patch from Romain Tartiere

git-svn-id: https://forgesvn1.novell.com/svn/original/trunk@13 4fa712ea-3c06-0410-9261-c11b4c06c003

diff --git a/www/inc/comment.inc.php b/www/inc/comment.inc.php
deleted file mode 100644 (file)
index 627a747..0000000
--- a/www/inc/comment.inc.php
+++ /dev/null
@@ -1,33 +0,0 @@
-<?php 
-/* 
- * The HTML contained in this file is valid XHTML 1.0 Strict 
- */
-
-echo "<div id=\"comment_block\">\n";
-
-?>
-       <?php echo"<div id=\"showhideform\"><strong> " . __('Post a Comment') . "</strong>:"; ?>
-       <span class="comment_toggle"> 
-       [&nbsp;
-       <?php echo"<a href=\"javascript:toggle_comment()\"><span id=\"showlink\">" . __('Show Form') . "</span><span id=\"hidelink\" style=\"display:none;\">" . __('Hide Form') . "</span></a>"; ?>
-       &nbsp;]
-       </span>
-       </div>
-       
-       <div id="comment_form" style="display: none;">
-<?php
-$page->form_start($ThisUrl, "post", NULL);
-$page->input("text", "commentname", $username, __('Name:'), NULL, _('Enter your name.') );
-$page->input("checkbox", "savecommentname", "1", __('Remember Name:'), "yes", 
-             __('Should the browser remember your name?'));
-$magic_number = random_digits(4);
-//temporary. should generate an image instead
-echo "<div class=\"row\"><div class=\"control\">$magic_number</div></div>\n";
-$page->input("hidden", "commentkolacek", md5($magic_number), NULL, NULL, NULL);
-$page->input("text", "commentspamcheck", "", __('Retype PIN Above:'), NULL, __('Enter the number shown above.'));
-$page->input("textarea", "commentdata", "", __('Comment') . " :" , NULL, __('Allowed HTML tags: a,b,i,ul,li,blockquote,br.') );
-$page->input("submit", "", __('Send') , NULL, NULL, NULL);
-$page->form_end();
-?>
-       </div>
-</div>

diff --git a/www/inc/config.inc.php b/www/inc/config.inc.php
index 7f007b323270adbea8d754c2403e126aa198b255..9bb611f6e7ce67bd532f735611ee236abb44e86b 100644 (file)
--- a/www/inc/config.inc.php
+++ b/www/inc/config.inc.php
@@ -100,7 +100,7 @@ $scnamegallery = "Photo Gallery Index";
 
 #Enable this to access extended tracking functionality
 #depends on sqlite
-$have_sqlite = 1;
+$have_sqlite = 0;
 
 # This controls wheather web visitors will be able to post
 # comments to images

diff --git a/www/inc/photo.class.inc.php b/www/inc/photo.class.inc.php
index 10b507da1b0c218ad2ee03874a9d8c8a991fbb15..1b677c1aa56d29a6aff75b0f4da4175fa21cac47 100644 (file)
--- a/www/inc/photo.class.inc.php
+++ b/www/inc/photo.class.inc.php
@@ -50,8 +50,8 @@ class C_photo {
                                //and add number, album, caption and views.
                                $sql = "insert into photo (name, caption, counter, number, album)";
                                $sql .= " values (";
-                               $sql .= "\"" . $this->name . "\", ";
-                               $sql .= "\"" . $this->caption . "\", ";
+                               $sql .= "\"" . sqlite_escape_string($this->name) . "\", ";
+                               $sql .= "\"" . sqlite_escape_string(strtr($this->caption,"\"","'")) . "\", ";
                                $sql .= $this->counter . ", ";
                                $sql .= $this->number . ", ";
                                $sql .= "\"" . $this->album . "\"";
@@ -189,7 +189,7 @@ class C_photo {
                 //fallback to filesystem
                 if (is_writable("$root/$gallery_dir/$galerie/comments")) { // needs perms
                         $log = "$root/$gallery_dir/$galerie/comments/log_". $this->number .".txt";
-                        if (!is_writable($log)) {
+                        if (file_exists($log) && !is_writable($log)) {
                                 print "\n\n\n<!-- cannot open $log. Check permissions.";
                                 print "\nAborting counter write -->\n";
                                 return 0;

diff --git a/www/index.php b/www/index.php
index 74dd5a63013b141dad56118d9e6cb4d6069735d6..ad143adf9b23736d1a410ecdf0b87daf75471376 100644 (file)
--- a/www/index.php
+++ b/www/index.php
@@ -243,7 +243,7 @@ if (!$galerie) {
                                 if ($class) print " class=\"$class\"";
                                 print ">";
          print "<img ";
-         if ($thumbsize) {
+         if (isset($thumbsize)) {
             print "width=\"120\" height=\"80\" ";
          } else {
             // scale portraits to 80 height