Context Navigation

source: extensions/UserCollections/include/collections.inc.php @ 28626

Last change on this file since 28626 was 28626, checked in by mistic100, 10 years ago
use trigger_change
File size: 11.5 KB

Line
1	<?php
2	defined('USER_COLLEC_PATH') or die('Hacking attempt!');
3
4	global $page, $template, $conf, $user;
5
6	$template->assign(array(
7	'USER_COLLEC_PATH' => USER_COLLEC_PATH,
8	'USER_COLLEC_ABS_PATH' => realpath(USER_COLLEC_PATH).'/',
9	));
10
11
12	switch ($page['sub_section'])
13	{
14	// +-----------------------------------------------------------------------+
15	// \| Collections list \|
16	// +-----------------------------------------------------------------------+
17	case 'list':
18	{
19	if (is_a_guest())
20	{
21	access_denied();
22	}
23
24	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collections_list.tpl'));
25
26	$self_url = USER_COLLEC_PUBLIC . 'list';
27
28	// actions
29	if (isset($_GET['action']) and preg_match('#^([0-9]+)$#', $_GET['col_id']))
30	{
31	switch ($_GET['action'])
32	{
33	## new collection ##
34	case 'new':
35	{
36	if (empty($_GET['name']))
37	{
38	$page['errors'][] = l10n('Please give a name');
39	}
40	else
41	{
42	$collection = new UserCollection('new', $_GET['name']);
43
44	if (isset($_GET['redirect']))
45	{
46	$redirect = USER_COLLEC_PUBLIC . 'edit/' . $collection->getParam('id');
47	}
48	else
49	{
50	$redirect = USER_COLLEC_PUBLIC;
51	}
52	redirect($redirect);
53	}
54	break;
55	}
56
57	## delete collection ##
58	case 'delete':
59	{
60	try {
61	$collection = new UserCollection($_GET['col_id']);
62	$collection->delete();
63	redirect(USER_COLLEC_PUBLIC);
64	}
65	catch (Exception $e)
66	{
67	$page['errors'][] = $e->getMessage();
68	}
69	break;
70	}
71	}
72	}
73
74	$template->assign('U_CREATE',
75	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'new','col_id'=>'0'))
76	);
77
78	$template->set_prefilter('index_category_thumbnails', 'user_collections_categories_list');
79
80	include(USER_COLLEC_PATH . '/include/display_collections.inc.php');
81
82	break;
83	}
84
85	// +-----------------------------------------------------------------------+
86	// \| Edit collection \|
87	// +-----------------------------------------------------------------------+
88	case 'edit':
89	{
90	// security
91	if (empty($page['col_id']))
92	{
93	$_SESSION['page_errors'][] = l10n('Invalid collection');
94	redirect(USER_COLLEC_PUBLIC);
95	}
96
97	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_edit.tpl'));
98
99	$self_url = USER_COLLEC_PUBLIC . 'edit/' . $page['col_id'];
100
101	$template->assign(array(
102	'F_ACTION' => $self_url,
103	'U_LIST' => USER_COLLEC_PUBLIC,
104	'UC_IN_EDIT' => true,
105	));
106
107	try {
108	$collection = new UserCollection($page['col_id']);
109	$collection->checkUser();
110
111	// save properties
112	if (isset($_POST['save_col']))
113	{
114	if (empty($_POST['name']))
115	{
116	$page['errors'][] = l10n('Please give a name');
117	}
118	else
119	{
120	$collection->updateParam('name', stripslashes($_POST['name']));
121	}
122	$collection->updateParam('comment', stripslashes(@$_POST['comment']));
123	}
124
125	// add key
126	if ($conf['user_collections']['allow_public'])
127	{
128	if (isset($_POST['add_share']))
129	{
130	$share = array(
131	'share_key' => trim($_POST['share_key']),
132	'password' => isset($_POST['use_share_password']) ? trim($_POST['share_password']) : '',
133	'deadline' => isset($_POST['use_share_deadline']) ? trim($_POST['share_deadline']) : '',
134	);
135
136	if (!verify_ephemeral_key(@$_POST['key']))
137	{
138	$result = array(l10n('Invalid key'));
139	}
140	else
141	{
142	$result = $collection->addShare($share);
143	}
144	if (is_array($result))
145	{
146	$share['errors'] = $result;
147	}
148	else
149	{
150	$share = array();
151	$share['infos'][] = l10n('New share added: <a href="%s">%s</a>', $result, $result);
152	}
153	$share['open'] = true;
154	}
155	else if (isset($_GET['delete_share']))
156	{
157	if ($collection->deleteShare($_GET['delete_share']))
158	{
159	$share['infos'][] = l10n('Share deleted');
160	}
161	$share['open'] = true;
162	}
163
164	if (!isset($share['share_key']))
165	{
166	$share['share_key'] = get_random_key(16);
167	$share['password'] = null;
168	$share['deadline'] = null;
169	}
170
171	$template->assign('share', $share);
172	}
173
174	// send mail
175	if ($conf['user_collections']['allow_mails'] && $conf['user_collections']['allow_public'])
176	{
177	if (isset($_POST['send_mail']))
178	{
179	$contact = array(
180	'sender_email' => trim($_POST['sender_email']),
181	'sender_name' => trim($_POST['sender_name']),
182	'recipient_email' => trim($_POST['recipient_email']),
183	'recipient_name' => trim($_POST['recipient_name']),
184	'nb_images' => $_POST['nb_images'],
185	'message' => $_POST['message'],
186	);
187
188	if (!verify_ephemeral_key(@$_POST['key']))
189	{
190	$result = array(l10n('Invalid key'));
191	}
192	else
193	{
194	$result = $collection->sendEmail($contact);
195	}
196	if (is_array($result))
197	{
198	$contact['errors'] = $result;
199	$contact['open'] = true;
200	}
201	else
202	{
203	$contact = array();
204	$page['infos'] = l10n('E-mail sent successfully');
205	}
206	}
207
208	if (!isset($contact['sender_email']))
209	{
210	$contact['sender_name'] = $user['username'];
211	$contact['sender_email'] = $user['email'];
212	$contact['recipient_name'] = null;
213	$contact['recipient_email'] = null;
214	$contact['nb_images'] = 4;
215	$contact['message'] = null;
216	}
217
218	$template->assign('contact', $contact);
219	}
220
221	// clear
222	if (isset($_GET['action']) && $_GET['action'] == 'clear')
223	{
224	$collection->clearImages();
225	}
226
227
228	// add remove item links
229	$template->set_prefilter('index_thumbnails', 'user_collections_thumbnails_list_button');
230	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
231
232	// thumbnails
233	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
234
235
236	// collection properties
237	$infos = $collection->getCollectionInfo();
238	$infos['DATE_CREATION'] = format_date($infos['DATE_CREATION'], true);
239	$infos['SHARES'] = $collection->getShares();
240	$template->assign('collection', $infos);
241
242
243	// toolbar buttons
244	if (!empty($page['items']))
245	{
246	if ($conf['user_collections']['allow_public'])
247	{
248	user_collections_add_button('share', 'U_SHARE',
249	USER_COLLEC_PUBLIC . 'view/' . $page['col_id'] .'-'
250	);
251
252	if ($conf['user_collections']['allow_mails'])
253	{
254	user_collections_add_button('mail', 'U_MAIL', true);
255	}
256	}
257
258	user_collections_add_button('clear', 'U_CLEAR',
259	add_url_params($self_url, array('action'=>'clear'))
260	);
261	}
262
263	user_collections_add_button('delete', 'U_DELETE',
264	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'delete','col_id'=>$page['col_id']))
265	);
266
267	$template->assign('UC_TKEY', get_ephemeral_key(3));
268
269	// modify page title
270	$template->concat('TITLE',
271	$conf['level_separator'] . trigger_change('render_category_name', $infos['NAME'])
272	);
273
274	// render description
275	$template->assign('CONTENT_DESCRIPTION',
276	trigger_change('render_category_description', nl2br($infos['COMMENT']))
277	);
278	}
279	catch (Exception $e)
280	{
281	$page['errors'][] = $e->getMessage();
282	}
283
284	break;
285	}
286
287	// +-----------------------------------------------------------------------+
288	// \| View collection \|
289	// +-----------------------------------------------------------------------+
290	case 'view':
291	{
292	$page['col_key'] = $page['col_id'];
293
294	if (!$conf['user_collections']['allow_public'])
295	{
296	page_forbidden('');
297	}
298	if (empty($page['col_key']))
299	{
300	bad_request('');
301	}
302
303	$query = '
304	SELECT col_id, params
305	FROM '.COLLECTION_SHARES_TABLE.'
306	WHERE share_key = "'.$page['col_key'].'"
307	;';
308	$result = pwg_query($query);
309
310	if (!pwg_db_num_rows($result))
311	{
312	page_not_found(l10n('Collection not found'));
313	}
314
315	list($page['col_id'], $share_params) = pwg_db_fetch_row($result);
316	$share_params = unserialize($share_params);
317
318	// deadline check
319	if (!empty($share_params['deadline']) && strtotime($share_params['deadline'])<time())
320	{
321	page_not_found(l10n('This link expired'));
322	}
323
324	$self_url = USER_COLLEC_PUBLIC . 'view/' . $page['col_key'];
325
326	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_view.tpl'));
327
328	try {
329	$collection = new UserCollection($page['col_id']);
330	$col = $collection->getCollectionInfo();
331
332	$mode = 'view';
333
334	// password check
335	if (!empty($share_params['password']))
336	{
337	if (isset($_POST['uc_password']))
338	{
339	$hash = sha1($conf['secret_key'].$_POST['uc_password'].$page['col_key']);
340	if ($hash == $share_params['password'])
341	{
342	pwg_set_session_var('uc_key_'.$page['col_key'], get_ephemeral_key(0, $share_params['password']));
343	}
344	else
345	{
346	$page['errors'][] = l10n('Invalid password!');
347	$mode = 'password';
348	}
349	}
350	else if (($var = pwg_get_session_var('uc_key_'.$page['col_key'])) !== null)
351	{
352	if (!verify_ephemeral_key($var, $share_params['password']))
353	{
354	pwg_unset_session_var('uc_key_'.$page['col_key']);
355	$mode = 'password';
356	}
357	}
358	else
359	{
360	$mode = 'password';
361	}
362	}
363
364	if ($mode == 'view')
365	{
366	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
367
368	// thumbnails
369	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
370
371	// render description
372	$template->assign('CONTENT_DESCRIPTION',
373	trigger_change('render_category_description', nl2br($col['COMMENT']))
374	);
375	}
376
377	// add username in title
378	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
379
380	$template->concat('TITLE',
381	$conf['level_separator'] . trigger_change('render_category_name', $col['NAME']) .
382	' (' . l10n('by %s', get_username($collection->getParam('user_id'))) . ')'
383	);
384
385	$template->assign('UC_MODE', $mode);
386	}
387	catch (Exception $e)
388	{
389	access_denied();
390	}
391
392	break;
393	}
394	}
395
396	$template->assign_var_from_handle('CONTENT', 'uc_page');
397
398
399	// modification on mainpage_categories.tpl
400	function user_collections_categories_list($content, &$samrty)
401	{
402	$search = '<div class="thumbnailCategory">';
403	$replace = '<div class="thumbnailCategory">
404	<div class="collectionActions">
405	<a href="{$cat.URL}" rel="nofollow">{"Edit"\|@translate}</a>
406	\| <a href="{$cat.U_DELETE}" onClick="return confirm(\'{"Are you sure?"\|@translate}\');" rel="nofollow">{"Delete"\|@translate}</a>
407	</div>';
408
409	return str_replace($search, $replace, $content);
410	}
411
412	// colorbox
413	function user_collections_add_colorbox($content)
414	{
415	$search = '<a href="{$thumbnail.URL}"';
416	$replace = $search.' class="preview-box" data-src="{$thumbnail.FILE_SRC}" data-id="{$thumbnail.id}"';
417
418	return str_replace($search, $replace, $content);
419	}
420
421	// add special buttons
422	function user_collections_add_button($tpl_file, $tpl_var, $value)
423	{
424	global $template;
425
426	$template->assign($tpl_var, $value);
427	$template->set_filename('uc_button_'.$tpl_file, realpath(USER_COLLEC_PATH.'template/buttons/'. $tpl_file .'.tpl'));
428	$template->add_index_button($template->parse('uc_button_'.$tpl_file, true));
429	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: