adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-01 20:04:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: image_order cookie path fixed for url rewriting

Browse Source 
improve: add function access_denied called when check_status or
check_restrictions fail

fix: french language correction

fix: remove php warnings in clean_iptc_value

split search functions into include/functions_search.inc.php

git-svn-id: http://piwigo.org/svn/trunk@1113 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices
2006-03-30 00:37:07 +00:00
parent a2dd39df73
commit 4d322701de
10 changed files with 272 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files
include/functions.inc.php
+2 -192
View File
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -784,196 +784,6 @@ function get_themeconf($key)
return $themeconf[$key];
}
/**
* Prepends and appends a string at each value of the given array.
*
* @param array
* @param string prefix to each array values
* @param string suffix to each array values
*/
function prepend_append_array_items($array, $prepend_str, $append_str)
{
array_walk(
$array,
create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
);
return $array;
}
/**
* returns search rules stored into a serialized array in "search"
* table. Each search rules set is numericaly identified.
*
* @param int search_id
* @return array
*/
function get_search_array($search_id)
{
if (!is_numeric($search_id))
{
die('Search id must be an integer');
}
$query = '
SELECT rules
FROM '.SEARCH_TABLE.'
WHERE id = '.$search_id.'
;';
list($serialized_rules) = mysql_fetch_row(pwg_query($query));
return unserialize($serialized_rules);
}
/**
* returns the SQL clause from a search identifier
*
* Search rules are stored in search table as a serialized array. This array
* need to be transformed into an SQL clause to be used in queries.
*
* @param int search_id
* @return string
*/
function get_sql_search_clause($search_id)
{
$search = get_search_array($search_id);
// SQL where clauses are stored in $clauses array during query
// construction
$clauses = array();
foreach (array('file','name','comment','keywords','author') as $textfield)
{
if (isset($search['fields'][$textfield]))
{
$local_clauses = array();
foreach ($search['fields'][$textfield]['words'] as $word)
{
array_push($local_clauses, $textfield." LIKE '%".$word."%'");
}
// adds brackets around where clauses
$local_clauses = prepend_append_array_items($local_clauses, '(', ')');
array_push(
$clauses,
implode(
' '.$search['fields'][$textfield]['mode'].' ',
$local_clauses
)
);
}
}
if (isset($search['fields']['allwords']))
{
$fields = array('file', 'name', 'comment', 'keywords', 'author');
// in the OR mode, request bust be :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
//
// in the AND mode :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
$word_clauses = array();
foreach ($search['fields']['allwords']['words'] as $word)
{
$field_clauses = array();
foreach ($fields as $field)
{
array_push($field_clauses, $field." LIKE '%".$word."%'");
}
// adds brackets around where clauses
array_push(
$word_clauses,
implode(
"\n OR ",
$field_clauses
)
);
}
array_walk(
$word_clauses,
create_function('&$s','$s="(".$s.")";')
);
array_push(
$clauses,
"\n ".
implode(
"\n ".
$search['fields']['allwords']['mode'].
"\n ",
$word_clauses
)
);
}
foreach (array('date_available', 'date_creation') as $datefield)
{
if (isset($search['fields'][$datefield]))
{
array_push(
$clauses,
$datefield." = '".$search['fields'][$datefield]['date']."'"
);
}
foreach (array('after','before') as $suffix)
{
$key = $datefield.'-'.$suffix;
if (isset($search['fields'][$key]))
{
array_push(
$clauses,
$datefield.
($suffix == 'after' ? ' >' : ' <').
($search['fields'][$key]['inc'] ? '=' : '').
" '".$search['fields'][$key]['date']."'"
);
}
}
}
if (isset($search['fields']['cat']))
{
if ($search['fields']['cat']['sub_inc'])
{
// searching all the categories id of sub-categories
$cat_ids = get_subcat_ids($search['fields']['cat']['words']);
}
else
{
$cat_ids = $search['fields']['cat']['words'];
}
$local_clause = 'category_id IN ('.implode(',', $cat_ids).')';
array_push($clauses, $local_clause);
}
// adds brackets around where clauses
$clauses = prepend_append_array_items($clauses, '(', ')');
$where_separator =
implode(
"\n ".$search['mode'].' ',
$clauses
);
$search_clause = $where_separator;
if (isset($forbidden))
{
$search_clause.= "\n AND ".$forbidden;
}
return $search_clause;
}
/**
* Returns webmaster mail address depending on $conf['webmaster_id']
*
@@ -1020,4 +830,4 @@ function get_available_upgrade_ids()
return $available_upgrade_ids;
}
