source: extensions/Icy_Picture_Modify/icy_picture_modify.php @ 16355

Revision 16355, 18.4 KB checked in by icy, 7 years ago (diff)

Clean up code

Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25if (!defined('ICY_PICTURE_MODIFY_PATH')) die('Hacking attempt!');
26
27include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28include_once(ICY_PICTURE_MODIFY_PATH.'include/functions_icy_picture_modify.inc.php');
29
30global $template, $conf, $user, $page, $lang, $cache;
31
32// <admin.php>
33$page['errors'] = array();
34$page['infos']  = array();
35$page['warnings']  = array();
36// </admin.php>
37
38// +-----------------------------------------------------------------------+
39// |                             check permission                          |
40// +-----------------------------------------------------------------------+
41
42// redirect users to the index page or category page if 'image_id' isn't provided
43if (!isset($_GET['image_id']))
44{
45  if (isset($_GET['cat_id']))
46  {
47    redirect_http(get_root_url().'?/category/'.$_GET['cat_id']);
48  }
49  else
50  {
51    // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
52    redirect_http(make_index_url());
53  }
54}
55
56check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
57check_input_parameter('image_id', $_GET, false, PATTERN_ID);
58
59// Simplify redirect to administrator page if current user == admin
60if (is_admin())
61{
62  if (icy_does_image_exist($_GET['image_id']))
63  {
64    $url = get_root_url().'admin.php?page=picture_modify';
65    $url.= '&amp;image_id='.$_GET['image_id'];
66    $url.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
67    // FIXME: What happens if a POST data were sent within admin uid?
68    redirect_http($url);
69  }
70  else
71  {
72    bad_request('invalid picture identifier');
73  }
74}
75elseif (!icy_check_image_owner($_GET['image_id'], $user['id']))
76{
77  $url = make_picture_url(
78      array(
79        'image_id' => $_GET['image_id'],
80        'cat_id' => isset($_GET['cat_id']) ? $_GET['cat_id'] : ""
81      )
82    );
83  // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
84  redirect_http($url);
85}
86
87// Update the page sessions
88if (isset($_SESSION['page_infos']))
89{
90  $page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
91  unset($_SESSION['page_infos']);
92}
93
94// <find writable categories>
95
96// * Purpose: Find all categories that are reachable for the current user.
97// * FIXME:   This query will include all readable categories, included
98//            the ones user can't write to them.
99
100$my_categories = array();
101$my_permissions = null;
102$has_plugin_community = false;
103
104// <community support>
105if (is_file(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php'))
106{
107  include_once(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php');
108  $has_plugin_community = true;
109
110  $user_permissions = community_get_user_permissions($user['id']);
111  $my_categories = $user_permissions['upload_categories'];
112}
113// </community support>
114
115if (($has_plugin_community == false) or $user_permissions['create_whole_gallery'])
116{
117  $query = '
118  SELECT category_id
119    FROM '.IMAGE_CATEGORY_TABLE.'
120  ;';
121
122  // list of categories to which the user can read
123  $my_categories = array_diff(
124    array_from_query($query, 'category_id'),
125    explode(',',calculate_permissions($user['id'], $user['status'])));
126}
127// </find writable categories>
128
129// +-----------------------------------------------------------------------+
130// |                             delete photo                              |
131// +-----------------------------------------------------------------------+
132
133if (isset($_GET['delete']))
134{
135  check_pwg_token();
136
137  delete_elements(array($_GET['image_id']), true);
138
139  invalidate_user_cache();
140
141  // where to redirect the user now?
142  //
143  // 1. if a category is available in the URL, use it
144  // 2. else use the first reachable linked category
145  // 3. redirect to gallery root
146
147  if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
148  {
149    redirect(
150      make_index_url(
151        array(
152          'category' => get_cat_info($_GET['cat_id'])
153          )
154        )
155      );
156  }
157
158  $query = '
159SELECT category_id
160  FROM '.IMAGE_CATEGORY_TABLE.'
161  WHERE image_id = '.$_GET['image_id'].'
162;';
163
164  $authorizeds = array_intersect($my_categories,
165    array_from_query($query, 'category_id'));
166
167  foreach ($authorizeds as $category_id)
168  {
169    redirect(
170      make_index_url(
171        array(
172          'category' => get_cat_info($category_id)
173          )
174        )
175      );
176  }
177
178  redirect(make_index_url());
179}
180
181// +-----------------------------------------------------------------------+
182// |                          synchronize metadata                         |
183// +-----------------------------------------------------------------------+
184
185if (isset($_GET['sync_metadata']))
186{
187  $query = '
188SELECT path
189  FROM '.IMAGES_TABLE.'
190  WHERE id = '.$_GET['image_id'].'
191;';
192  list($path) = pwg_db_fetch_row(pwg_query($query));
193  update_metadata(array($_GET['image_id'] => $path));
194
195  array_push($page['infos'], l10n('Metadata synchronized from file'));
196}
197
198// +-----------------------------------------------------------------------+
199// |                          update informations                          |
200// +-----------------------------------------------------------------------+
201
202// first, we verify whether there is a mistake on the given creation date
203if (isset($_POST['date_creation_action'])
204    and 'set' == $_POST['date_creation_action'])
205{
206  if (!is_numeric($_POST['date_creation_year'])
207    or !checkdate(
208          $_POST['date_creation_month'],
209          $_POST['date_creation_day'],
210          $_POST['date_creation_year'])
211    )
212  {
213    array_push($page['errors'], l10n('wrong date'));
214  }
215}
216
217if (isset($_POST['submit']) and count($page['errors']) == 0)
218{
219  $data = array();
220  $data{'id'} = $_GET['image_id'];
221  $data{'name'} = $_POST['name'];
222  $data{'author'} = $_POST['author'];
223  $data['level'] = $_POST['level'];
224
225  if ($conf['allow_html_descriptions'])
226  {
227    $data{'comment'} = @$_POST['description'];
228  }
229  else
230  {
231    $data{'comment'} = strip_tags(@$_POST['description']);
232  }
233
234  if (isset($_POST['date_creation_action']))
235  {
236    if ('set' == $_POST['date_creation_action'])
237    {
238      $data{'date_creation'} = $_POST['date_creation_year']
239                                 .'-'.$_POST['date_creation_month']
240                                 .'-'.$_POST['date_creation_day'];
241    }
242    else if ('unset' == $_POST['date_creation_action'])
243    {
244      $data{'date_creation'} = '';
245    }
246  }
247
248  mass_updates(
249    IMAGES_TABLE,
250    array(
251      'primary' => array('id'),
252      'update' => array_diff(array_keys($data), array('id'))
253      ),
254    array($data)
255    );
256
257  // time to deal with tags
258  $tag_ids = array();
259  if (!empty($_POST['tags']))
260  {
261    $tag_ids = get_tag_ids($_POST['tags']);
262  }
263  set_tags($tag_ids, $_GET['image_id']);
264
265  array_push($page['infos'], l10n('Photo informations updated'));
266}
267
268// +-----------------------------------------------------------------------+
269// |                              associate                                |
270// +-----------------------------------------------------------------------+
271// associate the element to other categories than its storage category
272//
273if (isset($_POST['associate'])
274    and ($has_plugin_community == true)
275    and isset($_POST['cat_dissociated'])
276    and count($_POST['cat_dissociated']) > 0
277  )
278{
279  associate_images_to_categories(
280    array($_GET['image_id']),
281    array_intersect($_POST['cat_dissociated'], $my_categories)
282    );
283  invalidate_user_cache();
284}
285
286
287// dissociate the element from categories (but not from its storage category)
288if (isset($_POST['dissociate'])
289    and ($has_plugin_community == true)
290    and isset($_POST['cat_associated'])
291    and count($_POST['cat_associated']) > 0
292  )
293{
294  $arr_dissociate = array_intersect($_POST['cat_associated'], $my_categories);
295  $query = '
296DELETE FROM '.IMAGE_CATEGORY_TABLE.'
297  WHERE image_id = '.$_GET['image_id'].'
298    AND category_id IN ('.implode(',', $arr_dissociate).')
299';
300  pwg_query($query);
301
302  update_category($arr_dissociate);
303  invalidate_user_cache();
304}
305
306// +-----------------------------------------------------------------------+
307// |                              representation                           |
308// +-----------------------------------------------------------------------+
309
310// select the element to represent the given categories
311if (isset($_POST['elect'])
312    and ($has_plugin_community == true)
313    and isset($_POST['cat_dismissed'])
314    and count($_POST['cat_dismissed']) > 0
315  )
316{
317  $datas = array();
318  $arr_dimissed = array_intersect($_POST['cat_dismissed'], $my_categories);
319  if (count($arr_dimissed) > 0)
320  {
321    foreach ($arr_dimissed as $category_id)
322    {
323      array_push($datas,
324                 array('id' => $category_id,
325                       'representative_picture_id' => $_GET['image_id']));
326    }
327    $fields = array('primary' => array('id'),
328                    'update' => array('representative_picture_id'));
329    mass_updates(CATEGORIES_TABLE, $fields, $datas);
330    invalidate_user_cache();
331  }
332}
333
334// dismiss the element as representant of the given categories
335if (isset($_POST['dismiss'])
336    and ($has_plugin_community == true)
337    and isset($_POST['cat_elected'])
338    and count($_POST['cat_elected']) > 0
339  )
340{
341  $arr_dismiss = array_intersect($_POST['cat_elected'], $my_categories);
342  if (count($arr_dismiss) > 0)
343  {
344    set_random_representant($arr_dismiss);
345    invalidate_user_cache();
346  }
347}
348
349// +-----------------------------------------------------------------------+
350// |                             tagging support                           |
351// +-----------------------------------------------------------------------+
352
353if (version_compare(PHPWG_VERSION, '2.2.5', '<')) {
354  $q_tag_selection = "tag_id, name AS tag_name";
355  $q_tags = 'id AS tag_id, name AS tag_name';
356}
357else {
358  $q_tag_selection = "tag_id AS id, name";
359  $q_tags = 'id, name';
360}
361
362$query = '
363SELECT
364    '.$q_tag_selection.'
365  FROM '.IMAGE_TAG_TABLE.' AS it
366    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
367  WHERE image_id = '.$_GET['image_id'].'
368;';
369$tag_selection = get_taglist($query);
370
371$query = '
372SELECT
373    '.$q_tags.'
374  FROM '.TAGS_TABLE.'
375;';
376$tags = get_taglist($query);
377
378// retrieving direct information about picture
379$query = '
380SELECT *
381  FROM '.IMAGES_TABLE.'
382  WHERE id = '.$_GET['image_id'].'
383;';
384$row = pwg_db_fetch_assoc(pwg_query($query));
385
386// the physical storage directory contains the image
387$storage_category_id = null;
388if (!empty($row['storage_category_id']))
389{
390  $storage_category_id = $row['storage_category_id'];
391}
392
393$image_file = $row['file'];
394
395// +-----------------------------------------------------------------------+
396// |                             template init                             |
397// +-----------------------------------------------------------------------+
398
399$template->set_template_dir(ICY_PICTURE_MODIFY_PATH.'template/');
400$template->set_filenames(array('icy_picture_modify' => 'icy_picture_modify.tpl'));
401
402$admin_url_start = get_root_url().'index.php?/icy_picture_modify';
403$admin_url_start.= '&amp;image_id='.$_GET['image_id'];
404$admin_url_start.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
405
406$template->assign(
407  array(
408    'ICY_PICTURE_MODIFY_PATH' => ICY_PICTURE_MODIFY_PATH,
409    'ICY_ROOT_PATH' => realpath(dirname(PHPWG_PLUGINS_PATH)),
410    'tag_selection' => $tag_selection,
411    'tags' => $tags,
412    'U_SYNC' => $admin_url_start.'&amp;sync_metadata=1',
413    'U_DELETE' => $admin_url_start.'&amp;delete=1&amp;pwg_token='.get_pwg_token(),
414
415    'PATH'=>$row['path'],
416
417    'TN_SRC' => get_thumbnail_url($row),
418
419    'NAME' =>
420      isset($_POST['name']) ?
421        stripslashes($_POST['name']) : @$row['name'],
422
423    'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
424
425    'FILESIZE' => @$row['filesize'].' KB',
426
427    'REGISTRATION_DATE' => format_date($row['date_available']),
428
429    'AUTHOR' => htmlspecialchars(
430      isset($_POST['author'])
431        ? stripslashes($_POST['author'])
432        : @$row['author']
433      ),
434
435    'DESCRIPTION' =>
436      htmlspecialchars( isset($_POST['description']) ?
437        stripslashes($_POST['description']) : @$row['comment'] ),
438
439    'F_ACTION' =>
440        get_root_url() # .'index.php?/icy_picture_modify'
441        .get_query_string_diff(array('sync_metadata'))
442    )
443  );
444
445if (array_key_exists('has_high', $row) and $row['has_high'] == 'true')
446{
447  $template->assign(
448    'HIGH_FILESIZE',
449    isset($row['high_filesize'])
450        ? $row['high_filesize'].' KB'
451        : l10n('unknown')
452    );
453}
454
455// image level options
456$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
457$template->assign(
458    array(
459      'level_options'=> get_privacy_level_options(),
460      'level_options_selected' => array($selected_level)
461    )
462  );
463
464// creation date
465unset($day, $month, $year);
466
467if (isset($_POST['date_creation_action'])
468    and 'set' == $_POST['date_creation_action'])
469{
470  foreach (array('day', 'month', 'year') as $varname)
471  {
472    $$varname = $_POST['date_creation_'.$varname];
473  }
474}
475else if (isset($row['date_creation']) and !empty($row['date_creation']))
476{
477  list($year, $month, $day) = explode('-', $row['date_creation']);
478}
479else
480{
481  list($year, $month, $day) = array('', 0, 0);
482}
483
484
485$month_list = $lang['month'];
486$month_list[0]='------------';
487ksort($month_list);
488
489$template->assign(
490    array(
491      'DATE_CREATION_DAY_VALUE' => $day,
492      'DATE_CREATION_MONTH_VALUE' => $month,
493      'DATE_CREATION_YEAR_VALUE' => $year,
494      'month_list' => $month_list,
495      )
496    );
497
498$query = '
499SELECT category_id, uppercats
500  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
501    INNER JOIN '.CATEGORIES_TABLE.' AS c
502      ON c.id = ic.category_id
503  WHERE image_id = '.$_GET['image_id'].'
504;';
505$result = pwg_query($query);
506
507while ($row = pwg_db_fetch_assoc($result))
508{
509  $name =
510    get_cat_display_name_cache(
511      $row['uppercats'],
512      get_root_url().'index.php?/icy_picture_modify&amp;cat_id=',
513      false
514      );
515
516  if ($row['category_id'] == $storage_category_id)
517  {
518    $template->assign('STORAGE_CATEGORY', $name);
519  }
520  else
521  {
522    $template->append('related_categories', $name);
523  }
524}
525
526// jump to link
527//
528// 1. find all linked categories that are reachable for the current user.
529// 2. if a category is available in the URL, use it if reachable
530// 3. if URL category not available or reachable, use the first reachable
531//    linked category
532// 4. if no category reachable, no jumpto link
533
534$query = '
535SELECT category_id
536  FROM '.IMAGE_CATEGORY_TABLE.'
537  WHERE image_id = '.$_GET['image_id'].'
538;';
539
540// list of categories (OF THIS IMAGE) to which the user can access
541$authorizeds = array_intersect($my_categories,
542  array_from_query($query, 'category_id'));
543
544// if current category belongs to list of authorized categories
545// we simply provide link to that category
546if (isset($_GET['cat_id'])
547    and in_array($_GET['cat_id'], $authorizeds))
548{
549  $url_img = make_picture_url(
550    array(
551      'image_id' => $_GET['image_id'],
552      'image_file' => $image_file,
553      'category' => $cache['cat_names'][ $_GET['cat_id'] ],
554      )
555    );
556}
557// otherwise we provide links to the *first* category in the list
558else
559{
560  foreach ($authorizeds as $category)
561  {
562    $url_img = make_picture_url(
563      array(
564        'image_id' => $_GET['image_id'],
565        'image_file' => $image_file,
566        'category' => $cache['cat_names'][ $category ],
567        )
568      );
569    // FIXME: why the first category is selected?
570    break;
571  }
572}
573
574if (isset($url_img))
575{
576  $template->assign( 'U_JUMPTO', $url_img );
577}
578
579// associate to another category ?
580$query = '
581SELECT id,name,uppercats,global_rank
582  FROM '.CATEGORIES_TABLE.'
583    INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
584  WHERE image_id = '.$_GET['image_id'] . '
585    AND id IN ('. join(",", $my_categories).')';
586// if the image belongs to a physical storage,
587// we simply ignore that storage album
588if (isset($storage_category_id))
589{
590  $query.= '
591    AND id != '.$storage_category_id;
592}
593$query.= '
594;';
595display_select_cat_wrapper($query, array(), 'associated_options');
596
597$result = pwg_query($query);
598$associateds = array(-1);
599if (isset($storage_category_id))
600{
601  array_push($associateds, $storage_category_id);
602}
603while ($row = pwg_db_fetch_assoc($result))
604{
605  array_push($associateds, $row['id']);
606}
607$query = '
608SELECT id,name,uppercats,global_rank
609  FROM '.CATEGORIES_TABLE.'
610  WHERE id NOT IN ('.implode(',', $associateds).')
611  AND id IN ('. join(",", $my_categories).')
612;';
613display_select_cat_wrapper($query, array(), 'dissociated_options');
614
615// display list of categories for representing
616$query = '
617SELECT id,name,uppercats,global_rank
618  FROM '.CATEGORIES_TABLE.'
619  WHERE representative_picture_id = '.$_GET['image_id'].'
620    AND id IN ('. join(",", $my_categories).')
621;';
622display_select_cat_wrapper($query, array(), 'elected_options');
623
624$query = '
625SELECT id,name,uppercats,global_rank
626  FROM '.CATEGORIES_TABLE.'
627  WHERE id IN ('. join(",", $my_categories).')
628    AND (representative_picture_id != '.$_GET['image_id'].'
629    OR representative_picture_id IS NULL)
630;';
631display_select_cat_wrapper($query, array(), 'dismissed_options');
632
633//----------------------------------------------------------- sending html code
634
635$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'icy_picture_modify');
636
637?>
Note: See TracBrowser for help on using the repository browser.