source: branches/2.7/admin/batch_manager.php @ 30953

Last change on this file since 30953 was 30953, checked in by plg, 9 years ago

merge r30952 from trunk to branch 2.7

bug 3202 fixed: additional input check for filter_level

File size: 20.3 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2014 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/**
25 * Management of elements set. Elements can belong to a category or to the
26 * user caddie.
27 *
28 */
29
30if (!defined('PHPWG_ROOT_PATH'))
31{
32  die('Hacking attempt!');
33}
34
35include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
36include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
37
38// +-----------------------------------------------------------------------+
39// | Check Access and exit when user status is not ok                      |
40// +-----------------------------------------------------------------------+
41
42check_status(ACCESS_ADMINISTRATOR);
43
44check_input_parameter('selection', $_POST, true, PATTERN_ID);
45
46// +-----------------------------------------------------------------------+
47// | specific actions                                                      |
48// +-----------------------------------------------------------------------+
49
50if (isset($_GET['action']))
51{
52  if ('empty_caddie' == $_GET['action'])
53  {
54    $query = '
55DELETE FROM '.CADDIE_TABLE.'
56  WHERE user_id = '.$user['id'].'
57;';
58    pwg_query($query);
59
60    $_SESSION['page_infos'] = array(
61      l10n('Information data registered in database')
62      );
63   
64    redirect(get_root_url().'admin.php?page='.$_GET['page']);
65  }
66}
67
68// +-----------------------------------------------------------------------+
69// |                      initialize current set                           |
70// +-----------------------------------------------------------------------+
71
72// filters from form
73if (isset($_POST['submitFilter']))
74{
75  // echo '<pre>'; print_r($_POST); echo '</pre>';
76  unset($_REQUEST['start']); // new photo set must reset the page
77  $_SESSION['bulk_manager_filter'] = array();
78
79  if (isset($_POST['filter_prefilter_use']))
80  {
81    $_SESSION['bulk_manager_filter']['prefilter'] = $_POST['filter_prefilter'];
82
83    if ('duplicates' == $_POST['filter_prefilter'])
84    {
85      if (isset($_POST['filter_duplicates_date']))
86      {
87        $_SESSION['bulk_manager_filter']['duplicates_date'] = true;
88      }
89     
90      if (isset($_POST['filter_duplicates_dimensions']))
91      {
92        $_SESSION['bulk_manager_filter']['duplicates_dimensions'] = true;
93      }
94    }
95  }
96
97  if (isset($_POST['filter_category_use']))
98  {
99    $_SESSION['bulk_manager_filter']['category'] = $_POST['filter_category'];
100
101    if (isset($_POST['filter_category_recursive']))
102    {
103      $_SESSION['bulk_manager_filter']['category_recursive'] = true;
104    }
105  }
106
107  if (isset($_POST['filter_tags_use']))
108  {
109    $_SESSION['bulk_manager_filter']['tags'] = get_tag_ids($_POST['filter_tags'], false);
110
111    if (isset($_POST['tag_mode']) and in_array($_POST['tag_mode'], array('AND', 'OR')))
112    {
113      $_SESSION['bulk_manager_filter']['tag_mode'] = $_POST['tag_mode'];
114    }
115  }
116
117  if (isset($_POST['filter_level_use']))
118  {
119    check_input_parameter('filter_level', $_POST, false, '/^\d+$/');
120   
121    if (in_array($_POST['filter_level'], $conf['available_permission_levels']))
122    {
123      $_SESSION['bulk_manager_filter']['level'] = $_POST['filter_level'];
124
125      if (isset($_POST['filter_level_include_lower']))
126      {
127        $_SESSION['bulk_manager_filter']['level_include_lower'] = true;
128      }
129    }
130  }
131
132  if (isset($_POST['filter_dimension_use']))
133  {
134    foreach (array('min_width','max_width','min_height','max_height') as $type)
135    {
136      if (filter_var($_POST['filter_dimension_'.$type], FILTER_VALIDATE_INT) !== false)
137      {
138        $_SESSION['bulk_manager_filter']['dimension'][$type] = $_POST['filter_dimension_'. $type ];
139      }
140    }
141    foreach (array('min_ratio','max_ratio') as $type)
142    {
143      if (filter_var($_POST['filter_dimension_'.$type], FILTER_VALIDATE_FLOAT) !== false)
144      {
145        $_SESSION['bulk_manager_filter']['dimension'][$type] = $_POST['filter_dimension_'. $type ];
146      }
147    }
148  }
149
150  if (isset($_POST['filter_filesize_use']))
151  {
152    foreach (array('min','max') as $type)
153    {
154      if (filter_var($_POST['filter_filesize_'.$type], FILTER_VALIDATE_FLOAT) !== false)
155      {
156        $_SESSION['bulk_manager_filter']['filesize'][$type] = $_POST['filter_filesize_'. $type ];
157      }
158    }
159  }
160
161  if (isset($_POST['filter_search_use']))
162  {
163    $_SESSION['bulk_manager_filter']['search']['q'] = $_POST['q'];
164  }
165
166  $_SESSION['bulk_manager_filter'] = trigger_change('batch_manager_register_filters', $_SESSION['bulk_manager_filter']);
167}
168// filters from url
169elseif (isset($_GET['filter']))
170{
171  if (!is_array($_GET['filter']))
172  {
173    $_GET['filter'] = explode(',', $_GET['filter']);
174  }
175
176  $_SESSION['bulk_manager_filter'] = array();
177
178  foreach ($_GET['filter'] as $filter)
179  {
180    list($type, $value) = explode('-', $filter, 2);
181
182    switch ($type)
183    {
184    case 'prefilter':
185      $_SESSION['bulk_manager_filter']['prefilter'] = $value;
186      break;
187
188    case 'album': case 'category': case 'cat':
189      if (is_numeric($value))
190      {
191        $_SESSION['bulk_manager_filter']['category'] = $value;
192      }
193      break;
194
195    case 'tag':
196      if (is_numeric($value))
197      {
198        $_SESSION['bulk_manager_filter']['tags'] = array($value);
199        $_SESSION['bulk_manager_filter']['tag_mode'] = 'AND';
200      }
201      break;
202
203    case 'level':
204      if (is_numeric($value) && in_array($value, $conf['available_permission_levels']))
205      {
206        $_SESSION['bulk_manager_filter']['level'] = $value;
207      }
208      break;
209
210    case 'search':
211      $_SESSION['bulk_manager_filter']['search']['q'] = $value;
212      break;
213
214    case 'dimension':
215      $dim_map = array('w'=>'width','h'=>'height','r'=>'ratio');
216      foreach (explode('-', $value) as $part)
217      {
218        $values = explode('..', substr($part, 1));
219        if (isset($dim_map[$part[0]]))
220        {
221          $type = $dim_map[$part[0]];
222          list(
223            $_SESSION['bulk_manager_filter']['dimension']['min_'.$type],
224            $_SESSION['bulk_manager_filter']['dimension']['max_'.$type]
225          ) = $values;
226        }
227      }
228      break;
229
230    case 'filesize':
231      list(
232        $_SESSION['bulk_manager_filter']['filesize']['min'],
233        $_SESSION['bulk_manager_filter']['filesize']['max']
234      ) = explode('..', $value);
235      break;
236
237    default:
238      $_SESSION['bulk_manager_filter'] = trigger_change('batch_manager_url_filter', $_SESSION['bulk_manager_filter'], $filter);
239      break;
240    }
241  }
242}
243
244if (empty($_SESSION['bulk_manager_filter']))
245{
246  $_SESSION['bulk_manager_filter'] = array(
247    'prefilter' => 'caddie'
248    );
249}
250
251// echo '<pre>'; print_r($_SESSION['bulk_manager_filter']); echo '</pre>';
252
253// depending on the current filter (in session), we find the appropriate photos
254$filter_sets = array();
255if (isset($_SESSION['bulk_manager_filter']['prefilter']))
256{
257  switch ($_SESSION['bulk_manager_filter']['prefilter'])
258  {
259  case 'caddie':
260    $query = '
261SELECT element_id
262  FROM '.CADDIE_TABLE.'
263  WHERE user_id = '.$user['id'].'
264;';
265    $filter_sets[] = query2array($query, null, 'element_id');
266
267    break;
268
269  case 'favorites':
270    $query = '
271SELECT image_id
272  FROM '.FAVORITES_TABLE.'
273  WHERE user_id = '.$user['id'].'
274;';
275    $filter_sets[] = query2array($query, null, 'image_id');
276
277    break;
278
279  case 'last_import':
280    $query = '
281SELECT MAX(date_available) AS date
282  FROM '.IMAGES_TABLE.'
283;';
284    $row = pwg_db_fetch_assoc(pwg_query($query));
285    if (!empty($row['date']))
286    {
287      $query = '
288SELECT id
289  FROM '.IMAGES_TABLE.'
290  WHERE date_available BETWEEN '.pwg_db_get_recent_period_expression(1, $row['date']).' AND \''.$row['date'].'\'
291;';
292      $filter_sets[] = query2array($query, null, 'id');
293    }
294
295    break;
296
297  case 'no_virtual_album':
298    // we are searching elements not linked to any virtual category
299    $query = '
300 SELECT id
301   FROM '.IMAGES_TABLE.'
302 ;';
303    $all_elements = query2array($query, null, 'id');
304
305    $query = '
306 SELECT id
307   FROM '.CATEGORIES_TABLE.'
308   WHERE dir IS NULL
309 ;';
310    $virtual_categories = query2array($query, null, 'id');
311    if (!empty($virtual_categories))
312    {
313      $query = '
314 SELECT DISTINCT(image_id)
315   FROM '.IMAGE_CATEGORY_TABLE.'
316   WHERE category_id IN ('.implode(',', $virtual_categories).')
317 ;';
318      $linked_to_virtual = query2array($query, null, 'image_id');
319    }
320
321    $filter_sets[] = array_diff($all_elements, $linked_to_virtual);
322
323    break;
324
325  case 'no_album':
326    $query = '
327SELECT
328    id
329  FROM '.IMAGES_TABLE.'
330    LEFT JOIN '.IMAGE_CATEGORY_TABLE.' ON id = image_id
331  WHERE category_id is null
332;';
333    $filter_sets[] = query2array($query, null, 'id');
334
335    break;
336
337  case 'no_tag':
338    $query = '
339SELECT
340    id
341  FROM '.IMAGES_TABLE.'
342    LEFT JOIN '.IMAGE_TAG_TABLE.' ON id = image_id
343  WHERE tag_id is null
344;';
345    $filter_sets[] = query2array($query, null, 'id');
346
347    break;
348
349
350  case 'duplicates':
351    $duplicates_on_fields = array('file');
352
353    if (isset($_SESSION['bulk_manager_filter']['duplicates_date']))
354    {
355      $duplicates_on_fields[] = 'date_creation';
356    }
357   
358    if (isset($_SESSION['bulk_manager_filter']['duplicates_dimensions']))
359    {
360      $duplicates_on_fields[] = 'width';
361      $duplicates_on_fields[] = 'height';
362    }
363   
364    $query = '
365SELECT
366    GROUP_CONCAT(id) AS ids
367  FROM '.IMAGES_TABLE.'
368  GROUP BY '.implode(',', $duplicates_on_fields).'
369  HAVING COUNT(*) > 1
370;';
371    $array_of_ids_string = query2array($query, null, 'ids');
372
373    $ids = array();
374   
375    foreach ($array_of_ids_string as $ids_string)
376    {
377      $ids = array_merge($ids, explode(',', $ids_string));
378    }
379   
380    $filter_sets[] = $ids;
381
382    break;
383
384  case 'all_photos':
385    if ( count($_SESSION['bulk_manager_filter']) == 1 )
386    {// make the query only if this is the only filter
387      $query = '
388SELECT id
389  FROM '.IMAGES_TABLE.'
390  '.$conf['order_by'];
391
392      $filter_sets[] = query2array($query, null, 'id');
393    }
394    break;
395
396  default:
397    $filter_sets = trigger_change('perform_batch_manager_prefilters', $filter_sets, $_SESSION['bulk_manager_filter']['prefilter']);
398    break;
399  }
400}
401
402if (isset($_SESSION['bulk_manager_filter']['category']))
403{
404  $categories = array();
405
406  if (isset($_SESSION['bulk_manager_filter']['category_recursive']))
407  {
408    $categories = get_subcat_ids(array($_SESSION['bulk_manager_filter']['category']));
409  }
410  else
411  {
412    $categories = array($_SESSION['bulk_manager_filter']['category']);
413  }
414
415  $query = '
416 SELECT DISTINCT(image_id)
417   FROM '.IMAGE_CATEGORY_TABLE.'
418   WHERE category_id IN ('.implode(',', $categories).')
419 ;';
420  $filter_sets[] = query2array($query, null, 'image_id');
421}
422
423if (isset($_SESSION['bulk_manager_filter']['level']))
424{
425  $operator = '=';
426  if (isset($_SESSION['bulk_manager_filter']['level_include_lower']))
427  {
428    $operator = '<=';
429  }
430
431  $query = '
432SELECT id
433  FROM '.IMAGES_TABLE.'
434  WHERE level '.$operator.' '.$_SESSION['bulk_manager_filter']['level'].'
435  '.$conf['order_by'];
436
437  $filter_sets[] = query2array($query, null, 'id');
438}
439
440if (!empty($_SESSION['bulk_manager_filter']['tags']))
441{
442  $filter_sets[] = get_image_ids_for_tags(
443    $_SESSION['bulk_manager_filter']['tags'],
444    $_SESSION['bulk_manager_filter']['tag_mode'],
445    null,
446    null,
447    false // we don't apply permissions in administration screens
448    );
449}
450
451if (isset($_SESSION['bulk_manager_filter']['dimension']))
452{
453  $where_clauses = array();
454  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_width']))
455  {
456    $where_clause[] = 'width >= '.$_SESSION['bulk_manager_filter']['dimension']['min_width'];
457  }
458  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_width']))
459  {
460    $where_clause[] = 'width <= '.$_SESSION['bulk_manager_filter']['dimension']['max_width'];
461  }
462  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_height']))
463  {
464    $where_clause[] = 'height >= '.$_SESSION['bulk_manager_filter']['dimension']['min_height'];
465  }
466  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_height']))
467  {
468    $where_clause[] = 'height <= '.$_SESSION['bulk_manager_filter']['dimension']['max_height'];
469  }
470  if (isset($_SESSION['bulk_manager_filter']['dimension']['min_ratio']))
471  {
472    $where_clause[] = 'width/height >= '.$_SESSION['bulk_manager_filter']['dimension']['min_ratio'];
473  }
474  if (isset($_SESSION['bulk_manager_filter']['dimension']['max_ratio']))
475  {
476    // max_ratio is a floor value, so must be a bit increased
477    $where_clause[] = 'width/height < '.($_SESSION['bulk_manager_filter']['dimension']['max_ratio']+0.01);
478  }
479
480  $query = '
481SELECT id
482  FROM '.IMAGES_TABLE.'
483  WHERE '.implode(' AND ',$where_clause).'
484  '.$conf['order_by'];
485
486  $filter_sets[] = query2array($query, null, 'id');
487}
488
489if (isset($_SESSION['bulk_manager_filter']['filesize']))
490{
491  $where_clauses = array();
492 
493  if (isset($_SESSION['bulk_manager_filter']['filesize']['min']))
494  {
495    $where_clause[] = 'filesize >= '.$_SESSION['bulk_manager_filter']['filesize']['min']*1024;
496  }
497 
498  if (isset($_SESSION['bulk_manager_filter']['filesize']['max']))
499  {
500    $where_clause[] = 'filesize <= '.$_SESSION['bulk_manager_filter']['filesize']['max']*1024;
501  }
502
503  $query = '
504SELECT id
505  FROM '.IMAGES_TABLE.'
506  WHERE '.implode(' AND ',$where_clause).'
507  '.$conf['order_by'];
508
509  $filter_sets[] = query2array($query, null, 'id');
510}
511
512if (isset($_SESSION['bulk_manager_filter']['search']) && 
513    strlen($_SESSION['bulk_manager_filter']['search']['q']))
514{
515  include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
516  $res = get_quick_search_results_no_cache($_SESSION['bulk_manager_filter']['search']['q'], array('permissions'=>false));
517  if (!empty($res['items']) && !empty($res['qs']['unmatched_terms']))
518  {
519    $template->assign('no_search_results', array_map('htmlspecialchars', $res['qs']['unmatched_terms']) );
520  }
521  $filter_sets[] = $res['items'];
522}
523
524$filter_sets = trigger_change('batch_manager_perform_filters', $filter_sets, $_SESSION['bulk_manager_filter']);
525
526$current_set = array_shift($filter_sets);
527foreach ($filter_sets as $set)
528{
529  $current_set = array_intersect($current_set, $set);
530}
531$page['cat_elements_id'] = $current_set;
532
533
534// +-----------------------------------------------------------------------+
535// |                       first element to display                        |
536// +-----------------------------------------------------------------------+
537
538// $page['start'] contains the number of the first element in its
539// category. For exampe, $page['start'] = 12 means we must show elements #12
540// and $page['nb_images'] next elements
541
542if (!isset($_REQUEST['start'])
543    or !is_numeric($_REQUEST['start'])
544    or $_REQUEST['start'] < 0
545    or (isset($_REQUEST['display']) and 'all' == $_REQUEST['display']))
546{
547  $page['start'] = 0;
548}
549else
550{
551  $page['start'] = $_REQUEST['start'];
552}
553
554
555// +-----------------------------------------------------------------------+
556// |                                 Tabs                                  |
557// +-----------------------------------------------------------------------+
558$manager_link = get_root_url().'admin.php?page=batch_manager&amp;mode=';
559
560if (isset($_GET['mode']))
561{
562  $page['tab'] = $_GET['mode'];
563}
564else
565{
566  $page['tab'] = 'global';
567}
568
569$tabsheet = new tabsheet();
570$tabsheet->set_id('batch_manager');
571$tabsheet->select($page['tab']);
572$tabsheet->assign();
573
574
575// +-----------------------------------------------------------------------+
576// |                              dimensions                               |
577// +-----------------------------------------------------------------------+
578
579$widths = array();
580$heights = array();
581$ratios = array();
582$dimensions = array();
583
584// get all width, height and ratios
585$query = '
586SELECT
587  DISTINCT width, height
588  FROM '.IMAGES_TABLE.'
589  WHERE width IS NOT NULL
590    AND height IS NOT NULL
591;';
592$result = pwg_query($query);
593
594if (pwg_db_num_rows($result))
595{
596  while ($row = pwg_db_fetch_assoc($result))
597  {
598    if ($row['width']>0 && $row['height']>0)
599    {
600      $widths[] = $row['width'];
601      $heights[] = $row['height'];
602      $ratios[] = floor($row['width'] / $row['height'] * 100) / 100;
603    }
604  }
605}
606if (empty($widths))
607{ // arbitrary values, only used when no photos on the gallery
608  $widths = array(600, 1920, 3500);
609  $heights = array(480, 1080, 2300);
610  $ratios = array(1.25, 1.52, 1.78);
611}
612
613foreach (array('widths','heights','ratios') as $type)
614{
615  ${$type} = array_unique(${$type});
616  sort(${$type});
617  $dimensions[$type] = implode(',', ${$type});
618}
619
620$dimensions['bounds'] = array(
621  'min_width' => $widths[0],
622  'max_width' => end($widths),
623  'min_height' => $heights[0],
624  'max_height' => end($heights),
625  'min_ratio' => $ratios[0],
626  'max_ratio' => end($ratios),
627  );
628
629// find ratio categories
630$ratio_categories = array(
631  'portrait' => array(),
632  'square' => array(),
633  'landscape' => array(),
634  'panorama' => array(),
635  );
636
637foreach ($ratios as $ratio)
638{
639  if ($ratio < 0.95)
640  {
641    $ratio_categories['portrait'][] = $ratio;
642  }
643  else if ($ratio >= 0.95 and $ratio <= 1.05)
644  {
645    $ratio_categories['square'][] = $ratio;
646  }
647  else if ($ratio > 1.05 and $ratio < 2)
648  {
649    $ratio_categories['landscape'][] = $ratio;
650  }
651  else if ($ratio >= 2)
652  {
653    $ratio_categories['panorama'][] = $ratio;
654  }
655}
656
657foreach (array_keys($ratio_categories) as $type)
658{
659  if (count($ratio_categories[$type]) > 0)
660  {
661    $dimensions['ratio_'.$type] = array(
662      'min' => $ratio_categories[$type][0],
663      'max' => end($ratio_categories[$type]),
664      );
665  }
666}
667
668// selected=bound if nothing selected
669foreach (array_keys($dimensions['bounds']) as $type)
670{
671  $dimensions['selected'][$type] = isset($_SESSION['bulk_manager_filter']['dimension'][$type])
672    ? $_SESSION['bulk_manager_filter']['dimension'][$type]
673    : $dimensions['bounds'][$type]
674  ;
675}
676
677$template->assign('dimensions', $dimensions);
678
679// +-----------------------------------------------------------------------+
680// | filesize                                                              |
681// +-----------------------------------------------------------------------+
682
683$filesizes = array();
684$filesize = array();
685
686$query = '
687SELECT
688  filesize
689  FROM '.IMAGES_TABLE.'
690  WHERE filesize IS NOT NULL
691  GROUP BY filesize
692;';
693$result = pwg_query($query);
694
695while ($row = pwg_db_fetch_assoc($result))
696{
697  $filesizes[] = sprintf('%.1f', $row['filesize']/1024);
698}
699
700if (empty($filesizes))
701{ // arbitrary values, only used when no photos on the gallery
702  $filesizes = array(0, 1, 2, 5, 8, 15);
703}
704
705$filesizes = array_unique($filesizes);
706sort($filesizes);
707
708// add 0.1MB to the last value, to make sure the heavier photo will be in
709// the result
710$filesizes[count($filesizes)-1]+= 0.1;
711
712$filesize['list'] = implode(',', $filesizes);
713
714$filesize['bounds'] = array(
715  'min' => $filesizes[0],
716  'max' => end($filesizes),
717  );
718
719// selected=bound if nothing selected
720foreach (array_keys($filesize['bounds']) as $type)
721{
722  $filesize['selected'][$type] = isset($_SESSION['bulk_manager_filter']['filesize'][$type])
723    ? $_SESSION['bulk_manager_filter']['filesize'][$type]
724    : $filesize['bounds'][$type]
725  ;
726}
727
728$template->assign('filesize', $filesize);
729
730// +-----------------------------------------------------------------------+
731// |                         open specific mode                            |
732// +-----------------------------------------------------------------------+
733
734include(PHPWG_ROOT_PATH.'admin/batch_manager_'.$page['tab'].'.php');
735?>
Note: See TracBrowser for help on using the repository browser.