protected function _element($data, $tab, $start)
{
static $start;
$eof = EOL;
$output = '';
$attrs = '';
$tab = str_repeat("\t", $start);
if (!is_array($data)) {
return $data . $eof;
} else {
foreach ($data as $k => $v) {
if (isRealNumeric($k)) {
$value = $k;
$k = 'li';
} else {
$value = NULL;
}
$end = prefix(Arrays::getFirst(explode(' ', $k)));
if (!is_array($v)) {
$output .= "{$tab}<{$k}>{$v}<{$end}>{$eof}";
} else {
if (stripos($k, 'ul') !== 0 && stripos($k, 'ol') !== 0 && $k !== 'li') {
$value = $k;
$k = 'li';
$end = prefix($k);
} else {
$value = NULL;
}
$output .= $tab . "<{$k}>{$value}{$eof}" . $this->_element($v, $tab, $start++) . $tab . "<{$end}>" . $tab . $eof;
$start--;
}
}
}
return $output;
}
static function new_image($image)
{
global $_zp_exifvars;
$entry_locale = getUserLocale();
$languages = generateLanguageList();
$languageTags = $element = array();
$candidates = self::getTaggingItems();
foreach ($candidates as $key) {
if ($meta = $image->get($key)) {
setupCurrentLocale('en_US');
$en_us = $element[] = exifTranslate($meta);
foreach ($languages as $language) {
setupCurrentLocale($language);
$xlated = exifTranslate($meta);
if ($xlated != $en_us) {
// the string has a translation in this language
$element[] = $xlated;
$languageTags[$language] = $xlated;
}
}
}
}
setupCurrentLocale($entry_locale);
$element = array_unique(array_merge($image->getTags(), $element));
$image->setTags($element);
$image->save();
foreach ($languageTags as $language => $tag) {
$sql = 'UPDATE ' . prefix('tags') . ' SET `language`=' . db_quote($language) . ' WHERE `name`=' . db_quote($tag) . ' AND `language`=NULL OR `language` LIKE ""';
query($sql, false);
}
return $image;
}
public static function delete($view, $id)
{
$view->actions(function ($view) {
$view->submit(__('admin::account.delete.buttons.delete'), 'primary');
$view->button(prefix('admin') . 'account', __('admin::account.delete.buttons.cancel'));
});
}
function handleOption($option, $currentValue)
{
if ($option == "zenpage_homepage") {
$unpublishedpages = query_full_array("SELECT titlelink FROM " . prefix('pages') . " WHERE `show` != 1 ORDER by `sort_order`");
if (empty($unpublishedpages)) {
echo gettext("No unpublished pages available");
// clear option if no unpublished pages are available or have been published meanwhile
// so that the normal gallery index appears and no page is accidentally set if set to unpublished again.
setOption("zenpage_homepage", "none", true);
} else {
echo '<input type="hidden" name="' . CUSTOM_OPTION_PREFIX . 'selector-zenpage_homepage" value="0" />' . "\n";
echo '<select id="' . $option . '" name="zenpage_homepage">' . "\n";
if ($currentValue === "none") {
$selected = " selected = 'selected'";
} else {
$selected = "";
}
echo "<option{$selected}>" . gettext("none") . "</option>";
foreach ($unpublishedpages as $page) {
if ($currentValue === $page["titlelink"]) {
$selected = " selected = 'selected'";
} else {
$selected = "";
}
echo "<option{$selected}>" . $page["titlelink"] . "</option>";
}
echo "</select>\n";
}
}
}
function getOptionsSupported()
{
$unpublishedpages = query_full_array("SELECT title,titlelink FROM " . prefix('pages') . " WHERE `show` != 1 ORDER by `sort_order`");
$list = array();
foreach ($unpublishedpages as $page) {
$list[get_language_string($page['title'])] = $page['titlelink'];
}
return array(gettext('Allow search') => array('key' => 'Allow_search', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Check to enable search form.')), gettext('News on index page') => array('key' => 'zenpage_zp_index_news', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext("Enable this if you want to show the news section’s first page on the <code>index.php</code> page.")), gettext('Homepage') => array('key' => 'zenpage_homepage', 'type' => OPTION_TYPE_SELECTOR, 'selections' => $list, 'null_selection' => gettext('none'), 'desc' => gettext("Choose here any <em>un-published Zenpage page</em> (listed by <em>titlelink</em>) to act as your site’s homepage instead the normal gallery index.") . "<p class='notebox'>" . gettext("<strong>Note:</strong> This of course overrides the <em>News on index page</em> option and your theme must be setup for this feature! Visit the theming tutorial for details.") . "</p>"), gettext('Use standard contact page') => array('key' => 'zenpage_contactpage', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Disable this if you do not want to use the separate contact page with the contact form. You can also use the codeblock of a page for this. See the contact_form plugin documentation for more info.')), gettext('Use custom menu') => array('key' => 'zenpage_custommenu', 'type' => OPTION_TYPE_CHECKBOX, 'desc' => gettext('Check this if you want to use the <em>menu_manager</em> plugin if enabled to build a custom menu instead of the separate standard ones. A standard menu named "zenpage" is created and used automatically.')));
}
/**
*
* Logs User searches
* @param array $search_statistics the search criteria
* @param string $type 'album', 'image', etc.
* @param bool $success did the search return a result
* @param bool $dynamic was it from a dynamic album
* @param int $iteration count of the filters since the search engine instantiation
*/
static function handler($search_statistics, $type, $success, $dynamic, $iteration)
{
if (!$dynamic) {
// log unique user searches
$store = array('type' => $type, 'success' => $success, 'iteration' => $iteration, 'data' => $search_statistics);
$sql = 'INSERT INTO ' . prefix('plugin_storage') . ' (`type`, `aux`,`data`) VALUES ("search_statistics", ' . db_quote(getUserIP()) . ',' . db_quote(serialize($store)) . ')';
query($sql);
}
return $search_statistics;
}
public function get_dom_article($limit = 8)
{
return $this->ci->db->query('
SELECT a.*, c.link AS cat_link, c.name AS cat_name
FROM ' . prefix('article') . ' AS a JOIN ' . prefix('category') . ' AS c
ON a.cid=c.cid
WHERE a.state=1
ORDER BY rand()
DESC LIMIT ' . $limit)->result();
}
static function getLatestImages($limit = 3)
{
if (!isset($limit) || !is_numeric($limit)) {
$limit = 3;
}
$t_images = prefix("images");
$t_albums = prefix("albums");
$query = "SELECT i.filename, i.title, a.folder FROM {$t_images} i " . "LEFT JOIN {$t_albums} a ON i.albumid=a.id " . "ORDER BY i.id DESC LIMIT {$limit}";
$result = query_full_array($query);
return self::createImages($result);
}
public function tag_list($tid, $start, $offset)
{
return $this->db->query('
SELECT a.*, c.link AS cat_link, c.name AS cat_name
FROM ' . prefix('relation') . ' AS r, ' . prefix('article') . ' AS a
LEFT JOIN ' . prefix('category AS c') . ' ON a.cid=c.cid
WHERE r.aid=a.aid AND r.tid=' . $tid . ' AND a.state=1
LIMIT ' . $start . ', ' . $offset . '
')->result();
// return $this->db->query('SELECT p.*, c.id AS cate_id, c.name AS cate_name, c.alias AS cate_alias, c.keywords AS cate_keywords, c.description
// AS cate_description FROM '.tn('posts').' AS p, '.tn('categories').' AS c, '.tn('tagrelas').' AS t WHERE p.cid=c.id AND t.oid=p.id AND
// t.tid='.(int) $tid.' AND p.status=1 LIMIT '.(int) $start.', '.(int) $offset);
// return $query->result_array();
}
static function setCurrentNewsPage()
{
global $_zp_current_zenpage_news, $_zp_page;
if (isset($_zp_current_zenpage_news)) {
$table = prefix('zenpage_news');
$id = $_zp_current_zenpage_news->getID();
$query = "SELECT count(id) ct FROM {$table} where id >= {$id} AND `show`=1";
$result = query_single_row($query);
$count = $result['ct'];
$pageNumber = ceil($count / max(1, getOption("zenpage_articles_per_page")));
$_GET["page"] = $pageNumber;
$_zp_page = $pageNumber;
}
}
function zenphoto_recent_comments()
{
////////////////////////////////////////////////////////////////////
/*------------------- START OF CONFIGURATION ---------------------*/
/*MySQL Settings*/
$zen_db = '';
//The name of the database
$zen_username = '';
//Your MySQL username
$zen_password = '';
//...and password
$zen_host = 'localhost';
//99% chance you won't need to change this value
$mysql_prefix = '';
//Zen Database Tables prefix (if any)
/*More...*/
$num_of_comments = '10';
//Number of comments you want to show up.
$mods_rewrite = true;
//If you have Apache mod_rewrite, put true here, and you'll get nice cruft-free URLs.
$gallery_folder = 'zenphoto';
//eg. http://mysite.com/zenphoto
/*--------------------- END OF CONFIGURATION ---------------------*/
////////////////////////////////////////////////////////////////////
//we will try to connect to the database
@($mysql_connection = mysql_connect($zen_host, $zen_username, $zen_password)) or die('Could not connect to database.');
//selecting zenphoto database
@mysql_select_db($zen_db) or die('Could not select database.');
$sql = "SELECT c.id, i.title, i.filename, a.folder, a.title AS albumtitle, c.name, c.website," . " c.date, c.comment FROM " . prefix('comments') . " AS c, " . prefix('images') . " AS i, " . prefix('albums') . " AS a " . " WHERE c.imageid = i.id AND i.albumid = a.id ORDER BY c.id DESC LIMIT 10";
$result = mysql_query($sql, $mysql_connection) or die('MySQL Query ( ' . $sql . ' ) Failed. Error: ' . mysql_error());
$allrows = array();
while ($row = mysql_fetch_assoc($result)) {
$allrows[] = $row;
}
foreach ($allrows as $comment) {
$author = $comment['name'];
$album = $comment['folder'];
$image = $comment['filename'];
$albumtitle = $comment['albumtitle'];
if ($comment['title'] == "") {
$title = $image;
} else {
$title = $comment['title'];
}
$website = $comment['website'];
$comment = truncate_string($comment['comment'], 123);
echo "<li><div>{$author} on <a href=\"" . ($mods_rewrite ? "../{$gallery_folder}/{$album}/{$image}" : "../{$gallery_folder}/index.php?album=" . urlencode($album) . "&image=" . urlencode($image)) . "\">{$albumtitle} / {$title}</a>:</div><div>{$comment}</div></li>";
}
}
/**
* generates a Mollom captcha for comments
*
* Returns the captcha code string and image URL (via the $image parameter).
*
* @return string;
*/
function generateCaptcha(&$image)
{
Mollom::setPublicKey(getOption('public_key'));
Mollom::setPrivateKey(getOption('private_key'));
$servers = Mollom::getServerList();
Mollom::setServerList($servers);
// get captcha
$captcha = Mollom::getImageCaptcha();
$session_id = $captcha['session_id'];
query('DELETE FROM ' . prefix('captcha') . ' WHERE `ptime`<' . (time() - 3600), true);
// expired tickets
query("INSERT INTO " . prefix('captcha') . " (ptime, hash) VALUES ('" . escape(time()) . "','" . escape($session_id) . "')", true);
$image = $captcha['url'];
return $session_id;
}
/**
* 显示搜索结果
*
* @access public
* @return void
*/
public function index()
{
$start = ($this->_page - 1) * $this->_prepage;
$rows = $this->db->query('SELECT * FROM ' . prefix('article') . ' WHERE `title` LIKE "%' . $this->_keys . '%" OR `description` LIKE "%' . $this->_keys . '%"');
$list = $this->db->query('SELECT * FROM ' . prefix('article') . ' WHERE `title` LIKE "%' . $this->_keys . '%" OR `description` LIKE "%' . $this->_keys . '%" LIMIT ' . $start . ', ' . $this->_prepage . '');
$data['rows'] = $rows->num_rows();
$data['pres'] = $this->_prepage;
$data['list'] = $list->result();
$data['page'] = $this->_setpagestring($data['rows']);
$data['keys'] = $this->_keys;
if ($data['rows']) {
$this->load->model('search_model');
$this->search_model->insert_keyword($this->_keys);
}
$this->load->view('site_search', $data);
}
function auto_id($prefix = '', $n = 1)
{
if ($prefix == '') {
$prefix = prefix();
}
$sql = "select id from `{$prefix}counter`";
$q = query($sql, '', 1);
if (!$q) {
$q = create_autoid($prefix);
}
$r = fetch($q);
$id = $r['id'] + $n;
$sql = "UPDATE `{$prefix}counter` SET `id` = '{$id}' ";
$q = query($sql);
return $id;
}
function getTitle($table, $row)
{
switch ($table) {
case 'images':
$album = query_single_row('SELECT `folder` FROM ' . prefix('albums') . ' WHERE `id`=' . $row[albumid]);
$title = sprintf(gettext('%1$s: image %2$s'), $album['folder'], $row[$filename]);
break;
case 'albums':
$title = sprintf(gettext('album %s'), $row[$folder]);
break;
case 'news':
case 'pages':
$title = sprintf(gettext('%1$s: %2$s'), $table, $row['titlelink']);
break;
}
return $title;
}
static function clones()
{
global $_zp_current_admin_obj;
$clones = array();
if ($result = query('SELECT * FROM ' . prefix('plugin_storage') . ' WHERE `type`="clone"')) {
while ($row = db_fetch_assoc($result)) {
if (file_exists($row['aux'] . '/' . DATA_FOLDER . '/zenphoto.cfg.php')) {
$clones[$row['aux']] = $row['data'] . '/';
$_SESSION['admin'][bin2hex($row['aux'])] = serialize($_zp_current_admin_obj);
} else {
query('DELETE FROM ' . prefix('plugin_storage') . ' WHERE `id` = ' . $row['id']);
}
}
db_free_result($result);
}
return $clones;
}
public function update($view, $page)
{
$view->form(function ($view) use($page) {
$view->page_header(function ($view) {
$view->title(__('admin::page.update.title'));
});
$view->text('lang[' . $page->lang->language_id . '][meta_title]', __('admin::page.update.form.lang.meta_title'), $page->lang->meta_title);
$view->text('lang[' . $page->lang->language_id . '][meta_keywords]', __('admin::page.update.form.lang.meta_keywords'), $page->lang->meta_keywords);
$view->textarea('lang[' . $page->lang->language_id . '][meta_description]', __('admin::page.update.form.lang.meta_description'), $page->lang->meta_description);
/**
* @todo stop laravel from adding id's to the form fields
*/
$view->text('lang[' . $page->lang->language_id . '][menu]', __('admin::page.update.form.lang.menu'), $page->lang->menu);
$view->text('lang[' . $page->lang->language_id . '][url]', __('admin::page.update.form.lang.url'), $page->lang->url);
$view->actions(function ($view) {
$view->submit(__('admin::page.update.buttons.edit'), 'primary');
});
}, 'PUT', prefix('admin') . 'page/' . $page->lang->slug . '/edit');
}
function __construct()
{
global $_zp_authority, $_userAddressFields;
$firstTime = false;
$tablecols = db_list_fields('administrators');
foreach ($tablecols as $key => $datum) {
if ($datum['Field'] == 'custom_data') {
$firstTime = true;
enableExtension('userAddressFields', true);
break;
}
}
parent::constructor('userAddressFields', self::fields());
if ($firstTime) {
// migrate the custom data user data
$result = query('SELECT * FROM ' . prefix('administrators') . ' WHERE `valid`!=0');
if ($result) {
while ($row = db_fetch_assoc($result)) {
$custom = getSerializedArray($row['custom_data']);
if (!empty($custom)) {
$sql = 'UPDATE ' . prefix('administrators') . ' SET ';
foreach ($custom as $field => $val) {
$sql .= '`' . $field . '`=' . db_quote($val) . ',';
}
setupQuery($sql);
}
}
db_free_result($result);
}
setupQuery('ALTER TABLE ' . prefix('administrators') . ' DROP `custom_data`');
}
$cloneid = bin2hex(FULLWEBPATH);
if (OFFSET_PATH == 2 && isset($_SESSION['admin'][$cloneid])) {
$user = unserialize($_SESSION['admin'][$cloneid]);
$user2 = $_zp_authority->getAnAdmin(array('`user`=' => $user->getUser(), '`pass`=' => $user->getPass(), '`valid`=' => 1));
if ($user2) {
foreach (userAddressFields::fields() as $field) {
$user2->set($field['name'], $user->get($field['name']));
}
$user2->save();
}
}
}
function handleOption($option, $currentValue)
{
switch ($option) {
case 'garland_menu':
$menusets = array();
echo '<select id="garland_menuset" name="garland_menu"';
if (function_exists('printCustomMenu') && getThemeOption('custom_index_page', NULL, 'garland') === 'gallery') {
$result = query_full_array("SELECT DISTINCT menuset FROM " . prefix('menu') . " ORDER BY menuset");
foreach ($result as $set) {
$menusets[$set['menuset']] = $set['menuset'];
}
} else {
echo ' disabled="disabled"';
}
echo ">\n";
echo '<option value="" style="background-color:LightGray">' . gettext('*standard menu') . '</option>';
generateListFromArray(array($currentValue), $menusets, false, false);
echo "</select>\n";
break;
}
}
public function delete($view, $id)
{
// Get the Account
$response = API::get(array('module', $id));
// Handle response codes other than 200 OK
if (!$response->success) {
return Event::first($response->code);
}
// The response body is the Account
$module = $response->get();
$view->page_header(function ($view) {
$view->float_right(function ($view) {
$view->search();
});
$view->title(__('admin::module.delete.title'));
});
$view->well(function ($view) use($module) {
$view->raw(__('admin::module.delete.message', array('name' => $module->name, 'email' => $module->email)));
});
$view->form(Module::form('module.delete', $id), 'DELETE', prefix('admin') . 'module/delete/' . $id);
}
/**
*
* This method establishes the current set of database fields. It will add the
* fields to the database if they are not already present. Fields from previous
* constructor calls that are no longer in the list will be removed from the
* database (along with any data associated with them.)
*
* @param array $newfields
*/
function constructor($me, $newfields)
{
$previous = getSerializedArray(getOption(get_class($this) . '_addedFields'));
$current = $fields = array();
if (extensionEnabled($me)) {
//need to update the database tables.
foreach ($newfields as $newfield) {
$current[$newfield['table']][$newfield['name']] = true;
unset($previous[$newfield['table']][$newfield['name']]);
switch (strtolower($newfield['type'])) {
default:
$dbType = strtoupper($newfield['type']);
break;
case 'int':
case 'varchar':
$dbType = strtoupper($newfield['type']) . '(' . min(255, $newfield['size']) . ')';
break;
}
$sql = 'ALTER TABLE ' . prefix($newfield['table']) . ' ADD COLUMN `' . $newfield['name'] . '` ' . $dbType;
if (query($sql, false) && in_array($newfield['table'], array('albums', 'images', 'news', 'news_categories', 'pages'))) {
$fields[] = strtolower($newfield['name']);
}
}
setOption(get_class($this) . '_addedFields', serialize($current));
} else {
purgeOption(get_class($this) . '_addedFields');
}
$set_fields = array_flip(explode(',', getOption('search_fields')));
foreach ($previous as $table => $orpahed) {
//drop fields no longer defined
foreach ($orpahed as $field => $v) {
unset($set_fields[$field]);
$sql = 'ALTER TABLE ' . prefix($table) . ' DROP `' . $field . '`';
query($sql, false);
}
}
$set_fields = array_unique(array_merge($fields, array_flip($set_fields)));
setOption('search_fields', implode(',', $set_fields));
}
public function home()
{
$sql = 'SELECT *
FROM _store s, _store_fields f
WHERE s.store_field = f.field_id
ORDER BY store_field';
$store = _rowset($sql, 'store_assoc', false, true);
$a_country = array('Alemania' => 82, 'Argentina' => 10, 'Bolivia' => 26, 'Chile' => 43, 'Colombia' => 47, 'Ecuador' => 63, 'El Salvador' => 65, 'Espana' => 197, 'Francia' => 74, 'Greece' => 85, 'Guatemala' => 90, 'Honduras' => 97, 'Italia' => 107, 'Mexico' => 140, 'Paraguay' => 168, 'Peru' => 169, 'Uruguay' => 227, 'Venezuela' => 230);
foreach ($store as $i => $row) {
$nickname = '';
$address = '';
$birthday = '';
$country = '';
foreach ($row as $field) {
switch ($field['field_alias']) {
case 'nickname':
$nickname = $field['store_value'];
break;
case 'address':
$address = $field['store_value'];
break;
case 'birthday':
$temp = explode('/', $field['store_value']);
$birthday = $temp[2] . '' . $temp[1] . '' . $temp[0];
break;
case 'country':
$country = $a_country[$field['store_value']];
break;
}
}
$sql_insert = array('type' => 1, 'active' => 0, 'username' => $nickname, 'password' => '', 'registration' => time(), 'lastvisit' => 0, 'lastpage' => '', 'country' => $country, 'email' => $address, 'birthday' => $birthday, 'birthday_last' => 0, 'gender' => 0, 'date' => 0, 'dateformat' => 'd M Y H:i', 'timezone' => -6, 'dst' => 0, 'login_tries' => 0);
$sql = 'INSERT INTO _members' . _build_array('INSERT', prefix('user', $sql_insert));
_sql($sql);
//_pre($sql);
}
$this->e('Done.');
return;
}
/**
* Returns true if the IP has voted
*
* @param string $ip the IP address to check
* @param int $id the record ID of the image
* @param string $option 'image' or 'album' depending on the requestor
* @return bool
*/
function checkForIp($ip, $id, $option)
{
global $_rating_current_IPlist;
switch ($option) {
case "image":
$dbtable = prefix('images');
break;
case "album":
$dbtable = prefix('albums');
break;
}
$IPlist = query_single_row("SELECT used_ips FROM {$dbtable} WHERE id= {$id}");
if (is_array($IPlist)) {
if (empty($IPlist['used_ips'])) {
$_rating_current_IPlist = array();
return false;
}
$_rating_current_IPlist = unserialize($IPlist['used_ips']);
return in_array($ip, $_rating_current_IPlist);
} else {
$_rating_current_IPlist = array();
return false;
}
}
/**
* The main query function. Runs the SQL on the connection and handles errors.
* @param string $sql sql code
* @param bool $noerrmsg set to true to supress the error message
* @return results of the sql statements
* @since 0.6
*/
function query($sql, $noerrmsg = false)
{
global $mysql_connection, $_zp_query_count, $_zp_conf_vars;
if ($mysql_connection == null) {
db_connect();
}
$result = mysql_query($sql, $mysql_connection);
if (!$result) {
if ($noerrmsg) {
return false;
} else {
$sql = sanitize($sql, 3);
$error = sprintf(gettext('MySQL Query ( <em>%1$s</em> ) failed. Error: %2$s'), $sql, mysql_error());
// Changed this to mysql_query - *never* call query functions recursively...
if (!mysql_query("SELECT 1 FROM " . prefix('albums') . " LIMIT 0", $mysql_connection)) {
$error .= "<br />" . gettext("It looks like your zenphoto tables haven't been created.") . ' ' . sprintf(gettext('You may need to run <a href="%s/%s/setup.php">the setup script.</a>'), WEBPATH, ZENFOLDER);
}
zp_error($error);
return false;
}
}
$_zp_query_count++;
return $result;
}
function __construct()
{
global $_userAddressFields;
$firstTime = extensionEnabled('userAddressFields') && is_null(getOption('userAddressFields_addedFields'));
parent::constructor('userAddressFields', self::fields());
if ($firstTime) {
// migrate the custom data user data
$result = query('SELECT * FROM ' . prefix('administrators') . ' WHERE `valid`!=0');
if ($result) {
while ($row = db_fetch_assoc($result)) {
$custom = getSerializedArray($row['custom_data']);
if (!empty($custom)) {
$sql = 'UPDATE ' . prefix('administrators') . ' SET ';
foreach ($custom as $field => $val) {
$sql .= '`' . $field . '`=' . db_quote($val) . ',';
}
$sql .= '`custom_data`=NULL WHERE `id`=' . $row['id'];
query($sql);
}
}
db_free_result($result);
}
}
}
/**
* Monitors blocked accesses to Admin pages
* @param bool $allow ignored
* @param string $page ignored
*/
function failed_access_blocker_adminGate($allow, $page)
{
// clean out expired attempts
$sql = 'DELETE FROM ' . prefix('plugin_storage') . ' WHERE `type`="failed_access" AND `aux` < "' . (time() - getOption('failed_access_blocker_timeout') * 60) . '"';
query($sql);
// add this attempt
$sql = 'INSERT INTO ' . prefix('plugin_storage') . ' (`type`, `aux`,`data`) VALUES ("failed_access", "' . time() . '","' . getUserIP() . '")';
query($sql);
// check how many times this has happened recently
$sql = 'SELECT COUNT(*) FROM ' . prefix('plugin_storage') . 'WHERE `type`="failed_access" AND `data`="' . getUserIP() . '"';
$result = query($sql);
$count = db_result($result, 0);
if ($count >= getOption('failed_access_blocker_attempt_threshold')) {
$block = getOption('failed_access_blocker_forbidden');
if ($block) {
$block = unserialize($block);
} else {
$block = array();
}
$block[getUserIP()] = time();
setOption('failed_access_blocker_forbidden', serialize($block));
}
return $allow;
}
static function getRandomImages($limit = 3, $albums = NULL)
{
if ($limit == 0) {
$limit = 1;
}
$t_images = prefix("images");
$t_albums = prefix("albums");
$idQuery = "select img.id from {$t_images} img";
$where = "";
if (!is_null($albums) && count($albums) > 0) {
$all = '';
for ($u = 0; $u < count($albums); $u++) {
if ($u > 0) {
$all .= ", ";
}
$all .= "'" . $albums[$u] . "'";
}
$where = " LEFT JOIN {$t_albums} album ON img.albumid=album.id " . "WHERE album.folder IN ({$all}) ORDER BY img.id";
}
$idQuery .= $where;
$result = query_full_array($idQuery);
$rowCount = count($result);
$u = 0;
$ids = "";
while ($u < $limit) {
$id = rand(0, $rowCount - 1);
if ($u > 0) {
$ids .= ", ";
}
$ids .= $result[$id]['id'];
$u++;
}
$query = "SELECT i.filename, i.title, a.folder FROM {$t_images} i " . "LEFT JOIN {$t_albums} a ON i.albumid=a.id WHERE i.id IN ({$ids})";
$result = query_full_array($query);
return self::createImages($result);
}
/**
* For every image in the album, look for its file. Delete from the database
* if the file does not exist. Same for each sub-directory/album.
*
* @param bool $deep set to true for a thorough cleansing
*/
function garbageCollect($deep = false)
{
if (is_null($this->images)) {
$this->getImages();
}
$result = query("SELECT * FROM " . prefix('images') . " WHERE `albumid` = '" . $this->id . "'");
$dead = array();
$live = array();
$files = $this->loadFileNames();
// Does the filename from the db row match any in the files on disk?
while ($row = db_fetch_assoc($result)) {
if (!in_array($row['filename'], $files)) {
// In the database but not on disk. Kill it.
$dead[] = $row['id'];
} else {
if (in_array($row['filename'], $live)) {
// Duplicate in the database. Kill it.
$dead[] = $row['id'];
// Do something else here? Compare titles/descriptions/metadata/update dates to see which is the latest?
} else {
$live[] = $row['filename'];
}
}
}
db_free_result($result);
if (count($dead) > 0) {
$sql = "DELETE FROM " . prefix('images') . " WHERE `id` = '" . array_pop($dead) . "'";
$sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
foreach ($dead as $id) {
$sql .= " OR `id` = '{$id}'";
$sql2 .= " OR `ownerid` = '{$id}'";
}
query($sql);
query($sql2);
}
// Get all sub-albums and make sure they exist.
