[4169] | 1 | <?php |
---|
| 2 | |
---|
| 3 | // +-----------------------------------------------------------------------+ |
---|
| 4 | // | Piwigo - a PHP based picture gallery | |
---|
| 5 | // +-----------------------------------------------------------------------+ |
---|
| 6 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
| 7 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 8 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 9 | // +-----------------------------------------------------------------------+ |
---|
| 10 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 11 | // | it under the terms of the GNU General Public License as published by | |
---|
| 12 | // | the Free Software Foundation | |
---|
| 13 | // | | |
---|
| 14 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 15 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 16 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 17 | // | General Public License for more details. | |
---|
| 18 | // | | |
---|
| 19 | // | You should have received a copy of the GNU General Public License | |
---|
| 20 | // | along with this program; if not, write to the Free Software | |
---|
| 21 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 22 | // | USA. | |
---|
| 23 | // +-----------------------------------------------------------------------+ |
---|
| 24 | |
---|
| 25 | // *************************************************************************** |
---|
| 26 | // ** evntcats_admin_funcs.php : Admin functions (include) ** |
---|
| 27 | // ** for Piwigo plugin Event Cats ** |
---|
| 28 | // *************************************************************************** |
---|
| 29 | |
---|
| 30 | // +-----------------------------------------------------------------------+ |
---|
| 31 | // | Header | |
---|
| 32 | // +-----------------------------------------------------------------------+ |
---|
| 33 | |
---|
| 34 | global $conf, $page; |
---|
| 35 | |
---|
| 36 | // +-----------------------------------------------------------------------+ |
---|
| 37 | // | Utilities functions | |
---|
| 38 | // +-----------------------------------------------------------------------+ |
---|
| 39 | |
---|
| 40 | /* |
---|
| 41 | * ec_end1() |
---|
| 42 | * Process repetitive task when error in database modifying functions. |
---|
| 43 | * |
---|
| 44 | * @param |
---|
| 45 | * $pst : $_POST argument |
---|
| 46 | * $msg : message |
---|
| 47 | * @return |
---|
| 48 | * false as this function is used when there is a problem |
---|
| 49 | */ |
---|
| 50 | function ec_end1($pst, $msg) { |
---|
| 51 | global $page; |
---|
[4178] | 52 | if (isset($_POST[$pst])) |
---|
| 53 | $page['errors'][] = |
---|
| 54 | l10n($msg). |
---|
| 55 | '$_POST[\''.$pst.'\'] = '. |
---|
| 56 | $_POST[$pst]; |
---|
| 57 | else |
---|
| 58 | $page['errors'][] = |
---|
| 59 | l10n($msg). |
---|
| 60 | '$_POST[\''.$pst.'\'] unset'; |
---|
[4169] | 61 | return false; |
---|
| 62 | } |
---|
| 63 | |
---|
| 64 | /* |
---|
[4181] | 65 | * ec_create_user_OK() |
---|
| 66 | * Creates new generic user and eventually new group as described in $_POST. |
---|
[4169] | 67 | * |
---|
| 68 | * @param |
---|
[4181] | 69 | * no param needed |
---|
[4169] | 70 | * @return |
---|
[4181] | 71 | * the created user_id or false whether all operations suceeded or not |
---|
[4169] | 72 | */ |
---|
[4181] | 73 | function ec_create_user_OK() { |
---|
[4169] | 74 | global $page; |
---|
[4178] | 75 | |
---|
[4181] | 76 | // This function assumes that the validity of the different indexes it uses, |
---|
| 77 | // have been checked before it is used. |
---|
| 78 | |
---|
| 79 | // User creation, as generic |
---|
| 80 | $ec_user_id = false; |
---|
| 81 | $page['errors'] = register_user( |
---|
| 82 | $_POST['login'], $_POST['password'], '', false |
---|
| 83 | ); |
---|
| 84 | if ( |
---|
| 85 | count($page['errors']) != 0 or |
---|
| 86 | !($ec_user_id = get_userid($_POST['login'])) |
---|
| 87 | ) { |
---|
| 88 | array_unshift($page['errors'], l10n('ec_user_create_pb')); |
---|
| 89 | return false; |
---|
| 90 | } |
---|
| 91 | else |
---|
| 92 | $page['infos'][] = l10n('ec_user_create_OK').$_POST['login']; |
---|
| 93 | if ( |
---|
| 94 | pwg_query(" |
---|
| 95 | UPDATE `".USER_INFOS_TABLE."` |
---|
| 96 | SET `status` = 'generic' |
---|
| 97 | WHERE `user_id` = ".$ec_user_id."; |
---|
| 98 | ") !== false |
---|
| 99 | ) |
---|
| 100 | $page['infos'][] = l10n('ec_user_generic_OK').$_POST['login']; |
---|
| 101 | else |
---|
| 102 | $page['errors'][] =l10n('ec_user_generic_pb').$_POST['login']; |
---|
| 103 | |
---|
| 104 | // New group creation if required, |
---|
| 105 | // and association with user_id at the same time |
---|
| 106 | if ( |
---|
| 107 | isset($_POST['ec_in_up_newgroup']) and |
---|
| 108 | isset($_POST['groupname']) and |
---|
| 109 | $_POST['groupname'] != '' |
---|
| 110 | ) { |
---|
| 111 | $t2 = 0; $t3 = false; $t4 = false; |
---|
| 112 | while ( |
---|
| 113 | !($t3 = mysql_fetch_row(pwg_query(" |
---|
| 114 | SELECT `id` |
---|
| 115 | FROM `".GROUPS_TABLE."` |
---|
| 116 | WHERE `name` = '".$_POST['groupname']."'; |
---|
| 117 | "))) and |
---|
| 118 | $t2++ == 0 |
---|
| 119 | ) $t4 = pwg_query(" |
---|
| 120 | INSERT INTO `".GROUPS_TABLE."` (`name`, `is_default`) |
---|
| 121 | VALUES ('".$_POST['groupname']."', 'false'); |
---|
| 122 | "); |
---|
| 123 | if ($t4) |
---|
| 124 | $page['infos'][]=l10n('ec_group_create_OK').$_POST['groupname']; |
---|
| 125 | if (!$t3) |
---|
| 126 | $page['errors'][] = |
---|
| 127 | l10n('ec_group_create_pb').' (1) ; '. |
---|
| 128 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
| 129 | if ( |
---|
| 130 | pwg_query(" |
---|
| 131 | INSERT INTO `".USER_GROUP_TABLE."` (`user_id`, `group_id`) |
---|
| 132 | VALUES ('".$ec_user_id."', '".$t3[0]."'); |
---|
| 133 | ") === false |
---|
| 134 | ) $page['errors'][] = |
---|
| 135 | l10n('ec_group_create_pb').' (2) ; '. |
---|
| 136 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
| 137 | else |
---|
| 138 | $page['infos'][] = |
---|
| 139 | $_POST['login']. |
---|
| 140 | l10n('ec_group_create_OK2'). |
---|
| 141 | $_POST['groupname'] |
---|
| 142 | ; |
---|
| 143 | } |
---|
| 144 | return $ec_user_id; |
---|
[4169] | 145 | } |
---|
| 146 | |
---|
| 147 | // +-----------------------------------------------------------------------+ |
---|
| 148 | // | Tables building functions | |
---|
| 149 | // +-----------------------------------------------------------------------+ |
---|
| 150 | |
---|
| 151 | /* |
---|
| 152 | * build_ec_duplicable_codes() |
---|
| 153 | * |
---|
| 154 | * |
---|
| 155 | * @param |
---|
| 156 | * no parameter passed, the main material on which works the function, is |
---|
| 157 | * the global array variable $ec_lists. |
---|
| 158 | * @return |
---|
| 159 | * (no return value) |
---|
| 160 | */ |
---|
| 161 | function build_ec_duplicable_codes() { |
---|
[4173] | 162 | global $ec_lists, $template; |
---|
[4169] | 163 | $ec_lists['duplicable_codes'] = array(); |
---|
| 164 | $t = array(); |
---|
| 165 | foreach ($ec_lists['ec_table'] as $ec_entry) { |
---|
| 166 | if ( |
---|
| 167 | is_in($ec_entry['action'], 'ec_ok') and |
---|
| 168 | $ec_entry['forced'] == 'false' |
---|
| 169 | ) { |
---|
| 170 | $t[$ec_entry['id']] = $ec_entry['code']; |
---|
| 171 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = |
---|
| 172 | $ec_entry['id']; |
---|
| 173 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = |
---|
| 174 | $ec_entry['user_id']; |
---|
| 175 | } |
---|
| 176 | } |
---|
| 177 | foreach ($t as $ec_id => $ec_code) { |
---|
| 178 | $ec_lists['duplicable_codes']['ids'][$ec_id] = |
---|
| 179 | $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; |
---|
| 180 | } |
---|
[4173] | 181 | |
---|
| 182 | // Builds a category list displayed a best way |
---|
| 183 | build_ec_categories(false); |
---|
[4169] | 184 | } |
---|
| 185 | |
---|
| 186 | // +-----------------------------------------------------------------------+ |
---|
| 187 | // | Database modifying functions | |
---|
| 188 | // +-----------------------------------------------------------------------+ |
---|
| 189 | |
---|
| 190 | /* |
---|
| 191 | * ec_create_entry_OK() |
---|
| 192 | * returns true or false whether the creation of a new entry described by |
---|
| 193 | * $_POST was OK or not. |
---|
| 194 | * |
---|
| 195 | * @param |
---|
| 196 | * no param |
---|
| 197 | * @return |
---|
| 198 | * true if creation was OK ; false if not |
---|
| 199 | */ |
---|
| 200 | function ec_create_entry_OK() { |
---|
| 201 | global $page, $ec_lists; |
---|
| 202 | |
---|
[4173] | 203 | // $_POST validity checks : creation prevented in case of bad arguments |
---|
[4179] | 204 | if ( |
---|
[4173] | 205 | !isset($_POST['ec_in_up_code']) or |
---|
| 206 | !ereg('^[a-zA-Z0-9_-]{4,32}$', $_POST['ec_in_up_code']) |
---|
| 207 | ) return ec_end1('ec_in_up_code', 'ec_bad_argument7'); |
---|
| 208 | |
---|
| 209 | foreach ($ec_lists['ec_table'] as $ec_entry) |
---|
| 210 | if ($_POST['ec_in_up_code'] == $ec_entry['code']) |
---|
| 211 | return ec_end1('ec_in_up_code', 'ec_bad_argument2'); |
---|
| 212 | |
---|
| 213 | if ( |
---|
| 214 | !isset($_POST['ec_sel_user']) or ( |
---|
| 215 | $_POST['ec_sel_user'] != 'new' and |
---|
| 216 | $_POST['ec_sel_user'] != 'old' |
---|
| 217 | ) |
---|
| 218 | ) return ec_end1('ec_sel_user', 'ec_bad_argument1'); |
---|
| 219 | |
---|
| 220 | if ($_POST['ec_sel_user'] == 'new') { |
---|
| 221 | if ( |
---|
[4179] | 222 | !isset($_POST['login']) or |
---|
| 223 | $_POST['login'] == '' |
---|
| 224 | ) return ec_end1('login', 'ec_bad_argument1'); |
---|
| 225 | if (in_array($_POST['login'], $ec_lists['user_ids'])) |
---|
| 226 | return ec_end1('login', 'ec_bad_argument3'); |
---|
[4169] | 227 | } |
---|
[4173] | 228 | else { |
---|
| 229 | if (!isset($_POST['ec_in_up_usr_list'])) |
---|
[4179] | 230 | return ec_end1('login', 'ec_bad_argument1'); |
---|
[4173] | 231 | $ec_user_id = $_POST['ec_in_up_usr_list']; |
---|
[4179] | 232 | if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) |
---|
| 233 | return ec_end1('ec_in_up_usr_list', 'ec_bad_argument6'); |
---|
[4173] | 234 | } |
---|
| 235 | |
---|
| 236 | // code and user_id (if needed) are OK, creation can be done |
---|
[4178] | 237 | |
---|
[4181] | 238 | // User and eventually group creation, if needed |
---|
| 239 | if ($_POST['ec_sel_user'] == 'new') |
---|
| 240 | if (!($ec_user_id = ec_create_user_OK())) return false; |
---|
| 241 | |
---|
[4179] | 242 | // Preparation of $arg1, $arg2 and $forced |
---|
[4178] | 243 | $arg1 = ''; $arg2 = ''; |
---|
| 244 | if (isset($_POST['ec_input_action'])) switch ($_POST['ec_input_action']) { |
---|
| 245 | // case 'home': // Home : nothing to do : "arg"s are '' |
---|
| 246 | case 'add_p': // Additional Page |
---|
| 247 | if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; |
---|
| 248 | else ec_end1('ec_in_up_aps', 'ec_bad_argument1'); |
---|
| 249 | break; |
---|
| 250 | case 'cat': // Category |
---|
| 251 | case 'img': // Image |
---|
| 252 | if (isset($_POST['ec_in_up_cat'])) { |
---|
[4179] | 253 | $arg1 = $_POST['ec_in_up_cat']; |
---|
[4178] | 254 | if ($_POST['ec_input_action'] == 'img') { |
---|
| 255 | if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; |
---|
| 256 | else ec_end1('ec_in_up_img', 'ec_bad_argument1'); |
---|
| 257 | } |
---|
[4169] | 258 | } |
---|
[4178] | 259 | else ec_end1('ec_in_up_cat', 'ec_bad_argument1'); |
---|
| 260 | break; |
---|
[4179] | 261 | default: ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
[4169] | 262 | } |
---|
[4178] | 263 | else ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
[4179] | 264 | $forced = (isset($_POST['ec_in_up_forced'])) ? 'true' : 'false'; |
---|
[4178] | 265 | |
---|
| 266 | // Now we have the code, the user_id, arg1, arg2, and forced arguments |
---|
[4179] | 267 | if ( |
---|
| 268 | pwg_query(" |
---|
| 269 | INSERT INTO `".EVNTCATS_TABLE."` ( |
---|
| 270 | `code`, |
---|
| 271 | `user_id`, |
---|
| 272 | `action`, |
---|
| 273 | `arg1`, `arg2`, `forced` |
---|
| 274 | ) |
---|
| 275 | VALUES ( |
---|
| 276 | '".$_POST['ec_in_up_code']."', |
---|
| 277 | '".$ec_user_id."', |
---|
| 278 | 'ec_ok', |
---|
| 279 | '".$arg1."', '".$arg2."', '".$forced."' |
---|
| 280 | ); |
---|
| 281 | ") === false |
---|
| 282 | ) { |
---|
| 283 | $page['errors'][] = |
---|
| 284 | l10n('ec_entry_create_pb'). |
---|
| 285 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
| 286 | ; |
---|
| 287 | return false; |
---|
| 288 | } |
---|
| 289 | else { |
---|
| 290 | build_ec_lists(); |
---|
| 291 | $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); |
---|
| 292 | $page['infos'][] = |
---|
| 293 | l10n('ec_entry_create_OK').mysql_insert_id().' : '. |
---|
| 294 | $_POST['ec_in_up_code'].' => '. |
---|
| 295 | $ec_lists['user_ids'][$ec_user_id].$forced |
---|
| 296 | ; |
---|
| 297 | return true; |
---|
| 298 | } |
---|
[4169] | 299 | } |
---|
| 300 | |
---|
| 301 | /* |
---|
| 302 | * ec_duplicate_entry_OK() |
---|
| 303 | * returns true or false whether the duplication of an existing entry which # |
---|
| 304 | * is given by $_POST['ec_entry_sel'] was OK or not. |
---|
| 305 | * |
---|
| 306 | * @param |
---|
| 307 | * no param |
---|
| 308 | * @return |
---|
| 309 | * true if creation was OK ; false if not |
---|
| 310 | */ |
---|
| 311 | function ec_duplicate_entry_OK() { |
---|
| 312 | global $page, $ec_lists; |
---|
| 313 | |
---|
| 314 | build_ec_duplicable_codes(); |
---|
| 315 | if (array_key_exists($_POST['ec_entry_sel'], |
---|
| 316 | $ec_lists['duplicable_codes']['ids'])) { |
---|
| 317 | $arg1 = ''; $arg2 = ''; |
---|
| 318 | switch ($_POST['ec_input_action']) { |
---|
[4181] | 319 | // case 'home': // Home : nothing to do : "arg"s are '' |
---|
[4169] | 320 | case 'add_p': |
---|
| 321 | if (array_key_exists($_POST['ec_in_up_aps'],$ec_lists['add_pages'])) { |
---|
| 322 | $arg2 = $_POST['ec_in_up_aps']; } |
---|
| 323 | else return ec_end1('ec_in_up_aps', 'ec_bad_argument4'); |
---|
| 324 | case 'img': |
---|
| 325 | case 'cat': |
---|
| 326 | if (array_key_exists($_POST['ec_in_up_cat'], |
---|
| 327 | $ec_lists['categories'])) { |
---|
| 328 | if ($_POST['ec_input_action'] == 'img') { |
---|
| 329 | if ( |
---|
| 330 | ec_image_exists($_POST['ec_in_up_cat'], $_POST['ec_in_up_img']) |
---|
| 331 | ) $arg2 = $_POST['ec_in_up_img']; |
---|
| 332 | else return ec_end1('ec_in_up_img', 'ec_bad_argument4'); |
---|
| 333 | } |
---|
| 334 | $arg1 = $_POST['ec_in_up_cat']; |
---|
| 335 | } |
---|
| 336 | else return ec_end1('ec_in_up_cat', 'ec_bad_argument4'); |
---|
| 337 | break; |
---|
| 338 | default: return ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
| 339 | } |
---|
[4179] | 340 | if ( |
---|
| 341 | pwg_query(" |
---|
| 342 | INSERT INTO `".EVNTCATS_TABLE."` |
---|
| 343 | (`code`, `user_id`, `action`, `arg1`, `arg2`) |
---|
| 344 | VALUES ( |
---|
| 345 | '".$ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']."', |
---|
| 346 | '".$ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']."', |
---|
| 347 | 'ec_ok', |
---|
| 348 | '".$arg1."', |
---|
| 349 | '".$arg2."' |
---|
| 350 | ); |
---|
| 351 | ") === false |
---|
| 352 | ) { |
---|
| 353 | $page['errors'][] = |
---|
| 354 | l10n('ec_entry_dup_nok_pre1'). |
---|
| 355 | $_POST['ec_entry_sel']. |
---|
| 356 | l10n('ec_entry_dup_nok_end1'). |
---|
| 357 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
| 358 | ; |
---|
| 359 | return false; |
---|
| 360 | } |
---|
| 361 | else { |
---|
[4169] | 362 | $page['infos'][] = |
---|
| 363 | l10n('ec_entry_dup_ok_pre'). |
---|
| 364 | $_POST['ec_entry_sel'].' ('. |
---|
| 365 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code'].')'. |
---|
| 366 | l10n('ec_entry_dup_ok_end') |
---|
| 367 | ; |
---|
| 368 | build_ec_table(); |
---|
| 369 | return true; |
---|
| 370 | } |
---|
| 371 | } |
---|
| 372 | else return ec_end1('ec_entry_sel', 'ec_bad_argument5'); |
---|
| 373 | } |
---|
| 374 | |
---|
| 375 | /* |
---|
| 376 | * ec_modify_entry_OK() |
---|
| 377 | * returns true or false whether the modification of an existing entry which # |
---|
| 378 | * is given by $_POST['ec_entry_sel'] was OK or not. |
---|
| 379 | * |
---|
| 380 | * @param |
---|
| 381 | * no param |
---|
| 382 | * @return |
---|
| 383 | * true if modification was OK ; false if not |
---|
| 384 | */ |
---|
| 385 | function ec_modify_entry_OK() { |
---|
| 386 | global $page; |
---|
| 387 | $page['errors'][] = 'Y\'a pas eu une erreur ?...'; |
---|
| 388 | return false; |
---|
| 389 | } |
---|
| 390 | |
---|
| 391 | /* |
---|
| 392 | * ec_toggle_forced_entry() |
---|
| 393 | * Toggles the 'forced' property of an entry, provided it complies to the |
---|
| 394 | * rules. |
---|
| 395 | * |
---|
| 396 | * @param |
---|
| 397 | * no param |
---|
| 398 | * @return |
---|
| 399 | * no return value |
---|
| 400 | */ |
---|
| 401 | function ec_toggle_forced_entry() { |
---|
| 402 | global $page; |
---|
| 403 | $page['errors'][] = 'ec_toggle_forced_entry'; |
---|
| 404 | } |
---|
| 405 | |
---|
| 406 | /* |
---|
| 407 | * ec_delete_entry() |
---|
| 408 | * tries to delete an existing entry which # is given by |
---|
| 409 | * $_POST['ec_entry_sel']. |
---|
| 410 | * |
---|
| 411 | * @param |
---|
| 412 | * no param |
---|
| 413 | * @return |
---|
| 414 | * no return value : modifies $page['errors'] or $page['infos'] |
---|
| 415 | */ |
---|
| 416 | function ec_delete_entry() { |
---|
| 417 | global $page, $ec_lists; |
---|
| 418 | if (array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table'])) { |
---|
| 419 | if (!pwg_query(' |
---|
| 420 | DELETE FROM `'.EVNTCATS_TABLE.'` |
---|
| 421 | WHERE `id` = '.$_POST['ec_entry_sel'] |
---|
| 422 | )) { |
---|
| 423 | $page['errors'][] = |
---|
| 424 | l10n('ec_entry_del_nok_pre'). |
---|
| 425 | $_POST['ec_entry_sel']. |
---|
| 426 | l10n('ec_entry_del_nok_end'). |
---|
| 427 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
| 428 | ; |
---|
| 429 | } |
---|
| 430 | else { |
---|
| 431 | $page['infos'][] = |
---|
| 432 | l10n('ec_entry_del_ok_pre'). |
---|
| 433 | $_POST['ec_entry_sel']. |
---|
| 434 | l10n('ec_entry_del_ok_end'); |
---|
| 435 | build_ec_table(); |
---|
| 436 | } |
---|
| 437 | } |
---|
| 438 | else ec_end1('ec_entry_sel', 'ec_bad_argument1'); |
---|
| 439 | } |
---|
| 440 | |
---|
| 441 | ?> |
---|