Context Navigation

source: trunk/admin/cat_modify.php @ 5367

Last change on this file since 5367 was 5335, checked in by rvelices, 14 years ago
fix cat_modify missing token in url double icon display simplified func check_pwg_token
Property svn:eol-style set to `LF`
File size: 15.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	if (!defined('PHPWG_ROOT_PATH'))
25	{
26	die('Hacking attempt!');
27	}
28
29	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
30
31	// +-----------------------------------------------------------------------+
32	// \| Check Access and exit when user status is not ok \|
33	// +-----------------------------------------------------------------------+
34	check_status(ACCESS_ADMINISTRATOR);
35
36	//---------------------------------------------------------------- verification
37	if ( !isset( $_GET['cat_id'] ) \|\| !is_numeric( $_GET['cat_id'] ) )
38	{
39	trigger_error( 'missing cat_id param', E_USER_ERROR);
40	}
41
42	//--------------------------------------------------------- form criteria check
43	if (isset($_POST['submit']))
44	{
45	$image_order = null;
46	if ( !isset($_POST['image_order_default']) )
47	{
48	for ($i=1; $i<=3; $i++)
49	{
50	if ( !empty($_POST['order_field_'.$i]) )
51	{
52	if (! empty($image_order) )
53	{
54	$image_order .= ',';
55	}
56	$image_order .= $_POST['order_field_'.$i];
57	if ($_POST['order_direction_'.$i]=='DESC')
58	{
59	$image_order .= ' DESC';
60	}
61	}
62	}
63	}
64
65	$data =
66	array(
67	'id' => $_GET['cat_id'],
68	'name' => @$_POST['name'],
69	'commentable' => isset($_POST['commentable'])?$_POST['commentable']:'false',
70	'uploadable' =>
71	isset($_POST['uploadable']) ? $_POST['uploadable'] : 'false',
72	'comment' =>
73	$conf['allow_html_descriptions'] ?
74	@$_POST['comment'] : strip_tags(@$_POST['comment']),
75	'image_order' => $image_order,
76	);
77
78	mass_updates(
79	CATEGORIES_TABLE,
80	array(
81	'primary' => array('id'),
82	'update' => array_diff(array_keys($data), array('id'))
83	),
84	array($data)
85	);
86
87	// retrieve cat infos before continuing (following updates are expensive)
88	$cat_info = get_cat_info($_GET['cat_id']);
89
90	if (isset($_POST['image_order_subcats']))
91	{
92	$query = '
93	UPDATE '.CATEGORIES_TABLE.' SET image_order='.(isset($image_order) ? 'NULL':"'$image_order'").'
94	WHERE uppercats LIKE "'.$cat_info['uppercats'].',%"';
95	pwg_query($query);
96	}
97
98	if ($cat_info['visible'] != get_boolean( $_POST['visible'] ) )
99	{
100	set_cat_visible(array($_GET['cat_id']), $_POST['visible']);
101	}
102	if ($cat_info['status'] != $_POST['status'] )
103	{
104	set_cat_status(array($_GET['cat_id']), $_POST['status']);
105	}
106
107	if (isset($_POST['parent']) and $cat_info['id_uppercat'] != $_POST['parent'])
108	{
109	move_categories( array($_GET['cat_id']), $_POST['parent'] );
110	}
111
112	array_push($page['infos'], l10n('Category informations updated successfully.'));
113	}
114	elseif (isset($_POST['set_random_representant']))
115	{
116	set_random_representant(array($_GET['cat_id']));
117	}
118	elseif (isset($_POST['delete_representant']))
119	{
120	$query = '
121	UPDATE '.CATEGORIES_TABLE.'
122	SET representative_picture_id = NULL
123	WHERE id = '.$_GET['cat_id'].'
124	;';
125	pwg_query($query);
126	}
127	elseif (isset($_POST['submitAdd']))
128	{
129	$output_create = create_virtual_category(
130	$_POST['virtual_name'],
131	(0 == $_POST['parent'] ? null : $_POST['parent'])
132	);
133
134	if (isset($output_create['error']))
135	{
136	array_push($page['errors'], $output_create['error']);
137	}
138	else
139	{
140	// Virtual category creation succeeded
141	//
142	// Add the information in the information list
143	array_push($page['infos'], $output_create['info']);
144
145	// Link the new category to the current category
146	associate_categories_to_categories(
147	array($_GET['cat_id']),
148	array($output_create['id'])
149	);
150
151	// information
152	array_push(
153	$page['infos'],
154	sprintf(
155	l10n('Category elements associated to the following categories: %s'),
156	'<ul><li>'
157	.get_cat_display_name_from_id($output_create['id'])
158	.'</li></ul>'
159	)
160	);
161	}
162	}
163	elseif (isset($_POST['submitDestinations'])
164	and isset($_POST['destinations'])
165	and count($_POST['destinations']) > 0)
166	{
167	associate_categories_to_categories(
168	array($_GET['cat_id']),
169	$_POST['destinations']
170	);
171
172	$category_names = array();
173	foreach ($_POST['destinations'] as $category_id)
174	{
175	array_push(
176	$category_names,
177	get_cat_display_name_from_id($category_id)
178	);
179	}
180
181	array_push(
182	$page['infos'],
183	sprintf(
184	l10n('Category elements associated to the following categories: %s'),
185	'<ul><li>'.implode('</li><li>', $category_names).'</li></ul>'
186	)
187	);
188	}
189
190	$query = '
191	SELECT *
192	FROM '.CATEGORIES_TABLE.'
193	WHERE id = '.$_GET['cat_id'].'
194	;';
195	$category = pwg_db_fetch_assoc( pwg_query( $query ) );
196	// nullable fields
197	foreach (array('comment','dir','site_id', 'id_uppercat') as $nullable)
198	{
199	if (!isset($category[$nullable]))
200	{
201	$category[$nullable] = '';
202	}
203	}
204
205	$category['is_virtual'] = empty($category['dir']) ? true : false;
206
207	$query = 'SELECT DISTINCT category_id
208	FROM '.IMAGE_CATEGORY_TABLE.'
209	WHERE category_id = '.$_GET['cat_id'].'
210	LIMIT 1';
211	$result = pwg_query($query);
212	$category['has_images'] = pwg_db_num_rows($result)>0 ? true : false;
213
214	// Navigation path
215	$navigation = get_cat_display_name_cache(
216	$category['uppercats'],
217	get_root_url().'admin.php?page=cat_modify&cat_id='
218	);
219
220	$form_action = get_root_url().'admin.php?page=cat_modify&cat_id='.$_GET['cat_id'];
221
222	//----------------------------------------------------- template initialization
223	$template->set_filename( 'categories', 'cat_modify.tpl');
224
225	$base_url = get_root_url().'admin.php?page=';
226	$cat_list_url = $base_url.'cat_list';
227
228	$self_url = $cat_list_url;
229	if (!empty($category['id_uppercat']))
230	{
231	$self_url.= '&parent_id='.$category['id_uppercat'];
232	}
233
234	$template->assign(
235	array(
236	'CATEGORIES_NAV' => $navigation,
237	'CAT_ID' => $category['id'],
238	'CAT_NAME' => @htmlspecialchars($category['name']),
239	'CAT_COMMENT' => @htmlspecialchars($category['comment']),
240
241	'status_values' => array('public','private'),
242
243	'CAT_STATUS' => $category['status'],
244	'CAT_VISIBLE' => boolean_to_string($category['visible']),
245	'CAT_COMMENTABLE' => boolean_to_string($category['commentable']),
246	'CAT_UPLOADABLE' => boolean_to_string($category['uploadable']),
247
248	'IMG_ORDER_DEFAULT' => empty($category['image_order']) ?
249	'checked="checked"' : '',
250
251	'U_JUMPTO' => make_index_url(
252	array(
253	'category' => $category
254	)
255	),
256
257	'MAIL_CONTENT' => empty($_POST['mail_content'])
258	? '' : stripslashes($_POST['mail_content']),
259	'U_CHILDREN' => $cat_list_url.'&parent_id='.$category['id'],
260	'U_HELP' => get_root_url().'popuphelp.php?page=cat_modify',
261
262	'F_ACTION' => $form_action,
263	)
264	);
265
266
267	if ('private' == $category['status'])
268	{
269	$template->assign( 'U_MANAGE_PERMISSIONS',
270	$base_url.'cat_perm&cat='.$category['id']
271	);
272	}
273
274	// manage category elements link
275	if ($category['has_images'])
276	{
277	$template->assign(
278	'U_MANAGE_ELEMENTS',
279	$base_url.'element_set&cat='.$category['id']
280	);
281	$template->assign(
282	'U_MANAGE_RANKS',
283	$base_url.'element_set_ranks&cat_id='.$category['id']
284	);
285	}
286
287	if ($category['is_virtual'])
288	{
289	$template->assign(
290	array(
291	'U_DELETE' => $self_url.'&delete='.$category['id'].'&pwg_token='.get_pwg_token(),
292	)
293	);
294	}
295	else
296	{
297	$category['cat_full_dir'] = get_complete_dir($_GET['cat_id']);
298	$template->assign(
299	array(
300	'CAT_FULL_DIR' => preg_replace('/\/$/',
301	'',
302	$category['cat_full_dir'] )
303	)
304	);
305	if (!url_is_remote($category['cat_full_dir']) )
306	{
307	$template->assign('SHOW_UPLOADABLE', true);
308	}
309	}
310
311	// image order management
312
313	$sort_fields = array(
314	'' => '',
315	'date_creation' => l10n('Creation date'),
316	'date_available' => l10n('Post date'),
317	'average_rate' => l10n('Average rate'),
318	'hit' => l10n('Most visited'),
319	'file' => l10n('File name'),
320	'id' => 'Id',
321	'rank' => l10n('Rank'),
322	);
323
324	$sort_directions = array(
325	'ASC' => l10n('ascending'),
326	'DESC' => l10n('descending'),
327	);
328
329	$template->assign( 'image_order_field_options', $sort_fields);
330	$template->assign( 'image_order_direction_options', $sort_directions);
331
332	$matches = array();
333	if ( !empty( $category['image_order'] ) )
334	{
335	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
336	$category['image_order'], $matches);
337	}
338
339	for ($i=0; $i<3; $i++) // 3 fields
340	{
341	$tpl_image_order_select = array(
342	'ID' => $i+1,
343	'FIELD' => array(''),
344	'DIRECTION' => array('ASC'),
345	);
346
347	if ( isset($matches[1][$i]) )
348	{
349	$tpl_image_order_select['FIELD'] = array($matches[1][$i]);
350	}
351
352	if (isset($matches[2][$i]) and strcasecmp($matches[2][$i],'DESC')==0)
353	{
354	$tpl_image_order_select['DIRECTION'] = array('DESC');
355	}
356	$template->append( 'image_orders', $tpl_image_order_select);
357	}
358
359
360	// representant management
361	if ($category['has_images']
362	or !empty($category['representative_picture_id']))
363	{
364	$tpl_representant = array();
365
366	// picture to display : the identified representant or the generic random
367	// representant ?
368	if (!empty($category['representative_picture_id']))
369	{
370	$query = '
371	SELECT id,tn_ext,path
372	FROM '.IMAGES_TABLE.'
373	WHERE id = '.$category['representative_picture_id'].'
374	;';
375	$row = pwg_db_fetch_assoc(pwg_query($query));
376	$src = get_thumbnail_url($row);
377	$url = get_root_url().'admin.php?page=picture_modify';
378	$url.= '&image_id='.$category['representative_picture_id'];
379
380	$tpl_representant['picture'] =
381	array(
382	'SRC' => $src,
383	'URL' => $url
384	);
385	}
386
387	// can the admin choose to set a new random representant ?
388	$tpl_representant['ALLOW_SET_RANDOM'] = ($category['has_images']) ? true : false;
389
390	// can the admin delete the current representant ?
391	if (
392	($category['has_images']
393	and $conf['allow_random_representative'])
394	or
395	(!$category['has_images']
396	and !empty($category['representative_picture_id'])))
397	{
398	$tpl_representant['ALLOW_DELETE'] = true;
399	}
400	$template->assign('representant', $tpl_representant);
401	}
402
403	if ($category['is_virtual'])
404	{
405	// the category can be moved in any category but in itself, in any
406	// sub-category
407	$unmovables = get_subcat_ids(array($category['id']));
408
409	$query = '
410	SELECT id,name,uppercats,global_rank
411	FROM '.CATEGORIES_TABLE.'
412	WHERE id NOT IN ('.implode(',', $unmovables).')
413	;';
414
415	display_select_cat_wrapper(
416	$query,
417	empty($category['id_uppercat']) ? array() : array($category['id_uppercat']),
418	'move_cat_options'
419	);
420	}
421
422
423	// create virtual in parent and link
424	$query = '
425	SELECT id,name,uppercats,global_rank
426	FROM '.CATEGORIES_TABLE.'
427	;';
428	display_select_cat_wrapper(
429	$query,
430	array(),
431	'create_new_parent_options'
432	);
433
434
435	// destination categories
436	$query = '
437	SELECT id,name,uppercats,global_rank
438	FROM '.CATEGORIES_TABLE.'
439	WHERE id != '.$category['id'].'
440	;';
441	display_select_cat_wrapper(
442	$query,
443	array(),
444	'category_destination_options'
445	);
446
447	// info by email to an access granted group of category informations
448	if (isset($_POST['submitEmail']) and !empty($_POST['group']))
449	{
450	set_make_full_url();
451
452	/* TODO: if $category['representative_picture_id']
453	is empty find child representative_picture_id */
454	if (!empty($category['representative_picture_id']))
455	{
456	$query = '
457	SELECT id, file, path, tn_ext
458	FROM '.IMAGES_TABLE.'
459	WHERE id = '.$category['representative_picture_id'].'
460	;';
461
462	$result = pwg_query($query);
463	if (pwg_db_num_rows($result) > 0)
464	{
465	$element = pwg_db_fetch_assoc($result);
466
467	$img_url = '<a href="'.
468	make_picture_url(array(
469	'image_id' => $element['id'],
470	'image_file' => $element['file'],
471	'category' => $category
472	))
473	.'" class="thumblnk"><img src="'.get_thumbnail_url($element).'"></a>';
474	}
475	}
476
477	if (!isset($img_url))
478	{
479	$img_url = '';
480	}
481
482	// TODO Mettre un array pour traduction subjet
483	pwg_mail_group(
484	$_POST['group'],
485	get_str_email_format(true), /* TODO add a checkbox in order to choose format*/
486	get_l10n_args('[%s] Come to visit the category %s',
487	array($conf['gallery_title'], $category['name'])),
488	'cat_group_info',
489	array
490	(
491	'IMG_URL' => $img_url,
492	'CAT_NAME' => $category['name'],
493	'LINK' => make_index_url(
494	array(
495	'category' => array(
496	'id' => $category['id'],
497	'name' => $category['name'],
498	'permalink' => $category['permalink']
499	))),
500	'CPL_CONTENT' => empty($_POST['mail_content'])
501	? '' : stripslashes($_POST['mail_content'])
502	),
503	'' /* TODO Add listbox in order to choose Language selected */);
504
505	unset_make_full_url();
506
507	$query = '
508	SELECT
509	name
510	FROM '.GROUPS_TABLE.'
511	WHERE id = '.$_POST['group'].'
512	;';
513	list($group_name) = pwg_db_fetch_row(pwg_query($query));
514
515	array_push(
516	$page['infos'],
517	sprintf(
518	l10n('An information email was sent to group "%s"'),
519	$group_name
520	)
521	);
522	}
523
524	if ('private' == $category['status'])
525	{
526	$query = '
527	SELECT
528	group_id
529	FROM '.GROUP_ACCESS_TABLE.'
530	WHERE cat_id = '.$category['id'].'
531	;';
532	}
533	else
534	{
535	$query = '
536	SELECT
537	id AS group_id
538	FROM '.GROUPS_TABLE.'
539	;';
540	}
541	$group_ids = array_from_query($query, 'group_id');
542
543	if (count($group_ids) > 0)
544	{
545	$query = '
546	SELECT
547	id,
548	name
549	FROM '.GROUPS_TABLE.'
550	WHERE id IN ('.implode(',', $group_ids).')
551	ORDER BY name ASC
552	;';
553	$template->assign('group_mail_options',
554	simple_hash_from_query($query, 'id', 'name')
555	);
556	}
557
558	//----------------------------------------------------------- sending html code
559	$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
560	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: