/index.php
PHP | 953 lines | 731 code | 68 blank | 154 comment | 91 complexity | 49d2af68b760bf158cf9babce5e44569 MD5 | raw file
Possible License(s): GPL-2.0
- <?php
- // SVN file version:
- // $Id$
- /*
- Pixelpost version 1.7.2
- Pixelpost www: http://www.pixelpost.org/
- Version 1.7.2:
- Development Team:
- Ramin Mehran, Will Duncan, Joseph Spurling,
- Piotr "GeoS" Galas, Dennis Mooibroek, Karin Uhlig, Jay Williams, David Kozikowski
- Former members of the Development Team:
- Connie Mueller-Goedecke
- Version 1.1 to Version 1.3: Linus <http://www.shapestyle.se>
- IMPORTANT!!!
- Due to the nature of the characterset used in this file it is important to save this
- file with an UTF-8 encoding.
- Contact: thecrew (at) pixelpost (dot) org
- Copyright 2007 Pixelpost.org <http://www.pixelpost.org>
- License: http://www.gnu.org/copyleft/gpl.html
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
- */
- // the function below is from wordpress. It cleans globals set by register_globals is enabled;
- require_once("includes/functions.php");
- PP_unregister_GLOBALS();
- ini_set('arg_separator.output', '&');
- error_reporting(0);
- /**
- * Define constants
- *
- */
- define('PHP_SELF', 'index.php');
- define('ADDON_DIR', 'addons/');
- define('ADMIN_DIR', 'admin/');
- if(file_exists("includes/pixelpost.php")){ require_once("includes/pixelpost.php"); }
- start_mysql('includes/pixelpost.php','front');
- /**
- * Load the $cfgrow configuration variable and set the upload directory
- *
- */
- if($cfgrow = sql_array("SELECT * FROM `".$pixelpost_db_prefix."config`"))
- {
- //$upload_dir = $cfgrow['imagepath'];
- }
- else
- {
- show_splash('Coming Soon. Not Installed Yet. Cause #1','templates');
- }
- /**
- * Begin frontpage addons
- *
- */
- refresh_addons_table(ADDON_DIR);
- $addon_front_functions = array(0 => array('function_name' => '', 'workspace' => '', 'menu_name' => '', 'submenu_name' => ''));
- $addon_admin_functions = array(0 => array('function_name' => '', 'workspace' => '', 'menu_name' => '', 'submenu_name' => ''));
- create_front_addon_array();
- session_start();
- // Initialize the workspace
- eval_addon_front_workspace('frontpage_init');
- // Fix proposed by tomyeah on the forum
- header('Content-Type: text/html; charset=utf-8');
- // Set a cookie for the visitor counter, re-count a person after 60 mins
- setcookie("lastvisit","expires in 60 minutes",time() +60*60);
- // save user info if requested
- if(isset($_POST['vcookie']))
- {
- $vcookiename = clean($_POST['name']);
- $vcookieurl = clean($_POST['url']);
- $vcookieemail = clean($_POST['email']);
- setcookie("visitorinfo","$vcookiename%$vcookieurl%$vcookieemail",time() +60*60*24*30); // save cookie 30 days
- }
- // cleanup $_GET['x']
- if(isset($_GET['x'])){ $_GET['x'] = eregi_replace('[^a-z0-9_-]', '', $_GET['x']); }
- if(isset($_GET['errors']) && $_SESSION["pixelpost_admin"])
- {
- error_reporting(E_ALL ^ E_NOTICE);
- }
- elseif(isset($_GET['errorsall']) && $_SESSION["pixelpost_admin"])
- {
- error_reporting(E_ALL);
- }
- if(isset($_GET['showimage'])){ $_GET['showimage'] = (int) $_GET['showimage']; }
- if($cfgrow['markdown'] == 'T'){ require_once("includes/markdown.php"); }
- /**
- * Added token support for use in forms (only if it is set to on)
- *
- */
- if($cfgrow['token'] == 'T')
- {
- if(!isset($_SESSION['token']))
- {
- $_SESSION['token'] = md5($_SERVER["HTTP_USER_AGENT"].$_SERVER["HTTP_ACCEPT_LANGUAGE"].$_SERVER["HTTP_ACCEPT_ENCODING"].$_SERVER["HTTP_ACCEPT_CHARSET"].$_SERVER["HTTP_ACCEPT"].$_SERVER["SERVER_SOFTWARE"].session_id().uniqid(rand(), TRUE));
- }
- if(!isset($_GET['x'])&&$_GET['x'] !== "save_comment")
- {
- $_SESSION['token_time'] = time();
- }
- }
- // book visitors
- if(strtolower($cfgrow['visitorbooking']) != 'no') { book_visitor($pixelpost_db_prefix.'visitors'); }
- // mod rewrite
- if(isset($mod_rewrite) AND $mod_rewrite == '1'){ $showprefix = ''; }else{ $showprefix = './'.PHP_SELF.'?showimage='; }
- // refresh the addons table
- //refresh_addons_table(ADDON_DIR);
- /**
- * Timezone variables
- *
- */
- $tz = $cfgrow['timezone'];
- $datetime = gmdate("Y-m-d H:i:s",time()+(3600 * $tz)); // current date+time
- $cdate = $datetime; // for future posting, current date+time
- /**
- * LANGUAGE SELECTION
- *
- * This is an array of all supported languages in PP. It contains the country abbreviation
- * and the native word for the language spoken in that country. This is used to get all
- * variables.
- *
- */
- /**
- * Query the database and pullout the language array(s).
- *
- */
- $query = mysql_query("SELECT * FROM `".$pixelpost_db_prefix."localization`");
- $row = mysql_fetch_array($query,MYSQL_ASSOC);
- /**
- * Unserialize the defualt language array using the UTF8 safe unserialize function, mb_unserialize.
- *
- */
- $PP_supp_lang = mb_unserialize(stripslashes($row['pp_supp_lang']));
- /**
- * If a user supplied language array exists,
- * Unserialize the user language array using the UTF8 safe unserialize function, mb_unserialize,
- * and merge with the default pixelpost array.
- *
- */
- if(!empty($row['user_supp_lang']))
- {
- $user_supp_lang = mb_unserialize(stripslashes($row['user_supp_lang']));
- $PP_supp_lang = array_merge($PP_supp_lang, $user_supp_lang);
- }
- /**
- * The default language is the language the user has set in the adminpanel
- * We have to find the abbreviation
- *
- */
- $default_language_abr = strtolower($PP_supp_lang[$cfgrow['langfile']][0]);
- /**
- * Try to find if another language was selected or not (different ways)
- * Set a cookie to the GET arg 'lang' if it exists.
- *
- */
- if(isset($_GET['lang']))
- {
- // cookie is saved for 30 days now
- setcookie ('lang', substr($_GET['lang'],0,2), time() +60*60*24*30, '/', false, 0);
- $language_abr = substr($_GET['lang'],0,2);
- }
- /**
- * Set the language variable to session 'lang' - this variable is the one used below
- *
- */
- $language_abr = "";
- if(isset($_COOKIE['lang'])) { $language_abr = $_COOKIE['lang']; }
- /**
- * Use the default language if none of the previous steps captured a language preference
- *
- */
- if(empty($language_abr)){ $language_abr = $default_language_abr; }
- /**
- * Override the language if $_GET['lang'] is set.
- *
- */
- if(isset($_GET['lang'])){ $language_abr = substr($_GET['lang'],0,2); }
- /**
- * Convert the two letter $language variable to full name of language file
- * (used in language file switch but not template switch (template uses abbreviation))
- *
- */
- foreach($PP_supp_lang as $key => $row)
- {
- foreach($row as $cell)
- {
- if($cell == strtoupper($language_abr)) { $language_full = $key; }
- }
- }
- /**
- * Get the language file based on the language selection
- *
- *
- * Always include the default language file (English) if it exists.
- * That way if we forget to update the variables in the alternative language files the English ones are shown.
- *
- */
- if(file_exists("language/lang-english.php"))
- {
- if(!isset($_GET['x']) OR ($_GET['x'] != "rss" AND $_GET['x'] != "atom"))
- {
- require_once("language/lang-english.php");
- }
- }
- // now replace the contents of the variables with the selected language.
- if(!empty($language_full))
- {
- // check if illegal characters are used
- if (!ereg("^[A-Za-z]+([0-9]+)?$", $language_full)) {
- echo '<b>Error:</b><br />Pixelpost cannot include this file. If you need assistance in resolving this error please visit the <a href="http://www.pixelpost.org/forum/">Pixelpost Forum</a>.';
- setcookie ('lang', "", time() - 3600, '/', false, 0);
- exit;
- } else {
- if(file_exists("language/lang-".$language_full.".php"))
- {
- if(!isset($_GET['x']) OR ($_GET['x'] != "rss" AND $_GET['x'] != "atom"))
- {
- require_once("language/lang-".$language_full.".php");
- }
- }
- else
- {
- echo '<b>Error:</b><br />No <b>language</b> folder exists or the file <b>"lang-'.$language_full.'.php"</b> is missing in that folder.<br />Make sure that you have uploaded all necessary files with the exact same names as mentioned here.';
- setcookie ('lang', "", time() - 3600, '/', false, 0);
- exit;
- }
- }
- }
- else
- {
- echo '<b>Error:</b><br />Pixelpost has problem selecting a default language.<br />Make sure that you have chosen a default language in the adminpanel.';
- setcookie ('lang', "", time() - 3600, '/', false, 0);
- exit;
- }
- // Double Quotes in <SITE_TITLE> break HTML Code
- $pixelpost_site_title = htmlspecialchars(pullout($cfgrow['sitetitle']),ENT_NOQUOTES);
- // Double Quotes in <SUB_TITLE> break HTML Code
- $pixelpost_sub_title = htmlspecialchars(pullout($cfgrow['subtitle']),ENT_NOQUOTES);
- /**
- * Added ability to use header and footers for templates. They are not needed but used if included in the template
- * Don't show header or footer if viewing comments in a popup
- *
- */
- if(isset($_GET['popup']) && $_GET['popup'] != "comment" || !isset($_GET['popup']))
- {
- if(file_exists("templates/".$cfgrow['template']."/header.html"))
- {
- $header = compile("templates/".$cfgrow['template']."/header.html");
- }
- if(file_exists("templates/".$cfgrow['template']."/footer.html"))
- {
- $footer = compile("templates/".$cfgrow['template']."/footer.html");
- }
- }
- /**
- * You can now add any template you want by just adding the template and a link to it. For example,
- * ?x=about will load the template about_template.html
- *
- */
- if(isset($_GET['x'])&& $_GET['x'] == "ref") { $_GET['x'] = "referer"; } // Maintain backwards compatibility with the referer template
- // Refererlog
- if(isset($_GET['x'])&&$_GET['x'] == "referer")
- {
- header("HTTP/1.0 404 Not Found");
- header("Status: 404 File Not Found!");
- echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nThe requested URL /index.php was not found on this server.<P>\n<P>Additionally, a 404 Not Found\nerror was encountered while trying to use an ErrorDocument to handle the request.\n</BODY></HTML>";
- exit;
- }
- /**
- * Get the template file based on the language selection
- *
- */
- if($language_full==$cfgrow['langfile'])
- { // we have our default language from the PP installation, so we use our default templates
- if(isset($_GET['x']) && file_exists("templates/".$cfgrow['template']."/".$_GET['x']."_template.html"))
- {
- if(eregi("[.]",$_GET['x'])) { die("Come on! forget about it..."); }
- $tpl = compile("templates/".$cfgrow['template']."/".$_GET['x']."_template.html");
- }
- else
- {
- if(!file_exists("templates/".$cfgrow['template']."/image_template.html"))
- {
- echo '<b>Error:</b><br />No template folder exists by the name of <b>"' .$cfgrow['template'] .'"</b> or the file <b>image_template.html</b> is missing in that folder.<br />Make sure that you have uploaded all necessary files with the exact same names as mentioned here.';
- exit;
- }
-
- if(isset($_GET['x']) && $_GET['x'] != 'atom' && $_GET['x'] != 'comment_atom' && $_GET['x'] != 'rss' && $_GET['x'] != 'comment_rss' && $_GET['x'] != 'save_comment') // if the x=foo does not exist, error 404
- {
- header("HTTP/1.0 404 Not Found");
- header("Status: 404 File Not Found!");
- echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nThe requested URL /index.php was not found on this server.<P>\n<P>Additionally, a 404 Not Found\nerror was encountered while trying to use an ErrorDocument to handle the request.\n</BODY></HTML>";
- exit;
- }
- $tpl = compile("templates/".$cfgrow['template']."/image_template.html");
- }
- }
- else
- {
- if(isset($_GET['x']) && file_exists("templates/".$cfgrow['template']."/".$_GET['x']."_".$language_abr."_template.html")) // we use our special designed language templates.
- {
- if (eregi("[.]",$_GET['x'])) { die("Come on! forget about it..."); }
- $tpl = compile("templates/".$cfgrow['template']."/".$_GET['x']."_".$language_abr."_template.html");
- }
- else
- {
- if(!file_exists("templates/".$cfgrow['template']."/image_".$language_abr."_template.html"))
- {
- echo '<b>Error:</b><br />No template folder exists by the name of <b>"' .$cfgrow['template'] .'"</b> or the file <b>image_'.$language_abr .'_template.html</b> is missing in that folder.<br />Make sure that you have uploaded all necessary files with the exact same names as mentioned here.<br /><br /><a href="'.PHP_SELF.'?lang='.$default_language_abr.'" alt="return to default language">Click here to return to the default language.</a>';
- exit;
- }
-
- if(isset($_GET['x']) && $_GET['x'] != 'atom' && $_GET['x'] != 'comment_atom' && $_GET['x'] != 'rss' && $_GET['x'] != 'comment_rss' && $_GET['x'] != 'save_comment') // if the x=foo does not exist, error 404
- {
- header("HTTP/1.0 404 Not Found");
- header("Status: 404 File Not Found!");
- echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nThe requested URL /index.php was not found on this server.<P>\n<P>Additionally, a 404 Not Found\nerror was encountered while trying to use an ErrorDocument to handle the request.\n</BODY></HTML>";
- exit;
- }
- $tpl = compile("templates/".$cfgrow['template']."/image_".$language_abr."_template.html");
- }
- if($cfgrow['display_sort_by'] == 'headline') { $cfgrow['display_sort_by'] = 'alt_headline'; }
- if($cfgrow['display_sort_by'] == 'body') { $cfgrow['display_sort_by'] = 'alt_body'; }
- }
- if(isset($_GET['popup'])&&$_GET['popup'] == "comment")
- { // additional language file for comment template
- if(file_exists("templates/".$cfgrow['template']."/comment_".$language_abr."_template.html"))
- {
- $tpl = compile("templates/".$cfgrow['template']."/comment_".$language_abr."_template.html");
- }
- else
- { // if not existing or no additional language chosen, default template file is called without error
- $tpl = compile("templates/".$cfgrow['template']."/comment_template.html");
- }
- }
- // if showimage=badstuff or email, hijack!
- if(isset($_GET['showimage']) && !is_numeric($_GET['showimage']))
- {
- header("HTTP/1.0 404 Not Found");
- header("Status: 404 File Not Found!");
- echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"><HTML><HEAD>\n<TITLE>404 Not Found</TITLE>\n</HEAD><BODY>\n<H1>Not Found</H1>\nDon't do that! go back to index.php! \n</BODY></HTML>";
- exit;
- }
- // Added ability to use header and footers for templates. They are not needed but used if included in the template
- if(isset($header)) { $tpl = $header . $tpl; }
- if(isset($footer)) { $tpl = $tpl. $footer; }
- // Get visitor count
- $visitors = sql_array("SELECT count(*) as `count` FROM `".$pixelpost_db_prefix."visitors`");
- $pixelpost_visitors = $visitors['count'];
- // Get number of photos in database
- $photonumb = sql_array("SELECT count(*) as `count` FROM `".$pixelpost_db_prefix."pixelpost` WHERE `datetime` <= '$datetime'");
- $pixelpost_photonumb = $photonumb['count'];
- // Get the display order
- if($cfgrow['display_order'] == 'default') { $display_order = 'DESC'; }else{ $display_order = 'ASC'; }
- /**
- * Images / Main site
- *
- */
- if(!isset($_GET['x']))
- {
- // Get Current Image.
- if(!isset($_SESSION["pixelpost_admin"]))
- {
- if(!isset($_GET['showimage']) || $_GET['showimage'] == "")
- {
- $row = sql_array("SELECT * FROM `".$pixelpost_db_prefix."pixelpost` WHERE `datetime` <= '$cdate' ORDER BY ".$cfgrow['display_sort_by']." ".$display_order." LIMIT 0,1");
- }
- else
- {
- $row = sql_array("SELECT * FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`id` = '".$_GET['showimage']."') AND `datetime` <= '$cdate'");
- }
- }
- else
- {
- if(!isset($_GET['showimage']) || $_GET['showimage'] == "")
- {
- $row = sql_array("SELECT * FROM `".$pixelpost_db_prefix."pixelpost` ORDER BY ".$cfgrow['display_sort_by']." ".$display_order." LIMIT 0,1");
- }
- else
- {
- $row = sql_array("SELECT * FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`id` = '".$_GET['showimage']."')");
- }
- }
- if(!$row['image']){ echo "$lang_nothing_to_show"; exit; }
- $image_name = $row['image'];
- if($language_abr == $default_language_abr)
- {
- $image_title = pullout($row['headline']);
- $image_notes = ($cfgrow['markdown'] == 'T') ? markdown(pullout($row['body'])) : pullout($row['body']);
- }
- else
- {
- $image_title = ($row['alt_headline']=='') ? pullout($row['headline']) : pullout($row['alt_headline']);
- if($row['alt_body']=='')
- {
- $image_notes = ($cfgrow['markdown'] == 'T') ? markdown(pullout($row['body'])) : pullout($row['body']);
- }
- else
- {
- $image_notes = ($cfgrow['markdown'] == 'T') ? markdown(pullout($row['alt_body'])) : pullout($row['alt_body']);
- }
- }
- $image_title = htmlspecialchars($image_title,ENT_NOQUOTES);
- $image_id = $row['id'];
- $image_datetime = $row['datetime'];
- $image_datetime_formatted = strtotime($image_datetime);
- $image_datetime_formatted = date($cfgrow['dateformat'],$image_datetime_formatted);
- $image_date = substr($row['datetime'],0,10);
- $image_time = substr($row['datetime'],11,5);
- $image_date_year_full = substr($row['datetime'],0,4);
- $image_date_year = substr($row['datetime'],2,2);
- $image_date_month = substr($row['datetime'],5,2);
- $image_date_day = substr($row['datetime'],8,2);
- $thumbnail_extra = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name);
- $image_extra = getimagesize(ltrim($cfgrow['imagepath'], "./").$image_name);
- $image_width = $image_extra['0'];
- $image_height = $image_extra['1'];
- $tpl = str_replace("<IMAGE_WIDTH>",$image_width,$tpl);
- $tpl = str_replace("<IMAGE_HEIGHT>",$image_height,$tpl);
- $local_width = $thumbnail_extra['0'];
- $local_height = $thumbnail_extra['1'];
- $image_exif = $row['exif_info'];
- $image_thumbnail = "<a href='$showprefix$image_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name."' alt='$image_title' title='$image_title' width='$local_width' height='$local_height' /></a>";
- // thumnail no link
- $image_thumbnail_no_link = "<img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name."' alt='$image_title' title='$image_title' width='$local_width' height='$local_height' />";
- $image_permalink = "<a href='$showprefix$image_id'>$lang_permalink</a>"; // permalink automated for fancy url/no fancy
- // get previous image id and name
- if(!isset($_SESSION["pixelpost_admin"]))
- { //public
- $previous_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` < '$image_datetime') AND (`datetime` <= '$cdate') ORDER BY `datetime` DESC LIMIT 0,1");
- }
- else
- { //admin
- $previous_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` < '$image_datetime') ORDER BY `datetime` DESC LIMIT 0,1");
- }
- $image_previous_name = $previous_row['image'];
- $image_previous_id = $previous_row['id'];
-
- $image_previous_title = ($language_abr == $default_language_abr) ? pullout($previous_row['headline']) : pullout($previous_row['alt_headline']);
- $image_previous_datetime = $previous_row['datetime'];
- $image_previous_link = "<a href='$showprefix$image_previous_id'>$lang_previous</a>";
- if(!empty($image_previous_name)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_previous_name); }
-
- $image_previous_thumbnail = "<a href='$showprefix$image_previous_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_previous_name."' width='$local_width' height='$local_height' alt='$image_previous_title' title='$image_previous_title' /></a>";
- if($image_previous_id == "")
- {
- $image_previous_id = $image_id;
- $image_previous_title = "$lang_no_previous";
- $image_previous_link = "";
- $image_previous_thumbnail = "";
- }
- // get next image id and name
- if(!isset($_SESSION["pixelpost_admin"]))
- { //public
- $next_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` > '$image_datetime') AND (`datetime` <= '$cdate') ORDER BY `datetime` ASC LIMIT 0,1");
- }
- else
- { //admin
- $next_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` > '$image_datetime') ORDER BY `datetime` ASC LIMIT 0,1");
- }
- $image_next_name = $next_row['image'];
- $image_next_id = $next_row['id'];
- $image_next_title = ($language_abr == $default_language_abr) ? pullout($next_row['headline']) : pullout($next_row['alt_headline']);
- $image_next_datetime = $next_row['datetime'];
- $image_next_link = "<a href='$showprefix$image_next_id'>$lang_next</a>";
- if(!empty($image_next_name)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_next_name); }
- $image_next_thumbnail = "<a href='$showprefix$image_next_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_next_name."' alt='$image_next_title' width='$local_width' height='$local_height' title='$image_next_title' /></a>";
- if($image_next_id == "")
- {
- $image_next_id = $image_id;
- $image_next_title = "$lang_no_next";
- $image_next_link = "";
- $image_next_thumbnail = "";
- }
- // get first image
- if(!isset($_SESSION["pixelpost_admin"]))
- { //public
- $first_image_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` <= '$cdate') ORDER BY `datetime` ASC LIMIT 0,1");
- }
- else
- { //admin
- $first_image_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` ORDER BY `datetime` ASC LIMIT 0,1");
- }
- $first_image_name = $first_image_row['image'];
- $first_image_id = $first_image_row['id'];
-
- $first_image_title = ($language_abr == $default_language_abr) ? pullout($first_image_row['headline']) : pullout($first_image_row['alt_headline']);
- $first_image_datetime = $first_image_row['datetime'];
- $first_image_link = "<a href='$showprefix$first_image_id'>$lang_first</a>";
- if(!empty($first_image_name)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$first_image_name); }
- $first_image_thumbnail = "<a href='$showprefix$first_image_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$first_image_name."' alt='$first_image_title' width='$local_width' height='$local_height' title='$first_image_title' /></a>";
- if($first_image_id == $image_id)
- {
- $first_image_title = null;
- $first_image_link = null;
- $first_image_thumbnail = null;
- }
- // get latest image
- if(!isset($_SESSION["pixelpost_admin"]))
- { //public
- $last_image_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` <= '$cdate') ORDER BY `datetime` DESC LIMIT 0,1");
- }
- else
- { //admin
- $last_image_row = sql_array("SELECT `id`,`headline`,`alt_headline`,`image`,`datetime` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` <= '$cdate') ORDER BY `datetime` DESC LIMIT 0,1");
- }
- $last_image_name = $last_image_row['image'];
- $last_image_id = $last_image_row['id'];
-
- $last_image_title = ($language_abr == $default_language_abr) ? pullout($last_image_row['headline']) : pullout($last_image_row['alt_headline']);
- $last_image_datetime = $last_image_row['datetime'];
- $last_image_link = "<a href='$showprefix$last_image_id'>$lang_latest</a>";
- if(!empty($last_image_name)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$last_image_name); }
- $last_image_thumbnail = "<a href='$showprefix$last_image_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$last_image_name."' alt='$last_image_title' width='$local_width' height='$local_height' title='$last_image_title' /></a>";
- if($last_image_id == $image_id)
- {
- $last_image_title = null;
- $last_image_link = null;
- $last_image_thumbnail = null;
- }
- if(function_exists('gd_info'))
- {
- $gd_info = gd_info();
- if($gd_info != "")
- {
- // check that gd is here before this
- $aheadnumb = sql_array("SELECT count(*) as count FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` > '$image_datetime') AND (`datetime` <= '$cdate')");
- $aheadnumb = $aheadnumb['count'];
- $behindnumb = sql_array("SELECT count(*) as count FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` < '$image_datetime') AND (`datetime` <= '$cdate')");
- $behindnumb = $behindnumb['count'];
- $aheadlimit = round(($cfgrow['thumbnumber']-1)/2);
- $behindlimit = round(($cfgrow['thumbnumber']-1)/2);
- if($aheadnumb <= $aheadlimit)
- {
- $behindlimit = ($cfgrow['thumbnumber']-1)-$aheadnumb;
- $aheadlimit = $aheadnumb;
- }
- if($behindnumb <= $behindlimit)
- {
- $aheadlimit = ($cfgrow['thumbnumber']-1)-$behindnumb;
- $behindlimit = $behindnumb;
- }
- $totalthumbcounter = 1;
- $ahead_thumbs = '';
- $ahead_thumbs_reverse = '';
- $thumbs_ahead = mysql_query("SELECT `id`,`headline`,`alt_headline`,`image` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` > '$image_datetime') AND (`datetime` <= '$cdate') ORDER BY `datetime` ASC LIMIT 0,$aheadlimit");
- while(list($id,$headline,$alt_headline,$image) = mysql_fetch_row($thumbs_ahead))
- {
- $headline = ($language_abr == $default_language_abr) ? pullout($headline) : pullout($alt_headline);
- $headline = htmlspecialchars($headline,ENT_QUOTES);
- if(!empty($image)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image); }
- $ahead_thumbs .= "<a href='$showprefix$id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image."' alt='$headline' title='$headline' class='thumbnails' width='$local_width' height='$local_height' /></a>";
- $ahead_thumbs_reverse = "<a href='$showprefix$id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image."' alt='$headline' title='$headline' class='thumbnails' width='$local_width' height='$local_height' /></a>" .$ahead_thumbs_reverse ;
- $totalthumbcounter++;
- }
- $behind_thumbs = "";
- $behind_thumbs_reverse = "";
- $thumbs_behind = mysql_query("SELECT `id`,`headline`,`alt_headline`,`image` FROM `".$pixelpost_db_prefix."pixelpost` WHERE (`datetime` < '$image_datetime') AND (`datetime` <= '$cdate') ORDER BY `datetime` DESC LIMIT 0,$behindlimit");
- while(list($id,$headline,$alt_headline,$image) = mysql_fetch_row($thumbs_behind)) {
-
- $headline = ($language_abr == $default_language_abr) ? pullout($headline) : pullout($alt_headline);
- $headline = htmlspecialchars($headline,ENT_QUOTES);
- if(!empty($image)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image); }
- $behind_thumbs = "<a href='$showprefix$id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image."' alt='$headline' title='$headline' class='thumbnails' width='$local_width' height='$local_height' /></a>$behind_thumbs";
- $behind_thumbs_reverse .= "<a href='$showprefix$id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image."' alt='$headline' title='$headline' class='thumbnails' width='$local_width' height='$local_height' /></a>";
- $totalthumbcounter++;
- }
- if(!empty($image_name)){ list($local_width,$local_height,$type,$attr) = getimagesize(ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name); }
- $thumbnail_row = "$behind_thumbs<a href='$showprefix$image_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name."' alt='$image_title' title='$image_title' class='current-thumbnail' width='$local_width' height='$local_height' /></a>$ahead_thumbs";
- $thumbnail_row_reverse = "$ahead_thumbs_reverse<a href='$showprefix$image_id'><img src='".ltrim($cfgrow['thumbnailpath'], "./")."thumb_".$image_name."' alt='$image_title' title='$image_title' class='current-thumbnail' width='$local_width' height='$local_height' /></a>$behind_thumbs_reverse";
- $tpl = ereg_replace("<IMAGE_THUMBNAIL_ROW>",$thumbnail_row,$tpl);
- $tpl = ereg_replace("<IMAGE_THUMBNAIL_ROW_REV>",$thumbnail_row_reverse,$tpl);
- }
- }
- // Modified from Mark Lewin's hack for multiple categories
- $query = mysql_query("SELECT t1.cat_id,t2.name,t2.alt_name FROM `".$pixelpost_db_prefix."catassoc` AS t1 INNER JOIN `".$pixelpost_db_prefix."categories` t2 ON t1.cat_id = t2.id WHERE t1.image_id = '$image_id' ORDER BY t2.name");
- $image_category_number = 0;
- $image_category_all ="";
- $image_category_all_paged = "";
- while(list($cat_id,$name,$alt_name) = mysql_fetch_row($query))
- {
- $name = ($language_abr == $default_language_abr) ? pullout($name) : pullout($alt_name);
- $image_category_all .= "<a href='".PHP_SELF."?x=browse&category=$cat_id'>" .$cfgrow['catgluestart'] .$name .$cfgrow['catglueend']."</a> ";
- $image_category_all_paged .= "<a href='".PHP_SELF."?x=browse&category=$cat_id&pagenum=1'>" .$cfgrow['catgluestart'] .$name .$cfgrow['catglueend']."</a> ";
- $image_category_number = $image_category_number +1;
- }
-
- $image_categoryword = ($image_category_number >1) ? "$lang_category_plural " : "$lang_category_singular ";
- $tpl = ereg_replace("<SITE_TITLE>",$pixelpost_site_title,$tpl);
- $tpl = ereg_replace("<SUB_TITLE>",$pixelpost_sub_title,$tpl);
- $tpl = ereg_replace("<SITE_URL>",$cfgrow['siteurl'],$tpl);
- $tpl = ereg_replace("<IMAGE_CATEGORY>",$image_categoryword." ".$image_category_all,$tpl);
- // for paged_archive addon
- $tpl = ereg_replace("<IMAGE_CATEGORY_PAGED>",$image_categoryword." ".$image_category_all_paged,$tpl);
- $tpl = ereg_replace("<IMAGE_DATE_YEAR_FULL>",$image_date_year_full,$tpl);
- $tpl = ereg_replace("<IMAGE_DATE_YEAR>",$image_date_year,$tpl);
- $tpl = ereg_replace("<IMAGE_DATE_MONTH>",$image_date_month,$tpl);
- $tpl = ereg_replace("<IMAGE_DATE_DAY>",$image_date_day,$tpl);
- $tpl = ereg_replace("<IMAGE_THUMBNAIL>",$image_thumbnail,$tpl);
- // thumbnail no link
- $tpl = ereg_replace("<IMAGE_THUMBNAIL_NO_LINK>",$image_thumbnail_no_link,$tpl);
- $tpl = ereg_replace("<IMAGE_DATE>",$image_date,$tpl);
- $tpl = ereg_replace("<IMAGE_TIME>",$image_time,$tpl);
- $tpl = ereg_replace("<IMAGE_NAME>",$image_name,$tpl);
- $tpl = ereg_replace("<IMAGE_TITLE>",$image_title,$tpl);
- $tpl = ereg_replace("<IMAGE_DATETIME>",$image_datetime_formatted,$tpl);
- $tpl = ereg_replace("<IMAGE_NOTES>",$image_notes,$tpl);
- // image notes without HTML tags and double quotes
- $image_notes_clean = strip_tags($image_notes);
- $image_notes_clean = htmlspecialchars($image_notes_clean,ENT_NOQUOTES);
- $image_notes_clean = str_replace('"',"'",$image_notes_clean);
- $tpl = ereg_replace("<IMAGE_NOTES_CLEAN>",$image_notes_clean,$tpl);
- $tpl = ereg_replace("<IMAGE_ID>",$image_id,$tpl);
- $tpl = ereg_replace("<IMAGE_PERMALINK>",$image_permalink,$tpl);
- $tpl = ereg_replace("<IMAGE_PREVIOUS_LINK>",$image_previous_link,$tpl);
- $tpl = ereg_replace("<IMAGE_PREVIOUS_THUMBNAIL>",$image_previous_thumbnail,$tpl);
- $tpl = ereg_replace("<IMAGE_PREVIOUS_ID>",$image_previous_id,$tpl);
- $tpl = ereg_replace("<IMAGE_PREVIOUS_TITLE>",$image_previous_title,$tpl);
- $tpl = ereg_replace("<IMAGE_NEXT_LINK>",$image_next_link,$tpl);
- $tpl = ereg_replace("<IMAGE_NEXT_ID>",$image_next_id,$tpl);
- $tpl = ereg_replace("<IMAGE_NEXT_TITLE>",$image_next_title,$tpl);
- $tpl = ereg_replace("<IMAGE_NEXT_THUMBNAIL>",$image_next_thumbnail,$tpl);
- $tpl = ereg_replace("<IMAGE_LAST_LINK>",$last_image_link,$tpl);
- $tpl = ereg_replace("<IMAGE_LAST_THUMBNAIL>",$last_image_thumbnail,$tpl);
- $tpl = ereg_replace("<IMAGE_LAST_ID>",$last_image_id,$tpl);
- $tpl = ereg_replace("<IMAGE_LAST_TITLE>",$last_image_title,$tpl);
- $tpl = ereg_replace("<IMAGE_FIRST_LINK>",$first_image_link,$tpl);
- $tpl = ereg_replace("<IMAGE_FIRST_ID>",$first_image_id,$tpl);
- $tpl = ereg_replace("<IMAGE_FIRST_TITLE>",$first_image_title,$tpl);
- $tpl = ereg_replace("<IMAGE_FIRST_THUMBNAIL>",$first_image_thumbnail,$tpl);
- // Added support for Thumbnail width and height
- $tpl = str_replace("<THUMBNAIL_WIDTH>",$cfgrow['thumbwidth'],$tpl);
- $tpl = str_replace("<THUMBNAIL_HEIGHT>",$cfgrow['thumbheight'],$tpl);
- // get number of comments
- $cnumb_row = sql_array("SELECT count(*) as count FROM ".$pixelpost_db_prefix."comments WHERE parent_id='$image_id' and publish='yes'");
- $image_comments_number = $cnumb_row['count'];
- // get latest comment
- $latest_comment = sql_array("SELECT parent_id FROM ".$pixelpost_db_prefix."comments WHERE publish='yes' ORDER BY id desc limit 0,1");
- $latest_comment = $latest_comment['parent_id'];
- $queryrow = sql_array("SELECT headline FROM ".$pixelpost_db_prefix."pixelpost WHERE id='$latest_comment'");
- $latest_comment_name = pullout($queryrow['headline']);
- // ##########################################################################################//
- // EXIF STUFF
- // ##########################################################################################//
- if($cfgrow['exif']=='T')
- {
- require_once('includes/functions_exif.php');
- if($image_exif!==null)
- {
- $tpl = replace_exif_tags ($language_full, $image_exif, $tpl);
- }
- else
- {
- $tpl = replace_exif_tags_null($tpl);
- }
- }
- else
- {
- require_once('includes/functions_exif.php');
- $tpl = replace_exif_tags_null($tpl);
- }
- /**
- * Build a string with all comments.
- * Only perform this code when the user has commenting enabled
- *
- */
- if(isset($_GET['x']) && ($_GET['x'] == "") or (isset($_GET['popup']) && $_GET['popup'] == "comment"))
- {
- $comment_id = (isset($_POST['parent_id'])) ? intval($_POST['parent_id']) : '';
- $comments_result = sql_array("SELECT `comments` FROM `".$pixelpost_db_prefix."pixelpost` WHERE `id` = '".$comment_id."'");
- $cmnt_setting = pullout($comments_result['comments']);
- if($cmnt_setting == 'F'){ die('Die you SPAMMER!!'); }
- }
- // visitor information in comments
- $vinfo_name = "";
- $vinfo_url = "";
- $vinfo_email = "";
- if(isset($_COOKIE['visitorinfo'])){ list($vinfo_name,$vinfo_url,$vinfo_email) = split("%",$_COOKIE['visitorinfo']); }
- $tpl = ereg_replace("<VINFO_NAME>",$vinfo_name,$tpl);
- $tpl = ereg_replace("<VINFO_URL>",$vinfo_url,$tpl);
- $tpl = ereg_replace("<VINFO_EMAIL>",$vinfo_email,$tpl);
- if($cfgrow['token'] == 'T')
- {
- $tpl = ereg_replace("<TOKEN>","<input type='hidden' name='token' value='".$_SESSION['token']."' />",$tpl);
- }
- else
- {
- $tpl = ereg_replace("<TOKEN>",null,$tpl);
- }
- if(isset($_GET['showimage']) && $_GET['showimage'] != "")
- {
- $imageid = $_GET['showimage'];
- }
- else
- {
- $imageid = $image_id;
- }
- $image_comments = print_comments($imageid);
- $tpl = ereg_replace("<IMAGE_COMMENTS>",$image_comments,$tpl);
- if((isset($_GET['popup']) && $_GET['popup'] == "comment") AND (!isset($_GET['x']) OR $_GET['x'] != "save_comment"))
- {
- require_once('includes/addons_lib.php');
- echo $tpl;
- exit;
- }
- } // End Images / Main site
- $tpl = ereg_replace("<SITE_TITLE>",$pixelpost_site_title,$tpl);
- $tpl = ereg_replace("<SUB_TITLE>",$pixelpost_sub_title,$tpl);
- // ##########################################################################################//
- // BROWSE STUFF
- // ##########################################################################################//
- if(isset($_GET['x']) && $_GET['x'] == "browse")
- {
- require_once("includes/functions_browse.php");
- }
- // ##########################################################################################//
- // FEED STUFF
- // ##########################################################################################//
- require_once("includes/functions_feeds.php");
- // ##########################################################################################//
- // Creating other tags
- // ########################################################################################
- $tpl = ereg_replace("<SITE_BROWSELINK>","./".PHP_SELF."?x=browse",$tpl);
- $tpl = ereg_replace("<SITE_BROWSELINK_PAGED>","./".PHP_SELF."?x=browse&pagenum=1",$tpl);
- if(!isset($_GET['x']) || isset($_GET['showimage']))
- {
- $tpl = ereg_replace("<SITE_VISITORNUMBER>",$pixelpost_visitors,$tpl);
- $tpl = ereg_replace("<IMAGE_COMMENTS_NUMBER>",$image_comments_number,$tpl);
- $tpl = ereg_replace("<LATEST_COMMENT_ID>",$latest_comment,$tpl);
- $tpl = ereg_replace("<LATEST_COMMENT_NAME>",$latest_comment_name,$tpl);
-
- if($image_comments_number != 1)
- {
- $tpl = ereg_replace("<IMAGE_COMMENT_TEXT>",$lang_comment_plural,$tpl);
- }
- else
- {
- $tpl = ereg_replace("<IMAGE_COMMENT_TEXT>",$lang_comment_single,$tpl);
- }
-
- if($row['comments'] == 'F')
- {
- $tpl = ereg_replace("<COMMENT_POPUP>","<a href='".PHP_SELF."?showimage=$image_id' onclick=\"alert('$lang_comment_popup_disabled');\">$lang_comment_popup</a>",$tpl);
- }
- else
- {
- $tpl = ereg_replace("<COMMENT_POPUP>","<a href='".PHP_SELF."?showimage=$image_id' onclick=\"window.open('".PHP_SELF."?popup=comment&showimage=$image_id','Comments','width=480,height=540,scrollbars=yes,resizable=yes');\">$lang_comment_popup</a>",$tpl);
- }
- }
- $tpl = str_replace("<BASE_HREF>","<base href='".$cfgrow['siteurl']."' />",$tpl);
- $tpl = ereg_replace("<SITE_URL>",$cfgrow['siteurl'],$tpl);
- $tpl = ereg_replace("<SITE_PHOTONUMBER>",$pixelpost_photonumb,$tpl);
- // ##########################################################################################//
- // COMMENT STUFF
- // ##########################################################################################//
- require_once("includes/functions_comments.php");
- // ##########################################################################################//
- // REPLACE LANGUAGE SPECIFIC TAGS
- // ##########################################################################################//
- if($cfgrow['altlangfile'] != 'Off'){ $tpl = replace_alt_lang_tags( $tpl, $language_abr, $PP_supp_lang, $cfgrow); }
- // ##########################################################################################//
- // SUCK IN ADDONS
- // ##########################################################################################//
- require_once('includes/addons_lib.php');
- // ##########################################################################################//
- // END - ECHO TEMPLATE
- // ##########################################################################################//
- if((isset($_GET['x']) && $_GET['x'] != "save_comment") || (!isset($_GET['x']))) { echo $tpl; }
- ?>