NP_Gallery\r
Gallery Plugin for nucleus cms http://nucleuscms.org\r
\r
+Security fix in 0.95 by Katsumi\r
+http://sourceforge.jp/projects/nucleus-jp/svn/view/plugin/NP_gallery/trunk/\r
\r
*/\r
\r
\r
-global $DIR_NUCLEUS;\r
-include_once($DIR_NUCLEUS.'/plugins/gallery/config.php');\r
+include_once(dirname(__FILE__).'/gallery/config.php');\r
\r
class NP_gallery extends NucleusPlugin {\r
\r
function getName() {return 'Nucleus Image Gallery';}\r
function getAuthor() { return 'John Bradshaw, Gene Cambridge Tsai'; }\r
function getURL() { return 'http://www.sircambridge.net/nucleus/index.php?itemid=57'; }\r
- function getVersion() { return '0.94'; }\r
+ function getVersion() { return '0.95'; }\r
function getDescription() { return 'Image Gallery for Nucleus CMS'; }\r
function supportsFeature($what) { switch($what) {\r
case 'SqlTablePrefix': return 1; break;\r
$text = $desc;\r
//these lines should be moved into picture_class.php\r
sql_query("INSERT INTO ".sql_table('plug_gallery_picturetag')." ( `pictureid` , `top` , `left` , `height` , `width` , `text` )\r
- VALUES ( '" . $pictureid ." ', '" .$top."', '" .$left." ' , '" .$height."' , '" .$width."' , '" .$text."' ); ");\r
+ VALUES ( '" . addslashes($pictureid) ." ', '" .addslashes($top)."', '" .addslashes($left)." ' , '" .addslashes($height)."' , '" .addslashes($width)."' , '" .addslashes($text)."' ); ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $pictureid . "\"" .\r
"</script>";\r
case 'tagdelete' :\r
$pictureid = requestVar('pictureid');\r
//these lines should be moved into picture_class.php\r
- sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . $pictureid . "' LIMIT 1; ");\r
+ sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . addslashes($pictureid) . "' LIMIT 1; ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $pictureid . " \"" .\r
"</script>";\r
\r
//add_picture.php\r
include('../../../config.php');\r
-include_once('config.php'); //gallery config\r
+include_once(dirname(__FILE__).'/config.php'); //gallery config\r
include_once($DIR_LIBS . 'ITEM.php');\r
\r
\r
else {\r
$j=0;\r
while($ids[$j]) {\r
- $query = 'insert into '.sql_table('plug_gallery_promo').' values ('.$ids[$j].', '.$result['itemid'].')';\r
+ $query = 'insert into '.sql_table('plug_gallery_promo').' values ('.intval($ids[$j]).', '.intval($result['itemid']).')';\r
sql_query($query);\r
$j++;\r
}\r
$query = 'insert into '\r
.$temp_table\r
.'(tempid,memberid,albumid,filename,intfilename,thumbfilename,title,description,promote,error)'\r
- ." values (NULL, $memberid, $albumid, '$filename', '$int_filename', '$thumb_filename', '$defaulttitle', '$description', 0, '$error') ";\r
+ ." values (NULL, ".intval($memberid).", ".intval($albumid).", '".addslashes($filename)."', '".addslashes($int_filename)."', '".addslashes($thumb_filename)."', '".addslashes($defaulttitle)."', '".addslashes($description)."', 0, '".addslashes($error)."') ";\r
//echo $query.'<br/>';\r
$result = sql_query($query);\r
\r
\r
if(!$page) $page='1';\r
\r
- $query = 'select * from '.sql_table('plug_gallery_comment').' as a left join '.sql_table('member').' as b on a.cmemberid=b.mnumber left join '.sql_table('plug_gallery_picture').' as c on a.cpictureid=c.pictureid limit '.$offset.', '.($NPG_CONF['AdminCommentsPerPage']+1);\r
+ $query = 'select * from '.sql_table('plug_gallery_comment').' as a left join '.sql_table('member').' as b on a.cmemberid=b.mnumber left join '.sql_table('plug_gallery_picture').' as c on a.cpictureid=c.pictureid limit '.intval($offset).', '.intval($NPG_CONF['AdminCommentsPerPage']+1);\r
$res = sql_query($query);\r
$nrows = mysql_num_rows($res);\r
\r
\r
$id = $_GET['id'];\r
if($gmember->isAdmin() && $id) { \r
- $query = 'select * from '.sql_table('plug_gallery_template')." where tdesc = $id";\r
+ $query = 'select * from '.sql_table('plug_gallery_template')." where tdesc = ".intval($id);\r
$result = sql_query($query);\r
if(mysql_num_rows($result)) {\r
while ($row = mysql_fetch_object($result)) {\r
}\r
}\r
\r
- $query2 = 'select * from '.sql_table('plug_gallery_template_desc')." where tdid = $id";\r
+ $query2 = 'select * from '.sql_table('plug_gallery_template_desc')." where tdid = ".intval($id);\r
$result2 = sql_query($query2);\r
if(!mysql_num_rows($result2)) {\r
echo __NPG_ERR_BAD_TEMPLATE.'<br/>';\r
$res = sql_query($query);\r
$nr = mysql_fetch_row($res);\r
if ($nr[0] > 1 && $id && NPG_TEMPLATE::existsID($id) && $gmember->isAdmin()) {\r
- $query = 'delete from '.sql_table('plug_gallery_template_desc').' where tdid='.$id;\r
+ $query = 'delete from '.sql_table('plug_gallery_template_desc').' where tdid='.intval($id);\r
sql_query($query);\r
- $query = 'delete from '.sql_table('plug_gallery_template').' where tdesc='.$id;\r
+ $query = 'delete from '.sql_table('plug_gallery_template').' where tdesc='.intval($id);\r
sql_query($query);\r
}\r
\r
global $galleryaction;\r
\r
$id = intval(requestvar('id'));\r
- $query = 'select * from '.sql_table('plug_gallery_comment').' as a left join '.sql_table('member').' as b on a.cmemberid=b.mnumber where a.commentid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_comment').' as a left join '.sql_table('member').' as b on a.cmemberid=b.mnumber where a.commentid='.intval($id);\r
$res = sql_query($query);\r
$row = mysql_fetch_object($res);\r
\r
function action_removeselectuser() {\r
global $gmember;\r
\r
- $mid = requestvar('userid');\r
+ $mid = intval(requestvar('userid'));\r
if($mid) {\r
$query='delete from '.sql_table('plug_gallery_member')." where memberid=$mid";\r
if($gmember->isAdmin()) $result = mysql_query($query);\r
function action_addselectuser() {\r
global $gmember;\r
\r
- $mid = requestvar('userid');\r
+ $mid = intval(requestvar('userid'));\r
if($mid) {\r
$query = 'insert into '.sql_table('plug_gallery_member')." values ('$mid',1) ";\r
if($gmember->isAdmin()) $result = mysql_query($query);\r
function action_deltmember() {\r
global $gmember,$galleryaction;\r
\r
- $aid = requestvar('aid');\r
- $mid = requestvar('mid');\r
+ $aid = intval(requestvar('aid'));\r
+ $mid = intval(requestvar('mid'));\r
if($aid && $mid) \r
if($gmember->canModifyAlbum($aid)) {\r
$query = 'delete from '.sql_table('plug_gallery_album_team')." where tmemberid=$mid and talbumid=$aid";\r
function action_toggleadmin() {\r
global $gmember,$galleryaction;\r
\r
- $aid = requestvar('aid');\r
- $mid = requestvar('mid');\r
+ $aid = intval(requestvar('aid'));\r
+ $mid = intval(requestvar('mid'));\r
if($aid && $mid) \r
if($gmember->canModifyAlbum($aid)) {\r
$query = 'update '.sql_table('plug_gallery_album_team')." set tadmin=abs(tadmin-1) where tmemberid=$mid and talbumid=$aid";\r
function action_addalbumteam() {\r
global $gmember,$galleryaction;\r
\r
- $id = requestvar('id');\r
- $tmember = requestvar('tmember');\r
- $admin = requestvar('admin');\r
+ $id = intval(requestvar('id'));\r
+ $tmember = intval(requestvar('tmember'));\r
+ $admin = intval(requestvar('admin'));\r
if($id && $tmember) {\r
if(!$admin) $admin = 0;\r
if($gmember->canModifyAlbum($id)) {\r
$option = requestVar('deleteoption');\r
if($id && $option && $gmember->canmodifyalbum($id)) {\r
if($option == '-1') { //delete pictures\r
- $query = 'select * from '.sql_table('plug_gallery_picture').' where albumid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_picture').' where albumid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) echo mysql_error().":$query<br/>";\r
while($row = mysql_fetch_object($result)) {\r
}\r
else {\r
$delresult = PICTURE::deletepromoposts($row->pictureid);\r
- $query2 = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.$row->pictureid;\r
+ $query2 = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.intval($row->pictureid);\r
$result2 = mysql_query($query2);\r
if(!$result2) echo mysql_error().":$query<br/>";\r
}\r
}\r
if($ok) {\r
- $query = 'delete from '.sql_table('plug_gallery_album').' where albumid='.$id;\r
+ $query = 'delete from '.sql_table('plug_gallery_album').' where albumid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) echo mysql_error().":$query<br/>";\r
}\r
}\r
else {\r
if($gmember->canaddpicture($option)) {\r
- $query = 'update '.sql_table('plug_gallery_picture').' set albumid='.$option.' where albumid='.$id;\r
+ $query = 'update '.sql_table('plug_gallery_picture').' set albumid='.intval($option).' where albumid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) echo mysql_error().'<br/>';\r
ALBUM::fixnumberofimages($option);\r
- $query = 'delete from '.sql_table('plug_gallery_album').' where albumid='.$id;\r
+ $query = 'delete from '.sql_table('plug_gallery_album').' where albumid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) echo mysql_error().'<br/>';\r
}\r
}\r
\r
function commentsallowed($pictureid) {\r
- $query = 'select a.commentsallowed from '.sql_table('plug_gallery_album').' as a, '.sql_table('plug_gallery_picture').' as b where a.albumid=b.albumid and pictureid='.$pictureid;\r
+ $query = 'select a.commentsallowed from '.sql_table('plug_gallery_album').' as a, '.sql_table('plug_gallery_picture').' as b where a.albumid=b.albumid and pictureid='.intval($pictureid);\r
$res = sql_query($query);\r
$row = mysql_fetch_object($res);\r
return $row->commentsallowed;\r
function add_new($data) {\r
$atitle = addslashes($data['title']);\r
$adescription = addslashes($data['description']);\r
- $aowner = $data['ownerid'];\r
- $apublicalbum = $data['publicalbum'];\r
+ $aowner = intval($data['ownerid']);\r
+ $apublicalbum = addslashes($data['publicalbum']);\r
if(!$aowner) $aowner = 0; //make the owner guest\r
$query = "insert into ".sql_table('plug_gallery_album')." (albumid, title, description, ownerid, modified, numberofimages, commentsallowed, publicalbum) values ".\r
"(NULL, '$atitle','$adescription',$aowner,NULL,0,1,'$apublicalbum')";\r
}\r
\r
function get_data($id) {\r
- $result = sql_query("select a.*,b.mname as name from ".sql_table('plug_gallery_album').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.albumid=$id" );\r
+ $result = sql_query("select a.*,b.mname as name from ".sql_table('plug_gallery_album').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.albumid=".intval($id) );\r
if(mysql_num_rows($result)) $data = mysql_fetch_object($result); \r
else {\r
$data->albumid = 0;\r
\r
//default album thumbnail if thumbnail is blank\r
if(!$data->thumbnail) {\r
- $query = 'select thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.$data->albumid.' LIMIT 1';\r
+ $query = 'select thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.intval($data->albumid).' LIMIT 1';\r
$result = sql_query($query);\r
if(mysql_num_rows($result) ){\r
$row = mysql_fetch_object($result);\r
$data->thumbnail = $row->thumb_filename;\r
- sql_query('update '.sql_table('plug_gallery_album').' set thumbnail=\''.$row->thumb_filename.'\' where albumid='.$data->albumid);\r
+ sql_query('update '.sql_table('plug_gallery_album').' set thumbnail=\''.addslashes($row->thumb_filename).'\' where albumid='.intval($data->albumid));\r
}\r
}\r
return $data;\r
}\r
\r
function get_team($id) {\r
- $result = sql_query("select a.*, b.mname from ".sql_table('member').' as b, '.sql_table('plug_gallery_album_team')." as a where a.talbumid=$id and a.tmemberid=b.mnumber");\r
+ $result = sql_query("select a.*, b.mname from ".sql_table('member').' as b, '.sql_table('plug_gallery_album_team')." as a where a.talbumid=".intval($id)." and a.tmemberid=b.mnumber");\r
if(!mysql_num_rows($result)) return false;\r
$j=0;\r
while ($team[$j] = mysql_fetch_object($result)) {\r
\r
function get_pictures($id = 0,$so) {\r
if($this->query == '' && $id == 0) return null;\r
- if($this->query == '') $this->query = "select * from ".sql_table('plug_gallery_picture')." where albumid=$id $so";\r
+ if($this->query == '') $this->query = "select * from ".sql_table('plug_gallery_picture')." where albumid=".intval($id)." $so";\r
$result = sql_query($this->query);\r
$i=0;\r
while ($row = mysql_fetch_object($result)) {\r
$data[$i] = $row;\r
- $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.$row->pictureid);\r
+ $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.intval($row->pictureid));\r
if(mysql_num_rows($res)) {\r
$row2 = mysql_fetch_object($res);\r
$data[$i]->views = $row2->views;\r
while ($j<$limit){\r
$keyword = $splitdata[$j];\r
//echo $keyword;\r
- $this->query = "select * from ".sql_table('plug_gallery_picture')." WHERE keywords like '%".$keyword."%' ";\r
+ $this->query = "select * from ".sql_table('plug_gallery_picture')." WHERE keywords like '%".addslashes($keyword)."%' ";\r
$result = sql_query($this->query);\r
while ($row = @mysql_fetch_object($result)) {\r
$data[$i] = $row;\r
- $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.$row->pictureid);\r
+ $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.intval($row->pictureid));\r
if(mysql_num_rows($res)) {\r
$row2 = mysql_fetch_object($res);\r
$data[$i]->views = $row2->views;\r
\r
function increaseNumberByOne($id) {\r
if(!$id) $id = $this->id;\r
- $result = sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid =$id");\r
+ $result = sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid =".intval($id));\r
}\r
\r
function decreaseNumberByOne($id) {\r
if(!$id) $id = $this->id;\r
- $result = sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages - 1 where albumid =$id");\r
+ $result = sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages - 1 where albumid =".intval($id));\r
}\r
\r
function fixnumberofimages($id) {\r
$numberofimages = $this->numberofimages;\r
}\r
else {\r
- $result = sql_query('select numberofimages from '.sql_table('plug_gallery_album'). " where albumid=$id");\r
+ $result = sql_query('select numberofimages from '.sql_table('plug_gallery_album'). " where albumid=".intval($id));\r
$row = mysql_fetch_object($result);\r
$numberofimages = $row->numberofimages;\r
}\r
- $result = sql_query('select count(*) as noi from '.sql_table('plug_gallery_picture')." where albumid=$id");\r
+ $result = sql_query('select count(*) as noi from '.sql_table('plug_gallery_picture')." where albumid=".intval($id));\r
$row = mysql_fetch_object($result);\r
$noi = $row->noi;\r
if($noi <> $numberofimages) {\r
- sql_query("update ".sql_table('plug_gallery_album')." set numberofimages=$noi where albumid=$id");\r
+ sql_query("update ".sql_table('plug_gallery_album')." set numberofimages=$noi where albumid=".intval($id));\r
}\r
}\r
function write() {\r
$query = "update ".sql_table('plug_gallery_album')\r
- ." set title='{$this->title}', "\r
- ." commentsallowed= {$this->option['commentsallowed']}, "\r
- ." thumbnail='{$this->thumbnail}', "\r
- ." description='{$this->description}', "\r
- ." publicalbum= {$this->option['publicalbum']}"\r
- ." where albumid={$this->id}";\r
+ ." set title='".addslashes($this->title)."', "\r
+ ." commentsallowed= ".intval($this->option['commentsallowed']).", "\r
+ ." thumbnail='".addslashes($this->thumbnail)."', "\r
+ ." description='".addslashes($this->description)."', "\r
+ ." publicalbum= ".intval($this->option['publicalbum']).""\r
+ ." where albumid=".intval($this->id)."";\r
sql_query($query);\r
}\r
\r
\r
} else {\r
$query = 'select * from '.sql_table('plug_gallery_comment').\r
- ' where cpictureid='.$this->itemid.' order by ctime';\r
+ ' where cpictureid='.intval($this->itemid).' order by ctime';\r
$comments = sql_query($query);\r
$this->commentcount = mysql_num_rows($comments);\r
\r
function amountComments() {\r
$query = 'select count(*)'.\r
' from '.sql_table('plug_gallery_comment').\r
- ' where cpictureid='.$this->itemid;\r
+ ' where cpictureid='.intval($this->itemid);\r
$res = sql_query($query);\r
$arr = mysql_fetch_row($res);\r
return $arr[0];\r
$host = addslashes($comment['host']);\r
$ip = addslashes($comment['ip']);\r
$memberid = intval($comment['memberid']);\r
- $pictureid = $this->itemid;\r
+ $pictureid = intval($this->itemid);\r
\r
$query = 'insert into '.sql_table('plug_gallery_comment').\r
'(cbody, cuser, cmail, chost, cip, cmemberid, ctime, cpictureid) '.\r
global $DIR_NUCLEUS,$DIR_LIBS;\r
\r
global $NP_GALLERY_DIR, $NP_BASE_DIR;\r
-$NP_GALLERY_DIR = $DIR_NUCLEUS . 'plugins/gallery/';\r
-$NP_BASE_DIR = substr($DIR_NUCLEUS,0,strlen($DIR_NUCLEUS) - 8);\r
+$NP_GALLERY_DIR = dirname(__FILE__) . '/';\r
+$NP_BASE_DIR = dirname(dirname(dirname(dirname(__FILE__)))) . '/';\r
\r
\r
include_once($NP_GALLERY_DIR.'functions.php');\r
<td>\r
<?php\r
//this query lists the members that are not already part of the team, not the admins(they already have permissions) and are not the owner of the album\r
- $result = mysql_query('select mname, mnumber from '.sql_table('member').' left join '.sql_table('plug_gallery_album_team').' on mnumber=tmemberid and talbumid='.$id.' where mnumber <> '.$data->ownerid.' and madmin=0 and tmemberid is null');\r
+ $result = mysql_query('select mname, mnumber from '.sql_table('member').' left join '.sql_table('plug_gallery_album_team').' on mnumber=tmemberid and talbumid='.intval($id).' where mnumber <> '.intval($data->ownerid).' and madmin=0 and tmemberid is null');\r
if($result) {\r
$num_rows = mysql_num_rows($result);\r
if($num_rows) {\r
}\r
\r
function setNPGoption($oname, $ovalue) {\r
+ $oname=addslashes($oname);\r
+ $ovalue=addslashes($ovalue);\r
$result = mysql_query("select * from ".sql_table('plug_gallery_config')." where oname='$oname'" );\r
if(@ mysql_num_rows($result)) {\r
sql_query("update ".sql_table('plug_gallery_config')." set ovalue='$ovalue' where oname='$oname'");\r
$result = mysql_query("select count(*) as noi, albumid from ".sql_table('plug_gallery_picture')." group by albumid" );\r
if($result) {\r
while ($row = mysql_fetch_assoc($result)) {\r
- $result2 = mysql_query("select numberofimages from ".sql_table('plug_gallery_album')." where albumid = ".$row['albumid']);\r
+ $result2 = mysql_query("select numberofimages from ".sql_table('plug_gallery_album')." where albumid = ".intval($row['albumid']));\r
$row2 = mysql_fetch_assoc($result2);\r
if($row2['numberofimages'] <> $row['noi']) {\r
- sql_query("update ".sql_table('plug_gallery_album')." set numberofimages={$row['noi']} where albumid = ".$row['albumid']);\r
+ sql_query("update ".sql_table('plug_gallery_album')." set numberofimages={$row['noi']} where albumid = ".intval($row['albumid']));\r
}\r
}\r
}\r
$abs_dir = substr($DIR_NUCLEUS,0,strlen($DIR_NUCLEUS) - 8);\r
\r
//redo the thumbnails and intermediate images\r
- if($id) $album = ' where albumid='.$id;\r
+ if($id) $album = ' where albumid='.invtal($id);\r
$query = 'select * from '.sql_table('plug_gallery_picture').$album;\r
$result = sql_query($query);\r
\r
if(is_file($abs_dir.$row->filename)) {\r
//make new thumbnail\r
if($new_thumb = resizeImage($row->filename, $NPG_CONF['thumbwidth'], $NPG_CONF['thumbheight'], $row->thumb_filename)) {\r
- sql_query('update '.sql_table('plug_gallery_picture').' set thumb_filename=\''.$new_thumb.'\' where pictureid='.$row->pictureid);\r
+ sql_query('update '.sql_table('plug_gallery_picture').' set thumb_filename=\''.addslashes($new_thumb).'\' where pictureid='.intval($row->pictureid));\r
}\r
else echo '<br/>file: '.$abs_dir.$row->thumb_filename.' could not be resized<br/>';\r
//make new intermediate picture\r
if($new_thumb = resizeImage($row->filename, $NPG_CONF['maxwidth'], $NPG_CONF['maxheight'], $row->int_filename)) {\r
- sql_query('update '.sql_table('plug_gallery_picture').' set int_filename=\''.$new_thumb.'\' where pictureid='.$row->pictureid);\r
+ sql_query('update '.sql_table('plug_gallery_picture').' set int_filename=\''.addslashes($new_thumb).'\' where pictureid='.intval($row->pictureid));\r
\r
}\r
else echo '<br/>file: '.$abs_dir.$row->int_filename.' could not be resized<br/>';\r
\r
$strRel = '../../../';\r
\r
- include($strRel . 'config.php'); //nucleus config\r
- include('config.php'); //gallery config\r
+ require($strRel . 'config.php'); //nucleus config\r
+ include(dirname(__FILE__).'/config.php'); //gallery config\r
\r
if (!$member->isLoggedIn()) doError(_NOTLOGGEDIN);\r
\r
if ($NPG_CONF['add_album'] == 'guest' ) return true;\r
if ($NPG_CONF['add_album'] == 'member' && $this->isloggedin() ) return true;\r
if ($NPG_CONF['add_album'] == 'select') {\r
- $result = mysql_query('select addalbum from '.sql_table('plug_gallery_member').' where memberid='.$this->getID() );\r
+ $result = mysql_query('select addalbum from '.sql_table('plug_gallery_member').' where memberid='.intval($this->getID()) );\r
if(!$result) return false;\r
$row = mysql_fetch_assoc($result);\r
if($row['addalbum']) return true;\r
}\r
\r
//album owner or guest/public album\r
- $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid='.$albumid);\r
+ $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid='.intval($albumid));\r
if(!$result) return false;\r
$row = mysql_fetch_assoc($result);\r
if($row['ownerid'] == $this->getID() || $row['ownerid']==0) return true;\r
\r
//album team member\r
- $result = mysql_query('select tmemberid from '.sql_table('plug_gallery_album_team').' where talbumid='.$albumid);\r
+ $result = mysql_query('select tmemberid from '.sql_table('plug_gallery_album_team').' where talbumid='.intval($albumid));\r
if(!$result) return false;\r
while($row = mysql_fetch_assoc($result)) {\r
if($this->getID() == $row['tmemberid']) return true;\r
if ($this->isAdmin()) return true;\r
\r
//album owner except for public/guest albums -- only admin can modify those\r
- $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid <> 0 and albumid='.$albumid);\r
+ $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid <> 0 and albumid='.intval($albumid));\r
if(!$result) return false;\r
$row = mysql_fetch_assoc($result);\r
if($row['ownerid'] == $this->getID()) return true;\r
\r
//album admin (from team)\r
- $result = mysql_query('select tmemberid, tadmin from '.sql_table('plug_gallery_album_team').' where talbumid='.$albumid);\r
+ $result = mysql_query('select tmemberid, tadmin from '.sql_table('plug_gallery_album_team').' where talbumid='.intval($albumid));\r
if(!$result) return false;\r
while($row = mysql_fetch_assoc($result)) {\r
if($this->getID() == $row['tmemberid'] || $row['tadmin']) return true;\r
if ($this->isAdmin()) return true;\r
\r
//picture owner\r
- $result = mysql_query('select ownerid from '.sql_table('plug_gallery_picture').' where pictureid='.$pictureid);\r
+ $result = mysql_query('select ownerid from '.sql_table('plug_gallery_picture').' where pictureid='.intval($pictureid));\r
if(!$result) return false;\r
$row = mysql_fetch_assoc($result);\r
if($row['ownerid'] == $this->getID()) return true;\r
\r
//album owner, but not guest\r
- $result = mysql_query('select a.ownerid from '.sql_table('plug_gallery_album').' as a, '.sql_table('plug_gallery_picture').' as p where a.albumid=p.albumid and p.pictureid='.$pictureid);\r
+ $result = mysql_query('select a.ownerid from '.sql_table('plug_gallery_album').' as a, '.sql_table('plug_gallery_picture').' as p where a.albumid=p.albumid and p.pictureid='.intval($pictureid));\r
if(!$result) return false;\r
$row = mysql_fetch_assoc($result);\r
if($row['ownerid'] == $this->getID() && $this->getID() <> 0) return true;\r
\r
//super-admin\r
if ($this->isAdmin()) {\r
- $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.$commentid);\r
+ $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.intval($commentid));\r
if (mysql_num_rows($result)) return true; else return false;\r
}\r
\r
//comment ovnwer\r
- $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.$commentid);\r
+ $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.intval($commentid));\r
$row = mysql_fetch_assoc($result);\r
if($row['cmemberid'] == $this->getID()) return true;\r
\r
function getAllowedAlbums() {\r
$allowed_albums = array();\r
\r
- $memberid = $this->getID();\r
+ $memberid = intval($this->getID());\r
if(!$memberid) $memberid=0; //guest\r
\r
if($this->isadmin()) {\r
function getAllowedAlbumsids() {\r
$allowed_albums = array();\r
\r
- $memberid = $this->getID();\r
+ $memberid = intval($this->getID());\r
if(!$memberid) $memberid=0; //guest\r
\r
if($this->isadmin()) {\r
$this->description = stripslashes($this->description);\r
$this->description = addslashes($this->description);\r
sql_query("insert into ".sql_table('plug_gallery_picture')\r
- ." values (NULL, '{$this->title}' , '{$this->description}' , {$this->ownerid} , "\r
- ."NULL , {$this->albumid} , '{$this->filename}' , '{$this->int_filename}' , '{$this->thumb_filename}', '{$this->keywords}' )" );\r
+ ." values (NULL, '{$this->title}' , '{$this->description}' , ".intval($this->ownerid)." , "\r
+ ."NULL , ".intval($this->albumid)." , '".addslashes($this->filename)."' , '".addslashes($this->int_filename)."' , '".addslashes($this->thumb_filename)."', '".addslashes($this->keywords)."' )" );\r
\r
//picture id of most recently added -- could be referenced by calling fuction (or PICTURE->getID()\r
$this->id = mysql_insert_id(); \r
\r
//increment album number of images -- consider rewrite as an album method that actually counts number of images?\r
- sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid = {$this->albumid}");\r
+ sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid = ".intval($this->albumid));\r
} \r
//present, so just update values\r
else { \r
$this->description = stripslashes($this->description);\r
$this->description = addslashes($this->description);\r
sql_query("update ".sql_table('plug_gallery_picture')\r
- ." set title='{$this->title}', "\r
- ."description='{$this->description}', " \r
- ."keywords='{$this->keywords}',"\r
- ."albumid={$this->albumid} "\r
- ."where pictureid={$this->id}" );\r
+ ." set title='".addslashes($this->title)."', "\r
+ ."description='".addslashes($this->description)."', " \r
+ ."keywords='".addslashes($this->keywords)."',"\r
+ ."albumid=".intval($this->albumid)." "\r
+ ."where pictureid=".intval($this->id) );\r
}\r
\r
}\r
\r
function get_data($id) {\r
- $result = sql_query("select a.*, b.mname from ".sql_table('plug_gallery_picture').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.pictureid=$id" );\r
+ $result = sql_query("select a.*, b.mname from ".sql_table('plug_gallery_picture').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.pictureid=".intval($id) );\r
if(mysql_num_rows($result)) {\r
if(mysql_num_rows($result)){\r
$data = mysql_fetch_object($result);\r
if(!$data->mname) $data->mname = 'guest';\r
\r
//get number of views\r
- $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.$data->pictureid);\r
+ $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.intval($data->pictureid));\r
if(mysql_num_rows($res)) {\r
$row = mysql_fetch_object($res);\r
$data->views = $row->views;\r
else $data->views = 0;\r
\r
//get albumtitle for breadcrumb\r
- $res = sql_query('select title from '.sql_table('plug_gallery_album').' where albumid='.$data->albumid);\r
+ $res = sql_query('select title from '.sql_table('plug_gallery_album').' where albumid='.intval($data->albumid));\r
if(mysql_num_rows($res)) {\r
$row = mysql_fetch_object($res);\r
$data->albumtitle = $row->title;\r
else {\r
$so = 'order by '.$sorting[$defaultorder].', pictureid DESC';\r
}\r
- if(!$query) $this->query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.$this->albumid.$so;\r
+ if(!$query) $this->query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.intval($this->albumid).$so;\r
else $this->query = $query;\r
\r
//sql_query('create temporary table temptableview (tempid int unsigned not null auto_increment primary key) '.$this->query);\r
\r
- //$result = sql_query('select tempid from temptableview where pictureid='.$this->id);\r
+ //$result = sql_query('select tempid from temptableview where pictureid='.intval($this->id));\r
//$tid = mysql_fetch_object($result);\r
\r
\r
\r
\r
//next thumb\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid > '.$pid.' '.$so.' '.$sortingascdesc[$sort].' and albumid = '.$this->albumid.' limit 0,1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid > '.intval($pid).' '.$so.' '.$sortingascdesc[$sort].' and albumid = '.intval($this->albumid).' limit 0,1';\r
echo $query;\r
$result = sql_query($query);\r
if(!mysql_num_rows($result)) \r
$this->nextid = $row->pictureid;\r
}\r
//previous thumb\r
- $result = sql_query('select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid < '.$pid.' '.$so.' '.$oppositeorder.' and albumid = '.$albumid.' limit 0,1');\r
+ $result = sql_query('select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid < '.intval($pid).' '.$so.' '.$oppositeorder.' and albumid = '.intval($albumid).' limit 0,1');\r
if(!mysql_num_rows($result)) \r
$this->previous = 0;\r
else {\r
//if someone can figure out a better way of doing this, please do it!\r
\r
//getting forward offset\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$order[$sort];\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$order[$sort];\r
$result = sql_query($query);\r
$i=0;\r
while ($row = mysql_fetch_object($result)){\r
}\r
//next thumb \r
\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$order[$sort].' limit '.$offset.',1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$order[$sort].' limit '.intval($offset).',1';\r
$result = sql_query($query);\r
\r
//echo $query;\r
$this->nextid = $row->pictureid;\r
}\r
//getting backwards offset\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$oppositeorder;\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$oppositeorder;\r
$result = sql_query($query);\r
$i=0;\r
while ($row = mysql_fetch_object($result)){\r
}\r
\r
//previous thumb\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$oppositeorder.' limit '.$offset.',1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$oppositeorder.' limit '.intval($offset).',1';\r
//echo $query;\r
$result = sql_query($query);\r
if(!mysql_num_rows($result)) \r
$returnval['message'] = 'ID is null in PICTURE::delete';\r
return $returnval;\r
}\r
- $query = 'select * from '.sql_table('plug_gallery_picture').' where pictureid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_picture').' where pictureid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) {\r
$returnval['status'] = 'error';\r
if(@ !unlink($NP_BASE_DIR.$row->filename)) echo 'file: '.$row->filename.' could not be deleted<br/>';\r
if(@ !unlink($NP_BASE_DIR.$row->int_filename)) echo 'file: '.$row->int_filename.' could not be deleted<br/>';\r
if(@ !unlink($NP_BASE_DIR.$row->thumb_filename)) echo 'file: '.$row->thumb_filename.' could not be deleted<br/>';\r
- $query = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.$row->pictureid;\r
+ $query = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.intval($row->pictureid);\r
$result2 = mysql_query($query);\r
if(!$result2) {\r
$returnval['status'] = 'error';\r
\r
$manager->loadClass('ITEM');\r
\r
- $query = 'select * from '.sql_table('plug_gallery_promo').' where ppictureid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_promo').' where ppictureid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) {\r
$returnval['status'] = 'error';\r
while ($row = mysql_fetch_object($result) ){\r
ITEM::delete($row->pblogitemid);\r
}\r
- sql_query('delete from '.sql_table('plug_gallery_promo').' where ppictureid='.$id);\r
+ sql_query('delete from '.sql_table('plug_gallery_promo').' where ppictureid='.intval($id));\r
$returnval['status'] = 'success';\r
return $returnval;\r
}\r
}\r
function tagaccept($left,$top,$width,$height,$text){\r
sql_query("INSERT INTO ".sql_table('plug_gallery_picturetag')." ( `pictureid` , `top` , `left` , `height` , `width` , `text` )\r
- VALUES ( '" . $this->id ." ', '" .$top."', '" .$left." ' , '" .$height."' , '" .$width."' , '" .$text."' ); ");\r
+ VALUES ( '" . addslashes($this->id) ." ', '" .addslashes($top)."', '" .addslashes($left)." ' , '" .addslashes($height)."' , '" .addslashes($width)."' , '" .addslashes($text)."' ); ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $this->id . "\"" .\r
"</script>";\r
}\r
\r
function tagdelete(){\r
- sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . $this->id . "' LIMIT 1; ");\r
+ sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . intval($this->id) . "' LIMIT 1; ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $this->id . " \"" .\r
"</script>";\r
if(!$NPG_CONF['viewtime']) $NPG_CONF['viewtime'] = 30 ;\r
$cuttime = $NPG_CONF['viewtime'];\r
//first test for duplicates\r
- $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".($pictureid);\r
//$result = mysql_query($query);\r
//print_r($result);\r
//$numrows= mysql_num_rows($result);\r
//echo $numrows;\r
if(@mysql_num_rows($result)>1){\r
//if theres more than one\r
- $query= 'DELETE FROM '.sql_table('plug_gallery_views').' WHERE vpictureid = $pictureid ORDER BY views LIMIT 1' ;\r
+ $query= 'DELETE FROM '.sql_table('plug_gallery_views').' WHERE vpictureid = '.intval($pictureid).' ORDER BY views LIMIT 1' ;\r
mysql_query($query);\r
}\r
\r
- $query = 'select time from '.sql_table('plug_gallery_views_log')." where ip = '$remoteip' and vlpictureid = $pictureid";\r
+ $query = 'select time from '.sql_table('plug_gallery_views_log')." where ip = '".addslashes($remoteip)."' and vlpictureid = ".intval($pictureid);\r
$result = sql_query($query);\r
if(mysql_num_rows($result)) {\r
$row = mysql_fetch_object($result);\r
- $query2 = 'update '.sql_table('plug_gallery_views_log')." set time = NOW() where ip = '$remoteip' and vlpictureid = $pictureid";\r
+ $query2 = 'update '.sql_table('plug_gallery_views_log')." set time = NOW() where ip = '".addslashes($remoteip)."' and vlpictureid = ".intval($pictureid);\r
$result2 = sql_query($query2);\r
if( ($curtime - (intval($NPG_CONF['viewtime']) * 60) ) > converttimestamp($row->time) ) {\r
- $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".intval($pictureid);\r
$result3 = mysql_query($query3);\r
if(mysql_num_rows($result3))\r
- sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = $pictureid");\r
- else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values ($pictureid, 1)");\r
+ sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = ".intval($pictureid));\r
+ else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values (".intval($pictureid).", 1)");\r
}\r
} else {\r
- $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".intval($pictureid);\r
$result3 = mysql_query($query3);\r
if(mysql_num_rows($result3))\r
- sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = $pictureid");\r
- else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values ($pictureid, 1)");\r
- sql_query('insert into '.sql_table('plug_gallery_views_log')." (vlpictureid, ip, time) values ($pictureid, '$remoteip', NULL)");\r
+ sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = ".intval($pictureid));\r
+ else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values (".intval($pictureid).", 1)");\r
+ sql_query('insert into '.sql_table('plug_gallery_views_log')." (vlpictureid, ip, time) values (".intval($pictureid).", '".addslashes($remoteip)."', NULL)");\r
} \r
\r
}\r
function parse_tooltip() {\r
//get picture tag infor\r
$gid = requestVar('id');\r
- $res = sql_query('select * from '.sql_table('plug_gallery_picturetag').' where pictureid= '. $gid .' ');\r
+ $res = sql_query('select * from '.sql_table('plug_gallery_picturetag').' where pictureid= '. intval($gid) .' ');\r
$numrows = @mysql_num_rows($res);\r
echo "<div id=\"tooltip2\">";\r
for ($i=0 ; $i<$numrows;$i++) {\r
$this->section = array();\r
if($this->existsID($this->id)) {\r
$this->readall();\r
- $query = 'select * from '.sql_table('plug_gallery_template_desc').' where tdid='.$this->id;\r
+ $query = 'select * from '.sql_table('plug_gallery_template_desc').' where tdid='.intval($this->id);\r
$res = sql_query($query);\r
$row = mysql_fetch_object($res);\r
$this->name = stripslashes($row->tdname);\r
$query = 'UPDATE '.sql_table('plug_gallery_template_desc').' SET'\r
. " tdname='" . addslashes($name) . "',"\r
. " tddesc='" . addslashes($desc) . "'"\r
- . " WHERE tdid=" . $this->getID();\r
+ . " WHERE tdid=" . intval($this->getID());\r
sql_query($query); \r
}\r
\r
}\r
}\r
\r
- function deleteallparts() { sql_query('DELETE FROM '.sql_table('plug_gallery_template').' WHERE tdesc='.$this->getID()); }\r
+ function deleteallparts() { sql_query('DELETE FROM '.sql_table('plug_gallery_template').' WHERE tdesc='.intval($this->getID())); }\r
\r
function createnew($name,$desc) {\r
sql_query('INSERT INTO '.sql_table('plug_gallery_template_desc')." (tdname, tddesc) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "')");\r
}\r
\r
function gettemplate($type) {\r
+ $type=addslashes($type);\r
$result = mysql_query("select * from ".sql_table('plug_gallery_template')." where name='$type'" );\r
$data = mysql_fetch_assoc($result);\r
$template = stripslashes($data['content']);\r
}\r
\r
function readall() {\r
- $query = 'select * from '.sql_table('plug_gallery_template').' where tdesc='.$this->id;\r
+ $query = 'select * from '.sql_table('plug_gallery_template').' where tdesc='.intval($this->id);\r
$res = sql_query($query);\r
while ($row = mysql_fetch_object($res)){\r
$this->section[$row->name] = stripslashes($row->content);\r
<?php\r
\r
-include('.\..\..\..\..\config.php');\r
-global $DIR_PLUGINS;\r
-include_once ($DIR_PLUGINS.'gallery/config.php');\r
+require_once('./../../../../config.php');\r
+global $member;\r
+if (!($member->isLoggedIn() && $member->isAdmin())) exit('You are not admin.');\r
+include_once (dirname(__FILE__).'/../config.php');\r
\r
//from 0.61a to 0.75\r
global $NPG_CONF;\r
\r
setNPGoption('currentversion',75);\r
\r
-include('np_gallery_update075.php');\r
+include(dirname(__FILE__).'/np_gallery_update075.php');\r
?>\r
<?php\r
\r
-include('./../../../../config.php');\r
-global $DIR_PLUGINS;\r
-include_once ($DIR_PLUGINS.'gallery/config.php');\r
+require_once('./../../../../config.php');\r
+global $member;\r
+if (!($member->isLoggedIn() && $member->isAdmin())) exit('You are not admin.');\r
+include_once (dirname(__FILE__).'/../config.php');\r
\r
//from 0.75 to 0.76\r
global $NPG_CONF;\r
sql_query($query);\r
}\r
\r
-include($DIR_PLUGINS.'gallery/update/default_templates_076.inc');\r
+include(dirname(__FILE__).'/default_templates_076.inc');\r
\r
setNPGoption('currentversion',76);\r
\r
-include('np_gallery_update077.php');\r
+include(dirname(__FILE__).'/np_gallery_update077.php');\r
\r
?>\r
<?php\r
\r
-include('./../../../../config.php');\r
-global $DIR_PLUGINS;\r
-include_once ($DIR_PLUGINS.'gallery/config.php');\r
+require_once('./../../../../config.php');\r
+global $member;\r
+if (!($member->isLoggedIn() && $member->isAdmin())) exit('You are not admin.');\r
+include_once (dirname(__FILE__).'/../config.php');\r
\r
//from 0.77 to 0.80\r
\r
global $NPG_CONF;\r
\r
//add .80 templates -- sircambridge mods\r
-include($DIR_PLUGINS.'gallery/update/default_templates_080.inc');\r
+include(dirname(__FILE__).'/default_templates_080.inc');\r
?>\r
<p>The templates included with 0.8 use a different css technique to display the album thumbnails. To use these templates, you will need to add the three graphics files (shadow.gif, shadow2.png, shadow2.gif) to your skin directory. Then add the following lines to your css file. You will need to modify the location of the image files (bolded) to match your installation.</p>\r
<hr />\r