Lucid245
asked on
Differentiating User and Admin Category Results, MySql and PHP
Not very good when it comes to this language at all, just need the user section redone so that when a registered user logs in only the sub categories under "user photos" will be displayed from the cpg14x_categories table. the code currently for the admin section, I will post.
<----- ADMIN SECTION ----->
<?php
if (GALLERY_ADMIN_MODE) {
$CAT_LIST = array();
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
else
?>
<----- DUPLICATED FOR USER ------> But only Show the specifed table and sub list under user photos
<?php
if (GALLERY_USR_MODE) {
$CAT_LIST = array();
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
ASKER
Here's what I am playing around with so far, im sure its not that far off..
<---- Function Area ---- >
function alb_get_subcat_data_parent($parent_parent, $ident_parent = '')
{
global $CONFIG_parent, $CAT_LIST_parent;
$result_parent = cpg_db_query_parent("SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CATEGORIES']} WHERE parent = 15 ORDER BY asc");
if (mysql_num_rows($result_parent) > 0) {
$rowset_parent = cpg_db_fetch_rowset_parent($result_parent);
foreach ($rowset_parent as $subcat_parent) {
$CAT_LIST_parent[] = array($subcat_parent['parent'], $ident_parent . $subcat_parent['name']);
alb_get_subcat_data_parent($subcat_parent['parent'], $ident_parent . ' ');
}
}
}
pageheader($lang_albmgr_php['alb_mrg']);
<----- ADJUSTED CODE FOR SELECT LIST ------>
<?php
if (GALLERY_USR_MODE) {
$CAT_LIST_parent = array();
$CAT_LIST_parent[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST_parent[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data_parent(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST_parent as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
I would like to help you out.
First, would you be able to provide a URL link to this page?
Thank you,
=NerdsOfTech
First, would you be able to provide a URL link to this page?
Thank you,
=NerdsOfTech
ASKER
Its actually only online locally here as I wanted to work out the changes before I posted it, but what I am using is demo'd on coppermines site which is at http://coppermine-gallery.net/demo/cpg14x/ basically when you register as a user then when you goto create an album I want the category listing to show up only showing records that match the value of 15 in the parent field.
try:
<---- Function Area ---- >
function alb_get_subcat_data_parent($parent_parent, $ident_parent = '')
{
global $CONFIG_parent, $CAT_LIST_parent;
$result_parent = cpg_db_query_parent("SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CATEGORIES']} WHERE parent = 15 ORDER BY name ASC");
if (mysql_num_rows($result_parent) > 0) {
$rowset_parent = cpg_db_fetch_rowset_parent($result_parent);
foreach ($rowset_parent as $subcat_parent) {
$CAT_LIST_parent[] = array($subcat_parent['parent'], $ident_parent . $subcat_parent['name']);
// alb_get_subcat_data_parent($subcat_parent['parent'], $ident_parent . ' ');
}
}
}
pageheader($lang_albmgr_php['alb_mrg']);
<----- ADJUSTED CODE FOR SELECT LIST ------>
<?php
if (GALLERY_USR_MODE) {
$CAT_LIST_parent = array();
$CAT_LIST_parent[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST_parent[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data_parent(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST_parent as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
ASKER
with that I get no errors or anything when logging in as a user, but the select combo list does not show up at all.
ASKER
If I change between the function names in the code to see if its working the way it should I can make the select list populate fully... I will paste the entire code from the page, and see if that helps. I did make a few corrections myself as it should have been USER_ADMIN_MODE but I will post it all here..
define('IN_COPPERMINE', true);
define('ALBMGR_PHP', true);
require('include/init.inc.php');
if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
/**
* alb_get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function alb_get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
alb_get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
function alb_get_subcat_datas($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
$result = cpg_db_query("SELECT cid, name, description FROM cpg14x_categories WHERE parent = 15 ORDER BY name");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
alb_get_subcat_datas($subcat['cid'], $ident . ' ');
}
}
}
pageheader($lang_albmgr_php['alb_mrg']);
?>
<script language="javascript" type="text/javascript">
<!--
function CheckAlbumForm(frm)
{
var select_len = frm.to.length;
var album = new Object();
var changed = false;
for (i=0; i<select_len; i++) {
album = new parseSelectValue(frm.to, i);
if (album.action != '0') {
if (album.album_nm == '') {
alert('<?php echo $lang_albmgr_php['alb_need_name'] ?>');
frm.to.options[i].selected = true;
return false;
}
changed = true;
}
}
if (frm.delete_album.value.len !=0)
changed = true;
if (changed) {
if (confirm('<?php echo $lang_albmgr_php['confirm_modifs'] ?>')) {
for (i=0; i<select_len; i++) {
album = new parseSelectValue(frm.to, i);
if (album.action != '0') {
frm.to.options[i].selected = true;
}
}
return true;
}
else
return false;
}
else {
alert('<?php echo $lang_albmgr_php['no_change'] ?>');
return false;
}
}
function page_init()
{
document.album_menu.delete_album.value = "";
}
-->
</script>
<script language="javascript" type="text/javascript">
<!--
var selectedOptIndex;
function Album_Select(selectedIndex)
{
selectedOptIndex = selectedIndex;
for (i=0; i<document.album_menu.to.length; i++) {
document.album_menu.to.options[i].selected = false;
}
document.album_menu.to.options[selectedIndex].selected = true;
var album = new Object();
album = new parseSelectValue(document.album_menu.to, selectedIndex);
album.deleteFrm();
album.changeFrm();
}
function Moveup_Option()
{
var to = document.album_menu.to;
var pos = selectedOptIndex;
if (pos == 0) {
return;
}
swap_option(to, pos, pos-1);
selected_option(to, pos-1);
}
function Movedown_Option()
{
var to = document.album_menu.to;
var pos = selectedOptIndex;
if (pos == to.length-1) {
return;
}
swap_option(to, pos, pos+1);
selected_option(to, pos+1);
}
function Album_Create()
{
var prev_album;
var to_pos, album_type, album_sort;
var to = document.album_menu.to;
if (to.selectedIndex == -1)
to_pos = to.length;
else
to_pos = to.selectedIndex;
if (to_pos > 0) {
prev_album = new parseSelectValue(to, to_pos-1);
album_sort = Number(prev_album.album_sort)+1;
}
else {
album_sort = 1;
}
move_list (to, to_pos);
make_option("<?php echo $lang_albmgr_php['new_album'] ?>", make_value('0', "<?php echo $lang_albmgr_php['new_album'] ?>", album_sort, '1'), to, to_pos);
selected_option(to, to_pos);
}
function Album_Delete()
{
var album = new Object();
var to = document.album_menu.to;
album = new parseSelectValue(to, selectedOptIndex);
var msg = '<?php echo $lang_albmgr_php['confirm_delete1'] ?>';
if (album.action == '1') {
if (confirm(msg)) {
to.options[selectedOptIndex] = null;
document.album_menu.album_nm.value='';
}
else {
return;
}
}
else {
msg = msg + '<?php echo $lang_albmgr_php['confirm_delete2'] ?>';
if (confirm(msg)) {
var album = new Object();
album = new parseSelectValue(to, selectedOptIndex);
to.options[selectedOptIndex] = null;
document.album_menu.album_nm.value='';
document.album_menu.delete_album.value = document.album_menu.delete_album.value + album.album_no + ',';
}
else {
return;
}
}
}
function Album_NameChange(change_name)
{
try {
var album = new Object();
var to = document.album_menu.to;
var value;
var text;
album = new parseSelectValue(to, selectedOptIndex);
if (album.action == '1')
action = '1';
else
action = '2';
text = change_name.substring(0, 80);
value = make_value(album.album_no, change_name, album.album_sort, action);
make_option(text, value, to, selectedOptIndex);
}
catch(e) {
alert("<?php echo $lang_albmgr_php['select_first'] ?>");
}
}
function make_option(text, value, target, index)
{
target[index] = new Option(text, value);
}
function move_list(target, pos)
{
var album = new Object();
var listlen = target.length;
for (j=listlen-1; j>pos-1; j--) {
album = new parseSelectValue(target, j)
if (album.action == '1') {
value = make_value(album.album_no, album.album_nm, Number(album.album_sort)+1, '1');
}
else {
value = make_value(album.album_no, album.album_nm, Number(album.album_sort)+1, '2');
}
text = target.options[j].text;
make_option(text, value, target, j+1);
}
}
function _private_update_frm_element(name)
{
var frm = document.album_menu;
frm.album_nm.value = name;
}
function _private_change()
{
_private_update_frm_element(this.album_nm);
}
function _private_delete()
{
_private_update_frm_element('');
}
function parseSelectValue(select, selectedIndex)
{
var temp_nm
var option_value = select.options[selectedIndex].value;
this.album_no = option_value.substring(option_value.indexOf('album_no=') + 9, option_value.indexOf(','));
option_value = option_value.substring(option_value.indexOf(',') + 1);
temp_nm = option_value.substring(option_value.indexOf('album_nm=') + 9, option_value.indexOf('album_sort=')-1);
this.album_nm = temp_nm.substring(1, temp_nm.length-1);
option_value = option_value.substring(option_value.indexOf('album_sort='));
this.album_sort = option_value.substring(option_value.indexOf('album_sort=') + 11 ,option_value.indexOf(','));
option_value = option_value.substring(option_value.indexOf(',') + 1);
this.action = option_value.substring(option_value.indexOf('action=') + 7);
this.changeFrm = _private_change;
this.deleteFrm = _private_delete;
return this;
}
function selected_option(target, pos)
{
target.options[pos].selected = true;
Album_Select(pos);
}
function swap_option(target, swap_a, swap_b)
{
var album_a = new Object();
var album_b = new Object();
album_a = new parseSelectValue(target, swap_a);
album_b = new parseSelectValue(target, swap_b);
if (album_a.action == '0') album_a.action = '2';
if (album_b.action == '0') album_b.action = '2';
var temp_option = new Option(target.options[swap_a].text, make_value(album_a.album_no, album_a.album_nm,album_b.album_sort,album_a.action));
target[swap_a] = new Option(target.options[swap_b].text, make_value(album_b.album_no, album_b.album_nm,album_a.album_sort,album_b.action));
target[swap_b] = temp_option;
}
function make_value(album_no, album_nm, album_sort, action)
{
return "album_no=" + album_no + ",album_nm='" + album_nm + "',album_sort=" + album_sort + ",action=" + action;
}
-->
</script>
<form name="album_menu" method="post" action="delete.php?what=albmgr" onSubmit="return CheckAlbumForm(this);">
<?php starttable("100%", $lang_albmgr_php['alb_mrg'].' '.cpg_display_help('f=index.htm&as=albmgr&ae=albmgr_end&top=1', '600', '400'), 1);
?>
<tr>
<?php
$cat = isset($_GET['cat']) ? (int)($_GET['cat']) : 0;
if ($cat == 1) $cat = 0;
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat ORDER BY pos ASC");
} elseif (USER_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (USER_ID + FIRST_USER_CAT) . " ORDER BY pos ASC");
} else cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
$rowset = cpg_db_fetch_rowset($result);
$i = 100;
$sort_order = '';
if (count ($rowset) > 0) foreach ($rowset as $album) {
$sort_order .= $album['aid'] . '@' . ($i++) . ',';
}
?>
<input type="hidden" name="delete_album" value="" />
<input type="hidden" name="sort_order" value="<?php echo $sort_order ?>" />
<td class="tableb" valign="top" align="center">
<br />
<table width="300" border="0" cellspacing="0" cellpadding="0">
<?php
if (GALLERY_ADMIN_MODE) {
$CAT_LIST = array();
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
else
?>
<?php
if (USER_ADMIN_MODE) {
$CAT_LIST = array();
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
<tr>
<td>
<select id="to" name="to[]" size="<?php echo min(max(count ($rowset) + 3, 15), 40) ?>" multiple onChange="Album_Select(this.selectedIndex);" class="listbox" style="width: 300px">
<?php
$i = 100;
$lb = '';
if (count ($rowset) > 0) foreach ($rowset as $album) {
$lb .= ' <option value="album_no=' . $album['aid'] . ',album_nm=\'' . $album['title'] . '\',album_sort=' . ($i++) . ',action=0">' . stripslashes($album['title']) . "</option>\n";
}
echo $lb;
?>
</select>
</td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="javascript:Moveup_Option();"><img src="images/move_up.gif" width="26" height="21" border="0" alt="" /></a><a href="javascript:Movedown_Option();"><img src="images/move_down.gif" width="26" height="21" border="0" alt="" /></a>
</td>
<td align="center" style="background-color: #D4D0C8; width: 80px; height: 21px; border-top: 1px solid White; border-left: 1px solid White; border-right: 1px solid #808080; border-bottom: 1px solid #808080;"><a href="javascript:Album_Delete();" style="color: Black; font-weight: bold;"><?php echo $lang_albmgr_php['delete'] ?></a>
</td>
<td align="center" style="width: 1px;"><img src="images/spacer.gif" width="1" alt=""><br />
</td>
<td align="center" style="background-color: #D4D0C8; width: 80px; height: 21px; border-top: 1px solid White; border-left: 1px solid White; border-right: 1px solid #808080; border-bottom: 1px solid #808080;"><a href="javascript:Album_Create();" style="color: Black; font-weight: bold;"><?php echo $lang_albmgr_php['new'] ?></a>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><br />
<input type="text" name="album_nm" size="27" maxlength="80" class="textinput" style="width: 300px;" onChange="Album_NameChange(this.value);" onKeyUp="Album_NameChange(this.value);" />
<br />
<br />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan="2" align="center" class="tablef">
<input type="submit" class="button" value="<?php echo $lang_albmgr_php['apply_modifs'] ?>" />
</td>
</tr>
<?php
endtable();
echo '</form>';
pagefooter();
ob_end_flush();
?>
Remove static 15
Move the stipulation to function call instead
Move the stipulation to function call instead
<---- Function Area ---- >
function alb_get_subcat_data_parent($parent_parent, $ident_parent = '')
{
global $CONFIG_parent, $CAT_LIST_parent;
$result_parent = cpg_db_query_parent("SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CATEGORIES']} WHERE parent = $parent_parent ORDER BY name ASC");
if (mysql_num_rows($result_parent) > 0) {
$rowset_parent = cpg_db_fetch_rowset_parent($result_parent);
foreach ($rowset_parent as $subcat_parent) {
$CAT_LIST_parent[] = array($subcat_parent['parent'], $ident_parent . $subcat_parent['name']);
alb_get_subcat_data_parent($subcat_parent['parent'], $ident_parent . ' ');
}
}
}
pageheader($lang_albmgr_php['alb_mrg']);
<----- ADJUSTED CODE FOR SELECT LIST ------>
<?php
if (GALLERY_USR_MODE) {
$CAT_LIST_parent = array();
$CAT_LIST_parent[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST_parent[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data_parent(15, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST_parent as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
This howvere is only a temporary fix.
I reccommend that you create a new column in this table called isProtected
which will define those directories would should not be visible...
so your SQL will look like:
"SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CAT
I reccommend that you create a new column in this table called isProtected
which will define those directories would should not be visible...
so your SQL will look like:
"SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CAT
ASKER
Yeah still the same thing with that, no error but no select list showing up.. Should I do that isProtected field entry now and set the value to 0 for the ones I want displayed?
ASKER
define('IN_COPPERMINE', true);
define('ALBMGR_PHP', true);
require('include/init.inc.php');
if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
/**
* alb_get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function alb_get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
alb_get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
function alb_get_subcat_data_parent($parent_parent, $ident_parent = '')
{
global $CONFIG_parent, $CAT_LIST_parent;
$result_parent = cpg_db_query_parent("SELECT parent, name, description FROM {$CONFIG_parent['TABLE_CATEGORIES']} WHERE parent = $parent_parent ORDER BY name ASC");
if (mysql_num_rows($result_parent) > 0) {
$rowset_parent = cpg_db_fetch_rowset_parent($result_parent);
foreach ($rowset_parent as $subcat_parent) {
$CAT_LIST_parent[] = array($subcat_parent['parent'], $ident_parent . $subcat_parent['name']);
alb_get_subcat_data_parent($subcat_parent['parent'], $ident_parent . ' ');
}
}
}
pageheader($lang_albmgr_php['alb_mrg']);
?>
<script language="javascript" type="text/javascript">
<!--
function CheckAlbumForm(frm)
{
var select_len = frm.to.length;
var album = new Object();
var changed = false;
for (i=0; i<select_len; i++) {
album = new parseSelectValue(frm.to, i);
if (album.action != '0') {
if (album.album_nm == '') {
alert('<?php echo $lang_albmgr_php['alb_need_name'] ?>');
frm.to.options[i].selected = true;
return false;
}
changed = true;
}
}
if (frm.delete_album.value.len !=0)
changed = true;
if (changed) {
if (confirm('<?php echo $lang_albmgr_php['confirm_modifs'] ?>')) {
for (i=0; i<select_len; i++) {
album = new parseSelectValue(frm.to, i);
if (album.action != '0') {
frm.to.options[i].selected = true;
}
}
return true;
}
else
return false;
}
else {
alert('<?php echo $lang_albmgr_php['no_change'] ?>');
return false;
}
}
function page_init()
{
document.album_menu.delete_album.value = "";
}
-->
</script>
<script language="javascript" type="text/javascript">
<!--
var selectedOptIndex;
function Album_Select(selectedIndex)
{
selectedOptIndex = selectedIndex;
for (i=0; i<document.album_menu.to.length; i++) {
document.album_menu.to.options[i].selected = false;
}
document.album_menu.to.options[selectedIndex].selected = true;
var album = new Object();
album = new parseSelectValue(document.album_menu.to, selectedIndex);
album.deleteFrm();
album.changeFrm();
}
function Moveup_Option()
{
var to = document.album_menu.to;
var pos = selectedOptIndex;
if (pos == 0) {
return;
}
swap_option(to, pos, pos-1);
selected_option(to, pos-1);
}
function Movedown_Option()
{
var to = document.album_menu.to;
var pos = selectedOptIndex;
if (pos == to.length-1) {
return;
}
swap_option(to, pos, pos+1);
selected_option(to, pos+1);
}
function Album_Create()
{
var prev_album;
var to_pos, album_type, album_sort;
var to = document.album_menu.to;
if (to.selectedIndex == -1)
to_pos = to.length;
else
to_pos = to.selectedIndex;
if (to_pos > 0) {
prev_album = new parseSelectValue(to, to_pos-1);
album_sort = Number(prev_album.album_sort)+1;
}
else {
album_sort = 1;
}
move_list (to, to_pos);
make_option("<?php echo $lang_albmgr_php['new_album'] ?>", make_value('0', "<?php echo $lang_albmgr_php['new_album'] ?>", album_sort, '1'), to, to_pos);
selected_option(to, to_pos);
}
function Album_Delete()
{
var album = new Object();
var to = document.album_menu.to;
album = new parseSelectValue(to, selectedOptIndex);
var msg = '<?php echo $lang_albmgr_php['confirm_delete1'] ?>';
if (album.action == '1') {
if (confirm(msg)) {
to.options[selectedOptIndex] = null;
document.album_menu.album_nm.value='';
}
else {
return;
}
}
else {
msg = msg + '<?php echo $lang_albmgr_php['confirm_delete2'] ?>';
if (confirm(msg)) {
var album = new Object();
album = new parseSelectValue(to, selectedOptIndex);
to.options[selectedOptIndex] = null;
document.album_menu.album_nm.value='';
document.album_menu.delete_album.value = document.album_menu.delete_album.value + album.album_no + ',';
}
else {
return;
}
}
}
function Album_NameChange(change_name)
{
try {
var album = new Object();
var to = document.album_menu.to;
var value;
var text;
album = new parseSelectValue(to, selectedOptIndex);
if (album.action == '1')
action = '1';
else
action = '2';
text = change_name.substring(0, 80);
value = make_value(album.album_no, change_name, album.album_sort, action);
make_option(text, value, to, selectedOptIndex);
}
catch(e) {
alert("<?php echo $lang_albmgr_php['select_first'] ?>");
}
}
function make_option(text, value, target, index)
{
target[index] = new Option(text, value);
}
function move_list(target, pos)
{
var album = new Object();
var listlen = target.length;
for (j=listlen-1; j>pos-1; j--) {
album = new parseSelectValue(target, j)
if (album.action == '1') {
value = make_value(album.album_no, album.album_nm, Number(album.album_sort)+1, '1');
}
else {
value = make_value(album.album_no, album.album_nm, Number(album.album_sort)+1, '2');
}
text = target.options[j].text;
make_option(text, value, target, j+1);
}
}
function _private_update_frm_element(name)
{
var frm = document.album_menu;
frm.album_nm.value = name;
}
function _private_change()
{
_private_update_frm_element(this.album_nm);
}
function _private_delete()
{
_private_update_frm_element('');
}
function parseSelectValue(select, selectedIndex)
{
var temp_nm
var option_value = select.options[selectedIndex].value;
this.album_no = option_value.substring(option_value.indexOf('album_no=') + 9, option_value.indexOf(','));
option_value = option_value.substring(option_value.indexOf(',') + 1);
temp_nm = option_value.substring(option_value.indexOf('album_nm=') + 9, option_value.indexOf('album_sort=')-1);
this.album_nm = temp_nm.substring(1, temp_nm.length-1);
option_value = option_value.substring(option_value.indexOf('album_sort='));
this.album_sort = option_value.substring(option_value.indexOf('album_sort=') + 11 ,option_value.indexOf(','));
option_value = option_value.substring(option_value.indexOf(',') + 1);
this.action = option_value.substring(option_value.indexOf('action=') + 7);
this.changeFrm = _private_change;
this.deleteFrm = _private_delete;
return this;
}
function selected_option(target, pos)
{
target.options[pos].selected = true;
Album_Select(pos);
}
function swap_option(target, swap_a, swap_b)
{
var album_a = new Object();
var album_b = new Object();
album_a = new parseSelectValue(target, swap_a);
album_b = new parseSelectValue(target, swap_b);
if (album_a.action == '0') album_a.action = '2';
if (album_b.action == '0') album_b.action = '2';
var temp_option = new Option(target.options[swap_a].text, make_value(album_a.album_no, album_a.album_nm,album_b.album_sort,album_a.action));
target[swap_a] = new Option(target.options[swap_b].text, make_value(album_b.album_no, album_b.album_nm,album_a.album_sort,album_b.action));
target[swap_b] = temp_option;
}
function make_value(album_no, album_nm, album_sort, action)
{
return "album_no=" + album_no + ",album_nm='" + album_nm + "',album_sort=" + album_sort + ",action=" + action;
}
-->
</script>
<form name="album_menu" method="post" action="delete.php?what=albmgr" onSubmit="return CheckAlbumForm(this);">
<?php starttable("100%", $lang_albmgr_php['alb_mrg'].' '.cpg_display_help('f=index.htm&as=albmgr&ae=albmgr_end&top=1', '600', '400'), 1);
?>
<tr>
<?php
$cat = isset($_GET['cat']) ? (int)($_GET['cat']) : 0;
if ($cat == 1) $cat = 0;
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat ORDER BY pos ASC");
} elseif (USER_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (USER_ID + FIRST_USER_CAT) . " ORDER BY pos ASC");
} else cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
$rowset = cpg_db_fetch_rowset($result);
$i = 100;
$sort_order = '';
if (count ($rowset) > 0) foreach ($rowset as $album) {
$sort_order .= $album['aid'] . '@' . ($i++) . ',';
}
?>
<input type="hidden" name="delete_album" value="" />
<input type="hidden" name="sort_order" value="<?php echo $sort_order ?>" />
<td class="tableb" valign="top" align="center">
<br />
<table width="300" border="0" cellspacing="0" cellpadding="0">
<?php
if (GALLERY_ADMIN_MODE) {
$CAT_LIST = array();
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data(0, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
else
?>
<?php
if (USER_ADMIN_MODE) {
$CAT_LIST_parent = array();
$CAT_LIST_parent[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
$CAT_LIST_parent[] = array(0, $lang_albmgr_php['no_category']);
alb_get_subcat_data_parent(15, '');
echo <<<EOT
<tr>
<td>
<b>{$lang_albmgr_php['select_category']}</b>
<select onChange="if(this.options[this.selectedIndex].value) window.location.href='{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;" name="cat" class="listbox">
EOT;
foreach($CAT_LIST_parent as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
}
echo <<<EOT
</select>
<br /><br />
</td>
</tr>
EOT;
}
?>
<tr>
<td>
<select id="to" name="to[]" size="<?php echo min(max(count ($rowset) + 3, 15), 40) ?>" multiple onChange="Album_Select(this.selectedIndex);" class="listbox" style="width: 300px">
<?php
$i = 100;
$lb = '';
if (count ($rowset) > 0) foreach ($rowset as $album) {
$lb .= ' <option value="album_no=' . $album['aid'] . ',album_nm=\'' . $album['title'] . '\',album_sort=' . ($i++) . ',action=0">' . stripslashes($album['title']) . "</option>\n";
}
echo $lb;
?>
</select>
</td>
</tr>
<tr>
<td>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td><a href="javascript:Moveup_Option();"><img src="images/move_up.gif" width="26" height="21" border="0" alt="" /></a><a href="javascript:Movedown_Option();"><img src="images/move_down.gif" width="26" height="21" border="0" alt="" /></a>
</td>
<td align="center" style="background-color: #D4D0C8; width: 80px; height: 21px; border-top: 1px solid White; border-left: 1px solid White; border-right: 1px solid #808080; border-bottom: 1px solid #808080;"><a href="javascript:Album_Delete();" style="color: Black; font-weight: bold;"><?php echo $lang_albmgr_php['delete'] ?></a>
</td>
<td align="center" style="width: 1px;"><img src="images/spacer.gif" width="1" alt=""><br />
</td>
<td align="center" style="background-color: #D4D0C8; width: 80px; height: 21px; border-top: 1px solid White; border-left: 1px solid White; border-right: 1px solid #808080; border-bottom: 1px solid #808080;"><a href="javascript:Album_Create();" style="color: Black; font-weight: bold;"><?php echo $lang_albmgr_php['new'] ?></a>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td><br />
<input type="text" name="album_nm" size="27" maxlength="80" class="textinput" style="width: 300px;" onChange="Album_NameChange(this.value);" onKeyUp="Album_NameChange(this.value);" />
<br />
<br />
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td colspan="2" align="center" class="tablef">
<input type="submit" class="button" value="<?php echo $lang_albmgr_php['apply_modifs'] ?>" />
</td>
</tr>
<?php
endtable();
echo '</form>';
pagefooter();
ob_end_flush();
?>
Did that work?
ASKER
I didnt really look at the include at the top there, but after scanning over the inside of that code it looks like I should be adding a few lines in there as well... here is the code for init.inc.php
define('COPPERMINE_VERSION', '1.4.25');
define('COPPERMINE_VERSION_STATUS', 'stable');
if (!defined('IN_COPPERMINE')) { die('Not in Coppermine...');}
// Store all reported errors in the $cpgdebugger
require_once('include/debugger.inc.php');
set_magic_quotes_runtime(0);
// Do some cleanup in GET, POST and cookie data and un-register global vars
$HTML_SUBST = array('&' => '&', '"' => '"', '<' => '<', '>' => '>', '%26' => '&', '%22' => '"', '%3C' => '<', '%3E' => '>','%27' => ''', "'" => ''');
$keysToSkip = array('_POST', '_GET', '_COOKIE', '_REQUEST', '_SERVER', '_FILES', 'HTML_SUBST', 'keysToSkip', 'register_globals_flag', 'cpgdebugger', 'key');
if (ini_get('register_globals') == '1' || strtolower(ini_get('register_globals')) == 'on') {
$register_globals_flag = true;
} else {
$register_globals_flag = false;
}
if (is_array($GLOBALS)) {
foreach ($GLOBALS as $key => $value) {
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (get_magic_quotes_gpc()) {
if (is_array($_POST)) {
foreach ($_POST as $key => $value) {
if (!is_array($value))
$_POST[$key] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_GET)) {
foreach ($_GET as $key => $value) {
unset($_GET[$key]);
$_GET[strtr(stripslashes($key), $HTML_SUBST)] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
if (!is_array($value))
$_COOKIE[$key] = stripslashes($value);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_REQUEST)) {
foreach ($_REQUEST as $key => $value) {
if (!is_array($value))
$_REQUEST[$key] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
} else {
if (is_array($_POST)) {
foreach ($_POST as $key => $value) {
if (!is_array($value))
$_POST[$key] = strtr($value, $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_GET)) {
foreach ($_GET as $key => $value) {
unset($_GET[$key]);
$_GET[strtr(stripslashes($key), $HTML_SUBST)] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) {
unset($$key);
}
}
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_REQUEST)) {
foreach ($_REQUEST as $key => $value) {
if (!is_array($value))
$_REQUEST[$key] = strtr($value, $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
}
// used for timing purpose
$query_stats = array();
$queries = array();
function cpgGetMicroTime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
$cpg_time_start = cpgGetMicroTime();
// Initialise the $CONFIG array and some other variables
$CONFIG = array();
//$PHP_SELF = isset($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : $_SERVER['SCRIPT_NAME'];
$PHP_SELF = '';
$ORIGINAL_PHP_SELF = $_SERVER['PHP_SELF'];
$possibilities = array('REDIRECT_URL', 'PHP_SELF', 'SCRIPT_URL', 'SCRIPT_NAME','SCRIPT_FILENAME');
foreach ($possibilities as $test){
if (isset($_SERVER[$test]) && preg_match('/([^\/]+\.php)$/', $_SERVER[$test], $matches)){
$PHP_SELF = $_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME'] = $matches[1];
break;
}
}
$REFERER = urlencode($_SERVER['PHP_SELF'] . (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : ''));
$ALBUM_SET = '';
$META_ALBUM_SET = '';
$FORBIDDEN_SET = '';
$FORBIDDEN_SET_DATA = array();
$CURRENT_CAT_NAME = '';
$CAT_LIST = '';
// Record User's IP address
$raw_ip = stripslashes($_SERVER['REMOTE_ADDR']);
if (isset($_SERVER['HTTP_CLIENT_IP'])) {
$hdr_ip = stripslashes($_SERVER['HTTP_CLIENT_IP']);
} else {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$hdr_ip = stripslashes($_SERVER['HTTP_X_FORWARDED_FOR']);
} else {
$hdr_ip = $raw_ip;
}
}
if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $raw_ip)) $raw_ip = '0.0.0.0';
if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $hdr_ip)) $hdr_ip = '0.0.0.0';
// Define some constants
define('USER_GAL_CAT', 1);
define('FIRST_USER_CAT', 10000);
define('RANDPOS_MAX_PIC', 200);
define('TEMPLATE_FILE', 'template.html');
// Constants used by the cpg_die function
define('INFORMATION', 1);
define('ERROR', 2);
define('CRITICAL_ERROR', 3);
// Include config and functions files
if(file_exists('include/config.inc.php')){
ob_start();
require_once 'include/config.inc.php';
ob_clean();
} else {
// error handling: if the config file doesn't exist go to install
die('<html>
<head>
<title>Coppermine not installed yet</title>
<meta http-equiv="refresh" content="10;url=install.php">
<style type="text/css">
<!--
body { font-size: 12px; background: #FFFFFF; margin: 20%; color: black; font-family: verdana, arial, helvetica, sans-serif;}
-->
</style>
</head>
<body>
<img src="images/coppermine_logo.png" alt="Coppermine Photo Gallery - Your Online Photo Gallery" /><br />
Coppermine Photo Gallery seems not to be installed correctly, or you are running coppermine for the first time. You\'ll be redirected to the installer. If your browser doesn\'t support redirect, click <a href="install.php">here</a>.
</body>
</html>');
}
$mb_utf8_regex = '[\xE1-\xEF][\x80-\xBF][\x80-\xBF]|\xE0[\xA0-\xBF][\x80-\xBF]|[\xC2-\xDF][\x80-\xBF]';
require 'include/functions.inc.php';
# see http://php.net/mbstring for details
if (function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); }
$CONFIG['TABLE_PICTURES'] = $CONFIG['TABLE_PREFIX'].'pictures';
$CONFIG['TABLE_ALBUMS'] = $CONFIG['TABLE_PREFIX'].'albums';
$CONFIG['TABLE_COMMENTS'] = $CONFIG['TABLE_PREFIX'].'comments';
$CONFIG['TABLE_CATEGORIES'] = $CONFIG['TABLE_PREFIX'].'categories';
$CONFIG['TABLE_CONFIG'] = $CONFIG['TABLE_PREFIX'].'config';
$CONFIG['TABLE_USERGROUPS'] = $CONFIG['TABLE_PREFIX'].'usergroups';
$CONFIG['TABLE_VOTES'] = $CONFIG['TABLE_PREFIX'].'votes';
$CONFIG['TABLE_USERS'] = $CONFIG['TABLE_PREFIX'].'users';
$CONFIG['TABLE_BANNED'] = $CONFIG['TABLE_PREFIX'].'banned';
$CONFIG['TABLE_EXIF'] = $CONFIG['TABLE_PREFIX'].'exif';
$CONFIG['TABLE_FILETYPES'] = $CONFIG['TABLE_PREFIX'].'filetypes';
$CONFIG['TABLE_ECARDS'] = $CONFIG['TABLE_PREFIX'].'ecards';
$CONFIG['TABLE_TEMPDATA'] = $CONFIG['TABLE_PREFIX'].'temp_data';
$CONFIG['TABLE_FAVPICS'] = $CONFIG['TABLE_PREFIX'].'favpics';
$CONFIG['TABLE_BRIDGE'] = $CONFIG['TABLE_PREFIX'].'bridge';
$CONFIG['TABLE_VOTE_STATS'] = $CONFIG['TABLE_PREFIX'].'vote_stats';
$CONFIG['TABLE_HIT_STATS'] = $CONFIG['TABLE_PREFIX'].'hit_stats';
// Connect to database
($CONFIG['LINK_ID'] = cpg_db_connect()) || die('<b>Coppermine critical error</b>:<br />Unable to connect to database !<br /><br />MySQL said: <b>' . mysql_error() . '</b>');
// Retrieve DB stored configuration
$results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_CONFIG']}");
while ($row = mysql_fetch_array($results)) {
$CONFIG[$row['name']] = $row['value'];
} // while
mysql_free_result($results);
// Reference 'site_url' to 'ecards_more_pic_target'
$CONFIG['site_url'] =& $CONFIG['ecards_more_pic_target'];
// Include logger functions
include_once('include/logger.inc.php');
// Include media functions
require 'include/media.functions.inc.php';
// Check for GD GIF Create support
if ($CONFIG['thumb_method'] == 'im' || function_exists('imagecreatefromgif'))
$CONFIG['GIF_support'] = 1;
else
$CONFIG['GIF_support'] = 0;
// Include plugin API
require('include/plugin_api.inc.php');
if ($CONFIG['enable_plugins'] == 1) {
CPGPluginAPI::load();
}
// Set UDB_INTEGRATION if enabled in admin
if ($CONFIG['bridge_enable'] == 1 && !defined('BRIDGEMGR_PHP')) {
$BRIDGE = cpg_get_bridge_db_values();
} else {
$BRIDGE['short_name'] = 'coppermine';
$BRIDGE['use_standard_groups'] = 1;
$BRIDGE['recovery_logon_failures'] = 0;
$BRIDGE['use_post_based_groups'] = false;
}
define('UDB_INTEGRATION', $BRIDGE['short_name']);
require_once 'bridge/' . UDB_INTEGRATION . '.inc.php';
/*
Removed temporarily due to non-compliance with bridging system - Nibbler
// Retrieve Array of Admin Groups (used for hiding admin usernames on thumbnails)
$results = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_USERGROUPS']} WHERE has_admin_access ");
$CONFIG['ADMIN_GROUPS']=array();
while ($row = mysql_fetch_array($results)) {
$CONFIG['ADMIN_GROUPS'][]= $row['group_id'];
} // while
mysql_free_result($results);
// Retrieve Array of Admin Users (used for hiding admin usernames on thumbnails)
$results = cpg_db_query("SELECT {$cpg_udb->field['user_id']} as user_id FROM $cpg_udb->usertable WHERE {$cpg_udb->field['usertbl_group_id']} in (" . implode(',',$CONFIG['ADMIN_GROUPS']).')');
$CONFIG['ADMIN_USERS']=array();
while ($row = mysql_fetch_array($results)) {
$CONFIG['ADMIN_USERS'][] = $row['user_id'];
} // while
mysql_free_result($results);
*/
// Start output buffering
ob_start('cpg_filter_page_html');
// Parse cookie stored user profile
user_get_profile();
// Authenticate
$cpg_udb->authenticate();
// Test if admin mode
$USER['am'] = isset($USER['am']) ? (int)$USER['am'] : 0;
define('GALLERY_ADMIN_MODE', USER_IS_ADMIN && $USER['am']);
define('USER_ADMIN_MODE', USER_ID && USER_CAN_CREATE_ALBUMS && $USER['am'] && !GALLERY_ADMIN_MODE);
// Set error logging level
// Maze's new error report system
if (!USER_IS_ADMIN) {
if (!$CONFIG['debug_mode']) $cpgdebugger->stop(); // useless to run debugger cos there's no output
error_reporting(E_PARSE); // hide all errors for visitors
}
// Process theme selection if present in URI or in user profile
if (!empty($_GET['theme'])) {
$USER['theme'] = $_GET['theme'];
}
// Load theme file
if (isset($USER['theme']) && !strstr($USER['theme'], '/') && is_dir('themes/' . $USER['theme'])) {
$CONFIG['theme'] = strtr($USER['theme'], '$/\\:*?"\'<>|`', '____________');
} else {
unset($USER['theme']);
}
if (!file_exists("themes/{$CONFIG['theme']}/theme.php")) $CONFIG['theme'] = 'classic';
require "themes/{$CONFIG['theme']}/theme.php";
require "include/themes.inc.php"; //All Fallback Theme Templates and Functions
$THEME_DIR = "themes/{$CONFIG['theme']}/";
// Process language selection if present in URI or in user profile or try
// autodetection if default charset is utf-8
if (!empty($_GET['lang']))
{
$USER['lang'] = ereg("^[a-z0-9_-]*$", $_GET['lang']) ? $_GET['lang'] : $CONFIG['lang'];
}
if (isset($USER['lang']) && !strstr($USER['lang'], '/') && file_exists('lang/' . $USER['lang'] . '.php'))
{
$CONFIG['default_lang'] = $CONFIG['lang']; // Save default language
$CONFIG['lang'] = strtr($USER['lang'], '$/\\:*?"\'<>|`', '____________');
}
elseif ($CONFIG['charset'] == 'utf-8')
{
include('include/select_lang.inc.php');
if (file_exists('lang/' . $USER['lang'] . '.php'))
{
$CONFIG['default_lang'] = $CONFIG['lang']; // Save default language
$CONFIG['lang'] = $USER['lang'];
}
}
else
{
unset($USER['lang']);
}
if (isset($CONFIG['default_lang']) && ($CONFIG['default_lang']==$CONFIG['lang']))
{
unset($CONFIG['default_lang']);
}
if (!file_exists("lang/{$CONFIG['lang']}.php"))
$CONFIG['lang'] = 'english';
// We load the chosen language file
require "lang/{$CONFIG['lang']}.php";
// Include and process fallback here if lang <> english
if($CONFIG['lang'] != 'english' && $CONFIG['language_fallback']==1 ){
require "include/langfallback.inc.php";
}
// See if the fav cookie is set else set it
if (isset($_COOKIE[$CONFIG['cookie_name'] . '_fav'])) {
$FAVPICS = @unserialize(@base64_decode($_COOKIE[$CONFIG['cookie_name'] . '_fav']));
foreach ($FAVPICS as $key => $id ){
$FAVPICS[$key] = (int)$id; //protect against sql injection attacks
}
} else {
$FAVPICS = array();
}
// If the person is logged in get favs from DB those in the DB have precedence
if (USER_ID > 0){
$sql = "SELECT user_favpics FROM {$CONFIG['TABLE_FAVPICS']} WHERE user_id = ".USER_ID;
$results = cpg_db_query($sql);
$row = mysql_fetch_array($results);
if (!empty($row['user_favpics'])){
$FAVPICS = @unserialize(@base64_decode($row['user_favpics']));
}else{
$FAVPICS = array();
}
}
// If referer is set in URL and it contains 'http' or 'script' texts then set it to 'index.php' script
if (isset($_GET['referer'])) {
if (preg_match('/((\%3C)|<)[^\n]+((\%3E)|>)|(.*http.*)|(.*script.*)/i', $_GET['referer'])) {
$_GET['referer'] = 'index.php';
}
}
/**
* CPGPluginAPI::action('page_start',null)
*
* Executes page_start action on all plugins
*
* @param null
* @return N/A
**/
CPGPluginAPI::action('page_start',null);
// load the main template
load_template();
$CONFIG['template_loaded'] = true;
// Remove expired bans
$now = date('Y-m-d H:i:s');
cpg_db_query("DELETE FROM {$CONFIG['TABLE_BANNED']} WHERE expiry < '$now'");
// Check if the user is banned
$user_id = USER_ID;
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_BANNED']} WHERE (ip_addr='$raw_ip' OR ip_addr='$hdr_ip' OR user_id=$user_id) AND brute_force=0");
if (mysql_num_rows($result)) {
pageheader($lang_error);
msg_box($lang_info, $lang_errors['banned']);
pagefooter();
exit;
}
mysql_free_result($result);
// Retrieve the "private" album set
if (!GALLERY_ADMIN_MODE && $CONFIG['allow_private_albums']) get_private_album_set();
if (!USER_IS_ADMIN && $CONFIG['offline'] && !strstr($_SERVER["SCRIPT_NAME"],'login')) {
pageheader($lang_errors['offline_title']);
msg_box($lang_errors['offline_title'], $lang_errors['offline_text']);
pagefooter();
exit;
}
// kick user into user_admin_mode (needed to fix "removed user mode for users" when upgrading)
if (USER_ID && !USER_IS_ADMIN && !$USER['am']) { // user is logged in, but is not gallery admin and not in admin mode
$USER['am'] = 1;
pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"1;url=$referer\">");
msg_box($lang_info, 'Sending you to admin mode', $lang_continue, $referer);
pagefooter();
ob_end_flush();
die();
}
?>
ASKER
Nothing showed up again from the previous code post.... but I think it has to do with the snippet above.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hmmm I added in the pieces I think that I need and the select list seemingly still is not showing up, must be missing something..
define('COPPERMINE_VERSION', '1.4.25');
define('COPPERMINE_VERSION_STATUS', 'stable');
if (!defined('IN_COPPERMINE')) { die('Not in Coppermine...');}
// Store all reported errors in the $cpgdebugger
require_once('include/debugger.inc.php');
set_magic_quotes_runtime(0);
// Do some cleanup in GET, POST and cookie data and un-register global vars
$HTML_SUBST = array('&' => '&', '"' => '"', '<' => '<', '>' => '>', '%26' => '&', '%22' => '"', '%3C' => '<', '%3E' => '>','%27' => ''', "'" => ''');
$keysToSkip = array('_POST', '_GET', '_COOKIE', '_REQUEST', '_SERVER', '_FILES', 'HTML_SUBST', 'keysToSkip', 'register_globals_flag', 'cpgdebugger', 'key');
if (ini_get('register_globals') == '1' || strtolower(ini_get('register_globals')) == 'on') {
$register_globals_flag = true;
} else {
$register_globals_flag = false;
}
if (is_array($GLOBALS)) {
foreach ($GLOBALS as $key => $value) {
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (get_magic_quotes_gpc()) {
if (is_array($_POST)) {
foreach ($_POST as $key => $value) {
if (!is_array($value))
$_POST[$key] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_GET)) {
foreach ($_GET as $key => $value) {
unset($_GET[$key]);
$_GET[strtr(stripslashes($key), $HTML_SUBST)] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
if (!is_array($value))
$_COOKIE[$key] = stripslashes($value);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_REQUEST)) {
foreach ($_REQUEST as $key => $value) {
if (!is_array($value))
$_REQUEST[$key] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
} else {
if (is_array($_POST)) {
foreach ($_POST as $key => $value) {
if (!is_array($value))
$_POST[$key] = strtr($value, $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_GET)) {
foreach ($_GET as $key => $value) {
unset($_GET[$key]);
$_GET[strtr(stripslashes($key), $HTML_SUBST)] = strtr(stripslashes($value), $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) {
unset($$key);
}
}
}
if (is_array($_COOKIE)) {
foreach ($_COOKIE as $key => $value) {
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
if (is_array($_REQUEST)) {
foreach ($_REQUEST as $key => $value) {
if (!is_array($value))
$_REQUEST[$key] = strtr($value, $HTML_SUBST);
if (!in_array($key, $keysToSkip) && isset($$key) && $register_globals_flag) unset($$key);
}
}
}
// used for timing purpose
$query_stats = array();
$queries = array();
function cpgGetMicroTime()
{
list($usec, $sec) = explode(" ", microtime());
return ((float)$usec + (float)$sec);
}
$cpg_time_start = cpgGetMicroTime();
// Initialise the $CONFIG array and some other variables
$CONFIG = array();
$CONFIG_parent = array();
//$PHP_SELF = isset($_SERVER['REDIRECT_URL']) ? $_SERVER['REDIRECT_URL'] : $_SERVER['SCRIPT_NAME'];
$PHP_SELF = '';
$ORIGINAL_PHP_SELF = $_SERVER['PHP_SELF'];
$possibilities = array('REDIRECT_URL', 'PHP_SELF', 'SCRIPT_URL', 'SCRIPT_NAME','SCRIPT_FILENAME');
foreach ($possibilities as $test){
if (isset($_SERVER[$test]) && preg_match('/([^\/]+\.php)$/', $_SERVER[$test], $matches)){
$PHP_SELF = $_SERVER['PHP_SELF'] = $_SERVER['SCRIPT_NAME'] = $matches[1];
break;
}
}
$REFERER = urlencode($_SERVER['PHP_SELF'] . (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING'] ? '?' . $_SERVER['QUERY_STRING'] : ''));
$ALBUM_SET = '';
$META_ALBUM_SET = '';
$FORBIDDEN_SET = '';
$FORBIDDEN_SET_DATA = array();
$CURRENT_CAT_NAME = '';
$CAT_LIST = '';
$CAT_LIST_parent = '';
// Record User's IP address
$raw_ip = stripslashes($_SERVER['REMOTE_ADDR']);
if (isset($_SERVER['HTTP_CLIENT_IP'])) {
$hdr_ip = stripslashes($_SERVER['HTTP_CLIENT_IP']);
} else {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$hdr_ip = stripslashes($_SERVER['HTTP_X_FORWARDED_FOR']);
} else {
$hdr_ip = $raw_ip;
}
}
if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $raw_ip)) $raw_ip = '0.0.0.0';
if (!preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $hdr_ip)) $hdr_ip = '0.0.0.0';
// Define some constants
define('USER_GAL_CAT', 1);
define('FIRST_USER_CAT', 10000);
define('RANDPOS_MAX_PIC', 200);
define('TEMPLATE_FILE', 'template.html');
// Constants used by the cpg_die function
define('INFORMATION', 1);
define('ERROR', 2);
define('CRITICAL_ERROR', 3);
// Include config and functions files
if(file_exists('include/config.inc.php')){
ob_start();
require_once 'include/config.inc.php';
ob_clean();
} else {
// error handling: if the config file doesn't exist go to install
die('<html>
<head>
<title>Coppermine not installed yet</title>
<meta http-equiv="refresh" content="10;url=install.php">
<style type="text/css">
<!--
body { font-size: 12px; background: #FFFFFF; margin: 20%; color: black; font-family: verdana, arial, helvetica, sans-serif;}
-->
</style>
</head>
<body>
<img src="images/coppermine_logo.png" alt="Coppermine Photo Gallery - Your Online Photo Gallery" /><br />
Coppermine Photo Gallery seems not to be installed correctly, or you are running coppermine for the first time. You\'ll be redirected to the installer. If your browser doesn\'t support redirect, click <a href="install.php">here</a>.
</body>
</html>');
}
$mb_utf8_regex = '[\xE1-\xEF][\x80-\xBF][\x80-\xBF]|\xE0[\xA0-\xBF][\x80-\xBF]|[\xC2-\xDF][\x80-\xBF]';
require 'include/functions.inc.php';
# see http://php.net/mbstring for details
if (function_exists('mb_internal_encoding')) { mb_internal_encoding('UTF-8'); }
$CONFIG['TABLE_PICTURES'] = $CONFIG['TABLE_PREFIX'].'pictures';
$CONFIG['TABLE_ALBUMS'] = $CONFIG['TABLE_PREFIX'].'albums';
$CONFIG['TABLE_COMMENTS'] = $CONFIG['TABLE_PREFIX'].'comments';
$CONFIG['TABLE_CATEGORIES'] = $CONFIG['TABLE_PREFIX'].'categories';
$CONFIG_parent['TABLE_CATEGORIES'] = $CONFIG_parent['TABLE_PREFIX'].'categories';
$CONFIG['TABLE_CONFIG'] = $CONFIG['TABLE_PREFIX'].'config';
$CONFIG['TABLE_USERGROUPS'] = $CONFIG['TABLE_PREFIX'].'usergroups';
$CONFIG['TABLE_VOTES'] = $CONFIG['TABLE_PREFIX'].'votes';
$CONFIG['TABLE_USERS'] = $CONFIG['TABLE_PREFIX'].'users';
$CONFIG['TABLE_BANNED'] = $CONFIG['TABLE_PREFIX'].'banned';
$CONFIG['TABLE_EXIF'] = $CONFIG['TABLE_PREFIX'].'exif';
$CONFIG['TABLE_FILETYPES'] = $CONFIG['TABLE_PREFIX'].'filetypes';
$CONFIG['TABLE_ECARDS'] = $CONFIG['TABLE_PREFIX'].'ecards';
$CONFIG['TABLE_TEMPDATA'] = $CONFIG['TABLE_PREFIX'].'temp_data';
$CONFIG['TABLE_FAVPICS'] = $CONFIG['TABLE_PREFIX'].'favpics';
$CONFIG['TABLE_BRIDGE'] = $CONFIG['TABLE_PREFIX'].'bridge';
$CONFIG['TABLE_VOTE_STATS'] = $CONFIG['TABLE_PREFIX'].'vote_stats';
$CONFIG['TABLE_HIT_STATS'] = $CONFIG['TABLE_PREFIX'].'hit_stats';
// Connect to database
($CONFIG['LINK_ID'] = cpg_db_connect()) || die('<b>Coppermine critical error</b>:<br />Unable to connect to database !<br /><br />MySQL said: <b>' . mysql_error() . '</b>');
// Retrieve DB stored configuration
$results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_CONFIG']}");
while ($row = mysql_fetch_array($results)) {
$CONFIG[$row['name']] = $row['value'];
} // while
mysql_free_result($results);
// Reference 'site_url' to 'ecards_more_pic_target'
$CONFIG['site_url'] =& $CONFIG['ecards_more_pic_target'];
// Include logger functions
include_once('include/logger.inc.php');
// Include media functions
require 'include/media.functions.inc.php';
// Check for GD GIF Create support
if ($CONFIG['thumb_method'] == 'im' || function_exists('imagecreatefromgif'))
$CONFIG['GIF_support'] = 1;
else
$CONFIG['GIF_support'] = 0;
// Include plugin API
require('include/plugin_api.inc.php');
if ($CONFIG['enable_plugins'] == 1) {
CPGPluginAPI::load();
}
// Set UDB_INTEGRATION if enabled in admin
if ($CONFIG['bridge_enable'] == 1 && !defined('BRIDGEMGR_PHP')) {
$BRIDGE = cpg_get_bridge_db_values();
} else {
$BRIDGE['short_name'] = 'coppermine';
$BRIDGE['use_standard_groups'] = 1;
$BRIDGE['recovery_logon_failures'] = 0;
$BRIDGE['use_post_based_groups'] = false;
}
define('UDB_INTEGRATION', $BRIDGE['short_name']);
require_once 'bridge/' . UDB_INTEGRATION . '.inc.php';
/*
Removed temporarily due to non-compliance with bridging system - Nibbler
// Retrieve Array of Admin Groups (used for hiding admin usernames on thumbnails)
$results = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_USERGROUPS']} WHERE has_admin_access ");
$CONFIG['ADMIN_GROUPS']=array();
while ($row = mysql_fetch_array($results)) {
$CONFIG['ADMIN_GROUPS'][]= $row['group_id'];
} // while
mysql_free_result($results);
// Retrieve Array of Admin Users (used for hiding admin usernames on thumbnails)
$results = cpg_db_query("SELECT {$cpg_udb->field['user_id']} as user_id FROM $cpg_udb->usertable WHERE {$cpg_udb->field['usertbl_group_id']} in (" . implode(',',$CONFIG['ADMIN_GROUPS']).')');
$CONFIG['ADMIN_USERS']=array();
while ($row = mysql_fetch_array($results)) {
$CONFIG['ADMIN_USERS'][] = $row['user_id'];
} // while
mysql_free_result($results);
*/
// Start output buffering
ob_start('cpg_filter_page_html');
// Parse cookie stored user profile
user_get_profile();
// Authenticate
$cpg_udb->authenticate();
// Test if admin mode
$USER['am'] = isset($USER['am']) ? (int)$USER['am'] : 0;
define('GALLERY_ADMIN_MODE', USER_IS_ADMIN && $USER['am']);
define('USER_ADMIN_MODE', USER_ID && USER_CAN_CREATE_ALBUMS && $USER['am'] && !GALLERY_ADMIN_MODE);
// Set error logging level
// Maze's new error report system
if (!USER_IS_ADMIN) {
if (!$CONFIG['debug_mode']) $cpgdebugger->stop(); // useless to run debugger cos there's no output
error_reporting(E_PARSE); // hide all errors for visitors
}
// Process theme selection if present in URI or in user profile
if (!empty($_GET['theme'])) {
$USER['theme'] = $_GET['theme'];
}
// Load theme file
if (isset($USER['theme']) && !strstr($USER['theme'], '/') && is_dir('themes/' . $USER['theme'])) {
$CONFIG['theme'] = strtr($USER['theme'], '$/\\:*?"\'<>|`', '____________');
} else {
unset($USER['theme']);
}
if (!file_exists("themes/{$CONFIG['theme']}/theme.php")) $CONFIG['theme'] = 'classic';
require "themes/{$CONFIG['theme']}/theme.php";
require "include/themes.inc.php"; //All Fallback Theme Templates and Functions
$THEME_DIR = "themes/{$CONFIG['theme']}/";
// Process language selection if present in URI or in user profile or try
// autodetection if default charset is utf-8
if (!empty($_GET['lang']))
{
$USER['lang'] = ereg("^[a-z0-9_-]*$", $_GET['lang']) ? $_GET['lang'] : $CONFIG['lang'];
}
if (isset($USER['lang']) && !strstr($USER['lang'], '/') && file_exists('lang/' . $USER['lang'] . '.php'))
{
$CONFIG['default_lang'] = $CONFIG['lang']; // Save default language
$CONFIG['lang'] = strtr($USER['lang'], '$/\\:*?"\'<>|`', '____________');
}
elseif ($CONFIG['charset'] == 'utf-8')
{
include('include/select_lang.inc.php');
if (file_exists('lang/' . $USER['lang'] . '.php'))
{
$CONFIG['default_lang'] = $CONFIG['lang']; // Save default language
$CONFIG['lang'] = $USER['lang'];
}
}
else
{
unset($USER['lang']);
}
if (isset($CONFIG['default_lang']) && ($CONFIG['default_lang']==$CONFIG['lang']))
{
unset($CONFIG['default_lang']);
}
if (!file_exists("lang/{$CONFIG['lang']}.php"))
$CONFIG['lang'] = 'english';
// We load the chosen language file
require "lang/{$CONFIG['lang']}.php";
// Include and process fallback here if lang <> english
if($CONFIG['lang'] != 'english' && $CONFIG['language_fallback']==1 ){
require "include/langfallback.inc.php";
}
// See if the fav cookie is set else set it
if (isset($_COOKIE[$CONFIG['cookie_name'] . '_fav'])) {
$FAVPICS = @unserialize(@base64_decode($_COOKIE[$CONFIG['cookie_name'] . '_fav']));
foreach ($FAVPICS as $key => $id ){
$FAVPICS[$key] = (int)$id; //protect against sql injection attacks
}
} else {
$FAVPICS = array();
}
// If the person is logged in get favs from DB those in the DB have precedence
if (USER_ID > 0){
$sql = "SELECT user_favpics FROM {$CONFIG['TABLE_FAVPICS']} WHERE user_id = ".USER_ID;
$results = cpg_db_query($sql);
$row = mysql_fetch_array($results);
if (!empty($row['user_favpics'])){
$FAVPICS = @unserialize(@base64_decode($row['user_favpics']));
}else{
$FAVPICS = array();
}
}
// If referer is set in URL and it contains 'http' or 'script' texts then set it to 'index.php' script
if (isset($_GET['referer'])) {
if (preg_match('/((\%3C)|<)[^\n]+((\%3E)|>)|(.*http.*)|(.*script.*)/i', $_GET['referer'])) {
$_GET['referer'] = 'index.php';
}
}
/**
* CPGPluginAPI::action('page_start',null)
*
* Executes page_start action on all plugins
*
* @param null
* @return N/A
**/
CPGPluginAPI::action('page_start',null);
// load the main template
load_template();
$CONFIG['template_loaded'] = true;
// Remove expired bans
$now = date('Y-m-d H:i:s');
cpg_db_query("DELETE FROM {$CONFIG['TABLE_BANNED']} WHERE expiry < '$now'");
// Check if the user is banned
$user_id = USER_ID;
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_BANNED']} WHERE (ip_addr='$raw_ip' OR ip_addr='$hdr_ip' OR user_id=$user_id) AND brute_force=0");
if (mysql_num_rows($result)) {
pageheader($lang_error);
msg_box($lang_info, $lang_errors['banned']);
pagefooter();
exit;
}
mysql_free_result($result);
// Retrieve the "private" album set
if (!GALLERY_ADMIN_MODE && $CONFIG['allow_private_albums']) get_private_album_set();
if (!USER_IS_ADMIN && $CONFIG['offline'] && !strstr($_SERVER["SCRIPT_NAME"],'login')) {
pageheader($lang_errors['offline_title']);
msg_box($lang_errors['offline_title'], $lang_errors['offline_text']);
pagefooter();
exit;
}
// kick user into user_admin_mode (needed to fix "removed user mode for users" when upgrading)
if (USER_ID && !USER_IS_ADMIN && !$USER['am']) { // user is logged in, but is not gallery admin and not in admin mode
$USER['am'] = 1;
pageheader($lang_info, "<META http-equiv=\"refresh\" content=\"1;url=$referer\">");
msg_box($lang_info, 'Sending you to admin mode', $lang_continue, $referer);
pagefooter();
ob_end_flush();
die();
}
?>
ASKER
I got it now, its working great... here is the fixed area.
function alb_get_subcat_data_parent($parent, $ident = '')
{
global $CONFIG, $CAT_LIST;
$result = cpg_db_query("SELECT cid, parent, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = $parent ORDER BY name ASC");
if (mysql_num_rows($result) > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
alb_get_subcat_data_parent($subcat['cid'], $ident . ' ');
}
}
}
Awesome great job!
ASKER