?>
?>
include/functions_category.inc.php
+4 -15
View File
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -42,22 +42,11 @@
*/
function check_restrictions($category_id)
{
global $user, $lang;
global $user;
if (in_array($category_id, explode(',', $user['forbidden_categories'])))
{
$login_url =
get_root_url().'identification.php?redirect='
.urlencode(urlencode($_SERVER['REQUEST_URI']));
if (!$user['is_the_guest'])
{
die('Fatal: you are trying to reach a forbidden category');
}
else
{
redirect($login_url);
}
access_denied();
}
}
@@ -360,4 +349,4 @@ function rank_compare($a, $b)
return ($a['rank'] < $b['rank']) ? -1 : 1;
}
?>
?>
include/functions_html.inc.php
+28 -2
View File
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -493,4 +493,30 @@ function get_cat_display_name_from_id($cat_id,
$cat_info = get_cat_info($cat_id);
return get_cat_display_name($cat_info['name'], $url, $replace_space);
}
?>
/**
* exits the current script (either exit or redirect)
*/
function access_denied()
{
global $user, $lang;
$login_url =
get_root_url().'identification.php?redirect='
.urlencode(urlencode($_SERVER['REQUEST_URI']));
if ( isset($user['is_the_guest']) and !$user['is_the_guest'] )
{
echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
echo '<a href="'.get_root_url().'identification.php">'.$lang['identification'].'</a>&nbsp;';
echo '<a href="'.make_index_url().'">'.$lang['home'].'</a></div>';
exit();
}
else
{
header('HTTP/1.1 401 Authorization required');
header('Status: 401 Authorization required');
redirect($login_url);
}
}
?>
include/functions_metadata.inc.php
+7 -7
View File
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -35,13 +35,13 @@
function get_iptc_data($filename, $map)
{
$result = array();
// Read IPTC data
$iptc = array();
$imginfo = array();
getimagesize($filename, $imginfo);
if (isset($imginfo['APP13']))
{
$iptc = iptcparse($imginfo['APP13']);
@@ -82,13 +82,13 @@ function get_iptc_data($filename, $map)
function clean_iptc_value($value)
{
// strip leading zeros (weird Kodak Scanner software)
while ($value[0] == chr(0))
while ( isset($value[0]) and $value[0] == chr(0))
{
$value = substr($value, 1);
}
// remove binary nulls
$value = str_replace(chr(0x00), ' ', $value);
return $value;
}
@@ -107,7 +107,7 @@ function get_exif_data($filename, $map)
{
die('Exif extension not available, admin should disable exif use');
}
// Read EXIF data
if ($exif = @read_exif_data($filename))
{
include/functions_search.inc.php
+219
View File
@@ -0,0 +1,219 @@
<?php
// +-----------------------------------------------------------------------+
// | PhpWebGallery - a PHP based picture gallery |
// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* Prepends and appends a string at each value of the given array.
*
* @param array
* @param string prefix to each array values
* @param string suffix to each array values
*/
function prepend_append_array_items($array, $prepend_str, $append_str)
{
array_walk(
$array,
create_function('&$s', '$s = "'.$prepend_str.'".$s."'.$append_str.'";')
);
return $array;
}
/**
* returns search rules stored into a serialized array in "search"
* table. Each search rules set is numericaly identified.
*
* @param int search_id
* @return array
*/
function get_search_array($search_id)
{
if (!is_numeric($search_id))
{
die('Search id must be an integer');
}
$query = '
SELECT rules
FROM '.SEARCH_TABLE.'
WHERE id = '.$search_id.'
;';
list($serialized_rules) = mysql_fetch_row(pwg_query($query));
return unserialize($serialized_rules);
}
/**
* returns the SQL clause from a search identifier
*
* Search rules are stored in search table as a serialized array. This array
* need to be transformed into an SQL clause to be used in queries.
*
* @param int search_id
* @return string
*/
function get_sql_search_clause($search_id)
{
$search = get_search_array($search_id);
// SQL where clauses are stored in $clauses array during query
// construction
$clauses = array();
foreach (array('file','name','comment','keywords','author') as $textfield)
{
if (isset($search['fields'][$textfield]))
{
$local_clauses = array();
foreach ($search['fields'][$textfield]['words'] as $word)
{
array_push($local_clauses, $textfield." LIKE '%".$word."%'");
}
// adds brackets around where clauses
$local_clauses = prepend_append_array_items($local_clauses, '(', ')');
array_push(
$clauses,
implode(
' '.$search['fields'][$textfield]['mode'].' ',
$local_clauses
)
);
}
}
if (isset($search['fields']['allwords']))
{
$fields = array('file', 'name', 'comment', 'keywords', 'author');
// in the OR mode, request bust be :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// OR (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
