Context Navigation

source: trunk/include/ws_functions.inc.php @ 11756

Last change on this file since 11756 was 11756, checked in by plg, 13 years ago

merge r11755 from branch 2.2 to trunk

feature 2243 added: pwg.session.getStatus returns current date (used for images.date_available field, ie database time)

Property svn:eol-style set to LF

File size: 76.2 KB

Rev	Line
[1698]	1	<?php
	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[8728]	5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[1698]	23
	24	/** IMPLEMENTATION OF WEB SERVICE METHODS *********************************/
	25
	26	/**
[1768]	27	* Event handler for method invocation security check. Should return a PwgError
	28	* if the preconditions are not satifsied for method invocation.
	29	*/
	30	function ws_isInvokeAllowed($res, $methodName, $params)
	31	{
[2572]	32	global $conf;
[2119]	33
[1849]	34	if ( strpos($methodName,'reflection.')===0 )
	35	{ // OK for reflection
	36	return $res;
	37	}
[2119]	38
[1849]	39	if ( !is_autorize_status(ACCESS_GUEST) and
	40	strpos($methodName,'pwg.session.')!==0 )
[1768]	41	{
[1849]	42	return new PwgError(401, 'Access denied');
	43	}
[2119]	44
[1768]	45	return $res;
	46	}
	47
	48	/**
[1698]	49	* returns a "standard" (for our web service) array of sql where clauses that
[1711]	50	* filters the images (images table only)
	51	*/
[1698]	52	function ws_std_image_sql_filter( $params, $tbl_name='' )
	53	{
	54	$clauses = array();
	55	if ( is_numeric($params['f_min_rate']) )
	56	{
	57	$clauses[] = $tbl_name.'average_rate>'.$params['f_min_rate'];
	58	}
	59	if ( is_numeric($params['f_max_rate']) )
	60	{
	61	$clauses[] = $tbl_name.'average_rate<='.$params['f_max_rate'];
	62	}
	63	if ( is_numeric($params['f_min_hit']) )
	64	{
	65	$clauses[] = $tbl_name.'hit>'.$params['f_min_hit'];
	66	}
	67	if ( is_numeric($params['f_max_hit']) )
	68	{
	69	$clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
	70	}
[9576]	71	if ( isset($params['f_min_date_available']) )
[1698]	72	{
[9576]	73	$clauses[] = $tbl_name."date_available>='".$params['f_min_date_available']."'";
[1698]	74	}
[9576]	75	if ( isset($params['f_max_date_available']) )
[1698]	76	{
[9576]	77	$clauses[] = $tbl_name."date_available<'".$params['f_max_date_available']."'";
[1698]	78	}
	79	if ( isset($params['f_min_date_created']) )
	80	{
	81	$clauses[] = $tbl_name."date_creation>='".$params['f_min_date_created']."'";
	82	}
	83	if ( isset($params['f_max_date_created']) )
	84	{
	85	$clauses[] = $tbl_name."date_creation<'".$params['f_max_date_created']."'";
	86	}
	87	if ( is_numeric($params['f_min_ratio']) )
	88	{
	89	$clauses[] = $tbl_name.'width/'.$tbl_name.'height>'.$params['f_min_ratio'];
	90	}
	91	if ( is_numeric($params['f_max_ratio']) )
	92	{
	93	$clauses[] = $tbl_name.'width/'.$tbl_name.'height<='.$params['f_max_ratio'];
	94	}
	95	if ( $params['f_with_thumbnail'] )
	96	{
	97	$clauses[] = $tbl_name.'tn_ext IS NOT NULL';
	98	}
	99	return $clauses;
	100	}
	101
	102	/**
	103	* returns a "standard" (for our web service) ORDER BY sql clause for images
[1711]	104	*/
[1698]	105	function ws_std_image_sql_order( $params, $tbl_name='' )
	106	{
	107	$ret = '';
	108	if ( empty($params['order']) )
	109	{
	110	return $ret;
	111	}
	112	$matches = array();
	113	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
	114	$params['order'], $matches);
	115	for ($i=0; $i<count($matches[1]); $i++)
	116	{
	117	switch ($matches[1][$i])
	118	{
	119	case 'date_created':
	120	$matches[1][$i] = 'date_creation'; break;
	121	case 'date_posted':
	122	$matches[1][$i] = 'date_available'; break;
	123	case 'rand': case 'random':
[4367]	124	$matches[1][$i] = DB_RANDOM_FUNCTION.'()'; break;
[1698]	125	}
[1711]	126	$sortable_fields = array('id', 'file', 'name', 'hit', 'average_rate',
[4367]	127	'date_creation', 'date_available', DB_RANDOM_FUNCTION.'()' );
[1698]	128	if ( in_array($matches[1][$i], $sortable_fields) )
	129	{
	130	if (!empty($ret))
	131	$ret .= ', ';
[4367]	132	if ($matches[1][$i] != DB_RANDOM_FUNCTION.'()' )
[1698]	133	{
	134	$ret .= $tbl_name;
	135	}
	136	$ret .= $matches[1][$i];
	137	$ret .= ' '.$matches[2][$i];
	138	}
	139	}
	140	return $ret;
	141	}
	142
	143	/**
	144	* returns an array map of urls (thumb/element) for image_row - to be returned
	145	* in a standard way by different web service methods
[1711]	146	*/
[1698]	147	function ws_std_get_urls($image_row)
	148	{
	149	$ret = array(
[1711]	150	'tn_url' => get_thumbnail_url($image_row),
[1698]	151	'element_url' => get_element_url($image_row)
	152	);
	153	global $user;
	154	if ($user['enabled_high'] and $image_row['has_high'] )
	155	{
	156	$ret['high_url'] = get_high_url($image_row);
	157	}
	158	return $ret;
	159	}
	160
[1845]	161	/**
	162	* returns an array of image attributes that are to be encoded as xml attributes
	163	* instead of xml elements
	164	*/
	165	function ws_std_get_image_xml_attributes()
	166	{
	167	return array(
[11116]	168	'id','tn_url','element_url','high_url', 'file','width','height','hit','date_available','date_creation'
[1845]	169	);
	170	}
[1698]	171
[1781]	172	/**
	173	* returns PWG version (web service method)
	174	*/
[1698]	175	function ws_getVersion($params, &$service)
	176	{
[1852]	177	global $conf;
[9742]	178	if ($conf['show_version'] or is_admin() )
[1852]	179	return PHPWG_VERSION;
	180	else
	181	return new PwgError(403, 'Forbidden');
[1698]	182	}
	183
[10017]	184	/**
	185	* returns general informations (web service method)
	186	*/
	187	function ws_getInfos($params, &$service)
	188	{
[10061]	189	if (!is_admin())
[10017]	190	{
[10061]	191	return new PwgError(403, 'Forbidden');
[10017]	192	}
[10061]	193
	194	$infos['version'] = PHPWG_VERSION;
[10017]	195
	196	$query = 'SELECT COUNT(*) FROM '.IMAGES_TABLE.';';
	197	list($infos['nb_elements']) = pwg_db_fetch_row(pwg_query($query));
	198
	199	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.';';
	200	list($infos['nb_categories']) = pwg_db_fetch_row(pwg_query($query));
	201
	202	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NULL;';
	203	list($infos['nb_virtual']) = pwg_db_fetch_row(pwg_query($query));
	204
	205	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NOT NULL;';
	206	list($infos['nb_physical']) = pwg_db_fetch_row(pwg_query($query));
	207
	208	$query = 'SELECT COUNT(*) FROM '.IMAGE_CATEGORY_TABLE.';';
	209	list($infos['nb_image_category']) = pwg_db_fetch_row(pwg_query($query));
	210
	211	$query = 'SELECT COUNT(*) FROM '.TAGS_TABLE.';';
	212	list($infos['nb_tags']) = pwg_db_fetch_row(pwg_query($query));
	213
	214	$query = 'SELECT COUNT(*) FROM '.IMAGE_TAG_TABLE.';';
	215	list($infos['nb_image_tag']) = pwg_db_fetch_row(pwg_query($query));
	216
	217	$query = 'SELECT COUNT(*) FROM '.USERS_TABLE.';';
	218	list($infos['nb_users']) = pwg_db_fetch_row(pwg_query($query));
	219
	220	$query = 'SELECT COUNT(*) FROM '.GROUPS_TABLE.';';
	221	list($infos['nb_groups']) = pwg_db_fetch_row(pwg_query($query));
	222
	223	$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.';';
	224	list($infos['nb_comments']) = pwg_db_fetch_row(pwg_query($query));
	225
	226	// first element
	227	if ($infos['nb_elements'] > 0)
	228	{
	229	$query = 'SELECT MIN(date_available) FROM '.IMAGES_TABLE.';';
	230	list($infos['first_date']) = pwg_db_fetch_row(pwg_query($query));
	231	}
	232
	233	// unvalidated comments
[10061]	234	if ($infos['nb_comments'] > 0)
[10017]	235	{
	236	$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.' WHERE validated=\'false\';';
	237	list($infos['nb_unvalidated_comments']) = pwg_db_fetch_row(pwg_query($query));
	238	}
	239
	240	foreach ($infos as $name => $value)
	241	{
	242	$output[] = array(
	243	'name' => $name,
	244	'value' => $value,
	245	);
	246	}
	247
	248	return array('infos' => new PwgNamedArray($output, 'item'));
	249	}
	250
[2429]	251	function ws_caddie_add($params, &$service)
	252	{
	253	if (!is_admin())
	254	{
	255	return new PwgError(401, 'Access denied');
	256	}
[2770]	257	$params['image_id'] = array_map( 'intval',$params['image_id'] );
[2429]	258	if ( empty($params['image_id']) )
	259	{
	260	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	261	}
	262	global $user;
	263	$query = '