$result = query("SELECT * FROM " . prefix('albums') . " WHERE `folder` LIKE " . db_quote(db_LIKE_escape($this->name) . '%'));
$dead = array();
$live = array();
// Does the dirname from the db row exist on disk?
while ($row = db_fetch_assoc($result)) {
if (!is_dir(ALBUM_FOLDER_SERVERPATH . internalToFilesystem($row['folder'])) || in_array($row['folder'], $live) || substr($row['folder'], -1) == '/' || substr($row['folder'], 0, 1) == '/') {
$dead[] = $row['id'];
} else {
$live[] = $row['folder'];
}
}
db_free_result($result);
if (count($dead) > 0) {
$sql = "DELETE FROM " . prefix('albums') . " WHERE `id` = '" . array_pop($dead) . "'";
$sql2 = "DELETE FROM " . prefix('comments') . " WHERE `type`='albums' AND `ownerid` = '" . array_pop($dead) . "'";
foreach ($dead as $albumid) {
$sql .= " OR `id` = '{$albumid}'";
$sql2 .= " OR `ownerid` = '{$albumid}'";
}
query($sql);
query($sql2);
}
if ($deep) {
foreach ($this->getAlbums(0) as $dir) {
$subalbum = newAlbum($dir);
// Could have been deleted if it didn't exist above...
if ($subalbum->exists) {
$subalbum->garbageCollect($deep);
}
}
}
}
protected function _cat_create()
{
gfatal();
$v = $this->__(array('group' => 0, 'name'));
if (!f($v['name'])) {
$this->_error('#FIELD_IS_EMPTY');
}
if ($v['group']) {
$sql = 'SELECT group_id
FROM _groups
WHERE group_id = ?';
if (!_fieldrow(sql_filter($sql, $v['group']))) {
$this->_error('#GROUPS_NO_EXISTS');
}
}
$sql = 'INSERT INTO _tickets_cat' . _build_array('INSERT', prefix('cat', $v));
_sql($sql);
return $this->e('~OK');
}
/**
* Gets news articles and images of a gallery to show them together on the news section
*
* NOTE: This function does not exclude articles that are password protected via a category
*
* @param int $articles_per_page The number of articles to get
* @param string $mode "latestimages-thumbnail"
* "latestimages-thumbnail-customcrop"
* "latestimages-sizedimage"
* "latestalbums-thumbnail"
* "latestalbums-thumbnail-customcrop"
* "latestalbums-sizedimage"
* "latestimagesbyalbum-thumbnail"
* "latestimagesbyalbum-thumbnail-customcrop"
* "latestimagesbyalbum-sizedimage"
* "latestupdatedalbums-thumbnail" (for RSS and getLatestNews() used only)
* "latestupdatedalbums-thumbnail-customcrop" (for RSS and getLatestNews() used only)
* "latestupdatedalbums-sizedimage" (for RSS and getLatestNews() used only)
* NOTE: The "latestupdatedalbums" variants do NOT support pagination as required on the news loop!
*
* @param string $published "published" for published articles,
* "unpublished" for un-published articles,
* "all" for all articles
* @param string $sortorder id, date or mtime, only for latestimages-... modes
* @param bool $sticky set to true to place "sticky" articles at the front of the list.
* @param string $direction "desc" or "asc"
* @return array
* @deprecated since version 1.4.6
*/
protected function getCombiNews($articles_per_page = '', $mode = '', $published = NULL, $sortorder = NULL, $sticky = true, $sortdirection = 'desc')
{
global $_zp_combiNews_cache, $_zp_gallery;
if (is_null($published)) {
if (zp_loggedin(ZENPAGE_NEWS_RIGHTS | ALL_NEWS_RIGHTS)) {
$published = "all";
} else {
$published = "published";
}
}
if (empty($mode)) {
$mode = getOption('zenpage_combinews_mode');
}
if (isset($_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection])) {
return $_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection];
}
if ($published == "published") {
$show = " WHERE `show` = 1 AND date <= '" . date('Y-m-d H:i:s') . "'";
$imagesshow = " AND images.show = 1 ";
} else {
$show = "";
$imagesshow = "";
}
getAllAccessibleAlbums($_zp_gallery, $albumlist, false);
if (empty($albumlist)) {
$albumWhere = 'albums.`id` is NULL';
} else {
$albumWhere = 'albums.`id` in (' . implode(',', $albumlist) . ')';
}
if ($articles_per_page) {
$offset = self::getOffset($articles_per_page);
} else {
$offset = 0;
}
if (empty($sortorder)) {
$combinews_sortorder = getOption("zenpage_combinews_sortorder");
} else {
$combinews_sortorder = $sortorder;
}
$stickyorder = '';
if ($sticky) {
$stickyorder = 'sticky DESC,';
}
switch (strtolower($sortdirection)) {
case 'desc':
default:
$sortdir = 'DESC';
break;
case 'asc':
$sortdir = 'ASC';
break;
}
$type3 = query("SET @type3:='0'");
switch ($mode) {
case "latestimages-thumbnail":
case "latestimages-thumbnail-customcrop":
case "latestimages-sizedimage":
case "latestimages-sizedimage-maxspace":
case "latestimages-fullimage":
$albumWhere = ' AND ' . $albumWhere;
$sortorder = $combinews_sortorder;
$type1 = query("SET @type1:='news'");
$type2 = query("SET @type2:='images'");
switch ($combinews_sortorder) {
case 'id':
case 'date':
$imagequery = "(SELECT albums.folder, images.filename, images.date, @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
break;
case 'publishdate':
