From 87d221ea5d19e8ed32110452c4a94dae1d1764d2 Mon Sep 17 00:00:00 2001
From: e107steved <steved@e107.org>
Date: Fri, 5 Dec 2008 22:01:25 +0000
Subject: [PATCH] Bugtracker #4437 - image admin setting now says what it
 means, and does what it says. Plus admin logging on images admin, a few new
 features on img bbcode

---
 e107_admin/image.php                          | 149 +++++++++++-------
 e107_files/bbcode/img.bb                      | 143 +++++++++++------
 e107_languages/English/admin/lan_image.php    |  17 +-
 .../English/admin/lan_log_messages.php        |  12 +-
 4 files changed, 202 insertions(+), 119 deletions(-)

diff --git a/e107_admin/image.php b/e107_admin/image.php
index 378d3223f..4ed26feb2 100644
--- a/e107_admin/image.php
+++ b/e107_admin/image.php
@@ -11,8 +11,8 @@
 |     GNU General Public License (http://gnu.org).
 |
 |     $Source: /cvs_backup/e107_0.8/e107_admin/image.php,v $
-|     $Revision: 1.4 $
-|     $Date: 2007-12-07 19:53:26 $
+|     $Revision: 1.5 $
+|     $Date: 2008-12-05 22:01:11 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
@@ -27,74 +27,115 @@ require_once(e_HANDLER."form_handler.php");
 require_once(e_HANDLER."userclass_class.php");
 $rs = new form;
 
-if (isset($_POST['delete'])) {
-	$image = $_POST['filename'];
+if (isset($_POST['delete'])) 
+{
+	$image = $tp->toDB($_POST['filename']);
 	@unlink(e_FILE."public/avatars/".$image);
-	$sql->db_Update("user", "user_image='' WHERE user_image='-upload-$image'");
-	$sql->db_Update("user", "user_sess='' WHERE user_sess='$image'");
+	$sql->db_Update("user", "user_image='' WHERE user_image='-upload-{$image}'");
+	$sql->db_Update("user", "user_sess='' WHERE user_sess='{$image}'");
+	$admin_log->log_event('IMALAN_01',$image,E_LOG_INFORMATIVE,'');
 	$message = $image." ".IMALAN_28;
 }
 
-if (isset($_POST['deleteall'])) {
+
+if (isset($_POST['deleteall'])) 
+{
 	$handle = opendir(e_FILE."public/avatars/");
-	while ($file = readdir($handle)) {
-		if ($file != '.' && $file != '..' && $file != "index.html" && $file != "null.txt" && $file != '/' && $file != 'CVS' && $file != 'Thumbs.db') {
+	while ($file = readdir($handle)) 
+	{
+		if ($file != '.' && $file != '..' && $file != "index.html" && $file != "null.txt" && $file != '/' && $file != 'CVS' && $file != 'Thumbs.db') 
+		{
 			$dirlist[] = $file;
 		}
 	}
 	closedir($handle);
 	$count = 0;
-	while (list($key, $image_name) = each($dirlist)) {
-		if (!$sql->db_Select("user", "*", "user_image='-upload-$image_name' OR user_sess='$image_name'")) {
+	$imgList = '';
+	while (list($key, $image_name) = each($dirlist)) 
+	{
+		if (!$sql->db_Select("user", "*", "user_image='-upload-{$image_name}' OR user_sess='{$image_name}'")) 
+		{
 			unlink(e_FILE."public/avatars/".$image_name);
 			$count ++;
+			$imgList .= '[!br!]'.$image_name;
 		}
 	}
 	$message = $count." ".IMALAN_26;
+	$admin_log->log_event('IMALAN_02',$message.$imgList,E_LOG_INFORMATIVE,'');
+	unset($imgList);
 }
 
-if (isset($_POST['avdelete'])) {
+
+if (isset($_POST['avdelete'])) 
+{
 	require_once(e_HANDLER."avatar_handler.php");
+	$avList = array();
 	foreach($_POST['avdelete'] as $key => $val)
 	{
-		$key = $tp->toDB($key); // We only need the key
-		if ($sql->db_Select("user", "*", "user_id='$key'")) {
+		$key = intval($key); // We only need the key
+		if ($sql->db_Select("user", 'user_id, user_name, user_image', "user_id='{$key}'")) 
+		{
 			$row = $sql->db_Fetch();
-			extract($row);
-			$avname=avatar($user_image);
+			$avname=avatar($row['user_image']);
 			if (strpos($avname,"http://")===FALSE) 
 			{ // Internal file, so unlink it
 				@unlink($avname);
 			}
-			$sql->db_Update("user","user_image='' WHERE user_id='$key'");
-			$message = IMALAN_51.$user_name." ".IMALAN_28;
+			$sql->db_Update("user","user_image='' WHERE user_id='{$key}'");
+			$message = IMALAN_51.$row['user_name']." ".IMALAN_28;
+			$avList[] = $key.':'.$row['user_name'].':'.$row['user_image'];
 		}
 	}
+	$admin_log->log_event('IMALAN_03',implode('[!br!]',$avList),E_LOG_INFORMATIVE,'');
+	unset($avList);
 	$_POST['check_avatar_sizes'] = TRUE;	// Force size recheck after doing one or more deletes
 }
 
-if (isset($_POST['update_options'])) {
-	$pref['image_post'] = $_POST['image_post'];
-	$pref['resize_method'] = $_POST['resize_method'];
-	$pref['im_path'] = trim($tp->toDB($_POST['im_path']));
-	$pref['image_post_class'] = $_POST['image_post_class'];
-	$pref['image_post_disabled_method'] = $_POST['image_post_disabled_method'];
-	$pref['enable_png_image_fix'] = $_POST['enable_png_image_fix'];
+if (isset($_POST['update_options'])) 
+{
+	unset($temp);
+	$changes = array();
+	$temp['image_post'] = intval($_POST['image_post']);
+	$temp['resize_method'] = $_POST['resize_method'];
+	$temp['im_path'] = trim($tp->toDB($_POST['im_path']));
+	$temp['image_post_class'] = intval($_POST['image_post_class']);
+	$temp['image_post_disabled_method'] = intval($_POST['image_post_disabled_method']);
+	$temp['enable_png_image_fix'] = intval($_POST['enable_png_image_fix']);
 
-	save_prefs();
-	$message = IMALAN_9;
+	foreach ($temp as $k => $v)
+	{
+		if ($v != $pref[$k])
+		{
+			$pref[$k] = $v;
+			$changes[] = $k.'=>'.$v;
+		}
+	}
+	if (count($changes))
+	{
+		save_prefs();
+		$admin_log->log_event('IMALAN_04',implode('[!br!]',$changes),E_LOG_INFORMATIVE,'');
+		$message = IMALAN_9;
+	}
+	else
+	{
+		$message = IMALAN_20;
+	}
+	unset($changes);
 }
 
-if (isset($message)) {
+
+if (isset($message)) 
+{
 	$ns->tablerender("", "<div style='text-align:center'><b>".$message."</b></div>");
 }
 
 
-if (isset($_POST['show_avatars'])) {
-
+if (isset($_POST['show_avatars'])) 
+{
 	$handle = opendir(e_FILE."public/avatars/");
 	while ($file = readdir($handle)) {
-		if ($file != '.' && $file != '..' && $file != "index.html" && $file != "null.txt" && $file != '/' && $file != 'CVS' && $file != 'Thumbs.db' && !is_dir($file)) {
+		if ($file != '.' && $file != '..' && $file != "index.html" && $file != "null.txt" && $file != '/' && $file != 'CVS' && $file != 'Thumbs.db' && !is_dir($file)) 
+		{
 			$dirlist[] = $file;
 		}
 	}
@@ -102,13 +143,14 @@ if (isset($_POST['show_avatars'])) {
 
 	$text = "<div style='text-align:center'>\n";
 
-	if (!is_array($dirlist)) {
+	if (!is_array($dirlist)) 
+	{
 		$text .= IMALAN_29;
-	} else {
-
-
-
-		while (list($key, $image_name) = each($dirlist)) {
+	} 
+	else 
+	{
+		while (list($key, $image_name) = each($dirlist)) 
+		{
 			$users = IMALAN_21." | ";
 			if ($sql->db_Select("user", "*", "user_image='-upload-$image_name' OR user_sess='$image_name'")) {
 				while ($row = $sql->db_Fetch()) {
@@ -158,8 +200,8 @@ if (isset($_POST['show_avatars'])) {
 	$ns->tablerender(IMALAN_18, $text);
 }
 
-if (isset($_POST['check_avatar_sizes'])) {
-	//
+if (isset($_POST['check_avatar_sizes'])) 
+{
 	// Set up to track what we've done
 	//
 	$iUserCount  = 0;
@@ -186,9 +228,9 @@ if (isset($_POST['check_avatar_sizes'])) {
 	//
 	$iUserCount = $sql->db_Count("user");
 	if ($sql->db_Select("user", "*", "user_image!=''")) {
-		while ($row = $sql->db_Fetch()) {
+		while ($row = $sql->db_Fetch()) 
+		{
 			extract($row);
-	
 	//
 	// Check size
 	//
@@ -324,25 +366,7 @@ $text = "<div style='text-align:center'>
 	".IMALAN_10."<br />
 	<span class='smalltext'>".IMALAN_11."</span>
 	</td>
-	<td style='width:25%;text-align:center' class='forumheader3' >
-
-
-	<select class='tbox' name='image_post_class'>
-	<option value='".e_UC_PUBLIC."'".($pref['image_post_class'] == e_UC_PUBLIC ? " selected='selected'" : "").">".IMALAN_30."</option>
-	<option value='".e_UC_GUEST."'".($pref['image_post_class'] == e_UC_GUEST ? " selected='selected'" : "").">".IMALAN_31."</option>
-	<option value='".e_UC_MEMBER."'".($pref['image_post_class'] == e_UC_MEMBER ? " selected='selected'" : "").">".IMALAN_32."</option>
-	<option value='".e_UC_ADMIN."'".($pref['image_post_class'] == e_UC_ADMIN ? " selected='selected'" : "").">".IMALAN_33."</option>\n";
-
-
-if ($sql->db_Select("userclass_classes")) {
-	while ($row = $sql->db_Fetch()) {
-		extract($row);
-		$text .= "<option value='".$userclass_id."'".($pref['image_post_class'] == $userclass_id ? " selected='selected'" : "").">$userclass_name</option>\n";
-	}
-}
-$text .= "</select>
-
-	</td>
+	<td style='width:25%;text-align:center' class='forumheader3' >".r_userclass('image_post_class',$pref['image_post_class'],"off","public,guest,nobody,member,admin,main,classes")."</td>
 	</tr>
 
 	<tr>
@@ -351,7 +375,10 @@ $text .= "</select>
 	<span class='smalltext'>".IMALAN_13."</span>
 	</td>
 	<td style='width:25%;text-align:center' class='forumheader3' >
-	<select name='image_post_disabled_method' class='tbox'>". ($pref['image_post_disabled_method'] == "0" ? "<option value='1' selected='selected'>".IMALAN_14."</option>" : "<option value='0'>".IMALAN_14."</option>"). ($pref['image_post_disabled_method'] == "1" ? "<option value='1' selected='selected'>".IMALAN_15."</option>" : "<option value='1'>".IMALAN_15."</option>")."
+	<select name='image_post_disabled_method' class='tbox'>". 
+	($pref['image_post_disabled_method'] == "0" ? "<option value='0' selected='selected'>".IMALAN_14."</option>" : "<option value='0'>".IMALAN_14."</option>"). 
+	($pref['image_post_disabled_method'] == "1" ? "<option value='1' selected='selected'>".IMALAN_19."</option>" : "<option value='1'>".IMALAN_19."</option>").
+	($pref['image_post_disabled_method'] == "2" ? "<option value='2' selected='selected'>".IMALAN_15."</option>" : "<option value='2'>".IMALAN_15."</option>")."
 	</select></td>
 	</tr>
 
diff --git a/e107_files/bbcode/img.bb b/e107_files/bbcode/img.bb
index 4a11e37cc..d1a6155a0 100644
--- a/e107_files/bbcode/img.bb
+++ b/e107_files/bbcode/img.bb
@@ -1,24 +1,41 @@
-global $pref;
+// General purpose image bbcode. As well as the obvious insertion of a picture:
+// 	a) if filname begins with 'th_' or 'thumb_', creates link to main image opening in new window
+//	b) If filename contains '*', treats it as a wildcard, and displays a random image from all matching file names found
+//
+// Can use simple classes for float - e.g.:
+// .floatleft {clear: right; float: left; margin: 0px 5px 5px 0px; padding:2px; border: 0px;}
+// .floatright {clear: left; float: right; margin: 0px 0px 0px 5px; padding:2px; border: 0px;}
+// Currently defaults class to 'floatnone' - overridden by bbcode
+
+if (trim($code_text) == "") return ""; 						// Do nothing on empty file
 if (preg_match("#\.php\?.*#",$code_text)){return "";}
-global $IMAGES_DIRECTORY, $FILES_DIRECTORY, $e107;
+$addlink = FALSE;
+
+global $pref;
+
+
 $search = array('"', '{E_IMAGE}', '{E_FILE}', '{e_IMAGE}', '{e_FILE}');
-$replace = array('&#039;', $e107->base_path.$IMAGES_DIRECTORY, $e107->base_path.$FILES_DIRECTORY, $e107->base_path.$IMAGES_DIRECTORY, $e107->base_path.$FILES_DIRECTORY);
-$code_text = str_replace($search, $replace, $code_text);
+$replace = array('&#039;', e_IMAGE_ABS, e_FILE_ABS, e_IMAGE_ABS, e_FILE_ABS);
+$replaceInt = array('&#039;', e_IMAGE, e_FILE, e_IMAGE, e_FILE);
+$intName = str_replace($search, $replaceInt, $code_text);			// Server-relative file names
 unset($imgParms);
-$imgParms['class']="bbcode";  
+//$imgParms['class']="bbcode";  
+$imgParms['class']='floatnone';		// This will be overridden if a new class is specified
 $imgParms['alt']='';
 
+$code_text = str_replace($search, $replace, $code_text);
 $code_text = $tp -> toAttribute($code_text);
+$img_file = pathinfo($code_text);		// 'External' file name. N.B. - might still contain a constant such as e_IMAGE
 
 if($parm)
 {
-  $parm = preg_replace('#onerror *=#i','',$parm);
-  $parm = str_replace("amp;", "&", $parm);
-  parse_str($parm,$tmp);
-  foreach($tmp as $p => $v)
-  {
-	$imgParms[$p]=$v;
-  }
+	$parm = preg_replace('#onerror *=#i','',$parm);
+	$parm = str_replace("amp;", "&", $parm);
+	parse_str($parm,$tmp);
+	foreach($tmp as $p => $v)
+	{
+		$imgParms[$p]=$v;
+	}
 }
 $parmStr="";
 foreach($imgParms as $k => $v)
@@ -26,48 +43,76 @@ foreach($imgParms as $k => $v)
   $parmStr .= $tp -> toAttribute($k)."='".$tp -> toAttribute($v)."' ";
 }
 
-// Only look for file if not a url - suspected bug in PHP 5.2.5 on XP
-if((strpos($code_text,'../') === FALSE) && (strpos($code_text,'://') === FALSE) && file_exists(e_IMAGE."newspost_images/".$code_text))
+
+
+// Select a random file if required
+if (strpos($img_file['basename'],'*') !== FALSE)
 {
-  $code_text = e_IMAGE."newspost_images/".$code_text;
+	$fileList = array();
+	$intFile = pathinfo($intName);		// N.B. - might still contain a constant such as e_IMAGE
+	$matchString = '#'.str_replace('*','.*?',$intFile['basename']).'#';
+	$dirName = $tp->replaceConstants($intFile['dirname'].'/');			// we want server-relative directory
+	if (($h = opendir($dirName)) !== FALSE)
+	{
+		while (($f = readdir($h)) !== FALSE)
+		{
+			if (preg_match($matchString,$f))
+			{
+				$fileList[] = $f;		// Just need to note file names
+			}
+		}
+		closedir($h);
+	}
+	else
+	{
+		echo "Error opening directory: {$dirName}<br />";
+		return '';
+	}
+	if (count($fileList))
+	{
+		$img_file['basename'] = $fileList[mt_rand(0,count($fileList)-1)];		// Just change name of displayed file - no change on directory
+		$code_text = $img_file['dirname']."/".$img_file['basename'];
+	}
+	else
+	{
+		echo 'No file: '.$code_text;
+		return '';
+	}
 }
 
-if (!$postID || $postID == 'admin')
+
+// Check for whether we can display image down here - so we can show image name if appropriate
+if (!varsettrue($pref['image_post']) || !check_class($pref['image_post_class']))
 {
-  return "<img src='".$code_text."' {$parmStr} />";
+	switch ($pref['image_post_disabled_method'])
+	{
+		case '1' :
+			return CORE_LAN17;
+		case '2' :
+			return '';
+	}
+	return CORE_LAN18.$code_text;
+}
+
+
+// Check for link to main image if required
+if (strpos($img_file['basename'],'th_') === 0)
+{
+  $addlink = TRUE;
+  $main_name = $img_file['dirname']."/".substr($img_file['basename'],3);     // delete the 'th' prefix from file name
+}
+elseif (strpos($img_file['basename'],'thumb_') === 0)
+{
+  $addlink = TRUE;
+  $main_name = $img_file['dirname']."/".substr($img_file['basename'],6);     // delete the 'thumb' prefix from file name
+}
+
+
+if ($addlink)
+{
+  return "<a href='".$main_name."' rel='external'><img src='".$code_text."' {$parmStr} /></a>";
 }
 else
 {
-  if ($pref['image_post'])
-  {
-	if(strstr($postID,'class:'))
-	{
-	  $uc = substr($postID,6);
-	  $can_show = check_class($pref['image_post_class'],$uc);
-	}
-	else
-	{
-	  $uc = $postID;
-	  $can_show = check_class($pref['image_post_class'],'',$uc);
-	}
-    if ($can_show)
-	{
-	  return "<img src='".$code_text."' {$parmStr} />";
-	}
-	else
-	{
-	  return ($pref['image_post_disabled_method'] ? CORE_LAN17 : CORE_LAN18.$code_text);
-	}
-  }
-  else
-  {
-    if ($pref['image_post_disabled_method'])
-	{
-	  return CORE_LAN17;
-    }
-	else
-	{
-	  return CORE_LAN18.$code_text;
-	}
-  }
+  return "<img src='".$code_text."' {$parmStr} />";
 }
diff --git a/e107_languages/English/admin/lan_image.php b/e107_languages/English/admin/lan_image.php
index 0d6d65db6..379d1d33c 100644
--- a/e107_languages/English/admin/lan_image.php
+++ b/e107_languages/English/admin/lan_image.php
@@ -4,13 +4,13 @@
 |     e107 website system - Language File.
 |
 |     $Source: /cvs_backup/e107_0.8/e107_languages/English/admin/lan_image.php,v $
-|     $Revision: 1.3 $
-|     $Date: 2007-05-06 20:52:48 $
+|     $Revision: 1.4 $
+|     $Date: 2008-12-05 22:01:25 $
 |     $Author: e107steved $
 +----------------------------------------------------------------------------+
 */
-define("IMALAN_1", "Enable image posting");
-define("IMALAN_2", "Display images, this will apply sitewide (comments, chatbox etc)");
+define("IMALAN_1", "Enable image display");
+define("IMALAN_2", "Display images, this will apply sitewide (comments, chatbox etc) to images posted using the [img] bbcode");
 define("IMALAN_3", "Resize method");
 define("IMALAN_4", "Method used to resize images, either GD1/2 library, or ImageMagick");
 define("IMALAN_5", "Path to ImageMagick (if selected)");
@@ -18,16 +18,17 @@ define("IMALAN_6", "Full path to ImageMagick Convert utility");
 define("IMALAN_7", "Image Settings");
 define("IMALAN_8", "Update Image Settings");
 define("IMALAN_9", "Image settings updated");
-define("IMALAN_10", "Image posting class");
-define("IMALAN_11", "Restrict users who can post images (if enabled above)");
+define("IMALAN_10", "Image display class");
+define("IMALAN_11", "Restrict users who can view images (if enabled above)");
 define("IMALAN_12", "Disabled image method");
-define("IMALAN_13", "What to do with posted images if image posting is disabled");
+define("IMALAN_13", "What to do with images if image display is disabled");
 define("IMALAN_14", "Show image URL");
 define("IMALAN_15", "Show nothing");
 define("IMALAN_16", "Show uploaded avatars");
 define("IMALAN_17", "Click here");
 define("IMALAN_18", "Uploaded images");
-
+define("IMALAN_19", "Show 'disabled' message");
+define('IMALAN_20', 'Nothing changed');
 define("IMALAN_21", "Used by");
 define("IMALAN_22", "Image not in use");
 define("IMALAN_23", "Avatar");
diff --git a/e107_languages/English/admin/lan_log_messages.php b/e107_languages/English/admin/lan_log_messages.php
index 16828b555..89312a78f 100644
--- a/e107_languages/English/admin/lan_log_messages.php
+++ b/e107_languages/English/admin/lan_log_messages.php
@@ -1,6 +1,6 @@
 <?php
 // e107 Language File.
-// $Id: lan_log_messages.php,v 1.22 2008-11-02 21:02:30 e107steved Exp $
+// $Id: lan_log_messages.php,v 1.23 2008-12-05 22:01:25 e107steved Exp $
 
 /*
 The definitions in this file are for standard 'explanatory' messages which might be entered
@@ -209,5 +209,15 @@ define('LAN_AL_BANNER_03','Banner updated');
 define('LAN_AL_BANNER_04','Banner deleted');
 define('LAN_AL_BANNER_05','');
 
+// Image management
+//-----------------
+define('LAN_AL_IMALAN_00','Unknown image-related message');
+define('LAN_AL_IMALAN_01','Avatar deleted');
+define('LAN_AL_IMALAN_02','All avatars and photos deleted');
+define('LAN_AL_IMALAN_03','Avatar deleted');
+define('LAN_AL_IMALAN_04','Settings updated');
+define('LAN_AL_IMALAN_05','');
+define('LAN_AL_IMALAN_06','');
+
 
 ?>