	264	SELECT id
	265	FROM '.IMAGES_TABLE.' LEFT JOIN '.CADDIE_TABLE.' ON id=element_id AND user_id='.$user['id'].'
	266	WHERE id IN ('.implode(',',$params['image_id']).')
	267	AND element_id IS NULL';
	268	$datas = array();
	269	foreach ( array_from_query($query, 'id') as $id )
	270	{
	271	array_push($datas, array('element_id'=>$id, 'user_id'=>$user['id']) );
	272	}
	273	if (count($datas))
	274	{
	275	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	276	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
	277	}
	278	return count($datas);
	279	}
[1781]	280
[1698]	281	/**
[1781]	282	* returns images per category (web service method)
[1711]	283	*/
[1698]	284	function ws_categories_getImages($params, &$service)
	285	{
	286	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
	287	global $user, $conf;
	288
	289	$images = array();
	290
	291	//------------------------------------------------- get the related categories
	292	$where_clauses = array();
	293	foreach($params['cat_id'] as $cat_id)
	294	{
	295	$cat_id = (int)$cat_id;
	296	if ($cat_id<=0)
	297	continue;
	298	if ($params['recursive'])
	299	{
[4367]	300	$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.$cat_id.'(,\|$)\'';
[1698]	301	}
	302	else
	303	{
	304	$where_clauses[] = 'id='.$cat_id;
	305	}
	306	}
	307	if (!empty($where_clauses))
	308	{
	309	$where_clauses = array( '('.
	310	implode('
	311	OR ', $where_clauses) . ')'
	312	);
	313	}
[2119]	314	$where_clauses[] = get_sql_condition_FandF(
	315	array('forbidden_categories' => 'id'),
	316	NULL, true
	317	);
[1698]	318
	319	$query = '
[1866]	320	SELECT id, name, permalink, image_order
[1698]	321	FROM '.CATEGORIES_TABLE.'
	322	WHERE '. implode('
	323	AND ', $where_clauses);
	324	$result = pwg_query($query);
	325	$cats = array();
[4325]	326	while ($row = pwg_db_fetch_assoc($result))
[1698]	327	{
	328	$row['id'] = (int)$row['id'];
	329	$cats[ $row['id'] ] = $row;
	330	}
	331
	332	//-------------------------------------------------------- get the images
	333	if ( !empty($cats) )
	334	{
	335	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
	336	$where_clauses[] = 'category_id IN ('
	337	.implode(',', array_keys($cats) )
	338	.')';
[1781]	339	$where_clauses[] = get_sql_condition_FandF( array(
	340	'visible_images' => 'i.id'
	341	), null, true
	342	);
[1756]	343
[1698]	344	$order_by = ws_std_image_sql_order($params, 'i.');
[1852]	345	if ( empty($order_by)
	346	and count($params['cat_id'])==1
	347	and isset($cats[ $params['cat_id'][0] ]['image_order'])
	348	)
[1698]	349	{
[1852]	350	$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
[1698]	351	}
[1852]	352	$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
	353
[1698]	354	$query = '
[6652]	355	SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids
[1698]	356	FROM '.IMAGES_TABLE.' i
	357	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
	358	WHERE '. implode('
	359	AND ', $where_clauses).'
	360	GROUP BY i.id
	361	'.$order_by.'
[4334]	362	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
[1698]	363
	364	$result = pwg_query($query);
[4325]	365	while ($row = pwg_db_fetch_assoc($result))
[1698]	366	{
	367	$image = array();
	368	foreach ( array('id', 'width', 'height', 'hit') as $k )
	369	{
	370	if (isset($row[$k]))
	371	{
	372	$image[$k] = (int)$row[$k];
	373	}
	374	}
[11116]	375	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
[1698]	376	{
	377	$image[$k] = $row[$k];
	378	}
	379	$image = array_merge( $image, ws_std_get_urls($row) );
	380
	381	$image_cats = array();
	382	foreach ( explode(',', $row['cat_ids']) as $cat_id )
	383	{
	384	$url = make_index_url(
	385	array(
[1861]	386	'category' => $cats[$cat_id],
[1698]	387	)
	388	);
	389	$page_url = make_picture_url(
	390	array(
[1861]	391	'category' => $cats[$cat_id],
[1698]	392	'image_id' => $row['id'],
	393	'image_file' => $row['file'],
	394	)
	395	);
	396	array_push( $image_cats, array(
	397	WS_XML_ATTRIBUTES => array (
	398	'id' => (int)$cat_id,
	399	'url' => $url,
	400	'page_url' => $page_url,
	401	)
	402	)
	403	);
	404	}
	405
	406	$image['categories'] = new PwgNamedArray(
	407	$image_cats,'category', array('id','url','page_url')
	408	);
	409	array_push($images, $image);
	410	}
	411	}
	412
	413	return array( 'images' =>
	414	array (
	415	WS_XML_ATTRIBUTES =>
	416	array(
	417	'page' => $params['page'],
	418	'per_page' => $params['per_page'],
	419	'count' => count($images)
	420	),
[1711]	421	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	422	ws_std_get_image_xml_attributes() )
[1698]	423	)
	424	);
	425	}
	426
[1781]	427
[1698]	428	/**
[1781]	429	* returns a list of categories (web service method)
[1698]	430	*/
	431	function ws_categories_getList($params, &$service)
	432	{
[1820]	433	global $user,$conf;
[1698]	434
[11155]	435	if ($params['tree_output'])
	436	{
	437	if (!isset($_GET['format']) or !in_array($_GET['format'], array('php', 'json')))
	438	{
	439	// the algorithm used to build a tree from a flat list of categories
	440	// keeps original array keys, which is not compatible with
	441	// PwgNamedArray.
	442	//
	443	// PwgNamedArray is useful to define which data is an attribute and
	444	// which is an element in the XML output. The "hierarchy" output is
	445	// only compatible with json/php output.
	446
	447	return new PwgError(405, "The tree_output option is only compatible with json/php output formats");
	448	}
	449	}
	450
[4884]	451	$where = array('1=1');
	452	$join_type = 'INNER';
	453	$join_user = $user['id'];
[1698]	454
	455	if (!$params['recursive'])
	456	{
	457	if ($params['cat_id']>0)
[1820]	458	$where[] = '(id_uppercat='.(int)($params['cat_id']).'
	459	OR id='.(int)($params['cat_id']).')';
[1698]	460	else
	461	$where[] = 'id_uppercat IS NULL';
	462	}
[1820]	463	else if ($params['cat_id']>0)
	464	{
[4367]	465	$where[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.
[1820]	466	(int)($params['cat_id'])
	467	.'(,\|$)\'';
	468	}
[1698]	469
	470	if ($params['public'])
	471	{
	472	$where[] = 'status = "public"';
[1711]	473	$where[] = 'visible = "true"';
[4884]	474
	475	$join_user = $conf['guest_id'];
[1698]	476	}
[4884]	477	elseif (is_admin())
[1698]	478	{
[4884]	479	// in this very specific case, we don't want to hide empty
	480	// categories. Function calculate_permissions will only return
	481	// categories that are either locked or private and not permitted
	482	//
	483	// calculate_permissions does not consider empty categories as forbidden
	484	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
	485	$where[]= 'id NOT IN ('.$forbidden_categories.')';
	486	$join_type = 'LEFT';
[1698]	487	}
	488
[1711]	489	$query = '
[11155]	490	SELECT id, name, permalink, uppercats, global_rank, id_uppercat,
[7550]	491	comment,
[1845]	492	nb_images, count_images AS total_nb_images,
	493	date_last, max_date_last, count_categories AS nb_categories
[1711]	494	FROM '.CATEGORIES_TABLE.'
[4884]	495	'.$join_type.' JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id AND user_id='.$join_user.'
[1698]	496	WHERE '. implode('
	497	AND ', $where);
	498
	499	$result = pwg_query($query);
	500
	501	$cats = array();
[4325]	502	while ($row = pwg_db_fetch_assoc($result))
[1698]	503	{
	504	$row['url'] = make_index_url(
	505	array(
[1861]	506	'category' => $row
[1698]	507	)
	508	);
[1845]	509	foreach( array('id','nb_images','total_nb_images','nb_categories') as $key)
[1698]	510	{
	511	$row[$key] = (int)$row[$key];
	512	}
[2572]	513
[4903]	514	$row['name'] = strip_tags(
	515	trigger_event(
	516	'render_category_name',
	517	$row['name'],
	518	'ws_categories_getList'
	519	)
	520	);
	521
[7550]	522	$row['comment'] = strip_tags(
	523	trigger_event(
	524	'render_category_description',
	525	$row['comment'],
	526	'ws_categories_getList'
	527	)
	528	);
	529
[1698]	530	array_push($cats, $row);
	531	}
	532	usort($cats, 'global_rank_compare');
[11155]	533
	534	if ($params['tree_output'])
	535	{
	536	return categories_flatlist_to_tree($cats);
	537	}
	538	else
	539	{
	540	return array(
	541	'categories' => new PwgNamedArray(
	542	$cats,
	543	'category',
	544	array(
	545	'id',
	546	'url',
	547	'nb_images',
	548	'total_nb_images',
	549	'nb_categories',
	550	'date_last',
	551	'max_date_last',
	552	)
[2548]	553	)
[11155]	554	);
	555	}
[1698]	556	}
	557
[2563]	558	/**
	559	* returns the list of categories as you can see them in administration (web
	560	* service method).
	561	*
	562	* Only admin can run this method and permissions are not taken into
	563	* account.
	564	*/
	565	function ws_categories_getAdminList($params, &$service)
	566	{
	567	if (!is_admin())
	568	{
	569	return new PwgError(401, 'Access denied');
	570	}
[1781]	571
[2563]	572	$query = '
	573	SELECT
	574	category_id,
	575	COUNT(*) AS counter
	576	FROM '.IMAGE_CATEGORY_TABLE.'
	577	GROUP BY category_id
	578	;';
	579	$nb_images_of = simple_hash_from_query($query, 'category_id', 'counter');
	580
	581	$query = '
	582	SELECT
	583	id,
	584	name,
[7550]	585	comment,
[2563]	586	uppercats,
	587	global_rank
	588	FROM '.CATEGORIES_TABLE.'
	589	;';
	590	$result = pwg_query($query);
	591	$cats = array();
	592
[4325]	593	while ($row = pwg_db_fetch_assoc($result))
[2563]	594	{
	595	$id = $row['id'];
	596	$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
[4903]	597	$row['name'] = strip_tags(
	598	trigger_event(
	599	'render_category_name',
	600	$row['name'],
	601	'ws_categories_getAdminList'
	602	)
	603	);
[7550]	604	$row['comment'] = strip_tags(
	605	trigger_event(
	606	'render_category_description',
	607	$row['comment'],
	608	'ws_categories_getAdminList'
	609	)
	610	);
[2563]	611	array_push($cats, $row);
[2585]	612	}
	613
[2563]	614	usort($cats, 'global_rank_compare');
	615	return array(
	616	'categories' => new PwgNamedArray(
	617	$cats,
	618	'category',
	619	array(
	620	'id',
	621	'nb_images',
	622	'name',
	623	'uppercats',
	624	'global_rank',
	625	)
	626	)
	627	);
	628	}
	629
[1781]	630	/**
	631	* returns detailed information for an element (web service method)
	632	*/
[1849]	633	function ws_images_addComment($params, &$service)
	634	{
[1852]	635	if (!$service->isPost())
	636	{
	637	return new PwgError(405, "This method requires HTTP POST");
	638	}
[1849]	639	$params['image_id'] = (int)$params['image_id'];
	640	$query = '
[2119]	641	SELECT DISTINCT image_id
[1849]	642	FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id
[2119]	643	WHERE commentable="true"
[1849]	644	AND image_id='.$params['image_id'].
	645	get_sql_condition_FandF(
	646	array(
	647	'forbidden_categories' => 'id',
	648	'visible_categories' => 'id',
	649	'visible_images' => 'image_id'
	650	),
	651	' AND'
	652	);
[4325]	653	if ( !pwg_db_num_rows( pwg_query( $query ) ) )
[1849]	654	{
	655	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	656	}
[2119]	657
[1849]	658	$comm = array(
[6437]	659	'author' => trim( $params['author'] ),
	660	'content' => trim( $params['content'] ),
[1849]	661	'image_id' => $params['image_id'],
	662	);
	663
	664	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[2119]	665
	666	$comment_action = insert_user_comment(
[1849]	667	$comm, $params['key'], $infos
	668	);
	669
	670	switch ($comment_action)
	671	{
	672	case 'reject':
[5021]	673	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
[7782]	674	return new PwgError(403, implode("; ", $infos) );
[1849]	675	case 'validate':
	676	case 'moderate':
[2119]	677	$ret = array(
[1849]	678	'id' => $comm['id'],
	679	'validation' => $comment_action=='validate',
	680	);
	681	return new PwgNamedStruct(
	682	'comment',
[2119]	683	$ret,
	684	null, array()
[1849]	685	);
	686	default:
	687	return new PwgError(500, "Unknown comment action ".$comment_action );
	688	}
	689	}
	690
	691	/**
	692	* returns detailed information for an element (web service method)
	693	*/
[1698]	694	function ws_images_getInfo($params, &$service)
	695	{
	696	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1849]	697	global $user, $conf;
[1698]	698	$params['image_id'] = (int)$params['image_id'];
	699	if ( $params['image_id']<=0 )
	700	{
	701	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	702	}
[1781]	703
[1698]	704	$query='
	705	SELECT * FROM '.IMAGES_TABLE.'
[1711]	706	WHERE id='.$params['image_id'].
	707	get_sql_condition_FandF(
	708	array('visible_images' => 'id'),
	709	' AND'
[2516]	710	).'
	711	LIMIT 1';
[1711]	712
[4325]	713	$image_row = pwg_db_fetch_assoc(pwg_query($query));
[1698]	714	if ($image_row==null)
	715	{
[1852]	716	return new PwgError(404, "image_id not found");
[1698]	717	}
[1845]	718	$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
[1698]	719
	720	//-------------------------------------------------------- related categories
	721	$query = '
[1866]	722	SELECT id, name, permalink, uppercats, global_rank, commentable
[1698]	723	FROM '.IMAGE_CATEGORY_TABLE.'
[1849]	724	INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id
[2119]	725	WHERE image_id = '.$image_row['id'].
	726	get_sql_condition_FandF(
	727	array( 'forbidden_categories' => 'category_id' ),
	728	' AND'
	729	).'
[1698]	730	;';
	731	$result = pwg_query($query);
[1849]	732	$is_commentable = false;
[1698]	733	$related_categories = array();
[4325]	734	while ($row = pwg_db_fetch_assoc($result))
[1698]	735	{
[1849]	736	if ($row['commentable']=='true')
	737	{
	738	$is_commentable = true;
	739	}
	740	unset($row['commentable']);
[1698]	741	$row['url'] = make_index_url(
	742	array(
[1861]	743	'category' => $row
[1698]	744	)
	745	);
	746
	747	$row['page_url'] = make_picture_url(
	748	array(
	749	'image_id' => $image_row['id'],
	750	'image_file' => $image_row['file'],
[1861]	751	'category' => $row
[1698]	752	)
	753	);
[1849]	754	$row['id']=(int)$row['id'];
[1698]	755	array_push($related_categories, $row);
	756	}
	757	usort($related_categories, 'global_rank_compare');
	758	if ( empty($related_categories) )
	759	{
	760	return new PwgError(401, 'Access denied');
	761	}
	762
	763	//-------------------------------------------------------------- related tags
[1815]	764	$related_tags = get_common_tags( array($image_row['id']), -1 );
	765	foreach( $related_tags as $i=>$tag)
[1698]	766	{
[1815]	767	$tag['url'] = make_index_url(
[1698]	768	array(
[1815]	769	'tags' => array($tag)
[1698]	770	)
	771	);
[1815]	772	$tag['page_url'] = make_picture_url(
[1698]	773	array(
	774	'image_id' => $image_row['id'],
	775	'image_file' => $image_row['file'],
[1815]	776	'tags' => array($tag),
[1698]	777	)
	778	);
[1815]	779	unset($tag['counter']);
[1849]	780	$tag['id']=(int)$tag['id'];
[1815]	781	$related_tags[$i]=$tag;
[1698]	782	}
[1849]	783	//------------------------------------------------------------- related rates
	784	$query = '
	785	SELECT COUNT(rate) AS count
	786	, ROUND(AVG(rate),2) AS average
	787	FROM '.RATE_TABLE.'
	788	WHERE element_id = '.$image_row['id'].'
	789	;';
[4325]	790	$rating = pwg_db_fetch_assoc(pwg_query($query));
[1849]	791	$rating['count'] = (int)$rating['count'];
	792
[1698]	793	//---------------------------------------------------------- related comments
[1849]	794	$related_comments = array();
[2119]	795
[1849]	796	$where_comments = 'image_id = '.$image_row['id'];
	797	if ( !is_admin() )
	798	{
	799	$where_comments .= '
	800	AND validated="true"';
	801	}
	802
[1698]	803	$query = '
[6652]	804	SELECT COUNT(id) AS nb_comments
[1698]	805	FROM '.COMMENTS_TABLE.'
[1849]	806	WHERE '.$where_comments;
[1698]	807	list($nb_comments) = array_from_query($query, 'nb_comments');
[1849]	808	$nb_comments = (int)$nb_comments;
[1698]	809
[1849]	810	if ( $nb_comments>0 and $params['comments_per_page']>0 )
	811	{
	812	$query = '
[1698]	813	SELECT id, date, author, content
	814	FROM '.COMMENTS_TABLE.'
[1849]	815	WHERE '.$where_comments.'
	816	ORDER BY date
[4334]	817	LIMIT '.(int)$params['comments_per_page'].
	818	' OFFSET '.(int)($params['comments_per_page']*$params['comments_page']);
[1698]	819
[1849]	820	$result = pwg_query($query);
[4325]	821	while ($row = pwg_db_fetch_assoc($result))
[1849]	822	{
	823	$row['id']=(int)$row['id'];
	824	array_push($related_comments, $row);
	825	}
	826	}
[2119]	827
[1849]	828	$comment_post_data = null;
[2119]	829	if ($is_commentable and
[2029]	830	(!is_a_guest()
	831	or (is_a_guest() and $conf['comments_forall'] )
[1849]	832	)
	833	)
[1698]	834	{
[4304]	835	$comment_post_data['author'] = stripslashes($user['username']);
[7495]	836	$comment_post_data['key'] = get_ephemeral_key(2, $params['image_id']);
[1698]	837	}
	838
[1849]	839	$ret = $image_row;
	840	foreach ( array('id','width','height','hit','filesize') as $k )
	841	{
	842	if (isset($ret[$k]))
	843	{
	844	$ret[$k] = (int)$ret[$k];
	845	}
	846	}
	847	foreach ( array('path', 'storage_category_id') as $k )
	848	{
	849	unset($ret[$k]);
	850	}
[1698]	851
[1849]	852	$ret['rates'] = array( WS_XML_ATTRIBUTES => $rating );
[1698]	853	$ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') );
[2585]	854	$ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','name','page_url') );
[1849]	855	if ( isset($comment_post_data) )
	856	{
	857	$ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data );
	858	}
[1698]	859	$ret['comments'] = array(
[2119]	860	WS_XML_ATTRIBUTES =>
[1849]	861	array(
	862	'page' => $params['comments_page'],
	863	'per_page' => $params['comments_per_page'],
	864	'count' => count($related_comments),
	865	'nb_comments' => $nb_comments,
	866	),
	867	WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') )
[1698]	868	);
[1845]	869
[1698]	870	return new PwgNamedStruct('image',$ret, null, array('name','comment') );
	871	}
	872
[2435]	873
[1837]	874	/**
[2435]	875	* rates the image_id in the parameter
	876	*/
	877	function ws_images_Rate($params, &$service)
	878	{
	879	$image_id = (int)$params['image_id'];
	880	$query = '
	881	SELECT DISTINCT id FROM '.IMAGES_TABLE.'
	882	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
	883	WHERE id='.$image_id
	884	.get_sql_condition_FandF(
	885	array(
	886	'forbidden_categories' => 'category_id',
	887	'forbidden_images' => 'id',
	888	),
	889	' AND'
	890	).'
	891	LIMIT 1';
[4325]	892	if ( pwg_db_num_rows( pwg_query($query) )==0 )
[2435]	893	{
	894	return new PwgError(404, "Invalid image_id or access denied" );
	895	}
	896	$rate = (int)$params['rate'];
	897	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
	898	$res = rate_picture( $image_id, $rate );
	899	if ($res==false)
	900	{
	901	global $conf;
	902	return new PwgError( 403, "Forbidden or rate not in ". implode(',',$conf['rate_items']));
	903	}
	904	return $res;
	905	}
	906
	907
	908	/**
[1837]	909	* returns a list of elements corresponding to a query search
	910	*/
	911	function ws_images_search($params, &$service)
	912	{
	913	global $page;
	914	$images = array();
	915	include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
	916	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1698]	917
[2135]	918	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
	919	$order_by = ws_std_image_sql_order($params, 'i.');
[1837]	920
[2451]	921	$super_order_by = false;
[2135]	922	if ( !empty($order_by) )
[1837]	923	{
[2135]	924	global $conf;
	925	$conf['order_by'] = 'ORDER BY '.$order_by;
[2451]	926	$super_order_by=true; // quick_search_result might be faster
[1837]	927	}
	928
[2135]	929	$search_result = get_quick_search_results($params['query'],
[2451]	930	$super_order_by,
	931	implode(',', $where_clauses)
	932	);
[2119]	933
[2451]	934	$image_ids = array_slice(
	935	$search_result['items'],
	936	$params['page']*$params['per_page'],
	937	$params['per_page']
	938	);
[1837]	939
	940	if ( count($image_ids) )
	941	{
	942	$query = '
