4images PHP Cross Reference Image Galleries

Source: /details.php - 579 lines - 28703 bytes - Summary - Text - Print

   1  <?php
   2  /**************************************************************************
   3   *                                                                        *
   4   *    4images - A Web Based Image Gallery Management System               *
   5   *    ----------------------------------------------------------------    *
   6   *                                                                        *
   7   *             File: details.php                                          *
   8   *        Copyright: (C) 2002-2012 Jan Sorgalla                           *
   9   *            Email: jan@4homepages.de                                    *
  10   *              Web: http://www.4homepages.de                             *
  11   *    Scriptversion: 1.7.11                                               *
  12   *                                                                        *
  13   *    Never released without support from: Nicky (http://www.nicky.net)   *
  14   *                                                                        *
  15   **************************************************************************
  16   *                                                                        *
  17   *    Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz-       *
  18   *    bedingungen (Lizenz.txt) für weitere Informationen.                 *
  19   *    ---------------------------------------------------------------     *
  20   *    This script is NOT freeware! Please read the Copyright Notice       *
  21   *    (Licence.txt) for further information.                              *
  22   *                                                                        *
  23   *************************************************************************/
  24  
  25  $main_template = 'details';
  26  
  27  define('GET_CACHES', 1);
  28  define('ROOT_PATH', './');
  29  define('MAIN_SCRIPT', __FILE__);
  30  include (ROOT_PATH.'global.php');
  31  require (ROOT_PATH.'includes/sessions.php');
  32  $user_access = get_permission();
  33  include (ROOT_PATH.'includes/page_header.php');
  34  
  35  if (!$image_id) {
  36      redirect($url);
  37  }
  38  
  39  $additional_sql = "";
  40  if (!empty($additional_image_fields)) {
  41    foreach ($additional_image_fields as $key => $val) {
  42      $additional_sql .= ", i.".$key;
  43    }
  44  }
  45  
  46  $sql = "SELECT i.image_id, i.cat_id, i.user_id, i.image_name, i.image_description, i.image_keywords, i.image_date, i.image_active, i.image_media_file, i.image_thumb_file, i.image_download_url, i.image_allow_comments, i.image_comments, i.image_downloads, i.image_votes, i.image_rating, i.image_hits".$additional_sql.", c.cat_name".get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email")."
  47          FROM (".IMAGES_TABLE." i,  ".CATEGORIES_TABLE." c)
  48          LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = i.user_id)
  49          WHERE i.image_id = $image_id AND i.image_active = 1 AND c.cat_id = i.cat_id";
  50  $image_row = $site_db->query_firstrow($sql);
  51  $cat_id = (isset($image_row['cat_id'])) ? $image_row['cat_id'] : 0;
  52  $is_image_owner = ($image_row['user_id'] > USER_AWAITING && $user_info['user_id'] == $image_row['user_id']) ? 1 : 0;
  53  
  54  if (!check_permission("auth_viewcat", $cat_id) || !check_permission("auth_viewimage", $cat_id) || !$image_row) {
  55    redirect($url);
  56  }
  57  
  58  $random_cat_image = (defined("SHOW_RANDOM_IMAGE") && SHOW_RANDOM_IMAGE == 0) ? "" : get_random_image($cat_id);
  59  $site_template->register_vars("random_cat_image", $random_cat_image);
  60  unset($random_cat_image);
  61  
  62  //-----------------------------------------------------
  63  //--- Show Image --------------------------------------
  64  //-----------------------------------------------------
  65  $image_allow_comments = (check_permission("auth_readcomment", $cat_id)) ? $image_row['image_allow_comments'] : 0;
  66  $image_name = format_text($image_row['image_name'], 2);
  67  show_image($image_row, $mode, 0, 1);
  68  
  69  
  70      //--- SEO variables -------------------------------
  71  
  72      $meta_keywords  = !empty($image_row['image_keywords']) ? strip_tags(implode(", ", explode(",", $image_row['image_keywords']))) : "";
  73      $meta_description = !empty($image_row['image_description']) ? strip_tags($image_row['image_description']) . ". " : "";
  74  
  75      $site_template->register_vars(array(
  76              "detail_meta_description"   => $meta_description,
  77              "detail_meta_keywords"      => $meta_keywords,
  78              "prepend_head_title"        => $image_name . " - ",
  79              ));
  80  
  81  
  82  $in_mode = 0;
  83  
  84  $sql = "";
  85  if ($mode == "lightbox") {
  86    if (!empty($user_info['lightbox_image_ids'])) {
  87      $image_id_sql = str_replace(" ", ", ", trim($user_info['lightbox_image_ids']));
  88      $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
  89              FROM ".IMAGES_TABLE."
  90              WHERE image_active = 1 AND image_id IN ($image_id_sql) AND (cat_id NOT IN (".get_auth_cat_sql("auth_viewimage", "NOTIN").", ".get_auth_cat_sql("auth_viewcat", "NOTIN")."))
  91              ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
  92      $in_mode = 1;
  93    }
  94  }
  95  elseif ($mode == "search") {
  96    if (!isset($session_info['searchid']) || empty($session_info['searchid'])) {
  97      $session_info['search_id'] = $site_sess->get_session_var("search_id");
  98    }
  99  
 100    if (!empty($session_info['search_id'])) {
 101      $search_id = unserialize($session_info['search_id']);
 102    }
 103  
 104    $sql_where_query = "";
 105  
 106    if (!empty($search_id['image_ids'])) {
 107      $sql_where_query .= "AND image_id IN (".$search_id['image_ids'].") ";
 108    }
 109  
 110    if (!empty($search_id['user_ids'])) {
 111      $sql_where_query .= "AND user_id IN (".$search_id['user_ids'].") ";
 112    }
 113  
 114    if (!empty($search_id['search_new_images']) && $search_id['search_new_images'] == 1) {
 115      $new_cutoff = time() - 60 * 60 * 24 * $config['new_cutoff'];
 116      $sql_where_query .= "AND image_date >= $new_cutoff ";
 117    }
 118  
 119    if (!empty($search_id['search_cat']) && $search_id['search_cat'] != 0) {
 120      $cat_id_sql = 0;
 121      if (check_permission("auth_viewcat", $search_id['search_cat'])) {
 122        $sub_cat_ids = get_subcat_ids($search_id['search_cat'], $search_id['search_cat'], $cat_parent_cache);
 123        $cat_id_sql .= ", ".$search_id['search_cat'];
 124        if (!empty($sub_cat_ids[$search_id['search_cat']])) {
 125          foreach ($sub_cat_ids[$search_id['search_cat']] as $val) {
 126            if (check_permission("auth_viewcat", $val)) {
 127              $cat_id_sql .= ", ".$val;
 128            }
 129          }
 130        }
 131      }
 132      $cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id IN ($cat_id_sql)" : "";
 133    }
 134    else {
 135      $cat_id_sql = get_auth_cat_sql("auth_viewcat", "NOTIN");
 136      $cat_id_sql = $cat_id_sql !== 0 ? "AND cat_id NOT IN (".$cat_id_sql.")" : "";
 137    }
 138  
 139    if (!empty($sql_where_query)) {
 140      $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
 141              FROM ".IMAGES_TABLE."
 142              WHERE image_active = 1
 143              $sql_where_query
 144              $cat_id_sql
 145              ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
 146      $in_mode = 1;
 147    }
 148  }
 149  if (!$in_mode || empty($sql)) {
 150    $sql = "SELECT image_id, cat_id, image_name, image_media_file, image_thumb_file
 151            FROM ".IMAGES_TABLE."
 152            WHERE image_active = 1 AND cat_id = $cat_id
 153            ORDER BY ".$config['image_order']." ".$config['image_sort'].", image_id ".$config['image_sort'];
 154  }
 155  $result = $site_db->query($sql);
 156  
 157  $image_id_cache = array();
 158  $next_prev_cache = array();
 159  $break = 0;
 160  $prev_id = 0;
 161  while($row = $site_db->fetch_array($result)) {
 162    $image_id_cache[] = $row['image_id'];
 163    $next_prev_cache[$row['image_id']] = $row;
 164    if ($break) {
 165      break;
 166    }
 167    if ($prev_id == $image_id) {
 168      $break = 1;
 169    }
 170    $prev_id = $row['image_id'];
 171  }
 172  $site_db->free_result();
 173  
 174  if (!function_exists("array_search")) {
 175    function array_search($needle, $haystack) {
 176      $match = false;
 177      foreach ($haystack as $key => $value) {
 178        if ($value == $needle) {
 179          $match = $key;
 180        }
 181      }
 182      return $match;
 183    }
 184  }
 185  
 186  $act_key = array_search($image_id, $image_id_cache);
 187  $next_image_id = (isset($image_id_cache[$act_key + 1])) ? $image_id_cache[$act_key + 1] : 0;
 188  $prev_image_id = (isset($image_id_cache[$act_key - 1])) ? $image_id_cache[$act_key - 1] : 0;
 189  unset($image_id_cache);
 190  
 191  // Get next and previous image
 192  if (!empty($next_prev_cache[$next_image_id])) {
 193    $next_image_name = format_text($next_prev_cache[$next_image_id]['image_name'], 2);
 194    $next_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$next_image_id.((!empty($mode)) ? "&amp;mode=".$mode : ""));
 195    if (!get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
 196      $next_image_file = ICON_PATH."/404.gif";
 197    }
 198    else {
 199      $next_image_file = get_file_path($next_prev_cache[$next_image_id]['image_media_file'], "media", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
 200    }
 201    if (!get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 0)) {
 202      $next_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$next_image_id]['image_media_file']).".gif";
 203    }
 204    else {
 205      $next_thumb_file = get_file_path($next_prev_cache[$next_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$next_image_id]['cat_id'], 0, 1);
 206    }
 207  }
 208  else {
 209    $next_image_name = REPLACE_EMPTY;
 210    $next_image_url = REPLACE_EMPTY;
 211    $next_image_file = REPLACE_EMPTY;
 212    $next_thumb_file = REPLACE_EMPTY;
 213  }
 214  
 215  if (!empty($next_prev_cache[$prev_image_id])) {
 216    $prev_image_name = format_text($next_prev_cache[$prev_image_id]['image_name'], 2);
 217    $prev_image_url = $site_sess->url(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$prev_image_id.((!empty($mode)) ? "&amp;mode=".$mode : ""));
 218    if (!get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
 219      $prev_image_file = ICON_PATH."/404.gif";
 220    }
 221    else {
 222      $prev_image_file = get_file_path($next_prev_cache[$prev_image_id]['image_media_file'], "media", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
 223    }
 224    if (!get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 0)) {
 225      $prev_thumb_file = ICON_PATH."/".get_file_extension($next_prev_cache[$prev_image_id]['image_media_file']).".gif";
 226    }
 227    else {
 228      $prev_thumb_file = get_file_path($next_prev_cache[$prev_image_id]['image_thumb_file'], "thumb", $next_prev_cache[$prev_image_id]['cat_id'], 0, 1);
 229    }
 230  }
 231  else {
 232    $prev_image_name = REPLACE_EMPTY;
 233    $prev_image_url = REPLACE_EMPTY;
 234    $prev_image_file = REPLACE_EMPTY;
 235    $prev_thumb_file = REPLACE_EMPTY;
 236  }
 237  
 238  $site_template->register_vars(array(
 239    "next_image_id" => $next_image_id,
 240    "next_image_name" => $next_image_name,
 241    "next_image_url" => $next_image_url,
 242    "next_image_file" => $next_image_file,
 243    "next_thumb_file" => $next_thumb_file,
 244    "prev_image_id" => $prev_image_id,
 245    "prev_image_name" => $prev_image_name,
 246    "prev_image_url" => $prev_image_url,
 247    "prev_image_file" => $prev_image_file,
 248    "prev_thumb_file" => $prev_thumb_file
 249  ));
 250  unset($next_prev_cache);
 251  
 252  //-----------------------------------------------------
 253  //--- Save Comment ------------------------------------
 254  //-----------------------------------------------------
 255  $error = 0;
 256  if ($action == "postcomment" && isset($HTTP_POST_VARS[URL_ID])) {
 257    $id = intval($HTTP_POST_VARS[URL_ID]);
 258    $sql = "SELECT cat_id, image_allow_comments
 259            FROM ".IMAGES_TABLE."
 260            WHERE image_id = $id";
 261    $row = $site_db->query_firstrow($sql);
 262  
 263    if ($row['image_allow_comments'] == 0 || !check_permission("auth_postcomment", $row['cat_id']) || !$row) {
 264      $msg = $lang['comments_deactivated'];
 265    }
 266    else {
 267      $user_name = un_htmlspecialchars(trim($HTTP_POST_VARS['user_name']));
 268      $comment_headline = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_headline']));
 269      $comment_text = un_htmlspecialchars(trim($HTTP_POST_VARS['comment_text']));
 270  
 271      $captcha = (isset($HTTP_POST_VARS['captcha'])) ? un_htmlspecialchars(trim($HTTP_POST_VARS['captcha'])) : "";
 272  
 273      // Flood Check
 274      $sql = "SELECT comment_ip, comment_date
 275              FROM ".COMMENTS_TABLE."
 276              WHERE image_id = $id
 277              ORDER BY comment_date DESC
 278              LIMIT 1";
 279      $spam_row = $site_db->query_firstrow($sql);
 280      $spamtime = $spam_row['comment_date'] + 180;
 281  
 282      if ($session_info['session_ip'] == $spam_row['comment_ip'] && time() <= $spamtime && $user_info['user_level'] != ADMIN)  {
 283        $msg .= (($msg != "") ? "<br />" : "").$lang['spamming'];
 284        $error = 1;
 285      }
 286  
 287      $user_name_field = get_user_table_field("", "user_name");
 288      if (!empty($user_name_field)) {
 289        if ($site_db->not_empty("SELECT $user_name_field FROM ".USERS_TABLE." WHERE $user_name_field = '".strtolower($user_name)."' AND ".get_user_table_field("", "user_id")." <> '".$user_info['user_id']."'")) {
 290          $msg .= (($msg != "") ? "<br />" : "").$lang['username_exists'];
 291          $error = 1;
 292        }
 293      }
 294      if ($user_name == "")  {
 295        $msg .= (($msg != "") ? "<br />" : "").$lang['name_required'];
 296        $error = 1;
 297      }
 298      if ($comment_headline == "")  {
 299        $msg .= (($msg != "") ? "<br />" : "").$lang['headline_required'];
 300        $error = 1;
 301      }
 302      if ($comment_text == "")  {
 303        $msg .= (($msg != "") ? "<br />" : "").$lang['comment_required'];
 304        $error = 1;
 305      }
 306  
 307      if ($captcha_enable_comments && !captcha_validate($captcha)) {
 308        $msg .= (($msg != "") ? "<br />" : "").$lang['captcha_required'];
 309        $error = 1;
 310      }
 311  
 312      if (!$error)  {
 313        $sql = "INSERT INTO ".COMMENTS_TABLE."
 314                (image_id, user_id, user_name, comment_headline, comment_text, comment_ip, comment_date)
 315                VALUES
 316                ($id, ".$user_info['user_id'].", '$user_name', '$comment_headline', '$comment_text', '".$session_info['session_ip']."', ".time().")";
 317        $site_db->query($sql);
 318        $commentid = $site_db->get_insert_id();
 319        update_comment_count($id, $user_info['user_id']);
 320        $msg = $lang['comment_success'];
 321        $site_sess->set_session_var("msgdetails", $msg);
 322        redirect(ROOT_PATH."details.php?".URL_IMAGE_ID."=".$image_id.((!empty($mode)) ? "&mode=".$mode : "").(($page > 1) ? "&page=".$page : ""));
 323      }
 324    }
 325    unset($row);
 326    unset($spam_row);
 327  }
 328  
 329  //-----------------------------------------------------
 330  //--- Show Comments -----------------------------------
 331  //-----------------------------------------------------
 332  if ($msgdetails = $site_sess->get_session_var("msgdetails"))
 333  {
 334    $msg .= ($msg !== "" ? "<br />" : "").$msgdetails;
 335    unset($msgdetails);
 336    $site_sess->drop_session_var("msgdetails");
 337  }
 338  
 339  if ($image_allow_comments == 1) {
 340    $site_template->register_vars(array(
 341        "has_rss"   => true,
 342        "rss_title" => "RSS Feed: ".$image_name." (".str_replace(':', '', $lang['comments']).")",
 343        "rss_url"   => $script_url."/rss.php?action=comments&amp;".URL_IMAGE_ID."=".$image_id
 344    ));
 345  
 346    $sql = "SELECT c.comment_id, c.image_id, c.user_id, c.user_name AS comment_user_name, c.comment_headline, c.comment_text, c.comment_ip, c.comment_date".get_user_table_field(", u.", "user_level").get_user_table_field(", u.", "user_name").get_user_table_field(", u.", "user_email").get_user_table_field(", u.", "user_showemail").get_user_table_field(", u.", "user_invisible").get_user_table_field(", u.", "user_joindate").get_user_table_field(", u.", "user_lastaction").get_user_table_field(", u.", "user_comments").get_user_table_field(", u.", "user_homepage").get_user_table_field(", u.", "user_icq")."
 347            FROM ".COMMENTS_TABLE." c
 348            LEFT JOIN ".USERS_TABLE." u ON (".get_user_table_field("u.", "user_id")." = c.user_id)
 349            WHERE c.image_id = $image_id
 350            ORDER BY c.comment_date ASC";
 351    $result = $site_db->query($sql);
 352  
 353    $comment_row = array();
 354    while ($row = $site_db->fetch_array($result)) {
 355      $comment_row[] = $row;
 356    }
 357    $site_db->free_result($result);
 358    $num_comments = sizeof($comment_row);
 359  
 360    if (!$num_comments) {
 361      $comments = "<tr><td class=\"commentrow1\" colspan=\"2\">".$lang['no_comments']."</td></tr>";
 362    }
 363    else {
 364      $comments = "";
 365      $bgcounter = 0;
 366      for ($i = 0; $i < $num_comments; $i++) {
 367        $row_bg_number = ($bgcounter++ % 2 == 0) ? 1 : 2;
 368  
 369        $comment_user_email = "";
 370        $comment_user_email_save = "";
 371        $comment_user_mailform_link = "";
 372        $comment_user_email_button = "";
 373        $comment_user_homepage_button = "";
 374        $comment_user_icq_button = "";
 375        $comment_user_profile_button = "";
 376        $comment_user_status_img = REPLACE_EMPTY;
 377        $comment_user_name = format_text($comment_row[$i]['comment_user_name'], 2);
 378        $comment_user_info = $lang['userlevel_guest'];
 379  
 380        $comment_user_id = $comment_row[$i]['user_id'];
 381  
 382        if (isset($comment_row[$i][$user_table_fields['user_name']]) && $comment_user_id != GUEST) {
 383          $comment_user_name = format_text($comment_row[$i][$user_table_fields['user_name']], 2);
 384  
 385          $comment_user_profile_link = !empty($url_show_profile) ? $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_show_profile)) : $site_sess->url(ROOT_PATH."member.php?action=showprofile&amp;".URL_USER_ID."=".$comment_user_id);
 386          $comment_user_profile_button = "<a href=\"".$comment_user_profile_link."\"><img src=\"".get_gallery_image("profile.gif")."\" border=\"0\" alt=\"".$comment_user_name."\" /></a>";
 387  
 388          $comment_user_status_img = ($comment_row[$i][$user_table_fields['user_lastaction']] >= (time() - 300) && ((isset($comment_row[$i][$user_table_fields['user_invisible']]) && $comment_row[$i][$user_table_fields['user_invisible']] == 0) || $user_info['user_level'] == ADMIN)) ? "<img src=\"".get_gallery_image("user_online.gif")."\" border=\"0\" alt=\"Online\" />" : "<img src=\"".get_gallery_image("user_offline.gif")."\" border=\"0\" alt=\"Offline\" />";
 389  
 390          $comment_user_homepage = (isset($comment_row[$i][$user_table_fields['user_homepage']])) ? format_url($comment_row[$i][$user_table_fields['user_homepage']]) : "";
 391          if (!empty($comment_user_homepage)) {
 392            $comment_user_homepage_button = "<a href=\"".$comment_user_homepage."\" target=\"_blank\"><img src=\"".get_gallery_image("homepage.gif")."\" border=\"0\" alt=\"".$comment_user_homepage."\" /></a>";
 393          }
 394  
 395          $comment_user_icq = (isset($comment_row[$i][$user_table_fields['user_icq']])) ? format_text($comment_row[$i][$user_table_fields['user_icq']]) : "";
 396          if (!empty($comment_user_icq)) {
 397            $comment_user_icq_button = "<a href=\"http://www.icq.com/people/about_me.php?uin=".$comment_user_icq."\" target=\"_blank\"><img src=\"http://status.icq.com/online.gif?icq=".$comment_user_icq."&img=5\" width=\"18\" height=\"18\" border=\"0\" alt=\"".$comment_user_icq."\" /></a>";
 398          }
 399  
 400          if (!empty($comment_row[$i][$user_table_fields['user_email']]) && (!isset($comment_row[$i][$user_table_fields['user_showemail']]) || (isset($comment_row[$i][$user_table_fields['user_showemail']]) && $comment_row[$i][$user_table_fields['user_showemail']] == 1))) {
 401            $comment_user_email = format_text($comment_row[$i][$user_table_fields['user_email']]);
 402            $comment_user_email_save = format_text(str_replace("@", " at ", $comment_row[$i][$user_table_fields['user_email']]));
 403            if (!empty($url_mailform)) {
 404              $comment_user_mailform_link = $site_sess->url(preg_replace("/{user_id}/", $comment_user_id, $url_mailform));
 405            }
 406            else {
 407              $comment_user_mailform_link = $site_sess->url(ROOT_PATH."member.php?action=mailform&amp;".URL_USER_ID."=".$comment_user_id);
 408            }
 409            $comment_user_email_button = "<a href=\"".$comment_user_mailform_link."\"><img src=\"".get_gallery_image("email.gif")."\" border=\"0\" alt=\"".$comment_user_email_save."\" /></a>";
 410          }
 411  
 412          if (!isset($comment_row[$i][$user_table_fields['user_level']]) || (isset($comment_row[$i][$user_table_fields['user_level']]) && $comment_row[$i][$user_table_fields['user_level']] == USER)) {
 413            $comment_user_info = $lang['userlevel_user'];
 414          }
 415          elseif ($comment_row[$i][$user_table_fields['user_level']] == ADMIN) {
 416            $comment_user_info = $lang['userlevel_admin'];
 417          }
 418  
 419          $comment_user_info .= "<br />";
 420          $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_joindate']])) ? "<br />".$lang['join_date']." ".format_date($config['date_format'], $comment_row[$i][$user_table_fields['user_joindate']]) : "";
 421          $comment_user_info .= (isset($comment_row[$i][$user_table_fields['user_comments']])) ? "<br />".$lang['comments']." ".$comment_row[$i][$user_table_fields['user_comments']] : "";
 422        }
 423  
 424        $comment_user_ip = ($user_info['user_level'] == ADMIN) ? $comment_row[$i]['comment_ip'] : "";
 425  
 426        $admin_links = "";
 427        if ($user_info['user_level'] == ADMIN) {
 428          $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=editcomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['edit']."</a>&nbsp;";
 429          $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("comments.php?action=removecomment&amp;comment_id=".$comment_row[$i]['comment_id']))."\" target=\"_blank\">".$lang['delete']."</a>";
 430        }
 431        elseif ($is_image_owner) {
 432          $admin_links .= ($config['user_edit_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editcomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['edit']."</a>&nbsp;";
 433          $admin_links .= ($config['user_delete_comments'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removecomment&amp;".URL_COMMENT_ID."=".$comment_row[$i]['comment_id'])."\">".$lang['delete']."</a>";
 434        }
 435  
 436        $site_template->register_vars(array(
 437          "comment_id" => $comment_row[$i]['comment_id'],
 438          "comment_user_id" => $comment_user_id,
 439          "comment_user_status_img" => $comment_user_status_img,
 440          "comment_user_name" => $comment_user_name,
 441          "comment_user_info" => $comment_user_info,
 442          "comment_user_profile_button" => $comment_user_profile_button,
 443          "comment_user_email" => $comment_user_email,
 444          "comment_user_email_save" => $comment_user_email_save,
 445          "comment_user_mailform_link" => $comment_user_mailform_link,
 446          "comment_user_email_button" => $comment_user_email_button,
 447          "comment_user_homepage_button" => $comment_user_homepage_button,
 448          "comment_user_icq_button" => $comment_user_icq_button,
 449          "comment_user_ip" => $comment_user_ip,
 450          "comment_headline" => format_text($comment_row[$i]['comment_headline'], 0, $config['wordwrap_comments'], 0, 0),
 451          "comment_text" => format_text($comment_row[$i]['comment_text'], $config['html_comments'], $config['wordwrap_comments'], $config['bb_comments'], $config['bb_img_comments']),
 452          "comment_date" => format_date($config['date_format']." ".$config['time_format'], $comment_row[$i]['comment_date']),
 453          "row_bg_number" => $row_bg_number,
 454          "admin_links" => $admin_links
 455        ));
 456        $comments .= $site_template->parse_template("comment_bit");
 457      } // end while
 458    } //end else
 459    $site_template->register_vars("comments", $comments);
 460    unset($comments);
 461  
 462    //-----------------------------------------------------
 463    //--- BBCode & Form -----------------------------------
 464    //-----------------------------------------------------
 465    $allow_posting = check_permission("auth_postcomment", $cat_id);
 466    $bbcode = "";
 467    if ($config['bb_comments'] == 1 && $allow_posting) {
 468      $site_template->register_vars(array(
 469        "lang_bbcode" => $lang['bbcode'],
 470        "lang_tag_prompt" => $lang['tag_prompt'],
 471        "lang_link_text_prompt" => $lang['link_text_prompt'],
 472        "lang_link_url_prompt" => $lang['link_url_prompt'],
 473        "lang_link_email_prompt" => $lang['link_email_prompt'],
 474        "lang_list_type_prompt" => $lang['list_type_prompt'],
 475        "lang_list_item_prompt" => $lang['list_item_prompt']
 476      ));
 477      $bbcode = $site_template->parse_template("bbcode");
 478    }
 479  
 480    if (!$allow_posting) {
 481      $comment_form = "";
 482    }
 483    else {
 484      $user_name = (isset($HTTP_POST_VARS['user_name']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['user_name'])), 2) : (($user_info['user_level'] != GUEST) ? format_text($user_info['user_name'], 2) : "");
 485      $comment_headline = (isset($HTTP_POST_VARS['comment_headline']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_headline'])), 2) : "";
 486      $comment_text = (isset($HTTP_POST_VARS['comment_text']) && $error) ? format_text(trim(stripslashes($HTTP_POST_VARS['comment_text'])), 2) : "";
 487  
 488      $site_template->register_vars(array(
 489        "bbcode" => $bbcode,
 490        "user_name" => $user_name,
 491        "comment_headline" => $comment_headline,
 492        "comment_text" => $comment_text,
 493        "lang_post_comment" => $lang['post_comment'],
 494        "lang_name" => $lang['name'],
 495        "lang_headline" => $lang['headline'],
 496        "lang_comment" => $lang['comment'],
 497        "lang_captcha" => $lang['captcha'],
 498        "lang_captcha_desc" => $lang['captcha_desc'],
 499        "captcha_comments" => (bool)$captcha_enable_comments
 500      ));
 501      $comment_form = $site_template->parse_template("comment_form");
 502    }
 503    $site_template->register_vars("comment_form", $comment_form);
 504    unset($comment_form);
 505  } // end if allow_comments
 506  
 507  // Admin Links
 508  $admin_links = "";
 509  if ($user_info['user_level'] == ADMIN) {
 510    $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=editimage&amp;image_id=".$image_id))."\" target=\"_blank\">".$lang['edit']."</a>&nbsp;";
 511    $admin_links .= "<a href=\"".$site_sess->url(ROOT_PATH."admin/index.php?goto=".urlencode("images.php?action=removeimage&amp;image_id=".$image_id))."\" target=\"_blank\">".$lang['delete']."</a>";
 512  }
 513  elseif ($is_image_owner) {
 514    $admin_links .= ($config['user_edit_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=editimage&amp;".URL_IMAGE_ID."=".$image_id)."\">".$lang['edit']."</a>&nbsp;";
 515    $admin_links .= ($config['user_delete_image'] != 1) ? "" : "<a href=\"".$site_sess->url(ROOT_PATH."member.php?action=removeimage&amp;".URL_IMAGE_ID."=".$image_id)."\">".$lang['delete']."</a>";
 516  }
 517  $site_template->register_vars("admin_links", $admin_links);
 518  
 519  // Update Hits
 520  if ($user_info['user_level'] != ADMIN) {
 521    $sql = "UPDATE ".IMAGES_TABLE."
 522            SET image_hits = image_hits + 1
 523            WHERE image_id = $image_id";
 524    $site_db->query($sql);
 525  }
 526  
 527  //-----------------------------------------------------
 528  //---Clickstream---------------------------------------
 529  //-----------------------------------------------------
 530  $clickstream = "<span class=\"clickstream\"><a href=\"".$site_sess->url(ROOT_PATH."index.php")."\" class=\"clickstream\">".$lang['home']."</a>".$config['category_separator'];
 531  
 532  if ($mode == "lightbox" && $in_mode) {
 533    $page_url = "";
 534   if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
 535      if (!empty($regs[1]) && $regs[1] != 1) {
 536        $page_url = "?".URL_PAGE."=".$regs[1];
 537      }
 538    }
 539    $clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."lightbox.php".$page_url)."\" class=\"clickstream\">".$lang['lightbox']."</a>".$config['category_separator'];
 540  }
 541  elseif ($mode == "search" && $in_mode) {
 542    $page_url = "";
 543    if (preg_match("/".URL_PAGE."=([0-9]+)/", $url, $regs)) {
 544      if (!empty($regs[1]) && $regs[1] != 1) {
 545        $page_url = "&amp;".URL_PAGE."=".$regs[1];
 546      }
 547    }
 548    $clickstream .= "<a href=\"".$site_sess->url(ROOT_PATH."search.php?show_result=1".$page_url)."\" class=\"clickstream\">".$lang['search']."</a>".$config['category_separator'];
 549  }
 550  else {
 551    $clickstream .= get_category_path($cat_id, 1).$config['category_separator'];
 552  }
 553  $clickstream .= $image_name."</span>";
 554  
 555  //-----------------------------------------------------
 556  //--- Print Out ---------------------------------------
 557  //-----------------------------------------------------
 558  $site_template->register_vars(array(
 559    "msg" => $msg,
 560    "clickstream" => $clickstream,
 561    "lang_category" => $lang['category'],
 562    "lang_added_by" => $lang['added_by'],
 563    "lang_description" => $lang['description'],
 564    "lang_keywords" => $lang['keywords'],
 565    "lang_date" => $lang['date'],
 566    "lang_hits" => $lang['hits'],
 567    "lang_downloads" => $lang['downloads'],
 568    "lang_rating" => $lang['rating'],
 569    "lang_votes" => $lang['votes'],
 570    "lang_author" => $lang['author'],
 571    "lang_comment" => $lang['comment'],
 572    "lang_prev_image" => $lang['prev_image'],
 573    "lang_next_image" => $lang['next_image'],
 574    "lang_file_size" => $lang['file_size']
 575  ));
 576  
 577  $site_template->print_template($site_template->parse_template($main_template));
 578  include (ROOT_PATH.'includes/page_footer.php');
 579  ?>

title

Description

title

Description

title

Description

title

title

Body