diff --git a/admin/comments.php b/admin/comments.php index 1706897b8..7036a2fb2 100644 --- a/admin/comments.php +++ b/admin/comments.php @@ -164,8 +164,8 @@ $tpl = array( 'stats_last_days','delete','close','submit','open' ); templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); //--------------------------------------------------- number of days to display -if ( isset( $_GET['last_days'] ) ) define( MAX_DAYS, $_GET['last_days'] ); -else define( MAX_DAYS, 0 ); +if ( isset( $_GET['last_days'] ) ) define( 'MAX_DAYS', $_GET['last_days'] ); +else define( 'MAX_DAYS', 0 ); //----------------------------------------- non specific section initialization $array_cat_directories = array(); $array_cat_names = array(); diff --git a/admin/include/functions.php b/admin/include/functions.php index 2f45ce905..0207bd9b8 100644 --- a/admin/include/functions.php +++ b/admin/include/functions.php @@ -869,7 +869,7 @@ function update_user_restrictions( $user_id ) $query.= "'".implode( ',', $restrictions )."'"; else $query.= 'NULL'; - $queries .= ' WHERE id = '.$row['id']; + $query .= ' WHERE id = $user_id'; $query.= ';'; mysql_query( $query ); diff --git a/admin/update.php b/admin/update.php index b4f46b958..ed7cfcbcd 100644 --- a/admin/update.php +++ b/admin/update.php @@ -24,7 +24,7 @@ function insert_local_category( $id_uppercat ) global $conf, $page, $user, $lang; $uppercats = ''; - + $output = ''; // 0. retrieving informations on the category to display $cat_directory = '../galleries'; @@ -292,6 +292,13 @@ function insert_local_image( $rep, $category_id ) } // inserting the pictures found in the directory foreach ( $pictures as $picture ) { + $name = ''; + $author = ''; + $comment = ''; + if (isset ($picture['name'])) $name = $picture['name']; + if (isset ($picture['author'])) $author = $picture['author']; + if (isset ($picture['comment'])) $comment = $picture['comment']; + $query = 'INSERT INTO '.PREFIX_TABLE.'images'; $query.= ' (file,storage_category_id,date_available,tn_ext'; $query.= ',filesize,width,height'; @@ -300,9 +307,8 @@ function insert_local_image( $rep, $category_id ) $query.= "('".$picture['file']."','".$category_id."'"; $query.= ",'".$picture['date']."','".$picture['tn_ext']."'"; $query.= ",'".$picture['filesize']."','".$picture['width']."'"; - $query.= ",'".$picture['height']."','".$picture['name']."'"; - $query.= ",'".$picture['author']."','".$picture['comment']."'"; - if ( $picture['date_creation'] != '' ) + $query.= ",'".$picture['height']."','$name', '$author', '$comment'"; + if ( isset ($picture['date_creation'])) { $query.= ",'".$picture['date_creation']."'"; } @@ -587,11 +593,7 @@ templatize_array( $tpl, 'lang', $sub ); $vtp->setGlobalVar( $sub, 'user_template', $user['template'] ); //-------------------------------------------- introduction : choices of update // Display choice if "update" var is not specified -check_cat_id( $_GET['update'] ); -if ( !isset( $_GET['update'] ) - and !( isset( $page['cat'] ) - or $_GET['update'] == 'cats' - or $_GET['update'] == 'all' ) ) +if (!isset( $_GET['update'] )) { $vtp->addSession( $sub, 'introduction' ); // only update the categories, not the pictures. @@ -605,6 +607,7 @@ if ( !isset( $_GET['update'] ) //------------------------------------------------- local update : ../galleries else { + check_cat_id( $_GET['update'] ); $start = get_moment(); $count_new = 0; $count_deleted = 0; diff --git a/category.php b/category.php index 23acd011a..cb6b48777 100644 --- a/category.php +++ b/category.php @@ -34,7 +34,7 @@ if ( isset( $_GET['act'] ) && $_GET['act'] == 'logout' && isset( $_COOKIE['id'] exit(); } //-------------------------------------------------- access authorization check -if ( isset( $_GET['act'] )) +if ( isset( $_GET['cat'] )) check_cat_id( $_GET['cat'] ); check_login_authorization(); if ( isset( $page['cat'] ) && is_numeric( $page['cat'] ) ) @@ -269,7 +269,7 @@ if ( isset( $page['cat'] ) and $page['cat_nb_images'] != 0 ) while ( $row = mysql_fetch_array( $result ) ) { // retrieving the storage dir of the picture - if ( $array_cat_directories[$row['storage_category_id']] == '' ) + if ( !isset($array_cat_directories[$row['storage_category_id']])) { $array_cat_directories[$row['storage_category_id']] = get_complete_dir( $row['storage_category_id'] ); diff --git a/include/functions_category.inc.php b/include/functions_category.inc.php index 1cbe30b25..e27573ad7 100644 --- a/include/functions_category.inc.php +++ b/include/functions_category.inc.php @@ -109,12 +109,15 @@ function get_user_plain_structure() { $category = array(); foreach ( $infos as $info ) { - $category[$info] = $row[$info]; - if ( $info == 'date_last' ) + if ( $info == 'uc.date_last' ) { - list($year,$month,$day) = explode( '-', $row[$info] ); - $category[$info] = mktime(0,0,0,$month,$day,$year); + list($year,$month,$day) = explode( '-', $row['date_last'] ); + $category['date_last'] = mktime(0,0,0,$month,$day,$year); } + else + { + $category[$info] = $row[$info]; + } } $plain_structure[$row['id']] = $category; } @@ -411,7 +414,11 @@ function initialize_category( $calling_page = 'category' ) // By default, it is the same as the $user['nb_image_page'] $page['nb_image_page'] = $user['nb_image_page']; // $url is used to create the navigation bar - $url = './category.php?cat='.$page['cat'].'&expand='.$page['expand']; + $url = './category.php?cat='.$page['cat']; + if ( isset($page['expand']) ) + { + $url.= '&expand='.$page['expand']; + } // simple category if ( is_numeric( $page['cat'] ) ) { diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 050d83c6d..c623cf0c7 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -207,12 +207,14 @@ function check_login_authorization() { global $user,$lang,$conf,$page; - if ( $user['is_the_guest'] - and ( $conf['access'] == 'restricted' or $page['cat'] == 'fav' ) ) + if ( $user['is_the_guest']) + { + if ( $conf['access'] == 'restricted' || (isset($page['cat']) && $page['cat'] == 'fav' ) ) { echo '
'.$lang['only_members'].'
'; echo ''.$lang['ident_title'].'
'; exit(); } + } } ?> \ No newline at end of file diff --git a/profile.php b/profile.php index 3254b727a..95f9733aa 100644 --- a/profile.php +++ b/profile.php @@ -27,8 +27,6 @@ if ( $user['is_the_guest'] ) echo ''.$lang['ident_title'].''; exit(); } -//-------------------------------------------------------------- initialization -check_cat_id( $_GET['cat'] ); //------------------------------------------------------ update & customization $infos = array( 'nb_image_line', 'nb_line_page', 'language', 'maxwidth', 'maxheight', 'expand', 'show_nb_comments', diff --git a/search.php b/search.php index d12e8203a..21d5a5fca 100644 --- a/search.php +++ b/search.php @@ -81,6 +81,7 @@ $vtp->setVar( $handle, 'line.name', $lang['search_field_search'].' *' ); $vtp->addSession( $handle, 'text' ); $vtp->setVar( $handle, 'text.size', '40' ); $vtp->setVar( $handle, 'text.name', 'search' ); +if (isset($_POST['search'])) $vtp->setVar( $handle, 'text.value', $_POST['search'] ); $vtp->closeSession( $handle, 'text' ); $vtp->closeSession( $handle, 'line' ); @@ -92,7 +93,7 @@ $vtp->addSession( $handle, 'radio' ); $vtp->setVar( $handle, 'radio.name', 'mode' ); $vtp->setVar( $handle, 'radio.value', 'OR' ); $vtp->setVar( $handle, 'radio.option', $lang['search_mode_or'] ); -if ( $_POST['mode'] == 'OR' or $_POST['mode'] == '' ) +if (isset($_POST['mode']) && ($_POST['mode'] == 'OR' or $_POST['mode'] == '' )) { $vtp->setVar( $handle, 'radio.checked', ' checked="checked"' ); } @@ -102,7 +103,7 @@ $vtp->addSession( $handle, 'radio' ); $vtp->setVar( $handle, 'radio.name', 'mode' ); $vtp->setVar( $handle, 'radio.value', 'AND' ); $vtp->setVar( $handle, 'radio.option', $lang['search_mode_and'] ); -if ( $_POST['mode'] == 'AND' ) +if ( isset($_POST['mode']) && $_POST['mode'] == 'AND' ) { $vtp->setVar( $handle, 'radio.checked', ' checked="checked"' ); } diff --git a/template/default/htmlfunctions.inc.php b/template/default/htmlfunctions.inc.php index f56448eb6..aade6e2e5 100644 --- a/template/default/htmlfunctions.inc.php +++ b/template/default/htmlfunctions.inc.php @@ -188,12 +188,16 @@ function display_category( $category, $indent, $handle ) else { $vtp->addSession( $handle, 'bullet_w_link' ); - $url = './category.php?cat='.$page['cat']; + $url = './category.php'; + if (isset($page['cat'])) + { + $url .='?cat='.$page['cat']; $url.= '&expand='.$category['expand_string']; if ( $page['cat'] == 'search' ) { $url.= '&search='.$_GET['search'].'&mode='.$_GET['mode']; } + } $vtp->setVar( $handle, 'bullet_w_link.bullet_link', add_session_id($url) ); if ( $category['expanded'] ) {