1<?php 2// +-----------------------------------------------------------------------+ 3// | This file is part of Piwigo. | 4// | | 5// | For copyright and license information, please view the COPYING.txt | 6// | file that was distributed with this source code. | 7// +-----------------------------------------------------------------------+ 8 9/** 10 * This included page checks section related parameter and provides 11 * following informations: 12 * 13 * - $page['title'] 14 * 15 * - $page['items']: ordered list of items to display 16 * 17 */ 18 19// "index.php?/category/12-foo/start-24" or 20// "index.php/category/12-foo/start-24" 21// must return : 22// 23// array( 24// 'section' => 'categories', 25// 'category' => array('id'=>12, ...), 26// 'start' => 24 27// ); 28 29 30$page['items'] = array(); 31$page['start'] = $page['startcat'] = 0; 32 33// some ISPs set PATH_INFO to empty string or to SCRIPT_FILENAME while in the 34// default apache implementation it is not set 35if ( $conf['question_mark_in_urls']==false and 36 isset($_SERVER["PATH_INFO"]) and !empty($_SERVER["PATH_INFO"]) ) 37{ 38 $rewritten = $_SERVER["PATH_INFO"]; 39 $rewritten = str_replace('//', '/', $rewritten); 40 $path_count = count( explode('/', $rewritten) ); 41 $page['root_path'] = PHPWG_ROOT_PATH.str_repeat('../', $path_count-1); 42} 43else 44{ 45 $rewritten = ''; 46 foreach (array_keys($_GET) as $keynum => $key) 47 { 48 $rewritten = $key; 49 break; 50 } 51 52 // the $_GET keys are not protected in include/common.inc.php, only the values 53 $rewritten = pwg_db_real_escape_string($rewritten); 54 $page['root_path'] = PHPWG_ROOT_PATH; 55} 56 57if ( strncmp($page['root_path'], './', 2) == 0 ) 58{ 59 $page['root_path'] = substr($page['root_path'], 2); 60} 61 62// deleting first "/" if displayed 63$tokens = explode('/', ltrim($rewritten, '/') ); 64// $tokens = array( 65// 0 => category, 66// 1 => 12-foo, 67// 2 => start-24 68// ); 69 70$next_token = 0; 71 72// +-----------------------------------------------------------------------+ 73// | picture page | 74// +-----------------------------------------------------------------------+ 75// the first token must be the identifier for the picture 76if (script_basename() == 'picture') 77{ 78 $token = $tokens[$next_token]; 79 $next_token++; 80 if ( is_numeric($token) ) 81 { 82 $page['image_id'] = $token; 83 if ($page['image_id']==0) 84 { 85 bad_request('invalid picture identifier'); 86 } 87 } 88 else 89 { 90 preg_match('/^(\d+-)?(.*)?$/', $token, $matches); 91 if (isset($matches[1]) and is_numeric($matches[1]=rtrim($matches[1],'-')) ) 92 { 93 $page['image_id'] = $matches[1]; 94 if ( !empty($matches[2]) ) 95 { 96 $page['image_file'] = $matches[2]; 97 } 98 } 99 else 100 { 101 $page['image_id'] = 0; // more work in picture.php 102 if ( !empty($matches[2]) ) 103 { 104 $page['image_file'] = $matches[2]; 105 } 106 else 107 { 108 bad_request('picture identifier is missing'); 109 } 110 } 111 } 112} 113 114 115$page = array_merge( $page, parse_section_url( $tokens, $next_token) ); 116 117if ( !isset($page['section']) ) 118{ 119 $page['section'] = 'categories'; 120 121 switch (script_basename()) 122 { 123 case 'picture': 124 break; 125 case 'index': 126 { 127 // No section defined, go to random url 128 if ( !empty($conf['random_index_redirect']) and empty($tokens[$next_token]) ) 129 { 130 $random_index_redirect = array(); 131 foreach ($conf['random_index_redirect'] as $random_url => $random_url_condition) 132 { 133 if (empty($random_url_condition) or eval($random_url_condition)) 134 { 135 $random_index_redirect[] = $random_url; 136 } 137 } 138 if (!empty($random_index_redirect)) 139 { 140 redirect($random_index_redirect[mt_rand(0, count($random_index_redirect)-1)]); 141 } 142 } 143 $page['is_homepage'] = true; 144 break; 145 } 146 default: 147 trigger_error('script_basename "'.script_basename().'" unknown', 148 E_USER_WARNING); 149 } 150} 151 152$page = array_merge( $page, parse_well_known_params_url( $tokens, $next_token) ); 153 154//access a picture only by id, file or id-file without given section 155if ( script_basename()=='picture' and 'categories'==$page['section'] and 156 !isset($page['category']) and !isset($page['chronology_field']) ) 157{ 158 $page['flat'] = true; 159} 160 161// $page['nb_image_page'] is the number of picture to display on this page 162// By default, it is the same as the $user['nb_image_page'] 163$page['nb_image_page'] = $user['nb_image_page']; 164 165// if flat mode is active, we must consider the image set as a standard set 166// and not as a category set because we can't use the #image_category.rank : 167// displayed images are not directly linked to the displayed category 168if ('categories' == $page['section'] and !isset($page['flat'])) 169{ 170 $conf['order_by'] = $conf['order_by_inside_category']; 171} 172 173if (pwg_get_session_var('image_order',0) > 0) 174{ 175 $image_order_id = pwg_get_session_var('image_order'); 176 177 $orders = get_category_preferred_image_orders(); 178 179 // the current session stored image_order might be not compatible with 180 // current image set, for example if the current image_order is the rank 181 // and that we are displaying images related to a tag. 182 // 183 // In case of incompatibility, the session stored image_order is removed. 184 if ($orders[$image_order_id][2]) 185 { 186 $conf['order_by'] = str_replace( 187 'ORDER BY ', 188 'ORDER BY '.$orders[$image_order_id][1].',', 189 $conf['order_by'] 190 ); 191 $page['super_order_by'] = true; 192 } 193 else 194 { 195 pwg_unset_session_var('image_order'); 196 $page['super_order_by'] = false; 197 } 198} 199 200$forbidden = get_sql_condition_FandF( 201 array( 202 'forbidden_categories' => 'category_id', 203 'visible_categories' => 'category_id', 204 'visible_images' => 'id' 205 ), 206 'AND' 207 ); 208 209// +-----------------------------------------------------------------------+ 210// | category | 211// +-----------------------------------------------------------------------+ 212if ('categories' == $page['section']) 213{ 214 if (isset($page['combined_categories'])) 215 { 216 $page['title'] = get_combined_categories_content_title(); 217 } 218 elseif (isset($page['category'])) 219 { 220 $page = array_merge( 221 $page, 222 array( 223 'comment' => trigger_change( 224 'render_category_description', 225 $page['category']['comment'], 226 'main_page_category_description' 227 ), 228 'title' => get_cat_display_name($page['category']['upper_names'], '', false), 229 ) 230 ); 231 } 232 else 233 { 234 $page['title'] = ''; // will be set later 235 } 236 237 // GET IMAGES LIST 238 if (isset($page['combined_categories'])) 239 { 240 $cat_ids = array($page['category']['id']); 241 foreach ($page['combined_categories'] as $category) 242 { 243 $cat_ids[] = $category['id']; 244 } 245 246 $page['items'] = get_image_ids_for_categories($cat_ids); 247 } 248 elseif 249 ( 250 $page['startcat'] == 0 and 251 (!isset($page['chronology_field'])) and // otherwise the calendar will requery all subitems 252 ( 253 (isset($page['category'])) or 254 (isset($page['flat'])) 255 ) 256 ) 257 { 258 if ( !empty($page['category']['image_order']) and !isset($page['super_order_by']) ) 259 { 260 $conf[ 'order_by' ] = ' ORDER BY '.$page['category']['image_order']; 261 } 262 263 // flat categories mode 264 if (isset($page['flat'])) 265 { 266 // get all allowed sub-categories 267 if ( isset($page['category']) ) 268 { 269 $query = ' 270SELECT id 271 FROM '.CATEGORIES_TABLE.' 272 WHERE 273 uppercats LIKE \''.$page['category']['uppercats'].',%\' ' 274 .get_sql_condition_FandF( 275 array( 276 'forbidden_categories' => 'id', 277 'visible_categories' => 'id', 278 ), 279 "\n AND" 280 ); 281 282 $subcat_ids = query2array($query,null, 'id'); 283 $subcat_ids[] = $page['category']['id']; 284 $where_sql = 'category_id IN ('.implode(',',$subcat_ids).')'; 285 // remove categories from forbidden because just checked above 286 $forbidden = get_sql_condition_FandF( 287 array( 'visible_images' => 'id' ), 288 'AND' 289 ); 290 } 291 else 292 { 293 $cache_key = $persistent_cache->make_key('all_iids'.$user['id'].$user['cache_update_time'].$conf['order_by']); 294 unset($page['is_homepage']); 295 $where_sql = '1=1'; 296 } 297 } 298 // normal mode 299 else 300 { 301 $where_sql = 'category_id = '.$page['category']['id']; 302 } 303 304 if ( !isset($cache_key) || !$persistent_cache->get($cache_key, $page['items'])) 305 { 306 // main query 307 $query = ' 308SELECT DISTINCT(image_id) 309 FROM '.IMAGE_CATEGORY_TABLE.' 310 INNER JOIN '.IMAGES_TABLE.' ON id = image_id 311 WHERE 312 '.$where_sql.' 313'.$forbidden.' 314 '.$conf['order_by'].' 315;'; 316 317 $page['items'] = query2array($query,null, 'image_id'); 318 319 if ( isset($cache_key) ) 320 $persistent_cache->set($cache_key, $page['items']); 321 } 322 } 323} 324// special sections 325else 326{ 327// +-----------------------------------------------------------------------+ 328// | tags section | 329// +-----------------------------------------------------------------------+ 330 if ($page['section'] == 'tags') 331 { 332 $page['tag_ids'] = array(); 333 foreach ($page['tags'] as $tag) 334 { 335 $page['tag_ids'][] = $tag['id']; 336 } 337 338 $items = get_image_ids_for_tags($page['tag_ids']); 339 340 if (count($items) == 0) 341 { 342 $logger->info( 343 'attempt to see the name of the tag #'.implode(', #', $page['tag_ids']) 344 .' from the address : '.$_SERVER['REMOTE_ADDR'] 345 ); 346 access_denied(); 347 } 348 349 $page = array_merge( 350 $page, 351 array( 352 'title' => get_tags_content_title(), 353 'items' => $items, 354 ) 355 ); 356 } 357// +-----------------------------------------------------------------------+ 358// | search section | 359// +-----------------------------------------------------------------------+ 360 else if ($page['section'] == 'search') 361 { 362 include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' ); 363 364 $search_result = get_search_results($page['search'], @$page['super_order_by'] ); 365 //save the details of the query search 366 if ( isset($search_result['qs']) ) 367 { 368 $page['qsearch_details'] = $search_result['qs']; 369 } 370 371 $page = array_merge( 372 $page, 373 array( 374 'items' => $search_result['items'], 375 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 376 .l10n('Search results').'</a>', 377 ) 378 ); 379 } 380// +-----------------------------------------------------------------------+ 381// | favorite section | 382// +-----------------------------------------------------------------------+ 383 else if ($page['section'] == 'favorites') 384 { 385 check_user_favorites(); 386 387 $page = array_merge( 388 $page, 389 array( 390 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 391 .l10n('Favorites').'</a>' 392 ) 393 ); 394 395 if (!empty($_GET['action']) && ($_GET['action'] == 'remove_all_from_favorites')) 396 { 397 $query = ' 398DELETE FROM '.FAVORITES_TABLE.' 399 WHERE user_id = '.$user['id'].' 400;'; 401 pwg_query($query); 402 redirect(make_index_url( array('section'=>'favorites') )); 403 } 404 else 405 { 406 $query = ' 407SELECT image_id 408 FROM '.FAVORITES_TABLE.' 409 INNER JOIN '.IMAGES_TABLE.' ON image_id = id 410 WHERE user_id = '.$user['id'].' 411'.get_sql_condition_FandF( 412 array( 413 'visible_images' => 'id' 414 ), 415 'AND' 416 ).' 417 '.$conf['order_by'].' 418;'; 419 $page = array_merge( 420 $page, 421 array( 422 'items' => query2array($query,null, 'image_id'), 423 ) 424 ); 425 426 if (count($page['items'])>0) 427 { 428 $template->assign( 429 'favorite', 430 array( 431 'U_FAVORITE' => add_url_params( 432 make_index_url( array('section'=>'favorites') ), 433 array('action'=>'remove_all_from_favorites') 434 ), 435 ) 436 ); 437 } 438 } 439 } 440// +-----------------------------------------------------------------------+ 441// | recent pictures section | 442// +-----------------------------------------------------------------------+ 443 else if ($page['section'] == 'recent_pics') 444 { 445 if ( !isset($page['super_order_by']) ) 446 { 447 $conf['order_by'] = str_replace( 448 'ORDER BY ', 449 'ORDER BY date_available DESC,', 450 $conf['order_by'] 451 ); 452 } 453 454 $query = ' 455SELECT DISTINCT(id) 456 FROM '.IMAGES_TABLE.' 457 INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id 458 WHERE ' 459 .get_recent_photos_sql('date_available').' 460 '.$forbidden 461 .$conf['order_by'].' 462;'; 463 464 $page = array_merge( 465 $page, 466 array( 467 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 468 .l10n('Recent photos').'</a>', 469 'items' => query2array($query,null, 'id'), 470 ) 471 ); 472 } 473// +-----------------------------------------------------------------------+ 474// | recently updated categories section | 475// +-----------------------------------------------------------------------+ 476 else if ($page['section'] == 'recent_cats') 477 { 478 $page = array_merge( 479 $page, 480 array( 481 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 482 .l10n('Recent albums').'</a>' 483 ) 484 ); 485 } 486// +-----------------------------------------------------------------------+ 487// | most visited section | 488// +-----------------------------------------------------------------------+ 489 else if ($page['section'] == 'most_visited') 490 { 491 $page['super_order_by'] = true; 492 $conf['order_by'] = ' ORDER BY hit DESC, id DESC'; 493 494 $query = ' 495SELECT DISTINCT(id) 496 FROM '.IMAGES_TABLE.' 497 INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id 498 WHERE hit > 0 499 '.$forbidden.' 500 '.$conf['order_by'].' 501 LIMIT '.$conf['top_number'].' 502;'; 503 504 $page = array_merge( 505 $page, 506 array( 507 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 508 .$conf['top_number'].' '.l10n('Most visited').'</a>', 509 'items' => query2array($query,null, 'id'), 510 ) 511 ); 512 } 513// +-----------------------------------------------------------------------+ 514// | best rated section | 515// +-----------------------------------------------------------------------+ 516 else if ($page['section'] == 'best_rated') 517 { 518 $page['super_order_by'] = true; 519 $conf['order_by'] = ' ORDER BY rating_score DESC, id DESC'; 520 521 $query =' 522SELECT DISTINCT(id) 523 FROM '.IMAGES_TABLE.' 524 INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id 525 WHERE rating_score IS NOT NULL 526 '.$forbidden.' 527 '.$conf['order_by'].' 528 LIMIT '.$conf['top_number'].' 529;'; 530 $page = array_merge( 531 $page, 532 array( 533 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 534 .$conf['top_number'].' '.l10n('Best rated').'</a>', 535 'items' => query2array($query,null, 'id'), 536 ) 537 ); 538 } 539// +-----------------------------------------------------------------------+ 540// | list section | 541// +-----------------------------------------------------------------------+ 542 else if ($page['section'] == 'list') 543 { 544 $query =' 545SELECT DISTINCT(id) 546 FROM '.IMAGES_TABLE.' 547 INNER JOIN '.IMAGE_CATEGORY_TABLE.' AS ic ON id = ic.image_id 548 WHERE image_id IN ('.implode(',', $page['list']).') 549 '.$forbidden.' 550 '.$conf['order_by'].' 551;'; 552 553 $page = array_merge( 554 $page, 555 array( 556 'title' => '<a href="'.duplicate_index_url(array('start'=>0)).'">' 557 .l10n('Random photos').'</a>', 558 'items' => query2array($query,null, 'id'), 559 ) 560 ); 561 } 562} 563 564// +-----------------------------------------------------------------------+ 565// | chronology | 566// +-----------------------------------------------------------------------+ 567if (isset($page['chronology_field'])) 568{ 569 unset($page['is_homepage']); 570 include_once( PHPWG_ROOT_PATH.'include/functions_calendar.inc.php' ); 571 initialize_calendar(); 572} 573 574// title update 575if (isset($page['title'])) 576{ 577 $page['section_title'] = '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'; 578 if (!empty($page['title'])) 579 { 580 $page['section_title'] .= $conf['level_separator'].$page['title']; 581 } 582 else 583 { 584 $page['title'] = $page['section_title']; 585 } 586} 587 588// add meta robots noindex, nofollow to avoid unnecesary robot crawls 589$page['meta_robots']=array(); 590if ( isset($page['chronology_field']) 591 or ( isset($page['flat']) and isset($page['category']) ) 592 or 'list'==$page['section'] or 'recent_pics'==$page['section'] ) 593{ 594 $page['meta_robots']=array('noindex'=>1, 'nofollow'=>1); 595} 596elseif ('tags'==$page['section']) 597{ 598 if ( count($page['tag_ids'])>1 ) 599 { 600 $page['meta_robots']=array('noindex'=>1, 'nofollow'=>1); 601 } 602} 603elseif ('recent_cats'==$page['section']) 604{ 605 $page['meta_robots']['noindex']=1; 606} 607elseif ('search'==$page['section']) 608{ 609 $page['meta_robots']['nofollow']=1; 610} 611if ( $filter['enabled'] ) 612{ 613 $page['meta_robots']['noindex']=1; 614} 615 616// see if we need a redirect because of a permalink 617if ( 'categories'==$page['section'] and isset($page['category']) and !isset($page['combined_categories'])) 618{ 619 $need_redirect=false; 620 if ( empty($page['category']['permalink']) ) 621 { 622 if ( $conf['category_url_style'] == 'id-name' and 623 @$page['hit_by']['cat_url_name'] !== str2url($page['category']['name']) ) 624 { 625 $need_redirect=true; 626 } 627 } 628 else 629 { 630 if ( $page['category']['permalink'] !== @$page['hit_by']['cat_permalink'] ) 631 { 632 $need_redirect=true; 633 } 634 } 635 636 if ($need_redirect) 637 { 638 check_restrictions($page['category']['id']); 639 $redirect_url = script_basename()=='picture' ? duplicate_picture_url() : duplicate_index_url(); 640 641 if (!headers_sent()) 642 { // this is a permanent redirection 643 set_status_header(301); 644 redirect_http( $redirect_url ); 645 } 646 redirect( $redirect_url ); 647 } 648 unset( $need_redirect, $page['hit_by'] ); 649} 650 651trigger_notify('loc_end_section_init'); 652?>