	943	SELECT * FROM '.IMAGES_TABLE.'
[2451]	944	WHERE id IN ('.implode(',', $image_ids).')';
[1837]	945
[2451]	946	$image_ids = array_flip($image_ids);
[1837]	947	$result = pwg_query($query);
[4325]	948	while ($row = pwg_db_fetch_assoc($result))
[1837]	949	{
	950	$image = array();
	951	foreach ( array('id', 'width', 'height', 'hit') as $k )
	952	{
	953	if (isset($row[$k]))
	954	{
	955	$image[$k] = (int)$row[$k];
	956	}
	957	}
[11116]	958	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
[1837]	959	{
	960	$image[$k] = $row[$k];
	961	}
	962	$image = array_merge( $image, ws_std_get_urls($row) );
[2451]	963	$images[$image_ids[$image['id']]] = $image;
[1837]	964	}
[2451]	965	ksort($images, SORT_NUMERIC);
	966	$images = array_values($images);
[1837]	967	}
	968
	969
	970	return array( 'images' =>
	971	array (
	972	WS_XML_ATTRIBUTES =>
	973	array(
	974	'page' => $params['page'],
	975	'per_page' => $params['per_page'],
	976	'count' => count($images)
	977	),
	978	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	979	ws_std_get_image_xml_attributes() )
[1837]	980	)
	981	);
	982	}
	983
[2413]	984	function ws_images_setPrivacyLevel($params, &$service)
	985	{
[8126]	986	if (!is_admin())
[2413]	987	{
	988	return new PwgError(401, 'Access denied');
	989	}
[4513]	990	if (!$service->isPost())
	991	{
	992	return new PwgError(405, "This method requires HTTP POST");
	993	}
[2770]	994	$params['image_id'] = array_map( 'intval',$params['image_id'] );
[2413]	995	if ( empty($params['image_id']) )
	996	{
	997	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	998	}
	999	global $conf;
	1000	if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
	1001	{
	1002	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
	1003	}
[4513]	1004
[2413]	1005	$query = '
	1006	UPDATE '.IMAGES_TABLE.'
	1007	SET level='.(int)$params['level'].'
	1008	WHERE id IN ('.implode(',',$params['image_id']).')';
	1009	$result = pwg_query($query);
[5930]	1010	$affected_rows = pwg_db_changes($result);
[2413]	1011	if ($affected_rows)
	1012	{
	1013	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1014	invalidate_user_cache();
	1015	}
	1016	return $affected_rows;
	1017	}
	1018
[11372]	1019	function ws_images_setRank($params, &$service)
	1020	{
	1021	if (!is_admin())
	1022	{
	1023	return new PwgError(401, 'Access denied');
	1024	}
	1025
	1026	if (!$service->isPost())
	1027	{
	1028	return new PwgError(405, "This method requires HTTP POST");
	1029	}
	1030
	1031	// is the image_id valid?
	1032	$params['image_id'] = (int)$params['image_id'];
	1033	if ($params['image_id'] <= 0)
	1034	{
	1035	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	1036	}
	1037
	1038	// is the category valid?
	1039	$params['category_id'] = (int)$params['category_id'];
	1040	if ($params['category_id'] <= 0)
	1041	{
	1042	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	1043	}
	1044
	1045	// is the rank valid?
	1046	$params['rank'] = (int)$params['rank'];
	1047	if ($params['rank'] <= 0)
	1048	{
	1049	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid rank");
	1050	}
	1051
	1052	// does the image really exist?
	1053	$query='
	1054	SELECT
	1055	*
	1056	FROM '.IMAGES_TABLE.'
	1057	WHERE id = '.$params['image_id'].'
	1058	;';
	1059
	1060	$image_row = pwg_db_fetch_assoc(pwg_query($query));
	1061	if ($image_row == null)
	1062	{
	1063	return new PwgError(404, "image_id not found");
	1064	}
	1065
	1066	// is the image associated to this category?
	1067	$query = '
	1068	SELECT
	1069	image_id,
	1070	category_id,
	1071	rank
	1072	FROM '.IMAGE_CATEGORY_TABLE.'
	1073	WHERE image_id = '.$params['image_id'].'
	1074	AND category_id = '.$params['category_id'].'
	1075	;';
	1076	$category_row = pwg_db_fetch_assoc(pwg_query($query));
	1077	if ($category_row == null)
	1078	{
	1079	return new PwgError(404, "This image is not associated to this category");
	1080	}
	1081
	1082	// what is the current higher rank for this category?
	1083	$query = '
	1084	SELECT
	1085	MAX(rank) AS max_rank
	1086	FROM '.IMAGE_CATEGORY_TABLE.'
	1087	WHERE category_id = '.$params['category_id'].'
	1088	;';
	1089	$result = pwg_query($query);
	1090	$row = pwg_db_fetch_assoc($result);
	1091
	1092	if (is_numeric($row['max_rank']))
	1093	{
	1094	if ($params['rank'] > $row['max_rank'])
	1095	{
	1096	$params['rank'] = $row['max_rank'] + 1;
	1097	}
	1098	}
	1099	else
	1100	{
	1101	$params['rank'] = 1;
	1102	}
	1103
	1104	// update rank for all other photos in the same category
	1105	$query = '
	1106	UPDATE '.IMAGE_CATEGORY_TABLE.'
	1107	SET rank = rank + 1
	1108	WHERE category_id = '.$params['category_id'].'
	1109	AND rank IS NOT NULL
	1110	AND rank >= '.$params['rank'].'
	1111	;';
	1112	pwg_query($query);
	1113
	1114	// set the new rank for the photo
	1115	$query = '
	1116	UPDATE '.IMAGE_CATEGORY_TABLE.'
	1117	SET rank = '.$params['rank'].'
	1118	WHERE image_id = '.$params['image_id'].'
	1119	AND category_id = '.$params['category_id'].'
	1120	;';
	1121	pwg_query($query);
	1122
	1123	// return data for client
	1124	return array(
	1125	'image_id' => $params['image_id'],
	1126	'category_id' => $params['category_id'],
	1127	'rank' => $params['rank'],
	1128	);
	1129	}
	1130
[3193]	1131	function ws_images_add_chunk($params, &$service)
	1132	{
[5014]	1133	global $conf;
	1134
[4900]	1135	ws_logfile('[ws_images_add_chunk] welcome');
[3193]	1136	// data
	1137	// original_sum
	1138	// type {thumb, file, high}
	1139	// position
[3488]	1140
[8126]	1141	if (!is_admin())
[3193]	1142	{
	1143	return new PwgError(401, 'Access denied');
	1144	}
	1145
[4511]	1146	if (!$service->isPost())
	1147	{
	1148	return new PwgError(405, "This method requires HTTP POST");
	1149	}
	1150
[4900]	1151	foreach ($params as $param_key => $param_value) {
	1152	if ('data' == $param_key) {
	1153	continue;
	1154	}
	1155
	1156	ws_logfile(
	1157	sprintf(
	1158	'[ws_images_add_chunk] input param "%s" : "%s"',
	1159	$param_key,
	1160	is_null($param_value) ? 'NULL' : $param_value
	1161	)
	1162	);
	1163	}
	1164
[5014]	1165	$upload_dir = $conf['upload_dir'].'/buffer';
[3193]	1166
	1167	// create the upload directory tree if not exists
	1168	if (!is_dir($upload_dir)) {
	1169	umask(0000);
	1170	$recursive = true;
	1171	if (!@mkdir($upload_dir, 0777, $recursive))
	1172	{
	1173	return new PwgError(500, 'error during buffer directory creation');
	1174	}
	1175	}
	1176
	1177	if (!is_writable($upload_dir))
	1178	{
	1179	// last chance to make the directory writable
	1180	@chmod($upload_dir, 0777);
	1181
	1182	if (!is_writable($upload_dir))
	1183	{
	1184	return new PwgError(500, 'buffer directory has no write access');
	1185	}
	1186	}
	1187
	1188	secure_directory($upload_dir);
	1189
	1190	$filename = sprintf(
	1191	'%s-%s-%05u.block',
	1192	$params['original_sum'],
	1193	$params['type'],
	1194	$params['position']
	1195	);
	1196
[3240]	1197	ws_logfile('[ws_images_add_chunk] data length : '.strlen($params['data']));
	1198
[3193]	1199	$bytes_written = file_put_contents(
	1200	$upload_dir.'/'.$filename,
[3240]	1201	base64_decode($params['data'])
[3193]	1202	);
	1203
	1204	if (false === $bytes_written) {
	1205	return new PwgError(
	1206	500,
	1207	'an error has occured while writting chunk '.$params['position'].' for '.$params['type']
	1208	);
	1209	}
	1210	}
	1211
	1212	function merge_chunks($output_filepath, $original_sum, $type)
	1213	{
[5014]	1214	global $conf;
	1215
[3193]	1216	ws_logfile('[merge_chunks] input parameter $output_filepath : '.$output_filepath);
	1217
[4348]	1218	if (is_file($output_filepath))
	1219	{
	1220	unlink($output_filepath);
[4513]	1221
[4348]	1222	if (is_file($output_filepath))
	1223	{
	1224	new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath);
	1225	exit();
	1226	}
	1227	}
[4513]	1228
[5014]	1229	$upload_dir = $conf['upload_dir'].'/buffer';
[3193]	1230	$pattern = '/'.$original_sum.'-'.$type.'/';
	1231	$chunks = array();
[3488]	1232
[3193]	1233	if ($handle = opendir($upload_dir))
	1234	{
	1235	while (false !== ($file = readdir($handle)))
	1236	{
	1237	if (preg_match($pattern, $file))
	1238	{
	1239	ws_logfile($file);
	1240	array_push($chunks, $upload_dir.'/'.$file);
	1241	}
	1242	}
	1243	closedir($handle);
	1244	}
	1245
	1246	sort($chunks);
[3240]	1247
[4425]	1248	if (function_exists('memory_get_usage')) {
	1249	ws_logfile('[merge_chunks] memory_get_usage before loading chunks: '.memory_get_usage());
	1250	}
[3488]	1251
[3514]	1252	$i = 0;
[4513]	1253
[3240]	1254	foreach ($chunks as $chunk)
	1255	{
	1256	$string = file_get_contents($chunk);
[3488]	1257
[4425]	1258	if (function_exists('memory_get_usage')) {
	1259	ws_logfile('[merge_chunks] memory_get_usage on chunk '.++$i.': '.memory_get_usage());
	1260	}
[3488]	1261
[3240]	1262	if (!file_put_contents($output_filepath, $string, FILE_APPEND))
	1263	{
[4346]	1264	new PwgError(500, '[merge_chunks] error while writting chunks for '.$output_filepath);
	1265	exit();
[3240]	1266	}
[3488]	1267
[3193]	1268	unlink($chunk);
	1269	}
[3240]	1270
[4425]	1271	if (function_exists('memory_get_usage')) {
	1272	ws_logfile('[merge_chunks] memory_get_usage after loading chunks: '.memory_get_usage());
	1273	}
[3193]	1274	}
	1275
[4346]	1276	/*
	1277	* The $file_path must be the path of the basic "web sized" photo
	1278	* The $type value will automatically modify the $file_path to the corresponding file
	1279	*/
	1280	function add_file($file_path, $type, $original_sum, $file_sum)
	1281	{
[8249]	1282	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
	1283
[4347]	1284	$file_path = file_path_for_type($file_path, $type);
[4346]	1285
	1286	$upload_dir = dirname($file_path);
[4900]	1287	if (substr(PHP_OS, 0, 3) == 'WIN')
	1288	{
	1289	$upload_dir = str_replace('/', DIRECTORY_SEPARATOR, $upload_dir);
	1290	}
[4513]	1291
[4900]	1292	ws_logfile('[add_file] file_path : '.$file_path);
	1293	ws_logfile('[add_file] upload_dir : '.$upload_dir);
	1294
[4346]	1295	if (!is_dir($upload_dir)) {
	1296	umask(0000);
	1297	$recursive = true;
	1298	if (!@mkdir($upload_dir, 0777, $recursive))
	1299	{
	1300	new PwgError(500, '[add_file] error during '.$type.' directory creation');
	1301	exit();
	1302	}
	1303	}
	1304
	1305	if (!is_writable($upload_dir))
	1306	{
	1307	// last chance to make the directory writable
	1308	@chmod($upload_dir, 0777);
	1309
	1310	if (!is_writable($upload_dir))
	1311	{
	1312	new PwgError(500, '[add_file] '.$type.' directory has no write access');
	1313	exit();
	1314	}
	1315	}
	1316
	1317	secure_directory($upload_dir);
	1318
	1319	// merge the thumbnail
	1320	merge_chunks($file_path, $original_sum, $type);
	1321	chmod($file_path, 0644);
	1322
	1323	// check dumped thumbnail md5
	1324	$dumped_md5 = md5_file($file_path);
	1325	if ($dumped_md5 != $file_sum) {
	1326	new PwgError(500, '[add_file] '.$type.' transfer failed');
	1327	exit();
	1328	}
	1329
	1330	list($width, $height) = getimagesize($file_path);
	1331	$filesize = floor(filesize($file_path)/1024);
	1332
	1333	return array(
	1334	'width' => $width,
	1335	'height' => $height,
	1336	'filesize' => $filesize,
	1337	);
	1338	}
	1339
[4348]	1340	function ws_images_addFile($params, &$service)
	1341	{
	1342	// image_id
	1343	// type {thumb, file, high}
	1344	// sum
	1345
	1346	global $conf;
[8126]	1347	if (!is_admin())
[4348]	1348	{
	1349	return new PwgError(401, 'Access denied');
	1350	}
	1351
	1352	$params['image_id'] = (int)$params['image_id'];
	1353	if ($params['image_id'] <= 0)
	1354	{
	1355	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	1356	}
	1357
	1358	//
	1359	// what is the path?
	1360	//
	1361	$query = '
	1362	SELECT
	1363	path,
	1364	md5sum
	1365	FROM '.IMAGES_TABLE.'
	1366	WHERE id = '.$params['image_id'].'
	1367	;';
[6500]	1368	list($file_path, $original_sum) = pwg_db_fetch_row(pwg_query($query));
[4348]	1369
	1370	// TODO only files added with web API can be updated with web API
	1371
	1372	//
	1373	// makes sure directories are there and call the merge_chunks
	1374	//
	1375	$infos = add_file($file_path, $params['type'], $original_sum, $params['sum']);
	1376
	1377	//
	1378	// update basic metadata from file
	1379	//
	1380	$update = array();
[4513]	1381
[4348]	1382	if ('high' == $params['type'])
	1383	{
	1384	$update['high_filesize'] = $infos['filesize'];
[10160]	1385	$update['high_width'] = $infos['width'];
	1386	$update['high_height'] = $infos['height'];
[4348]	1387	$update['has_high'] = 'true';
	1388	}
	1389
	1390	if ('file' == $params['type'])
	1391	{
	1392	$update['filesize'] = $infos['filesize'];
	1393	$update['width'] = $infos['width'];
	1394	$update['height'] = $infos['height'];
	1395	}
	1396
	1397	// we may have nothing to update at database level, for example with a
	1398	// thumbnail update
	1399	if (count($update) > 0)
	1400	{
	1401	$update['id'] = $params['image_id'];
[4513]	1402
[4348]	1403	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1404	mass_updates(
	1405	IMAGES_TABLE,
	1406	array(
	1407	'primary' => array('id'),
	1408	'update' => array_diff(array_keys($update), array('id'))
	1409	),
	1410	array($update)
	1411	);
	1412	}
	1413	}
	1414
[2463]	1415	function ws_images_add($params, &$service)
	1416	{
[8464]	1417	global $conf, $user;
[8126]	1418	if (!is_admin())
[2496]	1419	{
	1420	return new PwgError(401, 'Access denied');
	1421	}
	1422
[3662]	1423	foreach ($params as $param_key => $param_value) {
	1424	ws_logfile(
	1425	sprintf(
	1426	'[pwg.images.add] input param "%s" : "%s"',
	1427	$param_key,
	1428	is_null($param_value) ? 'NULL' : $param_value
	1429	)
	1430	);
	1431	}
[2496]	1432
[2592]	1433	// does the image already exists ?
[4954]	1434	if ('md5sum' == $conf['uniqueness_mode'])
	1435	{
	1436	$where_clause = "md5sum = '".$params['original_sum']."'";
	1437	}
	1438	if ('filename' == $conf['uniqueness_mode'])
	1439	{
	1440	$where_clause = "file = '".$params['original_filename']."'";
	1441	}
	1442
[2592]	1443	$query = '
	1444	SELECT
	1445	COUNT(*) AS counter
	1446	FROM '.IMAGES_TABLE.'
[4954]	1447	WHERE '.$where_clause.'
[2592]	1448	;';
[4325]	1449	list($counter) = pwg_db_fetch_row(pwg_query($query));
[2592]	1450	if ($counter != 0) {
	1451	return new PwgError(500, 'file already exists');
	1452	}
	1453
[2463]	1454	// current date
[4325]	1455	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
[2463]	1456	list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
[2496]	1457
[2501]	1458	// upload directory hierarchy
[2463]	1459	$upload_dir = sprintf(
[5014]	1460	$conf['upload_dir'].'/%s/%s/%s',
[2463]	1461	$year,
	1462	$month,
	1463	$day
	1464	);
	1465
[2501]	1466	// compute file path
[2463]	1467	$date_string = preg_replace('/[^\d]/', '', $dbnow);
	1468	$random_string = substr($params['file_sum'], 0, 8);
	1469	$filename_wo_ext = $date_string.'-'.$random_string;
[2501]	1470	$file_path = $upload_dir.'/'.$filename_wo_ext.'.jpg';
[2496]	1471
[4346]	1472	// add files
	1473	$file_infos = add_file($file_path, 'file', $params['original_sum'], $params['file_sum']);
	1474	$thumb_infos = add_file($file_path, 'thumb', $params['original_sum'], $params['thumbnail_sum']);
[2463]	1475
[3193]	1476	if (isset($params['high_sum']))
[2670]	1477	{
[4346]	1478	$high_infos = add_file($file_path, 'high', $params['original_sum'], $params['high_sum']);
[2670]	1479	}
	1480
[2463]	1481	// database registration
	1482	$insert = array(
[4911]	1483	'file' => !empty($params['original_filename']) ? $params['original_filename'] : $filename_wo_ext.'.jpg',
[2463]	1484	'date_available' => $dbnow,
	1485	'tn_ext' => 'jpg',
	1486	'name' => $params['name'],
	1487	'path' => $file_path,
[4346]	1488	'filesize' => $file_infos['filesize'],
	1489	'width' => $file_infos['width'],
	1490	'height' => $file_infos['height'],
[3065]	1491	'md5sum' => $params['original_sum'],
[8464]	1492	'added_by' => $user['id'],
[2463]	1493	);
	1494
[2569]	1495	$info_columns = array(
	1496	'name',
	1497	'author',
	1498	'comment',
	1499	'level',
	1500	'date_creation',
	1501	);
	1502
	1503	foreach ($info_columns as $key)
	1504	{
	1505	if (isset($params[$key]))
	1506	{
	1507	$insert[$key] = $params[$key];
	1508	}
	1509	}
	1510
[3193]	1511	if (isset($params['high_sum']))
[2670]	1512	{
	1513	$insert['has_high'] = 'true';
[4346]	1514	$insert['high_filesize'] = $high_infos['filesize'];
[10160]	1515	$insert['high_width'] = $high_infos['width'];
	1516	$insert['high_height'] = $high_infos['height'];
[2670]	1517	}
	1518
[2463]	1519	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1520	mass_inserts(
	1521	IMAGES_TABLE,
	1522	array_keys($insert),
	1523	array($insert)
	1524	);
	1525
[4892]	1526	$image_id = pwg_db_insert_id(IMAGES_TABLE);
[2463]	1527
[2569]	1528	// let's add links between the image and the categories
	1529	if (isset($params['categories']))
	1530	{
[2919]	1531	ws_add_image_category_relations($image_id, $params['categories']);
[2553]	1532	}
[2569]	1533
	1534	// and now, let's create tag associations
[3660]	1535	if (isset($params['tag_ids']) and !empty($params['tag_ids']))
[2553]	1536	{
[2569]	1537	set_tags(
	1538	explode(',', $params['tag_ids']),
	1539	$image_id
	1540	);
[2553]	1541	}
[2585]	1542
[4685]	1543	// update metadata from the uploaded file (exif/iptc)
	1544	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
	1545	update_metadata(array($image_id=>$file_path));
	1546
[2501]	1547	invalidate_user_cache();
[2463]	1548	}
	1549
[8249]	1550	function ws_images_addSimple($params, &$service)
	1551	{
	1552	global $conf;
[8274]	1553	if (!is_admin())
[8249]	1554	{
	1555	return new PwgError(401, 'Access denied');
	1556	}
	1557
	1558	if (!$service->isPost())
	1559	{
	1560	return new PwgError(405, "This method requires HTTP POST");
	1561	}
[11118]	1562
	1563	if (!isset($_FILES['image']))
	1564	{
	1565	return new PwgError(405, "The image (file) parameter is missing");
	1566	}
[9191]	1567
	1568	$params['image_id'] = (int)$params['image_id'];
	1569	if ($params['image_id'] > 0)
	1570	{
	1571	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
[8249]	1572
[9191]	1573	$query='
	1574	SELECT *
	1575	FROM '.IMAGES_TABLE.'
	1576	WHERE id = '.$params['image_id'].'
	1577	;';
	1578
	1579	$image_row = pwg_db_fetch_assoc(pwg_query($query));
	1580	if ($image_row == null)
	1581	{
	1582	return new PwgError(404, "image_id not found");
	1583	}
	1584	}
	1585
[8249]	1586	// category
	1587	$params['category'] = (int)$params['category'];
[9191]	1588	if ($params['category'] <= 0 and $params['image_id'] <= 0)
[8249]	1589	{
	1590	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	1591	}
	1592
	1593	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
	1594
	1595	$image_id = add_uploaded_file(
	1596	$_FILES['image']['tmp_name'],
	1597	$_FILES['image']['name'],
[9191]	1598	$params['category'] > 0 ? array($params['category']) : null,
	1599	8,
	1600	$params['image_id'] > 0 ? $params['image_id'] : null
[8249]	1601	);
	1602
	1603	$info_columns = array(
	1604	'name',
	1605	'author',
	1606	'comment',
	1607	'level',
	1608	'date_creation',
	1609	);
	1610
	1611	foreach ($info_columns as $key)
	1612	{
	1613	if (isset($params[$key]))
	1614	{
	1615	$update[$key] = $params[$key];
	1616	}
	1617	}
	1618
	1619	if (count(array_keys($update)) > 0)
	1620	{
	1621	$update['id'] = $image_id;
	1622
	1623	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1624	mass_updates(
	1625	IMAGES_TABLE,
	1626	array(
	1627	'primary' => array('id'),
	1628	'update' => array_diff(array_keys($update), array('id'))
	1629	),
	1630	array($update)
	1631	);
	1632	}
	1633
	1634
	1635	if (isset($params['tags']) and !empty($params['tags']))
	1636	{
	1637	$tag_ids = array();
	1638	$tag_names = explode(',', $params['tags']);
	1639	foreach ($tag_names as $tag_name)
	1640	{
	1641	$tag_id = tag_id_from_tag_name($tag_name);
	1642	array_push($tag_ids, $tag_id);
	1643	}
	1644
	1645	add_tags($tag_ids, array($image_id));
	1646	}
	1647
[9191]	1648	$url_params = array('image_id' => $image_id);
	1649
	1650	if ($params['category'] > 0)
	1651	{
	1652	$query = '
[8249]	1653	SELECT id, name, permalink
	1654	FROM '.CATEGORIES_TABLE.'
	1655	WHERE id = '.$params['category'].'
	1656	;';
[9191]	1657	$result = pwg_query($query);
	1658	$category = pwg_db_fetch_assoc($result);
[8249]	1659
[9191]	1660	$url_params['section'] = 'categories';
	1661	$url_params['category'] = $category;
	1662	}
	1663
[9944]	1664	// update metadata from the uploaded file (exif/iptc), even if the sync
	1665	// was already performed by add_uploaded_file().
