public static function memberlist_viewprofile(&$member) { // Some of the globals may not be used here, but in the included files global $auth, $db, $template, $user; $user->add_lang('mods/gallery'); phpbb_gallery::init(); $user_id = $member['user_id']; $memberdays = max(1, round((time() - $member['user_regdate']) / 86400)); $sql = 'SELECT user_images, personal_album_id FROM ' . GALLERY_USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query_limit($sql, 1); $member_gallery = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$member_gallery) { $member_gallery = array('user_images' => 0, 'personal_album_id' => 0); } $member = array_merge($member, $member_gallery); $images_per_day = $member['user_images'] / $memberdays; $percentage_images = phpbb_gallery_config::get('num_images') ? min(100, $member['user_images'] / phpbb_gallery_config::get('num_images') * 100) : 0; if (phpbb_gallery_config::get('rrc_profile_mode')) { $ints = array('rows' => phpbb_gallery_config::get('rrc_profile_rows'), 'columns' => phpbb_gallery_config::get('rrc_profile_columns'), 'comments' => 0, 'contests' => 0); phpbb_gallery_url::_include('functions_recent'); recent_gallery_images($ints, phpbb_gallery_config::get('rrc_profile_display'), phpbb_gallery_config::get('rrc_profile_mode'), false, phpbb_gallery_config::get('rrc_profile_pegas'), 'user', $user_id); } $template->assign_vars(array('TOTAL_IMAGES' => phpbb_gallery_config::get('profile_user_images'), 'IMAGES' => $member['user_images'], 'IMAGES_DAY' => sprintf($user->lang['IMAGE_DAY'], $images_per_day), 'IMAGES_PCT' => sprintf($user->lang['IMAGE_PCT'], $percentage_images), 'U_SEARCH_GALLERY' => phpbb_gallery_url::append_sid('search', 'user_id=' . $user_id))); // View information about the personal album, only when the user is allowed to see it. if (phpbb_gallery::$auth->acl_check('i_view', phpbb_gallery_auth::PERSONAL_ALBUM) || $user_id == $user->data['user_id'] && phpbb_gallery::$auth->acl_check('i_view', phpbb_gallery_auth::OWN_ALBUM)) { $template->assign_vars(array('SHOW_PERSONAL_ALBUM_OF' => sprintf($user->lang['SHOW_PERSONAL_ALBUM_OF'], $member['username']), 'U_GALLERY' => $member['personal_album_id'] && phpbb_gallery_config::get('profile_pega') ? phpbb_gallery_url::append_sid('album', 'album_id=' . $member['personal_album_id']) : '')); } }
public function __construct($mode = false, $display_options = false, $nums = false, $toggle_comments = '', $display_pegas = '') { $this->set_mode($mode ? $mode : self::MODE_RECENT + self::MODE_RANDOM + self::MODE_COMMENT); $this->set_display($display_options ? $display_options : self::DISPLAY_ALBUMNAME + self::DISPLAY_IMAGENAME + self::DISPLAY_IMAGETIME + self::DISPLAY_IMAGEVIEWS + self::DISPLAY_USERNAME + self::DISPLAY_IP); $this->set_num($nums ? $nums : array(1, 4, 5, 0)); $this->set_toggle(is_bool($toggle_comments) ? $toggle_comments : false); $this->set_pegas(is_bool($display_pegas) ? $display_pegas : true); /*if (!phpbb_gallery::$loaded) { phpbb_gallery::init(); } */ global $user; $user->add_lang_ext('phpbbgallery/core', array('gallery_acp', 'gallery')); if (!function_exists('generate_text_for_display')) { phpbb_gallery_url::_include('message_parser', 'phpbb'); } }
/** * Sets up some basic stuff for the gallery. */ public static function init() { global $db, $user; phpbb_gallery_url::_include('functions_phpbb', 'phpbb', 'includes/gallery/'); phpbb_gallery_plugins::init(phpbb_gallery_url::path()); // Little precaution. $user->data['user_id'] = (int) $user->data['user_id']; self::$user = new phpbb_gallery_user($db, $user->data['user_id']); $user_id = $user->data['user_perm_from'] == 0 ? $user->data['user_id'] : $user->data['user_perm_from']; self::$auth = new phpbb_gallery_auth($user_id); if (phpbb_gallery_config::get('mvc_time') < time()) { // Check the version, do we need to update? phpbb_gallery_config::set('mvc_time', time() + 86400); phpbb_gallery_config::set('mvc_version', phpbb_gallery_modversioncheck::check(true)); } self::$loaded = true; }
// Search results are images if ($search_results == 'image') { $sql_array = array('SELECT' => 'i.*, a.album_name, a.album_status, a.album_user_id', 'FROM' => array(GALLERY_IMAGES_TABLE => 'i'), 'LEFT_JOIN' => array(array('FROM' => array(GALLERY_ALBUMS_TABLE => 'a'), 'ON' => 'a.album_id = i.image_album_id')), 'WHERE' => $sql_where, 'ORDER_BY' => $sql_order); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); $rowset = array(); while ($row = $db->sql_fetchrow($result)) { if ($search_id == 'contests') { $rowset[$row['image_id']] = $row; } else { $rowset[] = $row; } } $db->sql_freeresult($result); if (!function_exists('assign_image_block')) { phpbb_gallery_url::_include('functions_display'); } $columns_per_page = $search_id == 'contests' ? phpbb_gallery_constants::CONTEST_IMAGES : phpbb_gallery_config::get('album_columns'); $init_block = true; if ($search_id == 'contests') { foreach ($contest_images as $contest => $contest_data) { $num = 0; $template->assign_block_vars('imageblock', array('U_BLOCK' => phpbb_gallery_url::append_sid('album', 'album_id=' . $contest_data['album_id'] . '&sk=ra&sd=d'), 'BLOCK_NAME' => sprintf($user->lang['CONTEST_WINNERS_OF'], $contest_data['album_name']), 'S_CONTEST_BLOCK' => true)); foreach ($contest_data['images'] as $contest_image) { if ($num % phpbb_gallery_constants::CONTEST_IMAGES == 0) { $template->assign_block_vars('imageblock.imagerow', array()); } if (!empty($rowset[$contest_image])) { phpbb_gallery_image::assign_block('imageblock.imagerow.image', $rowset[$contest_image], $rowset[$contest_image]['album_status'], phpbb_gallery_config::get('search_display'), $rowset[$contest_image]['album_user_id']); $num++; }
public function main($album_id) { $this->user->add_lang_ext('phpbbgallery/core', array('gallery')); $album_data = $this->album->get_info($album_id); $this->display->generate_navigation($album_data); add_form_key('gallery'); $album_backlink = $this->helper->route('phpbbgallery_album', array('album_id' => $album_id)); $album_loginlink = 'ucp.php?mode=login'; $error = ''; //Let's get authorization $this->auth->load_user_premissions($this->user->data['user_id']); if (!$this->auth->acl_check('i_upload', $album_id, $album_data['album_user_id']) || $album_data['album_status'] == $this->album->status_locked()) { $this->misc->not_authorised($album_backlink, $album_loginlink, 'LOGIN_EXPLAIN_UPLOAD'); } $page_title = 'Upload to "' . $album_data['album_name'] . '"'; // Before all if (!$this->check_fs()) { trigger_error('NO_WRITE_ACCESS'); } $submit = $this->request->variable('submit', false); $mode = $this->request->variable('mode', 'upload'); if ($mode == 'upload') { // Upload Quota Check // 1. Check album-configuration Quota if ($this->gallery_config->get('album_images') >= 0 && $album_data['album_images'] >= $this->gallery_config->get('album_images')) { //@todo: Add return link trigger_error('ALBUM_REACHED_QUOTA'); } // 2. Check user-limit, if he is not allowed to go unlimited if (!$this->auth->acl_check('i_unlimited', $album_id, $album_data['album_user_id'])) { $sql = 'SELECT COUNT(image_id) count FROM ' . $this->images_table . ' WHERE image_user_id = ' . $this->user->data['user_id'] . ' AND image_status <> ' . $this->image->get_status_orphan() . ' AND image_album_id = ' . $album_id; $result = $this->db->sql_query($sql); $own_images = (int) $this->db->sql_fetchfield('count'); $this->db->sql_freeresult($result); if ($own_images >= $this->auth->acl_check('i_count', $album_id, $album_data['album_user_id'])) { //@todo: Add return link trigger_error($this->user->lang('USER_REACHED_QUOTA', $this->auth->acl_check('i_count', $album_id, $album_data['album_user_id']))); } } if ($this->misc->display_captcha('upload')) { phpbb_gallery_url::_include('captcha/captcha_factory', 'phpbb'); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_POST); $s_captcha_hidden_fields = ''; } $upload_files_limit = $this->auth->acl_check('i_unlimited', $album_id, $album_data['album_user_id']) ? $this->gallery_config->get('num_uploads') : min($this->auth->acl_check('i_count', $album_id, $album_data['album_user_id']) - $own_images, $this->gallery_config->get('num_uploads')); $process = new \phpbbgallery\core\upload($album_id, $upload_files_limit); if ($submit) { if (!check_form_key('gallery')) { trigger_error('FORM_INVALID'); } //$process = new \phpbbgallery\core\upload($album_id, $upload_files_limit); $process->set_rotating($this->request->variable('rotate', array(0))); $process->set_allow_comments($this->request->variable('allow_comments', false)); /*if ($this->misc->display_captcha('upload')) { $captcha_error = $captcha->validate(); if ($captcha_error !== false) { $process->new_error($captcha_error); } } */ if (!$this->user->data['is_registered']) { $username = $this->request->variable('username', $user->data['username']); if ($result = validate_username($username)) { $this->user->add_lang('ucp'); $error_array[] = $this->user->lang[$result . '_USERNAME']; } else { $process->set_username($username); } } if (empty($process->errors)) { for ($file_count = 0; $file_count < $upload_files_limit; $file_count++) { /** * Upload an image from the FILES-array, * call some functions (rotate, resize, ...) * and store the image to the database */ $file = $this->request->file('image_file_' . $file_count, ''); if (isset($file['size'])) { if ($file['size'] > 0) { $process->upload_file($file_count); } } } } if (!$process->uploaded_files) { $process->new_error($this->user->lang['UPLOAD_NO_FILE']); } else { $mode = 'upload_edit'; // Remove submit, so we get the first screen of step 2. $submit = false; } $error = implode('<br />', $process->errors); /*if (phpbb_gallery_misc::display_captcha('upload')) { $captcha->reset(); }*/ } if (!$submit || isset($process) && !$process->uploaded_files) { for ($i = 0; $i < $upload_files_limit; $i++) { $this->template->assign_block_vars('upload_image', array()); } } if ($mode == 'upload') { $this->template->assign_vars(array('ERROR' => $error, 'S_MAX_FILESIZE' => get_formatted_filesize($this->gallery_config->get('max_filesize')), 'S_MAX_WIDTH' => $this->gallery_config->get('max_width'), 'S_MAX_HEIGHT' => $this->gallery_config->get('max_height'), 'S_ALLOWED_FILETYPES' => implode(', ', $process->get_allowed_types(true)), 'S_ALBUM_ACTION' => $this->helper->route('phpbbgallery_album_upload', array('album_id' => $album_id)), 'S_UPLOAD' => true, 'S_ALLOW_ROTATE' => $this->gallery_config->get('allow_rotate') && function_exists('imagerotate'), 'S_UPLOAD_LIMIT' => $upload_files_limit, 'S_COMMENTS_ENABLED' => $this->gallery_config->get('allow_comments') && $this->gallery_config->get('comment_user_control'), 'S_ALLOW_COMMENTS' => true, 'L_ALLOW_COMMENTS' => $this->user->lang('ALLOW_COMMENTS_ARY', $upload_files_limit))); /*if (phpbb_gallery_misc::display_captcha('upload')) { if (!$submit || !$captcha->is_solved()) { $template->assign_vars(array( 'S_CONFIRM_CODE' => true, 'CAPTCHA_TEMPLATE' => $captcha->get_template(), )); } $template->assign_vars(array( 'S_CAPTCHA_HIDDEN_FIELDS' => $s_captcha_hidden_fields, )); }*/ } } if ($mode == 'upload_edit') { if ($submit) { // Upload Quota Check // 1. Check album-configuration Quota if ($this->gallery_config->get('album_images') >= 0 && $album_data['album_images'] >= $this->gallery_config->get('album_images')) { //@todo: Add return link trigger_error('ALBUM_REACHED_QUOTA'); } // 2. Check user-limit, if he is not allowed to go unlimited if (!$this->auth->acl_check('i_unlimited', $album_id, $album_data['album_user_id'])) { $sql = 'SELECT COUNT(image_id) count FROM ' . $this->images_table . ' WHERE image_user_id = ' . $this->user->data['user_id'] . ' AND image_status <> ' . $this->image->get_status_orphan() . ' AND image_album_id = ' . $album_id; $result = $this->db->sql_query($sql); $own_images = (int) $this->db->sql_fetchfield('count'); $this->db->sql_freeresult($result); if ($own_images >= $this->auth->acl_check('i_count', $album_id, $album_data['album_user_id'])) { //@todo: Add return link trigger_error($this->user->lang('USER_REACHED_QUOTA', $this->auth->acl_check('i_count', $album_id, $album_data['album_user_id']))); } } $description_array = $this->request->variable('message', array(''), true); foreach ($description_array as $var) { if (strlen($var) > $this->gallery_config->get('description_length')) { trigger_error($this->user->lang('DESC_TOO_LONG')); } } $upload_files_limit = $this->auth->acl_check('i_unlimited', $album_id, $album_data['album_user_id']) ? $this->gallery_config->get('num_uploads') : min($this->auth->acl_check('i_count', $album_id, $album_data['album_user_id']) - $own_images, $this->gallery_config->get('num_uploads')); $upload_ids = $this->request->variable('upload_ids', array('')); $process = new \phpbbgallery\core\upload($album_id, $upload_files_limit); $process->set_rotating($this->request->variable('rotate', array(0))); $process->get_images($upload_ids); $image_names = $this->request->variable('image_name', array(''), true); $process->set_names($image_names); $process->set_descriptions($description_array); $process->set_image_num($this->request->variable('image_num', 0)); $process->use_same_name($this->request->variable('same_name', false)); $success = true; $phpbb_gallery_notification = new \phpbbgallery\core\notification(); foreach ($process->images as $image_id) { $success = $success && $process->update_image($image_id, !$this->auth->acl_check('i_approve', $album_id, $album_data['album_user_id']), $album_data['album_contest']); if ($this->gallery_user->get_data('watch_own')) { $phpbb_gallery_notification->add($image_id); } } $message = ''; $error = implode('<br />', $process->errors); if ($this->auth->acl_check('i_approve', $album_id, $album_data['album_user_id'])) { $message .= !$error ? $this->user->lang['ALBUM_UPLOAD_SUCCESSFUL'] : $this->user->lang('ALBUM_UPLOAD_SUCCESSFUL_ERROR', $error); $meta_refresh_time = $success ? 3 : 20; //$this->notification_helper->notify_album($album_id, $this->user->data['user_id']); $data = array('targets' => array($this->user->data['user_id']), 'album_id' => $album_id, 'last_image' => end($process->images)); $this->notification_helper->new_image($data); } else { $target = array('album_id' => $album_id, 'last_image' => end($process->images), 'uploader' => $this->user->data['user_id']); $this->notification_helper->notify('approval', $target); $message .= !$error ? $this->user->lang['ALBUM_UPLOAD_NEED_APPROVAL'] : $this->user->lang('ALBUM_UPLOAD_NEED_APPROVAL_ERROR', $error); $meta_refresh_time = 20; } $message .= '<br /><br />' . sprintf($this->user->lang['CLICK_RETURN_ALBUM'], '<a href="' . $album_backlink . '">', '</a>'); // ToDo - notifications!!! //$phpbb_gallery_notification->send_notification('album', $album_id, $image_names[0]); $this->image->handle_counter($process->images, true); $this->album->update_info($album_id); $this->url->meta_refresh($meta_refresh_time, $album_backlink); trigger_error($message); } $num_images = 0; foreach ($process->images as $image_id) { $data = $process->image_data[$image_id]; $this->template->assign_block_vars('image', array('U_IMAGE' => $this->image->generate_link('thumbnail', 'plugin', $image_id, $data['image_name'], $album_id), 'IMAGE_NAME' => $data['image_name'], 'IMAGE_DESC' => $data['image_desc'])); $num_images++; } $s_hidden_fields = build_hidden_fields(array('upload_ids' => $process->generate_hidden_fields())); $s_can_rotate = $this->gallery_config->get('allow_rotate') && function_exists('imagerotate'); $this->template->assign_vars(array('ERROR' => $error, 'S_UPLOAD_EDIT' => true, 'S_ALLOW_ROTATE' => $s_can_rotate, 'S_ALBUM_ACTION' => $this->helper->route('phpbbgallery_album_upload', array('album_id' => $album_id)), 'S_USERNAME' => !$this->user->data['is_registered'] ? $username : '', 'NUM_IMAGES' => $num_images, 'COLOUR_ROWSPAN' => $s_can_rotate ? $num_images * 3 : $num_images * 2, 'L_DESCRIPTION_LENGTH' => $this->user->lang('DESCRIPTION_LENGTH', $this->gallery_config->get('description_length')), 'S_HIDDEN_FIELDS' => $s_hidden_fields)); } return $this->helper->render('gallery/posting_body.html', $page_title); }
// Different link, when we rate and dont comment if (!$s_hide_comment_input) { $template->assign_var('S_COMMENT_ACTION', phpbb_gallery_url::append_sid('posting', "album_id={$album_id}&image_id={$image_id}&mode=comment&submode=add")); } } /** * Listing comment */ if (phpbb_gallery_config::get('allow_comments') && phpbb_gallery::$auth->acl_check('c_read', $album_id, $album_data['album_user_id']) && time() > $album_data['contest_start'] + $album_data['contest_end']) { $user->add_lang('viewtopic'); $start = request_var('start', 0); $sort_order = request_var('sort_order', 'ASC') == 'ASC' ? 'ASC' : 'DESC'; $template->assign_vars(array('S_ALLOWED_READ_COMMENTS' => true, 'IMAGE_COMMENTS' => $image_data['image_comments'], 'SORT_ASC' => $sort_order == 'ASC' ? true : false)); if ($image_data['image_comments'] > 0) { if (!class_exists('bbcode')) { phpbb_gallery_url::_include('bbcode', 'phpbb'); } $bbcode = new bbcode(); $comments = $users = $user_cache = array(); $users[] = $image_data['image_user_id']; $sql = 'SELECT * FROM ' . GALLERY_COMMENTS_TABLE . ' WHERE comment_image_id = ' . $image_id . ' ORDER BY comment_id ' . $sort_order; $result = $db->sql_query_limit($sql, $config['posts_per_page'], $start); while ($row = $db->sql_fetchrow($result)) { $comments[] = $row; $users[] = $row['comment_user_id']; if ($row['comment_edit_count'] > 0) { $users[] = $row['comment_edit_user_id']; }
function import() { global $db, $template, $user; $import_schema = request_var('import_schema', ''); $images = request_var('images', array(''), true); $submit = isset($_POST['submit']) ? true : (empty($images) ? false : true); if ($import_schema) { if (phpbb_gallery_url::_file_exists($import_schema, 'import', '')) { include phpbb_gallery_url::_return_file($import_schema, 'import', ''); // Replace the md5 with the ' again and remove the space at the end to prevent \' troubles $user_data['username'] = utf8_substr(str_replace("{{$import_schema}}", "'", $user_data['username']), 0, -1); $image_name = utf8_substr(str_replace("{{$import_schema}}", "'", $image_name), 0, -1); } else { global $phpEx; trigger_error(sprintf($user->lang['MISSING_IMPORT_SCHEMA'], $import_schema . '.' . $phpEx), E_USER_WARNING); } $images_loop = 0; foreach ($images as $image_src) { /** * Import the images */ $image_src = str_replace("{{$import_schema}}", "'", $image_src); $image_src_full = phpbb_gallery_url::path('import') . utf8_decode($image_src); if (file_exists($image_src_full)) { $filetype = getimagesize($image_src_full); $filetype_ext = ''; switch ($filetype['mime']) { case 'image/jpeg': case 'image/jpg': case 'image/pjpeg': $filetype_ext = '.jpg'; $read_function = 'imagecreatefromjpeg'; if (substr(strtolower($image_src), -4) != '.jpg' && substr(strtolower($image_src), -5) != '.jpeg') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; case 'image/png': case 'image/x-png': $filetype_ext = '.png'; $read_function = 'imagecreatefrompng'; if (substr(strtolower($image_src), -4) != '.png') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; case 'image/gif': case 'image/giff': $filetype_ext = '.gif'; $read_function = 'imagecreatefromgif'; if (substr(strtolower($image_src), -4) != '.gif') { trigger_error(sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']), E_USER_WARNING); } break; default: trigger_error('NOT_ALLOWED_FILE_TYPE'); break; } $image_filename = md5(unique_id()) . $filetype_ext; if (!@move_uploaded_file($image_src_full, phpbb_gallery_url::path('upload') . $image_filename)) { if (!@copy($image_src_full, phpbb_gallery_url::path('upload') . $image_filename)) { $user->add_lang('posting'); trigger_error(sprintf($user->lang['GENERAL_UPLOAD_ERROR'], phpbb_gallery_url::path('upload') . $image_filename), E_USER_WARNING); } } @chmod(phpbb_gallery_url::path('upload') . $image_filename, 0777); // The source image is imported, so we delete it. @unlink($image_src_full); $sql_ary = array('image_filename' => $image_filename, 'image_thumbnail' => '', 'image_desc' => '', 'image_desc_uid' => '', 'image_desc_bitfield' => '', 'image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour'], 'image_user_ip' => $user->ip, 'image_time' => $start_time + $done_images, 'image_album_id' => $album_id, 'image_status' => phpbb_gallery_image::STATUS_APPROVED, 'image_exif_data' => ''); $image_tools = new phpbb_gallery_image_tools(); $image_tools->set_image_options(phpbb_gallery_config::get('max_filesize'), phpbb_gallery_config::get('max_height'), phpbb_gallery_config::get('max_width')); $image_tools->set_image_data(phpbb_gallery_url::path('upload') . $image_filename); // Read exif data from file $image_tools->read_exif_data(); $sql_ary['image_exif_data'] = $image_tools->exif_data_serialized; $sql_ary['image_has_exif'] = $image_tools->exif_data_exist; if ($filetype[0] > phpbb_gallery_config::get('max_width') || $filetype[1] > phpbb_gallery_config::get('max_height')) { /** * Resize overside images */ if (phpbb_gallery_config::get('allow_resize')) { $image_tools->resize_image(phpbb_gallery_config::get('max_width'), phpbb_gallery_config::get('max_height')); if ($image_tools->resized) { $image_tools->write_image(phpbb_gallery_url::path('upload') . $image_filename, phpbb_gallery_config::get('jpg_quality'), true); } } } if (!$image_tools->exif_data_force_db && $sql_ary['image_has_exif'] == phpbb_gallery_constants::EXIF_DBSAVED) { // Image was not resized, so we can pull the Exif from the image to save db-memory. $sql_ary['image_has_exif'] = phpbb_gallery_constants::EXIF_AVAILABLE; $sql_ary['image_exif_data'] = ''; } // Try to get real filesize from temporary folder (not always working) ;) $sql_ary['filesize_upload'] = @filesize(phpbb_gallery_url::path('upload') . $image_filename) ? @filesize(phpbb_gallery_url::path('upload') . $image_filename) : 0; if ($filename || $image_name == '') { $sql_ary['image_name'] = str_replace("_", " ", utf8_substr($image_src, 0, -4)); } else { $sql_ary['image_name'] = str_replace('{NUM}', $num_offset + $done_images, $image_name); } $sql_ary['image_name_clean'] = utf8_clean_string($sql_ary['image_name']); // Put the images into the database $db->sql_query('INSERT INTO ' . GALLERY_IMAGES_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary)); $done_images++; } // Remove the image from the list unset($images[$images_loop]); $images_loop++; if ($images_loop == 10) { // We made 10 images, so we end for this turn break; } } if ($images_loop) { $image_user = new phpbb_gallery_user($db, $user_data['user_id'], false); $image_user->update_images($images_loop); phpbb_gallery_config::inc('num_images', $images_loop); $todo_images = $todo_images - $images_loop; } phpbb_gallery_album::update_info($album_id); if (!$todo_images) { unlink(phpbb_gallery_url::_return_file($import_schema, 'import', '')); trigger_error(sprintf($user->lang['IMPORT_FINISHED'], $done_images) . adm_back_link($this->u_action)); } else { // Write the new list $this->create_import_schema($import_schema, $album_id, $user_data, $start_time, $num_offset, $done_images, $todo_images, $image_name, $filename, $images); // Redirect $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(1, $forward_url); trigger_error(sprintf($user->lang['IMPORT_DEBUG_MES'], $done_images, $todo_images)); } } else { if ($submit) { if (!check_form_key('acp_gallery')) { trigger_error('FORM_INVALID', E_USER_WARNING); } if (!$images) { trigger_error('NO_FILE_SELECTED', E_USER_WARNING); } // Who is the uploader? $username = request_var('username', '', true); $user_id = 0; if ($username) { if (!function_exists('user_get_id_name')) { phpbb_gallery_url::_include('functions_user', 'phpbb'); } user_get_id_name($user_id, $username); } if (is_array($user_id)) { $user_id = $user_id[0]; } if (!$user_id) { $user_id = $user->data['user_id']; } $sql = 'SELECT username, user_colour, user_id FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } // Where do we put them to? $album_id = request_var('album_id', 0); $sql = 'SELECT album_id, album_name FROM ' . GALLERY_ALBUMS_TABLE . ' WHERE album_id = ' . $album_id; $result = $db->sql_query($sql); $album_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$album_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } $start_time = time(); $import_schema = md5($start_time); $filename = request_var('filename', '') == 'filename' ? true : false; $image_name = request_var('image_name', '', true); $num_offset = request_var('image_num', 0); $this->create_import_schema($import_schema, $album_row['album_id'], $user_row, $start_time, $num_offset, 0, sizeof($images), $image_name, $filename, $images); $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(2, $forward_url); trigger_error('IMPORT_SCHEMA_CREATED'); } } $handle = opendir(phpbb_gallery_url::path('import')); $files = array(); while ($file = readdir($handle)) { if (!is_dir(phpbb_gallery_url::path('import') . $file) && (substr(strtolower($file), -4) == '.png' && phpbb_gallery_config::get('allow_png') || substr(strtolower($file), -4) == '.gif' && phpbb_gallery_config::get('allow_gif') || substr(strtolower($file), -4) == '.jpg' && phpbb_gallery_config::get('allow_jpg') || substr(strtolower($file), -5) == '.jpeg' && phpbb_gallery_config::get('allow_jpg'))) { $files[utf8_strtolower($file)] = $file; } } closedir($handle); // Sort the files by name again ksort($files); foreach ($files as $file) { $template->assign_block_vars('imagerow', array('FILE_NAME' => utf8_encode($file))); } $template->assign_vars(array('S_IMPORT_IMAGES' => true, 'ACP_GALLERY_TITLE' => $user->lang['ACP_IMPORT_ALBUMS'], 'ACP_GALLERY_TITLE_EXPLAIN' => $user->lang['ACP_IMPORT_ALBUMS_EXPLAIN'], 'L_IMPORT_DIR_EMPTY' => sprintf($user->lang['IMPORT_DIR_EMPTY'], phpbb_gallery_url::path('import')), 'S_ALBUM_IMPORT_ACTION' => $this->u_action, 'S_SELECT_IMPORT' => phpbb_gallery_album::get_albumbox(false, 'album_id', false, false, false, phpbb_gallery_album::PUBLIC_ALBUM, phpbb_gallery_album::TYPE_UPLOAD), 'U_FIND_USERNAME' => phpbb_gallery_url::append_sid('phpbb', 'memberlist', 'mode=searchuser&form=acp_gallery&field=username&select_single=true'))); }
function edit_album() { global $cache, $db, $template, $user; phpbb_gallery_url::_include(array('bbcode', 'message_parser'), 'phpbb'); $album_id = request_var('album_id', 0); phpbb_gallery_album::check_user($album_id); $submit = isset($_POST['submit']) ? true : false; $redirect = request_var('redirect', ''); if (!$submit) { $album_data = phpbb_gallery_album::get_info($album_id); $album_desc_data = generate_text_for_edit($album_data['album_desc'], $album_data['album_desc_uid'], $album_data['album_desc_options']); $parents_list = phpbb_gallery_album::get_albumbox(false, '', $album_data['parent_id'], false, $album_id, $user->data['user_id']); $template->assign_vars(array('S_EDIT_SUBALBUM' => true, 'S_PERSONAL_ALBUM' => $album_id == phpbb_gallery::$user->get_data('personal_album_id') ? true : false, 'L_TITLE' => $user->lang['EDIT_SUBALBUM'], 'L_TITLE_EXPLAIN' => $user->lang['EDIT_SUBALBUM_EXP'], 'S_ALBUM_ACTION' => $this->u_action . '&action=edit&album_id=' . $album_id . ($redirect != '' ? '&redirect=album' : ''), 'S_PARENT_OPTIONS' => '<option value="' . phpbb_gallery::$user->get_data('personal_album_id') . '">' . $user->lang['NO_PARENT_ALBUM'] . '</option>' . $parents_list, 'ALBUM_NAME' => $album_data['album_name'], 'ALBUM_DESC' => $album_desc_data['text'], 'ALBUM_TYPE' => $album_data['album_type'], 'S_DESC_BBCODE_CHECKED' => $album_desc_data['allow_bbcode'] ? true : false, 'S_DESC_SMILIES_CHECKED' => $album_desc_data['allow_smilies'] ? true : false, 'S_DESC_URLS_CHECKED' => $album_desc_data['allow_urls'] ? true : false, 'S_MODE' => 'edit')); } else { // Is it salty ? if (!check_form_key('ucp_gallery')) { trigger_error('FORM_INVALID'); } $album_data = array('album_name' => $album_id == phpbb_gallery::$user->get_data('personal_album_id') ? $user->data['username'] : request_var('album_name', '', true), 'parent_id' => request_var('parent_id', $album_id == phpbb_gallery::$user->get_data('personal_album_id') ? 0 : phpbb_gallery::$user->get_data('personal_album_id')), 'album_parents' => '', 'album_type' => phpbb_gallery_album::TYPE_UPLOAD, 'album_desc_options' => 7, 'album_desc' => utf8_normalize_nfc(request_var('album_desc', '', true))); generate_text_for_storage($album_data['album_desc'], $album_data['album_desc_uid'], $album_data['album_desc_bitfield'], $album_data['album_desc_options'], request_var('desc_parse_bbcode', false), request_var('desc_parse_urls', false), request_var('desc_parse_smilies', false)); $row = phpbb_gallery_album::get_info($album_id); // If the parent is different, the left_id and right_id have changed. if ($row['parent_id'] != $album_data['parent_id']) { // How many do we have to move and how far. $moving_ids = $row['right_id'] - $row['left_id'] + 1; $sql = 'SELECT MAX(right_id) right_id FROM ' . GALLERY_ALBUMS_TABLE . ' WHERE album_user_id = ' . $row['album_user_id']; $result = $db->sql_query($sql); $moving_distance = $db->sql_fetchfield('right_id') - $row['left_id'] + 1; $db->sql_freeresult($result); $stop_updating = $moving_distance + $row['left_id']; // Update the moving albums... move them to the end. $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET right_id = right_id + ' . $moving_distance . ', left_id = left_id + ' . $moving_distance . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND left_id >= ' . $row['left_id'] . ' AND right_id <= ' . $row['right_id']; $db->sql_query($sql); $new['left_id'] = $row['left_id'] + $moving_distance; $new['right_id'] = $row['right_id'] + $moving_distance; // Close the gap, we produced through moving. if ($album_data['parent_id'] == 0) { $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET left_id = left_id - ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND left_id >= ' . $row['left_id']; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET right_id = right_id - ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND right_id >= ' . $row['left_id']; $db->sql_query($sql); } else { $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET left_id = left_id - ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND left_id >= ' . $row['left_id'] . ' AND right_id <= ' . $stop_updating; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET right_id = right_id - ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND right_id >= ' . $row['left_id'] . ' AND right_id <= ' . $stop_updating; $db->sql_query($sql); // Create new gap, therefore we need parent_information. $parent = get_album_info($album_data['parent_id']); $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET left_id = left_id + ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND left_id >= ' . $parent['right_id'] . ' AND right_id <= ' . $stop_updating; $db->sql_query($sql); $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET right_id = right_id + ' . $moving_ids . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND right_id >= ' . $parent['right_id'] . ' AND right_id <= ' . $stop_updating; $db->sql_query($sql); // Move the albums to the suggested gap. $parent['right_id'] = $parent['right_id'] + $moving_ids; $move_back = $new['right_id'] - $parent['right_id'] + 1; $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET left_id = left_id - ' . $move_back . ', right_id = right_id - ' . $move_back . ' WHERE album_user_id = ' . $row['album_user_id'] . ' AND left_id >= ' . $stop_updating; $db->sql_query($sql); } } // The album name has changed, clear the parents list of all albums. if ($row['album_name'] != $album_data['album_name']) { $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . "\n\t\t\t\t\tSET album_parents = ''"; $db->sql_query($sql); } $sql = 'UPDATE ' . GALLERY_ALBUMS_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $album_data) . ' WHERE album_id = ' . (int) $album_id; $db->sql_query($sql); $cache->destroy('sql', GALLERY_ALBUMS_TABLE); $cache->destroy('_albums'); trigger_error($user->lang['EDITED_SUBALBUM'] . '<br /><br /> <a href="' . ($redirect ? phpbb_gallery_url::append_sid('album', "album_id={$album_id}") : phpbb_gallery_url::append_sid('phpbb', 'ucp', 'i=gallery&mode=manage_albums&action=manage&parent_id=' . ($album_data['parent_id'] ? $album_data['parent_id'] : phpbb_gallery::$user->get_data('personal_album_id')))) . '">' . $user->lang['BACK_TO_PREV'] . '</a>'); } }
phpbb_gallery_url::_include(array('functions_display'), 'phpbb'); $mode = request_var('mode', 'album'); $action = request_var('action', ''); $option_id = request_var('option_id', 0); $image_id = request_var('image_id', 0); $album_id = request_var('album_id', 0); if (request_var('quickmod', 0) == 1 && $action == 'report_details') { $mode = 'report_details'; $option_id = (int) $image_data['image_reported']; } else { if (request_var('quickmod', 0) == 1 && $action == 'image_edit') { phpbb_gallery_url::redirect('posting', "mode=image&submode=edit&album_id={$album_id}&image_id={$image_id}"); } } if ($mode == 'whois' && $auth->acl_get('a_') && request_var('ip', '')) { phpbb_gallery_url::_include(array('functions_user'), 'phpbb'); $template->assign_var('WHOIS', user_ipwhois(request_var('ip', ''))); page_header($user->lang['WHO_IS_ONLINE']); $template->set_filenames(array('body' => 'viewonline_whois.html')); page_footer(); } //Basic-Information && Permissions if ($image_id) { $image_data = phpbb_gallery_image::get_info($image_id); $album_id = $image_data['image_album_id']; $user_id = $image_data['image_user_id']; } if ($album_id) { $album_data = phpbb_gallery_album::get_info($album_id); } // Some other variables
function permissions_p_mask() { global $cache, $db, $permissions, $template, $user; $user->add_lang('acp/permissions'); if (!check_form_key('acp_gallery')) { trigger_error('FORM_INVALID'); } $submit = isset($_POST['submit']) ? true : false; $delete = isset($_POST['delete']) ? true : false; $album_id = request_var('album_id', array(0)); $group_id = request_var('group_id', array(0)); $user_id = request_var('user_id', array(0)); $username = request_var('username', array(''), true); $usernames = request_var('usernames', '', true); $p_system = request_var('p_system', 0); // Map usernames to ids and vice versa if ($usernames) { $username = explode("\n", $usernames); } unset($usernames); if (sizeof($username) && !sizeof($user_id)) { if (!function_exists('user_get_id_name')) { phpbb_gallery_url::_include('functions_user', 'phpbb'); } user_get_id_name($user_id, $username); if (!sizeof($user_id)) { trigger_error($user->lang['SELECTED_USER_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); } } unset($username); if (!sizeof($group_id) && !sizeof($user_id)) { trigger_error('NO_VICTIM_SELECTED', E_USER_WARNING); } elseif (sizeof($group_id)) { $victim_mode = 'group'; $victim_id = $group_id; } else { $victim_mode = 'user'; $victim_id = $user_id; } // Create the loops for the javascript for ($i = 0; $i < sizeof($permissions->cats[$p_system]); $i++) { $template->assign_block_vars('c_rows', array()); } if ($victim_mode == 'group') { // Get the group information $sql = 'SELECT group_name, group_id, group_type, group_colour FROM ' . GROUPS_TABLE . ' WHERE ' . $db->sql_in_set('group_id', $victim_id); $result = $db->sql_query($sql); $victim_list = array(); while ($row = $db->sql_fetchrow($result)) { $row['group_name'] = $row['group_type'] == GROUP_SPECIAL ? $user->lang['G_' . $row['group_name']] : $row['group_name']; $victim_row = array('victim_id' => $row['group_id'], 'victim_name' => $row['group_name'], 'victim_colour' => $row['group_colour']); $victim_list[$row['group_id']] = $victim_row; } $db->sql_freeresult($result); } else { // Get the user information $sql = 'SELECT username, user_id, user_colour FROM ' . USERS_TABLE . ' WHERE ' . $db->sql_in_set('user_id', $victim_id); $result = $db->sql_query($sql); $victim_list = array(); while ($row = $db->sql_fetchrow($result)) { $victim_row = array('victim_id' => $row['user_id'], 'victim_name' => $row['username'], 'victim_colour' => $row['user_colour']); $victim_list[$row['user_id']] = $victim_row; } $db->sql_freeresult($result); } // Fetch the full-permissions-tree $sql = 'SELECT perm_role_id, perm_group_id, perm_user_id, perm_album_id FROM ' . GALLERY_PERMISSIONS_TABLE . ' WHERE ' . (!$p_system ? $db->sql_in_set('perm_album_id', $album_id) : $db->sql_in_set('perm_system', $p_system)) . ' AND ' . $db->sql_in_set('perm_' . $victim_mode . '_id', $victim_id); $result = $db->sql_query($sql); $p_masks = $fetch_roles = array(); while ($row = $db->sql_fetchrow($result)) { $fetch_roles[] = $row['perm_role_id']; $p_masks[!$p_system ? $row['perm_album_id'] : $p_system][$row['perm_' . $victim_mode . '_id']] = $row['perm_role_id']; } $db->sql_freeresult($result); // Fetch the roles $roles = array(); if (!empty($fetch_roles)) { $sql = 'SELECT * FROM ' . GALLERY_ROLES_TABLE . ' WHERE ' . $db->sql_in_set('role_id', $fetch_roles); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $roles[$row['role_id']] = $row; } $db->sql_freeresult($result); } // Album permissions if (!$p_system) { $album_list = $cache->obtain_album_list(); foreach ($album_id as $album) { $album_row = $album_list[$album]; $template->assign_block_vars('c_mask', array('C_MASK_ID' => $album_row['album_id'], 'C_MASK_NAME' => $album_row['album_name'], 'INHERIT_C_MASKS' => $this->inherit_albums($album_list, $album_id, $album_row['album_id']))); foreach ($victim_id as $victim) { $victim_row = $victim_list[$victim]; $template->assign_block_vars('c_mask.v_mask', array('VICTIM_ID' => $victim_row['victim_id'], 'VICTIM_NAME' => '<span' . ($victim_row['victim_colour'] ? ' style="color: #' . $victim_row['victim_colour'] . '"' : '') . '>' . $victim_row['victim_name'] . '</span>', 'INHERIT_VICTIMS' => $this->inherit_victims($album_list, $album_id, $victim_list, $album_row['album_id'], $victim_row['victim_id']))); $role_id = isset($p_masks[$album_row['album_id']][$victim_row['victim_id']]) ? $p_masks[$album_row['album_id']][$victim_row['victim_id']] : 0; foreach ($permissions->cats[$p_system] as $category => $permission_values) { $acl_s_never = $acl_s_no = $acl_s_yes = 0; foreach ($permission_values as $permission) { if (substr($permission, -6, 6) != '_count') { if (isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_YES) { $acl_s_yes++; } else { if (isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NEVER) { $acl_s_never++; } else { if (isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NO) { $acl_s_no++; } } } } } $template->assign_block_vars('c_mask.v_mask.category', array('CAT_NAME' => $user->lang['PERMISSION_' . strtoupper($category)], 'PERM_GROUP_ID' => $category, 'S_YES' => $acl_s_yes && !$acl_s_never && !$acl_s_no ? true : false, 'S_NEVER' => $acl_s_never && !$acl_s_yes && !$acl_s_no ? true : false, 'S_NO' => $acl_s_no && !$acl_s_never && !$acl_s_yes ? true : false)); foreach ($permission_values as $permission) { $template->assign_block_vars('c_mask.v_mask.category.mask', array('PERMISSION' => $user->lang['PERMISSION_' . strtoupper($permission)], 'PERMISSION_EXPLAIN' => isset($user->lang['PERMISSION_' . strtoupper($permission) . '_EXPLAIN']) ? $user->lang['PERMISSION_' . strtoupper($permission) . '_EXPLAIN'] : '', 'S_FIELD_NAME' => 'setting[' . $album_row['album_id'] . '][' . $victim_row['victim_id'] . '][' . $permission . ']', 'S_NO' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NO ? true : false, 'S_YES' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_YES ? true : false, 'S_NEVER' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NEVER ? true : false, 'S_VALUE' => isset($roles[$role_id][$permission]) ? $roles[$role_id][$permission] : 0, 'S_COUNT_FIELD' => substr($permission, -6, 6) == '_count' ? true : false)); } } } } } else { $template->assign_block_vars('c_mask', array('C_MASK_ID' => $p_system, 'C_MASK_NAME' => $p_system == phpbb_gallery_auth::OWN_ALBUM ? $user->lang['OWN_PERSONAL_ALBUMS'] : $user->lang['PERSONAL_ALBUMS'])); foreach ($victim_id as $victim) { $victim_row = $victim_list[$victim]; $template->assign_block_vars('c_mask.v_mask', array('VICTIM_ID' => $victim_row['victim_id'], 'VICTIM_NAME' => '<span' . ($victim_row['victim_colour'] ? ' style="color: #' . $victim_row['victim_colour'] . '"' : '') . '>' . $victim_row['victim_name'] . '</span>', 'INHERIT_VICTIMS' => $this->p_system_inherit_victims($p_system, $victim_list, $victim_row['victim_id']))); $role_id = isset($p_masks[$p_system][$victim_row['victim_id']]) ? $p_masks[$p_system][$victim_row['victim_id']] : 0; foreach ($permissions->cats[$p_system] as $category => $permission_values) { $template->assign_block_vars('c_mask.v_mask.category', array('CAT_NAME' => $user->lang['PERMISSION_' . strtoupper($category)], 'PERM_GROUP_ID' => $category)); foreach ($permission_values as $permission) { $template->assign_block_vars('c_mask.v_mask.category.mask', array('PERMISSION' => $user->lang['PERMISSION_' . strtoupper($permission)], 'PERMISSION_EXPLAIN' => isset($user->lang['PERMISSION_' . strtoupper($permission) . '_EXPLAIN']) ? $user->lang['PERMISSION_' . strtoupper($permission) . '_EXPLAIN'] : '', 'S_FIELD_NAME' => 'setting[' . $p_system . '][' . $victim_row['victim_id'] . '][' . $permission . ']', 'S_NO' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NO ? true : false, 'S_YES' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_YES ? true : false, 'S_NEVER' => isset($roles[$role_id][$permission]) && $roles[$role_id][$permission] == phpbb_gallery_auth::ACL_NEVER ? true : false, 'S_VALUE' => isset($roles[$role_id][$permission]) ? $roles[$role_id][$permission] : 0, 'S_COUNT_FIELD' => substr($permission, -6, 6) == '_count' ? true : false)); } } } } // Setting permissions screen $s_hidden_fields = build_hidden_fields(array('user_id' => $user_id, 'group_id' => $group_id, 'album_id' => $album_id, 'p_system' => $p_system)); $template->assign_vars(array('S_HIDDEN_FIELDS' => $s_hidden_fields, 'U_ACTION' => $this->u_action . '&action=set', 'S_PERMISSION_P_MASK' => true)); }
// User just rated the image, so we store it $rate_point = request_var('rating', 0); if ($rating->rating_enabled && $rate_point > 0) { $rating->submit_rating(); $message .= $user->lang['RATING_SUCCESSFUL'] . '<br />'; } } $template->assign_vars(array('S_ALLOWED_TO_RATE' => $rating->is_allowed())); if ($submode == 'rate') { $s_album_action = ''; } } switch ($submode) { case 'add': if (phpbb_gallery_misc::display_captcha('comment')) { phpbb_gallery_url::_include('captcha/captcha_factory', 'phpbb'); $captcha =& phpbb_captcha_factory::get_instance($config['captcha_plugin']); $captcha->init(CONFIRM_POST); } if ($submit) { if (!check_form_key('gallery')) { trigger_error('FORM_INVALID'); } if (phpbb_gallery_misc::display_captcha('comment')) { $captcha_error = $captcha->validate(); if ($captcha_error) { $error .= ($error ? '<br />' : '') . $captcha_error; $submit = false; } } $comment = request_var('message', '', true);
function main($id, $mode) { global $db, $user, $auth, $cache, $template; phpbb_gallery::init(); $user->add_lang(array('mods/gallery_acp', 'mods/gallery')); $submit = isset($_POST['submit']) ? true : false; $form_key = 'acp_time'; add_form_key($form_key); switch ($mode) { case 'main': // Disable some Options if they can not be used if (!function_exists('exif_read_data')) { $this->display_vars['vars']['exif_data']['type'] = 'custom'; $this->display_vars['vars']['exif_data']['explain'] = true; $this->display_vars['vars']['exif_data']['method'] = 'disabled_boolean'; } if (!function_exists('imagerotate')) { $this->display_vars['vars']['allow_rotate_images']['type'] = 'custom'; $this->display_vars['vars']['allow_rotate_images']['explain'] = true; $this->display_vars['vars']['allow_rotate_images']['method'] = 'disabled_boolean'; } break; default: trigger_error('NO_MODE', E_USER_ERROR); break; } phpbb_gallery_config::load(true); $this->new_config = phpbb_gallery_config::get_array(); $cfg_array = isset($_REQUEST['config']) ? utf8_normalize_nfc(request_var('config', array('' => ''), true)) : $this->new_config; $error = array(); // We validate the complete config if whished validate_config_vars($this->display_vars['vars'], $cfg_array, $error); if ($submit && !check_form_key($form_key)) { $error[] = $user->lang['FORM_INVALID']; } // Do not write values if there is an error if (sizeof($error)) { $submit = false; } // We go through the display_vars to make sure no one is trying to set variables he/she is not allowed to... foreach ($this->display_vars['vars'] as $config_name => $null) { if (!isset($cfg_array[$config_name]) || strpos($config_name, 'legend') !== false) { continue; } $this->new_config[$config_name] = $config_value = $cfg_array[$config_name]; if ($submit) { // Check for RRC-display-options if (isset($null['method']) && ($null['method'] == 'rrc_display' || $null['method'] == 'rrc_modes')) { // Changing the value, casted by int to not mess up anything $config_value = (int) array_sum(request_var($config_name, array(0))); } // Recalculate the Watermark-position if (isset($null['method']) && $null['method'] == 'watermark_position') { // Changing the value, casted by int to not mess up anything $config_value = request_var('watermark_position_x', 0) + request_var('watermark_position_y', 0); } if ($config_name == 'link_thumbnail') { $update_bbcode = request_var('update_bbcode', ''); // Update the BBCode if ($update_bbcode) { if (!class_exists('acp_bbcodes')) { phpbb_gallery_url::_include('acp/acp_bbcodes', 'phpbb'); } $acp_bbcodes = new acp_bbcodes(); $bbcode_match = '[album]{NUMBER}[/album]'; $bbcode_tpl = $this->bbcode_tpl($config_value); $sql_ary = $acp_bbcodes->build_regexp($bbcode_match, $bbcode_tpl); $sql_ary = array_merge($sql_ary, array('bbcode_match' => $bbcode_match, 'bbcode_tpl' => $bbcode_tpl, 'display_on_posting' => true, 'bbcode_helpline' => 'GALLERY_HELPLINE_ALBUM')); $sql = 'UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . "\n\t\t\t\t\t\t\tWHERE bbcode_tag = '" . $sql_ary['bbcode_tag'] . "'"; $db->sql_query($sql); $cache->destroy('sql', BBCODES_TABLE); } } phpbb_gallery_config::set($config_name, $config_value); } } if ($submit) { $cache->destroy('sql', CONFIG_TABLE); trigger_error($user->lang['GALLERY_CONFIG_UPDATED'] . adm_back_link($this->u_action)); } $this->tpl_name = 'acp_board'; $this->page_title = $this->display_vars['title']; $template->assign_vars(array('L_TITLE' => $user->lang[$this->display_vars['title']], 'L_TITLE_EXPLAIN' => $user->lang[$this->display_vars['title'] . '_EXPLAIN'], 'S_ERROR' => sizeof($error) ? true : false, 'ERROR_MSG' => implode('<br />', $error), 'U_ACTION' => $this->u_action)); // Output relevant page foreach ($this->display_vars['vars'] as $config_key => $vars) { if (!is_array($vars) && strpos($config_key, 'legend') === false) { continue; } if (strpos($config_key, 'legend') !== false) { $template->assign_block_vars('options', array('S_LEGEND' => true, 'LEGEND' => isset($user->lang[$vars]) ? $user->lang[$vars] : $vars)); continue; } $this->new_config[$config_key] = phpbb_gallery_config::get($config_key); $type = explode(':', $vars['type']); $l_explain = ''; if ($vars['explain']) { $l_explain = isset($user->lang[$vars['lang'] . '_EXP']) ? $user->lang[$vars['lang'] . '_EXP'] : ''; } $content = build_cfg_template($type, $config_key, $this->new_config, $config_key, $vars); if (empty($content)) { continue; } $template->assign_block_vars('options', array('KEY' => $config_key, 'TITLE' => isset($user->lang[$vars['lang']]) ? $user->lang[$vars['lang']] : $vars['lang'], 'S_EXPLAIN' => $vars['explain'], 'TITLE_EXPLAIN' => $l_explain, 'CONTENT' => $content)); unset($this->display_vars['vars'][$config_key]); } }
/** * Gallery Notification * * borrowed from phpBB3 * @author: phpBB Group * @function: user_notification */ public static function notification($mode, $handle_id, $image_name) { global $user, $db, $album_id, $image_id, $image_data, $album_data; $help_mode = $mode . '_id'; $mode_id = ${$help_mode}; $mode_notification = $mode == 'album' ? 'image' : 'comment'; // Get banned User ID's $sql = 'SELECT ban_userid FROM ' . BANLIST_TABLE . ' WHERE ban_userid <> 0 AND ban_exclude <> 1'; $result = $db->sql_query($sql); $sql_ignore_users = ANONYMOUS . ', ' . $user->data['user_id']; while ($row = $db->sql_fetchrow($result)) { $sql_ignore_users .= ', ' . (int) $row['ban_userid']; } $db->sql_freeresult($result); $notify_rows = array(); // -- get album_userids || image_userids $sql = 'SELECT u.user_id, u.username, u.user_email, u.user_lang, u.user_notify_type, u.user_jabber FROM ' . GALLERY_WATCH_TABLE . ' w, ' . USERS_TABLE . ' u WHERE w.' . $help_mode . ' = ' . $handle_id . "\n\t\t\t\tAND w.user_id NOT IN ({$sql_ignore_users})\n\t\t\t\tAND u.user_type IN (" . USER_NORMAL . ', ' . USER_FOUNDER . ') AND u.user_id = w.user_id'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { $notify_rows[$row['user_id']] = array('user_id' => $row['user_id'], 'username' => $row['username'], 'user_email' => $row['user_email'], 'user_jabber' => $row['user_jabber'], 'user_lang' => $row['user_lang'], 'notify_type' => $mode != 'album' ? 'image' : 'album', 'template' => "new{$mode_notification}_notify", 'method' => $row['user_notify_type'], 'allowed' => false); } $db->sql_freeresult($result); if (!sizeof($notify_rows)) { return; } // Get album_user_id to check for personal albums. $sql = 'SELECT album_id, album_user_id FROM ' . GALLERY_ALBUMS_TABLE . ' WHERE album_id = ' . $album_id; $result = $db->sql_query($sql); $album = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (empty($album)) { trigger_error('ALBUM_NOT_EXIST'); } // Make sure users are allowed to view the album $i_view_ary = $groups_ary = $groups_row = array(); $sql_array = array('SELECT' => 'pr.i_view, p.perm_system, p.perm_group_id, p.perm_user_id', 'FROM' => array(GALLERY_PERMISSIONS_TABLE => 'p'), 'LEFT_JOIN' => array(array('FROM' => array(GALLERY_ROLES_TABLE => 'pr'), 'ON' => 'p.perm_role_id = pr.role_id')), 'WHERE' => $album['album_user_id'] == phpbb_gallery_album::PUBLIC_ALBUM ? 'p.perm_album_id = ' . $album_id : 'p.perm_system <> ' . phpbb_gallery_album::PUBLIC_ALBUM, 'ORDER_BY' => 'pr.i_view ASC'); $sql = $db->sql_build_query('SELECT', $sql_array); $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if ($row['perm_group_id']) { $groups_ary[] = $row['perm_group_id']; $groups_row[$row['perm_group_id']] = $row; } else { if (!isset($i_view_ary[$row['perm_user_id']]) || isset($i_view_ary[$row['perm_user_id']]) && $i_view_ary[$row['perm_user_id']] < $row['i_view']) { if (!$row['perm_system']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } elseif ($row['perm_system'] == phpbb_gallery_auth::OWN_ALBUM && $album['album_user_id'] == $row['perm_user_id']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } elseif ($row['perm_system'] == phpbb_gallery_auth::PERSONAL_ALBUM && $album['album_user_id'] != $row['perm_user_id']) { $i_view_ary[$row['perm_user_id']] = $row['i_view']; } } } } $db->sql_freeresult($result); if (sizeof($groups_ary)) { // Get all users by their group permissions $sql = 'SELECT user_id, group_id FROM ' . USER_GROUP_TABLE . ' WHERE ' . $db->sql_in_set('group_id', $groups_ary) . ' AND user_pending = 0'; $result = $db->sql_query($sql); while ($row = $db->sql_fetchrow($result)) { if (!isset($i_view_ary[$row['user_id']]) || isset($i_view_ary[$row['user_id']]) && $i_view_ary[$row['user_id']] < $groups_row[$row['group_id']]['i_view']) { if (!$groups_row[$row['group_id']]['perm_system']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } else { if ($groups_row[$row['group_id']]['perm_system'] == phpbb_gallery_auth::OWN_ALBUM && $album['album_user_id'] == $row['user_id']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } else { if ($groups_row[$row['group_id']]['perm_system'] == phpbb_gallery_auth::PERSONAL_ALBUM && $album['album_user_id'] != $row['user_id']) { $i_view_ary[$row['user_id']] = $groups_row[$row['group_id']]['i_view']; } } } } } $db->sql_freeresult($result); } // Now, we have to do a little step before really sending, we need to distinguish our users a little bit. ;) $msg_users = $delete_ids = $update_notification = array(); foreach ($notify_rows as $user_id => $row) { if ($i_view_ary[$row['user_id']] != phpbb_gallery_auth::ACL_YES || !trim($row['user_email'])) { $delete_ids[$row['notify_type']][] = $row['user_id']; } else { $msg_users[] = $row; $update_notification[$row['notify_type']][] = $row['user_id']; } } unset($notify_rows); // Now, we are able to really send out notifications if (sizeof($msg_users)) { if (!class_exists('messenger')) { phpbb_gallery_url::_include('functions_messenger', 'phpbb'); } $messenger = new messenger(); $msg_list_ary = array(); foreach ($msg_users as $row) { $pos = !isset($msg_list_ary[$row['template']]) ? 0 : sizeof($msg_list_ary[$row['template']]); $msg_list_ary[$row['template']][$pos]['method'] = $row['method']; $msg_list_ary[$row['template']][$pos]['email'] = $row['user_email']; $msg_list_ary[$row['template']][$pos]['jabber'] = $row['user_jabber']; $msg_list_ary[$row['template']][$pos]['name'] = $row['username']; $msg_list_ary[$row['template']][$pos]['lang'] = $row['user_lang']; } unset($msg_users); foreach ($msg_list_ary as $email_template => $email_list) { foreach ($email_list as $addr) { $messenger->template($email_template, $addr['lang']); $messenger->to($addr['email'], $addr['name']); $messenger->im($addr['jabber'], $addr['name']); $messenger->assign_vars(array('USERNAME' => htmlspecialchars_decode($addr['name']), 'IMAGE_NAME' => htmlspecialchars_decode($image_name), 'ALBUM_NAME' => htmlspecialchars_decode($album_data['album_name']), 'U_ALBUM' => phpbb_gallery_url::create_link('full', 'album', "album_id={$album_id}"), 'U_IMAGE' => phpbb_gallery_url::create_link('full', 'image_page', "album_id={$album_id}&image_id={$image_id}"), 'U_NEWEST_POST' => phpbb_gallery_url::create_link('full', 'viewtopic', "album_id={$album_id}&image_id={$image_id}"), 'U_STOP_WATCHING_IMAGE' => phpbb_gallery_url::create_link('full', 'posting', "mode=image&submode=unwatch&album_id={$album_id}&image_id={$image_id}"), 'U_STOP_WATCHING_ALBUM' => phpbb_gallery_url::create_link('full', 'posting', "mode=album&submode=unwatch&album_id={$album_id}"))); $messenger->send($addr['method']); } } unset($msg_list_ary); $messenger->save_queue(); } // Now delete the user_ids not authorised to receive notifications on this image/album if (!empty($delete_ids['image'])) { $sql = 'DELETE FROM ' . GALLERY_WATCH_TABLE . "\n\t\t\t\tWHERE image_id = {$image_id}\n\t\t\t\t\tAND " . $db->sql_in_set('user_id', $delete_ids['image']); $db->sql_query($sql); } if (!empty($delete_ids['album'])) { $sql = 'DELETE FROM ' . GALLERY_WATCH_TABLE . "\n\t\t\t\tWHERE album_id = {$album_id}\n\t\t\t\t\tAND " . $db->sql_in_set('user_id', $delete_ids['album']); $db->sql_query($sql); } }