$imagequery = "(SELECT albums.folder, images.filename, IFNULL(images.publishdate,images.date), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
case 'mtime':
$imagequery = "(SELECT albums.folder, images.filename, FROM_UNIXTIME(images.mtime), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
break;
}
$result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $imagequery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
break;
case "latestalbums-thumbnail":
case "latestalbums-thumbnail-customcrop":
case "latestalbums-sizedimage":
case "latestalbums-sizedimage-maxspace":
case "latestalbums-fullimage":
default:
if (empty($show)) {
$albumWhere = ' WHERE ' . $albumWhere;
} else {
$albumWhere = ' AND ' . $albumWhere;
}
$sortorder = $combinews_sortorder;
$type1 = query("SET @type1:='news'");
$type2 = query("SET @type2:='albums'");
switch ($combinews_sortorder) {
case 'id':
case 'date':
$albumquery = "(SELECT albums.folder, albums.title, albums.date, @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
break;
case 'publishdate':
$albumquery = "(SELECT albums.folder, albums.title, IFNULL(albums.publishdate,albums.date), @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
break;
case 'mtime':
default:
$albumquery = "(SELECT albums.folder, albums.title, FROM_UNIXTIME(albums.mtime), @type2, @type3 as sticky FROM " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t" . $show . $albumWhere . ")";
break;
}
$result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $albumquery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER BY {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
break;
case "latestimagesbyalbum-thumbnail":
case "latestimagesbyalbum-thumbnail-customcrop":
case "latestimagesbyalbum-sizedimage":
case "latestimagesbyalbum-sizedimage-maxspace":
case "latestimagesbyalbum-fullimage":
$albumWhere = ' AND ' . $albumWhere;
$type1 = query("SET @type1:='news'");
$type2 = query("SET @type2:='albums'");
if (empty($combinews_sortorder) || $combinews_sortorder != "date" || $combinews_sortorder != "mtime" || $combinews_sortorder != "publishdate") {
$combinews_sortorder = "date";
}
$sortorder = "images." . $combinews_sortorder;
switch ($combinews_sortorder) {
case "date":
$imagequery = "(SELECT DISTINCT DATE_FORMAT(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.date,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
break;
case "mtime":
$imagequery = "(SELECT DISTINCT FROM_UNIXTIME(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.mtime,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
case "publishdate":
$imagequery = "(SELECT DISTINCT FROM_UNIXTIME(" . $sortorder . ",'%Y-%m-%d'), albums.folder, DATE_FORMAT(images.publishdate,'%Y-%m-%d'), @type2, @type3 as sticky FROM " . prefix('images') . " AS images, " . prefix('albums') . " AS albums\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE albums.id = images.albumid " . $imagesshow . $albumWhere . ")";
break;
}
$result = $this->siftResults("(SELECT title as albumname, titlelink, date, @type1 as type, sticky FROM " . prefix('news') . " " . $show . ")\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tUNION\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" . $imagequery . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\tORDER By {$stickyorder} date " . $sortdir, $offset, $articles_per_page);
break;
case "latestupdatedalbums-thumbnail":
case "latestupdatedalbums-thumbnail-customcrop":
case "latestupdatedalbums-sizedimage":
case "latestupdatedalbums-sizedimage-maxspace":
case "latestupdatedalbums-fullimage":
$latest = $this->getArticles($articles_per_page, NULL, true, 'date', $sortdirection);
$counter = '';
foreach ($latest as $news) {
$article = new ZenpageNews($news['titlelink']);
if ($article->checkAccess()) {
$counter++;
$latestnews[$counter] = array("albumname" => $article->getTitle(), "titlelink" => $article->getTitlelink(), "date" => $article->getDateTime(), "type" => "news");
}
}
$albums = getAlbumStatistic($articles_per_page, "latestupdated", '', $sortdirection);
$latestalbums = array();
$counter = "";
foreach ($albums as $album) {
$counter++;
$tempalbum = $album;
$tempalbumthumb = $tempalbum->getAlbumThumbImage();
$timestamp = $tempalbum->get('mtime');
if ($timestamp == 0) {
$albumdate = $tempalbum->getDateTime();
} else {
$albumdate = strftime('%Y-%m-%d %H:%M:%S', $timestamp);
}
$latestalbums[$counter] = array("albumname" => $tempalbum->getFileName(), "titlelink" => $tempalbum->getTitle(), "date" => $albumdate, "type" => 'albums');
}
//$latestalbums = array_merge($latestalbums, $item);
$latest = array_merge($latestnews, $latestalbums);
$result = sortMultiArray($latest, "date", $sortdirection != 'asc');
if (count($result) > $articles_per_page) {
$result = array_slice($result, 0, $articles_per_page);
}
break;
}
$_zp_combiNews_cache[$published . $mode . $sticky . $sortorder . $sortdirection] = $result;
return $result;
}
