4images code on GitHub Click here to visit GitHub.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
global $site_template, $site_db, $site_sess, $config, $lang;Replace with:global $site_template, $site_db, $site_sess, $config, $lang, $HTTP_GET_VARS; $total = sizeof($visible_cat_cache);Add after://Begin configuration:
$perpage = 10; //how many categories per page
$cat_text = "Found {total_cat_images} categories on {total_pages} page(s). Displayed category {first_page} to {last_page}";
//u can use those tags:
//{total_cat_images} - total categories
//{total_pages} - total pages
//{first_page} - displayed from (number first category displayed)
//{last_page} - displayed to (number last category displayed)
//End configuration
$page = (isset($HTTP_GET_VARS['cat_page'])) ? $HTTP_GET_VARS['cat_page'] : 0;
if (!class_exists("Paging")) {
include(ROOT_PATH.'includes/paging.php');
}
$link_arg = $site_sess->url(ROOT_PATH.($cat_id ? "categories.php?".URL_CAT_ID."=".$cat_id : "index.php"));
$getpaging = new Paging($page, $perpage, $total, $link_arg, $cat_text, "", "cat_page");
$offset = $getpaging->get_offset();
$limit = ($offset + $perpage > $total) ? $total : $offset + $perpage - 1;
$total = $limit - $offset;
$site_template->register_vars(array(
"cat_paging" => $getpaging->get_paging(),
"cat_paging_stats" => $getpaging->get_paging_stats()
));
$cache = array();
$i = 0;
foreach ($visible_cat_cache as $key => $category_id) {
if ($i >= $offset && $i <= $limit) {
$cache[] = $category_id;
$cache_sql .= (($cache_sql != "") ? ", " : "").$category_id;
}
$i++;
}
$total = count($cache);You can change some setting at the beginning of inserted code 
foreach ($visible_cat_cache as $key => $category_id) {Replace with:foreach ($cache as $category_id){ isset($user_info['lightbox_image_ids']) ? substr(md5($user_info['lightbox_image_ids']), 0, 8) : 0,
Insert above: isset($HTTP_GET_VARS['cat_page']) ? intval($HTTP_GET_VARS['cat_page']) : 0,
//PMS
define('PMS_TABLE', $table_prefix.'pms');
define('PMS_RDLT', 0); //Recipient deleted message (message only in: Sender's Setbox)
define('PMS_SDLT', 1); //Sender deleted message (message only in: Recipient's Inbox)
define('PMS_SENT', 2); //Recipient read message (message in: Sender's Sentbox and Recipient's Inbox)
define('PMS_UNREAD', 3); //Recipient not read message (message in: Sender's Outbox and Recipient's Inbox - New Message)//--- PMS ----
$lang['pms_inbox'] = "Inbox";
$lang['pms_outbox'] = "Outbox";
$lang['pms_sentbox'] = "Sentbox";
$lang['pms_link'] = " You have<br />» <b>{msg_new_count}</b> new message(s)<br /> in your <b>{inbox}</b>.";
$lang['pms'] = "Private Messaging";
$lang['pms_short'] = "PMS";
$lang['pms_error'] = "Error";
$lang['pms_error_to'] = "You must select a recipient.";
$lang['pms_error_subject'] = "You must enter a subject.";
$lang['pms_error_message'] = "You must enter a message.";
$lang['pms_error_folder'] = "No folder selected.";
$lang['pms_error_id'] = "Nothing to show.";
$lang['pms_error_delete'] = "Nothing to delete.";
$lang['pms_compose'] = "Compose";
$lang['pms_delete'] = "Delete";
$lang['pms_delete_selected'] = "Delete selected";
$lang['pms_delete_all'] = "Delete all";
$lang['pms_delete_success'] = "The messages where deleted successfuly";
$lang['pms_delete_confirm'] = "Are you sure you want to delete that message from <b>".$lang['pms_'.$mode]."</b>?";
$lang['pms_delete_confirm_select'] = "Are you sure you want to delete selected messages from <b>".$lang['pms_'.$mode]."</b>?";
$lang['pms_delete_confirm_all'] = "Are you sure you want to delete ALL messages from <b>".$lang['pms_'.$mode]."</b>?";
$lang['pms_new'] = "New message";
$lang['pms_select_user'] = "Select a user";
$lang['pms_sent_success'] = "The message was send successfully";
$lang['pms_redirect'] = "Please wait a moment";
$lang['pms_empty'] = "No messages in this folder";
$lang['pms_reply'] = "Reply";
$lang['pms_view'] = "View message";
$lang['pms_mark'] = "Mark";
$lang['pms_edit'] = "Edit";
$lang['pms_subject'] = "Subject";
$lang['pms_message'] = "Message";
$lang['pms_to'] = "Recipient";
$lang['pms_date'] = "Date";
$lang['pms_send'] = "Send";
$lang['pms_preview'] = "Preview";
$lang['pms_status'] = "Status";
$lang['pms_from'] = "Sender";
$lang['pms_html'] = "Anable HTML in this message";
$lang['pms_bbcode'] = "Anable BBCode in this message";
$lang['pms_perpage'] = "Messages per page";
$lang['pms_user_pm'] = "PM";
$lang['pms_user_pm_alt'] = "PM to this user";
$lang['pms_total'] = "Total messages";
$lang['pms_received'] = "Received";
$lang['pms_quote'] = "Quote";
$lang['pms_error_save'] = "Error saving message. (the message could has been received)";
$lang['pms_error_notfound'] = "Can't find message.";
$lang['pms_paging_stats'] = "You have {total_cat_images} message(s) {new} on {total_pages} page(s) in your {box}.<br />Displayed: massage {first_page} to {last_page}.";
$lang['pms_email'] = "Notify by email on new Private Message";
$lang['pms_popup'] = "Pop up window on new Private Message";
$lang['pms_popup_confirm'] = "You have a new private message. Click OK to view it, or cancel to hide this prompt.";
$lang['pms_popup_newwindow'] = "Open in new window?\\n\\n(Press cancel to open your Inbox in the current window.)";
$lang['pms_email_new'] = "New private message"; $site_template->register_vars(array(
"media_url" => MEDIA_PATH,Replace with://-----------------------------------------------------
//--- PMS ---------------------------------------------
//-----------------------------------------------------
$sql = "SELECT COUNT(pms_id) AS total
FROM ".PMS_TABLE."
WHERE pms_to = ".$user_info['user_id']." AND (pms_type = ".PMS_SENT." OR pms_type = ".PMS_SDLT." OR pms_type = ".PMS_UNREAD.")";
$result = $site_db->query_firstrow($sql);
$pms_inbox = $result['total'];
$sql = "SELECT COUNT(pms_id) AS total
FROM ".PMS_TABLE."
WHERE pms_from = ".$user_info['user_id']." AND pms_type = ".PMS_UNREAD;
$result = $site_db->query_firstrow($sql);
$pms_outbox = $result['total'];
$sql = "SELECT COUNT(pms_id) AS total
FROM ".PMS_TABLE."
WHERE pms_from = ".$user_info['user_id']." AND (pms_type = ".PMS_SENT." OR pms_type = ".PMS_RDLT.")";
$result = $site_db->query_firstrow($sql);
$pms_sentbox = $result['total'];
$sql = "SELECT COUNT(pms_id) AS new
FROM ".PMS_TABLE."
WHERE pms_to = ".$user_info['user_id']." AND pms_type = ".PMS_UNREAD;
$result = $site_db->query_firstrow($sql);
$pms_new = "<a href=\"".$site_sess->url(ROOT_PATH."pms.php")."\">".(($result['new']) ? "<blink>".$result['new']."</blink>" : 0)."</a>";
$pms = preg_replace("/".$site_template->start."msg_new_count".$site_template->end."/siU", $pms_new, $lang['pms_link']);
$pms = preg_replace("/".$site_template->start."inbox".$site_template->end."/siU", "<a href=\"".$site_sess->url(ROOT_PATH."pms.php")."\">".$lang['pms_inbox']."</a>", $pms);
// PMS Boxes
$blink = "<script language=\"JavaScript\">\n<!--\nvar flg=0;\nfunction blink(){\nvar myElement=document.getElementById('blnk');\nflg^=1;\nif(flg==1){\nmyElement.style.visibility='hidden';\n}\nelse{\nmyElement.style.visibility='visible';\n}\ntimerID = setTimeout( 'blink()' , 500 );\n}\n//-->\n</script>\n";
$show_inbox = ($result['new']) ? $blink."<span id=\"blnk\">".$lang['pms_inbox']."</span><script language=\"JavaScript\">blink();</script>" : $lang['pms_inbox'];
$inbox = "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=inbox")."\" title=\"".$lang['pms_total']." (".$pms_inbox.")\">".$show_inbox."</a>";
$sentbox = "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=sentbox")."\" title=\"".$lang['pms_total']." (".$pms_sentbox.")\">".$lang['pms_sentbox']."</a>";
$outbox = "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=outbox")."\" title=\"".$lang['pms_total']." (".$pms_outbox.")\">".$lang['pms_outbox']."</a>";
$newpms = "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=new")."\">".$lang['pms_new']."</a>";
$sql = "SELECT pms_date
FROM ".PMS_TABLE."
WHERE pms_to = ".$user_info['user_id']." AND pms_type = ".PMS_UNREAD."
ORDER BY pms_date DESC";
$result = $site_db->query_firstrow($sql);
$pms_popup_script = "";
$pms_popup_header = "";
if ($result && $user_info['user_pms_popup'] && !ereg("pms.php", $self_url)) {
$cookie_name = (defined("COOKIE_NAME")) ? COOKIE_NAME : "4images_";
$cookie_pmsnewpopup = isset($HTTP_COOKIE_VARS[$cookie_name.'pmsnewpopup']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookie_name.'pmsnewpopup'])) : 0;
$pmsnewpopup = (isset($session_info['pmsnewpopup'])) ? $session_info['pmsnewpopup'] : $cookie_pmsnewpopup;
if ($pmsnewpopup < $result['pms_date']) {
$cookie_expire = time() + 60 * 60 * 24 * 90;
setcookie($cookie_name.'pmsnewpopup', serialize($result['pms_date']), $cookie_expire, COOKIE_PATH, COOKIE_DOMAIN, COOKIE_SECURE);
$site_sess->set_session_var("pmsnewpopup", $result['pms_date']);
$pms_popup_script = "<script language=\"JavaScript\">
<!--
function confirm_newpm() {
input_box=confirm('".$lang['pms_popup_confirm']."');
if (input_box==true) { // Output when OK is clicked
second_box=confirm('".$lang['pms_popup_newwindow']."');
if (second_box==true) {
window.open('".$site_sess->url(ROOT_PATH."pms.php")."','pmnew','width=600,height=500,menubar=yes,scrollbars=yes,toolbar=yes,location=yes,directories=yes,resizable=yes,top=50,left=50');
} else {
window.location='".$site_sess->url(ROOT_PATH."pms.php")."';
}
} else {
// Output when Cancel is clicked
}
}
// -->
</script>";
$pms_popup_header = "onload=\"Javascript:confirm_newpm()\"";
}
}
$site_template->register_vars(array(
"pms_boxes" => ($user_info['user_level'] < USER) ? "" : $inbox." | ".$sentbox." | ".$outbox." | ".$newpms,
"pms_popup_script" => $pms_popup_script,
"pms_popup_header" => $pms_popup_header,
"media_url" => MEDIA_PATH, $site_template->register_vars(array(
"user_id" => $user_row['user_id'],
"user_name" => (isset($user_row['user_name'])) ? htmlspecialchars($user_row['user_name']) : REPLACE_EMPTY,Add after: "lang_pm" => ($user_info['user_id'] != $user_row['user_id']) ? "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=reply&user_id=".$user_row['user_id'])."\" alt=\"".$lang['pms_user_pm_alt']."\">".$lang['pms_user_pm']."</a>" : "", "comment_id" => $comment_row[$i]['comment_id'],Add after: "lang_pm" => ($user_info['user_id'] != $comment_row[$i]['user_id'] && $user_info['user_level'] >= USER && $comment_row[$i]['user_id'] >= USER) ? "<a href=\"".$site_sess->url(ROOT_PATH."pms.php?action=reply&user_id=".$comment_row[$i]['user_id'])."\" alt=\"".$lang['pms_user_pm_alt']."\">".$lang['pms_user_pm']."</a>" : "",$additional_user_fields['user_pms_email'] = array($lang['pms_email'], "radio", 0);
$additional_user_fields['user_pms_popup'] = array($lang['pms_popup'], "radio", 0); <tr>
<td class="row2"><b>{lang_user_pms_email}</b></td>
<td class="row2">
<input type="radio" name="user_pms_email" value="1"{user_pms_email_yes} />
{lang_yes}
<input type="radio" name="user_pms_email" value="0"{user_pms_email_no} />
{lang_no}
</td>
</tr>
<tr>
<td class="row1"><b>{lang_user_pms_popup}</b></td>
<td class="row1">
<input type="radio" name="user_pms_popup" value="1"{user_pms_popup_yes} />
{lang_yes}
<input type="radio" name="user_pms_popup" value="0"{user_pms_popup_no} />
{lang_no}
</td>
</tr>..msg0 {then use something like this in the pms.html template:
background-color: #FFCECE;
color: #2F6B9D;
}
.msg1 {
background-color: #CEFFDD;
color: #2F6B9D;
}
$lightbox_button = "<a href=\"".$site_sess->url($lightbox_url)."\"><img src=\"".get_gallery_image("lightbox_yes.gif")."\" border=\"0\" alt=\"\" /></a>";Replace with: $lightbox_button = "<a href=\"".$site_sess->url($lightbox_url)."\" onclick=\"this.firstChild.src='".$site_sess->url(ROOT_PATH."lightboxaction.php?id=".$image_row['image_id'])."&ilu='+this.firstChild.src; return false;\"><img src=\"".get_gallery_image("lightbox_yes.gif")."\" border=\"0\" alt=\"\" /></a>";
$lightbox_button = "<a href=\"".$site_sess->url($lightbox_url)."\"><img src=\"".get_gallery_image("lightbox_no.gif")."\" border=\"0\" alt=\"\" /></a>";Replace with: $lightbox_button = "<a href=\"".$site_sess->url($lightbox_url)."\" onclick=\"this.firstChild.src='".$site_sess->url(ROOT_PATH."lightboxaction.php?id=".$image_row['image_id'])."&ilu='+this.firstChild.src; return false;\"><img src=\"".get_gallery_image("lightbox_no.gif")."\" border=\"0\" alt=\"\" /></a>";
<?php
define('ROOT_PATH', './');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$error = 0;
if (isset($HTTP_GET_VARS['ilu']) || isset($HTTP_POST_VARS['ilu']))
{
$ilu = (isset($HTTP_POST_VARS['ilu'])) ? trim($HTTP_POST_VARS['ilu']) : trim($HTTP_GET_VARS['ilu']);
}
else
{
$ilu = "";
}
if ($id && $user_info['user_level'] >= USER)
{
if (check_lightbox($id))
{
$ilu = (remove_from_lightbox($id)) ? get_gallery_image("lightbox_no.gif") : get_gallery_image("lightbox_yes.gif");
}
else
{
$ilu = (add_to_lightbox($id)) ? get_gallery_image("lightbox_yes.gif") : get_gallery_image("lightbox_no.gif");
}
}
else
{
$error = 1;
}
if ($error)
{
die("Security violation");
}
header("Content-type: image/gif");
header("Location: ".$ilu);
?>Upload it to your 4images root dir.
if ($action == "deletecomment") {
if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT c.comment_id, c.user_id AS comment_user_id, i.image_id, i.cat_id, i.user_id, i.image_name
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "deletecomment") {
if (!$comment_id) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT c.comment_id, c.user_id AS comment_user_id, i.image_id, i.cat_id, i.user_id, i.image_name
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
// if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id']&& $user_info['user_id'] != $comment_row['comment_user_id'])) {
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id'])) {Step 1.2.if ($action == "removecomment") {
if (!$comment_id || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "removecomment") {
if (!$comment_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
// if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id']&& $user_info['user_id'] != $comment_row['comment_user_id'])) {
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_delete_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_id'] != $comment_row['comment_user_id'])) {if ($action == "updatecomment") {
if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT c.comment_id, c.image_id, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "updatecomment") {
if (!$comment_id) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
// if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id']&& $user_info['user_id'] != $comment_row['comment_user_id'])) {
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id'])) {if ($action == "editcomment") {
if (!$comment_id || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "editcomment") {
if (!$comment_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT c.comment_id, c.image_id, c.user_id AS comment_user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, i.image_name, i.cat_id, i.user_id".get_user_table_field(", u.", "user_name")."
FROM ".COMMENTS_TABLE." c, ".IMAGES_TABLE." i
LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
WHERE c.comment_id = $comment_id AND i.image_id = c.image_id";
$comment_row = $site_db->query_firstrow($sql);
// if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id']&& $user_info['user_id'] != $comment_row['comment_user_id'])) {
if (!$comment_row || $comment_row['user_id'] <= USER_AWAITING || ($config['user_edit_comments'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $comment_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $comment_row['cat_id'])) {if ($action == "deleteimage") {
if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "deleteimage") {
if (!$image_id) {
show_error_page($lang['no_permission']);
exit;
}
$sql = "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id'])) {if ($action == "removeimage") {
if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT image_id, cat_id, user_id, image_name
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "removeimage") {
if (!$image_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$sql = "SELECT image_id, cat_id, user_id, image_name
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_id || ($config['user_delete_image'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id'])) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id'])) {if ($action == "updateimage") {
if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
show_error_page($lang['no_permission']);
}
$sql = "SELECT image_id, cat_id, user_id, image_name
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "updateimage") {
if (!$image_id) {
show_error_page($lang['no_permission']);
} $sql = "SELECT image_id, cat_id, user_id, image_name
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id'])) {if ($action == "editimage") {
if (!$image_id || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN)) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$additional_sql = "";
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
$additional_sql .= ", ".$key;
}
}
$sql = "SELECT image_id, cat_id, user_id, image_name, image_description, image_keywords, image_allow_comments".$additional_sql."
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN)) {Replace with:if ($action == "editimage") {
if (!$image_id) {
header("Location: ".$site_sess->url($url, "&"));
exit;
}
$additional_sql = "";
if (!empty($additional_image_fields)) {
foreach ($additional_image_fields as $key => $val) {
$additional_sql .= ", ".$key;
}
}
$sql = "SELECT image_id, cat_id, user_id, image_name, image_description, image_keywords, image_allow_comments".$additional_sql."
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($config['user_edit_image'] != 1 && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id']) || ($user_info['user_id'] != $image_row['user_id'] && $user_info['user_level'] != ADMIN && $user_info['user_cat'] != $image_row['cat_id'])) { if (!$error) {
$additional_sql = "";
if (!empty($additional_user_fields)) {
$table_fields = $site_db->get_table_fields(USERS_TABLE);
foreach ($additional_user_fields as $key => $val) {
if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
$additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
}
}
}
$sql = "UPDATE ".USERS_TABLE."Replace with: if (!$error) {
$additional_sql = "";
if (!empty($additional_user_fields)) {
$table_fields = $site_db->get_table_fields(USERS_TABLE);
foreach ($additional_user_fields as $key => $val) {
if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) {
$additional_sql .= ", $key = '".un_htmlspecialchars(trim($HTTP_POST_VARS[$key]))."'";
}
}
if (isset($HTTP_POST_VARS['user_cat_active']) && isset($table_fields['user_cat_active'])) {
user_cat_create();
}else{
$additional_sql .= ", user_cat_active = 0";
}
}
$sql = "UPDATE ".USERS_TABLE." "user_name" => htmlspecialchars(stripslashes($user_name)),Add before (obove it): "lang_activate" => ($config['user_cat'] && $user_info['user_cat_active_admin'] && ($config['user_cat_new'] || $user_info['user_cat'])) ? $lang['user_cat_activate'] : "",
"user_cat_edit" => ($user_info['user_cat_active']) ? $site_sess->url(ROOT_PATH."member.php?action=usercatpermedit") : "",
"lang_edit" => $lang['edit'],//-----------------------------------------------------
//--- Clickstream -------------------------------------
//-----------------------------------------------------
$clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'].$txt_clickstream."</span>";Add before (above it)://-------------------------
//---- User Create Cat ----
//-------------------------
function user_cat_create(){
global $user_info, $cat_cache, $config;
if ($user_info['user_cat'] == 0 || !$cat_cache[$user_info['user_cat']]) {
if (!$cat_id = create_user_cat($user_info['user_id'], $user_info['user_name'])) {
$msg .= "Error creating category";
}
}
}
//-----------------------------
//---- User Cat Permissions----
//-----------------------------
if ($action == "usercatpermedit") {
if ((!user_cat_check() || !$user_info['user_cat_active']) && $user_info['user_level'] != ADMIN) {
show_error_page($lang['no_permission']);
exit;
}
$error = 0;
$user_cat_terms = 0;
if ($user_info['user_level'] != ADMIN && !$user_info['user_cat_active_admin']) {
$msg = $lang['user_cat_deactive_admin'];
$error = 1;
}
if ($user_info['user_level'] != ADMIN && !$user_info['user_cat_terms']) {
if (isset($HTTP_POST_VARS['user_cat_accept']) && $HTTP_POST_VARS['user_cat_accept']) {
$sql = "UPDATE ".USERS_TABLE."
SET user_cat_terms = 1
WHERE user_id = ".$user_info['user_id'];
$site_db->query($sql);
}else{
$user_cat_terms = 1;
}
}
if (!$error) {
if ($user_cat_terms) {
$site_template->register_vars(array(
"lang_user_cat_terms" => $lang['user_cat_terms'],
"lang_agreement_terms" => $lang['user_cat_terms_text'],
"lang_agree" => $lang['agree'],
"lang_agree_not" => $lang['agree_not']
));
$content .= $site_template->parse_template("member_cat_terms");
}else{
$auth_show = "";
$user_list_added = "";
$user_list_rmvd = "";
$user_list_added_count = 0;
$user_list_rmvd_count = 0;
$auth_array = get_auth_array(($user_info['user_level'] == ADMIN) ? "1,1,1,1,1,1,1,1,1" : "");
if (isset($HTTP_POST_VARS['auth']) || isset($HTTP_GET_VARS['auth'])) {
$auth_check = ($HTTP_POST_VARS['auth'] ) ? $HTTP_POST_VARS['auth'] : $HTTP_GET_VARS['auth'];
if (in_array("auth_".$auth_check, $auth_array)){
$auth_show = "auth_".$auth_check;
if (isset($HTTP_POST_VARS[$auth_check.'_1']) || isset($HTTP_GET_VARS[$auth_check.'_1'])) {
$auth_list_no = ($HTTP_POST_VARS[$auth_check.'_1'] ) ? $HTTP_POST_VARS[$auth_check.'_1'] : $HTTP_GET_VARS[$auth_check.'_1'];
foreach ($auth_list_no as $key){
if ($key != 0) {
$user_list = get_user_info($key);
$user_list_added .= $user_list['user_name']."<br />";
$user_list_added_count++;
$user_perm = user_cat_perm_cur($key);
$user_perm_cur = array();
foreach ($auth_array as $val) {
$user_perm_cur[$val] = (($val == $auth_show) ? 1 : (($user_perm[$val]) ? $user_perm[$val] : 0));
}
update_user_group($key, $admin_cat_id, $user_perm_cur);
}
}
}
if (isset($HTTP_POST_VARS[$auth_check.'_2']) || isset($HTTP_GET_VARS[$auth_check.'_2'])) {
$auth_list_yes = ($HTTP_POST_VARS[$auth_check.'_2'] ) ? $HTTP_POST_VARS[$auth_check.'_2'] : $HTTP_GET_VARS[$auth_check.'_2'];
foreach ($auth_list_yes as $key){
if ($key != 0) {
$user_list = get_user_info($key);
$user_list_rmvd .= $user_list['user_name']."<br />";
$user_list_rmvd_count++;
$user_perm = user_cat_perm_cur($key);
$user_perm_cur = array();
foreach ($auth_array as $val) {
$user_perm_cur[$val] = (($val == $auth_show) ? 0 : (($user_perm[$val]) ? $user_perm[$val] : 0));
}
update_user_group($key, $admin_cat_id, $user_perm_cur);
}
}
}
if (isset($HTTP_POST_VARS['auth_type']) || isset($HTTP_GET_VARS['auth_type'])) {
$auth_type = ($HTTP_POST_VARS['auth_type'] ) ? $HTTP_POST_VARS['auth_type'] : $HTTP_GET_VARS['auth_type'];
$auth_type = ($auth_type) ? $auth_type : 0;
if ($cat_cache[$admin_cat_id][$auth_show] != $auth_type) {
$sql = "UPDATE ".CATEGORIES_TABLE."
SET ".$auth_show." = ".$auth_type."
WHERE cat_id = ".$admin_cat_id;
$site_db->query($sql);
$cat_cache[$admin_cat_id][$auth_show] = $auth_type;
}
}
}
}
$sql = "SELECT ".get_user_table_field("", "user_id").get_user_table_field(", ", "user_level").get_user_table_field(", ", "user_name").get_user_table_field(", ", "user_email")."
FROM ".USERS_TABLE."
WHERE ".get_user_table_field("", "user_level")." > ".USER_AWAITING." AND ".get_user_table_field("", "user_id")." <> ".$user_info['user_id']." AND ".get_user_table_field("", "user_level")." != ".ADMIN."
ORDER BY ".get_user_table_field("", "user_name")." ASC";
$result = $site_db->query($sql);
$user_list = "";
while ($user_cache = $site_db->fetch_array($result)) {
$user_list .= $user_cache['user_id'].",".addslashes($user_cache['user_name']).",";
}
$auth_list = "";
$auth_edit_js = "";
foreach ($auth_array as $auth_item) {
$auth_type = "";
$auth_edit = 0;
$auth_edit_prv = 0;
$user_cat_note_warning = "";
$user_cat_help = "";
if ($auth_show == $auth_item) {
if ($cat_cache[$admin_cat_id][$auth_item] == AUTH_ACL){
$users = user_cat_perm($auth_show);
foreach ($users as $key => $val) {
$auth_list .= $key.",";
}
$auth_edit_js = 1;
$auth_edit = 1;
$user_cat_help = $lang['user_cat_help'];
}
$auth_type = "<select name=\"auth_type\">\n";
foreach ($user_cat_auth_type as $key => $val) {
$auth_type .= "<option value=\"".$key."\"";
if ($cat_cache[$admin_cat_id][$auth_item] == $key){
$auth_type .= " style=\"color: #FF5353\" selected=\"selected\"";
$auth_cur = $key;
}
$auth_type .= ">".$val."</option>\n";
}
$auth_type .= "</select> **\n";
$auth_edit_prv = 1;
if ($auth_show != "auth_viewcat" && $cat_cache[$admin_cat_id]['auth_viewcat'] == AUTH_ACL) {
$user_cat_note_warning = "<br /><br />".$lang['auth_warning'];
}
}
$site_template->register_vars(array(
"user_list_added" => $user_list_added,
"user_list_rmvd" => $user_list_rmvd,
"lang_added" => $lang['added']." (".$user_list_added_count.")",
"lang_rmvd" => $lang['removed']." (".$user_list_rmvd_count.")",
"auth_type" => $auth_type,
"auth_cur" => $user_cat_auth_type[$cat_cache[$admin_cat_id][$auth_item]],
"admin_cat" => ($user_info['user_level'] == ADMIN) ? "<input type=\"hidden\" name=\"user_id\" value=\"".$admin_cat_owner['user_id']."\" />" : "",
"usercat_auth" => $auth_check,
"usercat_auth_show" => $lang[$auth_item],
"auth_edit" => $auth_edit,
"user_cat_note" => $lang['user_cat_note'].$user_cat_note_warning,
"auth_edit_prv" => $auth_edit_prv,
"auth_edit_link" => ($auth_edit_prv) ? "" : $site_sess->url(ROOT_PATH."member.php?action=usercatpermedit&auth=".str_replace("auth_", "", $auth_item).(($user_info['user_level'] == ADMIN) ? "&user_id=".$admin_cat_owner['user_id'] : "")),
"lang_save" => $lang['save'],
"lang_edit" => $lang['edit'],
"lang_cancel" => $lang['cancel'],
"lang_not_in_list" => $lang['not_in_list'],
"lang_in_list" => $lang['in_list'],
"user_cat_help" => $user_cat_help
));
$auth_bit .= $site_template->parse_template("member_cat_edit_bit");
}
$site_template->register_vars(array(
"auth_edit_js" => $auth_edit_js,
"admin_cat_owner" => $admin_cat_owner['user_id'],
"user_cat_owner" => $admin_cat_owner['user_name'],
"user_list" => trim($user_list, ","),
"usercat_auth" => $auth_check,
"auth_list" => trim($auth_list, ","),
"auth_bit" => $auth_bit,
"lang_auth" => $lang['user_cat_for']." <a href=\"".$site_sess->url(ROOT_PATH."categories.php?cat_id=".$admin_cat_id)."\">".$admin_cat_owner['user_name']."</a>"
));
$content .= $site_template->parse_template("member_cat_edit");
}
}
$txt_clickstream = $lang['user_cat'];
}
function user_cat_perm_cur($user_id){
global $site_db, $user_info, $admin_cat_id;
$auth_array = get_auth_array();
$sql = "SELECT g.group_id, g.group_name
FROM ".GROUPS_TABLE." g, ".GROUP_MATCH_TABLE." gm
WHERE gm.user_id = $user_id AND g.group_id = gm.group_id";
$row = $site_db->query_firstrow($sql);
if (!$row) {
$row = update_single_usergroup($user_id);
}
$group_id = $row['group_id'];
$group_name = $row['group_name'];
$sql = "SELECT *
FROM ".GROUP_ACCESS_TABLE."
WHERE group_id = $group_id AND cat_id = ".$admin_cat_id;
$result = $site_db->query_firstrow($sql);
return $result;
}
function user_cat_perm($field = ""){
global $site_db, $user_info, $admin_cat_id;
$sql = "SELECT group_id
FROM ".GROUP_ACCESS_TABLE."
WHERE cat_id = ".$admin_cat_id.(($field) ? " AND $field = 1" : "");
$result = $site_db->query($sql);
$group_ids = array();
while ($row = $site_db->fetch_array($result)) {
$group_ids[] = $row['group_id'];
}
if ($group_ids){
$sql = "SELECT u.*
FROM ".GROUP_MATCH_TABLE." gm, ".USERS_TABLE." u
WHERE u.user_id = gm.user_id AND gm.group_id IN (".implode(",", $group_ids).") AND u.user_id <> ".$user_info['user_id'];
$result = $site_db->query($sql);
$users = array();
while ($row = $site_db->fetch_array($result)) {
$users[$row['user_id']] = $row;
}
return $users;
}
return array();
}
function user_cat_check(){
global $config, $user_info, $cat_cache, $HTTP_POST_VARS, $HTTP_GET_VARS, $admin_cat_id, $site_db, $admin_cat_owner;
if (!$config['user_cat'] && $user_info['user_level'] != ADMIN && $user_info['user_level'] == GUEST) {
return false;
}
if ($user_info['user_level'] == ADMIN) {
if (isset($HTTP_POST_VARS['user_id']) || isset($HTTP_GET_VARS['user_id'])) {
$admin_user_id = (intval($HTTP_POST_VARS['user_id'])) ? intval($HTTP_POST_VARS['user_id']) : intval($HTTP_GET_VARS['user_id']);
}
if (empty($admin_user_id)) {
return false;
}
}
$admin_user_id = (isset($admin_user_id)) ? $admin_user_id : $user_info['user_id'];
$sql = "SELECT user_id, user_name, user_cat
FROM ".USERS_TABLE."
WHERE user_id = ".$admin_user_id;
$result = $site_db->query_firstrow($sql);
$admin_cat_owner = array();
$admin_cat_owner['user_id'] = $result['user_id'];
$admin_cat_owner['user_name'] = $result['user_name'];
$admin_cat_id = $result['user_cat'];
if ($admin_cat_id == 0 || !$cat_cache[$admin_cat_id]) {
return false;
}
return true;
}
function create_user_cat($user_id, $cat_name){
global $site_db, $user_info, $config, $admin_cat_id, $cat_cache;
$sql = "SELECT cat_order
FROM ".CATEGORIES_TABLE."
WHERE cat_parent_id = 0
ORDER BY cat_order DESC
LIMIT 1";
$catorder = $site_db->query_firstrow($sql);
$cat_order = $catorder['cat_order'] + 10;
$sql = "INSERT INTO ".CATEGORIES_TABLE."
(cat_name, cat_description, cat_parent_id, cat_order, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment)
VALUES
('$cat_name', '', ".$config['user_cat_parent'].", $cat_order, 3, 3, 3, 3, 0, 3, 3, 3, 3)";
$result = $site_db->query($sql);
$cat_id = $site_db->get_insert_id();
$sql = "UPDATE ".USERS_TABLE."
SET user_cat = ".$cat_id.", user_cat_active = 1
WHERE user_id = ".$user_id;
$site_db->query($sql);
$user_info['user_cat'] = $cat_id;
$admin_cat_id = $cat_id;
$cat_cache[$cat_id] = 1;
$auth = array(
"auth_viewcat" => 1,
"auth_viewimage" => 1,
"auth_download" => 1,
"auth_upload" => 1,
"auth_vote" => 1,
"auth_sendpostcard" => 1,
"auth_readcomment" => 1,
"auth_postcomment" => 1
);
if ($result && $cat_id) {
update_user_group($user_id, $cat_id, $auth);
if (create_cat_folder(MEDIA_PATH."/".$cat_id, CHMOD_DIRS) && create_cat_folder(THUMB_PATH."/".$cat_id, CHMOD_DIRS)){
return true;
}else{
return false;
}
}else{
return false;
}
}
function update_user_group($user_id, $cat_id, $auth) {
global $site_db;
$auth_field = "";
$auth_value = "";
foreach($auth as $key => $val){
$auth_field .= $key.", ";
$auth_value .= $val.", ";
}
$auth_field = trim($auth_field, ", ");
$auth_value = trim($auth_value, ", ");
$sql = "SELECT g.group_id, g.group_name
FROM ".GROUPS_TABLE." g, ".GROUP_MATCH_TABLE." gm
WHERE gm.user_id = $user_id AND g.group_id = gm.group_id";
$row = $site_db->query_firstrow($sql);
if (!$row) {
$row = update_single_usergroup($user_id);
}
$group_id = $row['group_id'];
$group_name = $row['group_name'];
$sql = "DELETE FROM ".GROUP_ACCESS_TABLE."
WHERE cat_id = $cat_id AND group_id = $group_id";
$site_db->query($sql);
$sql = "INSERT INTO ".GROUP_ACCESS_TABLE."
(group_id, cat_id, $auth_field)
VALUES
($group_id, $cat_id, $auth_value)";
$site_db->query($sql);
}
function update_single_usergroup($user_id) {
global $site_db, $user_table_fields;
$sql = "SELECT ".get_user_table_field("", "user_name")."
FROM ".USERS_TABLE."
WHERE ".get_user_table_field("", "user_id")." = $user_id";
$row = $site_db->query_firstrow($sql);
if (!$row) {
return false;
}
else {
$group_name = $row[$user_table_fields['user_name']];
unset($row);
}
$sql = "SELECT group_id
FROM ".GROUPS_TABLE."
WHERE group_name = '".addslashes($group_name)."' AND group_type = ".GROUPTYPE_SINGLE;
$row = $site_db->query_firstrow($sql);
if (!$row) {
$sql = "INSERT INTO ".GROUPS_TABLE."
(group_name, group_type)
VALUES
('".addslashes($group_name)."', ".GROUPTYPE_SINGLE.")";
$site_db->query($sql);
$group_id = $site_db->get_insert_id();
}
else {
$group_id = $row['group_id'];
}
$sql = "SELECT group_id
FROM ".GROUP_MATCH_TABLE."
WHERE group_id = $group_id AND user_id = $user_id";
if ($site_db->is_empty($sql)) {
$sql = "INSERT INTO ".GROUP_MATCH_TABLE."
(group_id, user_id, groupmatch_startdate, groupmatch_enddate)
VALUES
($group_id, $user_id, 0, 0)";
$site_db->query($sql);
}
return array("group_id" => $group_id, "group_name" => $group_name);
}
function create_cat_folder($path, $mode) {
if (@is_dir($path)) {
@chmod($path, $mode);
return true;
}
else {
$oldumask = umask(0);
$result = mkdir($path, $mode);
umask($oldumask);
if (!@is_dir($path) || !$result) {
$result = mkdir($path, 0755);
@chmod($path, $mode);
}
return $result;
}
}
function get_auth_array($admin = ""){
global $config;
$auth_conf = explode(",", ($admin) ? $admin : $config['user_cat_auth_array']);
$auth_array = array(
"auth_viewcat",
"auth_viewimage",
"auth_download",
"auth_upload",
"auth_directupload",
"auth_vote",
"auth_sendpostcard",
"auth_readcomment",
"auth_postcomment"
);
$auth = array();
for ($i = 0; $i < count($auth_array); $i++) {
if ($auth_conf[$i]){
$auth[] = $auth_array[$i];
}
}
return $auth;
}
//---- End User Cat ----------- $comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";Replace with: $comment_user_ip = ($user_info['user_level'] == ADMIN || $user_info['user_cat'] == $cat_id) ? $comment_row[$i]['comment_ip'] : ""; elseif ($is_image_owner) {
$admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";Replace with:// elseif ($is_image_owner || $comment_user_id == $user_info['user_id'] && $user_info['user_level'] != GUEST || $user_info['user_cat'] == $cat_id) {
elseif ($is_image_owner || $user_info['user_cat'] == $cat_id) {
$admin_links .= ($config['user_edit_comments'] != 1 && $user_info['user_cat'] != $cat_id) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_comments'] != 1 && $user_info['user_cat'] != $cat_id) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";elseif ($is_image_owner) {
$admin_links .= ($config['user_edit_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removeimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['delete']."</a>";Replace with: elseif ($is_image_owner || $user_info['user_cat'] == $cat_id) {
$admin_links .= ($config['user_edit_image'] != 1 && $user_info['user_cat'] != $cat_id) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['edit']."</a> ";
$admin_links .= ($config['user_delete_image'] != 1 && $user_info['user_cat'] != $cat_id) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removeimage&".URL_IMAGE_ID."=".$image_id)."\">".$lang['delete']."</a>";// end of functions
show_admin_header();
if ($action == "updatesettings") {
$setting_item = $HTTP_POST_VARS['setting_item'];
Replace with:function show_categories_list($setting_name, $value_option = ""){
global $cat_parent_cache, $drop_down_cat_cache, $lang, $config;
$category = "\n<select name=\"setting_item[".$setting_name."]\" class=\"categoryselect\">\n";
$category .= "<option value=\"0\">".$lang['main_category']."</option>\n";
$category .= "<option value=\"0\">--------------</option>\n";
$drop_down_cat_cache = array();
$drop_down_cat_cache = $cat_parent_cache;
$category .= get_category_dropdown_bits($value_option);
$category .= "</select>\n";
echo $category;
}
function show_user_cat_perm_array($setting_name, $setting_value) {
global $config, $lang, $auth_array;
$auth_conf = explode(",", $config['user_cat_auth_array']);
$auth = array();
for ($i = 0; $i < count($auth_array); $i++) {
echo "<input type=\"checkbox\" name=\"user_cat_".$auth_array[$i]."\" value=\"1\"".(($auth_conf[$i]) ? " checked=\"checked\"" : "").">".$lang[$auth_array[$i]]."<br>\n";
}
return $auth;
}
// end of functions
show_admin_header();
if ($action == "updatesettings") {
$setting_item = $HTTP_POST_VARS['setting_item'];
$setting_item['user_cat_auth_array'] = "";
foreach ($auth_array as $key) {
$setting_item['user_cat_auth_array'] .= (($HTTP_POST_VARS['user_cat_'.$key]) ? 1 : 0).",";
}
$setting_item['user_cat_auth_array'] = trim($setting_item['user_cat_auth_array'], ","); show_form_footer($lang['save_changes'], "", 2);Add before (above it): show_table_separator($setting_group[10], 2, "#setting_group_10");
show_setting_row("user_cat", "radio");
show_setting_row("user_cat_new", "radio");
show_setting_row("user_cat_parent", "show_categories_list");
show_setting_row("user_cat_auth_array", "show_user_cat_perm_array");
show_additional_fields("user", $user_row, USERS_TABLE);Add before (above it): $additional_user_fields['user_cat'][0] = "<a href=\"".ROOT_PATH."categories.php?cat_id=".$user_row['user_cat']."\" target=\"_blank\" />".$lang['user_cat']."</a>";$additional_user_fields['user_cat'] = array($lang['user_cat'], "text", 0);
$additional_user_fields['user_cat_active'] = array($lang['user_cat_active'], "radio", 0);
$additional_user_fields['user_cat_active_admin'] = array($lang['user_cat_active_admin'], "radio", 0);
$additional_user_fields['user_cat_terms'] = array($lang['user_cat_terms'], "radio", 0);//----- User Cat -----
$lang['cancel'] = "Cancel";
$lang['not_in_list'] = "Dont have access";
$lang['in_list'] = "Have access";
$lang['auth_viewcat'] = "View Category";
$lang['auth_viewimage'] = "View Image";
$lang['auth_download'] = "Download";
$lang['auth_upload'] = "Upload";
$lang['auth_directupload'] = "Direct Upload";
$lang['auth_vote'] = "Vote";
$lang['auth_sendpostcard'] = "Send eCard";
$lang['auth_readcomment'] = "Read Comments";
$lang['auth_postcomment'] = "Post Comment";
$lang['added'] = "Added";
$lang['removed'] = "Removed";
$lang['user_cat'] = "Personal Category";
$lang['user_cat_for'] = "Personal Category Permissions for";
$lang['user_cat_active'] = "Activate Personal Category";
$lang['user_cat_active_admin'] = "Permit Personal Category";
$lang['user_cat_terms'] = "Members Personal Category Terms and Conditions";
$lang['permis'] = "Permissions";
$lang['user_cat_note'] = "** <b>All</b> - Everyone including guests (public).<br /><b> Registered Users</b> - guests not allowed.<br /><b> Private</b> - only selected members will have access.";
$lang['auth_warning'] = "NOTE: This will affect only selected in "".$lang['auth_viewcat']."" members.";
$lang['user_cat_help'] = "* Select from <b>left</b> side members who you want <b>add</b> to access list<br /> and from <b>right</b> side to <b>delete</b> members from access list.";
$lang['user_cat_terms_text'] = "Blah Blah Blah<br />Just accept it.";
$lang['user_cat_terms_must'] = "You must accept terms and conditions";
$lang['user_cat_activate_not'] = "Your ".$lang['user_cat']." is not activated";
$lang['user_cat_activate'] = "Activate";
$lang['user_cat_deactive_admin'] = "Your ".$lang['user_cat']." was terminated by administrator";
$user_cat_auth_type = array(
AUTH_ALL => "All",
AUTH_USER => "Registered Users",
AUTH_ACL => "Private"
);
//--- End User Cat ---/*-- Setting-Group 10 --*/
$setting_group[10]="Member Personal Category";
$setting['user_cat'] = "Activate Member Personal Category";
$setting['user_cat_new'] = "Allow Create New Member Personal Categories";
$setting['user_cat_parent'] = "Parent Category";
$setting['user_cat_auth_array'] = "Allowed Change Permissions";
$auth_array = array(
"auth_viewcat",
"auth_viewimage",
"auth_download",
"auth_upload",
"auth_directupload",
"auth_vote",
"auth_sendpostcard",
"auth_readcomment",
"auth_postcomment"
); {if lang_activate}
<tr>
<td colspan="2" valign="top" class="head1">{lang_user_cat} <sup class="new">{lang_new}</sup></td>
</tr>
<tr>
<td class="row1" colspan="2">
<input type="checkbox" name="user_cat_active" value="1"{user_cat_active_yes} /><b> {lang_activate}</b>
</td>
</tr>
{if user_cat_edit}
<tr>
<td class="row1" colspan="2">
<a href="{user_cat_edit}">{lang_edit}</a>
</td>
</tr>
{endif user_cat_edit}
{endif lang_activate}{if auth_edit_js}
<script language="JavaScript">
var user_list="{user_list}";
var list=user_list.split(",");
var user_list = new Array();
var user_list_id = new Array();
var ii=0;
for (var i=0; i < (list.length/2); i++){
user_list[i] = list[ii+1];
user_list_id[i] = list[ii];
ii=ii+2;
}
var list = "{auth_list}";
var name = "{usercat_auth}";
var list = list.split(",");
var owner = {admin_cat_owner};
var owner_mark = "";
function print_list(type){
result="<select name='"+name+"_"+type+"[]' size='15' style='width:200;' multiple='multiple'>\n";
result +="<option value='0' selected='selected'></option>\n";
for (var i=0; i<user_list_id.length; i++){
if (owner == user_list_id[i]) {
owner_mark = " style='background-color: #FFCECE;'";
}else{
owner_mark = "";
}
if (type == 1){
if (!searchArray(user_list_id[i], list)) {
result +="<option value='"+user_list_id[i]+"'"+owner_mark+">» "+user_list[i]+"</option>\n";
}
}else{
if (searchArray(user_list_id[i], list)) {
result +="<option value='"+user_list_id[i]+"'"+owner_mark+"'>» "+user_list[i]+"</option>\n";
}
}
}
result +="</select>\n";
return result;
}
function searchArray(key, arr){
for (var i=0;i<arr.length;i++){
if (key==arr[i]) return true;
}
return false;
}
</script>
{endif auth_edit_js}
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="bordercolor">
<tr>
<td valign="top">
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td valign="top" class="head1" colspan="4">{lang_auth}</td>
</tr>
{auth_bit}
</table>
</td>
</tr>
</table>
.button {
font-family: Tahoma,Verdana,Arial, Helvetica, sans-serif;
background-color: #D9DDE1;
border: 1px
color: Black;
font-size : 10px;
font-weight : bold;
})
. At the begining I was thinking to force sender to enter name for each email address, separated by coma or semicolon...but then, it will be too confusing. $back_url = (!empty($HTTP_POST_VARS['back_url'])) ? stripslashes(trim($HTTP_POST_VARS['back_url'])) : $site_sess->url(ROOT_PATH."index.php", "&");
$postcard_id = get_random_key(POSTCARDS_TABLE, "postcard_id");
$current_time = time();
$sql = "INSERT INTO ".POSTCARDS_TABLE."
(postcard_id, image_id, postcard_date, postcard_bg_color, postcard_border_color, postcard_font_color, postcard_font_face, postcard_sender_name, postcard_sender_email, postcard_recipient_name, postcard_recipient_email, postcard_headline, postcard_message)
VALUES
('$postcard_id', $image_id, $current_time, '$bg_color', '$border_color', '$font_color', '$font_face', '$sender_name', '$sender_email', '$recipient_name', '$recipient_email', '$headline', '$message')";
$result = $site_db->query($sql);
if ($result) {
$postcard_url = $script_url."/postcards.php?".URL_POSTCARD_ID."=".$postcard_id;
include(ROOT_PATH.'includes/email.php');
$site_email = new Email();
$site_email->set_to(stripslashes($recipient_email));
$site_email->set_from(stripslashes($sender_email), stripslashes($sender_name));
$site_email->set_subject($lang['send_postcard_emailsubject']);
$site_email->register_vars(array(
"sender_name" => stripslashes($sender_name),
"sender_email" => stripslashes($sender_email),
"recipient_name" => stripslashes($recipient_name),
"postcard_url" => stripslashes($postcard_url),
"postcard_send_date" => format_date($config['date_format']." ".$config['time_format'], $current_time),
"site_name" => $config['site_name']
));
$site_email->set_body("postcard_message", $config['language_dir']);
$site_email->send_email();
$msg .= $lang['send_postcard_success'];
$msg .= "<br /><a href=\"".$back_url."\">".$lang['back_to_gallery']."</a>";
$action = "showcard";
}
else {
$msg = $lang['general_error'];
$action = "previewcard";
$main_template = "postcard_preview";
}
}
if ($action == "showcard") {Replace with: $back_url = (!empty($HTTP_POST_VARS['back_url'])) ? stripslashes(trim($HTTP_POST_VARS['back_url'])) : $site_sess->url(ROOT_PATH."index.php", "&");
include(ROOT_PATH.'includes/email.php');
$recipient_email_temp = $recipient_email;
$recipient_email_temp = str_replace(" ", "", $recipient_email_temp);
$recipient_email_temp = str_replace(";", ",", $recipient_email_temp);
$recipient_email_array = explode(",", $recipient_email_temp);
$recipient_email_cache = array();
foreach ($recipient_email_array as $key) {
if (!in_array($key, $recipient_email_cache)) {
$recipient_email_cache[] = $key;
$postcard_id = get_random_key(POSTCARDS_TABLE, "postcard_id");
$current_time = time();
$sql = "INSERT INTO ".POSTCARDS_TABLE."
(postcard_id, image_id, postcard_date, postcard_bg_color, postcard_border_color, postcard_font_color, postcard_font_face, postcard_sender_name, postcard_sender_email, postcard_recipient_name, postcard_recipient_email, postcard_headline, postcard_message)
VALUES
('$postcard_id', $image_id, $current_time, '$bg_color', '$border_color', '$font_color', '$font_face', '$sender_name', '$sender_email', '$recipient_name', '$key', '$headline', '$message')";
$result = $site_db->query($sql);
if ($result) {
$postcard_url = $script_url."/postcards.php?".URL_POSTCARD_ID."=".$postcard_id;
$site_email = new Email();
$site_email->set_to(stripslashes($key));
$site_email->set_from(stripslashes($sender_email), stripslashes($sender_name));
$site_email->set_subject($lang['send_postcard_emailsubject']);
$site_email->register_vars(array(
"sender_name" => stripslashes($sender_name),
"sender_email" => stripslashes($sender_email),
"recipient_name" => stripslashes($recipient_name),
"postcard_url" => stripslashes($postcard_url),
"postcard_send_date" => format_date($config['date_format']." ".$config['time_format'], $current_time),
"site_name" => $config['site_name']
));
$site_email->set_body("postcard_message", $config['language_dir']);
$site_email->send_email();
}
else {
$msg = $lang['general_error'];
$action = "previewcard";
$main_template = "postcard_preview";
exit;
}
}
}
$msg .= $lang['send_postcard_success']."<br />( ".$recipient_email_temp." )";
$msg_color = 1;
$msg .= "<br /><a href=\"".$back_url."\">".$lang['back_to_gallery']."</a>";
$action = "showcard";
}
if ($action == "showcard") { if (($sender_email != "" && !check_email($sender_email)) || ($recipient_email != "" && !check_email($recipient_email))) {
$msg .= (($msg != "") ? "<br />" : "").$lang['invalid_email_format'];
$error = 1;
}Replace with: if ($sender_email != "" && !check_email($sender_email)) {
$msg .= (($msg != "") ? "<br />" : "").$lang['invalid_email_format'];
$error = 1;
}
if ($recipient_email != "") {
$recipient_email_temp = $recipient_email;
$recipient_email_temp = str_replace(" ", "", $recipient_email_temp);
$recipient_email_temp = str_replace(";", ",", $recipient_email_temp);
$recipient_email_array = explode(",", $recipient_email_temp);
$recipient_email_temp = $recipient_email;
$error_email = "";
foreach ($recipient_email_array as $key) {
if (check_email(trim($key))) {
$recipient_email_temp .= $key.", ";
}else{
$recipient_email_temp .= "<font style=\"background-color:red;\">".$key."</font>, ";
$error_email = 1;
}
}
if ($error_email) {
$msg .= (($msg != "") ? "<br />" : "").$lang['invalid_email_format']." ( ".trim($recipient_email_temp,", ")." )";
$error = 1;
}
}else{
$msg .= (($msg != "") ? "<br />" : "").$lang['invalid_email_format'];
$error = 1;
}
if ($user_info['user_level'] != GUEST) {Replace with: if ($user_info['user_level'] >= GUEST) {function add_to_lightbox($id) {
global $user_info, $site_db;
$id = intval($id);
if (!$id) {
return false;
}
$lightbox_ids = $user_info['lightbox_image_ids'];
$lightbox_array = explode(" ", $lightbox_ids);
if (!in_array($id, $lightbox_array)) {
$lightbox_ids .= " ".$id;
}
$user_info['lightbox_image_ids'] = trim($lightbox_ids);
$user_info['lightbox_lastaction'] = time();Replace with:function add_to_lightbox($id) {
global $user_info, $site_db, $site_sess;
$id = intval($id);
if (!$id) {
return false;
}
if ($user_info['user_level'] == GUEST) {
$lightbox = $site_sess->get_session_var('lightbox');
$user_info['lightbox_image_ids'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox");
}
$lightbox_ids = $user_info['lightbox_image_ids'];
$lightbox_array = explode(" ", $lightbox_ids);
if (!in_array($id, $lightbox_array)) {
$lightbox_ids .= " ".$id;
}
$user_info['lightbox_image_ids'] = trim($lightbox_ids);
$user_info['lightbox_lastaction'] = time();
if ($user_info['user_level'] == GUEST) {
$site_sess->set_cookie_data("lightbox", $user_info['lightbox_image_ids'], 1);
$site_sess->set_cookie_data("lightbox_lastaction", $user_info['lightbox_lastaction'], 1);
$site_sess->set_session_var("lightbox", $user_info['lightbox_image_ids']);
$site_sess->set_session_var("lightbox_lastaction", $user_info['lightbox_lastaction']);
return 1;
}function remove_from_lightbox($id) {
global $user_info, $site_db;
$lightbox_array = explode(" ",$user_info['lightbox_image_ids']);
foreach ($lightbox_array as $key => $val) {
if ($val == $id) {
unset($lightbox_array[$key]);
}
}
$user_info['lightbox_image_ids'] = trim(implode(" ", $lightbox_array));
$user_info['lightbox_lastaction'] = time();Replace with:function remove_from_lightbox($id) {
global $user_info, $site_db, $site_sess;
if ($user_info['user_level'] == GUEST) {
$lightbox = $site_sess->get_session_var('lightbox');
$user_info['lightbox_image_ids'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox");
}
$lightbox_array = explode(" ",$user_info['lightbox_image_ids']);
foreach ($lightbox_array as $key => $val) {
if ($val == $id) {
unset($lightbox_array[$key]);
}
}
$user_info['lightbox_image_ids'] = trim(implode(" ", $lightbox_array));
$user_info['lightbox_lastaction'] = time();
if ($user_info['user_level'] == GUEST) {
$site_sess->set_cookie_data("lightbox", $user_info['lightbox_image_ids'], 1);
$site_sess->set_cookie_data("lightbox_lastaction", $user_info['lightbox_lastaction'], 1);
$site_sess->set_session_var("lightbox", $user_info['lightbox_image_ids']);
$site_sess->set_session_var("lightbox_lastaction", $user_info['lightbox_lastaction']);
return 1;
}function clear_lightbox() {
global $user_info, $site_db;
$current_time = time();Replace with:function clear_lightbox() {
global $user_info, $site_db, $site_sess;
$current_time = time();
if ($user_info['user_level'] == GUEST) {
$user_info['lightbox_image_ids'] = "";
$user_info['lightbox_lastaction'] = $current_time;
$site_sess->set_cookie_data("lightbox", "");
$site_sess->drop_session_var("lightbox");
$site_sess->set_cookie_data("lightbox_lastaction", $current_time, 1);
$site_sess->set_session_var("lightbox_lastaction", $current_time);
return true;
}function check_lightbox($id) {
global $user_info;Replace with:function check_lightbox($id) {
global $user_info, $site_sess;
if ($user_info['user_level'] == GUEST) {
$lightbox = $site_sess->get_session_var('lightbox');
$user_info['lightbox_image_ids'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox");
}if ($user_info['user_level'] == GUEST || $user_info['user_level'] == USER_AWAITING) {
show_error_page($lang['lightbox_register']);
}if (!empty($user_info['lightbox_image_ids'])) {Add before:if ($user_info['user_level'] == GUEST) {
$lightbox = $site_sess->get_session_var('lightbox');
$user_info['lightbox_image_ids'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox");
$lightbox = $site_sess->get_session_var('lightbox_lastaction');
$user_info['lightbox_lastaction'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox_lastaction");
} if (!empty($user_info['lightbox_image_ids'])) {
$download_button = "<a href=\"".$site_sess->url(ROOT_PATH."download.php?action=lightbox")."\"><img src=\"".get_gallery_image("download_zip.gif")."\" border=\"0\" alt=\"\" /></a>";Replace with: if (!empty($user_info['lightbox_image_ids']) && $user_info['user_level'] != GUEST) {
$download_button = "<a href=\"".$site_sess->url(ROOT_PATH."download.php?action=lightbox")."\"><img src=\"".get_gallery_image("download_zip.gif")."\" border=\"0\" alt=\"\" /></a>"; if ($download_allowed && !empty($user_info['lightbox_image_ids'])) {
$download_button = "<a href=\"".$site_sess->url(ROOT_PATH."download.php?action=lightbox")."\"><img src=\"".get_gallery_image("download_zip.gif")."\" border=\"0\" alt=\"\" /></a>";Replace with: if ($download_allowed && !empty($user_info['lightbox_image_ids']) && $user_info['user_level'] != GUEST) {
$download_button = "<a href=\"".$site_sess->url(ROOT_PATH."download.php?action=lightbox")."\"><img src=\"".get_gallery_image("download_zip.gif")."\" border=\"0\" alt=\"\" /></a>";<a href="{url_lightbox}">{lang_lightbox}</a>//-----------------------------------------------------
//--- Add & Delete from Lists -------------------------
//-----------------------------------------------------
if ($action == "addtolightbox" && $id) {
if ($user_info['user_level'] >= USER) {
$msg = (add_to_lightbox($id)) ? $lang['lightbox_add_success'] : $lang['lightbox_add_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}
if ($action == "removefromlightbox" && $id) {
if ($user_info['user_level'] >= USER) {
$msg = (remove_from_lightbox($id)) ? $lang['lightbox_remove_success'] : $lang['lightbox_remove_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}
if ($action == "clearlightbox") {
if ($user_info['user_level'] >= USER) {
$msg = (clear_lightbox()) ? $lang['lightbox_delete_success'] : $lang['lightbox_delete_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}Replace with://-----------------------------------------------------
//--- Add & Delete from Lists -------------------------
//-----------------------------------------------------
if ($action == "addtolightbox" && $id) {
if ($user_info['user_level'] >= GUEST) {
$msg = (add_to_lightbox($id)) ? $lang['lightbox_add_success'] : $lang['lightbox_add_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}
if ($action == "removefromlightbox" && $id) {
if ($user_info['user_level'] >= GUEST) {
$msg = (remove_from_lightbox($id)) ? $lang['lightbox_remove_success'] : $lang['lightbox_remove_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}
if ($action == "clearlightbox") {
if ($user_info['user_level'] >= GUEST) {
$msg = (clear_lightbox()) ? $lang['lightbox_delete_success'] : $lang['lightbox_delete_error'];
}
else {
$msg = $lang['lightbox_register'];
}
}if ($action == "lightbox") { if ($user_info['user_level'] == GUEST) {
$lightbox = $site_sess->get_session_var('lightbox');
$user_info['lightbox_image_ids'] = ($lightbox) ? $lightbox : $site_sess->read_cookie_data("lightbox");
}
$site_template->register_vars(array(
"media_url" => MEDIA_PATH,
"thumb_url" => THUMB_PATH,Add before:$query_string = '';
if (!empty($HTTP_GET_VARS)) {
foreach ($HTTP_GET_VARS as $key => $val) {
if ($key != "l") {
$query_string .= ($query_string != '' ? '&' : '?').$key."=".$val;
}
}
}
// We add the session id with "&" not "&"
$lang_url = $site_sess->url($PHP_SELF.$query_string, '&');
// Now we can better remove the "l" parameter
$lang_url = preg_replace("/[?|&]l=[^?|&]*/", "", $lang_url);
// We replace "&" with "&" to make it valid XHTML
$lang_url = str_replace("&", "&", $lang_url);
$lang_select = "<form action=\"".$lang_url."\" method=\"post\">\n";
$lang_select .= "<select class=\"select\" name=\"l\" onChange=\"submit()\">\n";
// Now we open the "lang" folder, read out all available languages
// and add it as options to the dropdown.
$handle = opendir(ROOT_PATH."lang");
while ($folder = @readdir($handle)) {
if (@is_dir(ROOT_PATH."lang/".$folder) && $folder != "." && $folder != "..") {
$lang_select .= "<option value=\"".$folder."\"";
// If the folder name matches the current language,
// show the option as selected
if ($folder == $config['language_dir']) {
$lang_select .= " selected=\"selected\"";
}
$lang_select .= ">".$folder."</option>\n";
}
}
$lang_select .= "</select>\n</form>";
// Register the dropdown code for the template engine
$site_template->register_vars("lang_select", $lang_select);$site_template->register_vars(array(
"media_url" => MEDIA_PATH,
"thumb_url" => THUMB_PATH,Add before:$query_string = '';
if (!empty($HTTP_GET_VARS)) {
foreach ($HTTP_GET_VARS as $key => $val) {
if ($key != "l") {
$query_string .= ($query_string != '' ? '&' : '?').$key."=".$val;
}
}
}
$lang_url = $site_sess->url($PHP_SELF.$query_string, '&');
$lang_url = preg_replace("'&(amp|#38);'i", "&", $lang_url);
$lang_url = preg_replace("/[?|&]l=[^?|&]*/", "", $lang_url);
$lang_url = str_replace("&", "&", $lang_url);
$handle = opendir(ROOT_PATH."lang");
$lang_select = "";
while ($folder = @readdir($handle)) {
if (@is_dir(ROOT_PATH."lang/".$folder) && $folder != "." && $folder != "..") {
if ($folder != $config['language_dir']) {
$lang_select .= "<a class=\"lang\" href=\"".$lang_url.(preg_match("/english/i",$folder) ? "" : ((preg_match("/\?/", $lang_url) ? "&" : "?")."l=".$folder))."\" onMouseOver=\"(window.status='$folder'); return true\" onMouseOut=\"window.status=''; return true\"><img src=\"".TEMPLATE_PATH."/images/".$folder.".gif\" border=\"0\" alt=\"".$folder."\"></a> ";
}else{
$lang_select .= "<img src=\"".TEMPLATE_PATH."/images/".$folder."2.gif\" border=\"0\" alt=\"".$folder."\"> ";
}
}
}
// Register the dropdown code for the template engine
$site_template->register_vars("lang_select", $lang_select); (no changes has been made though)
