[Astrospaces-commits] SF.net SVN: astrospaces: [19] trunk
Brought to you by:
p3net
Menu
▾
▴
[Astrospaces-commits] SF.net SVN: astrospaces: [19] trunk
|
From: <p3...@us...> - 2007-07-28 21:16:51
|
Revision: 19
http://astrospaces.svn.sourceforge.net/astrospaces/?rev=19&view=rev
Author: p3net
Date: 2007-07-28 14:16:51 -0700 (Sat, 28 Jul 2007)
Log Message:
-----------
First round of bugfixes
Modified Paths:
--------------
trunk/functions/db.php
trunk/functions/session.php
trunk/gallery.php
trunk/globals.php
trunk/images.php
Modified: trunk/functions/db.php
===================================================================
--- trunk/functions/db.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/functions/db.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,46 +14,47 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-$this =& new db;
-class db
-{
- function db()
- {
- require_once('./../config.php');
-
- $db = mysql_connect($db_info['host'], $db_info['user'], $db_info['pass']);
- if(!$db)
- {
- $error->general('Could not Connect to Database', mysql_error());
- }
- else
- {
- if(!mysql_select_db($db_info['name']))
- {
- $error->general('Could not Select Database', mysql_error());
- }
- }
- }
- function query($query)
- {
- $query = mysql_query($query)
- if(!$query)
- {
- $error->general('Could not query database', mysql_error());
- }
- return $query;
- }
- function fetch_array($query)
- {
- $query = mysql_fetch_array($query);
- if(!$query)
- {
- $error$db->general('Could not fetch array from database', mysql_error());
- }
- return $query;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+$this =& new db;
+class db
+{
+ function db()
+ {
+ require_once('./../config.php');
+
+ $db = mysql_connect($db_info['host'], $db_info['user'], $db_info['pass']);
+ if(!$db)
+ {
+ $error->general('Could not Connect to Database', mysql_error());
+ }
+ else
+ {
+ if(!mysql_select_db($db_info['name']))
+ {
+ $error->general('Could not Select Database', mysql_error());
+ }
+ }
+ }
+ function query($query)
+ {
+ $query = mysql_query($query);
+ if(!$query)
+ {
+ $error->general('Could not query database', mysql_error());
+ }
+ return $query;
+ }
+ function fetch_array($query)
+ {
+ $query = mysql_fetch_array($query);
+ if(!$query)
+ {
+ $error->general('Could not fetch array from database', mysql_error());
+ }
+ return $query;
+ }
+}
?>
\ No newline at end of file
Modified: trunk/functions/session.php
===================================================================
--- trunk/functions/session.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/functions/session.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,267 +14,267 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/********************************************************
-The name here is a bit of a misnomer. The session class
-handles all user-interaction related processes -- both
-interaction between user and server and interaction
-between user and user
-**********************************************************/
-class session
-{
- function create()
- {
- /* We don't have a session and aren't logged in. Let's create it */
- $id = md5(time() . rand(1,1000));
- /* Check to make sure it's unique */
- $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
- $db->query($_query);
- $_COOKIE["session_id"] = $id;
- }
- function check()
- {
- /* We need to check if a session exists by looking for the session cookie. If that's not there,
- then we return false (since the user isn't logged in). We also match the IP */
- $ip = $REMOTE_ADDR;
- $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
- $res = $db->query($_query);
- if(mysql_num_rows($res) == 0)
- {
- $session->create();
- }
- else
- {
- /* Get an array of our session info */
- $res = $db->fetch_array($res);
- if($res['id'] != $_COOKIE["session_id"])
- {
- $session->create();
- }
- else
- {
- foreach($res as $key => $value)
- {
- $user->data[$key] = $value;
- }
- /* Update our updated time */
- $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
- $db->query($_query);
- }
- }
- /* We also need to get rid of users who haven't done anything in the last half-hour */
- $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
- $db->query($_query);
- }
- function logged_in()
- {
- if($user->data['id'] != "-1")
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- function login($user_id)
- {
- $session->check();
- if($session->logged_in())
- {
- /* Wait - what? */
- $error->general("Already logged in", "Session already populated");
- }
- else
- {
- $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
- $db->query($_query);
- /* Run the session check again. It'll make the row and populate $user->data */
- $session->check();
- }
- }
- function logout()
- {
- if($session->logged_in())
- {
- $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
- $db->query($_query);
- $user->data = null;
- }
- else
- {
- $error->general('Not logged in', 'User ID = -1');
- }
- }
- function is_friend($id)
- {
- if(!$user->logged_in())
- {
- return false;
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- return true;
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
- $_query = $db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- }
- }
- function action($action, $who="")
- {
- /*List of actions:
- 1. Updated Space
- 2. Left you a comment
- 3. Left a comment on one of your pictures
- 4. Uploaded a picture
- 5. Added you as a friend
- 6. New blog post
- 7. Left you a comment on a blog post
- 8. Joined a group
- 9. Created a group */
- $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
- $db->query($_query);
- return true;
- }
- function add_friend($id)
- {
- if(!$user->logged_in())
- {
- $error->general("Not logged in", "Add as friend");
- }
- else
- {
- if($user->is_friend($id))
- {
- $error->general("Already friend", "Add as friend");
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("Already added as friend, awaiting acception", "Add as friend");
- }
- else
- {
- $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
- $_query=$db->query($_query);
- if(mysql_num_rows($_query) > 0)
- {
- $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
- }
- else
- {
- $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
- $db->query($_query);
- $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
- }
- }
- }
- }
- }
- function accept_friend($id)
- {
- $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
- $db->query($_query);
- $user->action(5, $id);
- }
- function can_view($id)
- {
- /*We're simply checking whether or not we have the permissions to view this space */
- /*First we need to figure out what the space privacy setting is*/
- $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $res=$_query['privacy'];
- if($res == '0')
- {
- /*All users can view this space*/
- return true;
- }
- else
- {
- /*We need to check if we're they're friend*/
- if($session->is_friend($id))
- {
- return true;
- }
- else
- {
- return false;
- }
- }
- }
- function add_comment($id)
- {
- if($session->is_friend($id))
- {
- /*Okay, we have permission to leave this comment*/
- foreach($_POST as $key => $value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
- "'";
- $db->query($_query);
- $session->action('2', $id);
- }
- }
- function get_username($id)
- {
- $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
- $_query=$db->query($_query);
- $res=$db->fetch_array($_query);
- return $res['display_name'];
- }
- function add_image_comment($id)
- {
- $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
- $owner = $db->query($owner);
- $owner = $db->fetch_array($owner);
- $owner = $owner['owner'];
- if($session->is_friend($owner)
- {
- foreach($_POST as $key => value)
- {
- $var[$key] = mysql_real_escape_string($value);
- }
- $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
- $db->query($_query);
- }
- }
- function generate_timestamp($time)
- {
- if($session->logged_in())
- {
- $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $offset=$_query['time_offset'];
-
- $diff = $offset * 60 * 60;
- }
- $time = $time + $diff;
- return date('m/d/Y G:i:s', $time);
- }
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/********************************************************
+The name here is a bit of a misnomer. The session class
+handles all user-interaction related processes -- both
+interaction between user and server and interaction
+between user and user
+**********************************************************/
+class session
+{
+ function create()
+ {
+ /* We don't have a session and aren't logged in. Let's create it */
+ $id = md5(time() . rand(1,1000));
+ /* Check to make sure it's unique */
+ $_query="INSERT INTO `sessions` VALUES('" . $id . "', '-1', '" . $REMOTE_ADDR . "', '" . time() . "')";
+ $db->query($_query);
+ $_COOKIE["session_id"] = $id;
+ }
+ function check()
+ {
+ /* We need to check if a session exists by looking for the session cookie. If that's not there,
+ then we return false (since the user isn't logged in). We also match the IP */
+ $ip = $REMOTE_ADDR;
+ $_query = "SELECT * FROM `sessions` WHERE `ip` = '" . $ip . "'";
+ $res = $db->query($_query);
+ if(mysql_num_rows($res) == 0)
+ {
+ $session->create();
+ }
+ else
+ {
+ /* Get an array of our session info */
+ $res = $db->fetch_array($res);
+ if($res['id'] != $_COOKIE["session_id"])
+ {
+ $session->create();
+ }
+ else
+ {
+ foreach($res as $key => $value)
+ {
+ $user->data[$key] = $value;
+ }
+ /* Update our updated time */
+ $_query="UPDATE `sessions` SET `last_update` = '" . time() . "' WHERE `id` = '" . $user->data['id'] . "' LIMIT 1";
+ $db->query($_query);
+ }
+ }
+ /* We also need to get rid of users who haven't done anything in the last half-hour */
+ $_query = "DELETE * FROM `sessions` WHERE `last_update` < " . (time() - (60*30));
+ $db->query($_query);
+ }
+ function logged_in()
+ {
+ if($user->data['id'] != "-1")
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ function login($user_id)
+ {
+ $session->check();
+ if($session->logged_in())
+ {
+ /* Wait - what? */
+ $error->general("Already logged in", "Session already populated");
+ }
+ else
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '" . $user_id . "' WHERE `id` = '" . $_COOKIE["session_id"] . " LIMIT 1";
+ $db->query($_query);
+ /* Run the session check again. It'll make the row and populate $user->data */
+ $session->check();
+ }
+ }
+ function logout()
+ {
+ if($session->logged_in())
+ {
+ $_query = "UPDATE `sessions` SET `user_id` = '-1' WHERE `id` = '" . $user->data['id'] . "' AND `ip` = '" . $user->data['ip'] . "' LIMIT 1";
+ $db->query($_query);
+ $user->data = null;
+ }
+ else
+ {
+ $error->general('Not logged in', 'User ID = -1');
+ }
+ }
+ function is_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ return false;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1` = '" . $user->data['user_id'] . "' AND AND `party_2`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2` = '" . $user->data['user_id'] . "' AND `party_1`='" . $id . "' AND `accepted`='1'";
+ $_query = $db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ }
+ function action($action, $who="")
+ {
+ /*List of actions:
+ 1. Updated Space
+ 2. Left you a comment
+ 3. Left a comment on one of your pictures
+ 4. Uploaded a picture
+ 5. Added you as a friend
+ 6. New blog post
+ 7. Left you a comment on a blog post
+ 8. Joined a group
+ 9. Created a group */
+ $_query="INSERT INTO `actions` VALUES('" . time() . "', '" . $user->data['user_id'] . "', '" . $action . "', '" . $who . "')";
+ $db->query($_query);
+ return true;
+ }
+ function add_friend($id)
+ {
+ if(!$user->logged_in())
+ {
+ $error->general("Not logged in", "Add as friend");
+ }
+ else
+ {
+ if($user->is_friend($id))
+ {
+ $error->general("Already friend", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_1`='" . $user->data['user_id'] . " AND `party_2`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("Already added as friend, awaiting acception", "Add as friend");
+ }
+ else
+ {
+ $_query = "SELECT * FROM `friends` WHERE `party_2`='" . $user->data['user_id'] . " AND `party_1`='" . $id . "'";
+ $_query=$db->query($_query);
+ if(mysql_num_rows($_query) > 0)
+ {
+ $error->general("User has already added you as a friend. Accept them in your friend control panel.", "Add as friend");
+ }
+ else
+ {
+ $_query="INSERT INTO `friends` VALUES('" . $user->data['user_id'] . "', '" . $id . "', '0'";
+ $db->query($_query);
+ $message->thank("adding this user as your friend. You will be alerted when they accept you as a friend.", "to go back", "javascript:history.go(-1)");
+ }
+ }
+ }
+ }
+ }
+ function accept_friend($id)
+ {
+ $_query="UPDATE `friends` SET `accepted`='1' WHERE `party_2`='" . $data->user['user_id'] . "' AND `party_1='" . $id . "' LIMIT 1";
+ $db->query($_query);
+ $user->action(5, $id);
+ }
+ function can_view($id)
+ {
+ /*We're simply checking whether or not we have the permissions to view this space */
+ /*First we need to figure out what the space privacy setting is*/
+ $_query="SELECT `privacy` FROM `users` WHERE `id`='" . $id . "' LIMIT 1";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $res=$_query['privacy'];
+ if($res == '0')
+ {
+ /*All users can view this space*/
+ return true;
+ }
+ else
+ {
+ /*We need to check if we're they're friend*/
+ if($session->is_friend($id))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ }
+ function add_comment($id)
+ {
+ if($session->is_friend($id))
+ {
+ /*Okay, we have permission to leave this comment*/
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `comments` VALUES('', '" . time() . "', '" . $user->data['user_id'] . "', '" . $id . "', '" . $var['body'] .
+ "'";
+ $db->query($_query);
+ $session->action('2', $id);
+ }
+ }
+ function get_username($id)
+ {
+ $_query="SELECT `display_name` FROM `users` WHERE `id`='" . $id . "'";
+ $_query=$db->query($_query);
+ $res=$db->fetch_array($_query);
+ return $res['display_name'];
+ }
+ function add_image_comment($id)
+ {
+ $owner = "SELECT `owner` FROM `images` WHERE `id`='" . $id . "'";
+ $owner = $db->query($owner);
+ $owner = $db->fetch_array($owner);
+ $owner = $owner['owner'];
+ if($session->is_friend($owner))
+ {
+ foreach($_POST as $key => $value)
+ {
+ $var[$key] = mysql_real_escape_string($value);
+ }
+ $_query="INSERT INTO `image_comments` VALUES('', '" . $id . "', '" . time() . "', '" . $user->data['user_id'] . "', '" . $var['comment'] . "'";
+ $db->query($_query);
+ }
+ }
+ function generate_timestamp($time)
+ {
+ if($session->logged_in())
+ {
+ $_query="SELECT `time_offset` FROM `users` WHERE `id`='" . $user->data['user_id'] . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $offset=$_query['time_offset'];
+
+ $diff = $offset * 60 * 60;
+ }
+ $time = $time + $diff;
+ return date('m/d/Y G:i:s', $time);
+ }
+}
?>
\ No newline at end of file
Modified: trunk/gallery.php
===================================================================
--- trunk/gallery.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/gallery.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,102 +14,102 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-class gallery
-{
- function view($id)
- {
- if($id == 0)
- {
- $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
- }
- else
- {
- if($session->is_friend($id))
- {
- $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
- $_query=$db->query($_query);
- $_query=$db->fetch_array($_query);
- $gallery =& new template('gallery.tpl');
- $gallery->set('gallery', $_query);
- }
- }
- }
- function drill($img_id, $owner)
- {
- if(empty($img_id))
- {
- $error->general('An image must be specified', 'Tried to access drill without specifying image id');
- }
- else
- {
- if($session->is_friend($owner))
- {
- $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
- $img = $db->query($_query);
-
- $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
- $img_com = $db->query($_query);
-
- foreach($db->fetch_array($img_com) as $key => value)
- {
- foreach($value as $key_name => $key_value)
- {
- if($key_value == 'author')
- {
- $key_value = $session->get_username($key_value);
- }
- $com[$key_name] = $key_value;
- }
- }
- $img=$db->fetch_array($img);
- if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
- {
- $img['views']++;
- $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
- $db->query($_query);
- }
- $drill =& new template('drill.tpl');
- $drill->set('id', $img_id);
- $drill->set('comments', $com);
- $drill->set('views', $img['views']);
- $drill->set('desc', $img['desc']);
- $drill->set('name', $img['name']);
- }
- }
- }
- function comment($id, $owner)
- {
- if($session->is_friend($owner))
- {
- $form =& new template('forms/gallery_comment.tpl');
- }
- }
- function comment_process()
- {
- $img_id=$_POST["id"];
- $session->add_image_comment($img_id);
- }
-}
-$gallery =& new gallery;
-$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
-$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
-switch $mode
-{
- case 'view':
- $gallery->view($id);
- break;
- case 'drill':
- $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
- break;
- case 'comment':
- $gallery->comment($id, $owner_id);
- break;
- case 'process':
- $gallery->comment_process();
- break;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+class gallery
+{
+ function view($id)
+ {
+ if($id == 0)
+ {
+ $error->general('Must be logged in!', 'Tried to access gallery as owner while unauthenticated');
+ }
+ else
+ {
+ if($session->is_friend($id))
+ {
+ $_query="SELECT `id` FROM `images` WHERE `owner`='" . $id . "'";
+ $_query=$db->query($_query);
+ $_query=$db->fetch_array($_query);
+ $gallery =& new template('gallery.tpl');
+ $gallery->set('gallery', $_query);
+ }
+ }
+ }
+ function drill($img_id, $owner)
+ {
+ if(empty($img_id))
+ {
+ $error->general('An image must be specified', 'Tried to access drill without specifying image id');
+ }
+ else
+ {
+ if($session->is_friend($owner))
+ {
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $img_id . "'";
+ $img = $db->query($_query);
+
+ $_query = "SELECT * FROM `images_comments` WHERE `image`='" . $img_id . "'";
+ $img_com = $db->query($_query);
+
+ foreach($db->fetch_array($img_com) as $key => $value)
+ {
+ foreach($value as $key_name => $key_value)
+ {
+ if($key_value == 'author')
+ {
+ $key_value = $session->get_username($key_value);
+ }
+ $com[$key_name] = $key_value;
+ }
+ }
+ $img=$db->fetch_array($img);
+ if(isset($user->data['user_id'] && $user->data['user_id'] != $img['owner'])
+ {
+ $img['views']++;
+ $_query="UPDATE `images` SET `views`='" . $views . "' WHERE `id`='" . $img_id . "'";
+ $db->query($_query);
+ }
+ $drill =& new template('drill.tpl');
+ $drill->set('id', $img_id);
+ $drill->set('comments', $com);
+ $drill->set('views', $img['views']);
+ $drill->set('desc', $img['desc']);
+ $drill->set('name', $img['name']);
+ }
+ }
+ }
+ function comment($id, $owner)
+ {
+ if($session->is_friend($owner))
+ {
+ $form =& new template('forms/gallery_comment.tpl');
+ }
+ }
+ function comment_process()
+ {
+ $img_id=$_POST["id"];
+ $session->add_image_comment($img_id);
+ }
+}
+$gallery =& new gallery;
+$mode = empty($_GET["mode"]) ? 'view' : $_GET["mode"];
+$id = empty($_GET["id"]) ? ($session->logged_in() ? $user->data['user_id'] : 0) : mysql_real_escape_string($_GET["id"]);
+switch $mode
+{
+ case 'view':
+ $gallery->view($id);
+ break;
+ case 'drill':
+ $gallery->drill(mysql_real_escape_string($_GET["img"]), $id);
+ break;
+ case 'comment':
+ $gallery->comment($id, $owner_id);
+ break;
+ case 'process':
+ $gallery->comment_process();
+ break;
+}
?>
\ No newline at end of file
Modified: trunk/globals.php
===================================================================
--- trunk/globals.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/globals.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,50 +14,53 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-/* Include our larger functions */
-require_once('./functions/db.php');
-require_once('./functions/template.php');
-require_once('./session.php');
-
-/*The smaller ones*/
-class error
-{
- function general($err, $verbose)
- {
- $error =& new template('messages/error.tpl');
- $error->set('err', $err);
- $handle = fopen('logs/errors.txt', 'w');
- if($handle)
- {
- $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
- if(!fwrite($handle, $entry))
- {
- continue();
- }
- }
- fclose($handle);
- exit();
- }
-}
-function message
-{
- function thank($message, $go1, $res1, $go2="", $res2="")
- {
- $message =& new template('message/thank.tpl');
- $message->set('go1', $go1);
- $message->set('go2', $go2);
- $message->set('res1', $res1);
- $message->set('res2', $res2);
- $message->set('message', $message);
- }
-}
-$error =& new error;
-$db =& new db;
-$template =& new template;
-$user =& new session();
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+/* Include our larger functions */
+require_once('./functions/template.php');
+$template =& new template;
+require_once('./functions/session.php');
+$user =& new session();
+
+/*The smaller ones*/
+class error
+{
+ function general($err, $verbose)
+ {
+ $error =& new template('messages/error.tpl');
+ $error->set('err', $err);
+ $handle = fopen('logs/errors.txt', 'w');
+ if($handle)
+ {
+ $entry = "[" . date('d M Y H:i:s') . "][" . $REMOTE_ADDR . "] " . $err . " - " . $verbose;
+ if(!fwrite($handle, $entry))
+ {
+ continue;
+ }
+ }
+ fclose($handle);
+ exit();
+ }
+}
+class message
+{
+ function thank($message, $go1, $res1, $go2="", $res2="")
+ {
+ $message =& new template('message/thank.tpl');
+ $message->set('go1', $go1);
+ $message->set('go2', $go2);
+ $message->set('res1', $res1);
+ $message->set('res2', $res2);
+ $message->set('message', $message);
+ }
+}
+/* To satisfy ZDE */
+require_once('./functions/db.php');
+$db =& new db;
+
+/* Our functions living in globals.php */
+$error =& new error;
$message =& new message();
?>
\ No newline at end of file
Modified: trunk/images.php
===================================================================
--- trunk/images.php 2007-07-28 17:26:17 UTC (rev 18)
+++ trunk/images.php 2007-07-28 21:16:51 UTC (rev 19)
@@ -1,4 +1,4 @@
-<?php
+<?php
/*******************************************************
* Copyright (C) 2007 http://p3net.net
@@ -14,97 +14,95 @@
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
- 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
- @id: $Id$
-*********************************************************/
-include('globals.php');
-class image
-{
- function full($id)
- {
- $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
- if(empty($id))
- {
- $error->general("Invalid ID specified", "Not an (int)");
- }
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
-
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
- echo $img['content'];
- }
- function thumb($id)
- {
- $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
- if(empty($id))
- {
- $error->general("Invalid ID specified", "Not an (int)");
- }
- $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
- $img=$db->fetch_array($db->query($_query));
-
- /* We're going to resize the larger dimension to 150px */
- if($img['width'] > $img['height'])
- {
- $scale_percentage = $img['width'] / 150;
- }
- else
- {
- $scale_percentage = $img['height'] / 150;
- }
- $new_dimensions = array(
- 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
- 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
- );
- header('Content-type: ' . $img['mine_type']);
- header('Content-Disposition: attachment; filename=' . $img['name']);
-
- $type = explode("/", $img['mine_type']);
- $type = $type[1];
- switch $type
- {
- case 'jpeg':
- $new_image = imagecreatefromjpeg($img['content']);
- break;
- case 'png':
- $new_image = imagecreatefrompng($img['content']);
- break;
- case 'gif':
- $new_image = imagecreatefromgif($img['content']);
- break;
- }
- $res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
- imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
-
- switch $type
- {
- case 'jpeg':
- imagejpeg($res);
- break;
- case 'png':
- imagepng($res);
- break;
- case 'gif':
- imagegif($res);
- break;
- }
- }
-}
-
-$this =& new image;
-
-/* Actually handle the data here */
-$mode=$_GET["mode"];
-switch $mode
-{
- case 'view':
- $this->full();
- break;
-
- case 'thumb':
- $this->thumb();
- break;
-}
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+ @id: $Id$
+*********************************************************/
+include('globals.php');
+class image
+{
+ function full($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+ echo $img['content'];
+ }
+ function thumb($id)
+ {
+ $id = is_numeric($_GET["id"]) ? $_GET["id"] : null;
+ if(empty($id))
+ {
+ $error->general("Invalid ID specified", "Not an (int)");
+ }
+ $_query = "SELECT * FROM `images` WHERE `id`='" . $id . "'";
+ $img=$db->fetch_array($db->query($_query));
+
+ /* We're going to resize the larger dimension to 150px */
+ if($img['width'] > $img['height'])
+ {
+ $scale_percentage = $img['width'] / 150;
+ }
+ else
+ {
+ $scale_percentage = $img['height'] / 150;
+ }
+ $new_dimensions = array(
+ 'width' => ($scale_percentage < 1) ? $img['width'] * $scale_percentage : $img['width'],
+ 'height' => ($scale_percentage < 1) ? $img['height'] * $scale_percentage : $img['height']
+ );
+ header('Content-type: ' . $img['mine_type']);
+ header('Content-Disposition: attachment; filename=' . $img['name']);
+
+ $type = explode("/", $img['mine_type']);
+ $type = $type[1];
+ switch($type)
+ {
+ case 'jpeg':
+ $new_image = imagecreatefromjpeg($img['content']);
+ break;
+ case 'png':
+ $new_image = imagecreatefrompng($img['content']);
+ break;
+ case 'gif':
+ $new_image = imagecreatefromgif($img['content']);
+ break;
+ }
+ $res = imagecreatetruecolor($new_dimensions['width'], $new_dimensions['height']);
+ imagecopyresized($res, $new_image, 0, 0, 0, 0, $new_dimensions['width'], $new_dimensions['height'], $img['width'], $img['height']);
+
+ switch($type)
+ {
+ case 'jpeg':
+ imagejpeg($res);
+ break;
+ case 'png':
+ imagepng($res);
+ break;
+ case 'gif':
+ imagegif($res);
+ break;
+ }
+ }
+}
+
+/* Actually handle the data here */
+$mode=empty($_GET["mode"]) ? '' : $_GET["mode"];
+switch($mode)
+{
+ case 'view':
+ $this->full();
+ break;
+
+ case 'thumb':
+ $this->thumb();
+ break;
+}
?>
\ No newline at end of file
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
