Context Navigation

source: branches/2.1/admin/picture_modify.php @ 6713

Last change on this file since 6713 was 6713, checked in by plg, 14 years ago
bug 1757 fixed: ability to use HTML in author field
Property svn:eol-style set to `LF`
File size: 12.0 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if(!defined("PHPWG_ROOT_PATH"))
25	{
26	die('Hacking attempt!');
27	}
28
29	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	check_input_parameter('image_id', $_GET, false, PATTERN_ID);
37	check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
38
39	// +-----------------------------------------------------------------------+
40	// \| synchronize metadata \|
41	// +-----------------------------------------------------------------------+
42
43	if (isset($_GET['sync_metadata']) and !is_adviser())
44	{
45	$query = '
46	SELECT path
47	FROM '.IMAGES_TABLE.'
48	WHERE id = '.$_GET['image_id'].'
49	;';
50	list($path) = pwg_db_fetch_row(pwg_query($query));
51	update_metadata(array($_GET['image_id'] => $path));
52
53	array_push($page['infos'], l10n('Metadata synchronized from file'));
54	}
55
56	//--------------------------------------------------------- update informations
57
58	// first, we verify whether there is a mistake on the given creation date
59	if (isset($_POST['date_creation_action'])
60	and 'set' == $_POST['date_creation_action'])
61	{
62	if (!is_numeric($_POST['date_creation_year'])
63	or !checkdate(
64	$_POST['date_creation_month'],
65	$_POST['date_creation_day'],
66	$_POST['date_creation_year'])
67	)
68	{
69	array_push($page['errors'], l10n('wrong date'));
70	}
71	}
72
73	if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser())
74	{
75	$data = array();
76	$data{'id'} = $_GET['image_id'];
77	$data{'name'} = $_POST['name'];
78	$data{'author'} = $_POST['author'];
79	$data['level'] = $_POST['level'];
80
81	if ($conf['allow_html_descriptions'])
82	{
83	$data{'comment'} = @$_POST['description'];
84	}
85	else
86	{
87	$data{'comment'} = strip_tags(@$_POST['description']);
88	}
89
90	if (isset($_POST['date_creation_action']))
91	{
92	if ('set' == $_POST['date_creation_action'])
93	{
94	$data{'date_creation'} = $_POST['date_creation_year']
95	.'-'.$_POST['date_creation_month']
96	.'-'.$_POST['date_creation_day'];
97	}
98	else if ('unset' == $_POST['date_creation_action'])
99	{
100	$data{'date_creation'} = '';
101	}
102	}
103
104	mass_updates(
105	IMAGES_TABLE,
106	array(
107	'primary' => array('id'),
108	'update' => array_diff(array_keys($data), array('id'))
109	),
110	array($data)
111	);
112
113	// time to deal with tags
114	$tag_ids = array();
115	if (isset($_POST['tags']))
116	{
117	$tag_ids = get_fckb_tag_ids($_POST['tags']);
118	}
119	set_tags($tag_ids, $_GET['image_id']);
120
121	array_push($page['infos'], l10n('Picture informations updated'));
122	}
123	// associate the element to other categories than its storage category
124	if (isset($_POST['associate'])
125	and isset($_POST['cat_dissociated'])
126	and count($_POST['cat_dissociated']) > 0
127	and !is_adviser()
128	)
129	{
130	associate_images_to_categories(
131	array($_GET['image_id']),
132	$_POST['cat_dissociated']
133	);
134	}
135	// dissociate the element from categories (but not from its storage category)
136	if (isset($_POST['dissociate'])
137	and isset($_POST['cat_associated'])
138	and count($_POST['cat_associated']) > 0
139	and !is_adviser()
140	)
141	{
142	$query = '
143	DELETE FROM '.IMAGE_CATEGORY_TABLE.'
144	WHERE image_id = '.$_GET['image_id'].'
145	AND category_id IN ('.implode(',', $_POST['cat_associated']).')
146	';
147	pwg_query($query);
148
149	update_category($_POST['cat_associated']);
150	}
151	// elect the element to represent the given categories
152	if (isset($_POST['elect'])
153	and isset($_POST['cat_dismissed'])
154	and count($_POST['cat_dismissed']) > 0
155	and !is_adviser()
156	)
157	{
158	$datas = array();
159	foreach ($_POST['cat_dismissed'] as $category_id)
160	{
161	array_push($datas,
162	array('id' => $category_id,
163	'representative_picture_id' => $_GET['image_id']));
164	}
165	$fields = array('primary' => array('id'),
166	'update' => array('representative_picture_id'));
167	mass_updates(CATEGORIES_TABLE, $fields, $datas);
168	}
169	// dismiss the element as representant of the given categories
170	if (isset($_POST['dismiss'])
171	and isset($_POST['cat_elected'])
172	and count($_POST['cat_elected']) > 0
173	and !is_adviser()
174	)
175	{
176	set_random_representant($_POST['cat_elected']);
177	}
178
179	// tags
180	$query = '
181	SELECT
182	tag_id,
183	name AS tag_name
184	FROM '.IMAGE_TAG_TABLE.' AS it
185	JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
186	WHERE image_id = '.$_GET['image_id'].'
187	;';
188	$tags = get_fckb_taglist($query);
189
190	// retrieving direct information about picture
191	$query = '
192	SELECT *
193	FROM '.IMAGES_TABLE.'
194	WHERE id = '.$_GET['image_id'].'
195	;';
196	$row = pwg_db_fetch_assoc(pwg_query($query));
197
198	$storage_category_id = null;
199	if (!empty($row['storage_category_id']))
200	{
201	$storage_category_id = $row['storage_category_id'];
202	}
203
204	$image_file = $row['file'];
205
206	// +-----------------------------------------------------------------------+
207	// \| template init \|
208	// +-----------------------------------------------------------------------+
209
210	$template->set_filenames(
211	array(
212	'picture_modify' => 'picture_modify.tpl'
213	)
214	);
215
216	$template->assign(
217	array(
218	'tags' => $tags,
219	'U_SYNC' =>
220	get_root_url().'admin.php?page=picture_modify'.
221	'&image_id='.$_GET['image_id'].
222	(isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '').
223	'&sync_metadata=1',
224
225	'PATH'=>$row['path'],
226
227	'TN_SRC' => get_thumbnail_url($row),
228
229	'NAME' =>
230	isset($_POST['name']) ?
231	stripslashes($_POST['name']) : @$row['name'],
232
233	'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
234
235	'FILESIZE' => @$row['filesize'].' KB',
236
237	'REGISTRATION_DATE' => format_date($row['date_available']),
238
239	'AUTHOR' => htmlspecialchars(
240	isset($_POST['author'])
241	? stripslashes($_POST['author'])
242	: @$row['author']
243	),
244
245	'DESCRIPTION' =>
246	htmlspecialchars( isset($_POST['description']) ?
247	stripslashes($_POST['description']) : @$row['comment'] ),
248
249	'F_ACTION' =>
250	get_root_url().'admin.php'
251	.get_query_string_diff(array('sync_metadata'))
252	)
253	);
254
255	if ($row['has_high'] == 'true')
256	{
257	$template->assign(
258	'HIGH_FILESIZE',
259	isset($row['high_filesize'])
260	? $row['high_filesize'].' KB'
261	: l10n('unknown')
262	);
263	}
264
265	// image level options
266	$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
267	$template->assign(
268	array(
269	'level_options'=> get_privacy_level_options(),
270	'level_options_selected' => array($selected_level)
271	)
272	);
273
274	// creation date
275	unset($day, $month, $year);
276
277	if (isset($_POST['date_creation_action'])
278	and 'set' == $_POST['date_creation_action'])
279	{
280	foreach (array('day', 'month', 'year') as $varname)
281	{
282	$$varname = $_POST['date_creation_'.$varname];
283	}
284	}
285	else if (isset($row['date_creation']) and !empty($row['date_creation']))
286	{
287	list($year, $month, $day) = explode('-', $row['date_creation']);
288	}
289	else
290	{
291	list($year, $month, $day) = array('', 0, 0);
292	}
293
294
295	$month_list = $lang['month'];
296	$month_list[0]='------------';
297	ksort($month_list);
298
299	$template->assign(
300	array(
301	'DATE_CREATION_DAY_VALUE' => $day,
302	'DATE_CREATION_MONTH_VALUE' => $month,
303	'DATE_CREATION_YEAR_VALUE' => $year,
304	'month_list' => $month_list,
305	)
306	);
307
308	$query = '
309	SELECT category_id, uppercats
310	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
311	INNER JOIN '.CATEGORIES_TABLE.' AS c
312	ON c.id = ic.category_id
313	WHERE image_id = '.$_GET['image_id'].'
314	;';
315	$result = pwg_query($query);
316
317	while ($row = pwg_db_fetch_assoc($result))
318	{
319	$name =
320	get_cat_display_name_cache(
321	$row['uppercats'],
322	get_root_url().'admin.php?page=cat_modify&cat_id=',
323	false
324	);
325
326	if ($row['category_id'] == $storage_category_id)
327	{
328	$template->assign('STORAGE_CATEGORY', $name);
329	}
330	else
331	{
332	$template->append('related_categories', $name);
333	}
334	}
335
336	// jump to link
337	//
338	// 1. find all linked categories that are reachable for the current user.
339	// 2. if a category is available in the URL, use it if reachable
340	// 3. if URL category not available or reachable, use the first reachable
341	// linked category
342	// 4. if no category reachable, no jumpto link
343
344	$query = '
345	SELECT category_id
346	FROM '.IMAGE_CATEGORY_TABLE.'
347	WHERE image_id = '.$_GET['image_id'].'
348	;';
349
350	$authorizeds = array_diff(
351	array_from_query($query, 'category_id'),
352	explode(
353	',',
354	calculate_permissions($user['id'], $user['status'])
355	)
356	);
357
358	if (isset($_GET['cat_id'])
359	and in_array($_GET['cat_id'], $authorizeds))
360	{
361	$url_img = make_picture_url(
362	array(
363	'image_id' => $_GET['image_id'],
364	'image_file' => $image_file,
365	'category' => $cache['cat_names'][ $_GET['cat_id'] ],
366	)
367	);
368	}
369	else
370	{
371	foreach ($authorizeds as $category)
372	{
373	$url_img = make_picture_url(
374	array(
375	'image_id' => $_GET['image_id'],
376	'image_file' => $image_file,
377	'category' => $cache['cat_names'][ $category ],
378	)
379	);
380	break;
381	}
382	}
383
384	if (isset($url_img))
385	{
386	$template->assign( 'U_JUMPTO', $url_img );
387	}
388
389	// associate to another category ?
390	$query = '
391	SELECT id,name,uppercats,global_rank
392	FROM '.CATEGORIES_TABLE.'
393	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
394	WHERE image_id = '.$_GET['image_id'];
395	if (isset($storage_category_id))
396	{
397	$query.= '
398	AND id != '.$storage_category_id;
399	}
400	$query.= '
401	;';
402	display_select_cat_wrapper($query, array(), 'associated_options');
403
404	$result = pwg_query($query);
405	$associateds = array(-1);
406	if (isset($storage_category_id))
407	{
408	array_push($associateds, $storage_category_id);
409	}
410	while ($row = pwg_db_fetch_assoc($result))
411	{
412	array_push($associateds, $row['id']);
413	}
414	$query = '
415	SELECT id,name,uppercats,global_rank
416	FROM '.CATEGORIES_TABLE.'
417	WHERE id NOT IN ('.implode(',', $associateds).')
418	;';
419	display_select_cat_wrapper($query, array(), 'dissociated_options');
420
421	// representing
422	$query = '
423	SELECT id,name,uppercats,global_rank
424	FROM '.CATEGORIES_TABLE.'
425	WHERE representative_picture_id = '.$_GET['image_id'].'
426	;';
427	display_select_cat_wrapper($query, array(), 'elected_options');
428
429	$query = '
430	SELECT id,name,uppercats,global_rank
431	FROM '.CATEGORIES_TABLE.'
432	WHERE representative_picture_id != '.$_GET['image_id'].'
433	OR representative_picture_id IS NULL
434	;';
435	display_select_cat_wrapper($query, array(), 'dismissed_options');
436
437	//----------------------------------------------------------- sending html code
438
439	$template->assign_var_from_handle('ADMIN_CONTENT', 'picture_modify');
440	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: