Context Navigation

source: extensions/Icy_Picture_Modify/icy_picture_modify.php @ 16357

Last change on this file since 16357 was 16355, checked in by icy, 12 years ago
Clean up code
File size: 18.4 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25	if (!defined('ICY_PICTURE_MODIFY_PATH')) die('Hacking attempt!');
26
27	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28	include_once(ICY_PICTURE_MODIFY_PATH.'include/functions_icy_picture_modify.inc.php');
29
30	global $template, $conf, $user, $page, $lang, $cache;
31
32	// <admin.php>
33	$page['errors'] = array();
34	$page['infos'] = array();
35	$page['warnings'] = array();
36	// </admin.php>
37
38	// +-----------------------------------------------------------------------+
39	// \| check permission \|
40	// +-----------------------------------------------------------------------+
41
42	// redirect users to the index page or category page if 'image_id' isn't provided
43	if (!isset($_GET['image_id']))
44	{
45	if (isset($_GET['cat_id']))
46	{
47	redirect_http(get_root_url().'?/category/'.$_GET['cat_id']);
48	}
49	else
50	{
51	// FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
52	redirect_http(make_index_url());
53	}
54	}
55
56	check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
57	check_input_parameter('image_id', $_GET, false, PATTERN_ID);
58
59	// Simplify redirect to administrator page if current user == admin
60	if (is_admin())
61	{
62	if (icy_does_image_exist($_GET['image_id']))
63	{
64	$url = get_root_url().'admin.php?page=picture_modify';
65	$url.= '&image_id='.$_GET['image_id'];
66	$url.= isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '';
67	// FIXME: What happens if a POST data were sent within admin uid?
68	redirect_http($url);
69	}
70	else
71	{
72	bad_request('invalid picture identifier');
73	}
74	}
75	elseif (!icy_check_image_owner($_GET['image_id'], $user['id']))
76	{
77	$url = make_picture_url(
78	array(
79	'image_id' => $_GET['image_id'],
80	'cat_id' => isset($_GET['cat_id']) ? $_GET['cat_id'] : ""
81	)
82	);
83	// FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
84	redirect_http($url);
85	}
86
87	// Update the page sessions
88	if (isset($_SESSION['page_infos']))
89	{
90	$page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
91	unset($_SESSION['page_infos']);
92	}
93
94	// <find writable categories>
95
96	// * Purpose: Find all categories that are reachable for the current user.
97	// * FIXME: This query will include all readable categories, included
98	// the ones user can't write to them.
99
100	$my_categories = array();
101	$my_permissions = null;
102	$has_plugin_community = false;
103
104	// <community support>
105	if (is_file(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php'))
106	{
107	include_once(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php');
108	$has_plugin_community = true;
109
110	$user_permissions = community_get_user_permissions($user['id']);
111	$my_categories = $user_permissions['upload_categories'];
112	}
113	// </community support>
114
115	if (($has_plugin_community == false) or $user_permissions['create_whole_gallery'])
116	{
117	$query = '
118	SELECT category_id
119	FROM '.IMAGE_CATEGORY_TABLE.'
120	;';
121
122	// list of categories to which the user can read
123	$my_categories = array_diff(
124	array_from_query($query, 'category_id'),
125	explode(',',calculate_permissions($user['id'], $user['status'])));
126	}
127	// </find writable categories>
128
129	// +-----------------------------------------------------------------------+
130	// \| delete photo \|
131	// +-----------------------------------------------------------------------+
132
133	if (isset($_GET['delete']))
134	{
135	check_pwg_token();
136
137	delete_elements(array($_GET['image_id']), true);
138
139	invalidate_user_cache();
140
141	// where to redirect the user now?
142	//
143	// 1. if a category is available in the URL, use it
144	// 2. else use the first reachable linked category
145	// 3. redirect to gallery root
146
147	if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
148	{
149	redirect(
150	make_index_url(
151	array(
152	'category' => get_cat_info($_GET['cat_id'])
153	)
154	)
155	);
156	}
157
158	$query = '
159	SELECT category_id
160	FROM '.IMAGE_CATEGORY_TABLE.'
161	WHERE image_id = '.$_GET['image_id'].'
162	;';
163
164	$authorizeds = array_intersect($my_categories,
165	array_from_query($query, 'category_id'));
166
167	foreach ($authorizeds as $category_id)
168	{
169	redirect(
170	make_index_url(
171	array(
172	'category' => get_cat_info($category_id)
173	)
174	)
175	);
176	}
177
178	redirect(make_index_url());
179	}
180
181	// +-----------------------------------------------------------------------+
182	// \| synchronize metadata \|
183	// +-----------------------------------------------------------------------+
184
185	if (isset($_GET['sync_metadata']))
186	{
187	$query = '
188	SELECT path
189	FROM '.IMAGES_TABLE.'
190	WHERE id = '.$_GET['image_id'].'
191	;';
192	list($path) = pwg_db_fetch_row(pwg_query($query));
193	update_metadata(array($_GET['image_id'] => $path));
194
195	array_push($page['infos'], l10n('Metadata synchronized from file'));
196	}
197
198	// +-----------------------------------------------------------------------+
199	// \| update informations \|
200	// +-----------------------------------------------------------------------+
201
202	// first, we verify whether there is a mistake on the given creation date
203	if (isset($_POST['date_creation_action'])
204	and 'set' == $_POST['date_creation_action'])
205	{
206	if (!is_numeric($_POST['date_creation_year'])
207	or !checkdate(
208	$_POST['date_creation_month'],
209	$_POST['date_creation_day'],
210	$_POST['date_creation_year'])
211	)
212	{
213	array_push($page['errors'], l10n('wrong date'));
214	}
215	}
216
217	if (isset($_POST['submit']) and count($page['errors']) == 0)
218	{
219	$data = array();
220	$data{'id'} = $_GET['image_id'];
221	$data{'name'} = $_POST['name'];
222	$data{'author'} = $_POST['author'];
223	$data['level'] = $_POST['level'];
224
225	if ($conf['allow_html_descriptions'])
226	{
227	$data{'comment'} = @$_POST['description'];
228	}
229	else
230	{
231	$data{'comment'} = strip_tags(@$_POST['description']);
232	}
233
234	if (isset($_POST['date_creation_action']))
235	{
236	if ('set' == $_POST['date_creation_action'])
237	{
238	$data{'date_creation'} = $_POST['date_creation_year']
239	.'-'.$_POST['date_creation_month']
240	.'-'.$_POST['date_creation_day'];
241	}
242	else if ('unset' == $_POST['date_creation_action'])
243	{
244	$data{'date_creation'} = '';
245	}
246	}
247
248	mass_updates(
249	IMAGES_TABLE,
250	array(
251	'primary' => array('id'),
252	'update' => array_diff(array_keys($data), array('id'))
253	),
254	array($data)
255	);
256
257	// time to deal with tags
258	$tag_ids = array();
259	if (!empty($_POST['tags']))
260	{
261	$tag_ids = get_tag_ids($_POST['tags']);
262	}
263	set_tags($tag_ids, $_GET['image_id']);
264
265	array_push($page['infos'], l10n('Photo informations updated'));
266	}
267
268	// +-----------------------------------------------------------------------+
269	// \| associate \|
270	// +-----------------------------------------------------------------------+
271	// associate the element to other categories than its storage category
272	//
273	if (isset($_POST['associate'])
274	and ($has_plugin_community == true)
275	and isset($_POST['cat_dissociated'])
276	and count($_POST['cat_dissociated']) > 0
277	)
278	{
279	associate_images_to_categories(
280	array($_GET['image_id']),
281	array_intersect($_POST['cat_dissociated'], $my_categories)
282	);
283	invalidate_user_cache();
284	}
285
286
287	// dissociate the element from categories (but not from its storage category)
288	if (isset($_POST['dissociate'])
289	and ($has_plugin_community == true)
290	and isset($_POST['cat_associated'])
291	and count($_POST['cat_associated']) > 0
292	)
293	{
294	$arr_dissociate = array_intersect($_POST['cat_associated'], $my_categories);
295	$query = '
296	DELETE FROM '.IMAGE_CATEGORY_TABLE.'
297	WHERE image_id = '.$_GET['image_id'].'
298	AND category_id IN ('.implode(',', $arr_dissociate).')
299	';
300	pwg_query($query);
301
302	update_category($arr_dissociate);
303	invalidate_user_cache();
304	}
305
306	// +-----------------------------------------------------------------------+
307	// \| representation \|
308	// +-----------------------------------------------------------------------+
309
310	// select the element to represent the given categories
311	if (isset($_POST['elect'])
312	and ($has_plugin_community == true)
313	and isset($_POST['cat_dismissed'])
314	and count($_POST['cat_dismissed']) > 0
315	)
316	{
317	$datas = array();
318	$arr_dimissed = array_intersect($_POST['cat_dismissed'], $my_categories);
319	if (count($arr_dimissed) > 0)
320	{
321	foreach ($arr_dimissed as $category_id)
322	{
323	array_push($datas,
324	array('id' => $category_id,
325	'representative_picture_id' => $_GET['image_id']));
326	}
327	$fields = array('primary' => array('id'),
328	'update' => array('representative_picture_id'));
329	mass_updates(CATEGORIES_TABLE, $fields, $datas);
330	invalidate_user_cache();
331	}
332	}
333
334	// dismiss the element as representant of the given categories
335	if (isset($_POST['dismiss'])
336	and ($has_plugin_community == true)
337	and isset($_POST['cat_elected'])
338	and count($_POST['cat_elected']) > 0
339	)
340	{
341	$arr_dismiss = array_intersect($_POST['cat_elected'], $my_categories);
342	if (count($arr_dismiss) > 0)
343	{
344	set_random_representant($arr_dismiss);
345	invalidate_user_cache();
346	}
347	}
348
349	// +-----------------------------------------------------------------------+
350	// \| tagging support \|
351	// +-----------------------------------------------------------------------+
352
353	if (version_compare(PHPWG_VERSION, '2.2.5', '<')) {
354	$q_tag_selection = "tag_id, name AS tag_name";
355	$q_tags = 'id AS tag_id, name AS tag_name';
356	}
357	else {
358	$q_tag_selection = "tag_id AS id, name";
359	$q_tags = 'id, name';
360	}
361
362	$query = '
363	SELECT
364	'.$q_tag_selection.'
365	FROM '.IMAGE_TAG_TABLE.' AS it
366	JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
367	WHERE image_id = '.$_GET['image_id'].'
368	;';
369	$tag_selection = get_taglist($query);
370
371	$query = '
372	SELECT
373	'.$q_tags.'
374	FROM '.TAGS_TABLE.'
375	;';
376	$tags = get_taglist($query);
377
378	// retrieving direct information about picture
379	$query = '
380	SELECT *
381	FROM '.IMAGES_TABLE.'
382	WHERE id = '.$_GET['image_id'].'
383	;';
384	$row = pwg_db_fetch_assoc(pwg_query($query));
385
386	// the physical storage directory contains the image
387	$storage_category_id = null;
388	if (!empty($row['storage_category_id']))
389	{
390	$storage_category_id = $row['storage_category_id'];
391	}
392
393	$image_file = $row['file'];
394
395	// +-----------------------------------------------------------------------+
396	// \| template init \|
397	// +-----------------------------------------------------------------------+
398
399	$template->set_template_dir(ICY_PICTURE_MODIFY_PATH.'template/');
400	$template->set_filenames(array('icy_picture_modify' => 'icy_picture_modify.tpl'));
401
402	$admin_url_start = get_root_url().'index.php?/icy_picture_modify';
403	$admin_url_start.= '&image_id='.$_GET['image_id'];
404	$admin_url_start.= isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : '';
405
406	$template->assign(
407	array(
408	'ICY_PICTURE_MODIFY_PATH' => ICY_PICTURE_MODIFY_PATH,
409	'ICY_ROOT_PATH' => realpath(dirname(PHPWG_PLUGINS_PATH)),
410	'tag_selection' => $tag_selection,
411	'tags' => $tags,
412	'U_SYNC' => $admin_url_start.'&sync_metadata=1',
413	'U_DELETE' => $admin_url_start.'&delete=1&pwg_token='.get_pwg_token(),
414
415	'PATH'=>$row['path'],
416
417	'TN_SRC' => get_thumbnail_url($row),
418
419	'NAME' =>
420	isset($_POST['name']) ?
421	stripslashes($_POST['name']) : @$row['name'],
422
423	'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
424
425	'FILESIZE' => @$row['filesize'].' KB',
426
427	'REGISTRATION_DATE' => format_date($row['date_available']),
428
429	'AUTHOR' => htmlspecialchars(
430	isset($_POST['author'])
431	? stripslashes($_POST['author'])
432	: @$row['author']
433	),
434
435	'DESCRIPTION' =>
436	htmlspecialchars( isset($_POST['description']) ?
437	stripslashes($_POST['description']) : @$row['comment'] ),
438
439	'F_ACTION' =>
440	get_root_url() # .'index.php?/icy_picture_modify'
441	.get_query_string_diff(array('sync_metadata'))
442	)
443	);
444
445	if (array_key_exists('has_high', $row) and $row['has_high'] == 'true')
446	{
447	$template->assign(
448	'HIGH_FILESIZE',
449	isset($row['high_filesize'])
450	? $row['high_filesize'].' KB'
451	: l10n('unknown')
452	);
453	}
454
455	// image level options
456	$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
457	$template->assign(
458	array(
459	'level_options'=> get_privacy_level_options(),
460	'level_options_selected' => array($selected_level)
461	)
462	);
463
464	// creation date
465	unset($day, $month, $year);
466
467	if (isset($_POST['date_creation_action'])
468	and 'set' == $_POST['date_creation_action'])
469	{
470	foreach (array('day', 'month', 'year') as $varname)
471	{
472	$$varname = $_POST['date_creation_'.$varname];
473	}
474	}
475	else if (isset($row['date_creation']) and !empty($row['date_creation']))
476	{
477	list($year, $month, $day) = explode('-', $row['date_creation']);
478	}
479	else
480	{
481	list($year, $month, $day) = array('', 0, 0);
482	}
483
484
485	$month_list = $lang['month'];
486	$month_list[0]='------------';
487	ksort($month_list);
488
489	$template->assign(
490	array(
491	'DATE_CREATION_DAY_VALUE' => $day,
492	'DATE_CREATION_MONTH_VALUE' => $month,
493	'DATE_CREATION_YEAR_VALUE' => $year,
494	'month_list' => $month_list,
495	)
496	);
497
498	$query = '
499	SELECT category_id, uppercats
500	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
501	INNER JOIN '.CATEGORIES_TABLE.' AS c
502	ON c.id = ic.category_id
503	WHERE image_id = '.$_GET['image_id'].'
504	;';
505	$result = pwg_query($query);
506
507	while ($row = pwg_db_fetch_assoc($result))
508	{
509	$name =
510	get_cat_display_name_cache(
511	$row['uppercats'],
512	get_root_url().'index.php?/icy_picture_modify&cat_id=',
513	false
514	);
515
516	if ($row['category_id'] == $storage_category_id)
517	{
518	$template->assign('STORAGE_CATEGORY', $name);
519	}
520	else
521	{
522	$template->append('related_categories', $name);
523	}
524	}
525
526	// jump to link
527	//
528	// 1. find all linked categories that are reachable for the current user.
529	// 2. if a category is available in the URL, use it if reachable
530	// 3. if URL category not available or reachable, use the first reachable
531	// linked category
532	// 4. if no category reachable, no jumpto link
533
534	$query = '
535	SELECT category_id
536	FROM '.IMAGE_CATEGORY_TABLE.'
537	WHERE image_id = '.$_GET['image_id'].'
538	;';
539
540	// list of categories (OF THIS IMAGE) to which the user can access
541	$authorizeds = array_intersect($my_categories,
542	array_from_query($query, 'category_id'));
543
544	// if current category belongs to list of authorized categories
545	// we simply provide link to that category
546	if (isset($_GET['cat_id'])
547	and in_array($_GET['cat_id'], $authorizeds))
548	{
549	$url_img = make_picture_url(
550	array(
551	'image_id' => $_GET['image_id'],
552	'image_file' => $image_file,
553	'category' => $cache['cat_names'][ $_GET['cat_id'] ],
554	)
555	);
556	}
557	// otherwise we provide links to the first category in the list
558	else
559	{
560	foreach ($authorizeds as $category)
561	{
562	$url_img = make_picture_url(
563	array(
564	'image_id' => $_GET['image_id'],
565	'image_file' => $image_file,
566	'category' => $cache['cat_names'][ $category ],
567	)
568	);
569	// FIXME: why the first category is selected?
570	break;
571	}
572	}
573
574	if (isset($url_img))
575	{
576	$template->assign( 'U_JUMPTO', $url_img );
577	}
578
579	// associate to another category ?
580	$query = '
581	SELECT id,name,uppercats,global_rank
582	FROM '.CATEGORIES_TABLE.'
583	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
584	WHERE image_id = '.$_GET['image_id'] . '
585	AND id IN ('. join(",", $my_categories).')';
586	// if the image belongs to a physical storage,
587	// we simply ignore that storage album
588	if (isset($storage_category_id))
589	{
590	$query.= '
591	AND id != '.$storage_category_id;
592	}
593	$query.= '
594	;';
595	display_select_cat_wrapper($query, array(), 'associated_options');
596
597	$result = pwg_query($query);
598	$associateds = array(-1);
599	if (isset($storage_category_id))
600	{
601	array_push($associateds, $storage_category_id);
602	}
603	while ($row = pwg_db_fetch_assoc($result))
604	{
605	array_push($associateds, $row['id']);
606	}
607	$query = '
608	SELECT id,name,uppercats,global_rank
609	FROM '.CATEGORIES_TABLE.'
610	WHERE id NOT IN ('.implode(',', $associateds).')
611	AND id IN ('. join(",", $my_categories).')
612	;';
613	display_select_cat_wrapper($query, array(), 'dissociated_options');
614
615	// display list of categories for representing
616	$query = '
617	SELECT id,name,uppercats,global_rank
618	FROM '.CATEGORIES_TABLE.'
619	WHERE representative_picture_id = '.$_GET['image_id'].'
620	AND id IN ('. join(",", $my_categories).')
621	;';
622	display_select_cat_wrapper($query, array(), 'elected_options');
623
624	$query = '
625	SELECT id,name,uppercats,global_rank
626	FROM '.CATEGORIES_TABLE.'
627	WHERE id IN ('. join(",", $my_categories).')
628	AND (representative_picture_id != '.$_GET['image_id'].'
629	OR representative_picture_id IS NULL)
630	;';
631	display_select_cat_wrapper($query, array(), 'dismissed_options');
632
633	//----------------------------------------------------------- sending html code
634
635	$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'icy_picture_modify');
636
637	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: