source: extensions/community/add_photos.php @ 23085

Revision 23085, 15.3 KB checked in by plg, 6 years ago (diff)

New feature: user album. Only for registered users, no recursivity. Piwigo
will automatically create an upload album for each user with appropriate
community permissions, at first connection.

Bug fixed: on activation, do not create a new "Community" album if it already
exists.

Bug fixed: remove debug for quota

Bug fixed: round corners for number of pending pictures in admin menu.

Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25
26global $template, $conf, $user;
27
28include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
29include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
30include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
31
32define('PHOTOS_ADD_BASE_URL', make_index_url(array('section' => 'add_photos')));
33
34$user_permissions = $user['community_permissions'];
35
36if (!$user_permissions['community_enabled'])
37{
38  redirect(make_index_url());
39}
40
41// +-----------------------------------------------------------------------+
42// |                             process form                              |
43// +-----------------------------------------------------------------------+
44
45$page['errors'] = array();
46$page['infos'] = array();
47
48// this is for "browser uploader", for Flash Uploader the problem is solved
49// with function community_uploadify_privacy_level (see main.inc.php)
50$_POST['level'] = 16;
51
52if (isset($_GET['processed']))
53{
54  $hacking_attempt = false;
55 
56  // is the user authorized to upload in this album?
57  if (!in_array($_POST['category'], $user_permissions['upload_categories']))
58  {
59    echo 'Hacking attempt, you have no permission to upload in this album';
60    $hacking_attempt = true;
61  }
62
63  if ($hacking_attempt)
64  {
65    if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
66    {
67      delete_elements($_SESSION['uploads'][ $_POST['upload_id'] ], true);
68    }
69    exit();
70  }
71}
72
73include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_process.inc.php');
74
75// +-----------------------------------------------------------------------+
76// | limits                                                                |
77// +-----------------------------------------------------------------------+
78
79// has the user reached its limits?
80$user['community_usage'] = community_get_user_limits($user['id']);
81// echo '<pre>'; print_r($user['community_usage']); echo '</pre>';
82
83// +-----------------------------------------------------------------------+
84// | set properties, moderate, notify                                      |
85// +-----------------------------------------------------------------------+
86
87if (isset($image_ids) and count($image_ids) > 0)
88{
89  $query = '
90SELECT
91    id,
92    file,
93    filesize
94  FROM '.IMAGES_TABLE.'
95  WHERE id IN ('.implode(',', $image_ids).')
96  ORDER BY id DESC
97;';
98  $images = array_from_query($query);
99
100  $nb_images_deleted = 0;
101 
102  // upload has just happened, maybe the user is over quota
103  if ($user_permissions['storage'] > 0 and $user['community_usage']['storage'] > $user_permissions['storage'])
104  {
105    foreach ($images as $image)
106    {
107      array_push(
108        $page['errors'],
109        sprintf(l10n('Photo %s rejected.'), $image['file'])
110        .' '.sprintf(l10n('Disk usage quota reached (%uMB)'), $user_permissions['storage'])
111        );
112     
113      delete_elements(array($image['id']), true);
114      foreach ($page['thumbnails'] as $tn_idx => $thumbnail)
115      {
116        if ($thumbnail['file'] == $image['file'])
117        {
118          unset($page['thumbnails'][$idx]);
119        }
120      }
121
122      $user['community_usage'] = community_get_user_limits($user['id']);
123     
124      if ($user['community_usage']['storage'] <= $user_permissions['storage'])
125      {
126        // we stop the deletions
127        break;
128      }
129    }
130  }
131
132  if ($user_permissions['nb_photos'] > 0 and $user['community_usage']['nb_photos'] > $user_permissions['nb_photos'])
133  {
134    foreach ($images as $image)
135    {
136      array_push(
137        $page['errors'],
138        sprintf(l10n('Photo %s rejected.'), $image['file'])
139        .' '.sprintf(l10n('Maximum number of photos reached (%u)'), $user_permissions['nb_photos'])
140        );
141     
142      delete_elements(array($image['id']), true);
143      foreach ($page['thumbnails'] as $tn_idx => $thumbnail)
144      {
145        if ($thumbnail['file'] == $image['file'])
146        {
147          unset($page['thumbnails'][$idx]);
148        }
149      }
150
151      $user['community_usage'] = community_get_user_limits($user['id']);
152     
153      if ($user['community_usage']['nb_photos'] <= $user_permissions['nb_photos'])
154      {
155        // we stop the deletions
156        break;
157      }
158    }
159  }
160     
161 
162  // reinitialize the informations to display on the result page
163  $page['infos'] = array();
164
165  if (isset($_POST['set_photo_properties']))
166  {
167    $data = array();
168   
169    $data['name'] = $_POST['name'];
170    $data['author'] = $_POST['author'];
171   
172    if ($conf['allow_html_descriptions'])
173    {
174      $data['comment'] = @$_POST['description'];
175    }
176    else
177    {
178      $data['comment'] = strip_tags(@$_POST['description']);
179    }
180
181    $updates = array();
182    foreach ($image_ids as $image_id)
183    {
184      $update = $data;
185      $update['id'] = $image_id;
186
187      array_push($updates, $update);
188    }
189
190    mass_updates(
191      IMAGES_TABLE,
192      array(
193        'primary' => array('id'),
194        'update' => array_diff(array_keys($updates[0]), array('id'))
195        ),
196      $updates
197      );
198  }
199
200  if (count($page['thumbnails']) > 0)
201  {
202    // $category_id is set in the photos_add_direct_process.inc.php included script
203    $category_infos = get_cat_info($category_id);
204    $category_name = get_cat_display_name($category_infos['upper_names']);
205
206    array_push(
207      $page['infos'],
208      sprintf(
209        l10n('%d photos uploaded into album "%s"'),
210        count($page['thumbnails']),
211        '<em>'.$category_name.'</em>'
212        )
213      );
214  }
215
216  // should the photos be moderated?
217  //
218  // if one of the user community permissions is not moderated on the path
219  // to gallery root, then the upload is not moderated. For example, if the
220  // user is allowed to upload to events/parties with no admin moderation,
221  // then he's not moderated when uploading in
222  // events/parties/happyNewYear2011
223  $moderate = true;
224  if (is_admin())
225  {
226    $moderate = false;
227  }
228  else
229  { 
230    $query = '
231SELECT
232    cp.category_id,
233    c.uppercats
234  FROM '.COMMUNITY_PERMISSIONS_TABLE.' AS cp
235    LEFT JOIN '.CATEGORIES_TABLE.' AS c ON category_id = c.id
236  WHERE cp.id IN ('.implode(',', $user_permissions['permission_ids']).')
237    AND cp.moderated = \'false\'
238;';
239    $result = pwg_query($query);
240    while ($row = pwg_db_fetch_assoc($result))
241    {
242      if (empty($row['category_id']))
243      {
244        $moderate = false;
245      }
246      elseif (preg_match('/^'.$row['uppercats'].'(,|$)/', $category_infos['uppercats']))
247      {
248        $moderate = false;
249      }
250    }
251  }
252 
253  if ($moderate)
254  {
255    $inserts = array();
256
257    $query = '
258SELECT
259    id,
260    date_available
261  FROM '.IMAGES_TABLE.'
262  WHERE id IN ('.implode(',', $image_ids).')
263;';
264    $result = pwg_query($query);
265    while ($row = pwg_db_fetch_assoc($result))
266    {
267      array_push(
268        $inserts,
269        array(
270          'image_id' => $row['id'],
271          'added_on' => $row['date_available'],
272          'state' => 'moderation_pending',
273          )
274        );
275    }
276
277    if (count($inserts) > 0)
278    {
279      mass_inserts(
280        COMMUNITY_PENDINGS_TABLE,
281        array_keys($inserts[0]),
282        $inserts
283        );
284     
285      // find the url to the medium size
286      $page['thumbnails'] = array();
287
288      $query = '
289SELECT *
290  FROM '.IMAGES_TABLE.'
291  WHERE id IN ('.implode(',', $image_ids).')
292;';
293      $result = pwg_query($query);
294      while ($row = pwg_db_fetch_assoc($result))
295      {
296        $src_image = new SrcImage($row);
297       
298        $page['thumbnails'][] = array(
299          'file' => $row['file'],
300          'src' => DerivativeImage::url(IMG_THUMB, $src_image),
301          'title' => $row['name'],
302          'link' => $image_url = DerivativeImage::url(IMG_MEDIUM, $src_image),
303          'lightbox' => true,
304          );
305      }
306     
307      array_push(
308        $page['infos'],
309        l10n('Your photos are waiting for validation, administrators have been notified')
310        );
311    }
312  }
313  else
314  {
315    // the level of a user upload photo with no moderation is 0
316    $query = '
317UPDATE '.IMAGES_TABLE.'
318  SET level = 0
319  WHERE id IN ('.implode(',', $image_ids).')
320;';
321    pwg_query($query);
322
323    // the link on thumbnail must go to picture.php
324    foreach ($page['thumbnails'] as $idx => $thumbnail)
325    {
326      if (preg_match('/image_id=(\d+)/', $thumbnail['link'], $matches))
327      {
328        $page['thumbnails'][$idx]['link'] = make_picture_url(
329          array(
330            'image_id' => $matches[1],
331            'image_file' => $thumbnail['file'],
332            'category' => $category_infos,
333            )
334          );
335      }
336    }
337  }
338
339  invalidate_user_cache();
340 
341  if (count($page['thumbnails']))
342  {
343    // let's notify administrators
344    include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
345
346    $keyargs_content = array(
347      get_l10n_args('Hi administrators,', ''),
348      get_l10n_args('', ''),
349      get_l10n_args('Album: %s', get_cat_display_name($category_infos['upper_names'], null, false)),
350      get_l10n_args('User: %s', $user['username']),
351      get_l10n_args('Email: %s', $user['email']),
352      );
353
354    if ($moderate)
355    {
356      $keyargs_content[] = get_l10n_args('', '');
357     
358      array_push(
359        $keyargs_content,
360        get_l10n_args(
361          'Validation page: %s',
362          get_absolute_root_url().'admin.php?page=plugin-community-pendings'
363          )
364        );
365    }
366
367    pwg_mail_notification_admins(
368      get_l10n_args('%d photos uploaded by %s', array(count($image_ids), $user['username'])),
369      $keyargs_content,
370      false
371      );
372  }
373}
374
375// +-----------------------------------------------------------------------+
376// |                             prepare form                              |
377// +-----------------------------------------------------------------------+
378
379$template->set_filenames(array('add_photos' => dirname(__FILE__).'/add_photos.tpl'));
380
381include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
382
383$quota_available = array(
384  'summary' => array(),
385  'details' => array(),
386  );
387
388// there is a limit on storage for this user
389if ($user_permissions['storage'] > 0)
390{
391  $remaining_storage = $user_permissions['storage'] - $user['community_usage']['storage'];
392 
393  if ($remaining_storage <= 0)
394  {
395    // limit reached
396    $setup_errors[] = sprintf(
397      l10n('Disk usage quota reached (%uMB)'),
398      $user_permissions['storage']
399      );
400  }
401  else
402  {
403    $quota_available['summary'][] = $remaining_storage.'MB';
404   
405    $quota_available['details'][] = sprintf(
406      l10n('%s out of %s'),
407      $remaining_storage.'MB',
408      $user_permissions['storage']
409      );
410   
411    $template->assign(
412      array(
413        'limit_storage' => $remaining_storage*1024*1024,
414        'limit_storage_total_mb' => $user_permissions['storage'],
415        )
416      );
417  }
418}
419
420// there is a limit on number of photos for this user
421if ($user_permissions['nb_photos'] > 0)
422{
423  $remaining_nb_photos = $user_permissions['nb_photos'] - $user['community_usage']['nb_photos'];
424 
425  if ($remaining_nb_photos <= 0)
426  {
427    // limit reached
428    $setup_errors[] = sprintf(
429      l10n('Maximum number of photos reached (%u)'),
430      $user_permissions['nb_photos']
431      );
432  }
433  else
434  {
435    $quota_available['summary'][] = l10n_dec('%d photo', '%d photos', $remaining_nb_photos);
436   
437    $quota_available['details'][] = sprintf(
438      l10n('%s out of %s'),
439      l10n_dec('%d photo', '%d photos', $remaining_nb_photos),
440      $user_permissions['nb_photos']
441      );
442   
443    $template->assign('limit_nb_photos', $remaining_nb_photos);
444  }
445}
446
447if (count($quota_available['details']) > 0)
448{
449  $template->assign(
450    array(
451      'quota_summary' => sprintf(
452        l10n('Available %s.'),
453        implode(', ', $quota_available['summary'])
454        ),
455      'quota_details' => sprintf(
456        l10n('Available quota %s.'),
457        implode(', ', $quota_available['details'])
458        ),
459      )
460    );
461}
462
463$template->assign(
464  array(
465    'setup_errors'=> $setup_errors,
466    )
467  );
468
469// we have to change the list of uploadable albums
470$upload_categories = $user_permissions['upload_categories'];
471if (count($upload_categories) == 0)
472{
473  $upload_categories = array(-1);
474}
475
476$query = '
477SELECT id,name,uppercats,global_rank
478  FROM '.CATEGORIES_TABLE.'
479  WHERE id IN ('.implode(',', $upload_categories).')
480;';
481
482display_select_cat_wrapper(
483  $query,
484  $selected_category,
485  'category_options'
486  );
487
488$create_subcategories = false;
489if ($user_permissions['create_whole_gallery'] or count($user_permissions['create_categories']) > 0)
490{
491  $create_subcategories = true;
492}
493
494$create_categories = $user_permissions['create_categories'];
495if (count($user_permissions['create_categories']) == 0)
496{
497  $create_categories = array(-1);
498}
499
500$query = '
501SELECT id,name,uppercats,global_rank
502  FROM '.CATEGORIES_TABLE.'
503  WHERE id IN ('.implode(',', $create_categories).')
504;';
505
506display_select_cat_wrapper(
507  $query,
508  $selected_category,
509  'category_parent_options'
510  );
511
512$template->assign(
513  array(
514    'create_subcategories' => $create_subcategories,
515    'create_whole_gallery' => $user_permissions['create_whole_gallery'],
516    )
517  );
518
519if (isset($conf['community_ask_for_properties']) and $conf['community_ask_for_properties'])
520{
521  $template->assign(
522    array(
523      'community_ask_for_properties' => true,
524      )
525    );
526}
527
528// +-----------------------------------------------------------------------+
529// |                             display page                              |
530// +-----------------------------------------------------------------------+
531
532if (count($page['errors']) != 0)
533{
534  $template->assign('errors', $page['errors']);
535}
536
537if (count($page['infos']) != 0)
538{
539  $template->assign('infos', $page['infos']);
540}
541
542$title = l10n('Upload Photos');
543$page['body_id'] = 'theUploadPage';
544
545$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'add_photos');
546
547$template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED'));
548
549$template->assign(
550  array(
551    'TITLE' => '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title,
552    )
553  );
554?>
Note: See TracBrowser for help on using the repository browser.