ploto

ploto Commit Details


Date:2015-10-11 21:48:12 (9 years 2 months ago)
Author:Natalie Adams
Branch:master
Commit:eb9183e43106bbabd34a7db48187fcd1daa081a8
Parents: dceb7f4ea8eb831b1d28e647cfb0d0e20ae09390
Message:Updating to use mysqli API
Changes:

File differences

.gitignore
1
2
plog-config.php
.idea
.htaccess
1
2
3
4
# BEGIN Plogger
# END Plogger
plog-admin/includes/install-functions.php
1010
1111
1212
13
13
1414
15
15
1616
1717
1818
19
19
2020
2121
2222
......
2828
2929
3030
31
31
3232
33
33
3434
3535
3636
3737
38
38
3939
4040
4141
......
4747
4848
4949
50
50
5151
5252
53
54
55
53
54
55
5656
5757
5858
......
6868
6969
7070
71
71
7272
7373
7474
......
351351
352352
353353
354
354
355355
356356
357357
......
363363
364364
365365
366
366
367367
368368
369369
......
373373
374374
375375
376
377
376
377
378378
379379
380380
......
386386
387387
388388
389
389
390390
391391
392392
......
402402
403403
404404
405
405
406406
407407
408408
......
435435
436436
437437
438
438
439439
440440
441441
......
445445
446446
447447
448
448
449449
450450
451451
......
454454
455455
456456
457
457
458458
459459
460460
......
465465
466466
467467
468
468
469469
470470
471471
......
484484
485485
486486
487
487
488488
489489
490490
......
507507
508508
509509
510
511
510
511
512512
513513
514514
......
546546
547547
548548
549
549
550550
551551
552552
......
570570
571571
572572
573
574
575
576
577
573
574
575
576
577
578578
579579
580580
......
664664
665665
666666
667
667
668668
669669
670670
......
673673
674674
675675
676
676
677677
678678
679679
......
682682
683683
684684
685
685
686686
687687
688688
......
691691
692692
693693
694
694
695695
696696
697697
......
709709
710710
711711
712
712
713713
714714
715715
716716
717717
718718
719
719
720720
721721
722722
723723
724
724
725725
726726
727727
......
783783
784784
785785
786
786
787787
788788
789789
790790
791791
792792
793
793
794794
795795
796796
......
866866
867867
868868
869
869
870870
871871
872872
873
873
874874
875875
876876
877877
878878
879
879
880880
881881
882882
......
886886
887887
888888
889
890
889
890
891891
892892
893893
......
901901
902902
903903
904
904
905905
906906
907907
908
909
908
909
910910
911
911
912912
913913
914914
......
919919
920920
921921
922
923
922
923
924924
925
925
926926
927927
928928
......
933933
934934
935935
936
936
937937
938
938
939939
940940
941941
......
996996
997997
998998
999
999
10001000
10011001
10021002
......
11421142
11431143
11441144
1145
1145
function maybe_add_column($table, $column, $add_sql) {
$sql = "DESCRIBE $table";
$res = mysql_query($sql);
$res = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
$found = false;
while($row = mysql_fetch_array($res, MYSQL_NUM)) {
while($row = mysqli_fetch_array($res, MYSQL_NUM)) {
if ($row[0] == $column) $found = true;
}
if (!$found) {
mysql_query("ALTER TABLE $table ADD `$column` ".$add_sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],"ALTER TABLE $table ADD `$column` ".$add_sql);
return plog_tr('Added new field to database').': '.$column;
} else {
if (defined('PLOGGER_DEBUG')) {
function maybe_drop_column($table, $column) {
$sql = "DESCRIBE $table";
$res = mysql_query($sql);
$res = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
$found = false;
while($row = mysql_fetch_array($res, MYSQL_NUM)) {
while($row = mysqli_fetch_array($res, MYSQL_NUM)) {
if ($row[0] == $column) $found = true;
}
if ($found) {
$sql = "ALTER TABLE $table DROP `$column`";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
return plog_tr('Dropped column').': '.$column;
} else {
if (defined('PLOGGER_DEBUG')) {
function maybe_add_table($table, $add_sql, $options = '') {
$sql = "DESCRIBE $table";
$res = mysql_query($sql);
$res = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
if (!$res) {
$q = "CREATE table `$table` ($add_sql) $options";
mysql_query($q);
if (mysql_error()) {
var_dump(mysql_error());
mysqli_query($GLOBALS["PLOGGER_DBH"],$q);
if (mysqli_error($GLOBALS["PLOGGER_DBH"])) {
var_dump(mysqli_error($GLOBALS["PLOGGER_DBH"]));
} else {
return true;
}
// Since 4.1 MySQL has support for specifying character encoding for tables
// and I really want to use it if available. So we need figure out what version
// we are running on and to the right thing
$mysql_version = mysql_get_server_info();
$mysql_version = mysqli_get_server_info($GLOBALS["PLOGGER_DBH"]);
$mysql_charset_support = '4.1';
$default_charset = '';
`id` int(11) NOT NULL auto_increment,
`thumbnail_id` int(11) NOT NULL DEFAULT '0',
PRIMARY KEY (`id`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'albums'
`thumbnail_id` int(11) NOT NULL default '0',
PRIMARY KEY (`id`),
INDEX pid_idx (`parent_id`)"
," Type=MyISAM $default_charset");
," Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'pictures'
`caption` mediumtext NOT NULL,
`description` text NOT NULL,
`id` int(11) NOT NULL auto_increment,
`date_modified` timestamp(14) NOT NULL,
`date_submitted` timestamp(14) NOT NULL,
`date_modified` timestamp(6) NOT NULL,
`date_submitted` timestamp(6) NOT NULL,
`EXIF_date_taken` varchar(64) NOT NULL default '',
`EXIF_camera` varchar(64) NOT NULL default '',
`EXIF_shutterspeed` varchar(64) NOT NULL default '',
PRIMARY KEY (`id`),
INDEX pa_idx (`parent_album`),
INDEX pc_idx (`parent_collection`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'comments'
PRIMARY KEY (`id`),
INDEX pid_idx (`parent_id`),
INDEX approved_idx (`approved`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'config'
`thumb_nav_range` int(11) NOT NULL default '0',
`allow_fullpic` tinyint default '1',
PRIMARY KEY (`thumb_num`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'thumbnail_config'
`disabled` tinyint default '0',
`resize_option` tinyint default '2',
PRIMARY KEY (`id`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
/*maybe_add_table(
PLOGGER_TABLE_PREFIX.'tag2picture'
`tagdate` datetime default NULL,
KEY `tag_id` (`tag_id`),
KEY `picture_id` (`picture_id`)"
,"Type=MyISAM $default_charset");
,"Engine=MyISAM $default_charset");
maybe_add_table(
PLOGGER_TABLE_PREFIX.'tags'
PRIMARY KEY (`id`),
UNIQUE `tag` (`tag`),
UNIQUE `urlified` (`urlified`)"
,"Type=MyISAM $default_charset");*/
,"Engine=MyISAM $default_charset");*/
}
$resize = ($key == THUMB_SMALL || $key == THUMB_NAV) ? 3: 2;
$sql = "INSERT INTO `".PLOGGER_TABLE_PREFIX."thumbnail_config` (`id`, `update_timestamp`, `max_size`, `resize_option`)
VALUES('$key', '$long_ago', '$size', '$resize')";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
$config['gallery_url'] = 'http://'.$_SERVER['SERVER_NAME'].dirname(dirname($_SERVER['PHP_SELF']));
$config = array_map('mysql_real_escape_string', $config);
$row_exist = mysql_query("SELECT * FROM `".PLOGGER_TABLE_PREFIX."config`");
$row_exist_num = mysql_num_rows($row_exist);
$row_exist = mysqli_query($GLOBALS["PLOGGER_DBH"],"SELECT * FROM `".PLOGGER_TABLE_PREFIX."config`");
$row_exist_num = mysqli_num_rows($row_exist);
if ($row_exist_num == 0) {
$query = "INSERT INTO `".PLOGGER_TABLE_PREFIX."config`
`gallery_name` = '${config['gallery_name']}',
`gallery_url` = '${config['gallery_url']}'";
}
mysql_query($query);
mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
// Create the FTP columns in the config table if safe_mode enabled/
if (is_safe_mode() && isset($_SESSION['ftp_values'])) {
maybe_add_column(PLOGGER_TABLE_PREFIX.'config', 'ftp_pass', "varchar(64) NOT NULL default ''");
maybe_add_column(PLOGGER_TABLE_PREFIX.'config', 'ftp_path', "varchar(255) NOT NULL default ''");
$query = "UPDATE `".PLOGGER_TABLE_PREFIX."config` SET
`ftp_host` = '".mysql_real_escape_string($form['ftp_host'])."',
`ftp_user` = '".mysql_real_escape_string($form['ftp_user'])."',
`ftp_pass` = '".mysql_real_escape_string($form['ftp_pass'])."',
`ftp_path` = '".mysql_real_escape_string($form['ftp_path'])."'";
mysql_query($query);
`ftp_host` = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$form['ftp_host'])."',
`ftp_user` = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$form['ftp_user'])."',
`ftp_pass` = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$form['ftp_pass'])."',
`ftp_path` = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$form['ftp_path'])."'";
mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
}
function fix_open_perms($dirs, $action = 'rename') {
if (!isset($thumbnail_config[THUMB_SMALL]) || empty($thumbnail_config[THUMB_SMALL]['size'])) {
$sql = "INSERT INTO `".PLOGGER_TABLE_PREFIX."thumbnail_config` (id, update_timestamp, max_size)
VALUES('".THUMB_SMALL."', '".$long_ago."', '".$config['max_thumbnail_size']."')";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
if (!isset($config['max_display_size'])) {
if (!isset($thumbnail_config[THUMB_LARGE]) || empty($thumbnail_config[THUMB_LARGE]['size'])) {
$sql = "INSERT INTO `".PLOGGER_TABLE_PREFIX."thumbnail_config` (id, update_timestamp, max_size)
VALUES('".THUMB_LARGE."', '".$long_ago."', '".$config['max_display_size']."')";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
if (!isset($config['rss_thumbsize'])) {
if (!isset($thumbnail_config[THUMB_RSS]) || empty($thumbnail_config[THUMB_RSS]['size'])) {
$sql = "INSERT INTO `".PLOGGER_TABLE_PREFIX."thumbnail_config` (id, update_timestamp, max_size)
VALUES('".THUMB_RSS."', '".$long_ago."', '".$config['rss_thumbsize']."')";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
if (!isset($config['nav_thumbsize'])) {
if (!isset($thumbnail_config[THUMB_NAV]) || empty($thumbnail_config[THUMB_NAV]['size'])) {
$sql = "INSERT INTO `".PLOGGER_TABLE_PREFIX."thumbnail_config` (id, update_timestamp, max_size)
VALUES('".THUMB_NAV."', '".$long_ago."', '".$config['nav_thumbsize']."')";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
}
// Make sure to set the resize_option to square for small thumbs if previously set
if (isset($config['square_thumbs']) && $config['square_thumbs'] == 1) {
$sql = "UPDATE `".PLOGGER_TABLE_PREFIX."thumbnail_config` SET `resize_option` = '3' WHERE `id` = '".THUMB_SMALL."'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
// Move enable_thumb_nav setting to plogger_thumbnail_config table
if (isset($config['enable_thumb_nav'])) {
$disabled = ($config['enable_thumb_nav'] == 0) ? 1 : 0;
$sql = "UPDATE `".PLOGGER_TABLE_PREFIX."thumbnail_config` SET `disabled` = '$disabled' WHERE `id` = '".THUMB_NAV."'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
// set navigation thumbnails to square
$sql = "UPDATE `".PLOGGER_TABLE_PREFIX."thumbnail_config` SET `resize_option` = '3' WHERE `id` = '".THUMB_NAV."'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
/** plogger_config **/
$config['baseurl'] = 'http://'.$_SERVER['HTTP_HOST'].dirname(dirname($_SERVER['PHP_SELF'])).'/';
$output[] = plog_tr('Setting gallery url to ').$config['baseurl'];
$sql = "UPDATE `".PLOGGER_TABLE_PREFIX."config` SET gallery_url = '".$config['baseurl']."'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
// Insert default theme directory if not already set
if (!isset($config['theme_dir']) || empty($config['theme_dir'])) {
$output[] = plog_tr('Setting default theme directory to \'default\'');
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."config SET `theme_dir` = 'default' WHERE 1";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
/** plogger_collections **/
");*/
$sql = 'ALTER TABLE '.PLOGGER_TABLE_PREFIX.'comments ADD INDEX approved_idx (`approved`)';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
// Add ip and approved fields to comments table
$sql = 'ALTER TABLE '.PLOGGER_TABLE_PREFIX.'comments CHANGE `date` `date` datetime';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
// Convert charsets
// Since 4.1 MySQL has support for specifying character encoding for tables
// and I really want to use it if available. So we need figure out what version
// we are running on and to the right hting
$mysql_version = mysql_get_server_info();
$mysql_version = mysqli_get_server_info($GLOBALS["PLOGGER_DBH"]);
$mysql_charset_support = '4.1';
$default_charset = '';
foreach($tables as $table) {
$tablename = PLOGGER_TABLE_PREFIX.$table;
$sql = "ALTER TABLE $tablename DEFAULT CHARACTER SET $charset";
if (!mysql_query($sql)) {
$output[] = "failed to convert $tablename to $charset<br />".mysql_error();
if (!mysqli_query($GLOBALS["PLOGGER_DBH"],$sql)) {
$output[] = "failed to convert $tablename to $charset<br />".mysqli_error($GLOBALS["PLOGGER_DBH"]);
}
}
}
// Strip 'images/' prefix from pictures table
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = SUBSTRING(path,8) WHERE SUBSTRING(path,1,7) = 'images/'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
// Update 'path' for collections table
$sql = "SELECT id,name FROM ".PLOGGER_TABLE_PREFIX."collections";
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($row = mysqli_fetch_assoc($result)) {
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET path = '".strtolower(sanitize_filename($row['name']))."' WHERE id = ".$row['id'];
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
if (!file_exists(PLOGGER_DIR.'plog-content/images/'.strtolower(sanitize_filename($row['name'])))) {
$list[$total] = array('container' => 1, 'new_path' => 'plog-content/images/'.strtolower(sanitize_filename($row['name'])));
$total++;
$sql = "SELECT a.id AS id, a.name AS name, c.path AS collection_path
FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."collections c
WHERE a.parent_id = c.id";
$result = mysql_query($sql);
while($row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($row = mysqli_fetch_assoc($result)) {
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET path = '".strtolower(sanitize_filename($row['name']))."' WHERE id = ".$row['id'];
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
if (!file_exists(PLOGGER_DIR.'plog-content/images/'.$row['collection_path'].'/'.strtolower(sanitize_filename($row['name'])))) {
$list[$total] = array('container' => 1, 'new_path' => 'plog-content/images/'.$row['collection_path'].'/'.strtolower(sanitize_filename($row['name'])));
$total++;
$sql = "SELECT p.path AS path, p.id AS pid,c.path AS collection_path, a.path AS album_path
FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."pictures p, ".PLOGGER_TABLE_PREFIX."collections c
WHERE p.parent_album = a.id AND p.parent_collection = c.id";
$result = mysql_query($sql);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$filename = sanitize_filename(basename($row['path']));
$c_directory = $row['collection_path'].'/';
$a_directory = $row['collection_path'].'/'.$row['album_path'].'/';
@chmod(PLOGGER_DIR.$new_path, PLOGGER_CHMOD_DIR);
$output[] = sprintf(plog_tr('Moved file %s -> %s'), '<strong>'.$image['old_path'].'</strong>', '<strong>'.'plog-content/images/'.$image['new_path'].'</strong>');
// Update database
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '".mysql_real_escape_string($image['new_path'])."' WHERE id = '".$image['id']."'";
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$image['new_path'])."' WHERE id = '".$image['id']."'";
run_query($sql);
// Generate a new small thumbnail after database has been updated in case script times out
$thumbpath = generate_thumb($image['new_path'], $image['id'], THUMB_SMALL);
return array('errors' => $errors, 'output' => $output);
}
?>
?>
plog-admin/plog-admin-functions.php
235235
236236
237237
238
238
239239
240240
241241
......
323323
324324
325325
326
326
327327
328328
329329
330
331
332
333
334
335
336
337
338
330
331
332
333
334
335
336
337
338
339339
340340
341341
342342
343
343
344344
345345
346346
......
357357
358358
359359
360
361
360
361
362362
363363
364364
365365
366366
367367
368
368
369369
370370
371371
372
372
373373
374374
375375
......
382382
383383
384384
385
385
386386
387387
388388
389
389
390390
391391
392392
......
403403
404404
405405
406
406
407407
408408
409409
......
470470
471471
472472
473
473
474474
475475
476476
477
478
477
478
479479
480480
481481
......
570570
571571
572572
573
574
575
573
574
575
576576
577577
578
578
579579
580580
581581
......
609609
610610
611611
612
613
612
613
614614
615615
616616
......
619619
620620
621621
622
622
623623
624624
625625
......
650650
651651
652652
653
653
654654
655655
656
656
657657
658
658
659659
660660
661661
......
670670
671671
672672
673
673
674674
675675
676676
677677
678
678
679679
680680
681681
682
682
683683
684684
685685
......
697697
698698
699699
700
700
701701
702702
703703
704
704
705705
706706
707707
......
717717
718718
719719
720
720
721721
722722
723723
......
726726
727727
728728
729
729
730730
731731
732732
......
768768
769769
770770
771
771
772772
773773
774774
......
800800
801801
802802
803
804
805
803
804
805
806806
807807
808
808
809809
810810
811811
......
826826
827827
828828
829
830
829
830
831831
832832
833833
......
840840
841841
842842
843
843
844844
845845
846846
......
873873
874874
875875
876
876
877877
878878
879879
......
883883
884884
885885
886
886
887887
888
888
889889
890890
891891
......
897897
898898
899899
900
900
901901
902902
903
903
904904
905905
906906
907
907
908908
909909
910910
......
919919
920920
921921
922
922
923923
924924
925925
......
928928
929929
930930
931
931
932932
933933
934934
......
957957
958958
959959
960
960
961961
962962
963963
......
973973
974974
975975
976
976
977977
978978
979979
......
10091009
10101010
10111011
1012
1012
10131013
10141014
10151015
......
10211021
10221022
10231023
1024
1024
10251025
10261026
10271027
10281028
10291029
1030
1030
10311031
10321032
10331033
......
10581058
10591059
10601060
1061
1061
10621062
10631063
10641064
......
10671067
10681068
10691069
1070
1070
10711071
10721072
10731073
......
11011101
11021102
11031103
1104
1105
1106
1107
1104
1105
1106
1107
11081108
11091109
1110
1110
11111111
11121112
11131113
......
11221122
11231123
11241124
1125
1125
11261126
11271127
1128
1128
11291129
11301130
11311131
......
11401140
11411141
11421142
1143
1143
11441144
11451145
11461146
......
11491149
11501150
11511151
1152
1152
11531153
11541154
11551155
......
11601160
11611161
11621162
1163
1163
11641164
11651165
11661166
......
11711171
11721172
11731173
1174
1174
11751175
11761176
11771177
......
11801180
11811181
11821182
1183
1183
11841184
11851185
11861186
......
15301530
15311531
15321532
1533
1533
15341534
15351535
15361536
......
15821582
15831583
15841584
1585
1585
15861586
15871587
15881588
......
19741974
19751975
19761976
1977
1977
19781978
19791979
19801980
WHERE c.id = a.parent_id AND a.id = '$album_id'";
$sql_result = run_query($sql);
$albumdata = mysql_fetch_assoc($sql_result);
$albumdata = mysqli_fetch_assoc($sql_result);
// This shouldn't happen in normal cases
if (empty($albumdata)) {
VALUES
('".$albumdata['collection_id']."',
'".$albumdata['album_id']."',
'".mysql_real_escape_string($picture_path)."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$picture_path)."',
NOW(),
NOW(),
".intval($allow_comm).",
'".mysql_real_escape_string($exif['date_taken'])."',
'".mysql_real_escape_string($exif['camera'])."',
'".mysql_real_escape_string($exif['shutter_speed'])."',
'".mysql_real_escape_string($exif['focal_length'])."',
'".mysql_real_escape_string($exif['flash'])."',
'".mysql_real_escape_string($exif['aperture'])."',
'".mysql_real_escape_string($exif['iso'])."',
'".mysql_real_escape_string($caption)."',
'".mysql_real_escape_string($desc)."')";
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['date_taken'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['camera'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['shutter_speed'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['focal_length'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['flash'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['aperture'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['iso'])."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$caption)."',
'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$desc)."')";
$sql_result = run_query($query);
$result['output'] .= sprintf(plog_tr('Your image %s was uploaded successfully.'), '<strong>'.$filename.'</strong>');
$result['picture_id'] = mysql_insert_id();
$result['picture_id'] = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);
// Let's generate the thumbnail and the large thumbnail right away.
// This way, the user won't see any latency from the thumbnail generation
function update_picture($id, $caption, $allow_comments, $description) {
$id = intval($id);
$caption = mysql_real_escape_string($caption);
$description = mysql_real_escape_string($description);
$caption = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$caption);
$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
$allow_comments = intval($allow_comments);
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
caption = '$caption',
description = '$description',
allow_comments = '$allow_comments'
WHERE id='$id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected picture.'));
} else {
return array('errors' => mysql_error());
return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
}
$errors = $output = '';
$picture_id = intval($picture_id);
$value = mysql_real_escape_string(trim($value));
$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($value));
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET $field = '$value' WHERE id='$picture_id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected picture.'));
} else {
$query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."albums WHERE `id` = '".$to_album."'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
if (!is_array($row)) {
return array('errors' => sprintf(plog_tr('There is no album with id %s.'), '<strong>'.$to_album.'</strong>'));
// Update database
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
path = '".mysql_real_escape_string($picture_path)."',
path = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$picture_path)."',
parent_album = '".$to_album."',
parent_collection = '".$new_collection."'
WHERE id = '".$pic_id."'";
if (!mysql_query($sql)) {
return array('errors' => mysql_error());
if (!mysqli_query($GLOBALS["PLOGGER_DBH"],$sql)) {
return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
return array('output' => plog_tr('Success'));
}
if (!makeDirs($create_path)) {
$errors .= sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$create_path.'</strong>');
} else {
$sql_name = mysql_real_escape_string($collection_name);
$description = mysql_real_escape_string($description);
$collection_folder = mysql_real_escape_string($collection_folder);
$sql_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$collection_name);
$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
$collection_folder = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$collection_folder);
$query = "INSERT INTO ".PLOGGER_TABLE_PREFIX."collections (`name`,`description`,`path`) VALUES ('$sql_name', '$description', '$collection_folder')";
$result = run_query($query);
$id = mysql_insert_id();
$id = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);
$output .= sprintf(plog_tr('You have successfully created the collection %s.'), '<strong>'.$collection_name.'</strong>');
}
$collection_id = intval($collection_id);
$thumbnail_id = intval($thumbnail_id);
$name = mysql_real_escape_string($name);
$description = mysql_real_escape_string($description);
$name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$name);
$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
// Rename the directory
// First, get the collection name of our source collection
WHERE c.id = '$collection_id'";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$source_collection_name = SmartStripSlashes($row['collection_path']);
$source_path = $config['basedir'].'plog-content/images/'.$source_collection_name;
}
}
$target_name = mysql_real_escape_string($target_name);
$target_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_name);
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET name = '$name', path = '$target_name', description = '$description', thumbnail_id = '$thumbnail_id' WHERE id='$collection_id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if (!$result) {
return array('errors' => mysql_error());
return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
$output = plog_tr('You have successfully modified the selected collection.');
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$filename = basename($row['path']);
$album_path = $row['album_path'];
$new_path = mysql_real_escape_string(SmartStripSlashes($target_name.'/'.$album_path.'/'.$filename));
$new_path = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($target_name.'/'.$album_path.'/'.$filename));
// Update database
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '$new_path' WHERE id = '$row[id]'";
mysql_query($sql) or ($output .= mysql_error());
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($output .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
return array(
$errors = $output = '';
$collection_id = intval($collection_id);
$value = mysql_real_escape_string(trim($value));
$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($value));
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET $field = '$value' WHERE id='$collection_id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected collection.'));
} else {
WHERE c.id = '$del_id'";
$result = run_query($sql);
$collection = mysql_fetch_assoc($result);
$collection = mysqli_fetch_assoc($result);
if (!$collection) {
return array('errors' => plog_tr('No such collection.'));
// First delete all albums registered with this album
$sql = 'SELECT * FROM '.PLOGGER_TABLE_PREFIX.'albums WHERE parent_id = '.$collection['collection_id'];
$result = run_query($sql);
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
delete_album($row['id']);
}
$query = "SELECT c.path as collection_path FROM ". PLOGGER_TABLE_PREFIX."collections c WHERE id = '$pid'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
// This shouldn't happen
if (empty($row)) {
if (!makeDirs($create_path)) {
$errors .= sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$path.'</strong>');
} else {
$sql_name = mysql_real_escape_string($album_name);
$description = mysql_real_escape_string($description);
$album_folder = mysql_real_escape_string($album_folder);
$sql_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$album_name);
$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
$album_folder = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$album_folder);
$query = "INSERT INTO ".PLOGGER_TABLE_PREFIX."albums (`name`,`description`,`parent_id`,`path`) VALUES ('$sql_name', '$description', '$pid', '$album_folder')";
$result = run_query($query);
$id = mysql_insert_id();
$id = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);
$output .= sprintf(plog_tr('You have successfully created the album %s.'), '<strong>'.$album_name.'</strong>');
}
$album_id = intval($album_id);
$thumbnail_id = intval($thumbnail_id);
$name = mysql_real_escape_string(SmartStripSlashes(trim($name)));
$description = mysql_real_escape_string(SmartStripSlashes($description));
$name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes(trim($name)));
$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($description));
if (empty($name)) {
return array('errors' => plog_tr('Please enter a valid name for the album.'));
}
WHERE c.id = a.parent_id AND a.id = ".$album_id;
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$source_album_name = SmartStripSlashes($row['album_path']);
$source_collection_name = SmartStripSlashes($row['collection_path']);
}
}
$target_name = mysql_real_escape_string($target_name);
$target_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_name);
// Proceed only if rename succeeded
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET
path = '$target_name'
WHERE id='$album_id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if (!$result) {
return array('errors' => mysql_error());
return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
$output .= plog_tr('You have successfully modified the selected album.');
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$filename = basename($row['path']);
$new_path = mysql_real_escape_string(SmartStripSlashes($source_collection_name.'/'.$target_name.'/'.$filename));
$new_path = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($source_collection_name.'/'.$target_name.'/'.$filename));
// Update database
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '$new_path' WHERE id = '$row[id]'";
mysql_query($sql) or ($errors .= mysql_error());
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($errors .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
return array(
return array('errors' => plog_tr('Invalid action'));
}
$value = mysql_real_escape_string(trim(SmartStripSlashes($value)));
$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim(SmartStripSlashes($value)));
$errors = $output = '';
$album_id = intval($album_id);
$field = '$value'
WHERE id='$album_id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected album.'));
WHERE c.id = a.parent_id AND a.id = '$album_id'";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$source_album_name = SmartStripSlashes($row['album_path']);
$source_collection_name = SmartStripSlashes($row['collection_path']);
$sql = "SELECT c.path as collection_path FROM ".PLOGGER_TABLE_PREFIX."collections c WHERE c.id = '$to_collection'";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$target_collection_name = SmartStripSlashes($row['collection_path']);
$source_path = $config['basedir'].'plog-content/images/'.$source_collection_name.'/'.$source_album_name.'/';
$result = run_query($sql);
$pic_ids = array();
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$filename = SmartStripSlashes(basename($row['path']));
$pic_ids[] = $row['picture_id'];
$old_path = $source_path.$filename;
@chmod($new_path, PLOGGER_CHMOD_FILE);
}
$path_insert = mysql_real_escape_string($target_collection_name.'/'.$source_album_name.'/'.$filename);
$path_insert = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_collection_name.'/'.$source_album_name.'/'.$filename);
$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
parent_collection = '$to_collection',
path = '$path_insert'
WHERE id = '$row[picture_id]'";
mysql_query($sql) or ($res['errors'] .= mysql_error());
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($res['errors'] .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
// Check if collection thumbnail = picture moved to different collection and set to default if so
WHERE c.id = a.parent_id AND a.id = '$del_id'";
$result = run_query($sql);
$album = mysql_fetch_assoc($result);
$album = mysqli_fetch_assoc($result);
if (!$album) {
return array('errors' => plog_tr('No such album'));
// First delete all pictures registered with this album
$sql = 'SELECT * FROM '.PLOGGER_TABLE_PREFIX.'pictures WHERE parent_album = '.$album['album_id'];
$result = run_query($sql);
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
delete_picture($row['id']);
}
function update_comment($id, $author, $email, $url, $comment) {
$id = intval($id);
$author = mysql_real_escape_string($author);
$email = mysql_real_escape_string($email);
$url = mysql_real_escape_string($url);
$comment = mysql_real_escape_string(trim($comment));
$author = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$author);
$email = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$email);
$url = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$url);
$comment = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($comment));
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."comments SET author = '$author', comment = '$comment', url = '$url', email = '$email' WHERE id='$id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected comment.'));
} else {
}
$id = intval($id);
$value = mysql_real_escape_string($value);
$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$value);
$query = "UPDATE ".PLOGGER_TABLE_PREFIX."comments SET $field = '$value' WHERE id='$id'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if ($result) {
return array('output' => plog_tr('You have successfully modified the selected comment.'));
} else {
$numquery = "SELECT COUNT(*) AS `num_albums` FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE parent_id = '$parent_id'";
$numresult = run_query($numquery);
$num_albums = mysql_result($numresult, 0, 'num_albums');
$num_albums = mysqli_result($numresult, 0, 'num_albums');
return $num_albums;
}
$numquery = "SELECT COUNT(*) AS `num_collections` FROM `".PLOGGER_TABLE_PREFIX."collections`";
$numresult = run_query($numquery);
$num_albums = mysql_result($numresult, 0, 'num_collections');
$num_albums = mysqli_result($numresult, 0, 'num_collections');
return $num_albums;
}
$numquery = "SELECT COUNT(*) AS `num_pics` FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE parent_album = '$parent_id'";
$numresult = run_query($numquery);
$num_pics = mysql_result($numresult, 0, 'num_pics');
$num_pics = mysqli_result($numresult, 0, 'num_pics');
return $num_pics;
}
}
$numresult = run_query($numquery);
$num_comments = mysql_result($numresult, 0, 'num_comments');
$num_comments = mysqli_result($numresult, 0, 'num_comments');
return $num_comments;
}
$comment_id = intval($comment_id);
$sql = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."comments c WHERE c.id = '$comment_id'";
$result = run_query($sql);
$comment = mysql_fetch_assoc($result);
$comment = mysqli_fetch_assoc($result);
if (!is_array($comment)) {
// XXX: return an error message instead
return false;
ORDER BY a.name, p.date_submitted";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$selected = ($row['id'] == $collection['thumbnail_id']) ? ' selected="selected"' : '';
$style = 'class="thumboption" style="padding-left: '.($thumbnail_config[THUMB_SMALL]['size'] + 5).'px; background-image: url('.generate_thumb(SmartStripSlashes($row['path']), $row['id']).');"';
$sql = "SELECT id, caption, path FROM ".PLOGGER_TABLE_PREFIX."pictures p WHERE p.parent_album = '".$album_id."'";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$selected = ($row['id'] == $album['thumbnail_id']) ? ' selected="selected"' : '';
$style = 'class="thumboption" style="padding-left: '.($thumbnail_config[THUMB_SMALL]['size'] + 5).'px; background-image: url('.generate_thumb(SmartStripSlashes($row['path']), $row['id']).');"';
$images .= "\n\t\t\t\t" . '<option '.$style.' value="'.$row['id'].'"'.$selected.'>';
$server_data .= "\n\t\t\t" . '<strong>'.plog_tr('Server Software').':</strong> '.$software_type.'/'.$software_version.' '.$software_distro.'<br />
<strong>'.plog_tr('PHP Version').':</strong> '.phpversion().' ('.strtoupper(php_sapi_name()).')<br />
<strong>'.plog_tr('MySQL Version').':</strong> '.mysql_get_server_info().'<br />
<strong>'.plog_tr('MySQL Version').':</strong> '.mysqli_get_server_info($GLOBALS["PLOGGER_DBH"]).'<br />
<strong>'.plog_tr('GD Version').':</strong>';
/* Thanks to the Pixelpost Crew for the gd_info code below */
plog-admin/plog-feedback.php
9191
9292
9393
94
95
94
95
9696
9797
9898
99
99
100100
101101
102102
......
118118
119119
120120
121
121
122122
123123
124124
125
125
126126
127127
128128
......
138138
139139
140140
141
141
142142
143143
144144
......
162162
163163
164164
165
165
166166
167167
168168
......
270270
271271
272272
273
273
// Let's generate the pagination menu as well
$recordCount = "SELECT count(*) AS num_comments FROM ".PLOGGER_TABLE_PREFIX."comments WHERE `approved` = 1";
$totalRowsResult = mysql_query($recordCount);
$num_comments = mysql_result($totalRowsResult, 0, 'num_comments');
$totalRowsResult = mysqli_query($GLOBALS["PLOGGER_DBH"],$recordCount);
$num_comments = mysqli_result($totalRowsResult, 0, 'num_comments');
$query = "SELECT count(*) AS in_moderation FROM ".PLOGGER_TABLE_PREFIX."comments WHERE `approved` = 0";
$mod_result = run_query($query);
$num_comments_im = mysql_result($mod_result, 0, 'in_moderation');
$num_comments_im = mysqli_result($mod_result, 0, 'in_moderation');
// Filter based on whether were looking at approved comments or unmoderated comments
if (isset($_REQUEST['moderate']) && $_REQUEST['moderate'] == 1) {
// Generate javascript init function for ajax editing
$query = "SELECT *, UNIX_TIMESTAMP(`date`) AS `date` from ".PLOGGER_TABLE_PREFIX."comments WHERE `approved` = ".$approved." ORDER BY `id` DESC ".$limit;
$result = run_query($query);
if (mysql_num_rows($result) > 0) {
if (mysqli_num_rows($result) > 0) {
$output .= "\n\t\t" . '<script type="text/javascript">';
$output .= "\n\t\t\t" . 'Event.observe(window, \'load\', init, false);';
$output .= "\n\t\t\t" . 'function init() {' . "\n";
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$output .= "\t\t\t\tmakeEditable('comment-comment-".$row['id']."');
makeEditable('comment-author-".$row['id']."');
makeEditable('comment-url-".$row['id']."');
$empty = 0;
if ($result) {
if (mysql_num_rows($result) == 0) {
if (mysqli_num_rows($result) == 0) {
if ($approved) {
$output .= "\n\t\t" . '<p class="stats-info">'.plog_tr('You have no comments on your gallery').'.</p>';
} else {
$output .= $pagination_menu;
}
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
// If we're on our first iteration, dump the header
if ($counter == 0) {
if ($approved) {
display($output, 'feedback');
?>
?>
plog-admin/plog-import.php
7777
7878
7979
80
80
8181
8282
8383
......
125125
126126
127127
128
128
129129
130130
131131
......
346346
347347
348348
349
349
350350
351
351
352352
353353
354
354
355355
356356
357357
// Get the collection name for display
$sql = "SELECT `name` FROM ".PLOGGER_TABLE_PREFIX."collections WHERE id = ".intval($_REQUEST['collections_menu']);
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$output .= "\n\t" . '<p class="actions">'.sprintf(plog_tr('Album already exists. Uploading file to existing album %s in collection %s'), '<strong>'.$_REQUEST['new_album_name'].'</strong>', '<strong>'.$row['name'].'</strong>').'</p>' . "\n";
} else {
// Error has nothing to do with an existing album, show the returned error
// Get album name for display
$sql = "SELECT name FROM ".PLOGGER_TABLE_PREFIX."albums WHERE id = $album_id";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$output .= "\n\t" . '<h1>'.plog_tr('Import').'</h1>';
// Check if album exists
if (is_null($album_name)) // file is only one level deep, assume folder name is album name
$sql = "SELECT id FROM ".PLOGGER_TABLE_PREFIX."albums WHERE name = '".mysql_real_escape_string($collection_name)."'";
$sql = "SELECT id FROM ".PLOGGER_TABLE_PREFIX."albums WHERE name = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$collection_name)."'";
else
$sql = "SELECT id FROM ".PLOGGER_TABLE_PREFIX."albums WHERE name = '".mysql_real_escape_string($album_name)."'";
$sql = "SELECT id FROM ".PLOGGER_TABLE_PREFIX."albums WHERE name = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$album_name)."'";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$new_album_name = '';
if(!isset($row['id'])) { // Album doesn't exist, place in new album box
plog-admin/plog-manage.php
6464
6565
6666
67
67
6868
6969
7070
......
7272
7373
7474
75
75
7676
7777
7878
7979
8080
81
81
8282
8383
8484
......
307307
308308
309309
310
311
310
311
312312
313313
314314
case 'comments':
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `id`='".$id."'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$picture_link = '<strong>'.SmartStripSlashes(basename($row['path'])).'</strong>';
$album_id = $row['parent_album'];
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE `id`='".$album_id."'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$album_link = '<a href="'.$_SERVER['PHP_SELF'].'?level=pictures&amp;id='.$album_id.'">'.SmartStripSlashes($row['name']).'</a>';
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."collections` WHERE `id`='".$collection_id."'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$collection_link = '<a href="'.$_SERVER['PHP_SELF'].'?level=albums&amp;id='.$collection_id.'">'.SmartStripSlashes($row['name']).'</a>';
// Let's generate the pagination menu as well
$recordCount = "SELECT COUNT(*) AS num_items FROM ".PLOGGER_TABLE_PREFIX."$level $cond";
$totalRowsResult = mysql_query($recordCount);
$totalRows = mysql_result($totalRowsResult, 0, 'num_items');
$totalRowsResult = mysqli_query($GLOBALS["PLOGGER_DBH"],$recordCount);
$totalRows = mysqli_result($totalRowsResult, 0, 'num_items');
$pagination_menu = "\n\t\t" . '<div class="entries-page">'.generate_pagination_view_menu().'
</div><!-- /entries-page -->
plog-admin/plog-options.php
3333
3434
3535
36
36
3737
3838
3939
4040
4141
42
43
44
45
46
47
42
43
44
45
46
47
4848
4949
50
51
52
50
51
52
5353
5454
5555
56
57
56
57
5858
5959
6060
6161
6262
6363
64
64
6565
6666
6767
// Update general settings
$query = "UPDATE `".PLOGGER_TABLE_PREFIX."config` SET
`truncate`= '".intval($_POST['truncate'])."',
`feed_title`= '".mysql_real_escape_string($_POST['feed_title'])."',
`feed_title`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['feed_title'])."',
`feed_content` = '".intval($_POST['rss_content'])."',
`feed_num_entries`= '".intval($_POST['feed_num_entries'])."',
`allow_dl`= '".intval($allow_dl)."',
`allow_comments`= '".intval($allow_comments)."',
`allow_print`= '".intval($allow_print)."',
`default_sortby`= '".mysql_real_escape_string($_POST['default_sortby'])."',
`default_sortdir`= '".mysql_real_escape_string($_POST['default_sortdir'])."',
`album_sortby`= '".mysql_real_escape_string($_POST['album_sortby'])."',
`album_sortdir`= '".mysql_real_escape_string($_POST['album_sortdir'])."',
`collection_sortby`= '".mysql_real_escape_string($_POST['collection_sortby'])."',
`collection_sortdir`= '".mysql_real_escape_string($_POST['collection_sortdir'])."',
`default_sortby`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['default_sortby'])."',
`default_sortdir`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['default_sortdir'])."',
`album_sortby`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['album_sortby'])."',
`album_sortdir`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['album_sortdir'])."',
`collection_sortby`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['collection_sortby'])."',
`collection_sortdir`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['collection_sortdir'])."',
`thumb_num`= '".intval($_POST['thumb_num'])."',
`compression`= '".intval($_POST['image_quality'])."',
`admin_username`= '".mysql_real_escape_string($_POST['admin_username'])."',
`admin_email`= '".mysql_real_escape_string($_POST['admin_email'])."',
`date_format`= '".mysql_real_escape_string($_POST['date_format'])."',
`admin_username`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['admin_username'])."',
`admin_email`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['admin_email'])."',
`date_format`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['date_format'])."',
`use_mod_rewrite`= '".intval($use_mod_rewrite)."',
`comments_notify`= '".intval($comments_notify)."',
`comments_moderate`= '".intval($comments_moderate)."',
`gallery_url`= '".mysql_real_escape_string($_POST['gallery_url'])."',
`gallery_name`= '".mysql_real_escape_string($_POST['gallery_name'])."',
`gallery_url`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['gallery_url'])."',
`gallery_name`= '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_POST['gallery_name'])."',
`thumb_nav_range`= '".intval($_POST['thumb_nav_range'])."',
`allow_fullpic`= '".intval($allow_fullpic)."'";
// Update password if set and passwords match
if (trim($_POST['admin_password']) != '') {
if (trim($_POST['admin_password']) == trim($_POST['confirm_admin_password'])) {
$query .= ", `admin_password`= '".md5(mysql_real_escape_string(trim($_POST['admin_password'])))."'";
$query .= ", `admin_password`= '".md5(mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($_POST['admin_password'])))."'";
} else {
$error_flag = true;
$output .= '<p class="errors">'.plog_tr('The passwords you entered did not match').'.</p>';
plog-admin/plog-themes.php
4747
4848
4949
50
50
5151
5252
5353
include($metafile);
$sql = 'UPDATE '.PLOGGER_TABLE_PREFIX.'config SET `theme_dir` = \''.$new_theme_dir.'\'';
$name = $theme_name.' '.$version;
if (mysql_query($sql)) {
if (mysqli_query($GLOBALS["PLOGGER_DBH"],$sql)) {
$output .= "\n\n\t\t" . '<p class="success">'.sprintf(plog_tr('Activated new theme %s'), '<strong>'.$name.'</strong>').'</p>';
} else {
$output .= "\n\n\t\t" . '<p class="errors">'.plog_tr('Error activating theme').'!</p>';
plog-admin/plog-upload.php
113113
114114
115115
116
116
117117
118118
119119
......
126126
127127
128128
129
129
130130
131131
132132
} else {
if ($_REQUEST['destination_radio'] == 'new') {
// Create the new album
$result = add_album(mysql_real_escape_string($_REQUEST['new_album_name']), NULL, $_REQUEST['collections_menu']);
$result = add_album(mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$_REQUEST['new_album_name']), NULL, $_REQUEST['collections_menu']);
if (!$result['errors']) {
// No errors, add uploaded image to new album
$album_id = $result['id'];
// Get the collection name for display
$sql = "SELECT `name` FROM ".PLOGGER_TABLE_PREFIX."collections WHERE id = ".intval($_REQUEST['collections_menu']);
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$output .= "\n\t" . '<p class="actions">'.sprintf(plog_tr('Album already exists. Uploading file to existing album %s in collection %s'), '<strong>'.$_REQUEST['new_album_name'].'</strong>', '<strong>'.$row['name'].'</strong>').'</p>' . "\n";
} else {
// Error has nothing to do with an existing album, show the returned error
plog-content/plugins/latest-comments/latest-comments.php
4949
5050
5151
52
52
5353
5454
5555
56
56
5757
5858
5959
6060
6161
62
62
6363
6464
6565
......
8686
8787
8888
89
89
/* The database query to pull the latest comments from the database */
$plog_lc_query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."comments WHERE `approved` = 1 ORDER BY `id` DESC LIMIT $plog_lc_amount";
$plog_lc_result = mysql_query($plog_lc_query) or die ("Could not execute query: $plog_lc_query." .mysql_error());
$plog_lc_result = mysqli_query($GLOBALS["PLOGGER_DBH"],$plog_lc_query) or die ("Could not execute query: $plog_lc_query." .mysqli_error($GLOBALS["PLOGGER_DBH"]));
/* Start html output */
if (mysql_num_rows($plog_lc_result) > 0) {
if (mysqli_num_rows($plog_lc_result) > 0) {
echo "\n\t" . '<ul class="latest-comments">';
$config['baseurl'] = $plog_lc_site_url;
/* The latest comments loop */
while ($row = mysql_fetch_array($plog_lc_result)) {
while ($row = mysqli_fetch_array($plog_lc_result)) {
$id = $row['id'];
$parent_id = $row['parent_id'];
$author = $row['author'];
echo "\n\t" . '<p>'.plog_tr('No comments yet').'</p>' . "\n";
}
?>
?>
plog-content/plugins/latest-images/latest-images.php
5050
5151
5252
53
53
5454
5555
5656
5757
58
58
5959
6060
6161
/* The database query to pull the latest images from a specific collection. Uncomment and change the X to the ID of the desired collection. */
//$plog_latest_images_query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."pictures WHERE `parent_collection` = X ORDER BY `id` DESC LIMIT $plog_latest_images_amount";
$plog_latest_images_result = mysql_query($plog_latest_images_query) or die ("Could not execute query: $plog_latest_images_query." .mysql_error());
$plog_latest_images_result = mysqli_query($GLOBALS["PLOGGER_DBH"],$plog_latest_images_query) or die ("Could not execute query: $plog_latest_images_query." .mysqli_error($GLOBALS["PLOGGER_DBH"]));
$config['baseurl'] = $plog_latest_images_site_url;
/* The loop */
while ($row = mysql_fetch_array($plog_latest_images_result)) {
while ($row = mysqli_fetch_array($plog_latest_images_result)) {
$id = $row['id'];
$path = $row['path'];
$caption = SmartStripSlashes($row['caption']);
plog-content/plugins/random-images/random-images.php
5050
5151
5252
53
53
5454
5555
5656
5757
58
58
5959
6060
6161
/* The database query to pull random images from a specific collection. Uncomment and change the X to the ID of the desired collection. */
//$plog_random_images_query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."pictures WHERE `parent_collection` = X ORDER BY RAND() LIMIT $plog_random_images_amount";
$plog_random_images_result = mysql_query($plog_random_images_query) or die ("Could not execute query: $plog_random_images_query." .mysql_error());
$plog_random_images_result = mysqli_query($GLOBALS["PLOGGER_DBH"],$plog_random_images_query) or die ("Could not execute query: $plog_random_images_query." .mysqli_error($GLOBALS["PLOGGER_DBH"]));
$config['baseurl'] = $plog_random_images_site_url;
/* The loop */
while ($row = mysql_fetch_array($plog_random_images_result)) {
while ($row = mysqli_fetch_array($plog_random_images_result)) {
$id = $row['id'];
$path = $row['path'];
$caption = SmartStripSlashes($row['caption']);
plog-content/themes/air/theme_functions.php
44
55
66
7
7
88
99
1010
......
1212
1313
1414
15
15
1616
1717
1818
......
2020
2121
2222
23
23
2424
2525
2626
......
2828
2929
3030
31
31
3232
3333
3434
function plogger_stats_count_total_collections() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."collections`";
$result = run_query($query);
$num_collections = mysql_result($result, 0, 'n');
$num_collections = mysqli_result($result, 0, 'n');
echo $num_collections . ' ';
echo ($num_collections == 1) ? plog_tr('collection') : plog_tr('collections');
}
function plogger_stats_count_total_albums() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."albums`";
$result = run_query($query);
$num_albums = mysql_result($result, 0, 'n');
$num_albums = mysqli_result($result, 0, 'n');
echo $num_albums . ' ';
echo ($num_albums == 1) ? plog_tr('album') : plog_tr('albums');
}
function plogger_stats_count_total_pictures() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."pictures`";
$result = run_query($query);
$num_pictures = mysql_result($result, 0, 'n');
$num_pictures = mysqli_result($result, 0, 'n');
echo $num_pictures . ' ';
echo ($num_pictures == 1) ? plog_tr('image') : plog_tr('images');
}
function plogger_stats_count_total_comments() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."comments` WHERE approved = 1";
$result = run_query($query);
$num_comments = mysql_result($result, 0, 'n');
$num_comments = mysqli_result($result, 0, 'n');
echo $num_comments . ' ';
echo ($num_comments == 1) ? plog_tr('comment') : plog_tr('comments');
}
plog-content/themes/default/album.php
3232
3333
3434
35
35
<?php endif; ?>
</div><!-- /thumbnail-container -->
<?php plogger_get_footer(); ?>
<?php plogger_get_footer(); ?>
plog-content/themes/default/collection.php
2929
3030
3131
32
32
<?php endif; ?>
</div><!-- /thumbnail-container -->
<?php plogger_get_footer(); ?>
<?php plogger_get_footer(); ?>
plog-content/themes/default/collections.php
2929
3030
3131
32
32
<?php endif; ?>
</div><!-- /thumbnail-container -->
<?php plogger_get_footer(); ?>
<?php plogger_get_footer(); ?>
plog-content/themes/default/theme_functions.php
44
55
66
7
7
88
99
1010
......
1212
1313
1414
15
15
1616
1717
1818
......
2020
2121
2222
23
23
2424
2525
2626
......
2828
2929
3030
31
31
3232
3333
3434
function plogger_stats_count_total_collections() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."collections`";
$result = run_query($query);
$num_collections = mysql_result($result, 0, 'n');
$num_collections = mysqli_result($result, 0, 'n');
echo $num_collections . ' ';
echo ($num_collections == 1) ? plog_tr('collection') : plog_tr('collections');
}
function plogger_stats_count_total_albums() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."albums`";
$result = run_query($query);
$num_albums = mysql_result($result, 0, 'n');
$num_albums = mysqli_result($result, 0, 'n');
echo $num_albums . ' ';
echo ($num_albums == 1) ? plog_tr('album') : plog_tr('albums');
}
function plogger_stats_count_total_pictures() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."pictures`";
$result = run_query($query);
$num_pictures = mysql_result($result, 0, 'n');
$num_pictures = mysqli_result($result, 0, 'n');
echo $num_pictures . ' ';
echo ($num_pictures == 1) ? plog_tr('image') : plog_tr('images');
}
function plogger_stats_count_total_comments() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."comments` WHERE approved = 1";
$result = run_query($query);
$num_comments = mysql_result($result, 0, 'n');
$num_comments = mysqli_result($result, 0, 'n');
echo $num_comments . ' ';
echo ($num_comments == 1) ? plog_tr('comment') : plog_tr('comments');
}
plog-content/themes/lucid/theme_functions.php
44
55
66
7
7
88
99
1010
......
1212
1313
1414
15
15
1616
1717
1818
......
2020
2121
2222
23
23
2424
2525
2626
......
2828
2929
3030
31
31
3232
3333
3434
function plogger_stats_count_total_collections() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."collections`";
$result = run_query($query);
$num_collections = mysql_result($result, 0, 'n');
$num_collections = mysqli_result($result, 0, 'n');
echo $num_collections . ' ';
echo ($num_collections == 1) ? plog_tr('collection') : plog_tr('collections');
}
function plogger_stats_count_total_albums() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."albums`";
$result = run_query($query);
$num_albums = mysql_result($result, 0, 'n');
$num_albums = mysqli_result($result, 0, 'n');
echo $num_albums . ' ';
echo ($num_albums == 1) ? plog_tr('album') : plog_tr('albums');
}
function plogger_stats_count_total_pictures() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."pictures`";
$result = run_query($query);
$num_pictures = mysql_result($result, 0, 'n');
$num_pictures = mysqli_result($result, 0, 'n');
echo $num_pictures . ' ';
echo ($num_pictures == 1) ? plog_tr('image') : plog_tr('images');
}
function plogger_stats_count_total_comments() {
$query = "SELECT COUNT(*) AS `n` FROM `".PLOGGER_TABLE_PREFIX."comments` WHERE approved = 1";
$result = run_query($query);
$num_comments = mysql_result($result, 0, 'n');
$num_comments = mysqli_result($result, 0, 'n');
echo $num_comments . ' ';
echo ($num_comments == 1) ? plog_tr('comment') : plog_tr('comments');
}
plog-download.php
234234
235235
236236
237
237
238238
239239
240240
241241
242242
243
243
244244
245245
246246
......
262262
263263
264264
265
265
266266
267267
268268
269269
270270
271
271
272272
273273
274274
......
290290
291291
292292
293
293
294294
295295
296296
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."collections` WHERE `id`='".intval($cid)."'";
$result = run_query($query);
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE `parent_id`='".$row['id']."'";
$newresult = run_query($query);
$newchecked = array();
while ($newrow = mysql_fetch_assoc($newresult)) {
while ($newrow = mysqli_fetch_assoc($newresult)) {
$newchecked[] = $newrow['id'];
}
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE `id`='".intval($aid)."'";
$result = run_query($query);
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `parent_album`='".$row['id']."'";
$newresult = run_query($query);
$newchecked = array();
while ($newrow = mysql_fetch_assoc($newresult)) {
while ($newrow = mysqli_fetch_assoc($newresult)) {
$newchecked[] = $newrow['id'];
}
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `id`='".intval($pid)."'";
$result = run_query($query);
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$file_contents = file_get_contents('plog-content/images/'.$row['path'], true);
$zipfile -> add_file($file_contents, $row['path']);
plog-includes/lib/phpthumb/phpThumb.php
168168
169169
170170
171
172
173
174
171
172
173
174
175175
176
177
176
177
178178
179179
180180
181181
182
183
182
183
184184
185185
186186
187
188
187
188
189189
190190
191
192
191
192
193193
194194
195195
......
537537
538538
539539
540
540
}
if ($phpThumb->config_mysql_query) {
if ($cid = @mysql_connect($phpThumb->config_mysql_hostname, $phpThumb->config_mysql_username, $phpThumb->config_mysql_password)) {
if (@mysql_select_db($phpThumb->config_mysql_database, $cid)) {
if ($result = @mysql_query($phpThumb->config_mysql_query, $cid)) {
if ($row = @mysql_fetch_array($result)) {
if ($cid = @mysqli_connect($phpThumb->config_mysql_hostname, $phpThumb->config_mysql_username, $phpThumb->config_mysql_password)) {
if (@mysqli_select_db($GLOBALS["PLOGGER_DBH"],$phpThumb->config_mysql_database, $cid)) {
if ($result = @mysqli_query($GLOBALS["PLOGGER_DBH"],$phpThumb->config_mysql_query, $cid)) {
if ($row = @mysqli_fetch_array($result)) {
mysql_free_result($result);
mysql_close($cid);
mysqli_free_result($GLOBALS["PLOGGER_DBH"],$result);
mysqli_close($cid);
$phpThumb->setSourceData($row[0]);
unset($row);
} else {
mysql_free_result($result);
mysql_close($cid);
mysqli_free_result($GLOBALS["PLOGGER_DBH"],$result);
mysqli_close($cid);
$phpThumb->ErrorImage('no matching data in database.');
}
} else {
mysql_close($cid);
$phpThumb->ErrorImage('Error in MySQL query: "'.mysql_error($cid).'"');
mysqli_close($cid);
$phpThumb->ErrorImage('Error in MySQL query: "'.mysqli_error($cid).'"');
}
} else {
mysql_close($cid);
$phpThumb->ErrorImage('cannot select MySQL database: "'.mysql_error($cid).'"');
mysqli_close($cid);
$phpThumb->ErrorImage('cannot select MySQL database: "'.mysqli_error($cid).'"');
}
} else {
$phpThumb->ErrorImage('cannot connect to MySQL server');
$phpThumb->OutputThumbnail();
?>
?>
plog-includes/plog-functions.php
55
66
77
8
9
10
11
12
13
14
15
16
17
18
19
820
921
1022
......
199211
200212
201213
202
214
203215
204216
205217
......
216228
217229
218230
219
231
220232
221233
222234
......
239251
240252
241253
242
243
254
255
244256
245257
246258
......
482494
483495
484496
485
497
486498
487499
488500
489
490
501
502
491503
492504
493505
......
497509
498510
499511
500
512
501513
502
514
503515
504516
505
506
507
517
518
519
508520
521
509522
510523
511524
......
513526
514527
515528
516
529
517530
518
531
519532
520
533
521534
522535
523536
524
537
525538
526539
527540
......
531544
532545
533546
534
547
535548
536549
537550
......
543556
544557
545558
546
547
559
560
548561
549562
550563
551
564
552565
553566
554567
......
566579
567580
568581
569
582
570583
571584
572585
......
742755
743756
744757
745
758
746759
747760
748761
......
777790
778791
779792
780
793
781794
782
795
783796
784797
785798
786
787
799
800
788801
789802
790803
......
824837
825838
826839
827
840
828841
829842
830843
......
836849
837850
838851
839
840
852
853
841854
842855
843856
......
860873
861874
862875
863
864
876
877
865878
866879
867880
......
871884
872885
873886
874
875
887
888
876889
877890
878891
......
886899
887900
888901
889
902
890903
891904
892
893
905
906
894907
895908
896909
......
900913
901914
902915
903
904
916
917
905918
906919
907920
......
920933
921934
922935
923
936
924937
925938
926
939
927940
928941
929942
......
933946
934947
935948
936
937
949
950
938951
939952
940953
......
946959
947960
948961
949
962
950963
951
952
964
965
953966
954967
955968
......
10081021
10091022
10101023
1011
1024
10121025
10131026
10141027
......
10171030
10181031
10191032
1020
1021
1033
1034
10221035
10231036
10241037
......
10611074
10621075
10631076
1064
1077
10651078
10661079
10671080
......
10701083
10711084
10721085
1073
1074
1086
1087
10751088
10761089
10771090
......
11121125
11131126
11141127
1115
1128
11161129
11171130
11181131
......
11411154
11421155
11431156
1144
1157
11451158
11461159
11471160
......
11511164
11521165
11531166
1154
1167
11551168
11561169
11571170
......
11701183
11711184
11721185
1173
1186
11741187
11751188
11761189
......
11801193
11811194
11821195
1183
1196
11841197
11851198
11861199
......
12141227
12151228
12161229
1217
1230
12181231
12191232
12201233
......
12311244
12321245
12331246
1234
1247
12351248
12361249
12371250
......
14041417
14051418
14061419
1407
14081420
14091421
14101422
14111423
1412
1424
14131425
14141426
14151427
......
14201432
14211433
14221434
1423
1435
14241436
14251437
14261438
......
15071519
15081520
15091521
1510
1511
1512
1513
1514
1522
1523
1524
1525
1526
15151527
15161528
15171529
......
15451557
15461558
15471559
1548
1560
15491561
15501562
1551
1563
15521564
15531565
15541566
......
15891601
15901602
15911603
1592
1604
15931605
15941606
15951607
......
15981610
15991611
16001612
1601
1613
16021614
16031615
16041616
......
17091721
17101722
17111723
1712
1724
17131725
17141726
17151727
......
17681780
17691781
17701782
1771
1783
17721784
17731785
17741786
......
17821794
17831795
17841796
1785
1797
17861798
17871799
17881800
......
18181830
18191831
18201832
1821
1833
18221834
18231835
18241836
......
18601872
18611873
18621874
1863
1875
18641876
18651877
18661878
......
19291941
19301942
19311943
1932
1944
19331945
19341946
19351947
......
19611973
19621974
19631975
1964
1976
19651977
19661978
19671979
......
19982010
19992011
20002012
2001
2013
20022014
20032015
20042016
......
20072019
20082020
20092021
2010
2022
20112023
20122024
20132025
......
20162028
20172029
20182030
2019
2031
20202032
20212033
20222034
......
20312043
20322044
20332045
2034
2046
20352047
20362048
20372049
......
20502062
20512063
20522064
2053
2065
20542066
20552067
20562068
......
20822094
20832095
20842096
2085
2097
20862098
20872099
20882100
......
21002112
21012113
21022114
2103
2115
21042116
21052117
21062118
......
21132125
21142126
21152127
2116
2128
21172129
21182130
21192131
......
21532165
21542166
21552167
2156
2168
21572169
21582170
21592171
......
23772389
23782390
23792391
2380
2392
23812393
23822394
23832395
......
23882400
23892401
23902402
2391
2403
23922404
23932405
23942406
......
26472659
26482660
26492661
2650
2662
26512663
26522664
26532665
......
28022814
28032815
28042816
2805
2817
28062818
28072819
28082820
......
28302842
28312843
28322844
2833
2845
28342846
28352847
28362848
......
28792891
28802892
28812893
2882
2894
28832895
28842896
28852897
......
28872899
28882900
28892901
2890
2902
28912903
28922904
28932905
......
29142926
29152927
29162928
2917
2929
29182930
29192931
29202932
......
29282940
29292941
29302942
2931
2943
29322944
29332945
29342946
......
30123024
30133025
30143026
3015
3027
30163028
30173029
30183030
30193031
30203032
3021
3033
exit();
}
function mysqli_result($res,$row=0,$col=0){
$numrows = mysqli_num_rows($res);
if ($numrows && $row <= ($numrows-1) && $row >=0){
mysqli_data_seek($res,$row);
$resrow = (is_numeric($col)) ? mysqli_fetch_row($res) : mysqli_fetch_assoc($res);
if (isset($resrow[$col])){
return $resrow[$col];
}
}
return false;
}
function generate_password($low = 5, $high = 8) {
$salt = md5(time().crypt('abcdefghkmnpqrstuvwxyz23456789'));
$src = preg_split('//', $salt, -1, PREG_SPLIT_NO_EMPTY);
GROUP BY `parent_album`";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$image_count[$row['parent_album']] = $row['imagecount'];
}
$last_collection = '';
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
// skip albums with no images
if (empty($image_count[$row['album_id']])) {
continue;
global $config;
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `id`=".intval($id);
$result = run_query($query);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
foreach($row as $key => $val) if (trim($row[$key]) == '') $row[$key] = '&nbsp;';
// get image size
$img = $config['basedir'].'plog-content/images/'.SmartStripSlashes($row['path']);
$mysql = check_mysql(PLOGGER_DB_HOST, PLOGGER_DB_USER, PLOGGER_DB_PW, PLOGGER_DB_NAME);
if (empty($mysql)) {
$sql = "DESCRIBE `".PLOGGER_TABLE_PREFIX."config`";
$result = mysql_query($sql);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
if ($result) {
$installed = true;
$config_sql = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."config`";
$config_result = mysql_query($config_sql);
$config = mysql_fetch_assoc($config_result);
$config_result = mysqli_query($GLOBALS["PLOGGER_DBH"],$config_sql);
$config = mysqli_fetch_assoc($config_result);
}
}
}
function check_mysql($host, $user, $pass, $database) {
$errors = array();
if (function_exists('mysql_connect')) {
$connection = @mysql_connect($host, $user, $pass);
$connection = @mysqli_connect($host, $user, $pass);
if (!$connection) {
$errors[] = plog_tr('Cannot connect to MySQL with the information provided. MySQL error: ').mysql_error();
$errors[] = plog_tr('Cannot connect to MySQL with the information provided. MySQL error: ').mysqli_error($GLOBALS["PLOGGER_DBH"]);
}
}
$select = @mysql_select_db($database);
if (!$select) {
$errors[] = sprintf(plog_tr('Cannot find the database %s. MySQL error: '), '<strong>'.$database.'</strong>').mysql_error();
$select = @mysqli_select_db($GLOBALS["PLOGGER_DBH"],$database);
if ($select === false) {
$errors[] = sprintf(plog_tr('Cannot find the database %s. MySQL error: '), '<strong>'.$database.'</strong>').mysqli_error($GLOBALS["PLOGGER_DBH"]);
}
connect_db();
return $errors;
}
global $config, $PLOGGER_DBH;
if (!isset($PLOGGER_DBH)) {
$PLOGGER_DBH = mysql_connect(PLOGGER_DB_HOST, PLOGGER_DB_USER, PLOGGER_DB_PW) or die(plog_tr('Plogger cannot connect to the database because: ').mysql_error());
$PLOGGER_DBH = mysqli_connect(PLOGGER_DB_HOST, PLOGGER_DB_USER, PLOGGER_DB_PW) or die(plog_tr('Plogger cannot connect to the database because: ').mysqli_error($GLOBALS["PLOGGER_DBH"]));
mysql_select_db(PLOGGER_DB_NAME);
mysqli_select_db($GLOBALS["PLOGGER_DBH"],PLOGGER_DB_NAME);
$mysql_version = mysql_get_server_info();
$mysql_version = mysqli_get_server_info($GLOBALS["PLOGGER_DBH"]);
$mysql_charset_support = '4.1';
if (1 == version_compare($mysql_version, $mysql_charset_support)) {
mysql_query('SET NAMES utf8');
mysqli_query($GLOBALS["PLOGGER_DBH"],'SET NAMES utf8');
}
}
global $PLOGGER_DBH;
if (isset($PLOGGER_DBH)) {
mysql_close($PLOGGER_DBH);
mysqli_close($PLOGGER_DBH);
}
}
$GLOBALS['queries'][] = $query;
}
$result = @mysql_query($query, $PLOGGER_DBH);
$result = @mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if (!$result) {
$trace = debug_backtrace();
die(mysql_error($PLOGGER_DBH).'<br /><br />' .
die(mysqli_error($PLOGGER_DBH).'<br /><br />' .
$query.'<br /><br />
In file: '.$_SERVER['PHP_SELF'].'<br /><br />
On line: '.$trace[0]['line']);
$sql = "SELECT parent_collection, parent_album FROM `".PLOGGER_TABLE_PREFIX."pictures` GROUP BY parent_collection, parent_album";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$image_collection_count[$row['parent_collection']] = 1;
$image_album_count[$row['parent_album']] = 1;
}
function check_picture_id($id) {
$sql = "SELECT `parent_album` FROM ".PLOGGER_TABLE_PREFIX."pictures WHERE `id` = ".intval($id);
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
if (mysqli_num_rows($result) > 0) {
return true;
} else {
$GLOBALS['plogger_level'] = '404';
$resultPicture = run_query($sql);
if (is_array($id) && mysql_num_rows($resultPicture) > 0) {
if (is_array($id) && mysqli_num_rows($resultPicture) > 0) {
$picdata = array();
while ($row = mysql_fetch_assoc($resultPicture)) {
while ($row = mysqli_fetch_assoc($resultPicture)) {
$row['url'] = $config['gallery_url'].'plog-content/images/'.$row['collection_path'].'/'.$row['album_path'].'/'.basename($row['path']);
array_unshift($picdata, $row);
}
} elseif (!is_array($id) && mysql_num_rows($resultPicture) > 0) {
$picdata = mysql_fetch_assoc($resultPicture);
} elseif (!is_array($id) && mysqli_num_rows($resultPicture) > 0) {
$picdata = mysqli_fetch_assoc($resultPicture);
// Eventually I want to get rid of the full path in pictures tables to avoid useless data duplication
// The following is a temporary solution so I don't have to break all the functionality at once
$pictures = array();
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
// See comment in get_picture_by_id
$row['url'] = $config['gallery_url'].'plog-content/images/'.$row['collection_path'].'/'.$row['album_path'].'/'.basename($row['path']);
$pictures[$row['id']] = $row;
function check_album_id($id) {
$sql = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."albums WHERE `id` = ".intval($id);
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
$GLOBALS['current_album'] = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$GLOBALS['current_album'] = mysqli_fetch_assoc($result);
return true;
} else {
$GLOBALS['plogger_level'] = '404';
WHERE `a`.`id` = ".intval($id);
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
$album = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$album = mysqli_fetch_assoc($result);
if ($album['thumbnail_id'] == 0) {
$query = "SELECT `id`, `path`
LIMIT 1";
$result = run_query($query);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$album['thumbnail_id'] = $row['id'];
}
}
function get_album_by_name($name, $collection_id) {
$sql = "SELECT *
FROM `".PLOGGER_TABLE_PREFIX."albums`
WHERE `name` = '".mysql_real_escape_string($name)."'
WHERE `name` = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$name)."'
AND `parent_id` = ".intval($collection_id);
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
$album = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$album = mysqli_fetch_assoc($result);
} else {
$album = false;
}
function check_collection_id($id) {
$sql = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."collections WHERE `id` = ".intval($id);
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
$GLOBALS['current_collection'] = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$GLOBALS['current_collection'] = mysqli_fetch_assoc($result);
return true;
} else {
$GLOBALS['plogger_level'] = '404';
ORDER BY `c`.`name` ASC";
$resultCollection = run_query($sqlCollection);
if (mysql_num_rows($resultCollection) == 0) {
if (mysqli_num_rows($resultCollection) == 0) {
$collection = false;
} else {
$collection = mysql_fetch_assoc($resultCollection);
$collection = mysqli_fetch_assoc($resultCollection);
if ($collection['thumbnail_id'] == 0) {
$query = "SELECT `id`, `path`
LIMIT 1";
$result = run_query($query);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$collection['thumbnail_id'] = $row['id'];
}
}
function get_collection_by_name($name) {
$sql = "SELECT *
FROM `".PLOGGER_TABLE_PREFIX."collections`
WHERE name = '".mysql_real_escape_string($name)."'";
WHERE name = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$name)."'";
$result = run_query($sql);
if (mysql_num_rows($result) > 0) {
$collection = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$collection = mysqli_fetch_assoc($result);
} else {
$collection = false;
}
$result = run_query($query);
while ($album = mysql_fetch_assoc($result)) {
while ($album = mysqli_fetch_assoc($result)) {
if ($album['thumbnail_id'] == 0) {
$query = "SELECT `id`, `path`
FROM `".PLOGGER_TABLE_PREFIX."pictures`
LIMIT 1";
$thumb_result = run_query($query);
if (mysql_num_rows($thumb_result) > 0) {
$row = mysql_fetch_assoc($thumb_result);
if (mysqli_num_rows($thumb_result) > 0) {
$row = mysqli_fetch_assoc($thumb_result);
$album['thumbnail_id'] = $row['id'];
}
}
$collections = array();
while ($collection = mysql_fetch_assoc($resultCollection)) {
while ($collection = mysqli_fetch_assoc($resultCollection)) {
if ($collection['thumbnail_id'] == 0) {
$query = "SELECT `id`, `path`
FROM `".PLOGGER_TABLE_PREFIX."pictures`
LIMIT 1";
$result = run_query($query);
if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_assoc($result);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$collection['thumbnail_id'] = $row['id'];
}
}
foreach($levels as $key => $level) {
if (isset($path_parts[$key])) {
$names[$level] = mysql_real_escape_string(urldecode(SmartStripSlashes($path_parts[$key])));
$names[$level] = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],urldecode(SmartStripSlashes($path_parts[$key])));
$current_level = $level;
}
}
$result = run_query($sql);
// No such collection
if (mysql_num_rows($result) == 0) {
if (mysqli_num_rows($result) == 0) {
// Check if it's an RSS feed
if ($names['collection'] == 'feed') {
return array('level' => 'collections', 'id' => 0);
}
}
$collection = mysql_fetch_assoc($result);
$collection = mysqli_fetch_assoc($result);
// What if there are multiple collections with same names? I hope there aren't .. this would
// suck. But here is an idea, we shouldn't allow the user to enter similar names
$result = run_query($sql);
// No such album
if (mysql_num_rows($result) == 0) {
if (mysqli_num_rows($result) == 0) {
// Check if it's an RSS feed
if ($names['album'] == 'feed') {
return array('level' => 'collection', 'id' => $collection['id']);
}
}
$album = mysql_fetch_assoc($result);
$album = mysqli_fetch_assoc($result);
// Try to detect slideshow. Downside is that you cannot have a picture with that name
if (isset($names['picture']) && $names['picture'] == 'slideshow') {
AND `parent_album`=".intval($album['id']);
$result = run_query($sql);
$picture = mysql_fetch_assoc($result);
$picture = mysqli_fetch_assoc($result);
// No such caption, perhaps we have better luck with path?
if (!$picture) {
WHERE `path` LIKE '".$filepath.".%'
AND `parent_album`=".intval($album['id']);
$result = run_query($sql);
$picture = mysql_fetch_assoc($result);
$picture = mysqli_fetch_assoc($result);
}
// No such picture
$args .= $aval.'/';
}
}
switch($level) {
case 'collection':
$query = "SELECT `path` FROM `".PLOGGER_TABLE_PREFIX."collections` WHERE `id`=".intval($id);
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$rv = $config['baseurl'].rawurlencode(SmartStripSlashes($row['path'])).'/'.$args;
break;
case 'album':
LEFT JOIN `".PLOGGER_TABLE_PREFIX."collections` AS `c` ON `a`.`parent_id`=`c`.`id`
WHERE `a`.`id`=".intval($id);
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$rv = $config['baseurl'].rawurlencode(SmartStripSlashes($row['collection_path'])).'/'.rawurlencode(SmartStripSlashes($row['album_path'])).'/'.$args;
break;
case 'picture':
$host = gethostbyaddr($ip);
// I want to use the original unescaped values later - to send the email
$sql_author = mysql_real_escape_string($author);
$sql_email = mysql_real_escape_string($email);
$sql_url = mysql_real_escape_string($url);
$sql_comment = mysql_real_escape_string($comment);
$sql_ip = mysql_real_escape_string($ip);
$sql_author = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$author);
$sql_email = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$email);
$sql_url = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$url);
$sql_comment = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$comment);
$sql_ip = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$ip);
$parent_id = intval($parent_id);
`parent_id`= '$parent_id',
`approved` = '$approved',
`ip` = '$ip'";
$result = mysql_query($query);
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
if (!$result) {
return array('errors' => plog_tr('Could not post comment').mysql_error());
return array('errors' => plog_tr('Could not post comment').mysqli_error($GLOBALS["PLOGGER_DBH"]));
}
// XXX: admin email address should be validated
$output = "\n" . '<ul class="'.$class.'">';
// Loop through each collection, output child albums
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
// Output collection name
$collection_link = '<a href="'.generate_url('collection', $row['id']).'">'.$row['name'].'</a>';
$output .= "\n\t" . '<li>'.$collection_link.'</li>';
$query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."albums WHERE parent_id = '$row[id]' ORDER BY name DESC";
$output .= "\n<ul>";
while ($albums = mysql_fetch_assoc($result)) {
while ($albums = mysqli_fetch_assoc($result)) {
$album_link = '<a href="'.generate_url('albums', $albums['id']).'">'.$albums['name'].'</a>';
$output .= "\n\t" . '<li>'.$album_link.'</li>';
}
unset($_SESSION['require_captcha']);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
if (!$row) {
return false;
$result = run_query($sql);
while ($image = mysql_fetch_assoc($result)) {
while ($image = mysqli_fetch_assoc($result)) {
$image_list[] = $image['id'];
}
WHERE `id`=$id";
$result = run_query($sql);
$GLOBALS['available_pictures'] = mysql_num_rows($result);
$GLOBALS['available_pictures'] = mysqli_num_rows($result);
$GLOBALS['picture_counter'] = 0;
$GLOBALS['picture_dbh'] = $result;
}
$result = run_query($query);
$GLOBALS['available_comments'] = mysql_num_rows($result);
$GLOBALS['available_comments'] = mysqli_num_rows($result);
$GLOBALS['comment_counter'] = 0;
$GLOBALS['comment_dbh'] = $result;
}
}
$result = run_query("SELECT COUNT(DISTINCT p.`id`) AS cnt ".$sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$GLOBALS['total_pictures'] = $row['cnt'];
UNIX_TIMESTAMP(`date_submitted`) AS `unix_date_submitted`,
UNIX_TIMESTAMP(`EXIF_date_taken`) AS `unix_exif_date_taken` ".$sql);
$GLOBALS['available_pictures'] = mysql_num_rows($result);
$GLOBALS['available_pictures'] = mysqli_num_rows($result);
$GLOBALS['picture_counter'] = 0;
$GLOBALS['picture_dbh'] = $result;
}
if ((count($terms) != 1) || ($terms[0] != '')) {
$query .= " WHERE ( ";
foreach ($terms as $term) {
$term = mysql_real_escape_string($term);
$term = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$term);
$multi_term = explode('+', $term);
if (count($multi_term)>1) {
$path = implode("%' AND `path` LIKE '%", $multi_term);
}
$result = run_query("SELECT COUNT(DISTINCT p.`id`) AS cnt ".$query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$GLOBALS['total_pictures'] = $row['cnt'];
// And I need sort order here as well
UNIX_TIMESTAMP(`date_submitted`) AS `unix_date_submitted` ".$query."
GROUP BY p.`id` ORDER BY `$sortby` $sortdir LIMIT $from, $limit");
$GLOBALS['available_pictures'] = mysql_num_rows($result);
$GLOBALS['available_pictures'] = mysqli_num_rows($result);
$GLOBALS['picture_counter'] = 0;
$GLOBALS['picture_dbh'] = $result;
}
$sql = "SELECT COUNT(DISTINCT `parent_collection`) AS `num_items`
FROM `".PLOGGER_TABLE_PREFIX."pictures`";
$result = run_query($sql);
$num_items = mysql_result($result, 0, 'num_items');
$num_items = mysqli_result($result, 0, 'num_items');
$GLOBALS['total_pictures'] = $num_items;
// Create a list of all non-empty collections. Could be done with subqueries, but
$sql = "SELECT parent_collection, parent_album, COUNT(*) AS imagecount
FROM `".PLOGGER_TABLE_PREFIX."pictures` GROUP BY parent_collection, parent_album";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$image_collection_count[$row['parent_collection']] = $row['imagecount'];
$image_album_count[$row['parent_album']] = $row['imagecount'];
}
GROUP BY parent_id";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$album_count[$row['parent_id']] = $row['albumcount'];
}
$sql = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."collections`".$where.$order.$limit;
$result = run_query($sql);
$GLOBALS['available_collections'] = mysql_num_rows($result);
$GLOBALS['available_collections'] = mysqli_num_rows($result);
$GLOBALS['collection_counter'] = 0;
$GLOBALS['collection_dbh'] = $result;
}
FROM `".PLOGGER_TABLE_PREFIX."pictures` $where";
$result = run_query($sql);
$num_items = mysql_result($result, 0, 'num_items');
$num_items = mysqli_result($result, 0, 'num_items');
$GLOBALS['total_pictures'] = $num_items;
// 1. create a list of all albums with at least one photo
$sql = "SELECT parent_album, COUNT(*) AS imagecount FROM `".PLOGGER_TABLE_PREFIX."pictures` GROUP BY parent_album";
$result = run_query($sql);
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$image_count[$row['parent_album']] = $row['imagecount'];
}
$result = run_query($sql);
$GLOBALS['available_albums'] = mysql_num_rows($result);
$GLOBALS['available_albums'] = mysqli_num_rows($result);
$GLOBALS['album_counter'] = 0;
$GLOBALS['album_dbh'] = $result;
}
function plogger_load_picture() {
$rv = mysql_fetch_assoc($GLOBALS['picture_dbh']);
$rv = mysqli_fetch_assoc($GLOBALS['picture_dbh']);
$GLOBALS['picture_counter']++;
$GLOBALS['current_picture'] = $rv;
return $rv;
}
function plogger_load_comment() {
$rv = mysql_fetch_assoc($GLOBALS['comment_dbh']);
$rv = mysqli_fetch_assoc($GLOBALS['comment_dbh']);
$GLOBALS['comment_counter']++;
$GLOBALS['current_comment'] = $rv;
return $rv;
$comment_query = "SELECT COUNT(`id`) AS `num_comments` FROM `".PLOGGER_TABLE_PREFIX."comments`
WHERE approved = 1 AND `parent_id`='".$row['id']."'";
$comment_result = run_query($comment_query);
$num_comments = mysql_result($comment_result, 0, 'num_comments');
$num_comments = mysqli_result($comment_result, 0, 'num_comments');
return $num_comments;
}
/*** The following functions can only be used inside the Collections loop ***/
function plogger_load_collection() {
$rv = mysql_fetch_assoc($GLOBALS['collection_dbh']);
$rv = mysqli_fetch_assoc($GLOBALS['collection_dbh']);
$GLOBALS['collection_counter']++;
$GLOBALS['current_collection'] = $rv;
return $rv;
$thumb_query .= " `parent_collection`='".$rv['id']."' ORDER BY `id` DESC LIMIT 1";
}
$thumb_result = run_query($thumb_query);
$thumb_data = mysql_fetch_assoc($thumb_result);
$thumb_data = mysqli_fetch_assoc($thumb_result);
if ($thumb_data) {
$rv['thumbnail_id'] = $thumb_data['id'];
$rv['thumbnail_path'] = $thumb_data['path'];
function plogger_count_collections() {
$numquery = "SELECT COUNT(DISTINCT `parent_collection`) AS `num_collections` FROM `".PLOGGER_TABLE_PREFIX."pictures`";
$numresult = run_query($numquery);
$num_albums = mysql_result($numresult, 0, 'num_collections');
$num_albums = mysqli_result($numresult, 0, 'num_collections');
return $num_albums;
}
/*** The following functions can only be used inside the Albums loop ***/
function plogger_load_album() {
$rv = mysql_fetch_assoc($GLOBALS['album_dbh']);
$rv = mysqli_fetch_assoc($GLOBALS['album_dbh']);
$GLOBALS['album_counter']++;
$GLOBALS['current_album'] = $rv;
return $rv;
else
$thumb_query .= " `parent_album`='".$rv['id']."' ORDER BY `date_submitted` DESC LIMIT 1";
$thumb_result = run_query($thumb_query);
$thumb_data = mysql_fetch_assoc($thumb_result);
$thumb_data = mysqli_fetch_assoc($thumb_result);
if ($thumb_data) {
$rv['thumbnail_id'] = $thumb_data['id'];
$rv['thumbnail_path'] = $thumb_data['path'];
// XXX: this may be faster?
$numquery = "SELECT COUNT(DISTINCT `id`) AS `num_pictures` FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `parent_album`='".$row['id']."'";
$numresult = run_query($numquery);
return mysql_result($numresult, 0, 'num_pictures');
return mysqli_result($numresult, 0, 'num_pictures');
} else {
return 0;
}
ORDER BY `date` DESC";
$result = run_query($query);
$comments = array();
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$comments[$row['id']] = $row;
}
return $comments;
}
?>
?>
plog-includes/plog-tag-functions.php
3636
3737
3838
39
40
39
40
4141
4242
4343
......
4747
4848
4949
50
50
5151
5252
5353
......
5656
5757
5858
59
59
6060
6161
6262
......
7171
7272
7373
74
74
7575
7676
7777
......
9191
9292
9393
94
94
9595
96
97
98
96
97
98
9999
100100
101101
......
109109
110110
111111
112
113
112
113
114114
115115
116116
117117
118
119
118
119
120120
121121
122122
......
133133
134134
135135
136
136
137137
138138
139139
......
145145
146146
147147
148
148
149149
150
150
151151
152152
153153
......
173173
174174
175175
176
177
176
177
178178
179179
180180
181181
182
183
182
183
184184
185185
186186
......
188188
189189
190190
191
191
192192
193
193
194194
195
196
195
196
197197
198198
199199
200200
201201
202202
203
203
204204
205205
206206
......
209209
210210
211211
212
212
213213
214214
215215
// TODO: Evaluate whether this method should return the same format for the tags (so in this method it would return an array of arrays, each containing 'id', 'tag' and 'urlified').
$query = 'SELECT `t2p`.`tag_id`, `t`.`urlified`, `t`.`tag` FROM `'.$TABLE_PREFIX.'tag2picture` as `t2p`, `'.$TABLE_PREFIX.'tags` as `t` WHERE `picture_id` = '.$picture_id.' AND `t2p`.`tag_id` = `t`.`id`;';
$result = mysql_query($query);
while($tag_row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
while($tag_row = mysqli_fetch_assoc($result)) {
$picture_tags[$tag_row['urlified']] = $tag_row['tag_id'];
}
return $picture_tags;
global $TABLE_PREFIX;
$picture_id = intval($picture_id);
$sql = 'DELETE FROM '.$TABLE_PREFIX.'tag2picture WHERE picture_id = '.$picture_id;
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
function get_tag_by_name($tag) {
$query = 'SELECT `id`, `tag`, `urlified` FROM `'.$TABLE_PREFIX.'tags` WHERE `tag`="'.$tag.'"';
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
if (!is_array($row)) {
return NULL;
$query = 'SELECT `id`, `tag`, `urlified` FROM `'.$TABLE_PREFIX.'tags` WHERE `id`='.$tag_id;
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
if (!is_array($row)) {
return NULL;
function insert_tag($tag) {
global $TABLE_PREFIX;
$urlified = mysql_real_escape_string(urlify_tag($tag));
$urlified = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],urlify_tag($tag));
$sql = 'INSERT INTO '.$TABLE_PREFIX.'tags (`tag`,`tagdate`,`urlified`)
VALUES ("'.mysql_real_escape_string($tag).'", NOW(), "'.$urlified.'")';
if( mysql_query($sql) ) {
return mysql_insert_id();
VALUES ("'.mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$tag).'", NOW(), "'.$urlified.'")';
if( mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) ) {
return mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);
}
}
if (sizeof($tags) > 0) {
$tagsql = join('", "', $tags);
$sql = 'SELECT * FROM '.$TABLE_PREFIX.'tags WHERE `tag` IN ("'.$tagsql.'")';
$result = mysql_query($sql);
while($tag_row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($tag_row = mysqli_fetch_assoc($result)) {
$existing_tags[$tag_row['tag']] = $tag_row['id'];
}
$sql = 'SELECT * FROM '.$TABLE_PREFIX.'tag2picture WHERE `picture_id` ="'.$picture_id.'"';
$result = mysql_query($sql);
while($tag_row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($tag_row = mysqli_fetch_assoc($result)) {
$existing_rels[$tag_row['tag_id']] = $tag_row['picture_id'];
}
}
// No connection between tag and picture? create if
$sql = 'INSERT INTO '.$TABLE_PREFIX.'tag2picture (`picture_id`,`tag_id`,`tagdate`)
VALUES ("'.$picture_id.'", "'.$existing_tags[$tag].'", NOW())';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
}
global $TABLE_PREFIX;
$tagsql = join(', ', $tag_ids);
$sql = 'DELETE FROM '.$TABLE_PREFIX.'tag2picture WHERE tag_id IN ('.$tagsql.')';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
$sql = 'DELETE FROM '.$TABLE_PREFIX.'tags WHERE id IN ('.$tagsql.')';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
function remove_picture_tags($picture_id, $tag_ids) {
if (sizeof($tags) > 0) {
$tagsql = join('", "', $tags);
$sql = 'SELECT * FROM '.$TABLE_PREFIX.'tags WHERE `tag` IN ("'.$tagsql.'")';
$result = mysql_query($sql);
while($tag_row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($tag_row = mysqli_fetch_assoc($result)) {
$existing_tags[$tag_row['tag']] = $tag_row['id'];
}
$sql = 'SELECT * FROM '.$TABLE_PREFIX.'tag2picture WHERE `picture_id` ="'.$picture_id.'"';
$result = mysql_query($sql);
while($tag_row = mysql_fetch_assoc($result)) {
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
while($tag_row = mysqli_fetch_assoc($result)) {
$existing_rels[$tag_row['tag_id']] = $tag_row['picture_id'];
}
}
foreach($tags as $tag) {
if (!isset($existing_tags[$tag])) {
// Must be a new tag, register it
$path = mysql_real_escape_string(preg_replace("/[^\w|\.|'|\-|\[|\]]/", "_", $tag));
$path = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],preg_replace("/[^\w|\.|'|\-|\[|\]]/", "_", $tag));
$sql = 'INSERT INTO '.$TABLE_PREFIX.'tags (`tag`, `tagdate`, `path`)
VALUES ("'.mysql_real_escape_string($tag).'", "'.$path.'", NOW())';
VALUES ("'.mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$tag).'", "'.$path.'", NOW())';
print $sql;
$result = mysql_query($sql);
$existing_tags[$tag] = mysql_insert_id();
$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
$existing_tags[$tag] = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);
}
if (!isset($existing_rels[$existing_tags[$tag]])) {
// No connection between tag and picture? create if
$sql = 'INSERT INTO '.$TABLE_PREFIX.'tag2picture (`picture_id`, `tag_id`, `tagdate`)
VALUES ("'.$picture_id.'", "'.$existing_tags[$tag].'", NOW())';
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
}
if (!in_array($tag_id,$existing_tags)) {
$sql = "DELETE FROM `".$TABLE_PREFIX."tag2picture`
WHERE `picture_id` = '$picture_id' AND `tag_id` = '$tag_id'";
mysql_query($sql);
mysqli_query($GLOBALS["PLOGGER_DBH"],$sql);
}
}
plog-load-config.php
4848
4949
5050
51
51
5252
5353
5454
5555
56
56
5757
5858
5959
60
60
6161
6262
6363
......
9696
9797
9898
99
99
100100
101101
102102
......
123123
124124
125125
126
126
127127
128128
129129
130130
131131
132
132
133133
134134
135135
......
191191
192192
193193
194
194
die($img."\n" . '<p style="font-family: tahoma, verdana, arial, sans-serif; font-size: 16px; letter-spacing: .25px; margin: 30px;">'.plog_tr('Please run <a href="'.$install_url.'">_install.php</a> to set up Plogger. If you are upgrading from a previous version, please run <a href="'.$upgrade_url.'">_upgrade.php</a>').'.</p>');
}
connect_db();
//connect_db();
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."config`";
$result = run_query($query);
if (mysql_num_rows($result) == 0) {
if (mysqli_num_rows($result) == 0) {
die(plog_tr('No config information in the database.'));
}
$config = mysql_fetch_assoc($result);
$config = mysqli_fetch_assoc($result);
$config['gallery_name'] = SmartStripSlashes($config['gallery_name']);
$config['basedir'] = PLOGGER_DIR;
$config['baseurl'] = 'http://'.$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']).'/';
// otherwise just use our cleaned up version of $_SERVER['PHP_SELF'] from plog-globals.php
} else {
$config['baseurl'] = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];
$config['baseurl'] = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER["SCRIPT_NAME"];
}
// Remove plog-admin/ from the end, if present .. is there a better way to determine the full url?
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."thumbnail_config`";
$result = run_query($query);
if (mysql_num_rows($result) == 0) {
if (mysqli_num_rows($result) == 0) {
die(plog_tr('No thumbnail config information in the database.'));
}
$prefix_arr = array(1 => 'small', 2 => 'large', 3 => 'rss', 4 => 'thumbnav');
while($row = mysql_fetch_assoc($result)) {
while($row = mysqli_fetch_assoc($result)) {
$thumbnail_config[$row['id']] = array(
'type' => $prefix_arr[$row['id']],
'size' => $row['max_size'],
$_SESSION['plogger_details'] = 0;
}
?>
?>
plog-remote.php
4747
4848
4949
50
50
5151
52
52
5353
5454
5555
......
8787
8888
8989
90
90
9191
9292
9393
......
122122
123123
124124
125
125
126126
127127
128128
......
177177
178178
179179
180
180
181181
182182
183183
......
195195
196196
197197
198
198
199199
200200
201
201
202202
203203
204204
}
function get_album_by_name($name) {
$sqlAlbum = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE name = '".mysql_real_escape_string($name)."'";
$sqlAlbum = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE name = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$name)."'";
$resultAlbum = run_query($sqlAlbum);
return mysql_fetch_assoc($resultAlbum);
return mysqli_fetch_assoc($resultAlbum);
}
function login($user, $password) {
);
$i = 2;
while($rowCollection = mysql_fetch_assoc($resultCollections)) {
while($rowCollection = mysqli_fetch_assoc($resultCollections)) {
$id = $rowCollection['id'];
$description = $rowCollection['description'];
$name = $rowCollection['name'];
$sqlAlbum = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."albums` ORDER BY `name` ASC";
$resultAlbum = run_query($sqlAlbum);
while ($rowAlbum = mysql_fetch_assoc($resultAlbum)) {
while ($rowAlbum = mysqli_fetch_assoc($resultAlbum)) {
$id = $rowAlbum['id'];
$parent_id = $parents[$rowAlbum['parent_id']];
$albums[$i] = array(
if ($albuminfo) {
$sqlPictures = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE parent_album = ".intval($albuminfo['id']);
$resultAlbum = run_query($sqlPictures);
while ($rowAlbum = mysql_fetch_assoc($resultAlbum)) {
while ($rowAlbum = mysqli_fetch_assoc($resultAlbum)) {
$response->set_key("image.name.${i}", $rowAlbum['path']);
//print "image.raw_width.0=400\n";
//print "image.raw_height.0=400\n";
function gr_add_album($parent, $name, $description) {
// Parent is the name of the collection
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."collections` WHERE name = '".mysql_real_escape_string($parent)."'";
$query = "SELECT * FROM `".PLOGGER_TABLE_PREFIX."collections` WHERE name = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$parent)."'";
$result = run_query($query);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
if (empty($name)) {
$name = 'no name';
plog-rss.php
101101
102102
103103
104
104
105105
106106
107107
$sql = "SELECT UNIX_TIMESTAMP(`date_modified`) AS `pubdate` FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE `parent_album` = '".plogger_get_album_id()."' ORDER BY `date_modified` DESC LIMIT 1";
$result = run_query($sql);
$row = mysql_fetch_assoc($result);
$row = mysqli_fetch_assoc($result);
$pubdate = date('D, d M Y H:i:s O', $row['pubdate']);
$title = plogger_get_album_name();
plog-thumb.php
2121
2222
2323
24
24
2525
2626
2727
$query = "SELECT `path`, `id` FROM `plogger_pictures` WHERE `id`=".intval($_REQUEST['id']);
$result = run_query($query);
$thumb = mysql_fetch_assoc($result);
$thumb = mysqli_fetch_assoc($result);
$thumb['type'] = intval($_REQUEST['type']);
plog-xml.php
325325
326326
327327
328
328
329329
330330
331331
......
369369
370370
371371
372
372
373373
374374
375375
......
400400
401401
402402
403
403
404404
405405
406406
$collections = array();
while ($collection = mysql_fetch_assoc($resultCollection)) {
while ($collection = mysqli_fetch_assoc($resultCollection)) {
$collections[$collection['id']] = $collection;
}
$result = run_query($query);
while ($album = mysql_fetch_assoc($result)) {
while ($album = mysqli_fetch_assoc($result)) {
$albums[$album['album_id']] = $album;
}
$pictures = array();
while ($row = mysql_fetch_assoc($result)) {
while ($row = mysqli_fetch_assoc($result)) {
$pictures[$row['id']] = $row;
}

Archive Download the corresponding diff file

Branches

Number of commits:
Page rendered in 0.20668s using 14 queries.