General Support: My Fixes for Plogger 3.0

I have installed Plogger 3.0 Beta and am running the gallery from a file outside the install folder. My gallery uses authentication and provides access to members only. I think it is quite reasonable that galleries will not always be displayed from the install folder. There are a few changes necessary to get this to work.


=========plog-functions.php=========

This needs to be updated so the picture can be found.

function plogger_get_source_picture_url() {
global $config;

// -------- Added Two lines below -----------------
$RL = strlen($_SERVER['DOCUMENT_ROOT']);
$FOLDER = substr(dirname(__FILE__),$RL);

// -------- Change the Return Value to use folder based on running file not the Config[baseurl] -------
// return (!empty($config['allow_fullpic'])) ? $config["baseurl"].'images/'.SmartStripSlashes($GLOBALS["current_picture"]["path"]) : "#";
return (!empty($config['allow_fullpic'])) ? $FOLDER.'/images/'.SmartStripSlashes($GLOBALS["current_picture"]["path"]) : "#";
}

function plogger_album_picture_count() {
if(empty($GLOBALS["current_album"])) return 0; // ---- Modified by adding this line, else error occur when no current_album
. . .
}

==========plog-globals.php=========
Before starting a session, you need to check to see if a session has already started. If you have an authentication system, you probably already have it started.
So, this line needs to be modified:

//if (!headers_sent())
if (!headers_sent() and !session_id())
{
session_start();
};

==========plog-comment.php==========
You need to properly redirect to YOUR page when placing comments. Add this line before then header redirect.

$redirect = $_SERVER['HTTP_REFERER']; //------ added --------
header("Location: $redirect");

Thanks for the reply. I am new to Plogger, so please keep that in mind. By the way, I selected Plogger because it is very clean, easy to setup and use, and produces compliant HTML output. It was also easy to track down how things were working. So, for the development team: Great job!

1) A session would be set, not just with 'session.auto_start', but also with authentication, and sometimes other purposes for a site. I am using this in a members-only section of a site, and that is checked by the session settings. So, I think checking first before starting a new session is a a good thing.

2) I understand the issues with HTTP_REFERER. HTTPS also does not have a HTTP_REFERER. The only other workarounds that comes to mind is to post to "plog-comment.php?refer=/mypage.php&otherquery" and then if the $_GET['refer'] is set, use it, or set the calling page in a session variable.

Remember that I am new at this, but it seems to me that 'plog-comment.php' should not really be used as the form action parameter. That is a process-only file. 'plog-comment.php' should be included in 'gallery.php' when the comment submit button is detected. In that case, no redirect would be necessary. (By the way, I would probably not name the submit button "submit," but maybe "submitcomment" so you know what button was clicked. Otherwise you need to check the value. ) I think that would be more clean design.

Your fix would not work in the site I am working on. That is because I am not using "/plogger/index.php" to generate the gallery. I have my own page in another directory. (That was a feature of Plogger, as I understood it, that you could embed it in any page, which you can with some minor tweaks.)

Thanks!

It is nice to be appreciated. OK, here is a working method for direct processing of comments, without using redirection.

1) =============== ADD TO gallery.php ===============

add after: global $config


//--------- Added to process comments --------
if (!empty($_POST['comment_post_ID'])) {
include PLOGGER_DIR.'plog-process-comment.php';
}


"comment_post_ID" is only used in the comment form as a hidden variable, so it can be used to tell that you have posted a comment.

2) ============== CREATE A NEW FILE: plog-process-comment.php ===============

A new file was created to avoid loss of backward compatibility.


<?php
//Created this file from plog-comment.php to be called directly from gallery.php

// this is our comment script, it simply writes the comment information
// to our flat-file database and links it to the picture using the pictures id.

$parent_id = intval($_POST["parent"]);


// -------- get the URL ---------

if(!empty($_POST['url'])) {

if (preg_match('#^http\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $_POST['url'])) {
$url = $_POST['url'];
}
elseif (preg_match('#^[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i', $_POST['url'])) {
$url = 'http://'.$_POST["url"];
}
else {
$url = '';
}
} else {
$url = '';
}

// If the captcha is required, check it here
if ($_SESSION['require_captcha'] == true) {
if (($_POST['captcha'] != $_SESSION['captcha']) || !$_POST['captcha']) {
$_SESSION["comment_post_error"] = "CAPTCHA check failed!";
return; // exit further processing of this file
}
}

$rv = add_comment($parent_id,$_POST["author"],$_POST["email"],$url,$_POST["comment"]);

if (!empty($rv["errors"])) {
$_SESSION["comment_post_error"] = $rv["errors"];
} elseif ($config['comments_moderate']) {
$_SESSION["comment_moderated"] = 1;
}

?>



3) ======================= CHANGE THEME comments.php ======================

The following form tag line needs to be changed as follows:


<form action="' . htmlentities($_SERVER['REQUEST_URI']) . '" method="post" id="commentform">



4) ============ Another fix =============
This may have been a bug in the plog-functions.php file, in the add_comment() function.

if ($config["comments_moderate"] == 1) {
$approved = 0;
$notify_msg = " (awaiting your approval)";
} else {
$approved = 1;
$notify_msg = ''; // --- ADDED, to prevent error
}


That is it, I have that working on my site.