//
// in the AND mode :
// ((field1 LIKE '%word1%' OR field2 LIKE '%word1%')
// AND (field1 LIKE '%word2%' OR field2 LIKE '%word2%'))
$word_clauses = array();
foreach ($search['fields']['allwords']['words'] as $word)
{
$field_clauses = array();
foreach ($fields as $field)
{
array_push($field_clauses, $field." LIKE '%".$word."%'");
}
// adds brackets around where clauses
array_push(
$word_clauses,
implode(
"\n OR ",
$field_clauses
)
);
}
array_walk(
$word_clauses,
create_function('&$s','$s="(".$s.")";')
);
array_push(
$clauses,
"\n ".
implode(
"\n ".
$search['fields']['allwords']['mode'].
"\n ",
$word_clauses
)
);
}
foreach (array('date_available', 'date_creation') as $datefield)
{
if (isset($search['fields'][$datefield]))
{
array_push(
$clauses,
$datefield." = '".$search['fields'][$datefield]['date']."'"
);
}
foreach (array('after','before') as $suffix)
{
$key = $datefield.'-'.$suffix;
if (isset($search['fields'][$key]))
{
array_push(
$clauses,
$datefield.
($suffix == 'after' ? ' >' : ' <').
($search['fields'][$key]['inc'] ? '=' : '').
" '".$search['fields'][$key]['date']."'"
);
}
}
}
if (isset($search['fields']['cat']))
{
if ($search['fields']['cat']['sub_inc'])
{
// searching all the categories id of sub-categories
$cat_ids = get_subcat_ids($search['fields']['cat']['words']);
}
else
{
$cat_ids = $search['fields']['cat']['words'];
}
$local_clause = 'category_id IN ('.implode(',', $cat_ids).')';
array_push($clauses, $local_clause);
}
// adds brackets around where clauses
$clauses = prepend_append_array_items($clauses, '(', ')');
$where_separator =
implode(
"\n ".$search['mode'].' ',
$clauses
);
$search_clause = $where_separator;
if (isset($forbidden))
{
$search_clause.= "\n AND ".$forbidden;
}
return $search_clause;
}
?>
include/functions_user.inc.php
+2 -7
View File
@@ -5,11 +5,10 @@
// | Copyright (C) 2003-2006 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
// | revision : $Revision$
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
@@ -608,13 +607,9 @@ function is_autorize_status($access_type, $user_status = '')
*/
function check_status($access_type, $user_status = '')
{
global $lang;
if (!is_autorize_status($access_type, $user_status))
{
echo '<div style="text-align:center;">'.$lang['access_forbiden'].'<br />';
echo '<a href="'.PHPWG_ROOT_PATH.'identification.php">'.$lang['identification'].'</a></div>';
exit();
access_denied();
}
}
include/section_init.inc.php
+2 -1
View File
@@ -5,7 +5,7 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
@@ -342,6 +342,7 @@ else
// +-----------------------------------------------------------------------+
if ($page['section'] == 'search')
{
include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
$query = '
SELECT DISTINCT(id)
FROM '.IMAGES_TABLE.'
index.php
+1 -1
View File
@@ -54,7 +54,7 @@ if (isset($_GET['image_order']))
setcookie(
'pwg_image_order',
$_GET['image_order'] > 0 ? $_GET['image_order'] : '',
0
0, cookie_path()
);
redirect(
language/fr_FR.iso-8859-1/common.lang.php
+2 -2
View File
@@ -245,7 +245,7 @@ $lang['password_hint'] = 'Vous n\'avez
$lang['periods_error'] = 'La période de nouveauté doit être un entier positif';
$lang['picture'] = 'image';
$lang['picture_high'] = 'Cliquer sur l\'image pour la visualiser en haute définition';
$lang['picture_show_metadata'] = 'Monter les méta-données du fichier';
$lang['picture_show_metadata'] = 'Montrer les méta-données du fichier';
$lang['powered_by'] = 'Propulsé par';
$lang['preferences'] = 'Préférences';
$lang['previous_page'] = 'Précédent';
@@ -332,4 +332,4 @@ $lang['useful when password forgotten'] = 'utile en cas d\'oubli de mot de passe
$lang['w_month'] = 'Mois';
$lang['yes'] = 'Oui';
$lang['adviser_mode_enabled'] = 'Mode conseiller actif';
?>
?>
search_rules.php
+5 -4
View File
@@ -5,10 +5,10 @@
// | Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net |
// +-----------------------------------------------------------------------+
// | branch : BSF (Best So Far)
// | file : $RCSfile$
// | last update : $Date: 2005-09-27 23:57:14 +0200 (mar, 27 sep 2005) $
// | last modifier : $Author: plg $
// | revision : $Revision: 879 $
// | file : $Id$
// | last update : $Date$
// | last modifier : $Author$
// | revision : $Revision$
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
@@ -43,6 +43,7 @@ function inc_exc_str($is_included)
define('PHPWG_ROOT_PATH','./');
include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
include_once( PHPWG_ROOT_PATH.'include/functions_search.inc.php' );
$page['body_id'] = 'thePopuphelpPage';
$title = l10n('PhpWebGallery Help');