source: extensions/pwg_images_addSimple/main.inc.php @ 7690

<?php
/*
Plugin Name: pwg.images.addSimple
Version: auto
Description: A simpler method to add photo with web API, based on HTTP file upload protocol
Plugin URI: http://piwigo.org/ext/extension_view.php?eid=411
Author: plg
Author URI: http://piwigo.wordpress.com
*/

if (!defined('PHPWG_ROOT_PATH'))
{
  die('Hacking attempt!');
}

add_event_handler('ws_add_methods', 'ws_add_method_addSimple');

function ws_add_method_addSimple($arr)
{
  global $conf;
  $service = &$arr[0];
  
  $service->addMethod(
    'pwg.images.addSimple',
    'ws_images_addSimple',
    array(
      'category' => array('default' => null),
      'name' => array('default' => null),
      'author' => array('default' => null),
      'comment' => array('default' => null),
      'level' => array(
        'default' => 0,
        'maxValue' => $conf['available_permission_levels']
        ),
      'tags' => array('default' => null),
      ),
    'POST method only.<br>Use the <b>image</b> field for uploading file.<br>Set the form encoding to "form-data"<br><b>category</b> is the numeric identifier of the destination category.'
    );

  $service->addMethod(
    'pwg.images.delete',
    'ws_images_delete',
    array(
      'image_id'=>array('default'=>0),
      'pwg_token' => array('default' => null),
      ),
    'Delete photos. You can give several image_ids, comma separated'
    );

  $service->addMethod(
    'pwg.categories.delete',
    'ws_categories_delete',
    array(
      'category_id'=>array('default'=>0),
      'pwg_token' => array('default' => null),
      ),
    'Delete categories. You can give several category_ids, comma separated'
    );

  $service->addMethod(
    'pwg.categories.move',
    'ws_categories_move',
    array(
      'category_id'=>array('default'=>0),
      'parent'=>array('default'=>0),
      'pwg_token' => array('default' => null),
      ),
    'Move categories. You can give several category_ids, comma separated. Set parent as 0 to move to gallery root. Only virtual categories can be moved.'
    );
}

function ws_images_addSimple($params, &$service)
{
  global $conf;
  if (!is_admin() || is_adviser() )
  {
    return new PwgError(401, 'Access denied');
  }

  if (!$service->isPost())
  {
    return new PwgError(405, "This method requires HTTP POST");
  }

  // category
  $params['category'] = (int)$params['category'];
  if ($params['category'] <= 0)
  {
    return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
  }

  include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
  
  $image_id = add_uploaded_file(
    $_FILES['image']['tmp_name'],
    $_FILES['image']['name'],
    array($params['category']),
    8
    );

  $info_columns = array(
    'name',
    'author',
    'comment',
    'level',
    'date_creation',
    );

  foreach ($info_columns as $key)
  {
    if (isset($params[$key]))
    {
      $update[$key] = $params[$key];
    }
  }

  if (count(array_keys($update)) > 0)
  {
    $update['id'] = $image_id;

    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
    mass_updates(
      IMAGES_TABLE,
      array(
        'primary' => array('id'),
        'update'  => array_diff(array_keys($update), array('id'))
        ),
      array($update)
      );
  }


  if (isset($params['tags']) and !empty($params['tags']))
  {
    $tag_ids = array();
    $tag_names = explode(',', $params['tags']);
    foreach ($tag_names as $tag_name)
    {
      $tag_id = tag_id_from_tag_name($tag_name);
      array_push($tag_ids, $tag_id);
    }

    add_tags($tag_ids, array($image_id));
  }

  $query = '
SELECT id, name, permalink
  FROM '.CATEGORIES_TABLE.'
  WHERE id = '.$params['category'].'
;';
  $result = pwg_query($query);
  $category = pwg_db_fetch_assoc($result);

  return array(
    'image_id' => $image_id,
    'url' => make_picture_url(
      array(
        'image_id' => $image_id,
        'section' => 'categories',
        'category' => $category
        )
      ),
    );
}

function ws_images_delete($params, &$service)
{
  global $conf;
  if (!is_admin() || is_adviser() )
  {
    return new PwgError(401, 'Access denied');
  }

  if (!$service->isPost())
  {
    return new PwgError(405, "This method requires HTTP POST");
  }

  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
  {
    return new PwgError(403, 'Invalid security token');
  }

  $params['image_id'] = preg_split(
    '/[\s,;\|]/',
    $params['image_id'],
    -1,
    PREG_SPLIT_NO_EMPTY
    );
  $params['image_id'] = array_map('intval', $params['image_id']);

  $image_ids = array();
  foreach ($params['image_id'] as $image_id)
  {
    if ($image_id > 0)
    {
      array_push($image_ids, $image_id);
    }
  }

  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
  delete_elements($params['image_id'], true);
}

function ws_categories_delete($params, &$service)
{
  global $conf;
  if (!is_admin() || is_adviser() )
  {
    return new PwgError(401, 'Access denied');
  }

  if (!$service->isPost())
  {
    return new PwgError(405, "This method requires HTTP POST");
  }

  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
  {
    return new PwgError(403, 'Invalid security token');
  }

  $params['category_id'] = preg_split(
    '/[\s,;\|]/',
    $params['category_id'],
    -1,
    PREG_SPLIT_NO_EMPTY
    );
  $params['category_id'] = array_map('intval', $params['category_id']);

  $category_ids = array();
  foreach ($params['category_id'] as $category_id)
  {
    if ($category_id > 0)
    {
      array_push($category_ids, $category_id);
    }
  }

  // We don't want to create orphans. If a photo is belonging to a category
  // that will be deleted and to no other category, we must delete the photo
  // as well.
  //
  // In the future, this algorithm must be integrated into the
  // delete_categories function.
  
  if (count($category_ids) == 0)
  {
    return;
  }

  // add sub-category ids to the given ids : if a category is deleted, all
  // sub-categories must be so
  $all_category_ids = get_subcat_ids($category_ids);

  $query = '
SELECT
    DISTINCT(image_id)
  FROM '.IMAGE_CATEGORY_TABLE.'
  WHERE category_id IN ('.implode(',', $all_category_ids).')
;';
  $image_ids_linked = array_from_query($query, 'image_id');

  $query = '
SELECT
    DISTINCT(image_id)
  FROM '.IMAGE_CATEGORY_TABLE.'
  WHERE image_id IN ('.implode(',', $image_ids_linked).')
    AND category_id NOT IN ('.implode(',', $all_category_ids).')
;';
  $image_ids_not_orphans = array_from_query($query, 'image_id');

  $image_ids_orphans = array_diff($image_ids_linked, $image_ids_not_orphans);
  
  // print_r($image_ids_not_orphans); exit();

  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
  delete_categories($category_ids);
  update_global_rank();

  delete_elements($image_ids_orphans, true);
}

function ws_categories_move($params, &$service)
{
  global $conf, $page;
  
  if (!is_admin() || is_adviser() )
  {
    return new PwgError(401, 'Access denied');
  }

  if (!$service->isPost())
  {
    return new PwgError(405, "This method requires HTTP POST");
  }

  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
  {
    return new PwgError(403, 'Invalid security token');
  }

  $params['category_id'] = preg_split(
    '/[\s,;\|]/',
    $params['category_id'],
    -1,
    PREG_SPLIT_NO_EMPTY
    );
  $params['category_id'] = array_map('intval', $params['category_id']);

  $category_ids = array();
  foreach ($params['category_id'] as $category_id)
  {
    if ($category_id > 0)
    {
      array_push($category_ids, $category_id);
    }
  }

  if (count($category_ids) == 0)
  {
    return new PwgError(403, 'Invalid category_id input parameter, no category to move');
  }

  // we can't move physical categories
  $categories_in_db = array();
  
  $query = '
SELECT
    id,
    name,
    dir
  FROM '.CATEGORIES_TABLE.'
  WHERE id IN ('.implode(',', $category_ids).')
;';
  $result = pwg_query($query);
  while ($row = pwg_db_fetch_assoc($result))
  {
    $categories_in_db[$row['id']] = $row;
    // we break on error at first physical category detected
    if (!empty($row['dir']))
    {
      $row['name'] = strip_tags(
        trigger_event(
          'render_category_name',
          $row['name'],
          'ws_categories_move'
          )
        );
      
      return new PwgError(
        403,
        sprintf(
          'Category %s (%u) is not a virtual category, you cannot move it',
          $row['name'],
          $row['id']
          )
        );
    }
  }

  if (count($categories_in_db) != count($category_ids))
  {
    $unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
    
    return new PwgError(
      403,
      sprintf(
        'Category %u does not exist',
        $unknown_category_ids[0]
        )
      );
  }

  // does this parent exists? This check should be made in the
  // move_categories function, not here
  //
  // 0 as parent means "move categories at gallery root"
  if (!is_numeric($params['parent']))
  {
    return new PwgError(403, 'Invalid parent input parameter');
  }
  
  if (0 != $params['parent']) {
    $params['parent'] = intval($params['parent']);
    $subcat_ids = get_subcat_ids(array($params['parent']));
    if (count($subcat_ids) == 0)
    {
      return new PwgError(403, 'Unknown parent category id');
    }
  }

  $page['infos'] = array();
  $page['errors'] = array();
  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
  move_categories($category_ids, $params['parent']);

  if (count($page['errors']) != 0)
  {
    return new PwgError(403, implode('; ', $page['errors']));
  }
}
?>