Context Navigation

icy_picture_modify.php @ 12818

Visit:

Revision 12818, 18.2 KB (checked in by icy, 18 months ago)
Merge branch 'master' into svn

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25	if (!defined('ICY_PICTURE_MODIFY_PATH')) die('Hacking attempt!');
26
27	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28	include_once(ICY_PICTURE_MODIFY_PATH.'include/functions_icy_picture_modify.inc.php');
29
30	global $template, $conf, $user, $page, $lang, $cache;
31
32	// <admin.php>
33	$page['errors'] = array();
34	$page['infos'] = array();
35	$page['warnings'] = array();
36	// </admin.php>
37
38	// +-----------------------------------------------------------------------+
39	// \| check permission \|
40	// +-----------------------------------------------------------------------+
41
42	// redirect users to the index page or category page if 'image_id' isn't provided
43	if (!isset($_GET['image_id']))
44	{
45	if (isset($_GET['cat_id']))
46	{
47	redirect_http(get_root_url().'?/category/'.$_GET['cat_id']);
48	}
49	else
50	{
51	// FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
52	redirect_http(make_index_url());
53	}
54	}
55
56	check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
57	check_input_parameter('image_id', $_GET, false, PATTERN_ID);
58
59	// Simplify redirect to administrator page if current user == admin
60	if (is_admin())
61	{
62	if (icy_does_image_exist($_GET['image_id']))
63	{
64	$url = get_root_url().'admin.php?page=picture_modify';
65	$url.= '&image_id='.$_GET['image_id'];
66	$url.= isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '';
67	// FIXME: What happens if a POST data were sent within admin uid?
68	redirect_http($url);
69	}
70	else
71	{
72	bad_request('invalid picture identifier');
73	}
74	}
75	elseif (!icy_check_image_owner($_GET['image_id'], $user['id']))
76	{
77	$url = make_picture_url(
78	array(
79	'image_id' => $_GET['image_id'],
80	'cat_id' => isset($_GET['cat_id']) ? $_GET['cat_id'] : ""
81	)
82	);
83	// FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
84	redirect_http($url);
85	}
86
87	// Update the page sessions
88	if (isset($_SESSION['page_infos']))
89	{
90	$page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
91	unset($_SESSION['page_infos']);
92	}
93
94	// <find writable categories>
95
96	// * Purpose: Find all categories that are reachable for the current user.
97	// * FIXME: This query will include all readable categories, included
98	// the ones user can't write to them.
99
100	$my_categories = array();
101	$my_permissions = null;
102	$has_plugin_community = false;
103
104	// <community support>
105	if (is_file(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php'))
106	{
107	include_once(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php');
108	$has_plugin_community = true;
109
110	$user_permissions = community_get_user_permissions($user['id']);
111	$my_categories = $user_permissions['upload_categories'];
112	}
113	// </community support>
114
115	if (($has_plugin_community == false) or $user_permissions['create_whole_gallery'])
116	{
117	$query = '
118	SELECT category_id
119	FROM '.IMAGE_CATEGORY_TABLE.'
120	;';
121
122	// list of categories to which the user can read
123	$my_categories = array_diff(
124	array_from_query($query, 'category_id'),
125	explode(',',calculate_permissions($user['id'], $user['status'])));
126	}
127	// </find writable categories>
128
129	// +-----------------------------------------------------------------------+
130	// \| delete photo \|
131	// +-----------------------------------------------------------------------+
132
133	if (isset($_GET['delete']))
134	{
135	check_pwg_token();
136
137	delete_elements(array($_GET['image_id']), true);
138
139	// where to redirect the user now?
140	//
141	// 1. if a category is available in the URL, use it
142	// 2. else use the first reachable linked category
143	// 3. redirect to gallery root
144
145	if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
146	{
147	redirect(
148	make_index_url(
149	array(
150	'category' => get_cat_info($_GET['cat_id'])
151	)
152	)
153	);
154	}
155
156	$query = '
157	SELECT category_id
158	FROM '.IMAGE_CATEGORY_TABLE.'
159	WHERE image_id = '.$_GET['image_id'].'
160	;';
161
162	$authorizeds = array_intersect($my_categories,
163	array_from_query($query, 'category_id'));
164
165	foreach ($authorizeds as $category_id)
166	{
167	redirect(
168	make_index_url(
169	array(
170	'category' => get_cat_info($category_id)
171	)
172	)
173	);
174	}
175
176	redirect(make_index_url());
177	}
178
179	// +-----------------------------------------------------------------------+
180	// \| synchronize metadata \|
181	// +-----------------------------------------------------------------------+
182
183	if (isset($_GET['sync_metadata']))
184	{
185	$query = '
186	SELECT path
187	FROM '.IMAGES_TABLE.'
188	WHERE id = '.$_GET['image_id'].'
189	;';
190	list($path) = pwg_db_fetch_row(pwg_query($query));
191	update_metadata(array($_GET['image_id'] => $path));
192
193	array_push($page['infos'], l10n('Metadata synchronized from file'));
194	}
195
196	// +-----------------------------------------------------------------------+
197	// \| update informations \|
198	// +-----------------------------------------------------------------------+
199
200	// first, we verify whether there is a mistake on the given creation date
201	if (isset($_POST['date_creation_action'])
202	and 'set' == $_POST['date_creation_action'])
203	{
204	if (!is_numeric($_POST['date_creation_year'])
205	or !checkdate(
206	$_POST['date_creation_month'],
207	$_POST['date_creation_day'],
208	$_POST['date_creation_year'])
209	)
210	{
211	array_push($page['errors'], l10n('wrong date'));
212	}
213	}
214
215	if (isset($_POST['submit']) and count($page['errors']) == 0)
216	{
217	$data = array();
218	$data{'id'} = $_GET['image_id'];
219	$data{'name'} = $_POST['name'];
220	$data{'author'} = $_POST['author'];
221	$data['level'] = $_POST['level'];
222
223	if ($conf['allow_html_descriptions'])
224	{
225	$data{'comment'} = @$_POST['description'];
226	}
227	else
228	{
229	$data{'comment'} = strip_tags(@$_POST['description']);
230	}
231
232	if (isset($_POST['date_creation_action']))
233	{
234	if ('set' == $_POST['date_creation_action'])
235	{
236	$data{'date_creation'} = $_POST['date_creation_year']
237	.'-'.$_POST['date_creation_month']
238	.'-'.$_POST['date_creation_day'];
239	}
240	else if ('unset' == $_POST['date_creation_action'])
241	{
242	$data{'date_creation'} = '';
243	}
244	}
245
246	mass_updates(
247	IMAGES_TABLE,
248	array(
249	'primary' => array('id'),
250	'update' => array_diff(array_keys($data), array('id'))
251	),
252	array($data)
253	);
254
255	// time to deal with tags
256	$tag_ids = array();
257	if (!empty($_POST['tags']))
258	{
259	$tag_ids = get_tag_ids($_POST['tags']);
260	}
261	set_tags($tag_ids, $_GET['image_id']);
262
263	array_push($page['infos'], l10n('Photo informations updated'));
264	}
265
266	// +-----------------------------------------------------------------------+
267	// \| associate \|
268	// +-----------------------------------------------------------------------+
269	// associate the element to other categories than its storage category
270	//
271	if (isset($_POST['associate'])
272	and ($has_plugin_community == true)
273	and isset($_POST['cat_dissociated'])
274	and count($_POST['cat_dissociated']) > 0
275	)
276	{
277	associate_images_to_categories(
278	array($_GET['image_id']),
279	array_intersect($_POST['cat_dissociated'], $my_categories)
280	);
281	}
282
283
284	// dissociate the element from categories (but not from its storage category)
285	if (isset($_POST['dissociate'])
286	and ($has_plugin_community == true)
287	and isset($_POST['cat_associated'])
288	and count($_POST['cat_associated']) > 0
289	)
290	{
291	$arr_dissociate = array_intersect($_POST['cat_associated'], $my_categories);
292	$query = '
293	DELETE FROM '.IMAGE_CATEGORY_TABLE.'
294	WHERE image_id = '.$_GET['image_id'].'
295	AND category_id IN ('.implode(',', $arr_dissociate).')
296	';
297	pwg_query($query);
298
299	update_category($arr_dissociate);
300	}
301
302	// +-----------------------------------------------------------------------+
303	// \| representation \|
304	// +-----------------------------------------------------------------------+
305
306	// select the element to represent the given categories
307	if (isset($_POST['elect'])
308	and ($has_plugin_community == true)
309	and isset($_POST['cat_dismissed'])
310	and count($_POST['cat_dismissed']) > 0
311	)
312	{
313	$datas = array();
314	$arr_dimissed = array_intersect($_POST['cat_dismissed'], $my_categories);
315	if (count($arr_dimissed) > 0)
316	{
317	foreach ($arr_dimissed as $category_id)
318	{
319	array_push($datas,
320	array('id' => $category_id,
321	'representative_picture_id' => $_GET['image_id']));
322	}
323	$fields = array('primary' => array('id'),
324	'update' => array('representative_picture_id'));
325	mass_updates(CATEGORIES_TABLE, $fields, $datas);
326	}
327	}
328
329	// dismiss the element as representant of the given categories
330	if (isset($_POST['dismiss'])
331	and ($has_plugin_community == true)
332	and isset($_POST['cat_elected'])
333	and count($_POST['cat_elected']) > 0
334	)
335	{
336	$arr_dismiss = array_intersect($_POST['cat_elected'], $my_categories);
337	if (count($arr_dismiss) > 0)
338	{
339	set_random_representant($arr_dismiss);
340	}
341	}
342
343	// +-----------------------------------------------------------------------+
344	// \| tagging support \|
345	// +-----------------------------------------------------------------------+
346
347	if (version_compare(PHPWG_VERSION, '2.2.5', '<')) {
348	$q_tag_selection = "tag_id, name AS tag_name";
349	$q_tags = 'id AS tag_id, name AS tag_name';
350	}
351	else {
352	$q_tag_selection = "tag_id AS id, name";
353	$q_tags = 'id, name';
354	}
355
356	$query = '
357	SELECT
358	'.$q_tag_selection.'
359	FROM '.IMAGE_TAG_TABLE.' AS it
360	JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
361	WHERE image_id = '.$_GET['image_id'].'
362	;';
363	$tag_selection = get_taglist($query);
364
365	$query = '
366	SELECT
367	'.$q_tags.'
368	FROM '.TAGS_TABLE.'
369	;';
370	$tags = get_taglist($query);
371
372	// retrieving direct information about picture
373	$query = '
374	SELECT *
375	FROM '.IMAGES_TABLE.'
376	WHERE id = '.$_GET['image_id'].'
377	;';
378	$row = pwg_db_fetch_assoc(pwg_query($query));
379
380	// the physical storage directory contains the image
381	$storage_category_id = null;
382	if (!empty($row['storage_category_id']))
383	{
384	$storage_category_id = $row['storage_category_id'];
385	}
386
387	$image_file = $row['file'];
388
389	// +-----------------------------------------------------------------------+
390	// \| template init \|
391	// +-----------------------------------------------------------------------+
392
393	$template->set_template_dir(ICY_PICTURE_MODIFY_PATH.'template/');
394	$template->set_filenames(array('icy_picture_modify' => 'icy_picture_modify.tpl'));
395
396	$admin_url_start = get_root_url().'index.php?/icy_picture_modify';
397	$admin_url_start.= '&image_id='.$_GET['image_id'];
398	$admin_url_start.= isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '';
399
400	$template->assign(
401	array(
402	'ICY_PICTURE_MODIFY_PATH' => ICY_PICTURE_MODIFY_PATH,
403	'ICY_ROOT_PATH' => realpath(dirname(PHPWG_PLUGINS_PATH)),
404	'tag_selection' => $tag_selection,
405	'tags' => $tags,
406	'U_SYNC' => $admin_url_start.'&sync_metadata=1',
407	'U_DELETE' => $admin_url_start.'&delete=1&pwg_token='.get_pwg_token(),
408
409	'PATH'=>$row['path'],
410
411	'TN_SRC' => get_thumbnail_url($row),
412
413	'NAME' =>
414	isset($_POST['name']) ?
415	stripslashes($_POST['name']) : @$row['name'],
416
417	'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
418
419	'FILESIZE' => @$row['filesize'].' KB',
420
421	'REGISTRATION_DATE' => format_date($row['date_available']),
422
423	'AUTHOR' => htmlspecialchars(
424	isset($_POST['author'])
425	? stripslashes($_POST['author'])
426	: @$row['author']
427	),
428
429	'DESCRIPTION' =>
430	htmlspecialchars( isset($_POST['description']) ?
431	stripslashes($_POST['description']) : @$row['comment'] ),
432
433	'F_ACTION' =>
434	get_root_url() # .'index.php?/icy_picture_modify'
435	.get_query_string_diff(array('sync_metadata'))
436	)
437	);
438
439	if ($row['has_high'] == 'true')
440	{
441	$template->assign(
442	'HIGH_FILESIZE',
443	isset($row['high_filesize'])
444	? $row['high_filesize'].' KB'
445	: l10n('unknown')
446	);
447	}
448
449	// image level options
450	$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
451	$template->assign(
452	array(
453	'level_options'=> get_privacy_level_options(),
454	'level_options_selected' => array($selected_level)
455	)
456	);
457
458	// creation date
459	unset($day, $month, $year);
460
461	if (isset($_POST['date_creation_action'])
462	and 'set' == $_POST['date_creation_action'])
463	{
464	foreach (array('day', 'month', 'year') as $varname)
465	{
466	$$varname = $_POST['date_creation_'.$varname];
467	}
468	}
469	else if (isset($row['date_creation']) and !empty($row['date_creation']))
470	{
471	list($year, $month, $day) = explode('-', $row['date_creation']);
472	}
473	else
474	{
475	list($year, $month, $day) = array('', 0, 0);
476	}
477
478
479	$month_list = $lang['month'];
480	$month_list[0]='------------';
481	ksort($month_list);
482
483	$template->assign(
484	array(
485	'DATE_CREATION_DAY_VALUE' => $day,
486	'DATE_CREATION_MONTH_VALUE' => $month,
487	'DATE_CREATION_YEAR_VALUE' => $year,
488	'month_list' => $month_list,
489	)
490	);
491
492	$query = '
493	SELECT category_id, uppercats
494	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
495	INNER JOIN '.CATEGORIES_TABLE.' AS c
496	ON c.id = ic.category_id
497	WHERE image_id = '.$_GET['image_id'].'
498	;';
499	$result = pwg_query($query);
500
501	while ($row = pwg_db_fetch_assoc($result))
502	{
503	$name =
504	get_cat_display_name_cache(
505	$row['uppercats'],
506	get_root_url().'index.php?/icy_picture_modify&cat_id=',
507	false
508	);
509
510	if ($row['category_id'] == $storage_category_id)
511	{
512	$template->assign('STORAGE_CATEGORY', $name);
513	}
514	else
515	{
516	$template->append('related_categories', $name);
517	}
518	}
519
520	// jump to link
521	//
522	// 1. find all linked categories that are reachable for the current user.
523	// 2. if a category is available in the URL, use it if reachable
524	// 3. if URL category not available or reachable, use the first reachable
525	// linked category
526	// 4. if no category reachable, no jumpto link
527
528	$query = '
529	SELECT category_id
530	FROM '.IMAGE_CATEGORY_TABLE.'
531	WHERE image_id = '.$_GET['image_id'].'
532	;';
533
534	// list of categories (OF THIS IMAGE) to which the user can access
535	$authorizeds = array_intersect($my_categories,
536	array_from_query($query, 'category_id'));
537
538	// if current category belongs to list of authorized categories
539	// we simply provide link to that category
540	if (isset($_GET['cat_id'])
541	and in_array($_GET['cat_id'], $authorizeds))
542	{
543	$url_img = make_picture_url(
544	array(
545	'image_id' => $_GET['image_id'],
546	'image_file' => $image_file,
547	'category' => $cache['cat_names'][ $_GET['cat_id'] ],
548	)
549	);
550	}
551	// otherwise we provide links to the first category in the list
552	else
553	{
554	foreach ($authorizeds as $category)
555	{
556	$url_img = make_picture_url(
557	array(
558	'image_id' => $_GET['image_id'],
559	'image_file' => $image_file,
560	'category' => $cache['cat_names'][ $category ],
561	)
562	);
563	// FIXME: why the first category is selected?
564	break;
565	}
566	}
567
568	if (isset($url_img))
569	{
570	$template->assign( 'U_JUMPTO', $url_img );
571	}
572
573	// associate to another category ?
574	$query = '
575	SELECT id,name,uppercats,global_rank
576	FROM '.CATEGORIES_TABLE.'
577	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
578	WHERE image_id = '.$_GET['image_id'] . '
579	AND id IN ('. join(",", $my_categories).')';
580	// if the image belongs to a physical storage,
581	// we simply ignore that storage album
582	if (isset($storage_category_id))
583	{
584	$query.= '
585	AND id != '.$storage_category_id;
586	}
587	$query.= '
588	;';
589	display_select_cat_wrapper($query, array(), 'associated_options');
590
591	$result = pwg_query($query);
592	$associateds = array(-1);
593	if (isset($storage_category_id))
594	{
595	array_push($associateds, $storage_category_id);
596	}
597	while ($row = pwg_db_fetch_assoc($result))
598	{
599	array_push($associateds, $row['id']);
600	}
601	$query = '
602	SELECT id,name,uppercats,global_rank
603	FROM '.CATEGORIES_TABLE.'
604	WHERE id NOT IN ('.implode(',', $associateds).')
605	AND id IN ('. join(",", $my_categories).')
606	;';
607	display_select_cat_wrapper($query, array(), 'dissociated_options');
608
609	// display list of categories for representing
610	$query = '
611	SELECT id,name,uppercats,global_rank
612	FROM '.CATEGORIES_TABLE.'
613	WHERE representative_picture_id = '.$_GET['image_id'].'
614	AND id IN ('. join(",", $my_categories).')
615	;';
616	display_select_cat_wrapper($query, array(), 'elected_options');
617
618	$query = '
619	SELECT id,name,uppercats,global_rank
620	FROM '.CATEGORIES_TABLE.'
621	WHERE id IN ('. join(",", $my_categories).')
622	AND (representative_picture_id != '.$_GET['image_id'].'
623	OR representative_picture_id IS NULL)
624	;';
625	display_select_cat_wrapper($query, array(), 'dismissed_options');
626
627	//----------------------------------------------------------- sending html code
628
629	$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'icy_picture_modify');
630
631	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/extensions/Icy_Picture_Modify/icy_picture_modify.php @ 12818

Download in other formats: