source: trunk/admin/cat_modify.php @ 5406

Last change on this file since 5406 was 5335, checked in by rvelices, 15 years ago
  • fix cat_modify
    • missing token in url
    • double icon display
  • simplified func check_pwg_token
  • Property svn:eol-style set to LF
File size: 15.1 KB
RevLine 
[21]1<?php
[362]2// +-----------------------------------------------------------------------+
[2297]3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
[5196]5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
[2297]6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
[21]23
[632]24if (!defined('PHPWG_ROOT_PATH'))
[403]25{
[632]26  die('Hacking attempt!');
[403]27}
[1072]28
[1895]29include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
[1072]30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
[21]36//---------------------------------------------------------------- verification
[403]37if ( !isset( $_GET['cat_id'] ) || !is_numeric( $_GET['cat_id'] ) )
[21]38{
[2490]39  trigger_error( 'missing cat_id param', E_USER_ERROR);
[21]40}
[403]41
[21]42//--------------------------------------------------------- form criteria check
[825]43if (isset($_POST['submit']))
[21]44{
[2490]45  $image_order = null;
46  if ( !isset($_POST['image_order_default']) )
47  {
48    for ($i=1; $i<=3; $i++)
49    {
50      if ( !empty($_POST['order_field_'.$i]) )
51      {
52        if (! empty($image_order) )
53        {
54          $image_order .= ',';
55        }
56        $image_order .= $_POST['order_field_'.$i];
57        if ($_POST['order_direction_'.$i]=='DESC')
58        {
59          $image_order .= ' DESC';
60        }
61      }
62    }
63  }
64
[825]65  $data =
66    array(
67      'id' => $_GET['cat_id'],
68      'name' => @$_POST['name'],
[4367]69      'commentable' => isset($_POST['commentable'])?$_POST['commentable']:'false',
[825]70      'uploadable' =>
71        isset($_POST['uploadable']) ? $_POST['uploadable'] : 'false',
72      'comment' =>
73        $conf['allow_html_descriptions'] ?
[2490]74          @$_POST['comment'] : strip_tags(@$_POST['comment']),
75      'image_order' => $image_order,
[825]76      );
[38]77
[825]78  mass_updates(
79    CATEGORIES_TABLE,
80    array(
81      'primary' => array('id'),
82      'update' => array_diff(array_keys($data), array('id'))
83      ),
84    array($data)
85    );
[1131]86
[2490]87  // retrieve cat infos before continuing (following updates are expensive)
88  $cat_info = get_cat_info($_GET['cat_id']);
[345]89
[2490]90  if (isset($_POST['image_order_subcats']))
[809]91  {
[2490]92    $query = '
93UPDATE '.CATEGORIES_TABLE.' SET image_order='.(isset($image_order) ? 'NULL':"'$image_order'").'
94  WHERE uppercats LIKE "'.$cat_info['uppercats'].',%"';
95    pwg_query($query);
[809]96  }
97
[2490]98  if ($cat_info['visible'] != get_boolean( $_POST['visible'] ) )
[1500]99  {
[2490]100    set_cat_visible(array($_GET['cat_id']), $_POST['visible']);
[1500]101  }
[2653]102  if ($cat_info['status'] != $_POST['status'] )
[1500]103  {
[2490]104    set_cat_status(array($_GET['cat_id']), $_POST['status']);
[1500]105  }
[2490]106
107  if (isset($_POST['parent']) and $cat_info['id_uppercat'] != $_POST['parent'])
[1500]108  {
[2490]109    move_categories( array($_GET['cat_id']), $_POST['parent'] );
[1500]110  }
111
[5021]112  array_push($page['infos'], l10n('Category informations updated successfully.'));
[21]113}
[2490]114elseif (isset($_POST['set_random_representant']))
[633]115{
116  set_random_representant(array($_GET['cat_id']));
117}
[2490]118elseif (isset($_POST['delete_representant']))
[809]119{
120  $query = '
121UPDATE '.CATEGORIES_TABLE.'
122  SET representative_picture_id = NULL
123  WHERE id = '.$_GET['cat_id'].'
124;';
125  pwg_query($query);
126}
[2490]127elseif (isset($_POST['submitAdd']))
[1064]128{
129  $output_create = create_virtual_category(
130    $_POST['virtual_name'],
131    (0 == $_POST['parent'] ? null : $_POST['parent'])
132    );
[1131]133
[1064]134  if (isset($output_create['error']))
135  {
136    array_push($page['errors'], $output_create['error']);
137  }
138  else
139  {
140    // Virtual category creation succeeded
141    //
142    // Add the information in the information list
143    array_push($page['infos'], $output_create['info']);
[1131]144
[1064]145    // Link the new category to the current category
[1121]146    associate_categories_to_categories(
147      array($_GET['cat_id']),
148      array($output_create['id'])
149      );
[21]150
[1121]151    // information
[1064]152    array_push(
[1121]153      $page['infos'],
154      sprintf(
155        l10n('Category elements associated to the following categories: %s'),
156        '<ul><li>'
157        .get_cat_display_name_from_id($output_create['id'])
158        .'</li></ul>'
[1064]159        )
160      );
161  }
162}
[2490]163elseif (isset($_POST['submitDestinations'])
[1121]164         and isset($_POST['destinations'])
165         and count($_POST['destinations']) > 0)
[1064]166{
[1121]167  associate_categories_to_categories(
168    array($_GET['cat_id']),
169    $_POST['destinations']
170    );
[1064]171
[1121]172  $category_names = array();
173  foreach ($_POST['destinations'] as $category_id)
[1064]174  {
175    array_push(
[1121]176      $category_names,
177      get_cat_display_name_from_id($category_id)
[1064]178      );
179  }
180
[1121]181  array_push(
182    $page['infos'],
183    sprintf(
184      l10n('Category elements associated to the following categories: %s'),
185      '<ul><li>'.implode('</li><li>', $category_names).'</li></ul>'
186      )
[1064]187    );
188}
189
[632]190$query = '
191SELECT *
192  FROM '.CATEGORIES_TABLE.'
193  WHERE id = '.$_GET['cat_id'].'
194;';
[4325]195$category = pwg_db_fetch_assoc( pwg_query( $query ) );
[530]196// nullable fields
[809]197foreach (array('comment','dir','site_id', 'id_uppercat') as $nullable)
[530]198{
199  if (!isset($category[$nullable]))
200  {
201    $category[$nullable] = '';
202  }
203}
[345]204
[809]205$category['is_virtual'] = empty($category['dir']) ? true : false;
206
[2324]207$query = 'SELECT DISTINCT category_id
208  FROM '.IMAGE_CATEGORY_TABLE.'
209  WHERE category_id = '.$_GET['cat_id'].'
210  LIMIT 1';
211$result = pwg_query($query);
[4325]212$category['has_images'] = pwg_db_num_rows($result)>0 ? true : false;
[2223]213
[403]214// Navigation path
[834]215$navigation = get_cat_display_name_cache(
[635]216  $category['uppercats'],
[2286]217  get_root_url().'admin.php?page=cat_modify&amp;cat_id='
[834]218  );
[345]219
[2286]220$form_action = get_root_url().'admin.php?page=cat_modify&amp;cat_id='.$_GET['cat_id'];
[403]221
222//----------------------------------------------------- template initialization
[2530]223$template->set_filename( 'categories', 'cat_modify.tpl');
[809]224
[2286]225$base_url = get_root_url().'admin.php?page=';
[809]226$cat_list_url = $base_url.'cat_list';
[1131]227
[809]228$self_url = $cat_list_url;
229if (!empty($category['id_uppercat']))
230{
231  $self_url.= '&amp;parent_id='.$category['id_uppercat'];
232}
233
[2223]234$template->assign(
[1131]235  array(
[1082]236    'CATEGORIES_NAV'     => $navigation,
[2777]237    'CAT_ID'             => $category['id'],
[2223]238    'CAT_NAME'           => @htmlspecialchars($category['name']),
239    'CAT_COMMENT'        => @htmlspecialchars($category['comment']),
[1131]240
[2223]241    'status_values'     => array('public','private'),
[1131]242
[2223]243    'CAT_STATUS'        => $category['status'],
[4385]244    'CAT_VISIBLE'       => boolean_to_string($category['visible']),
245    'CAT_COMMENTABLE'   => boolean_to_string($category['commentable']),
246    'CAT_UPLOADABLE'    => boolean_to_string($category['uploadable']),
[2223]247
[1500]248    'IMG_ORDER_DEFAULT'  => empty($category['image_order']) ?
249                              'checked="checked"' : '',
250
[1082]251    'U_JUMPTO' => make_index_url(
252      array(
[1861]253        'category' => $category
[1082]254        )
255      ),
[1131]256
[1916]257    'MAIL_CONTENT' => empty($_POST['mail_content'])
258        ? '' : stripslashes($_POST['mail_content']),
[1082]259    'U_CHILDREN' => $cat_list_url.'&amp;parent_id='.$category['id'],
[2286]260    'U_HELP' => get_root_url().'popuphelp.php?page=cat_modify',
[1131]261
[1082]262    'F_ACTION' => $form_action,
263    )
264  );
[633]265
[809]266
267if ('private' == $category['status'])
268{
[2223]269  $template->assign( 'U_MANAGE_PERMISSIONS',
270      $base_url.'cat_perm&amp;cat='.$category['id']
[809]271    );
272}
273
274// manage category elements link
[2324]275if ($category['has_images'])
[633]276{
[2517]277  $template->assign(
278    'U_MANAGE_ELEMENTS',
279    $base_url.'element_set&amp;cat='.$category['id']
[2223]280    );
[2517]281  $template->assign(
282    'U_MANAGE_RANKS',
283    $base_url.'element_set_ranks&amp;cat_id='.$category['id']
284    );
[2223]285}
286
287if ($category['is_virtual'])
288{
289  $template->assign(
[809]290    array(
[5335]291      'U_DELETE' => $self_url.'&amp;delete='.$category['id'].'&amp;pwg_token='.get_pwg_token(),
[809]292      )
293    );
294}
[2223]295else
[1500]296{
[2223]297  $category['cat_full_dir'] = get_complete_dir($_GET['cat_id']);
298  $template->assign(
299    array(
300      'CAT_FULL_DIR'       => preg_replace('/\/$/',
301                                    '',
302                                    $category['cat_full_dir'] )
303      )
304    );
305  if (!url_is_remote($category['cat_full_dir']) )
306  {
307    $template->assign('SHOW_UPLOADABLE', true);
308  }
[1500]309}
310
[2223]311// image order management
312
[1500]313$sort_fields = array(
314  '' => '',
315  'date_creation' => l10n('Creation date'),
316  'date_available' => l10n('Post date'),
317  'average_rate' => l10n('Average rate'),
[5021]318  'hit' => l10n('Most visited'),
[1500]319  'file' => l10n('File name'),
320  'id' => 'Id',
[2517]321  'rank' => l10n('Rank'),
[1500]322  );
323
[2223]324$sort_directions = array(
325  'ASC' => l10n('ascending'),
326  'DESC' => l10n('descending'),
327  );
328
329$template->assign( 'image_order_field_options', $sort_fields);
330$template->assign( 'image_order_direction_options', $sort_directions);
331
332$matches = array();
333if ( !empty( $category['image_order'] ) )
334{
335  preg_match_all('/([a-z_]+) *(?:(asc|desc)(?:ending)?)? *(?:, *|$)/i',
336    $category['image_order'], $matches);
337}
338
[1500]339for ($i=0; $i<3; $i++) // 3 fields
340{
[2223]341  $tpl_image_order_select = array(
342      'ID' => $i+1,
343      'FIELD' => array(''),
344      'DIRECTION' => array('ASC'),
345    );
[5335]346
[2223]347  if ( isset($matches[1][$i]) )
[1500]348  {
[2223]349    $tpl_image_order_select['FIELD'] = array($matches[1][$i]);
[1500]350  }
[5335]351
[2223]352  if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
353  {
354    $tpl_image_order_select['DIRECTION'] = array('DESC');
355  }
356  $template->append( 'image_orders', $tpl_image_order_select);
[1500]357}
358
359
[809]360// representant management
[2324]361if ($category['has_images']
[809]362    or !empty($category['representative_picture_id']))
363{
[2223]364  $tpl_representant = array();
[809]365
366  // picture to display : the identified representant or the generic random
367  // representant ?
368  if (!empty($category['representative_picture_id']))
369  {
370    $query = '
[1609]371SELECT id,tn_ext,path
[633]372  FROM '.IMAGES_TABLE.'
373  WHERE id = '.$category['representative_picture_id'].'
374;';
[4325]375    $row = pwg_db_fetch_assoc(pwg_query($query));
[1609]376    $src = get_thumbnail_url($row);
[2286]377    $url = get_root_url().'admin.php?page=picture_modify';
[809]378    $url.= '&amp;image_id='.$category['representative_picture_id'];
[1131]379
[2223]380    $tpl_representant['picture'] =
[809]381      array(
382        'SRC' => $src,
383        'URL' => $url
384      );
385  }
386
387  // can the admin choose to set a new random representant ?
[2324]388  $tpl_representant['ALLOW_SET_RANDOM'] = ($category['has_images']) ? true : false;
[809]389
390  // can the admin delete the current representant ?
391  if (
[2324]392    ($category['has_images']
[809]393     and $conf['allow_random_representative'])
394    or
[2324]395    (!$category['has_images']
[809]396     and !empty($category['representative_picture_id'])))
397  {
[2223]398    $tpl_representant['ALLOW_DELETE'] = true;
[809]399  }
[2223]400  $template->assign('representant', $tpl_representant);
[633]401}
402
[2223]403if ($category['is_virtual'])
[68]404{
[809]405  // the category can be moved in any category but in itself, in any
406  // sub-category
407  $unmovables = get_subcat_ids(array($category['id']));
[1131]408
[809]409  $query = '
410SELECT id,name,uppercats,global_rank
411  FROM '.CATEGORIES_TABLE.'
412  WHERE id NOT IN ('.implode(',', $unmovables).')
413;';
[1131]414
[809]415  display_select_cat_wrapper(
416    $query,
417    empty($category['id_uppercat']) ? array() : array($category['id_uppercat']),
[2223]418    'move_cat_options'
[809]419    );
420}
421
[403]422
[2223]423// create virtual in parent and link
[1064]424$query = '
425SELECT id,name,uppercats,global_rank
426  FROM '.CATEGORIES_TABLE.'
427;';
428display_select_cat_wrapper(
429  $query,
430  array(),
[2223]431  'create_new_parent_options'
[1064]432  );
433
[2223]434
[1064]435// destination categories
436$query = '
[1121]437SELECT id,name,uppercats,global_rank
[1064]438  FROM '.CATEGORIES_TABLE.'
[1121]439  WHERE id != '.$category['id'].'
[1064]440;';
[1121]441display_select_cat_wrapper(
442  $query,
443  array(),
[2223]444  'category_destination_options'
[1064]445  );
446
[1895]447// info by email to an access granted group of category informations
[2140]448if (isset($_POST['submitEmail']) and !empty($_POST['group']))
[1895]449{
[1904]450  set_make_full_url();
451
[5335]452  /* TODO: if $category['representative_picture_id']
[1904]453    is empty find child representative_picture_id */
454  if (!empty($category['representative_picture_id']))
455  {
456    $query = '
457SELECT id, file, path, tn_ext
458  FROM '.IMAGES_TABLE.'
459  WHERE id = '.$category['representative_picture_id'].'
[1895]460;';
[1064]461
[1904]462    $result = pwg_query($query);
[4325]463    if (pwg_db_num_rows($result) > 0)
[1904]464    {
[4325]465      $element = pwg_db_fetch_assoc($result);
[1904]466
467      $img_url  = '<a href="'.
468                      make_picture_url(array(
469                          'image_id' => $element['id'],
470                          'image_file' => $element['file'],
471                          'category' => $category
472                        ))
[3185]473                      .'" class="thumblnk"><img src="'.get_thumbnail_url($element).'"></a>';
[1904]474    }
475  }
[5335]476
[1904]477  if (!isset($img_url))
[1895]478  {
[1904]479    $img_url = '';
480  }
481
482  // TODO Mettre un array pour traduction subjet
483  pwg_mail_group(
484    $_POST['group'],
485    get_str_email_format(true), /* TODO add a checkbox in order to choose format*/
[1916]486    get_l10n_args('[%s] Come to visit the category %s',
487      array($conf['gallery_title'], $category['name'])),
[1904]488    'cat_group_info',
489    array
490    (
491      'IMG_URL' => $img_url,
[1916]492      'CAT_NAME' => $category['name'],
[1904]493      'LINK' => make_index_url(
[1895]494          array(
495            'category' => array(
496              'id' => $category['id'],
497              'name' => $category['name'],
[1904]498              'permalink' => $category['permalink']
499              ))),
[1916]500      'CPL_CONTENT' => empty($_POST['mail_content'])
501                          ? '' : stripslashes($_POST['mail_content'])
[1904]502    ),
503    '' /* TODO Add listbox in order to choose Language selected */);
[1895]504
[1904]505  unset_make_full_url();
506
[1895]507  $query = '
508SELECT
509    name
510  FROM '.GROUPS_TABLE.'
511  WHERE id = '.$_POST['group'].'
512;';
[4325]513  list($group_name) = pwg_db_fetch_row(pwg_query($query));
[5335]514
[1895]515  array_push(
516    $page['infos'],
517    sprintf(
[5207]518      l10n('An information email was sent to group "%s"'),
[1895]519      $group_name
520      )
521    );
522}
523
524if ('private' == $category['status'])
525{
526  $query = '
527SELECT
528    group_id
529  FROM '.GROUP_ACCESS_TABLE.'
530  WHERE cat_id = '.$category['id'].'
531;';
532}
533else
534{
535  $query = '
536SELECT
537    id AS group_id
538  FROM '.GROUPS_TABLE.'
539;';
540}
541$group_ids = array_from_query($query, 'group_id');
542
543if (count($group_ids) > 0)
544{
545  $query = '
546SELECT
547    id,
548    name
549  FROM '.GROUPS_TABLE.'
550  WHERE id IN ('.implode(',', $group_ids).')
551  ORDER BY name ASC
552;';
[2223]553  $template->assign('group_mail_options',
554      simple_hash_from_query($query, 'id', 'name')
555    );
[1895]556}
557
[21]558//----------------------------------------------------------- sending html code
[403]559$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
[362]560?>
Note: See TracBrowser for help on using the repository browser.