as $thumb_url) {
if (!empty($thumbs_html_string)) {
$thumbs_html_string .= ' ';
}
$thumbs_html_string .= '<img src="' . $thumb_url . '">';
}
$content = $thumbs_html_string;
// how many photos pending?
$pendings = pfemail_get_pending_ids();
if (count($pendings) > 0) {
$content .= '<br><br>';
$content .= '<a href="' . get_absolute_root_url() . 'admin.php?page=plugin-photo_from_email-pendings' . '">';
$content .= l10n('%d photos pending for validation', count($pendings));
$content .= '</a>';
}
$real_user_id = $user['id'];
$user['id'] = $conf['guest_id'];
$subject = l10n('%d photos added by email', count($thumb_urls));
foreach ($group_ids as $group_id) {
pwg_mail_group($group_id, array('subject' => '[' . $conf['gallery_title'] . '] ' . $subject, 'mail_title' => $conf['gallery_title'], 'mail_subtitle' => $subject, 'content' => $content, 'content_format' => 'text/html'));
}
}
// restore current user
$user['id'] = $real_user_id;
}
}
*/
defined('PHPWG_ROOT_PATH') or die('Hacking attempt!');
if (basename(dirname(__FILE__)) != 'GuestBook') {
add_event_handler('init', 'guestbook_error');
function guestbook_error()
{
global $page;
$page['errors'][] = 'GuestBook folder name is incorrect, uninstall the plugin and rename it to "GuestBook"';
}
return;
}
global $conf, $prefixeTable;
define('GUESTBOOK_PATH', PHPWG_PLUGINS_PATH . 'GuestBook/');
define('GUESTBOOK_TABLE', $prefixeTable . 'guestbook');
define('GUESTBOOK_ADMIN', get_root_url() . 'admin.php?page=plugin-GuestBook');
define('GUESTBOOK_URL', get_absolute_root_url() . make_index_url(array('section' => 'guestbook')));
$conf['guestbook'] = safe_unserialize($conf['guestbook']);
include_once GUESTBOOK_PATH . 'include/events.inc.php';
add_event_handler('loading_lang', 'guestbook_loading_lang');
if (defined('IN_ADMIN')) {
add_event_handler('get_admin_plugin_menu_links', 'gb_admin_menu');
} else {
add_event_handler('loc_end_section_init', 'gb_section_init');
add_event_handler('loc_end_index', 'gb_index');
}
if ($conf['guestbook']['menu_link']) {
add_event_handler('blockmanager_apply', 'gb_menubar_apply', EVENT_HANDLER_PRIORITY_NEUTRAL + 10);
}
function guestbook_loading_lang()
{
load_language('plugin.lang', GUESTBOOK_PATH);
//add_event_handler('get_high_url', 'cdnplus_debug'); // ?
add_event_handler('get_src_image_url', 'cdnplus_update_url', EVENT_HANDLER_PRIORITY_NEUTRAL, 4);
// picture page
add_event_handler('get_derivative_url', 'cdnplus_update_url', EVENT_HANDLER_PRIORITY_NEUTRAL, 4);
// thumbnailCategory & thumbnail & navThumb
//add_event_handler('get_src_image_url', 'cdnplus_update_url'); // picture page
//add_event_handler('get_derivative_url', 'cdnplus_update_url'); // thumbnailCategory & thumbnail & navThumb
// Find which CDN to use for theme and enabled the trigger
for ($i = 1; $i <= 5; $i++) {
if (!empty($conf['cdnplus_conf']['cdn_' . $i]['host']) && !empty($conf['cdnplus_conf']['cdn_' . $i]['theme'])) {
$cdnUrl = 'http://';
if (!empty($_SERVER['HTTPS']) && !empty($conf['cdnplus_conf']['cdn_' . $i]['keep_https'])) {
$cdnUrl = 'https://';
}
define('CDNPLUS', $cdnUrl . $conf['cdnplus_conf']['cdn_' . $i]['host']);
define('CDNPLUS_ROOT_URL', CDNPLUS . get_absolute_root_url(false));
add_event_handler('get_combined_css', 'cdnplus_combined_css', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
// update CSS
add_event_handler('combined_script', 'cdnplus_combined_script', EVENT_HANDLER_PRIORITY_NEUTRAL, 2);
// update Javascript
add_event_handler('combined_css_postfilter', 'cdnplus_combined_css_postfilter');
// ?
}
}
}
function cdnplus_prefilter($source, &$smarty)
{
$source = str_replace('src="{$ROOT_URL}{$themeconf.icon_dir}/', 'src="' . CDNPLUS_ROOT_URL . '{$themeconf.icon_dir}/', $source);
$source = str_replace('url({$' . 'ROOT_URL}', 'url(' . CDNPLUS_ROOT_URL, $source);
return $source;
}
Author URI: http://www.strangeplanet.fr
*/
defined('PHPWG_ROOT_PATH') or die('Hacking attempt!');
if (basename(dirname(__FILE__)) != 'oAuth') {
add_event_handler('init', 'ouath_error');
function ouath_error()
{
global $page;
$page['errors'][] = 'Social Connect folder name is incorrect, uninstall the plugin and rename it to "oAuth"';
}
return;
}
define('OAUTH_PATH', PHPWG_PLUGINS_PATH . 'oAuth/');
define('OAUTH_ADMIN', get_root_url() . 'admin.php?page=plugin-oAuth');
define('OAUTH_CONFIG', PWG_LOCAL_DIR . 'config/hybridauth.inc.php');
define('OAUTH_PUBLIC', get_absolute_root_url() . ltrim(OAUTH_PATH, './') . 'include/hybridauth/');
include_once OAUTH_PATH . 'include/functions.inc.php';
// try to load hybridauth config
global $hybridauth_conf;
load_hybridauth_conf();
add_event_handler('init', 'oauth_init');
if (defined('IN_ADMIN')) {
add_event_handler('get_admin_plugin_menu_links', 'oauth_admin_plugin_menu_links');
add_event_handler('user_list_columns', 'oauth_user_list_columns');
add_event_handler('after_render_user_list', 'oauth_user_list_render');
add_event_handler('loc_begin_admin_page', 'oauth_user_list');
include_once OAUTH_PATH . 'include/admin_events.inc.php';
} else {
if (!empty($hybridauth_conf) and function_exists('curl_init')) {
add_event_handler('loc_begin_identification', 'oauth_begin_identification');
add_event_handler('loc_begin_register', 'oauth_begin_register');
/**
* Returns keys to identify the state of main tables. A key consists of the
* last modification timestamp and the total of items (separated by a _).
* Additionally returns the hash of root path.
* Used to invalidate LocalStorage cache on admin pages.
*
* @param string|string[] list of keys to retrieve (categories,groups,images,tags,users)
* @return string[]
*/
function get_admin_client_cache_keys($requested = array())
{
$tables = array('categories' => CATEGORIES_TABLE, 'groups' => GROUPS_TABLE, 'images' => IMAGES_TABLE, 'tags' => TAGS_TABLE, 'users' => USER_INFOS_TABLE);
if (!is_array($requested)) {
$requested = array($requested);
}
if (empty($requested)) {
$requested = array_keys($tables);
} else {
$requested = array_intersect($requested, array_keys($tables));
}
$keys = array('_hash' => md5(get_absolute_root_url()));
foreach ($requested as $item) {
$query = '
SELECT CONCAT(
UNIX_TIMESTAMP(MAX(lastmodified)),
"_",
COUNT(*)
)
FROM ' . $tables[$item] . '
;';
list($keys[$item]) = pwg_db_fetch_row(pwg_query($query));
}
return $keys;
}
/**
* Tries to update a user comment
* only admin can update all comments
* users can edit their own comments if admin allow them
*
* @param array $comment
* @param string $post_key secret key sent back to the browser
* @return string validate, moderate, reject
*/
function update_user_comment($comment, $post_key)
{
global $conf, $page;
$comment_action = 'validate';
if (!verify_ephemeral_key($post_key, $comment['image_id'])) {
$comment_action = 'reject';
} elseif (!$conf['comments_validation'] or is_admin()) {
$comment_action = 'validate';
//one of validate, moderate, reject
} else {
$comment_action = 'moderate';
//one of validate, moderate, reject
}
// perform more spam check
$comment_action = trigger_change('user_comment_check', $comment_action, array_merge($comment, array('author' => $GLOBALS['user']['username'])));
// website
if (!empty($comment['website_url'])) {
$comm['website_url'] = strip_tags($comm['website_url']);
if (!preg_match('/^https?/i', $comment['website_url'])) {
$comment['website_url'] = 'http://' . $comment['website_url'];
}
if (!url_check_format($comment['website_url'])) {
$page['errors'][] = l10n('Your website URL is invalid');
$comment_action = 'reject';
}
}
if ($comment_action != 'reject') {
$user_where_clause = '';
if (!is_admin()) {
$user_where_clause = ' AND author_id = \'' . $GLOBALS['user']['id'] . '\'';
}
$query = '
UPDATE ' . COMMENTS_TABLE . '
SET content = \'' . $comment['content'] . '\',
website_url = ' . (!empty($comment['website_url']) ? '\'' . $comment['website_url'] . '\'' : 'NULL') . ',
validated = \'' . ($comment_action == 'validate' ? 'true' : 'false') . '\',
validation_date = ' . ($comment_action == 'validate' ? 'NOW()' : 'NULL') . '
WHERE id = ' . $comment['comment_id'] . $user_where_clause . '
;';
$result = pwg_query($query);
// mail admin and ask to validate the comment
if ($result and $conf['email_admin_on_comment_validation'] and 'moderate' == $comment_action) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$comment_url = get_absolute_root_url() . 'comments.php?comment_id=' . $comment['comment_id'];
$keyargs_content = array(get_l10n_args('Author: %s', stripslashes($GLOBALS['user']['username'])), get_l10n_args('Comment: %s', stripslashes($comment['content'])), get_l10n_args(''), get_l10n_args('Manage this user comment: %s', $comment_url), get_l10n_args('(!) This comment requires validation'));
pwg_mail_notification_admins(get_l10n_args('Comment by %s', stripslashes($GLOBALS['user']['username'])), $keyargs_content);
} elseif ($result) {
email_admin('edit', array('author' => $GLOBALS['user']['username'], 'content' => stripslashes($comment['content'])));
}
}
return $comment_action;
}
<?php
defined('FLICKR_PATH') or die('Hacking attempt!');
if (isset($_POST['save_config'])) {
$conf['flickr2piwigo'] = array('api_key' => trim($_POST['api_key']), 'secret_key' => trim($_POST['secret_key']));
unset($_SESSION['phpFlickr_auth_token']);
conf_update_param('flickr2piwigo', $conf['flickr2piwigo']);
$page['infos'][] = l10n('Information data registered in database');
}
$template->assign(array('flickr2piwigo' => $conf['flickr2piwigo'], 'FLICKR_HELP_CONTENT' => load_language('help_api_key.html', FLICKR_PATH, array('return' => true)), 'FLICKR_CALLBACK' => get_absolute_root_url() . FLICKR_ADMIN . '-import'));
$template->set_filename('flickr2piwigo', realpath(FLICKR_PATH . 'admin/template/config.tpl'));
}
$local_conf = array();
$local_conf['contextmenu'] = 'false';
$local_conf['control'] = true;
$local_conf['img_popup'] = false;
$local_conf['popup'] = 2;
$local_conf['center_lat'] = $lat;
$local_conf['center_lng'] = $lon;
$local_conf['zoom'] = $zoom;
$local_conf['editor'] = true;
$pathurl = get_absolute_root_url() . "i.php?" . $picture['pathurl'];
$js_data = array(array($lat, $lon, null, $pathurl, null, null, null, null));
$js = osm_get_js($conf, $local_conf, $js_data);
// Fetch the template.
global $prefixeTable;
// Easy access
define('osm_place_table', $prefixeTable . 'osm_places');
// Save location, eg Place
$query = '
SELECT id, name, latitude, longitude
FROM ' . osm_place_table . '
;';
$result = pwg_query($query);
// JS for the template
while ($row = pwg_db_fetch_assoc($result)) {
$list_of_places[$row['id']] = [$row['name'], $row['latitude'], $row['longitude']];
$available_places[$row['id']] = $row['name'];
}
$jsplaces = "\nvar arr_places = " . json_encode($list_of_places) . ";\n";
$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'F_ACTION' => $self_url, 'TN_SRC' => DerivativeImage::thumb_url($picture) . '?' . time(), 'TITLE' => render_element_name($picture), 'OSM_PATH' => embellish_url(get_absolute_root_url() . OSM_PATH), 'OSM_JS' => $js, 'LAT' => $lat, 'LON' => $lon, 'AVAILABLE_PLACES' => $available_places, 'LIST_PLACES' => $jsplaces));
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
function osm_gen_template($conf, $js, $js_data, $tmpl, $template)
{
$linkname = isset($conf['osm_conf']['left_menu']['link']) ? $conf['osm_conf']['left_menu']['link'] : l10n('OSWorldMap');
$template->set_filename('map', dirname(__FILE__) . '/../template/' . $tmpl);
$template->assign(array('CONTENT_ENCODING' => get_pwg_charset(), 'OSM_PATH' => embellish_url(get_gallery_home_url() . OSM_PATH), 'GALLERY_TITLE' => $linkname . ' - ' . $conf['gallery_title'], 'HOME' => make_index_url(), 'HOME_PREV' => isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : get_absolute_root_url(), 'HOME_NAME' => l10n("Home"), 'HOME_PREV_NAME' => l10n("Previous"), 'TOTAL' => sprintf(l10n('ITEMS'), count($js_data)), 'OSMJS' => $js, 'MYROOT_URL' => get_absolute_root_url(), 'default_baselayer' => $conf['osm_conf']['map']['baselayer']));
if ($conf['osm_conf']['map']['baselayer'] == 'custom') {
$iconbaselayer = $conf['osm_conf']['map']['custombaselayerurl'];
$iconbaselayer = str_replace('{s}', 'a', $iconbaselayer);
$iconbaselayer = str_replace('{z}', '5', $iconbaselayer);
$iconbaselayer = str_replace('{x}', '15', $iconbaselayer);
$iconbaselayer = str_replace('{y}', '11', $iconbaselayer);
$template->assign(array('custombaselayer' => $conf['osm_conf']['map']['custombaselayer'], 'custombaselayerurl' => $conf['osm_conf']['map']['custombaselayerurl'], 'iconbaselayer' => $iconbaselayer));
}
$template->pparse('map');
$template->p();
}
function ws_pshare_share_create($params, &$service)
{
global $conf, $user;
if (!pshare_is_active()) {
return new PwgError(401, "permission denied");
}
$query = '
SELECT *
FROM ' . IMAGES_TABLE . '
WHERE id = ' . $params['image_id'] . '
;';
$images = query2array($query);
if (count($images) == 0) {
return new PwgError(404, "image not found");
}
$image = $images[0];
if (!pshare_is_photo_visible($params['image_id'])) {
return new PwgError(401, "permissions denied");
}
if (!email_check_format($params['email'])) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid email address'));
}
// TODO check the expires_in is in the defined list
$query = '
SELECT
NOW(),
ADDDATE(NOW(), INTERVAL ' . $params['expires_in'] . ' DAY)
;';
list($now, $expire) = pwg_db_fetch_row(pwg_query($query));
$key_uuid = pshare_get_key();
single_insert(PSHARE_KEYS_TABLE, array('uuid' => $key_uuid, 'user_id' => $user['id'], 'image_id' => $params['image_id'], 'sent_to' => $params['email'], 'created_on' => $now, 'duration' => $params['expires_in'], 'expire_on' => $expire));
$query = '
SELECT *
FROM ' . PSHARE_KEYS_TABLE . '
WHERE uuid = \'' . $key_uuid . '\'
;';
$shares = query2array($query);
if (count($shares) == 0) {
return new PwgError(500, "share not created");
}
$share = $shares[0];
//
// Send the email
//
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
// force $conf['derivative_url_style'] to 2 (script) to make sure we
// will use i.php?/upload and not _data/i/upload because you don't
// know when the cache will be flushed
$previous_derivative_url_style = $conf['derivative_url_style'];
$conf['derivative_url_style'] = 2;
$thumb_url = DerivativeImage::thumb_url(array('id' => $image['id'], 'path' => $image['path']));
// restore configuration setting
$conf['derivative_url_style'] = $previous_derivative_url_style;
$link = get_absolute_root_url() . 'index.php?/pshare/' . $share['uuid'];
$content = '<p style="text-align:center">';
$content .= l10n('%s has shared a photo with you', $user['username']);
$content .= '<br><br><a href="' . $link . '"><img src="' . $thumb_url . '"></a>';
$content .= '<br><br><a href="' . $link . '">' . l10n('clic to view') . '</a>';
$content .= '</p>';
$subject = l10n('Photo shared');
pwg_mail($params['email'], array('subject' => '[' . $conf['gallery_title'] . '] ' . $subject, 'mail_title' => $conf['gallery_title'], 'mail_subtitle' => $subject, 'content' => $content, 'content_format' => 'text/html'));
return array('message' => l10n('Email sent to %s', $share['sent_to']));
}
$count_enabled++;
}
if ($PROVIDERS_CONFIG[$id]['new_app_link'] and $data['enabled']) {
if (empty($data['keys']['secret']) or @$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['id']) or !@$PROVIDERS_CONFIG[$id]['require_client_id'] and empty($data['keys']['key'])) {
$page['errors'][] = l10n('%s: invalid keys', $PROVIDERS_CONFIG[$id]['name']);
}
}
if (isset($PROVIDERS_CONFIG[$id]['scope'])) {
$data['scope'] = $PROVIDERS_CONFIG[$id]['scope'];
}
if (is_array(@$data['keys'])) {
$data['keys'] = array_map('trim', $data['keys']);
}
$data['name'] = $PROVIDERS_CONFIG[$id]['name'];
$providers[$id] = $data;
}
$hybridauth_conf['providers'] = $providers;
$hybridauth_conf['total'] = count($hybridauth_conf['providers']);
$hybridauth_conf['enabled'] = $count_enabled;
if (!count($page['errors'])) {
// generate config file
$content = "<?php\ndefined('PHPWG_ROOT_PATH') or die('Hacking attempt!');\n\nreturn ";
$content .= var_export(array_intersect_key($hybridauth_conf, array_flip(array('providers', 'total', 'enabled'))), true);
$content .= ";\n?>";
file_put_contents(OAUTH_CONFIG, $content);
$page['infos'][] = l10n('Information data registered in database');
}
}
$template->assign(array('PROVIDERS' => $PROVIDERS_CONFIG, 'CONFIG' => $hybridauth_conf['providers'], 'SERVERNAME' => get_servername(), 'WEBSITE' => get_absolute_root_url(), 'OAUTH_CALLBACK' => OAUTH_PUBLIC . '?hauth.done='));
// define template file
$template->set_filename('oauth_content', realpath(OAUTH_PATH . 'admin/template/providers.tpl'));
/**
* Function called from UAM_admin.php to reset validation key
*
* @param : User id
*
* @return : Build validation key in URL
*
*/
function ResetConfirmMail($user_id)
{
global $conf;
$Confirm_Mail_ID = FindAvailableConfirmMailID();
$dbnow = date("Y-m-d H:i:s");
if (isset($Confirm_Mail_ID)) {
$query = '
UPDATE ' . USER_CONFIRM_MAIL_TABLE . '
SET id = "' . $Confirm_Mail_ID . '"
WHERE user_id = ' . $user_id . '
;';
pwg_query($query);
$query = '
UPDATE ' . USER_INFOS_TABLE . '
SET registration_date = "' . $dbnow . '"
WHERE user_id = ' . $user_id . '
;';
pwg_query($query);
if ($conf['guest_access']) {
return get_absolute_root_url() . '?key=' . $Confirm_Mail_ID . '&userid=' . $user_id;
} else {
return get_absolute_root_url() . 'identification.php?key=' . $Confirm_Mail_ID . '&userid=' . $user_id;
}
}
}
if (isset($error_copy)) {
$errors[] = $error_copy;
} else {
session_set_save_handler('pwg_session_open', 'pwg_session_close', 'pwg_session_read', 'pwg_session_write', 'pwg_session_destroy', 'pwg_session_gc');
if (function_exists('ini_set')) {
ini_set('session.use_cookies', $conf['session_use_cookies']);
ini_set('session.use_only_cookies', $conf['session_use_only_cookies']);
ini_set('session.use_trans_sid', intval($conf['session_use_trans_sid']));
ini_set('session.cookie_httponly', 1);
}
session_name($conf['session_name']);
session_set_cookie_params(0, cookie_path());
register_shutdown_function('session_write_close');
$user = build_user(1, true);
log_user($user['id'], false);
// email notification
if (isset($_POST['send_password_by_mail'])) {
include_once PHPWG_ROOT_PATH . 'include/functions_mail.inc.php';
$keyargs_content = array(get_l10n_args('Hello %s,', $admin_name), get_l10n_args('Welcome to your new installation of Piwigo!', ''), get_l10n_args('', ''), get_l10n_args('Here are your connection settings', ''), get_l10n_args('', ''), get_l10n_args('Link: %s', get_absolute_root_url()), get_l10n_args('Username: %s', $admin_name), get_l10n_args('Password: %s', $admin_pass1), get_l10n_args('Email: %s', $admin_mail), get_l10n_args('', ''), get_l10n_args('Don\'t hesitate to consult our forums for any help: %s', PHPWG_URL));
pwg_mail($admin_mail, array('subject' => l10n('Just another Piwigo gallery'), 'content' => l10n_args($keyargs_content), 'content_format' => 'text/plain'));
}
}
}
if (count($errors) != 0) {
$template->assign('errors', $errors);
}
if (count($infos) != 0) {
$template->assign('infos', $infos);
}
//----------------------------------------------------------- html code display
$template->pparse('install');
/**
* Indicate to build url with full path
*
* @param null
* @return null
*/
function set_make_full_url()
{
global $page;
if (!isset($page['save_root_path'])) {
if (isset($page['root_path'])) {
$page['save_root_path']['path'] = $page['root_path'];
}
$page['save_root_path']['count'] = 1;
$page['root_path'] = get_absolute_root_url();
} else {
$page['save_root_path']['count'] += 1;
}
}
