Context Navigation

element_set_global.php @ 5195

Last change on this file since 5195 was 5195, checked in by plg, 14 years ago

bug 1328: backport the pwg_token on trunk

bug 1329: backport the check_input_parameter on trunk

feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring
on this feature to make the code simpler and easier to maintain (I hope).

Property svn:eol-style set to LF

File size: 13.4 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	/**
25	* Management of elements set. Elements can belong to a category or to the
26	* user caddie.
27	*
28	*/
29
30	if (!defined('PHPWG_ROOT_PATH'))
31	{
32	die('Hacking attempt!');
33	}
34
35	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
36
37	// +-----------------------------------------------------------------------+
38	// \| Check Access and exit when user status is not ok \|
39	// +-----------------------------------------------------------------------+
40	check_status(ACCESS_ADMINISTRATOR);
41
42	// +-----------------------------------------------------------------------+
43	// \| deletion form submission \|
44	// +-----------------------------------------------------------------------+
45
46	// the $_POST['selection'] was already checked in element_set.php
47	check_input_parameter('del_tags', $_POST, true, PATTERN_ID);
48	check_input_parameter('associate', $_POST, false, PATTERN_ID);
49	check_input_parameter('dissociate', $_POST, false, PATTERN_ID);
50
51	if (isset($_POST['delete']))
52	{
53	if (isset($_POST['confirm_deletion']) and 1 == $_POST['confirm_deletion'])
54	{
55	$collection = array();
56
57	switch ($_POST['target_deletion'])
58	{
59	case 'all' :
60	{
61	$collection = $page['cat_elements_id'];
62	break;
63	}
64	case 'selection' :
65	{
66	if (!isset($_POST['selection']) or count($_POST['selection']) == 0)
67	{
68	array_push($page['errors'], l10n('Select at least one picture'));
69	}
70	else
71	{
72	$collection = $_POST['selection'];
73	}
74	break;
75	}
76	}
77
78	// filter selection on photos that have no storage_category_id (ie that
79	// were added via pLoader)
80	if (count($collection) > 0)
81	{
82	$query = '
83	SELECT
84	id
85	FROM '.IMAGES_TABLE.'
86	WHERE id IN ('.implode(',', $collection).')
87	AND storage_category_id IS NULL
88	;';
89	$deletables = array_from_query($query, 'id');
90
91	if (count($deletables) > 0)
92	{
93	$physical_deletion = true;
94	delete_elements($deletables, $physical_deletion);
95
96	array_push(
97	$page['infos'],
98	sprintf(
99	l10n_dec(
100	'%d photo was deleted',
101	'%d photos were deleted',
102	count($deletables)
103	),
104	count($deletables)
105	)
106	);
107	}
108	else
109	{
110	array_push($page['errors'], l10n('No photo can be deleted'));
111	}
112	}
113	}
114	else
115	{
116	array_push($page['errors'], l10n('You need to confirm deletion'));
117	}
118	}
119
120	// +-----------------------------------------------------------------------+
121	// \| global mode form submission \|
122	// +-----------------------------------------------------------------------+
123
124	if (isset($_POST['submit']))
125	{
126	$collection = array();
127
128	// echo '<pre>';
129	// print_r($_POST);
130	// echo '</pre>';
131	// exit();
132
133	switch ($_POST['target'])
134	{
135	case 'all' :
136	{
137	$collection = $page['cat_elements_id'];
138	break;
139	}
140	case 'selection' :
141	{
142	if (!isset($_POST['selection']) or count($_POST['selection']) == 0)
143	{
144	array_push($page['errors'], l10n('Select at least one picture'));
145	}
146	else
147	{
148	$collection = $_POST['selection'];
149	}
150	break;
151	}
152	}
153
154	if (isset($_POST['add_tags']) and count($collection) > 0)
155	{
156	$tag_ids = get_fckb_tag_ids($_POST['add_tags']);
157	add_tags($tag_ids, $collection);
158	}
159
160	if (isset($_POST['del_tags']) and count($collection) > 0)
161	{
162	$query = '
163	DELETE
164	FROM '.IMAGE_TAG_TABLE.'
165	WHERE image_id IN ('.implode(',', $collection).')
166	AND tag_id IN ('.implode(',', $_POST['del_tags']).')
167	;';
168	pwg_query($query);
169	}
170
171	if ($_POST['associate'] != 0 and count($collection) > 0)
172	{
173	associate_images_to_categories(
174	$collection,
175	array($_POST['associate'])
176	);
177	}
178
179	if ($_POST['dissociate'] != 0 and count($collection) > 0)
180	{
181	// physical links must not be broken, so we must first retrieve image_id
182	// which create virtual links with the category to "dissociate from".
183	$query = '
184	SELECT id
185	FROM '.IMAGE_CATEGORY_TABLE.'
186	INNER JOIN '.IMAGES_TABLE.' ON image_id = id
187	WHERE category_id = '.$_POST['dissociate'].'
188	AND id IN ('.implode(',', $collection).')
189	AND (
190	category_id != storage_category_id
191	OR storage_category_id IS NULL
192	)
193	;';
194	$dissociables = array_from_query($query, 'id');
195
196	if (!empty($dissociables))
197	{
198	$query = '
199	DELETE
200	FROM '.IMAGE_CATEGORY_TABLE.'
201	WHERE category_id = '.$_POST['dissociate'].'
202	AND image_id IN ('.implode(',', $dissociables).')
203	';
204	pwg_query($query);
205
206	// we remove the dissociated images if we are currently displaying the
207	// category to dissociate from.
208	if (is_numeric($_GET['cat']) and $_POST['dissociate'] == $_GET['cat'])
209	{
210	$page['cat_elements_id'] = array_diff(
211	$page['cat_elements_id'],
212	$dissociables
213	);
214	}
215	}
216
217	update_category($_POST['dissociate']);
218	}
219
220	$datas = array();
221	$dbfields = array('primary' => array('id'), 'update' => array());
222
223	$formfields = array('author', 'name', 'date_creation', 'level');
224	foreach ($formfields as $formfield)
225	{
226	if ($_POST[$formfield.'_action'] != 'leave')
227	{
228	array_push($dbfields['update'], $formfield);
229	}
230	}
231
232	// updating elements is useful only if needed...
233	if (count($dbfields['update']) > 0 and count($collection) > 0)
234	{
235	$query = '
236	SELECT id
237	FROM '.IMAGES_TABLE.'
238	WHERE id IN ('.implode(',', $collection).')
239	;';
240	$result = pwg_query($query);
241
242	while ($row = pwg_db_fetch_assoc($result))
243	{
244	$data = array();
245	$data['id'] = $row['id'];
246
247	if ('set' == $_POST['author_action'])
248	{
249	$data['author'] = $_POST['author'];
250	if ('' == $data['author'])
251	{
252	unset($data['author']);
253	}
254	}
255
256	if ('set' == $_POST['name_action'])
257	{
258	$data['name'] = $_POST['name'];
259	if ('' == $data['name'])
260	{
261	unset($data['name']);
262	}
263	}
264
265	if ('set' == $_POST['date_creation_action'])
266	{
267	$data['date_creation'] =
268	$_POST['date_creation_year']
269	.'-'.$_POST['date_creation_month']
270	.'-'.$_POST['date_creation_day']
271	;
272	}
273
274	if ('set' == $_POST['level_action'])
275	{
276	$data['level'] = $_POST['level'];
277	}
278
279	array_push($datas, $data);
280	}
281	// echo '<pre>'; print_r($datas); echo '</pre>';
282	mass_updates(IMAGES_TABLE, $dbfields, $datas);
283	}
284	}
285
286	// +-----------------------------------------------------------------------+
287	// \| template init \|
288	// +-----------------------------------------------------------------------+
289	$template->set_filenames(
290	array('element_set_global' => 'element_set_global.tpl'));
291
292	$base_url = get_root_url().'admin.php';
293
294	// $form_action = $base_url.'?page=element_set_global';
295
296	$template->assign(
297	array(
298	'CATEGORIES_NAV'=>$page['title'],
299
300	'U_DISPLAY'=>$base_url.get_query_string_diff(array('display')),
301
302	'U_UNIT_MODE'
303	=>
304	$base_url
305	.get_query_string_diff(array('mode','display'))
306	.'&mode=unit',
307
308	'F_ACTION'=>$base_url.get_query_string_diff(array()),
309	)
310	);
311
312	// +-----------------------------------------------------------------------+
313	// \| caddie options \|
314	// +-----------------------------------------------------------------------+
315
316	$template->assign('IN_CADDIE', 'caddie' == $_GET['cat'] ? true : false );
317
318	// +-----------------------------------------------------------------------+
319	// \| deletion form \|
320	// +-----------------------------------------------------------------------+
321
322	// we can only remove photos that have no storage_category_id, in other
323	// word, it currently (Butterfly) means that the photo was added with
324	// pLoader
325	if (count($page['cat_elements_id']) > 0)
326	{
327	$query = '
328	SELECT
329	COUNT(*)
330	FROM '.IMAGES_TABLE.'
331	WHERE id IN ('.implode(',', $page['cat_elements_id']).')
332	AND storage_category_id IS NULL
333	;';
334	list($counter) = pwg_db_fetch_row(pwg_query($query));
335
336	if ($counter > 0)
337	{
338	$template->assign('show_delete_form', true);
339	}
340	}
341
342	// +-----------------------------------------------------------------------+
343	// \| global mode form \|
344	// +-----------------------------------------------------------------------+
345
346	// Virtualy associate a picture to a category
347	$query = '
348	SELECT id,name,uppercats,global_rank
349	FROM '.CATEGORIES_TABLE.'
350	;';
351	display_select_cat_wrapper($query, array(), 'associate_options', true);
352
353	// Dissociate from a category : categories listed for dissociation can
354	// only represent virtual links. Links to physical categories can't be
355	// broken
356	if (count($page['cat_elements_id']) > 0)
357	{
358	$query = '
359	SELECT
360	DISTINCT(category_id) AS id,
361	c.name,
362	c.uppercats,
363	c.global_rank
364	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
365	JOIN '.CATEGORIES_TABLE.' AS c ON c.id = ic.category_id
366	JOIN '.IMAGES_TABLE.' AS i ON i.id = ic.image_id
367	WHERE ic.image_id IN ('.implode(',', $page['cat_elements_id']).')
368	AND (
369	ic.category_id != i.storage_category_id
370	OR i.storage_category_id IS NULL
371	)
372	;';
373	display_select_cat_wrapper($query, array(), 'dissociate_options', true);
374	}
375
376	if (count($page['cat_elements_id']) > 0)
377	{
378	// remove tags
379	$tags = get_common_tags($page['cat_elements_id'], -1);
380
381	$template->assign(
382	array(
383	'DEL_TAG_SELECTION' => get_html_tag_selection($tags, 'del_tags'),
384	)
385	);
386	}
387
388	// creation date
389	$day =
390	empty($_POST['date_creation_day']) ? date('j') : $_POST['date_creation_day'];
391
392	$month =
393	empty($_POST['date_creation_month']) ? date('n') : $_POST['date_creation_month'];
394
395	$year =
396	empty($_POST['date_creation_year']) ? date('Y') : $_POST['date_creation_year'];
397
398	$month_list = $lang['month'];
399	$month_list[0]='------------';
400	ksort($month_list);
401	$template->assign( array(
402	'month_list' => $month_list,
403	'DATE_CREATION_DAY' => (int)$day,
404	'DATE_CREATION_MONTH'=> (int)$month,
405	'DATE_CREATION_YEAR' => (int)$year,
406	)
407	);
408
409	// image level options
410	$tpl_options = array();
411	foreach ($conf['available_permission_levels'] as $level)
412	{
413	$tpl_options[$level] = l10n( sprintf('Level %d', $level) );
414	}
415	$template->assign(
416	array(
417	'level_options'=> $tpl_options,
418	)
419	);
420
421	// +-----------------------------------------------------------------------+
422	// \| global mode thumbnails \|
423	// +-----------------------------------------------------------------------+
424
425	// how many items to display on this page
426	if (!empty($_GET['display']))
427	{
428	if ('all' == $_GET['display'])
429	{
430	$page['nb_images'] = count($page['cat_elements_id']);
431	}
432	else
433	{
434	$page['nb_images'] = intval($_GET['display']);
435	}
436	}
437	else
438	{
439	$page['nb_images'] = 20;
440	}
441
442	if (count($page['cat_elements_id']) > 0)
443	{
444	$nav_bar = create_navigation_bar(
445	$base_url.get_query_string_diff(array('start')),
446	count($page['cat_elements_id']),
447	$page['start'],
448	$page['nb_images']
449	);
450	$template->assign('navbar', $nav_bar);
451
452	$query = '
453	SELECT id,path,tn_ext,file,filesize,level
454	FROM '.IMAGES_TABLE.'
455	WHERE id IN ('.implode(',', $page['cat_elements_id']).')
456	'.$conf['order_by'].'
457	LIMIT '.$page['nb_images'].' OFFSET '.$page['start'].'
458	;';
459	$result = pwg_query($query);
460
461	// template thumbnail initialization
462	while ($row = pwg_db_fetch_assoc($result))
463	{
464	$src = get_thumbnail_url($row);
465
466	$template->append(
467	'thumbnails',
468	array(
469	'ID' => $row['id'],
470	'TN_SRC' => $src,
471	'FILE' => $row['file'],
472	'TITLE' => get_thumbnail_title($row),
473	'LEVEL' => $row['level']
474	)
475	);
476	}
477	}
478
479	//----------------------------------------------------------- sending html code
480	$template->assign_var_from_handle('ADMIN_CONTENT', 'element_set_global');
481	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/admin/element_set_global.php @ 5195

Download in other formats: