Context Navigation

source: trunk/admin/cat_modify.php @ 5382

Last change on this file since 5382 was 5335, checked in by rvelices, 14 years ago
fix cat_modify missing token in url double icon display simplified func check_pwg_token
Property svn:eol-style set to `LF`
File size: 15.1 KB

Rev	Line
[21]	1	<?php
[362]	2	// +-----------------------------------------------------------------------+
[2297]	3	// \| Piwigo - a PHP based picture gallery \|
	4	// +-----------------------------------------------------------------------+
[5196]	5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[21]	23
[632]	24	if (!defined('PHPWG_ROOT_PATH'))
[403]	25	{
[632]	26	die('Hacking attempt!');
[403]	27	}
[1072]	28
[1895]	29	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
[1072]	30
	31	// +-----------------------------------------------------------------------+
	32	// \| Check Access and exit when user status is not ok \|
	33	// +-----------------------------------------------------------------------+
	34	check_status(ACCESS_ADMINISTRATOR);
	35
[21]	36	//---------------------------------------------------------------- verification
[403]	37	if ( !isset( $_GET['cat_id'] ) \|\| !is_numeric( $_GET['cat_id'] ) )
[21]	38	{
[2490]	39	trigger_error( 'missing cat_id param', E_USER_ERROR);
[21]	40	}
[403]	41
[21]	42	//--------------------------------------------------------- form criteria check
[825]	43	if (isset($_POST['submit']))
[21]	44	{
[2490]	45	$image_order = null;
	46	if ( !isset($_POST['image_order_default']) )
	47	{
	48	for ($i=1; $i<=3; $i++)
	49	{
	50	if ( !empty($_POST['order_field_'.$i]) )
	51	{
	52	if (! empty($image_order) )
	53	{
	54	$image_order .= ',';
	55	}
	56	$image_order .= $_POST['order_field_'.$i];
	57	if ($_POST['order_direction_'.$i]=='DESC')
	58	{
	59	$image_order .= ' DESC';
	60	}
	61	}
	62	}
	63	}
	64
[825]	65	$data =
	66	array(
	67	'id' => $_GET['cat_id'],
	68	'name' => @$_POST['name'],
[4367]	69	'commentable' => isset($_POST['commentable'])?$_POST['commentable']:'false',
[825]	70	'uploadable' =>
	71	isset($_POST['uploadable']) ? $_POST['uploadable'] : 'false',
	72	'comment' =>
	73	$conf['allow_html_descriptions'] ?
[2490]	74	@$_POST['comment'] : strip_tags(@$_POST['comment']),
	75	'image_order' => $image_order,
[825]	76	);
[38]	77
[825]	78	mass_updates(
	79	CATEGORIES_TABLE,
	80	array(
	81	'primary' => array('id'),
	82	'update' => array_diff(array_keys($data), array('id'))
	83	),
	84	array($data)
	85	);
[1131]	86
[2490]	87	// retrieve cat infos before continuing (following updates are expensive)
	88	$cat_info = get_cat_info($_GET['cat_id']);
[345]	89
[2490]	90	if (isset($_POST['image_order_subcats']))
[809]	91	{
[2490]	92	$query = '
	93	UPDATE '.CATEGORIES_TABLE.' SET image_order='.(isset($image_order) ? 'NULL':"'$image_order'").'
	94	WHERE uppercats LIKE "'.$cat_info['uppercats'].',%"';
	95	pwg_query($query);
[809]	96	}
	97
[2490]	98	if ($cat_info['visible'] != get_boolean( $_POST['visible'] ) )
[1500]	99	{
[2490]	100	set_cat_visible(array($_GET['cat_id']), $_POST['visible']);
[1500]	101	}
[2653]	102	if ($cat_info['status'] != $_POST['status'] )
[1500]	103	{
[2490]	104	set_cat_status(array($_GET['cat_id']), $_POST['status']);
[1500]	105	}
[2490]	106
	107	if (isset($_POST['parent']) and $cat_info['id_uppercat'] != $_POST['parent'])
[1500]	108	{
[2490]	109	move_categories( array($_GET['cat_id']), $_POST['parent'] );
[1500]	110	}
	111
[5021]	112	array_push($page['infos'], l10n('Category informations updated successfully.'));
[21]	113	}
[2490]	114	elseif (isset($_POST['set_random_representant']))
[633]	115	{
	116	set_random_representant(array($_GET['cat_id']));
	117	}
[2490]	118	elseif (isset($_POST['delete_representant']))
[809]	119	{
	120	$query = '
	121	UPDATE '.CATEGORIES_TABLE.'
	122	SET representative_picture_id = NULL
	123	WHERE id = '.$_GET['cat_id'].'
	124	;';
	125	pwg_query($query);
	126	}
[2490]	127	elseif (isset($_POST['submitAdd']))
[1064]	128	{
	129	$output_create = create_virtual_category(
	130	$_POST['virtual_name'],
	131	(0 == $_POST['parent'] ? null : $_POST['parent'])
	132	);
[1131]	133
[1064]	134	if (isset($output_create['error']))
	135	{
	136	array_push($page['errors'], $output_create['error']);
	137	}
	138	else
	139	{
	140	// Virtual category creation succeeded
	141	//
	142	// Add the information in the information list
	143	array_push($page['infos'], $output_create['info']);
[1131]	144
[1064]	145	// Link the new category to the current category
[1121]	146	associate_categories_to_categories(
	147	array($_GET['cat_id']),
	148	array($output_create['id'])
	149	);
[21]	150
[1121]	151	// information
[1064]	152	array_push(
[1121]	153	$page['infos'],
	154	sprintf(
	155	l10n('Category elements associated to the following categories: %s'),
	156	'<ul><li>'
	157	.get_cat_display_name_from_id($output_create['id'])
	158	.'</li></ul>'
[1064]	159	)
	160	);
	161	}
	162	}
[2490]	163	elseif (isset($_POST['submitDestinations'])
[1121]	164	and isset($_POST['destinations'])
	165	and count($_POST['destinations']) > 0)
[1064]	166	{
[1121]	167	associate_categories_to_categories(
	168	array($_GET['cat_id']),
	169	$_POST['destinations']
	170	);
[1064]	171
[1121]	172	$category_names = array();
	173	foreach ($_POST['destinations'] as $category_id)
[1064]	174	{
	175	array_push(
[1121]	176	$category_names,
	177	get_cat_display_name_from_id($category_id)
[1064]	178	);
	179	}
	180
[1121]	181	array_push(
	182	$page['infos'],
	183	sprintf(
	184	l10n('Category elements associated to the following categories: %s'),
	185	'<ul><li>'.implode('</li><li>', $category_names).'</li></ul>'
	186	)
[1064]	187	);
	188	}
	189
[632]	190	$query = '
	191	SELECT *
	192	FROM '.CATEGORIES_TABLE.'
	193	WHERE id = '.$_GET['cat_id'].'
	194	;';
[4325]	195	$category = pwg_db_fetch_assoc( pwg_query( $query ) );
[530]	196	// nullable fields
[809]	197	foreach (array('comment','dir','site_id', 'id_uppercat') as $nullable)
[530]	198	{
	199	if (!isset($category[$nullable]))
	200	{
	201	$category[$nullable] = '';
	202	}
	203	}
[345]	204
[809]	205	$category['is_virtual'] = empty($category['dir']) ? true : false;
	206
[2324]	207	$query = 'SELECT DISTINCT category_id
	208	FROM '.IMAGE_CATEGORY_TABLE.'
	209	WHERE category_id = '.$_GET['cat_id'].'
	210	LIMIT 1';
	211	$result = pwg_query($query);
[4325]	212	$category['has_images'] = pwg_db_num_rows($result)>0 ? true : false;
[2223]	213
[403]	214	// Navigation path
[834]	215	$navigation = get_cat_display_name_cache(
[635]	216	$category['uppercats'],
[2286]	217	get_root_url().'admin.php?page=cat_modify&cat_id='
[834]	218	);
[345]	219
[2286]	220	$form_action = get_root_url().'admin.php?page=cat_modify&cat_id='.$_GET['cat_id'];
[403]	221
	222	//----------------------------------------------------- template initialization
[2530]	223	$template->set_filename( 'categories', 'cat_modify.tpl');
[809]	224
[2286]	225	$base_url = get_root_url().'admin.php?page=';
[809]	226	$cat_list_url = $base_url.'cat_list';
[1131]	227
[809]	228	$self_url = $cat_list_url;
	229	if (!empty($category['id_uppercat']))
	230	{
	231	$self_url.= '&parent_id='.$category['id_uppercat'];
	232	}
	233
[2223]	234	$template->assign(
[1131]	235	array(
[1082]	236	'CATEGORIES_NAV' => $navigation,
[2777]	237	'CAT_ID' => $category['id'],
[2223]	238	'CAT_NAME' => @htmlspecialchars($category['name']),
	239	'CAT_COMMENT' => @htmlspecialchars($category['comment']),
[1131]	240
[2223]	241	'status_values' => array('public','private'),
[1131]	242
[2223]	243	'CAT_STATUS' => $category['status'],
[4385]	244	'CAT_VISIBLE' => boolean_to_string($category['visible']),
	245	'CAT_COMMENTABLE' => boolean_to_string($category['commentable']),
	246	'CAT_UPLOADABLE' => boolean_to_string($category['uploadable']),
[2223]	247
[1500]	248	'IMG_ORDER_DEFAULT' => empty($category['image_order']) ?
	249	'checked="checked"' : '',
	250
[1082]	251	'U_JUMPTO' => make_index_url(
	252	array(
[1861]	253	'category' => $category
[1082]	254	)
	255	),
[1131]	256
[1916]	257	'MAIL_CONTENT' => empty($_POST['mail_content'])
	258	? '' : stripslashes($_POST['mail_content']),
[1082]	259	'U_CHILDREN' => $cat_list_url.'&parent_id='.$category['id'],
[2286]	260	'U_HELP' => get_root_url().'popuphelp.php?page=cat_modify',
[1131]	261
[1082]	262	'F_ACTION' => $form_action,
	263	)
	264	);
[633]	265
[809]	266
	267	if ('private' == $category['status'])
	268	{
[2223]	269	$template->assign( 'U_MANAGE_PERMISSIONS',
	270	$base_url.'cat_perm&cat='.$category['id']
[809]	271	);
	272	}
	273
	274	// manage category elements link
[2324]	275	if ($category['has_images'])
[633]	276	{
[2517]	277	$template->assign(
	278	'U_MANAGE_ELEMENTS',
	279	$base_url.'element_set&cat='.$category['id']
[2223]	280	);
[2517]	281	$template->assign(
	282	'U_MANAGE_RANKS',
	283	$base_url.'element_set_ranks&cat_id='.$category['id']
	284	);
[2223]	285	}
	286
	287	if ($category['is_virtual'])
	288	{
	289	$template->assign(
[809]	290	array(
[5335]	291	'U_DELETE' => $self_url.'&delete='.$category['id'].'&pwg_token='.get_pwg_token(),
[809]	292	)
	293	);
	294	}
[2223]	295	else
[1500]	296	{
[2223]	297	$category['cat_full_dir'] = get_complete_dir($_GET['cat_id']);
	298	$template->assign(
	299	array(
	300	'CAT_FULL_DIR' => preg_replace('/\/$/',
	301	'',
	302	$category['cat_full_dir'] )
	303	)
	304	);
	305	if (!url_is_remote($category['cat_full_dir']) )
	306	{
	307	$template->assign('SHOW_UPLOADABLE', true);
	308	}
[1500]	309	}
	310
[2223]	311	// image order management
	312
[1500]	313	$sort_fields = array(
	314	'' => '',
	315	'date_creation' => l10n('Creation date'),
	316	'date_available' => l10n('Post date'),
	317	'average_rate' => l10n('Average rate'),
[5021]	318	'hit' => l10n('Most visited'),
[1500]	319	'file' => l10n('File name'),
	320	'id' => 'Id',
[2517]	321	'rank' => l10n('Rank'),
[1500]	322	);
	323
[2223]	324	$sort_directions = array(
	325	'ASC' => l10n('ascending'),
	326	'DESC' => l10n('descending'),
	327	);
	328
	329	$template->assign( 'image_order_field_options', $sort_fields);
	330	$template->assign( 'image_order_direction_options', $sort_directions);
	331
	332	$matches = array();
	333	if ( !empty( $category['image_order'] ) )
	334	{
	335	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
	336	$category['image_order'], $matches);
	337	}
	338
[1500]	339	for ($i=0; $i<3; $i++) // 3 fields
	340	{
[2223]	341	$tpl_image_order_select = array(
	342	'ID' => $i+1,
	343	'FIELD' => array(''),
	344	'DIRECTION' => array('ASC'),
	345	);
[5335]	346
[2223]	347	if ( isset($matches[1][$i]) )
[1500]	348	{
[2223]	349	$tpl_image_order_select['FIELD'] = array($matches[1][$i]);
[1500]	350	}
[5335]	351
[2223]	352	if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
	353	{
	354	$tpl_image_order_select['DIRECTION'] = array('DESC');
	355	}
	356	$template->append( 'image_orders', $tpl_image_order_select);
[1500]	357	}
	358
	359
[809]	360	// representant management
[2324]	361	if ($category['has_images']
[809]	362	or !empty($category['representative_picture_id']))
	363	{
[2223]	364	$tpl_representant = array();
[809]	365
	366	// picture to display : the identified representant or the generic random
	367	// representant ?
	368	if (!empty($category['representative_picture_id']))
	369	{
	370	$query = '
[1609]	371	SELECT id,tn_ext,path
[633]	372	FROM '.IMAGES_TABLE.'
	373	WHERE id = '.$category['representative_picture_id'].'
	374	;';
[4325]	375	$row = pwg_db_fetch_assoc(pwg_query($query));
[1609]	376	$src = get_thumbnail_url($row);
[2286]	377	$url = get_root_url().'admin.php?page=picture_modify';
[809]	378	$url.= '&image_id='.$category['representative_picture_id'];
[1131]	379
[2223]	380	$tpl_representant['picture'] =
[809]	381	array(
	382	'SRC' => $src,
	383	'URL' => $url
	384	);
	385	}
	386
	387	// can the admin choose to set a new random representant ?
[2324]	388	$tpl_representant['ALLOW_SET_RANDOM'] = ($category['has_images']) ? true : false;
[809]	389
	390	// can the admin delete the current representant ?
	391	if (
[2324]	392	($category['has_images']
[809]	393	and $conf['allow_random_representative'])
	394	or
[2324]	395	(!$category['has_images']
[809]	396	and !empty($category['representative_picture_id'])))
	397	{
[2223]	398	$tpl_representant['ALLOW_DELETE'] = true;
[809]	399	}
[2223]	400	$template->assign('representant', $tpl_representant);
[633]	401	}
	402
[2223]	403	if ($category['is_virtual'])
[68]	404	{
[809]	405	// the category can be moved in any category but in itself, in any
	406	// sub-category
	407	$unmovables = get_subcat_ids(array($category['id']));
[1131]	408
[809]	409	$query = '
	410	SELECT id,name,uppercats,global_rank
	411	FROM '.CATEGORIES_TABLE.'
	412	WHERE id NOT IN ('.implode(',', $unmovables).')
	413	;';
[1131]	414
[809]	415	display_select_cat_wrapper(
	416	$query,
	417	empty($category['id_uppercat']) ? array() : array($category['id_uppercat']),
[2223]	418	'move_cat_options'
[809]	419	);
	420	}
	421
[403]	422
[2223]	423	// create virtual in parent and link
[1064]	424	$query = '
	425	SELECT id,name,uppercats,global_rank
	426	FROM '.CATEGORIES_TABLE.'
	427	;';
	428	display_select_cat_wrapper(
	429	$query,
	430	array(),
[2223]	431	'create_new_parent_options'
[1064]	432	);
	433
[2223]	434
[1064]	435	// destination categories
	436	$query = '
[1121]	437	SELECT id,name,uppercats,global_rank
[1064]	438	FROM '.CATEGORIES_TABLE.'
[1121]	439	WHERE id != '.$category['id'].'
[1064]	440	;';
[1121]	441	display_select_cat_wrapper(
	442	$query,
	443	array(),
[2223]	444	'category_destination_options'
[1064]	445	);
	446
[1895]	447	// info by email to an access granted group of category informations
[2140]	448	if (isset($_POST['submitEmail']) and !empty($_POST['group']))
[1895]	449	{
[1904]	450	set_make_full_url();
	451
[5335]	452	/* TODO: if $category['representative_picture_id']
[1904]	453	is empty find child representative_picture_id */
	454	if (!empty($category['representative_picture_id']))
	455	{
	456	$query = '
	457	SELECT id, file, path, tn_ext
	458	FROM '.IMAGES_TABLE.'
	459	WHERE id = '.$category['representative_picture_id'].'
[1895]	460	;';
[1064]	461
[1904]	462	$result = pwg_query($query);
[4325]	463	if (pwg_db_num_rows($result) > 0)
[1904]	464	{
[4325]	465	$element = pwg_db_fetch_assoc($result);
[1904]	466
	467	$img_url = '<a href="'.
	468	make_picture_url(array(
	469	'image_id' => $element['id'],
	470	'image_file' => $element['file'],
	471	'category' => $category
	472	))
[3185]	473	.'" class="thumblnk"><img src="'.get_thumbnail_url($element).'"></a>';
[1904]	474	}
	475	}
[5335]	476
[1904]	477	if (!isset($img_url))
[1895]	478	{
[1904]	479	$img_url = '';
	480	}
	481
	482	// TODO Mettre un array pour traduction subjet
	483	pwg_mail_group(
	484	$_POST['group'],
	485	get_str_email_format(true), /* TODO add a checkbox in order to choose format*/
[1916]	486	get_l10n_args('[%s] Come to visit the category %s',
	487	array($conf['gallery_title'], $category['name'])),
[1904]	488	'cat_group_info',
	489	array
	490	(
	491	'IMG_URL' => $img_url,
[1916]	492	'CAT_NAME' => $category['name'],
[1904]	493	'LINK' => make_index_url(
[1895]	494	array(
	495	'category' => array(
	496	'id' => $category['id'],
	497	'name' => $category['name'],
[1904]	498	'permalink' => $category['permalink']
	499	))),
[1916]	500	'CPL_CONTENT' => empty($_POST['mail_content'])
	501	? '' : stripslashes($_POST['mail_content'])
[1904]	502	),
	503	'' /* TODO Add listbox in order to choose Language selected */);
[1895]	504
[1904]	505	unset_make_full_url();
	506
[1895]	507	$query = '
	508	SELECT
	509	name
	510	FROM '.GROUPS_TABLE.'
	511	WHERE id = '.$_POST['group'].'
	512	;';
[4325]	513	list($group_name) = pwg_db_fetch_row(pwg_query($query));
[5335]	514
[1895]	515	array_push(
	516	$page['infos'],
	517	sprintf(
[5207]	518	l10n('An information email was sent to group "%s"'),
[1895]	519	$group_name
	520	)
	521	);
	522	}
	523
	524	if ('private' == $category['status'])
	525	{
	526	$query = '
	527	SELECT
	528	group_id
	529	FROM '.GROUP_ACCESS_TABLE.'
	530	WHERE cat_id = '.$category['id'].'
	531	;';
	532	}
	533	else
	534	{
	535	$query = '
	536	SELECT
	537	id AS group_id
	538	FROM '.GROUPS_TABLE.'
	539	;';
	540	}
	541	$group_ids = array_from_query($query, 'group_id');
	542
	543	if (count($group_ids) > 0)
	544	{
	545	$query = '
	546	SELECT
	547	id,
	548	name
	549	FROM '.GROUPS_TABLE.'
	550	WHERE id IN ('.implode(',', $group_ids).')
	551	ORDER BY name ASC
	552	;';
[2223]	553	$template->assign('group_mail_options',
	554	simple_hash_from_query($query, 'id', 'name')
	555	);
[1895]	556	}
	557
[21]	558	//----------------------------------------------------------- sending html code
[403]	559	$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
[362]	560	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: