source: extensions/Icy_Picture_Modify/icy_picture_modify.php @ 11614

Revision 11614, 15.2 KB checked in by icy, 9 years ago (diff)

Merge branch 'master' into svn

Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25if (!defined('ICY_PICTURE_MODIFY_PATH')) die('Hacking attempt!');
26
27include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28include_once(ICY_PICTURE_MODIFY_PATH.'include/functions_icy_picture_modify.inc.php');
29
30global $template, $conf, $user, $page, $lang, $cache;
31
32// <admin.php>
33$page['errors'] = array();
34$page['infos']  = array();
35$page['warnings']  = array();
36// </admin.php>
37
38// +-----------------------------------------------------------------------+
39// |                             check permission                          |
40// +-----------------------------------------------------------------------+
41
42// redirect users to the index page or category page if 'image_id' isn't provided
43if (!isset($_GET['image_id']))
44{
45  if (isset($_GET['cat_id']))
46  {
47    redirect_http(get_root_url().'?/category/'.$_GET['cat_id']);
48  }
49  else
50  {
51    // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
52    redirect_http(make_index_url());
53  }
54}
55
56check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
57check_input_parameter('image_id', $_GET, false, PATTERN_ID);
58
59// Simplify redirect to administrator page if current user == admin
60// FIXME: when a non-existent image_id is provided, the original code
61// FIXME: picture_modify doesn't work well. It should deny to modify
62// FIXME: such picture.
63if (is_admin())
64{
65  if (icy_does_image_exist($_GET['image_id']))
66  {
67    $url = get_root_url().'admin.php?page=picture_modify';
68    $url.= '&amp;image_id='.$_GET['image_id'];
69    $url.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
70    redirect_http($url);
71  }
72  else
73  {
74    bad_request('invalid picture identifier');
75  }
76}
77elseif (!icy_check_image_owner($_GET['image_id'], $user['id']))
78{
79  $url = make_picture_url(
80      array(
81        'image_id' => $_GET['image_id'],
82        'cat_id' => isset($_GET['cat_id']) ? $_GET['cat_id'] : ""
83      )
84    );
85  // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
86  redirect_http($url);
87}
88
89// Update the page sessions
90if (isset($_SESSION['page_infos']))
91{
92  $page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
93  unset($_SESSION['page_infos']);
94}
95
96
97// +-----------------------------------------------------------------------+
98// |                             delete photo                              |
99// +-----------------------------------------------------------------------+
100
101if (isset($_GET['delete']))
102{
103  check_pwg_token();
104
105  delete_elements(array($_GET['image_id']), true);
106
107  // where to redirect the user now?
108  //
109  // 1. if a category is available in the URL, use it
110  // 2. else use the first reachable linked category
111  // 3. redirect to gallery root
112
113  if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
114  {
115    redirect(
116      make_index_url(
117        array(
118          'category' => get_cat_info($_GET['cat_id'])
119          )
120        )
121      );
122  }
123
124  $query = '
125SELECT category_id
126  FROM '.IMAGE_CATEGORY_TABLE.'
127  WHERE image_id = '.$_GET['image_id'].'
128;';
129
130  $authorizeds = array_diff(
131    array_from_query($query, 'category_id'),
132    explode(',', calculate_permissions($user['id'], $user['status']))
133    );
134
135  foreach ($authorizeds as $category_id)
136  {
137    redirect(
138      make_index_url(
139        array(
140          'category' => get_cat_info($category_id)
141          )
142        )
143      );
144  }
145
146  redirect(make_index_url());
147}
148
149// +-----------------------------------------------------------------------+
150// |                          synchronize metadata                         |
151// +-----------------------------------------------------------------------+
152
153if (isset($_GET['sync_metadata']))
154{
155  $query = '
156SELECT path
157  FROM '.IMAGES_TABLE.'
158  WHERE id = '.$_GET['image_id'].'
159;';
160  list($path) = pwg_db_fetch_row(pwg_query($query));
161  update_metadata(array($_GET['image_id'] => $path));
162
163  array_push($page['infos'], l10n('Metadata synchronized from file'));
164}
165
166//--------------------------------------------------------- update informations
167
168// first, we verify whether there is a mistake on the given creation date
169if (isset($_POST['date_creation_action'])
170    and 'set' == $_POST['date_creation_action'])
171{
172  if (!is_numeric($_POST['date_creation_year'])
173    or !checkdate(
174          $_POST['date_creation_month'],
175          $_POST['date_creation_day'],
176          $_POST['date_creation_year'])
177    )
178  {
179    array_push($page['errors'], l10n('wrong date'));
180  }
181}
182
183if (isset($_POST['submit']) and count($page['errors']) == 0)
184{
185  $data = array();
186  $data{'id'} = $_GET['image_id'];
187  $data{'name'} = $_POST['name'];
188  $data{'author'} = $_POST['author'];
189  $data['level'] = $_POST['level'];
190
191  if ($conf['allow_html_descriptions'])
192  {
193    $data{'comment'} = @$_POST['description'];
194  }
195  else
196  {
197    $data{'comment'} = strip_tags(@$_POST['description']);
198  }
199
200  if (isset($_POST['date_creation_action']))
201  {
202    if ('set' == $_POST['date_creation_action'])
203    {
204      $data{'date_creation'} = $_POST['date_creation_year']
205                                 .'-'.$_POST['date_creation_month']
206                                 .'-'.$_POST['date_creation_day'];
207    }
208    else if ('unset' == $_POST['date_creation_action'])
209    {
210      $data{'date_creation'} = '';
211    }
212  }
213
214  mass_updates(
215    IMAGES_TABLE,
216    array(
217      'primary' => array('id'),
218      'update' => array_diff(array_keys($data), array('id'))
219      ),
220    array($data)
221    );
222
223  // time to deal with tags
224  $tag_ids = array();
225  if (!empty($_POST['tags']))
226  {
227    $tag_ids = get_tag_ids($_POST['tags']);
228  }
229  set_tags($tag_ids, $_GET['image_id']);
230
231  array_push($page['infos'], l10n('Photo informations updated'));
232}
233// associate the element to other categories than its storage category
234if (isset($_POST['associate'])
235    and isset($_POST['cat_dissociated'])
236    and count($_POST['cat_dissociated']) > 0
237  )
238{
239  associate_images_to_categories(
240    array($_GET['image_id']),
241    $_POST['cat_dissociated']
242    );
243}
244// dissociate the element from categories (but not from its storage category)
245if (isset($_POST['dissociate'])
246    and isset($_POST['cat_associated'])
247    and count($_POST['cat_associated']) > 0
248  )
249{
250  $query = '
251DELETE FROM '.IMAGE_CATEGORY_TABLE.'
252  WHERE image_id = '.$_GET['image_id'].'
253    AND category_id IN ('.implode(',', $_POST['cat_associated']).')
254';
255  pwg_query($query);
256
257  update_category($_POST['cat_associated']);
258}
259// elect the element to represent the given categories
260if (isset($_POST['elect'])
261    and isset($_POST['cat_dismissed'])
262    and count($_POST['cat_dismissed']) > 0
263  )
264{
265  $datas = array();
266  foreach ($_POST['cat_dismissed'] as $category_id)
267  {
268    array_push($datas,
269               array('id' => $category_id,
270                     'representative_picture_id' => $_GET['image_id']));
271  }
272  $fields = array('primary' => array('id'),
273                  'update' => array('representative_picture_id'));
274  mass_updates(CATEGORIES_TABLE, $fields, $datas);
275}
276// dismiss the element as representant of the given categories
277if (isset($_POST['dismiss'])
278    and isset($_POST['cat_elected'])
279    and count($_POST['cat_elected']) > 0
280  )
281{
282  set_random_representant($_POST['cat_elected']);
283}
284
285// tags
286$query = '
287SELECT
288    tag_id,
289    name AS tag_name
290  FROM '.IMAGE_TAG_TABLE.' AS it
291    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
292  WHERE image_id = '.$_GET['image_id'].'
293;';
294$tag_selection = get_taglist($query);
295
296$query = '
297SELECT
298    id AS tag_id,
299    name AS tag_name
300  FROM '.TAGS_TABLE.'
301;';
302$tags = get_taglist($query);
303
304// retrieving direct information about picture
305$query = '
306SELECT *
307  FROM '.IMAGES_TABLE.'
308  WHERE id = '.$_GET['image_id'].'
309;';
310$row = pwg_db_fetch_assoc(pwg_query($query));
311
312$storage_category_id = null;
313if (!empty($row['storage_category_id']))
314{
315  $storage_category_id = $row['storage_category_id'];
316}
317
318$image_file = $row['file'];
319
320// +-----------------------------------------------------------------------+
321// |                             template init                             |
322// +-----------------------------------------------------------------------+
323
324$template->set_template_dir(ICY_PICTURE_MODIFY_PATH.'template/');
325$template->set_filenames(array('icy_picture_modify' => 'icy_picture_modify.tpl'));
326
327$admin_url_start = get_root_url().'index.php?/icy_picture_modify';
328$admin_url_start.= '&amp;image_id='.$_GET['image_id'];
329$admin_url_start.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
330
331$template->assign(
332  array(
333    'ICY_PICTURE_MODIFY_PATH' => ICY_PICTURE_MODIFY_PATH,
334    'ICY_ROOT_PATH' => realpath(dirname(PHPWG_PLUGINS_PATH)),
335    'tag_selection' => $tag_selection,
336    'tags' => $tags,
337    'U_SYNC' => $admin_url_start.'&amp;sync_metadata=1',
338    'U_DELETE' => $admin_url_start.'&amp;delete=1&amp;pwg_token='.get_pwg_token(),
339
340    'PATH'=>$row['path'],
341
342    'TN_SRC' => get_thumbnail_url($row),
343
344    'NAME' =>
345      isset($_POST['name']) ?
346        stripslashes($_POST['name']) : @$row['name'],
347
348    'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
349
350    'FILESIZE' => @$row['filesize'].' KB',
351
352    'REGISTRATION_DATE' => format_date($row['date_available']),
353
354    'AUTHOR' => htmlspecialchars(
355      isset($_POST['author'])
356        ? stripslashes($_POST['author'])
357        : @$row['author']
358      ),
359
360    'DESCRIPTION' =>
361      htmlspecialchars( isset($_POST['description']) ?
362        stripslashes($_POST['description']) : @$row['comment'] ),
363
364    'F_ACTION' =>
365        get_root_url() # .'index.php?/icy_picture_modify'
366        .get_query_string_diff(array('sync_metadata'))
367    )
368  );
369
370if ($row['has_high'] == 'true')
371{
372  $template->assign(
373    'HIGH_FILESIZE',
374    isset($row['high_filesize'])
375        ? $row['high_filesize'].' KB'
376        : l10n('unknown')
377    );
378}
379
380// image level options
381$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
382$template->assign(
383    array(
384      'level_options'=> get_privacy_level_options(),
385      'level_options_selected' => array($selected_level)
386    )
387  );
388
389// creation date
390unset($day, $month, $year);
391
392if (isset($_POST['date_creation_action'])
393    and 'set' == $_POST['date_creation_action'])
394{
395  foreach (array('day', 'month', 'year') as $varname)
396  {
397    $$varname = $_POST['date_creation_'.$varname];
398  }
399}
400else if (isset($row['date_creation']) and !empty($row['date_creation']))
401{
402  list($year, $month, $day) = explode('-', $row['date_creation']);
403}
404else
405{
406  list($year, $month, $day) = array('', 0, 0);
407}
408
409
410$month_list = $lang['month'];
411$month_list[0]='------------';
412ksort($month_list);
413
414$template->assign(
415    array(
416      'DATE_CREATION_DAY_VALUE' => $day,
417      'DATE_CREATION_MONTH_VALUE' => $month,
418      'DATE_CREATION_YEAR_VALUE' => $year,
419      'month_list' => $month_list,
420      )
421    );
422
423$query = '
424SELECT category_id, uppercats
425  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
426    INNER JOIN '.CATEGORIES_TABLE.' AS c
427      ON c.id = ic.category_id
428  WHERE image_id = '.$_GET['image_id'].'
429;';
430$result = pwg_query($query);
431
432while ($row = pwg_db_fetch_assoc($result))
433{
434  $name =
435    get_cat_display_name_cache(
436      $row['uppercats'],
437      get_root_url().'index.php?/icy_picture_modify&amp;cat_id=',
438      false
439      );
440
441  if ($row['category_id'] == $storage_category_id)
442  {
443    $template->assign('STORAGE_CATEGORY', $name);
444  }
445  else
446  {
447    $template->append('related_categories', $name);
448  }
449}
450
451// jump to link
452//
453// 1. find all linked categories that are reachable for the current user.
454// 2. if a category is available in the URL, use it if reachable
455// 3. if URL category not available or reachable, use the first reachable
456//    linked category
457// 4. if no category reachable, no jumpto link
458
459$query = '
460SELECT category_id
461  FROM '.IMAGE_CATEGORY_TABLE.'
462  WHERE image_id = '.$_GET['image_id'].'
463;';
464
465$authorizeds = array_diff(
466  array_from_query($query, 'category_id'),
467  explode(
468    ',',
469    calculate_permissions($user['id'], $user['status'])
470    )
471  );
472
473if (isset($_GET['cat_id'])
474    and in_array($_GET['cat_id'], $authorizeds))
475{
476  $url_img = make_picture_url(
477    array(
478      'image_id' => $_GET['image_id'],
479      'image_file' => $image_file,
480      'category' => $cache['cat_names'][ $_GET['cat_id'] ],
481      )
482    );
483}
484else
485{
486  foreach ($authorizeds as $category)
487  {
488    $url_img = make_picture_url(
489      array(
490        'image_id' => $_GET['image_id'],
491        'image_file' => $image_file,
492        'category' => $cache['cat_names'][ $category ],
493        )
494      );
495    break;
496  }
497}
498
499if (isset($url_img))
500{
501  $template->assign( 'U_JUMPTO', $url_img );
502}
503
504// associate to another category ?
505$query = '
506SELECT id,name,uppercats,global_rank
507  FROM '.CATEGORIES_TABLE.'
508    INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
509  WHERE image_id = '.$_GET['image_id'];
510if (isset($storage_category_id))
511{
512  $query.= '
513    AND id != '.$storage_category_id;
514}
515$query.= '
516;';
517display_select_cat_wrapper($query, array(), 'associated_options');
518
519$result = pwg_query($query);
520$associateds = array(-1);
521if (isset($storage_category_id))
522{
523  array_push($associateds, $storage_category_id);
524}
525while ($row = pwg_db_fetch_assoc($result))
526{
527  array_push($associateds, $row['id']);
528}
529$query = '
530SELECT id,name,uppercats,global_rank
531  FROM '.CATEGORIES_TABLE.'
532  WHERE id NOT IN ('.implode(',', $associateds).')
533;';
534display_select_cat_wrapper($query, array(), 'dissociated_options');
535
536// representing
537$query = '
538SELECT id,name,uppercats,global_rank
539  FROM '.CATEGORIES_TABLE.'
540  WHERE representative_picture_id = '.$_GET['image_id'].'
541;';
542display_select_cat_wrapper($query, array(), 'elected_options');
543
544$query = '
545SELECT id,name,uppercats,global_rank
546  FROM '.CATEGORIES_TABLE.'
547  WHERE representative_picture_id != '.$_GET['image_id'].'
548    OR representative_picture_id IS NULL
549;';
550display_select_cat_wrapper($query, array(), 'dismissed_options');
551
552//----------------------------------------------------------- sending html code
553
554$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'icy_picture_modify');
555
556?>
Note: See TracBrowser for help on using the repository browser.