2014-01-22 10:12:51 +00:00
< ? php
/**
2014-02-17 16:01:46 +00:00
* @ name Misc Module
* @ author Philipp Maurer
* @ author Tobias Reich
* @ copyright 2014 by Philipp Maurer , Tobias Reich
2014-01-22 10:12:51 +00:00
*/
if ( ! defined ( 'LYCHEE' )) exit ( 'Error: Direct access is not allowed!' );
2014-04-04 21:17:54 +00:00
function getGraphHeader ( $database , $photoID ) {
2014-01-22 10:12:51 +00:00
2014-04-04 21:17:54 +00:00
if ( ! isset ( $database , $photoID )) return false ;
2014-02-17 16:01:46 +00:00
2014-02-09 21:30:16 +00:00
$photoID = mysqli_real_escape_string ( $database , $photoID );
2014-02-17 16:01:46 +00:00
2014-02-10 17:04:34 +00:00
$result = $database -> query ( " SELECT title, description, url FROM lychee_photos WHERE id = ' $photoID '; " );
2014-02-09 21:30:16 +00:00
$row = $result -> fetch_object ();
2014-02-17 16:01:46 +00:00
2014-02-27 20:51:12 +00:00
$parseUrl = parse_url ( " http:// " . $_SERVER [ 'HTTP_HOST' ] . $_SERVER [ 'REQUEST_URI' ]);
$picture = $parseUrl [ 'scheme' ] . " :// " . $parseUrl [ 'host' ] . $parseUrl [ 'path' ] . " /../uploads/big/ " . $row -> url ;
2014-02-17 16:01:46 +00:00
$return = '<!-- General Meta Data -->' ;
2014-01-22 10:12:51 +00:00
$return .= '<meta name="title" content="' . $row -> title . '" />' ;
$return .= '<meta name="description" content="' . $row -> description . ' - via Lychee" />' ;
2014-02-17 16:01:46 +00:00
$return .= '<link rel="image_src" type="image/jpeg" href="' . $picture . '" />' ;
2014-01-22 10:12:51 +00:00
$return .= '<!-- Twitter Meta Data -->' ;
$return .= '<meta name="twitter:card" content="photo">' ;
$return .= '<meta name="twitter:title" content="' . $row -> title . '">' ;
$return .= '<meta name="twitter:image:src" content="' . $picture . '">' ;
2014-02-17 16:01:46 +00:00
2014-01-22 10:12:51 +00:00
$return .= '<!-- Facebook Meta Data -->' ;
$return .= '<meta property="og:title" content="' . $row -> title . '">' ;
$return .= '<meta property="og:image" content="' . $picture . '">' ;
2014-02-17 16:01:46 +00:00
2014-02-09 21:30:16 +00:00
return $return ;
2014-01-22 10:12:51 +00:00
}
2014-04-19 18:27:53 +00:00
function search ( $database , $settings , $term ) {
2014-01-22 10:12:51 +00:00
2014-04-19 18:27:53 +00:00
if ( ! isset ( $database , $settings , $term )) return false ;
2014-01-22 10:12:51 +00:00
2014-02-09 21:30:16 +00:00
$return [ 'albums' ] = '' ;
2014-01-22 10:12:51 +00:00
2014-02-09 21:30:16 +00:00
// Photos
2014-04-11 08:38:28 +00:00
$result = $database -> query ( " SELECT id, title, tags, public, star, album, thumbUrl FROM lychee_photos WHERE title like '% $term %' OR description like '% $term %' OR tags like '% $term %'; " );
2014-03-20 13:52:54 +00:00
while ( $row = $result -> fetch_assoc ()) {
2014-02-17 16:01:46 +00:00
$return [ 'photos' ][ $row [ 'id' ]] = $row ;
2014-04-11 08:38:28 +00:00
$return [ 'photos' ][ $row [ 'id' ]][ 'sysdate' ] = date ( 'd M. Y' , substr ( $row [ 'id' ], 0 , - 4 ));
2014-02-17 16:01:46 +00:00
}
2014-01-22 10:12:51 +00:00
2014-02-09 21:30:16 +00:00
// Albums
2014-04-11 08:38:28 +00:00
$result = $database -> query ( " SELECT id, title, public, sysstamp, password FROM lychee_albums WHERE title like '% $term %' OR description like '% $term %'; " );
2014-02-17 16:01:46 +00:00
$i = 0 ;
while ( $row = $result -> fetch_object ()) {
2014-01-22 10:12:51 +00:00
2014-02-09 21:30:16 +00:00
// Info
2014-02-17 16:01:46 +00:00
$return [ 'albums' ][ $row -> id ][ 'id' ] = $row -> id ;
$return [ 'albums' ][ $row -> id ][ 'title' ] = $row -> title ;
$return [ 'albums' ][ $row -> id ][ 'public' ] = $row -> public ;
2014-04-11 08:38:28 +00:00
$return [ 'albums' ][ $row -> id ][ 'sysdate' ] = date ( 'F Y' , $row -> sysstamp );
2014-02-17 16:01:46 +00:00
$return [ 'albums' ][ $row -> id ][ 'password' ] = ( $row -> password == '' ? false : true );
2014-01-22 10:12:51 +00:00
2014-02-09 21:30:16 +00:00
// Thumbs
2014-02-17 16:01:46 +00:00
$result2 = $database -> query ( " SELECT thumbUrl FROM lychee_photos WHERE album = ' " . $row -> id . " ' " . $settings [ 'sorting' ] . " LIMIT 0, 3; " );
$k = 0 ;
while ( $row2 = $result2 -> fetch_object ()){
$return [ 'albums' ][ $row -> id ][ " thumb $k " ] = $row2 -> thumbUrl ;
$k ++ ;
}
2014-01-22 10:12:51 +00:00
2014-02-17 16:01:46 +00:00
$i ++ ;
2014-01-22 10:12:51 +00:00
2014-02-17 16:01:46 +00:00
}
return $return ;
2014-01-22 10:12:51 +00:00
}
2014-04-21 00:19:23 +00:00
function get_hashed_password ( $password ) {
2014-04-21 12:18:13 +00:00
# Inspired by http://alias.io/2010/01/store-passwords-safely-with-php-and-mysql/
2014-04-21 00:19:23 +00:00
2014-04-21 12:18:13 +00:00
# A higher $cost is more secure but consumes more processing power
2014-04-21 00:19:23 +00:00
$cost = 10 ;
# Create a random salt
2014-04-21 22:36:02 +00:00
if ( extension_loaded ( 'openssl' )) {
$salt = strtr ( substr ( base64_encode ( openssl_random_pseudo_bytes ( 17 )), 0 , 22 ), '+' , '.' );
} elseif ( extension_loaded ( 'mcrypt' )) {
$salt = strtr ( substr ( base64_encode ( mcrypt_create_iv ( 17 , MCRYPT_DEV_URANDOM )), 0 , 22 ), '+' , '.' );
} else {
$salt = " " ;
for ( $i = 0 ; $i < 22 ; $i ++ ) {
$salt .= substr ( " ./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 " , mt_rand ( 0 , 63 ), 1 );
}
}
2014-04-21 00:19:23 +00:00
# Prefix information about the hash so PHP knows how to verify it later.
# "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
$salt = sprintf ( " $ 2a $ %02d $ " , $cost ) . $salt ;
# Hash the password with the salt
return crypt ( $password , $salt );
2014-04-21 12:18:13 +00:00
2014-04-21 00:19:23 +00:00
}
2014-04-28 08:17:26 +00:00
?>