$user['id'], 'cat_id' => $category_id); if ( $user['id'] != $conf['webmaster_id'] and $vag['grant_to_webmaster'] == 1 ) $insert[] = array('user_id' => $conf['webmaster_id'], 'cat_id' => $category_id); if ( $vag['grant_to_creator'] == 1 or $vag['grant_to_webmaster'] == 1 and $vag['set_private'] == 1 ) mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $insert); array_push( $page['infos'], sprintf( l10n('You have got a private access to %s'), ''.$category_name.'') ); } // Who can see New image_ids if (count($image_ids) == 0) return true; if ( $vag['set_who_can_see'] == 0 ) return true; if ( is_webmaster() and $vag['webmaster_set_who_can_see'] == 1) return true; // New image_ids which are associated to a public category at least if ($vag['ignore_who_can_see_on_private'] == 1) $image_ids = array_from_query('SELECT image_id FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE category_id IN (SELECT id FROM ' . CATEGORIES_TABLE . ' WHERE status = \'public\')' . ' AND image_id IN ('.implode(',', $image_ids).');'); if (count($image_ids) > 0) { $r = pwg_query('UPDATE '.IMAGES_TABLE.' SET level = ' . $user['level'] . ' WHERE level < '. $user['level'] . ' AND id IN ('.implode(',', $image_ids).');'); array_push( $page['infos'], l10n_dec( 'Virtual AutoGrant has forced "Who can see" on %d image', 'Virtual AutoGrant has forced "Who can see" on %d images', pwg_db_changes($r) ) . ' - ' . sprintf( l10n('Privacy level set to "%s"'), l10n( sprintf('Level %d', $user['level']) ) ) ); } return true; } } // API cases : Just do it if ( !function_exists( 'VAG_add_case_by_API' ) ) { add_event_handler('invalidate_user_cache', 'VAG_add_case_by_API', 22 ); function VAG_add_case_by_API($full) { if ( !function_exists( 'ws_categories_add' ) ) return false; // That isn't an API request global $user, $conf; $vag = & $conf['virtual_AutoGrant']; if ( isset($_REQUEST['method']) and $_REQUEST['method'] == 'pwg.categories.add' ) { list($inserted_id) = pwg_db_fetch_row(pwg_query('SELECT MAX(id) FROM '.CATEGORIES_TABLE . ' WHERE name = \'' .pwg_db_real_escape_string($_REQUEST['name']) . '\' AND site_id IS NULL;')); # Note: AND site_id IS NULL because synchro could be running in // if ( $vag['set_private_by_API'] == 1 ) set_cat_status(array($inserted_id), 'private'); else set_cat_status(array($inserted_id), 'public'); if ( ($vag['grant_to_creator'] == 1 or $vag['grant_to_webmaster'] == 1 ) and $vag['set_private_by_API'] == 1 ) { if ( $vag['grant_to_creator'] == 1 ) $insert[] = array('user_id' => $user['id'], 'cat_id' => $inserted_id); if ( $user['id'] != $conf['webmaster_id'] and $vag['grant_to_webmaster'] == 1 ) $insert[] = array('user_id' => $conf['webmaster_id'], 'cat_id' => $inserted_id); mass_inserts(USER_ACCESS_TABLE, array('user_id','cat_id'), $insert); } } // "Who can see" management ( only for API, Synchro or old HTTP management on gallery side are ignored ) if ( isset($_REQUEST['method']) and $_REQUEST['method'] == 'pwg.images.add' and isset($_REQUEST['original_sum']) and $vag['set_who_can_see'] == 1 ) { # image to update if ('md5sum' == $conf['uniqueness_mode']) $where_clause = "md5sum = '".pwg_db_real_escape_string($_REQUEST['original_sum'])."'"; if ('filename' == $conf['uniqueness_mode'] and isset($_REQUEST['original_filename']) ) $where_clause = "file = '".pwg_db_real_escape_string($_REQUEST['original_filename'])."'"; if ( !isset($where_clause) or (is_webmaster() and $vag['webmaster_set_who_can_see'] == 1) ) return false; if ( $user['level'] == $conf['available_permission_levels'][0] ) return false; // Non privacy level won't force it if (!isset($_REQUEST['categories'])) return false; $tokens = explode(';', pwg_db_real_escape_string($_REQUEST['categories'])); $cat_ids = array(); foreach ($tokens as $token) { list($cat_id) = explode(',', $token); if (!preg_match('/^\d+$/', $cat_id)) continue; array_push($cat_ids, $cat_id); } $cat_ids = array_unique($cat_ids); if (count($cat_ids) != 0) $w = ' AND id IN ('.implode(',', $cat_ids).')'; else $w =''; list($count_public_cat) = pwg_db_fetch_row(pwg_query('SELECT count(*) FROM '.CATEGORIES_TABLE . ' WHERE status = \'public\' ' . $w . ' AND site_id IS NULL;')); // No public category = all are private => maybe we can ignore "Who can see" if ( $count_public_cat == 0 and $vag['ignore_who_can_see_on_private'] == 1 ) return false; $r = pwg_query('UPDATE '.IMAGES_TABLE.' SET level = ' . $user['level'] . ' WHERE level < '. $user['level'] .' AND ' . $where_clause . ';'); } } } // Configuration menu if ( !function_exists( 'VAG_admin_menu' ) ) { if ( defined('IN_ADMIN') and IN_ADMIN ) { add_event_handler('get_admin_plugin_menu_links', 'VAG_admin_menu'); function VAG_admin_menu($menu) { global $conf; array_push($menu, array( 'NAME' => 'Virtual AutoGrant', 'URL' => get_root_url().'admin.php?page=plugin-'.basename(VAG_PATH) )); return $menu; } } } ?>