source: extensions/community/add_photos.php @ 15907

Last change on this file since 15907 was 12616, checked in by plg, 12 years ago

bug 2505 fixed: uploading more than 10 photos (using specific code in mass_updates) doesn't show MySQL warning and doesn't fail on set photo properties

File size: 10.2 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25
26global $template, $conf, $user;
27
28include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
29include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
30include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
31
32define('PHOTOS_ADD_BASE_URL', make_index_url(array('section' => 'add_photos')));
33
34$user_permissions = community_get_user_permissions($user['id']);
35
36if (count($user_permissions['upload_categories']) == 0 and !$user_permissions ['create_whole_gallery'])
37{
38  redirect(make_index_url());
39}
40
41// +-----------------------------------------------------------------------+
42// |                             process form                              |
43// +-----------------------------------------------------------------------+
44
45$page['errors'] = array();
46$page['infos'] = array();
47
48// this is for "browser uploader", for Flash Uploader the problem is solved
49// with function community_uploadify_privacy_level (see main.inc.php)
50$_POST['level'] = 16;
51
52if (isset($_GET['processed']))
53{
54  $hacking_attempt = false;
55 
56  // is the user authorized to upload in this album?
57  if (!in_array($_POST['category'], $user_permissions['upload_categories']))
58  {
59    echo 'Hacking attempt, you have no permission to upload in this album';
60    $hacking_attempt = true;
61  }
62
63  if ($hacking_attempt)
64  {
65    if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
66    {
67      delete_elements($_SESSION['uploads'][ $_POST['upload_id'] ], true);
68    }
69    exit();
70  }
71}
72
73include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_process.inc.php');
74
75if (isset($image_ids) and count($image_ids) > 0)
76{
77  // reinitialize the informations to display on the result page
78  $page['infos'] = array();
79
80  if (isset($_POST['set_photo_properties']))
81  {
82    $data = array();
83   
84    $data['name'] = $_POST['name'];
85    $data['author'] = $_POST['author'];
86   
87    if ($conf['allow_html_descriptions'])
88    {
89      $data['comment'] = @$_POST['description'];
90    }
91    else
92    {
93      $data['comment'] = strip_tags(@$_POST['description']);
94    }
95
96    $updates = array();
97    foreach ($image_ids as $image_id)
98    {
99      $update = $data;
100      $update['id'] = $image_id;
101
102      array_push($updates, $update);
103    }
104
105    mass_updates(
106      IMAGES_TABLE,
107      array(
108        'primary' => array('id'),
109        'update' => array_diff(array_keys($updates[0]), array('id'))
110        ),
111      $updates
112      );
113  }
114 
115  // $category_id is set in the photos_add_direct_process.inc.php included script
116  $category_infos = get_cat_info($category_id);
117  $category_name = get_cat_display_name($category_infos['upper_names']);
118
119  array_push(
120    $page['infos'],
121    sprintf(
122      l10n('%d photos uploaded into album "%s"'),
123      count($page['thumbnails']),
124      '<em>'.$category_name.'</em>'
125      )
126    );
127
128  // should the photos be moderated?
129  //
130  // if one of the user community permissions is not moderated on the path
131  // to gallery root, then the upload is not moderated. For example, if the
132  // user is allowed to upload to events/parties with no admin moderation,
133  // then he's not moderated when uploading in
134  // events/parties/happyNewYear2011
135  $moderate = true;
136  if (is_admin())
137  {
138    $moderate = false;
139  }
140  else
141  { 
142    $query = '
143SELECT
144    cp.category_id,
145    c.uppercats
146  FROM '.COMMUNITY_PERMISSIONS_TABLE.' AS cp
147    LEFT JOIN '.CATEGORIES_TABLE.' AS c ON category_id = c.id
148  WHERE cp.id IN ('.implode(',', $user_permissions['permission_ids']).')
149    AND cp.moderated = \'false\'
150;';
151    $result = pwg_query($query);
152    while ($row = pwg_db_fetch_assoc($result))
153    {
154      if (empty($row['category_id']))
155      {
156        $moderate = false;
157      }
158      elseif (preg_match('/^'.$row['uppercats'].'(,|$)/', $category_infos['uppercats']))
159      {
160        $moderate = false;
161      }
162    }
163  }
164 
165  if ($moderate)
166  {
167    $inserts = array();
168
169    $query = '
170SELECT
171    id,
172    date_available
173  FROM '.IMAGES_TABLE.'
174  WHERE id IN ('.implode(',', $image_ids).')
175;';
176    $result = pwg_query($query);
177    while ($row = pwg_db_fetch_assoc($result))
178    {
179      array_push(
180        $inserts,
181        array(
182          'image_id' => $row['id'],
183          'added_on' => $row['date_available'],
184          'state' => 'moderation_pending',
185          )
186        );
187    }
188   
189    mass_inserts(
190      COMMUNITY_PENDINGS_TABLE,
191      array_keys($inserts[0]),
192      $inserts
193      );
194
195    // the link on thumbnail must go to the websize photo
196    foreach ($page['thumbnails'] as $idx => $thumbnail)
197    {
198      $page['thumbnails'][$idx]['link'] = str_replace(
199        'thumbnail/'.$conf['prefix_thumbnail'],
200        '',
201        $thumbnail['src']
202        );
203    }
204
205    array_push(
206      $page['infos'],
207      l10n('Your photos are waiting for validation, administrators have been notified')
208      );
209  }
210  else
211  {
212    // the level of a user upload photo with no moderation is 0
213    $query = '
214UPDATE '.IMAGES_TABLE.'
215  SET level = 0
216  WHERE id IN ('.implode(',', $image_ids).')
217;';
218    pwg_query($query);
219
220    // the link on thumbnail must go to picture.php
221    foreach ($page['thumbnails'] as $idx => $thumbnail)
222    {
223      if (preg_match('/image_id=(\d+)/', $thumbnail['link'], $matches))
224      {
225        $page['thumbnails'][$idx]['link'] = make_picture_url(
226          array(
227            'image_id' => $matches[1],
228            'image_file' => $thumbnail['file'],
229            'category' => $category_infos,
230            )
231          );
232      }
233    }
234  }
235
236  invalidate_user_cache();
237
238  // let's notify administrators
239  include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
240
241  $keyargs_content = array(
242    get_l10n_args('Hi administrators,', ''),
243    get_l10n_args('', ''),
244    get_l10n_args('Album: %s', get_cat_display_name($category_infos['upper_names'], null, false)),
245    get_l10n_args('User: %s', $user['username']),
246    get_l10n_args('Email: %s', $user['email']),
247    );
248
249  if ($moderate)
250  {
251    $keyargs_content[] = get_l10n_args('', '');
252   
253    array_push(
254      $keyargs_content,
255      get_l10n_args(
256        'Validation page: %s',
257        get_absolute_root_url().'admin.php?page=plugin-community-pendings'
258        )
259      );
260  }
261
262  pwg_mail_notification_admins(
263    get_l10n_args('%d photos uploaded by %s', array(count($image_ids), $user['username'])),
264    $keyargs_content,
265    false
266    );
267}
268
269// +-----------------------------------------------------------------------+
270// |                             prepare form                              |
271// +-----------------------------------------------------------------------+
272
273$template->set_filenames(array('add_photos' => dirname(__FILE__).'/add_photos.tpl'));
274
275include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
276
277// we have to change the list of uploadable albums
278$upload_categories = $user_permissions['upload_categories'];
279if (count($upload_categories) == 0)
280{
281  $upload_categories = array(-1);
282}
283
284$query = '
285SELECT id,name,uppercats,global_rank
286  FROM '.CATEGORIES_TABLE.'
287  WHERE id IN ('.implode(',', $upload_categories).')
288;';
289
290display_select_cat_wrapper(
291  $query,
292  $selected_category,
293  'category_options'
294  );
295
296$create_subcategories = false;
297if ($user_permissions['create_whole_gallery'] or count($user_permissions['create_categories']) > 0)
298{
299  $create_subcategories = true;
300}
301
302$create_categories = $user_permissions['create_categories'];
303if (count($user_permissions['create_categories']) == 0)
304{
305  $create_categories = array(-1);
306}
307
308$query = '
309SELECT id,name,uppercats,global_rank
310  FROM '.CATEGORIES_TABLE.'
311  WHERE id IN ('.implode(',', $create_categories).')
312;';
313
314display_select_cat_wrapper(
315  $query,
316  $selected_category,
317  'category_parent_options'
318  );
319
320$template->assign(
321  array(
322    'create_subcategories' => $create_subcategories,
323    'create_whole_gallery' => $user_permissions['create_whole_gallery'],
324    )
325  );
326
327if (isset($conf['community_ask_for_properties']) and $conf['community_ask_for_properties'])
328{
329  $template->assign(
330    array(
331      'community_ask_for_properties' => true,
332      )
333    );
334}
335
336// +-----------------------------------------------------------------------+
337// |                             display page                              |
338// +-----------------------------------------------------------------------+
339
340if (count($page['errors']) != 0)
341{
342  $template->assign('errors', $page['errors']);
343}
344
345if (count($page['infos']) != 0)
346{
347  $template->assign('infos', $page['infos']);
348}
349
350$title = l10n('Upload Photos');
351$page['body_id'] = 'theUploadPage';
352
353$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'add_photos');
354
355$template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED'));
356
357$template->assign(
358  array(
359    'TITLE' => '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title,
360    )
361  );
362?>
Note: See TracBrowser for help on using the repository browser.