Context Navigation

ws_functions.inc.php @ 9913

Visit:

Revision 9913, 52.4 KB (checked in by plg, 2 years ago)
merge back r9743, wrong method to merge a commit from trunk to branch 2.1
Property svn:eol-style set to `LF`

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	/** IMPLEMENTATION OF WEB SERVICE METHODS *********************************/
25
26	/**
27	* Event handler for method invocation security check. Should return a PwgError
28	* if the preconditions are not satifsied for method invocation.
29	*/
30	function ws_isInvokeAllowed($res, $methodName, $params)
31	{
32	global $conf;
33
34	if ( strpos($methodName,'reflection.')===0 )
35	{ // OK for reflection
36	return $res;
37	}
38
39	if ( !is_autorize_status(ACCESS_GUEST) and
40	strpos($methodName,'pwg.session.')!==0 )
41	{
42	return new PwgError(401, 'Access denied');
43	}
44
45	return $res;
46	}
47
48	/**
49	* returns a "standard" (for our web service) array of sql where clauses that
50	* filters the images (images table only)
51	*/
52	function ws_std_image_sql_filter( $params, $tbl_name='' )
53	{
54	$clauses = array();
55	if ( is_numeric($params['f_min_rate']) )
56	{
57	$clauses[] = $tbl_name.'average_rate>'.$params['f_min_rate'];
58	}
59	if ( is_numeric($params['f_max_rate']) )
60	{
61	$clauses[] = $tbl_name.'average_rate<='.$params['f_max_rate'];
62	}
63	if ( is_numeric($params['f_min_hit']) )
64	{
65	$clauses[] = $tbl_name.'hit>'.$params['f_min_hit'];
66	}
67	if ( is_numeric($params['f_max_hit']) )
68	{
69	$clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
70	}
71	if ( isset($params['f_min_date_posted']) )
72	{
73	$clauses[] = $tbl_name."date_available>='".$params['f_min_date_posted']."'";
74	}
75	if ( isset($params['f_max_date_posted']) )
76	{
77	$clauses[] = $tbl_name."date_available<'".$params['f_max_date_posted']."'";
78	}
79	if ( isset($params['f_min_date_created']) )
80	{
81	$clauses[] = $tbl_name."date_creation>='".$params['f_min_date_created']."'";
82	}
83	if ( isset($params['f_max_date_created']) )
84	{
85	$clauses[] = $tbl_name."date_creation<'".$params['f_max_date_created']."'";
86	}
87	if ( is_numeric($params['f_min_ratio']) )
88	{
89	$clauses[] = $tbl_name.'width/'.$tbl_name.'height>'.$params['f_min_ratio'];
90	}
91	if ( is_numeric($params['f_max_ratio']) )
92	{
93	$clauses[] = $tbl_name.'width/'.$tbl_name.'height<='.$params['f_max_ratio'];
94	}
95	if ( $params['f_with_thumbnail'] )
96	{
97	$clauses[] = $tbl_name.'tn_ext IS NOT NULL';
98	}
99	return $clauses;
100	}
101
102	/**
103	* returns a "standard" (for our web service) ORDER BY sql clause for images
104	*/
105	function ws_std_image_sql_order( $params, $tbl_name='' )
106	{
107	$ret = '';
108	if ( empty($params['order']) )
109	{
110	return $ret;
111	}
112	$matches = array();
113	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
114	$params['order'], $matches);
115	for ($i=0; $i<count($matches[1]); $i++)
116	{
117	switch ($matches[1][$i])
118	{
119	case 'date_created':
120	$matches[1][$i] = 'date_creation'; break;
121	case 'date_posted':
122	$matches[1][$i] = 'date_available'; break;
123	case 'rand': case 'random':
124	$matches[1][$i] = DB_RANDOM_FUNCTION.'()'; break;
125	}
126	$sortable_fields = array('id', 'file', 'name', 'hit', 'average_rate',
127	'date_creation', 'date_available', DB_RANDOM_FUNCTION.'()' );
128	if ( in_array($matches[1][$i], $sortable_fields) )
129	{
130	if (!empty($ret))
131	$ret .= ', ';
132	if ($matches[1][$i] != DB_RANDOM_FUNCTION.'()' )
133	{
134	$ret .= $tbl_name;
135	}
136	$ret .= $matches[1][$i];
137	$ret .= ' '.$matches[2][$i];
138	}
139	}
140	return $ret;
141	}
142
143	/**
144	* returns an array map of urls (thumb/element) for image_row - to be returned
145	* in a standard way by different web service methods
146	*/
147	function ws_std_get_urls($image_row)
148	{
149	$ret = array(
150	'tn_url' => get_thumbnail_url($image_row),
151	'element_url' => get_element_url($image_row)
152	);
153	global $user;
154	if ($user['enabled_high'] and $image_row['has_high'] )
155	{
156	$ret['high_url'] = get_high_url($image_row);
157	}
158	return $ret;
159	}
160
161	/**
162	* returns an array of image attributes that are to be encoded as xml attributes
163	* instead of xml elements
164	*/
165	function ws_std_get_image_xml_attributes()
166	{
167	return array(
168	'id','tn_url','element_url','high_url', 'file','width','height','hit'
169	);
170	}
171
172	/**
173	* returns PWG version (web service method)
174	*/
175	function ws_getVersion($params, &$service)
176	{
177	global $conf;
178	if ($conf['show_version'])
179	return PHPWG_VERSION;
180	else
181	return new PwgError(403, 'Forbidden');
182	}
183
184	function ws_caddie_add($params, &$service)
185	{
186	if (!is_admin())
187	{
188	return new PwgError(401, 'Access denied');
189	}
190	$params['image_id'] = array_map( 'intval',$params['image_id'] );
191	if ( empty($params['image_id']) )
192	{
193	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
194	}
195	global $user;
196	$query = '
197	SELECT id
198	FROM '.IMAGES_TABLE.' LEFT JOIN '.CADDIE_TABLE.' ON id=element_id AND user_id='.$user['id'].'
199	WHERE id IN ('.implode(',',$params['image_id']).')
200	AND element_id IS NULL';
201	$datas = array();
202	foreach ( array_from_query($query, 'id') as $id )
203	{
204	array_push($datas, array('element_id'=>$id, 'user_id'=>$user['id']) );
205	}
206	if (count($datas))
207	{
208	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
209	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
210	}
211	return count($datas);
212	}
213
214	/**
215	* returns images per category (web service method)
216	*/
217	function ws_categories_getImages($params, &$service)
218	{
219	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
220	global $user, $conf;
221
222	$images = array();
223
224	//------------------------------------------------- get the related categories
225	$where_clauses = array();
226	foreach($params['cat_id'] as $cat_id)
227	{
228	$cat_id = (int)$cat_id;
229	if ($cat_id<=0)
230	continue;
231	if ($params['recursive'])
232	{
233	$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.$cat_id.'(,\|$)\'';
234	}
235	else
236	{
237	$where_clauses[] = 'id='.$cat_id;
238	}
239	}
240	if (!empty($where_clauses))
241	{
242	$where_clauses = array( '('.
243	implode('
244	OR ', $where_clauses) . ')'
245	);
246	}
247	$where_clauses[] = get_sql_condition_FandF(
248	array('forbidden_categories' => 'id'),
249	NULL, true
250	);
251
252	$query = '
253	SELECT id, name, permalink, image_order
254	FROM '.CATEGORIES_TABLE.'
255	WHERE '. implode('
256	AND ', $where_clauses);
257	$result = pwg_query($query);
258	$cats = array();
259	while ($row = pwg_db_fetch_assoc($result))
260	{
261	$row['id'] = (int)$row['id'];
262	$cats[ $row['id'] ] = $row;
263	}
264
265	//-------------------------------------------------------- get the images
266	if ( !empty($cats) )
267	{
268	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
269	$where_clauses[] = 'category_id IN ('
270	.implode(',', array_keys($cats) )
271	.')';
272	$where_clauses[] = get_sql_condition_FandF( array(
273	'visible_images' => 'i.id'
274	), null, true
275	);
276
277	$order_by = ws_std_image_sql_order($params, 'i.');
278	if ( empty($order_by)
279	and count($params['cat_id'])==1
280	and isset($cats[ $params['cat_id'][0] ]['image_order'])
281	)
282	{
283	$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
284	}
285	$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
286
287	$query = '
288	SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids
289	FROM '.IMAGES_TABLE.' i
290	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
291	WHERE '. implode('
292	AND ', $where_clauses).'
293	GROUP BY i.id
294	'.$order_by.'
295	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
296
297	$result = pwg_query($query);
298	while ($row = pwg_db_fetch_assoc($result))
299	{
300	$image = array();
301	foreach ( array('id', 'width', 'height', 'hit') as $k )
302	{
303	if (isset($row[$k]))
304	{
305	$image[$k] = (int)$row[$k];
306	}
307	}
308	foreach ( array('file', 'name', 'comment') as $k )
309	{
310	$image[$k] = $row[$k];
311	}
312	$image = array_merge( $image, ws_std_get_urls($row) );
313
314	$image_cats = array();
315	foreach ( explode(',', $row['cat_ids']) as $cat_id )
316	{
317	$url = make_index_url(
318	array(
319	'category' => $cats[$cat_id],
320	)
321	);
322	$page_url = make_picture_url(
323	array(
324	'category' => $cats[$cat_id],
325	'image_id' => $row['id'],
326	'image_file' => $row['file'],
327	)
328	);
329	array_push( $image_cats, array(
330	WS_XML_ATTRIBUTES => array (
331	'id' => (int)$cat_id,
332	'url' => $url,
333	'page_url' => $page_url,
334	)
335	)
336	);
337	}
338
339	$image['categories'] = new PwgNamedArray(
340	$image_cats,'category', array('id','url','page_url')
341	);
342	array_push($images, $image);
343	}
344	}
345
346	return array( 'images' =>
347	array (
348	WS_XML_ATTRIBUTES =>
349	array(
350	'page' => $params['page'],
351	'per_page' => $params['per_page'],
352	'count' => count($images)
353	),
354	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
355	ws_std_get_image_xml_attributes() )
356	)
357	);
358	}
359
360
361	/**
362	* returns a list of categories (web service method)
363	*/
364	function ws_categories_getList($params, &$service)
365	{
366	global $user,$conf;
367
368	$where = array('1=1');
369	$join_type = 'INNER';
370	$join_user = $user['id'];
371
372	if (!$params['recursive'])
373	{
374	if ($params['cat_id']>0)
375	$where[] = '(id_uppercat='.(int)($params['cat_id']).'
376	OR id='.(int)($params['cat_id']).')';
377	else
378	$where[] = 'id_uppercat IS NULL';
379	}
380	else if ($params['cat_id']>0)
381	{
382	$where[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.
383	(int)($params['cat_id'])
384	.'(,\|$)\'';
385	}
386
387	if ($params['public'])
388	{
389	$where[] = 'status = "public"';
390	$where[] = 'visible = "true"';
391
392	$join_user = $conf['guest_id'];
393	}
394	elseif (is_admin())
395	{
396	// in this very specific case, we don't want to hide empty
397	// categories. Function calculate_permissions will only return
398	// categories that are either locked or private and not permitted
399	//
400	// calculate_permissions does not consider empty categories as forbidden
401	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
402	$where[]= 'id NOT IN ('.$forbidden_categories.')';
403	$join_type = 'LEFT';
404	}
405
406	$query = '
407	SELECT id, name, permalink, uppercats, global_rank,
408	comment,
409	nb_images, count_images AS total_nb_images,
410	date_last, max_date_last, count_categories AS nb_categories
411	FROM '.CATEGORIES_TABLE.'
412	'.$join_type.' JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id AND user_id='.$join_user.'
413	WHERE '. implode('
414	AND ', $where);
415
416	$result = pwg_query($query);
417
418	$cats = array();
419	while ($row = pwg_db_fetch_assoc($result))
420	{
421	$row['url'] = make_index_url(
422	array(
423	'category' => $row
424	)
425	);
426	foreach( array('id','nb_images','total_nb_images','nb_categories') as $key)
427	{
428	$row[$key] = (int)$row[$key];
429	}
430
431	$row['name'] = strip_tags(
432	trigger_event(
433	'render_category_name',
434	$row['name'],
435	'ws_categories_getList'
436	)
437	);
438
439	$row['comment'] = strip_tags(
440	trigger_event(
441	'render_category_description',
442	$row['comment'],
443	'ws_categories_getList'
444	)
445	);
446
447	array_push($cats, $row);
448	}
449	usort($cats, 'global_rank_compare');
450	return array(
451	'categories' => new PwgNamedArray(
452	$cats,
453	'category',
454	array(
455	'id',
456	'url',
457	'nb_images',
458	'total_nb_images',
459	'nb_categories',
460	'date_last',
461	'max_date_last',
462	)
463	)
464	);
465	}
466
467	/**
468	* returns the list of categories as you can see them in administration (web
469	* service method).
470	*
471	* Only admin can run this method and permissions are not taken into
472	* account.
473	*/
474	function ws_categories_getAdminList($params, &$service)
475	{
476	if (!is_admin())
477	{
478	return new PwgError(401, 'Access denied');
479	}
480
481	$query = '
482	SELECT
483	category_id,
484	COUNT(*) AS counter
485	FROM '.IMAGE_CATEGORY_TABLE.'
486	GROUP BY category_id
487	;';
488	$nb_images_of = simple_hash_from_query($query, 'category_id', 'counter');
489
490	$query = '
491	SELECT
492	id,
493	name,
494	comment,
495	uppercats,
496	global_rank
497	FROM '.CATEGORIES_TABLE.'
498	;';
499	$result = pwg_query($query);
500	$cats = array();
501
502	while ($row = pwg_db_fetch_assoc($result))
503	{
504	$id = $row['id'];
505	$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
506	$row['name'] = strip_tags(
507	trigger_event(
508	'render_category_name',
509	$row['name'],
510	'ws_categories_getAdminList'
511	)
512	);
513	$row['comment'] = strip_tags(
514	trigger_event(
515	'render_category_description',
516	$row['comment'],
517	'ws_categories_getAdminList'
518	)
519	);
520	array_push($cats, $row);
521	}
522
523	usort($cats, 'global_rank_compare');
524	return array(
525	'categories' => new PwgNamedArray(
526	$cats,
527	'category',
528	array(
529	'id',
530	'nb_images',
531	'name',
532	'uppercats',
533	'global_rank',
534	)
535	)
536	);
537	}
538
539	/**
540	* returns detailed information for an element (web service method)
541	*/
542	function ws_images_addComment($params, &$service)
543	{
544	if (!$service->isPost())
545	{
546	return new PwgError(405, "This method requires HTTP POST");
547	}
548	$params['image_id'] = (int)$params['image_id'];
549	$query = '
550	SELECT DISTINCT image_id
551	FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id
552	WHERE commentable="true"
553	AND image_id='.$params['image_id'].
554	get_sql_condition_FandF(
555	array(
556	'forbidden_categories' => 'id',
557	'visible_categories' => 'id',
558	'visible_images' => 'image_id'
559	),
560	' AND'
561	);
562	if ( !pwg_db_num_rows( pwg_query( $query ) ) )
563	{
564	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
565	}
566
567	$comm = array(
568	'author' => trim( $params['author'] ),
569	'content' => trim( $params['content'] ),
570	'image_id' => $params['image_id'],
571	);
572
573	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
574
575	$comment_action = insert_user_comment(
576	$comm, $params['key'], $infos
577	);
578
579	switch ($comment_action)
580	{
581	case 'reject':
582	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
583	return new PwgError(403, implode("; ", $infos) );
584	case 'validate':
585	case 'moderate':
586	$ret = array(
587	'id' => $comm['id'],
588	'validation' => $comment_action=='validate',
589	);
590	return new PwgNamedStruct(
591	'comment',
592	$ret,
593	null, array()
594	);
595	default:
596	return new PwgError(500, "Unknown comment action ".$comment_action );
597	}
598	}
599
600	/**
601	* returns detailed information for an element (web service method)
602	*/
603	function ws_images_getInfo($params, &$service)
604	{
605	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
606	global $user, $conf;
607	$params['image_id'] = (int)$params['image_id'];
608	if ( $params['image_id']<=0 )
609	{
610	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
611	}
612
613	$query='
614	SELECT * FROM '.IMAGES_TABLE.'
615	WHERE id='.$params['image_id'].
616	get_sql_condition_FandF(
617	array('visible_images' => 'id'),
618	' AND'
619	).'
620	LIMIT 1';
621
622	$image_row = pwg_db_fetch_assoc(pwg_query($query));
623	if ($image_row==null)
624	{
625	return new PwgError(404, "image_id not found");
626	}
627	$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
628
629	//-------------------------------------------------------- related categories
630	$query = '
631	SELECT id, name, permalink, uppercats, global_rank, commentable
632	FROM '.IMAGE_CATEGORY_TABLE.'
633	INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id
634	WHERE image_id = '.$image_row['id'].
635	get_sql_condition_FandF(
636	array( 'forbidden_categories' => 'category_id' ),
637	' AND'
638	).'
639	;';
640	$result = pwg_query($query);
641	$is_commentable = false;
642	$related_categories = array();
643	while ($row = pwg_db_fetch_assoc($result))
644	{
645	if ($row['commentable']=='true')
646	{
647	$is_commentable = true;
648	}
649	unset($row['commentable']);
650	$row['url'] = make_index_url(
651	array(
652	'category' => $row
653	)
654	);
655
656	$row['page_url'] = make_picture_url(
657	array(
658	'image_id' => $image_row['id'],
659	'image_file' => $image_row['file'],
660	'category' => $row
661	)
662	);
663	$row['id']=(int)$row['id'];
664	array_push($related_categories, $row);
665	}
666	usort($related_categories, 'global_rank_compare');
667	if ( empty($related_categories) )
668	{
669	return new PwgError(401, 'Access denied');
670	}
671
672	//-------------------------------------------------------------- related tags
673	$related_tags = get_common_tags( array($image_row['id']), -1 );
674	foreach( $related_tags as $i=>$tag)
675	{
676	$tag['url'] = make_index_url(
677	array(
678	'tags' => array($tag)
679	)
680	);
681	$tag['page_url'] = make_picture_url(
682	array(
683	'image_id' => $image_row['id'],
684	'image_file' => $image_row['file'],
685	'tags' => array($tag),
686	)
687	);
688	unset($tag['counter']);
689	$tag['id']=(int)$tag['id'];
690	$related_tags[$i]=$tag;
691	}
692	//------------------------------------------------------------- related rates
693	$query = '
694	SELECT COUNT(rate) AS count
695	, ROUND(AVG(rate),2) AS average
696	FROM '.RATE_TABLE.'
697	WHERE element_id = '.$image_row['id'].'
698	;';
699	$rating = pwg_db_fetch_assoc(pwg_query($query));
700	$rating['count'] = (int)$rating['count'];
701
702	//---------------------------------------------------------- related comments
703	$related_comments = array();
704
705	$where_comments = 'image_id = '.$image_row['id'];
706	if ( !is_admin() )
707	{
708	$where_comments .= '
709	AND validated="true"';
710	}
711
712	$query = '
713	SELECT COUNT(id) AS nb_comments
714	FROM '.COMMENTS_TABLE.'
715	WHERE '.$where_comments;
716	list($nb_comments) = array_from_query($query, 'nb_comments');
717	$nb_comments = (int)$nb_comments;
718
719	if ( $nb_comments>0 and $params['comments_per_page']>0 )
720	{
721	$query = '
722	SELECT id, date, author, content
723	FROM '.COMMENTS_TABLE.'
724	WHERE '.$where_comments.'
725	ORDER BY date
726	LIMIT '.(int)$params['comments_per_page'].
727	' OFFSET '.(int)($params['comments_per_page']*$params['comments_page']);
728
729	$result = pwg_query($query);
730	while ($row = pwg_db_fetch_assoc($result))
731	{
732	$row['id']=(int)$row['id'];
733	array_push($related_comments, $row);
734	}
735	}
736
737	$comment_post_data = null;
738	if ($is_commentable and
739	(!is_a_guest()
740	or (is_a_guest() and $conf['comments_forall'] )
741	)
742	)
743	{
744	$comment_post_data['author'] = stripslashes($user['username']);
745	$comment_post_data['key'] = get_comment_post_key($params['image_id']);
746	}
747
748	$ret = $image_row;
749	foreach ( array('id','width','height','hit','filesize') as $k )
750	{
751	if (isset($ret[$k]))
752	{
753	$ret[$k] = (int)$ret[$k];
754	}
755	}
756	foreach ( array('path', 'storage_category_id') as $k )
757	{
758	unset($ret[$k]);
759	}
760
761	$ret['rates'] = array( WS_XML_ATTRIBUTES => $rating );
762	$ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') );
763	$ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','name','page_url') );
764	if ( isset($comment_post_data) )
765	{
766	$ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data );
767	}
768	$ret['comments'] = array(
769	WS_XML_ATTRIBUTES =>
770	array(
771	'page' => $params['comments_page'],
772	'per_page' => $params['comments_per_page'],
773	'count' => count($related_comments),
774	'nb_comments' => $nb_comments,
775	),
776	WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') )
777	);
778
779	return new PwgNamedStruct('image',$ret, null, array('name','comment') );
780	}
781
782
783	/**
784	* rates the image_id in the parameter
785	*/
786	function ws_images_Rate($params, &$service)
787	{
788	$image_id = (int)$params['image_id'];
789	$query = '
790	SELECT DISTINCT id FROM '.IMAGES_TABLE.'
791	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
792	WHERE id='.$image_id
793	.get_sql_condition_FandF(
794	array(
795	'forbidden_categories' => 'category_id',
796	'forbidden_images' => 'id',
797	),
798	' AND'
799	).'
800	LIMIT 1';
801	if ( pwg_db_num_rows( pwg_query($query) )==0 )
802	{
803	return new PwgError(404, "Invalid image_id or access denied" );
804	}
805	$rate = (int)$params['rate'];
806	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
807	$res = rate_picture( $image_id, $rate );
808	if ($res==false)
809	{
810	global $conf;
811	return new PwgError( 403, "Forbidden or rate not in ". implode(',',$conf['rate_items']));
812	}
813	return $res;
814	}
815
816
817	/**
818	* returns a list of elements corresponding to a query search
819	*/
820	function ws_images_search($params, &$service)
821	{
822	global $page;
823	$images = array();
824	include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
825	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
826
827	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
828	$order_by = ws_std_image_sql_order($params, 'i.');
829
830	$super_order_by = false;
831	if ( !empty($order_by) )
832	{
833	global $conf;
834	$conf['order_by'] = 'ORDER BY '.$order_by;
835	$super_order_by=true; // quick_search_result might be faster
836	}
837
838	$search_result = get_quick_search_results($params['query'],
839	$super_order_by,
840	implode(',', $where_clauses)
841	);
842
843	$image_ids = array_slice(
844	$search_result['items'],
845	$params['page']*$params['per_page'],
846	$params['per_page']
847	);
848
849	if ( count($image_ids) )
850	{
851	$query = '
852	SELECT * FROM '.IMAGES_TABLE.'
853	WHERE id IN ('.implode(',', $image_ids).')';
854
855	$image_ids = array_flip($image_ids);
856	$result = pwg_query($query);
857	while ($row = pwg_db_fetch_assoc($result))
858	{
859	$image = array();
860	foreach ( array('id', 'width', 'height', 'hit') as $k )
861	{
862	if (isset($row[$k]))
863	{
864	$image[$k] = (int)$row[$k];
865	}
866	}
867	foreach ( array('file', 'name', 'comment') as $k )
868	{
869	$image[$k] = $row[$k];
870	}
871	$image = array_merge( $image, ws_std_get_urls($row) );
872	$images[$image_ids[$image['id']]] = $image;
873	}
874	ksort($images, SORT_NUMERIC);
875	$images = array_values($images);
876	}
877
878
879	return array( 'images' =>
880	array (
881	WS_XML_ATTRIBUTES =>
882	array(
883	'page' => $params['page'],
884	'per_page' => $params['per_page'],
885	'count' => count($images)
886	),
887	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
888	ws_std_get_image_xml_attributes() )
889	)
890	);
891	}
892
893	function ws_images_setPrivacyLevel($params, &$service)
894	{
895	if (!is_admin() \|\| is_adviser() )
896	{
897	return new PwgError(401, 'Access denied');
898	}
899	if (!$service->isPost())
900	{
901	return new PwgError(405, "This method requires HTTP POST");
902	}
903	$params['image_id'] = array_map( 'intval',$params['image_id'] );
904	if ( empty($params['image_id']) )
905	{
906	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
907	}
908	global $conf;
909	if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
910	{
911	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
912	}
913
914	$query = '
915	UPDATE '.IMAGES_TABLE.'
916	SET level='.(int)$params['level'].'
917	WHERE id IN ('.implode(',',$params['image_id']).')';
918	$result = pwg_query($query);
919	$affected_rows = pwg_db_changes($result);
920	if ($affected_rows)
921	{
922	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
923	invalidate_user_cache();
924	}
925	return $affected_rows;
926	}
927
928	function ws_images_add_chunk($params, &$service)
929	{
930	global $conf;
931
932	ws_logfile('[ws_images_add_chunk] welcome');
933	// data
934	// original_sum
935	// type {thumb, file, high}
936	// position
937
938	if (!is_admin() \|\| is_adviser() )
939	{
940	return new PwgError(401, 'Access denied');
941	}
942
943	if (!$service->isPost())
944	{
945	return new PwgError(405, "This method requires HTTP POST");
946	}
947
948	foreach ($params as $param_key => $param_value) {
949	if ('data' == $param_key) {
950	continue;
951	}
952
953	ws_logfile(
954	sprintf(
955	'[ws_images_add_chunk] input param "%s" : "%s"',
956	$param_key,
957	is_null($param_value) ? 'NULL' : $param_value
958	)
959	);
960	}
961
962	$upload_dir = $conf['upload_dir'].'/buffer';
963
964	// create the upload directory tree if not exists
965	if (!is_dir($upload_dir)) {
966	umask(0000);
967	$recursive = true;
968	if (!@mkdir($upload_dir, 0777, $recursive))
969	{
970	return new PwgError(500, 'error during buffer directory creation');
971	}
972	}
973
974	if (!is_writable($upload_dir))
975	{
976	// last chance to make the directory writable
977	@chmod($upload_dir, 0777);
978
979	if (!is_writable($upload_dir))
980	{
981	return new PwgError(500, 'buffer directory has no write access');
982	}
983	}
984
985	secure_directory($upload_dir);
986
987	$filename = sprintf(
988	'%s-%s-%05u.block',
989	$params['original_sum'],
990	$params['type'],
991	$params['position']
992	);
993
994	ws_logfile('[ws_images_add_chunk] data length : '.strlen($params['data']));
995
996	$bytes_written = file_put_contents(
997	$upload_dir.'/'.$filename,
998	base64_decode($params['data'])
999	);
1000
1001	if (false === $bytes_written) {
1002	return new PwgError(
1003	500,
1004	'an error has occured while writting chunk '.$params['position'].' for '.$params['type']
1005	);
1006	}
1007	}
1008
1009	function merge_chunks($output_filepath, $original_sum, $type)
1010	{
1011	global $conf;
1012
1013	ws_logfile('[merge_chunks] input parameter $output_filepath : '.$output_filepath);
1014
1015	if (is_file($output_filepath))
1016	{
1017	unlink($output_filepath);
1018
1019	if (is_file($output_filepath))
1020	{
1021	new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath);
1022	exit();
1023	}
1024	}
1025
1026	$upload_dir = $conf['upload_dir'].'/buffer';
1027	$pattern = '/'.$original_sum.'-'.$type.'/';
1028	$chunks = array();
1029
1030	if ($handle = opendir($upload_dir))
1031	{
1032	while (false !== ($file = readdir($handle)))
1033	{
1034	if (preg_match($pattern, $file))
1035	{
1036	ws_logfile($file);
1037	array_push($chunks, $upload_dir.'/'.$file);
1038	}
1039	}
1040	closedir($handle);
1041	}
1042
1043	sort($chunks);
1044
1045	if (function_exists('memory_get_usage')) {
1046	ws_logfile('[merge_chunks] memory_get_usage before loading chunks: '.memory_get_usage());
1047	}
1048
1049	$i = 0;
1050
1051	foreach ($chunks as $chunk)
1052	{
1053	$string = file_get_contents($chunk);
1054
1055	if (function_exists('memory_get_usage')) {
1056	ws_logfile('[merge_chunks] memory_get_usage on chunk '.++$i.': '.memory_get_usage());
1057	}
1058
1059	if (!file_put_contents($output_filepath, $string, FILE_APPEND))
1060	{
1061	new PwgError(500, '[merge_chunks] error while writting chunks for '.$output_filepath);
1062	exit();
1063	}
1064
1065	unlink($chunk);
1066	}
1067
1068	if (function_exists('memory_get_usage')) {
1069	ws_logfile('[merge_chunks] memory_get_usage after loading chunks: '.memory_get_usage());
1070	}
1071	}
1072
1073	/*
1074	* The $file_path must be the path of the basic "web sized" photo
1075	* The $type value will automatically modify the $file_path to the corresponding file
1076	*/
1077	function add_file($file_path, $type, $original_sum, $file_sum)
1078	{
1079	$file_path = file_path_for_type($file_path, $type);
1080
1081	$upload_dir = dirname($file_path);
1082	if (substr(PHP_OS, 0, 3) == 'WIN')
1083	{
1084	$upload_dir = str_replace('/', DIRECTORY_SEPARATOR, $upload_dir);
1085	}
1086
1087	ws_logfile('[add_file] file_path : '.$file_path);
1088	ws_logfile('[add_file] upload_dir : '.$upload_dir);
1089
1090	if (!is_dir($upload_dir)) {
1091	umask(0000);
1092	$recursive = true;
1093	if (!@mkdir($upload_dir, 0777, $recursive))
1094	{
1095	new PwgError(500, '[add_file] error during '.$type.' directory creation');
1096	exit();
1097	}
1098	}
1099
1100	if (!is_writable($upload_dir))
1101	{
1102	// last chance to make the directory writable
1103	@chmod($upload_dir, 0777);
1104
1105	if (!is_writable($upload_dir))
1106	{
1107	new PwgError(500, '[add_file] '.$type.' directory has no write access');
1108	exit();
1109	}
1110	}
1111
1112	secure_directory($upload_dir);
1113
1114	// merge the thumbnail
1115	merge_chunks($file_path, $original_sum, $type);
1116	chmod($file_path, 0644);
1117
1118	// check dumped thumbnail md5
1119	$dumped_md5 = md5_file($file_path);
1120	if ($dumped_md5 != $file_sum) {
1121	new PwgError(500, '[add_file] '.$type.' transfer failed');
1122	exit();
1123	}
1124
1125	list($width, $height) = getimagesize($file_path);
1126	$filesize = floor(filesize($file_path)/1024);
1127
1128	return array(
1129	'width' => $width,
1130	'height' => $height,
1131	'filesize' => $filesize,
1132	);
1133	}
1134
1135	function ws_images_addFile($params, &$service)
1136	{
1137	// image_id
1138	// type {thumb, file, high}
1139	// sum
1140
1141	global $conf;
1142	if (!is_admin() \|\| is_adviser() )
1143	{
1144	return new PwgError(401, 'Access denied');
1145	}
1146
1147	$params['image_id'] = (int)$params['image_id'];
1148	if ($params['image_id'] <= 0)
1149	{
1150	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1151	}
1152
1153	//
1154	// what is the path?
1155	//
1156	$query = '
1157	SELECT
1158	path,
1159	md5sum
1160	FROM '.IMAGES_TABLE.'
1161	WHERE id = '.$params['image_id'].'
1162	;';
1163	list($file_path, $original_sum) = pwg_db_fetch_row(pwg_query($query));
1164
1165	// TODO only files added with web API can be updated with web API
1166
1167	//
1168	// makes sure directories are there and call the merge_chunks
1169	//
1170	$infos = add_file($file_path, $params['type'], $original_sum, $params['sum']);
1171
1172	//
1173	// update basic metadata from file
1174	//
1175	$update = array();
1176
1177	if ('high' == $params['type'])
1178	{
1179	$update['high_filesize'] = $infos['filesize'];
1180	$update['has_high'] = 'true';
1181	}
1182
1183	if ('file' == $params['type'])
1184	{
1185	$update['filesize'] = $infos['filesize'];
1186	$update['width'] = $infos['width'];
1187	$update['height'] = $infos['height'];
1188	}
1189
1190	// we may have nothing to update at database level, for example with a
1191	// thumbnail update
1192	if (count($update) > 0)
1193	{
1194	$update['id'] = $params['image_id'];
1195
1196	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1197	mass_updates(
1198	IMAGES_TABLE,
1199	array(
1200	'primary' => array('id'),
1201	'update' => array_diff(array_keys($update), array('id'))
1202	),
1203	array($update)
1204	);
1205	}
1206	}
1207
1208	function ws_images_add($params, &$service)
1209	{
1210	global $conf;
1211	if (!is_admin() \|\| is_adviser() )
1212	{
1213	return new PwgError(401, 'Access denied');
1214	}
1215
1216	foreach ($params as $param_key => $param_value) {
1217	ws_logfile(
1218	sprintf(
1219	'[pwg.images.add] input param "%s" : "%s"',
1220	$param_key,
1221	is_null($param_value) ? 'NULL' : $param_value
1222	)
1223	);
1224	}
1225
1226	// does the image already exists ?
1227	if ('md5sum' == $conf['uniqueness_mode'])
1228	{
1229	$where_clause = "md5sum = '".$params['original_sum']."'";
1230	}
1231	if ('filename' == $conf['uniqueness_mode'])
1232	{
1233	$where_clause = "file = '".$params['original_filename']."'";
1234	}
1235
1236	$query = '
1237	SELECT
1238	COUNT(*) AS counter
1239	FROM '.IMAGES_TABLE.'
1240	WHERE '.$where_clause.'
1241	;';
1242	list($counter) = pwg_db_fetch_row(pwg_query($query));
1243	if ($counter != 0) {
1244	return new PwgError(500, 'file already exists');
1245	}
1246
1247	// current date
1248	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1249	list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
1250
1251	// upload directory hierarchy
1252	$upload_dir = sprintf(
1253	$conf['upload_dir'].'/%s/%s/%s',
1254	$year,
1255	$month,
1256	$day
1257	);
1258
1259	// compute file path
1260	$date_string = preg_replace('/[^\d]/', '', $dbnow);
1261	$random_string = substr($params['file_sum'], 0, 8);
1262	$filename_wo_ext = $date_string.'-'.$random_string;
1263	$file_path = $upload_dir.'/'.$filename_wo_ext.'.jpg';
1264
1265	// add files
1266	$file_infos = add_file($file_path, 'file', $params['original_sum'], $params['file_sum']);
1267	$thumb_infos = add_file($file_path, 'thumb', $params['original_sum'], $params['thumbnail_sum']);
1268
1269	if (isset($params['high_sum']))
1270	{
1271	$high_infos = add_file($file_path, 'high', $params['original_sum'], $params['high_sum']);
1272	}
1273
1274	// database registration
1275	$insert = array(
1276	'file' => !empty($params['original_filename']) ? $params['original_filename'] : $filename_wo_ext.'.jpg',
1277	'date_available' => $dbnow,
1278	'tn_ext' => 'jpg',
1279	'name' => $params['name'],
1280	'path' => $file_path,
1281	'filesize' => $file_infos['filesize'],
1282	'width' => $file_infos['width'],
1283	'height' => $file_infos['height'],
1284	'md5sum' => $params['original_sum'],
1285	);
1286
1287	$info_columns = array(
1288	'name',
1289	'author',
1290	'comment',
1291	'level',
1292	'date_creation',
1293	);
1294
1295	foreach ($info_columns as $key)
1296	{
1297	if (isset($params[$key]))
1298	{
1299	$insert[$key] = $params[$key];
1300	}
1301	}
1302
1303	if (isset($params['high_sum']))
1304	{
1305	$insert['has_high'] = 'true';
1306	$insert['high_filesize'] = $high_infos['filesize'];
1307	}
1308
1309	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1310	mass_inserts(
1311	IMAGES_TABLE,
1312	array_keys($insert),
1313	array($insert)
1314	);
1315
1316	$image_id = pwg_db_insert_id(IMAGES_TABLE);
1317
1318	// let's add links between the image and the categories
1319	if (isset($params['categories']))
1320	{
1321	ws_add_image_category_relations($image_id, $params['categories']);
1322	}
1323
1324	// and now, let's create tag associations
1325	if (isset($params['tag_ids']) and !empty($params['tag_ids']))
1326	{
1327	set_tags(
1328	explode(',', $params['tag_ids']),
1329	$image_id
1330	);
1331	}
1332
1333	// update metadata from the uploaded file (exif/iptc)
1334	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
1335	update_metadata(array($image_id=>$file_path));
1336
1337	invalidate_user_cache();
1338	}
1339
1340	/**
1341	* perform a login (web service method)
1342	*/
1343	function ws_session_login($params, &$service)
1344	{
1345	global $conf;
1346
1347	if (!$service->isPost())
1348	{
1349	return new PwgError(405, "This method requires HTTP POST");
1350	}
1351	if (try_log_user($params['username'], $params['password'],false))
1352	{
1353	return true;
1354	}
1355	return new PwgError(999, 'Invalid username/password');
1356	}
1357
1358
1359	/**
1360	* performs a logout (web service method)
1361	*/
1362	function ws_session_logout($params, &$service)
1363	{
1364	if (!is_a_guest())
1365	{
1366	logout_user();
1367	}
1368	return true;
1369	}
1370
1371	function ws_session_getStatus($params, &$service)
1372	{
1373	global $user;
1374	$res = array();
1375	$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
1376	foreach ( array('status', 'theme', 'language') as $k )
1377	{
1378	$res[$k] = $user[$k];
1379	}
1380	$res['pwg_token'] = get_pwg_token();
1381	$res['charset'] = get_pwg_charset();
1382	return $res;
1383	}
1384
1385
1386	/**
1387	* returns a list of tags (web service method)
1388	*/
1389	function ws_tags_getList($params, &$service)
1390	{
1391	$tags = get_available_tags();
1392	if ($params['sort_by_counter'])
1393	{
1394	usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
1395	}
1396	else
1397	{
1398	usort($tags, 'tag_alpha_compare');
1399	}
1400	for ($i=0; $i<count($tags); $i++)
1401	{
1402	$tags[$i]['id'] = (int)$tags[$i]['id'];
1403	$tags[$i]['counter'] = (int)$tags[$i]['counter'];
1404	$tags[$i]['url'] = make_index_url(
1405	array(
1406	'section'=>'tags',
1407	'tags'=>array($tags[$i])
1408	)
1409	);
1410	}
1411	return array('tags' => new PwgNamedArray($tags, 'tag', array('id','url_name','url', 'name', 'counter' )) );
1412	}
1413
1414	/**
1415	* returns the list of tags as you can see them in administration (web
1416	* service method).
1417	*
1418	* Only admin can run this method and permissions are not taken into
1419	* account.
1420	*/
1421	function ws_tags_getAdminList($params, &$service)
1422	{
1423	if (!is_admin())
1424	{
1425	return new PwgError(401, 'Access denied');
1426	}
1427
1428	$tags = get_all_tags();
1429	return array(
1430	'tags' => new PwgNamedArray(
1431	$tags,
1432	'tag',
1433	array(
1434	'name',
1435	'id',
1436	'url_name',
1437	)
1438	)
1439	);
1440	}
1441
1442	/**
1443	* returns a list of images for tags (web service method)
1444	*/
1445	function ws_tags_getImages($params, &$service)
1446	{
1447	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
1448	global $conf;
1449
1450	// first build all the tag_ids we are interested in
1451	$params['tag_id'] = array_map( 'intval',$params['tag_id'] );
1452	$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
1453	$tags_by_id = array();
1454	foreach( $tags as $tag )
1455	{
1456	$tags['id'] = (int)$tag['id'];
1457	$tags_by_id[ $tag['id'] ] = $tag;
1458	}
1459	unset($tags);
1460	$tag_ids = array_keys($tags_by_id);
1461
1462
1463	$image_ids = array();
1464	$image_tag_map = array();
1465
1466	if ( !empty($tag_ids) )
1467	{ // build list of image ids with associated tags per image
1468	if ($params['tag_mode_and'])
1469	{
1470	$image_ids = get_image_ids_for_tags( $tag_ids );
1471	}
1472	else
1473	{
1474	$query = '
1475	SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
1476	FROM '.IMAGE_TAG_TABLE.'
1477	WHERE tag_id IN ('.implode(',',$tag_ids).')
1478	GROUP BY image_id';
1479	$result = pwg_query($query);
1480	while ( $row=pwg_db_fetch_assoc($result) )
1481	{
1482	$row['image_id'] = (int)$row['image_id'];
1483	array_push( $image_ids, $row['image_id'] );
1484	$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
1485	}
1486	}
1487	}
1488
1489	$images = array();
1490	if ( !empty($image_ids))
1491	{
1492	$where_clauses = ws_std_image_sql_filter($params);
1493	$where_clauses[] = get_sql_condition_FandF(
1494	array
1495	(
1496	'forbidden_categories' => 'category_id',
1497	'visible_categories' => 'category_id',
1498	'visible_images' => 'i.id'
1499	),
1500	'', true
1501	);
1502	$where_clauses[] = 'id IN ('.implode(',',$image_ids).')';
1503
1504	$order_by = ws_std_image_sql_order($params);
1505	if (empty($order_by))
1506	{
1507	$order_by = $conf['order_by'];
1508	}
1509	else
1510	{
1511	$order_by = 'ORDER BY '.$order_by;
1512	}
1513
1514	$query = '
1515	SELECT DISTINCT i.* FROM '.IMAGES_TABLE.' i
1516	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
1517	WHERE '. implode('
1518	AND ', $where_clauses).'
1519	'.$order_by.'
1520	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
1521
1522	$result = pwg_query($query);
1523	while ($row = pwg_db_fetch_assoc($result))
1524	{
1525	$image = array();
1526	foreach ( array('id', 'width', 'height', 'hit') as $k )
1527	{
1528	if (isset($row[$k]))
1529	{
1530	$image[$k] = (int)$row[$k];
1531	}
1532	}
1533	foreach ( array('file', 'name', 'comment') as $k )
1534	{
1535	$image[$k] = $row[$k];
1536	}
1537	$image = array_merge( $image, ws_std_get_urls($row) );
1538
1539	$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
1540	$image_tags = array();
1541	foreach ($image_tag_ids as $tag_id)
1542	{
1543	$url = make_index_url(
1544	array(
1545	'section'=>'tags',
1546	'tags'=> array($tags_by_id[$tag_id])
1547	)
1548	);
1549	$page_url = make_picture_url(
1550	array(
1551	'section'=>'tags',
1552	'tags'=> array($tags_by_id[$tag_id]),
1553	'image_id' => $row['id'],
1554	'image_file' => $row['file'],
1555	)
1556	);
1557	array_push($image_tags, array(
1558	'id' => (int)$tag_id,
1559	'url' => $url,
1560	'page_url' => $page_url,
1561	)
1562	);
1563	}
1564	$image['tags'] = new PwgNamedArray($image_tags, 'tag',
1565	array('id','url_name','url','page_url')
1566	);
1567	array_push($images, $image);
1568	}
1569	}
1570
1571	return array( 'images' =>
1572	array (
1573	WS_XML_ATTRIBUTES =>
1574	array(
1575	'page' => $params['page'],
1576	'per_page' => $params['per_page'],
1577	'count' => count($images)
1578	),
1579	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
1580	ws_std_get_image_xml_attributes() )
1581	)
1582	);
1583	}
1584
1585	function ws_categories_add($params, &$service)
1586	{
1587	if (!is_admin() or is_adviser())
1588	{
1589	return new PwgError(401, 'Access denied');
1590	}
1591
1592	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1593
1594	$creation_output = create_virtual_category(
1595	$params['name'],
1596	$params['parent']
1597	);
1598
1599	if (isset($creation_output['error']))
1600	{
1601	return new PwgError(500, $creation_output['error']);
1602	}
1603
1604	invalidate_user_cache();
1605
1606	return $creation_output;
1607	}
1608
1609	function ws_tags_add($params, &$service)
1610	{
1611	if (!is_admin() or is_adviser())
1612	{
1613	return new PwgError(401, 'Access denied');
1614	}
1615
1616	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1617
1618	$creation_output = create_tag($params['name']);
1619
1620	if (isset($creation_output['error']))
1621	{
1622	return new PwgError(500, $creation_output['error']);
1623	}
1624
1625	return $creation_output;
1626	}
1627
1628	function ws_images_exist($params, &$service)
1629	{
1630	global $conf;
1631
1632	if (!is_admin() or is_adviser())
1633	{
1634	return new PwgError(401, 'Access denied');
1635	}
1636
1637	$split_pattern = '/[\s,;\\|]/';
1638
1639	if ('md5sum' == $conf['uniqueness_mode'])
1640	{
1641	// search among photos the list of photos already added, based on md5sum
1642	// list
1643	$md5sums = preg_split(
1644	$split_pattern,
1645	$params['md5sum_list'],
1646	-1,
1647	PREG_SPLIT_NO_EMPTY
1648	);
1649
1650	$query = '
1651	SELECT
1652	id,
1653	md5sum
1654	FROM '.IMAGES_TABLE.'
1655	WHERE md5sum IN (\''.implode("','", $md5sums).'\')
1656	;';
1657	$id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
1658
1659	$result = array();
1660
1661	foreach ($md5sums as $md5sum)
1662	{
1663	$result[$md5sum] = null;
1664	if (isset($id_of_md5[$md5sum]))
1665	{
1666	$result[$md5sum] = $id_of_md5[$md5sum];
1667	}
1668	}
1669	}
1670
1671	if ('filename' == $conf['uniqueness_mode'])
1672	{
1673	// search among photos the list of photos already added, based on
1674	// filename list
1675	$filenames = preg_split(
1676	$split_pattern,
1677	$params['filename_list'],
1678	-1,
1679	PREG_SPLIT_NO_EMPTY
1680	);
1681
1682	$query = '
1683	SELECT
1684	id,
1685	file
1686	FROM '.IMAGES_TABLE.'
1687	WHERE file IN (\''.implode("','", $filenames).'\')
1688	;';
1689	$id_of_filename = simple_hash_from_query($query, 'file', 'id');
1690
1691	$result = array();
1692
1693	foreach ($filenames as $filename)
1694	{
1695	$result[$filename] = null;
1696	if (isset($id_of_filename[$filename]))
1697	{
1698	$result[$filename] = $id_of_filename[$filename];
1699	}
1700	}
1701	}
1702
1703	return $result;
1704	}
1705
1706	function ws_images_checkFiles($params, &$service)
1707	{
1708	if (!is_admin() or is_adviser())
1709	{
1710	return new PwgError(401, 'Access denied');
1711	}
1712
1713	// input parameters
1714	//
1715	// image_id
1716	// thumbnail_sum
1717	// file_sum
1718	// high_sum
1719
1720	$params['image_id'] = (int)$params['image_id'];
1721	if ($params['image_id'] <= 0)
1722	{
1723	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1724	}
1725
1726	$query = '
1727	SELECT
1728	path
1729	FROM '.IMAGES_TABLE.'
1730	WHERE id = '.$params['image_id'].'
1731	;';
1732	$result = pwg_query($query);
1733	if (pwg_db_num_rows($result) == 0) {
1734	return new PwgError(404, "image_id not found");
1735	}
1736	list($path) = pwg_db_fetch_row($result);
1737
1738	$ret = array();
1739
1740	foreach (array('thumb', 'file', 'high') as $type) {
1741	$param_name = $type;
1742	if ('thumb' == $type) {
1743	$param_name = 'thumbnail';
1744	}
1745
1746	if (isset($params[$param_name.'_sum'])) {
1747	$type_path = file_path_for_type($path, $type);
1748	if (!is_file($type_path)) {
1749	$ret[$param_name] = 'missing';
1750	}
1751	else {
1752	if (md5_file($type_path) != $params[$param_name.'_sum']) {
1753	$ret[$param_name] = 'differs';
1754	}
1755	else {
1756	$ret[$param_name] = 'equals';
1757	}
1758	}
1759	}
1760	}
1761
1762	return $ret;
1763	}
1764
1765	function file_path_for_type($file_path, $type='thumb')
1766	{
1767	// resolve the $file_path depending on the $type
1768	if ('thumb' == $type) {
1769	$file_path = get_thumbnail_location(
1770	array(
1771	'path' => $file_path,
1772	'tn_ext' => 'jpg',
1773	)
1774	);
1775	}
1776
1777	if ('high' == $type) {
1778	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
1779	$file_path = get_high_location(
1780	array(
1781	'path' => $file_path,
1782	'has_high' => 'true'
1783	)
1784	);
1785	}
1786
1787	return $file_path;
1788	}
1789
1790	function ws_images_setInfo($params, &$service)
1791	{
1792	global $conf;
1793	if (!is_admin() \|\| is_adviser() )
1794	{
1795	return new PwgError(401, 'Access denied');
1796	}
1797
1798	if (!$service->isPost())
1799	{
1800	return new PwgError(405, "This method requires HTTP POST");
1801	}
1802
1803	$params['image_id'] = (int)$params['image_id'];
1804	if ($params['image_id'] <= 0)
1805	{
1806	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1807	}
1808
1809	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1810
1811	$query='
1812	SELECT *
1813	FROM '.IMAGES_TABLE.'
1814	WHERE id = '.$params['image_id'].'
1815	;';
1816
1817	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1818	if ($image_row == null)
1819	{
1820	return new PwgError(404, "image_id not found");
1821	}
1822
1823	// database registration
1824	$update = array();
1825
1826	$info_columns = array(
1827	'name',
1828	'author',
1829	'comment',
1830	'level',
1831	'date_creation',
1832	);
1833
1834	foreach ($info_columns as $key)
1835	{
1836	if (isset($params[$key]))
1837	{
1838	if ('fill_if_empty' == $params['single_value_mode'])
1839	{
1840	if (empty($image_row[$key]))
1841	{
1842	$update[$key] = $params[$key];
1843	}
1844	}
1845	elseif ('replace' == $params['single_value_mode'])
1846	{
1847	$update[$key] = $params[$key];
1848	}
1849	else
1850	{
1851	new PwgError(
1852	500,
1853	'[ws_images_setInfo]'
1854	.' invalid parameter single_value_mode "'.$params['single_value_mode'].'"'
1855	.', possible values are {fill_if_empty, replace}.'
1856	);
1857	exit();
1858	}
1859	}
1860	}
1861
1862	if (count(array_keys($update)) > 0)
1863	{
1864	$update['id'] = $params['image_id'];
1865
1866	mass_updates(
1867	IMAGES_TABLE,
1868	array(
1869	'primary' => array('id'),
1870	'update' => array_diff(array_keys($update), array('id'))
1871	),
1872	array($update)
1873	);
1874	}
1875
1876	if (isset($params['categories']))
1877	{
1878	ws_add_image_category_relations(
1879	$params['image_id'],
1880	$params['categories'],
1881	('replace' == $params['multiple_value_mode'] ? true : false)
1882	);
1883	}
1884
1885	// and now, let's create tag associations
1886	if (isset($params['tag_ids']))
1887	{
1888	$tag_ids = explode(',', $params['tag_ids']);
1889
1890	if ('replace' == $params['multiple_value_mode'])
1891	{
1892	set_tags(
1893	$tag_ids,
1894	$params['image_id']
1895	);
1896	}
1897	elseif ('append' == $params['multiple_value_mode'])
1898	{
1899	add_tags(
1900	$tag_ids,
1901	array($params['image_id'])
1902	);
1903	}
1904	else
1905	{
1906	new PwgError(
1907	500,
1908	'[ws_images_setInfo]'
1909	.' invalid parameter multiple_value_mode "'.$params['multiple_value_mode'].'"'
1910	.', possible values are {replace, append}.'
1911	);
1912	exit();
1913	}
1914	}
1915
1916	invalidate_user_cache();
1917	}
1918
1919	function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
1920	{
1921	// let's add links between the image and the categories
1922	//
1923	// $params['categories'] should look like 123,12;456,auto;789 which means:
1924	//
1925	// 1. associate with category 123 on rank 12
1926	// 2. associate with category 456 on automatic rank
1927	// 3. associate with category 789 on automatic rank
1928	$cat_ids = array();
1929	$rank_on_category = array();
1930	$search_current_ranks = false;
1931
1932	$tokens = explode(';', $categories_string);
1933	foreach ($tokens as $token)
1934	{
1935	@list($cat_id, $rank) = explode(',', $token);
1936
1937	if (!preg_match('/^\d+$/', $cat_id))
1938	{
1939	continue;
1940	}
1941
1942	array_push($cat_ids, $cat_id);
1943
1944	if (!isset($rank))
1945	{
1946	$rank = 'auto';
1947	}
1948	$rank_on_category[$cat_id] = $rank;
1949
1950	if ($rank == 'auto')
1951	{
1952	$search_current_ranks = true;
1953	}
1954	}
1955
1956	$cat_ids = array_unique($cat_ids);
1957
1958	if (count($cat_ids) == 0)
1959	{
1960	new PwgError(
1961	500,
1962	'[ws_add_image_category_relations] there is no category defined in "'.$categories_string.'"'
1963	);
1964	exit();
1965	}
1966
1967	$query = '
1968	SELECT
1969	id
1970	FROM '.CATEGORIES_TABLE.'
1971	WHERE id IN ('.implode(',', $cat_ids).')
1972	;';
1973	$db_cat_ids = array_from_query($query, 'id');
1974
1975	$unknown_cat_ids = array_diff($cat_ids, $db_cat_ids);
1976	if (count($unknown_cat_ids) != 0)
1977	{
1978	new PwgError(
1979	500,
1980	'[ws_add_image_category_relations] the following categories are unknown: '.implode(', ', $unknown_cat_ids)
1981	);
1982	exit();
1983	}
1984
1985	$to_update_cat_ids = array();
1986
1987	// in case of replace mode, we first check the existing associations
1988	$query = '
1989	SELECT
1990	category_id
1991	FROM '.IMAGE_CATEGORY_TABLE.'
1992	WHERE image_id = '.$image_id.'
1993	;';
1994	$existing_cat_ids = array_from_query($query, 'category_id');
1995
1996	if ($replace_mode)
1997	{
1998	$to_remove_cat_ids = array_diff($existing_cat_ids, $cat_ids);
1999	if (count($to_remove_cat_ids) > 0)
2000	{
2001	$query = '
2002	DELETE
2003	FROM '.IMAGE_CATEGORY_TABLE.'
2004	WHERE image_id = '.$image_id.'
2005	AND category_id IN ('.implode(', ', $to_remove_cat_ids).')
2006	;';
2007	pwg_query($query);
2008	update_category($to_remove_cat_ids);
2009	}
2010	}
2011
2012	$new_cat_ids = array_diff($cat_ids, $existing_cat_ids);
2013	if (count($new_cat_ids) == 0)
2014	{
2015	return true;
2016	}
2017
2018	if ($search_current_ranks)
2019	{
2020	$query = '
2021	SELECT
2022	category_id,
2023	MAX(rank) AS max_rank
2024	FROM '.IMAGE_CATEGORY_TABLE.'
2025	WHERE rank IS NOT NULL
2026	AND category_id IN ('.implode(',', $new_cat_ids).')
2027	GROUP BY category_id
2028	;';
2029	$current_rank_of = simple_hash_from_query(
2030	$query,
2031	'category_id',
2032	'max_rank'
2033	);
2034
2035	foreach ($new_cat_ids as $cat_id)
2036	{
2037	if (!isset($current_rank_of[$cat_id]))
2038	{
2039	$current_rank_of[$cat_id] = 0;
2040	}
2041
2042	if ('auto' == $rank_on_category[$cat_id])
2043	{
2044	$rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1;
2045	}
2046	}
2047	}
2048
2049	$inserts = array();
2050
2051	foreach ($new_cat_ids as $cat_id)
2052	{
2053	array_push(
2054	$inserts,
2055	array(
2056	'image_id' => $image_id,
2057	'category_id' => $cat_id,
2058	'rank' => $rank_on_category[$cat_id],
2059	)
2060	);
2061	}
2062
2063	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2064	mass_inserts(
2065	IMAGE_CATEGORY_TABLE,
2066	array_keys($inserts[0]),
2067	$inserts
2068	);
2069
2070	update_category($new_cat_ids);
2071	}
2072
2073	function ws_categories_setInfo($params, &$service)
2074	{
2075	global $conf;
2076	if (!is_admin() \|\| is_adviser() )
2077	{
2078	return new PwgError(401, 'Access denied');
2079	}
2080
2081	if (!$service->isPost())
2082	{
2083	return new PwgError(405, "This method requires HTTP POST");
2084	}
2085
2086	// category_id
2087	// name
2088	// comment
2089
2090	$params['category_id'] = (int)$params['category_id'];
2091	if ($params['category_id'] <= 0)
2092	{
2093	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
2094	}
2095
2096	// database registration
2097	$update = array(
2098	'id' => $params['category_id'],
2099	);
2100
2101	$info_columns = array(
2102	'name',
2103	'comment',
2104	);
2105
2106	$perform_update = false;
2107	foreach ($info_columns as $key)
2108	{
2109	if (isset($params[$key]))
2110	{
2111	$perform_update = true;
2112	$update[$key] = $params[$key];
2113	}
2114	}
2115
2116	if ($perform_update)
2117	{
2118	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2119	mass_updates(
2120	CATEGORIES_TABLE,
2121	array(
2122	'primary' => array('id'),
2123	'update' => array_diff(array_keys($update), array('id'))
2124	),
2125	array($update)
2126	);
2127	}
2128
2129	}
2130
2131	function ws_logfile($string)
2132	{
2133	global $conf;
2134
2135	if (!$conf['ws_enable_log']) {
2136	return true;
2137	}
2138
2139	file_put_contents(
2140	$conf['ws_log_filepath'],
2141	'['.date('c').'] '.$string."\n",
2142	FILE_APPEND
2143	);
2144	}
2145
2146	function ws_images_checkUpload($params, &$service)
2147	{
2148	global $conf;
2149
2150	if (!is_admin() or is_adviser())
2151	{
2152	return new PwgError(401, 'Access denied');
2153	}
2154
2155	$ret['message'] = ready_for_upload_message();
2156	$ret['ready_for_upload'] = true;
2157
2158	if (!empty($ret['message']))
2159	{
2160	$ret['ready_for_upload'] = false;
2161	}
2162
2163	return $ret;
2164	}
2165
2166	function ready_for_upload_message()
2167	{
2168	global $conf;
2169
2170	$relative_dir = preg_replace('#^'.PHPWG_ROOT_PATH.'#', '', $conf['upload_dir']);
2171
2172	if (!is_dir($conf['upload_dir']))
2173	{
2174	if (!is_writable(dirname($conf['upload_dir'])))
2175	{
2176	return sprintf(
2177	l10n('Create the "%s" directory at the root of your Piwigo installation'),
2178	$relative_dir
2179	);
2180	}
2181	}
2182	else
2183	{
2184	if (!is_writable($conf['upload_dir']))
2185	{
2186	@chmod($conf['upload_dir'], 0777);
2187
2188	if (!is_writable($conf['upload_dir']))
2189	{
2190	return sprintf(
2191	l10n('Give write access (chmod 777) to "%s" directory at the root of your Piwigo installation'),
2192	$relative_dir
2193	);
2194	}
2195	}
2196	}
2197
2198	return null;
2199	}
2200	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/branches/2.1/include/ws_functions.inc.php @ 9913

Download in other formats: