0) { ?>

".$txt_comment_from."".htmlentities($row["user"])."".$txt_comment_on.$row["datetime"]; if($admin) { echo " | Delete"; } echo "
"; echo nl2br(make_href($row["comment"]))."
"; echo "
"; } } function smallarbo($prfx,$dir) { global $tofz_arbo; $handle=opendir($dir); if($prfx!=""&&$prfx[strlen(prfx)-1]!='/') $prfx.='/'; while ($file = readdir($handle)) { if(!stristr($file,".")) if($file!='.'&&$file!='..'&&$file!='.thumbs') { $f=$dir.'/'.$file; if(is_dir($f)) { $tofz_arbo[]=urlencode($prfx.$file); smallarbo($prfx.$file,$dir.'/'.$file); } } } closedir($handle); } // logout ? if($logout) { set_cookie_val(""); header("Location: ".$SCRIPT_NAME); //?>0 ) { $logged=1; $user_row=mysql_fetch_array($res); } } $admin=($user_row["seclevel"]==999); // pic rating update ? if ($display&&$rating) { if (!already_rated($display) && ($rating>0) && ($rating<=10)) { $cmd="insert into $sTableRatings (datetime, pic_name, ip, rating) values (now(), '$display', '".getenv("REMOTE_ADDR")."', $rating)"; mysql_db_query($sDB,$cmd,$nConnection); } } // pic comment update ? if($updpic=="1"&&$admin) { if (!get_magic_quotes_gpc()) { $dsc = addslashes($dsc); } $cmd="replace into $sTable values('$display','$dsc','$lev',0,0)"; mysql_db_query($sDB,$cmd,$nConnection); } // dir level update ? if($dirlevelchange&&$admin) { $cmd="replace into $sTable values('$dir','','$dirlevel')"; mysql_db_query($sDB,$cmd,$nConnection); } //if($dir) $dir=reformat($dir); //if($display) $display=reformat($display); //if($displaypic) $displaypic=reformat($displaypic); //if($preview) $preview=reformat($preview); //if($display) $dir=dirname($display); //if(substr($root_dir,-1)!='/') $root_dir.='/'; //if($dir && substr($dir,-1)!='/') $dir.='/'; // dir creation ? if($dircreate&&$admin) { mkdir($root_dir.$dir.$createdirname,0755); } // file uploaded ? if($admin&&$picupload&&$picuploadname!="none") { Exec("cp -f \"$picuploadname\" \"".$root_dir.$dir.$picuploadname_name."\""); Exec("chmod 755 \"".$root_dir.$dir.$picuploadname_name."\""); } if ($newsend==1&&$admin) { include ("config.inc.php"); $da=date ("Y/m/d"); $query = "INSERT INTO tofz.newz(date,news) VALUES('".$da."','".$_POST['ta']."');"; if ($result = mysql_query($query)) echo ($query." entered successfully
".$result); exit; } if ($newsgen==1&&$admin) { include ("config.inc.php"); $q=mysql_query("select * from tofz.newz order by date desc limit 10;") or die ("Requ�te invalide"); echo ("10 last news;
") ; $filename = 'news.last.inc.php'; $fp = fopen($filename, "w"); while ($row = mysql_fetch_array($q)) {$string="

 ".$row[0]."
".$row[1]."

"; echo $string;; $write = fputs($fp, $string."\n"); } fclose($fp); echo ("


other news;
"); $q=mysql_query("select * from tofz.newz order by date desc limit 10,99999;") or die ("Requ�te invalide"); $filename = 'news.old.inc.php'; $fp = fopen($filename, "w"); while ($row = mysql_fetch_array($q)) {$string="

 ".$row[0]."
".$row[1]."

"; echo $string;; $write = fputs($fp, $string."\n"); } fclose($fp); exit; } if ($newsedit==1&&$admin) { ?>

/"; foreach($tofz_arbo as $d) echo "$d"; echo""; ?>

=$lr_limit && !$non_lr) { // switch to lr_mode $tofname.="-lo_res.jpg"; } else { $tofname.="-hi_res.jpg"; } header("Content-Disposition: inline; filename=".$tofname); if(filesize($root_dir.$displaypic)>=$lr_limit && !$non_lr) { // switch to lr_mode $lrdir=$root_dir.dirname($displaypic)."/.thumbs"; $lrfile=$lrdir."/lr_".basename($displaypic); if(!file_exists($lrfile)) { if(!is_dir($lrdir)) mkdir($lrdir,2775); convert_image($root_dir.$displaypic,$lrfile,$lr_res,$lr_quality); } readfile($lrfile); } else readfile($root_dir.$displaypic); exit; } if($preview) { header("Content-type: image/jpeg"); $prdir=$root_dir.dirname($preview)."/.thumbs"; $prfile=$prdir."/thumb_".basename($preview); if(!file_exists($prfile)) { if(!is_dir($prdir)) mkdir($prdir,2775); convert_image($root_dir.$preview,$prfile,$thumb_res,$thumb_quality); } readfile($prfile); exit; } // random image? if($random) { $level=0; if($logged) $level=(int)$user_row["seclevel"]; $ok=0; srand ((double) microtime() * 1000000); // exec('find '.$root_dir.' -type f -print | egrep -i "\.(jpg|jpeg|gif|png)$" | grep -v ".thumbs/"',$find_ar); $find_ar=file("random_list"); $l=sizeof($find_ar); for($try=0;!$ok && $try<32;$try++) { $pickline=substr($find_ar[rand(0,$l)],strlen($root_dir)+2); $ok = (get_level($pickline)<=$level); } $display = $pickline; $dir = substr($display,0,strrpos($display,"/"))."/"; } // generate all thumbnails/low res if($genall&&$admin) { echo "Generating all missing thumbnails/low res pictures: (be patient)

"; flush(); $gen_lr=0; $gen_th=0; exec('find '.$root_dir.' -type f -print | egrep -i "\.(jpg|jpeg|gif|png)$" | grep -v ".thumbs/"',$find_ar); for($i=0;$find_ar[$i];$i++) { $pic=substr($find_ar[$i],strlen($root_dir)); $lrdir=$root_dir.dirname($pic)."/.thumbs"; if(!is_dir($lrdir)) mkdir($lrdir,0755); // low res check if(filesize($root_dir.$pic)>=$lr_limit) { $lrfile=$lrdir."/lr_".basename($pic); if(!file_exists($lrfile)) { echo "Generating low res picture for $pic
"; flush(); convert_image($root_dir.$pic,$lrfile,$lr_res,$lr_quality); $gen_lr++; } } // thumbnail check $prfile=$lrdir."/thumb_".basename($pic); if(!file_exists($prfile)) { echo "Generating thumbnail picture for $pic
"; flush(); convert_image($root_dir.$pic,$prfile,$thumb_res,$thumb_quality); $gen_th++; } } echo "
"; echo "Generated $gen_lr low res pictures and $gen_th thumbnails.
"; echo "Your library has ".sizeof($find_ar)." pictures.
"; exit; } // pic delete if($updpic=="del"&&$admin) { $cmd="delete from $sTable where name='$display'"; $db=mysql_db_query($sDB,$cmd,$nConnection); $cmd="delete from $sTableComments where pic_name='$display'"; $db=mysql_db_query($sDB,$cmd,$nConnection); $filename=$root_dir.$display; $thumbname=$root_dir.dirname($display)."/.thumbs/thumb_".basename($display); $lrname=$root_dir.dirname($display)."/.thumbs/lr_".basename($display); if (file_exists($filename))unlink($filename); if (file_exists($thumbname))unlink($thumbname); if (file_exists($lrname))unlink($lrname); //jump back to the directory after deleting the pic $dir=dirname($display); header("Location: ./?dir=$dir"); exit; } // test if display is video or sound if ($display) { if (($type = get_movie_type($display)) || ($type = get_sound_type($display)) || ($type = get_text_type($display))) { header("Content-type: ".$type); // header("Content-Disposition: inline; filename=".basename($display)); // header("Content-Disposition: inline; filename=tofz_dot_org_-_".get_comment($display).".jpg"); readfile($root_dir.$display); return; } } //BLOB if($movdir) { include("header.inc.php"); echo "MOVDIR!
"; // $src=stripslashes($src); // $dest=stripslashes($dest); echo $src; echo " => $dest"; echo "
"; init_db_move(); movedir(stripslashes($src),stripslashes($dest)); done_db_move(); include("footer.inc.php"); exit(); } if($move1tof) { include("header.inc.php"); echo "MOVE 1 TOF!
$whichone
=> $dest
"; //* $execstr="cd /home/merou/pictures && /home/merou/bin/move $whichone $dest"; /*/ $execstr="/usr/bin/php -q /home/merou/bin/test.php";//*/ echo "

";
//	include("/home/merou/bin/test.php");
	$argv[1]=$whichone;
	$argv[2]=$dest;
	$argc=3;
	echo "---including move.php\n";
//	chdir($root_dir);
	putenv("PWD=/home/merou/pictures");
//	include("/home/merou/bin/move.php");
	init_db_move();
	movetof($whichone,$dest);
	done_db_move();
	echo "uid:".getmyuid()."\n";
	echo "user:".get_current_user()."\n";
	echo "---done move.php\n";
        echo "

"; //* // echo "$execstr
"; // echo "

".`$execstr`."

"; /*/ echo "

";
	readfile("/tmp/moveoutput");
        echo "

";//*/ /* $ret=array(); @exec($execstr,$ret); echo "

";
	print_r($ret);
	echo "

"; //*/ include("footer.inc.php"); exit(); } // display home if nothing else if (!$dir && !$addcomment && !$lastcomments && !$search && !$log &&!$topratings &&!$oldnews){ if ($lang=="fr") include ("home.fr.php"); else include ("home.php"); exit; } else{ include "header.inc.php"; // Login form if($log) { ?>

"; ?>

Directory to create:

"; ?>

File to upload:

     "; echo "Last added comments :
"; echo ""; echo "
"; $cmd="select * from ".$sTableComments." order by datetime desc"; $res=mysql_db_query($sDB,$cmd,$nConnection); $i=0; if ($nbc && $nbc<100) $j=$nbc; else $j=20; while(($row=mysql_fetch_array($res)) && $i<$j) { if(get_level($row["pic_name"])>(int)$user_row["seclevel"]) continue; echo "".$row["datetime"]." by ".htmlentities($row["user"]).":  "; $comment=get_comment($row["pic_name"]); if(trim($comment)=="") $comment=$row["pic_name"]; echo "".$comment.""; echo "

"; $i++; } echo "
"; echo "Go back
"; echo "
"; include "footer.inc.php"; exit; } else if($topratings) { // display top ratings echo "Top ".$nb_top_rating." rated pictures :
"; echo "
"; $cmd="select *,avg(rating) as rat from ".$sTableRatings." group by pic_name order by rat desc"; $res=mysql_db_query($sDB,$cmd,$nConnection); $i=0; while(($row=mysql_fetch_array($res)) && $i<$nb_top_rating) { if(get_level($row["pic_name"])>(int)$user_row["seclevel"]) continue; echo "".($i+1).": "; $comment=get_comment($row["pic_name"]); if(trim($comment)=="") $comment=$row["pic_name"]; echo "".$comment.""; echo " (".sprintf("%.1f", $row["rat"]).")"; echo "
"; $i++; } echo "
"; echo "Go back
"; echo "
"; include "footer.inc.php"; exit; } else if($search) { // display search results echo "

"; echo "Search results for \"".$search."\": "; echo "tOfz matching by description : "; echo " "; $search=addslashes($search); $cmd="select * from ".$sTable." where descr like '%".$search."%' OR name like '%".$search."%' limit 100"; $res=mysql_db_query($sDB,$cmd,$nConnection); $num=mysql_num_rows($res); if ($num==0) echo "no result... sorry! "; else{ while($row=mysql_fetch_array($res)) { if(get_level($row["name"])>(int)$user_row["seclevel"]) continue; echo ""; // r0n rulez <---- w� ben k'il suce des teubz en enfair :p // c'est moi qui ai """"cod�"""" le search =))) $tmp_trim_title=explode("::",$row["descr"]); echo "".$row["name"]."   ".trim($tmp_trim_title[0])." "; $i++; } if ($i==100) echo "only the ".$i." first matches displayed. refine your search! "; else echo "".$i." tOfz found "; } echo "tOfz matching by comments : "; $cmd="select * from ".$sTableComments." where comment like '%".$search."%' or user like '%".$search."%' limit 100"; $res=mysql_db_query($sDB,$cmd,$nConnection); $num=mysql_num_rows($res); if ($num==0) echo "no result... sorry! "; else{ while($row=mysql_fetch_array($res)) { if(get_level($row["pic_name"])>(int)$user_row["seclevel"]) continue; echo ""; echo "".$row["pic_name"]."   by: ".$row["user"].": ".$row["comment"]." "; $i++; } if ($i==100) echo "only the ".$i." first matches displayed. refine your search! "; else echo "".$i." total tOfz found "; } echo " "; echo "Go back "; echo "

"; include "footer.inc.php"; exit; } else if($oldnews){ echo ""; include "footer.inc.php"; exit; } } if(get_level($dir)>(int)$user_row["seclevel"]) exit; // antihack :) // scan dir $nb_dirs=0; $nb_files=0; $dirs[0]=""; $files[0]=""; $dh=dir($root_dir.$dir); //$dh=dir($root_dir.$dir); while ($file=$dh->read()) { if(substr($file,0,1)==".") continue; // if(substr($file,-3)=="_lr") continue; // if(substr($file,-6)=="_thumb") continue; if(substr($file,-8)=="_comment") continue; if(is_dir($root_dir.$dir.$file)) { // directory if(get_level($dir.$file."/")<=(int)$user_row["seclevel"]) $dirs[$nb_dirs++]=$file; } else { // file if(get_level($dir.$file)<=(int)$user_row["seclevel"]) $files[$nb_files++]=$file; } } $dh->close(); sort($dirs); if (is_file($root_dir.$dir."/.desc")) rsort($files); else sort($files); ?> "; echo "

Directory security level: "; echo ""; echo ""; echo "

"; echo ""; //BLOB echo "

"; echo ""; } // display .welcome message if it exists if(is_file($root_dir.$dir.".welcome") && !$display) { echo "

";
//  system("cat \"".$root_dir.$dir.".welcome\"");
  exec("cat ".$root_dir.$dir.".welcome",$welcome);
  for($i=0;$i";
  echo "

"; // echo "
"; } ?> "; if ($nb_dirs>0){ // display dirs // if ($nb_files>1){ //echo "

";} // else { // dirty hack to float if no pic in dir echo "

";//} if (!$display){ for($i=0;$i<$nb_dirs;$i++) { echo "".$dirs[$i]."
\n"; } echo "

"; }} // display thumbnailz function echo_pic($i) { global $admin,$root_dir,$dir,$files,$sDB,$nConnection; echo "

"; //BLOB $comment=get_comment($dir.$files[$i]); if($comment=="") $comment="sans l�gende...";//$files[$i]; echo ""; } if(!$startpic) $startpic=0; // this is where to put a custom # of columns !! if($admin) echo ""; echo ""; if ($admin) echo ""; echo "

"; echo ""; // echo ""; echo "         "; if($admin) echo "	".$comment.""; if(($nbc=get_nb_comments($dir.$files[$i]))>0) { if($nbc==1) echo " ".$nbc." comment"; else echo " ".$nbc." comments"; } if(is_file($root_dir.$dir."/.rate")){ if(($rtg=get_rating($dir.$files[$i]))!==false) { echo " rating : ".sprintf("%.1f", $rtg).""; } } echo "
"; for($i=$startpic;$i<$nb_files && $i<($startpic+$nb_pic_max);$i++) { echo ""; echo_pic($i); echo ""; } echo "	"; $startpic2=$i; for(;$i<$nb_files && $i<($startpic2+$nb_pic_max);$i++) { echo ""; echo_pic($i); echo ""; } echo "

"; echo ""; if ($nb_files) echo "        ".($startpic+1)."-".$i." / ".$nb_files.""; echo ""; if($startpic!=0) { $a=$startpic-($nb_pic_max*2); if($a<0) $a=0; echo "    "; } if($i!=$nb_files) { echo "   "; } echo "
"; } else { // // display the picture // display the picture <-- that's H E R E !!!!! // display the picture // for($i=0;$i<$nb_files && basename($display)!=$files[$i];$i++); ///// greffon if(!$dir) echo "    ".$txt_root_dir." - "; else echo "

- "; $alldirs=explode("/",$dir); $alldirtmp=""; $page=bcdiv($i,($nb_pic_max*2),0)*($nb_pic_max*2); /*if($dir[0]=='/') $i0=1; else $i0=0; for($j=$i0;$alldirs[$j];$j++) { $alldirtmp.=$alldirs[$j]."/"; if($alldirtmp==$dir) echo ""; if($alldirs[$j+1] || $display) echo ""; echo $alldirs[$j]; if($alldirs[$j+1] || $display) echo " - "; }*/ for($j=0;$alldirs[$j];$j++) { $alldirtmp.=$alldirs[$j]."/"; if($alldirtmp==$dir) echo ""; if($alldirs[$j+1]) echo ""; echo $alldirs[$j]; if($alldirs[$j] || $display) echo " - "; } ///// echo "

"; //echo ""; if(get_level($display)<=(int)$user_row["seclevel"]) { echo "

"; if ($files[$i+1]) echo""; //else echo ""; else echo ""; ?>

 (".($i+1)."/".$nb_files.")     
"; if($i!=0) echo " "; if(filesize($root_dir.$display)>=$lr_limit && !$non_lr) echo " "; if(filesize($root_dir.$display)>=$lr_limit && $non_lr) echo " "; if($files[$i+1]) echo ""; // echo "
"; if ($use_rating && is_file($root_dir.$dir."/.rate") ) { $pic_rating=get_rating($display); echo"
"; if ($pic_rating===false) echo $txt_no_rating; else echo $txt_pic_rating."".sprintf("%.1f", $pic_rating).""; if (!already_rated($display)) { $rate_url="?display=".rawurlencode($display); if (strpos($rate_url, "?")!==false) $rate_url.="&rating="; else $rate_url.="?rating="; echo ""; echo "".$txt_option_rating; for ($a=1;$a<=10;$a++) echo "$a"; echo ""; } } //echo "
"; if($admin) { ?>

<? echo get_comment($display) ?>

"; // system("cat \"".$root_dir.$display."_comment\""); // echo "

"; //} echo "

"; echo "

"; display_comments($display); echo "

random tOf