	1666	$query = '
	1667	SELECT
	1668	path
	1669	FROM '.IMAGES_TABLE.'
	1670	WHERE id = '.$image_id.'
	1671	;';
	1672	list($file_path) = pwg_db_fetch_row(pwg_query($query));
	1673
	1674	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
	1675	update_metadata(array($image_id=>$file_path));
	1676
[8249]	1677	return array(
	1678	'image_id' => $image_id,
[9191]	1679	'url' => make_picture_url($url_params),
[8249]	1680	);
	1681	}
	1682
[1781]	1683	/**
	1684	* perform a login (web service method)
	1685	*/
[1698]	1686	function ws_session_login($params, &$service)
	1687	{
	1688	global $conf;
	1689
	1690	if (!$service->isPost())
	1691	{
[1852]	1692	return new PwgError(405, "This method requires HTTP POST");
[1698]	1693	}
[1744]	1694	if (try_log_user($params['username'], $params['password'],false))
[1698]	1695	{
	1696	return true;
	1697	}
	1698	return new PwgError(999, 'Invalid username/password');
	1699	}
	1700
[1781]	1701
	1702	/**
	1703	* performs a logout (web service method)
	1704	*/
[1698]	1705	function ws_session_logout($params, &$service)
	1706	{
[2029]	1707	if (!is_a_guest())
[1698]	1708	{
[2757]	1709	logout_user();
[1698]	1710	}
	1711	return true;
	1712	}
	1713
	1714	function ws_session_getStatus($params, &$service)
	1715	{
[2356]	1716	global $user;
[1698]	1717	$res = array();
[4304]	1718	$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
[6437]	1719	foreach ( array('status', 'theme', 'language') as $k )
[1849]	1720	{
	1721	$res[$k] = $user[$k];
	1722	}
[7212]	1723	$res['pwg_token'] = get_pwg_token();
[2126]	1724	$res['charset'] = get_pwg_charset();
[11756]	1725
	1726	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
	1727	$res['current_datetime'] = $dbnow;
	1728
[1698]	1729	return $res;
	1730	}
	1731
	1732
[1781]	1733	/**
	1734	* returns a list of tags (web service method)
	1735	*/
[1698]	1736	function ws_tags_getList($params, &$service)
	1737	{
[1711]	1738	$tags = get_available_tags();
[1698]	1739	if ($params['sort_by_counter'])
	1740	{
	1741	usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
	1742	}
	1743	else
	1744	{
[2409]	1745	usort($tags, 'tag_alpha_compare');
[1698]	1746	}
	1747	for ($i=0; $i<count($tags); $i++)
	1748	{
[1815]	1749	$tags[$i]['id'] = (int)$tags[$i]['id'];
[1698]	1750	$tags[$i]['counter'] = (int)$tags[$i]['counter'];
	1751	$tags[$i]['url'] = make_index_url(
	1752	array(
	1753	'section'=>'tags',
	1754	'tags'=>array($tags[$i])
	1755	)
	1756	);
	1757	}
[2585]	1758	return array('tags' => new PwgNamedArray($tags, 'tag', array('id','url_name','url', 'name', 'counter' )) );
[1698]	1759	}
	1760
[2584]	1761	/**
	1762	* returns the list of tags as you can see them in administration (web
	1763	* service method).
	1764	*
	1765	* Only admin can run this method and permissions are not taken into
	1766	* account.
	1767	*/
	1768	function ws_tags_getAdminList($params, &$service)
	1769	{
	1770	if (!is_admin())
	1771	{
	1772	return new PwgError(401, 'Access denied');
	1773	}
[2585]	1774
[2584]	1775	$tags = get_all_tags();
	1776	return array(
	1777	'tags' => new PwgNamedArray(
	1778	$tags,
	1779	'tag',
	1780	array(
	1781	'name',
	1782	'id',
	1783	'url_name',
	1784	)
	1785	)
	1786	);
	1787	}
[1781]	1788
	1789	/**
	1790	* returns a list of images for tags (web service method)
	1791	*/
[1698]	1792	function ws_tags_getImages($params, &$service)
	1793	{
	1794	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1816]	1795	global $conf;
[2119]	1796
[1698]	1797	// first build all the tag_ids we are interested in
[1852]	1798	$params['tag_id'] = array_map( 'intval',$params['tag_id'] );
	1799	$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
[1698]	1800	$tags_by_id = array();
	1801	foreach( $tags as $tag )
	1802	{
[1852]	1803	$tags['id'] = (int)$tag['id'];
[1815]	1804	$tags_by_id[ $tag['id'] ] = $tag;
[1698]	1805	}
	1806	unset($tags);
[1852]	1807	$tag_ids = array_keys($tags_by_id);
[1698]	1808
	1809
[8726]	1810	$where_clauses = ws_std_image_sql_filter($params);
	1811	if (!empty($where_clauses))
	1812	{
	1813	$where_clauses = implode( ' AND ', $where_clauses);
	1814	}
	1815	$image_ids = get_image_ids_for_tags(
	1816	$tag_ids,
	1817	$params['tag_mode_and'] ? 'AND' : 'OR',
	1818	$where_clauses,
	1819	ws_std_image_sql_order($params) );
	1820
	1821
	1822	$image_ids = array_slice($image_ids, (int)($params['per_page']*$params['page']), (int)$params['per_page'] );
	1823
[1698]	1824	$image_tag_map = array();
[8726]	1825	if ( !empty($image_ids) and !$params['tag_mode_and'] )
[1698]	1826	{ // build list of image ids with associated tags per image
[8726]	1827	$query = '
[6652]	1828	SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
[1698]	1829	FROM '.IMAGE_TAG_TABLE.'
[8726]	1830	WHERE tag_id IN ('.implode(',',$tag_ids).') AND image_id IN ('.implode(',',$image_ids).')
[1698]	1831	GROUP BY image_id';
[8726]	1832	$result = pwg_query($query);
	1833	while ( $row=pwg_db_fetch_assoc($result) )
	1834	{
	1835	$row['image_id'] = (int)$row['image_id'];
	1836	array_push( $image_ids, $row['image_id'] );
	1837	$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
[1698]	1838	}
	1839	}
	1840
	1841	$images = array();
[8726]	1842	if (!empty($image_ids))
[1698]	1843	{
[8726]	1844	$rank_of = array_flip($image_ids);
	1845	$result = pwg_query('
	1846	SELECT * FROM '.IMAGES_TABLE.'
	1847	WHERE id IN ('.implode(',',$image_ids).')');
[4325]	1848	while ($row = pwg_db_fetch_assoc($result))
[1698]	1849	{
[2119]	1850	$image = array();
[8726]	1851	$image['rank'] = $rank_of[ $row['id'] ];
[1698]	1852	foreach ( array('id', 'width', 'height', 'hit') as $k )
	1853	{
	1854	if (isset($row[$k]))
	1855	{
	1856	$image[$k] = (int)$row[$k];
	1857	}
	1858	}
[11116]	1859	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
[1698]	1860	{
	1861	$image[$k] = $row[$k];
	1862	}
	1863	$image = array_merge( $image, ws_std_get_urls($row) );
	1864
	1865	$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
	1866	$image_tags = array();
	1867	foreach ($image_tag_ids as $tag_id)
	1868	{
	1869	$url = make_index_url(
	1870	array(
	1871	'section'=>'tags',
	1872	'tags'=> array($tags_by_id[$tag_id])
	1873	)
	1874	);
	1875	$page_url = make_picture_url(
	1876	array(
	1877	'section'=>'tags',
	1878	'tags'=> array($tags_by_id[$tag_id]),
	1879	'image_id' => $row['id'],
	1880	'image_file' => $row['file'],
	1881	)
	1882	);
	1883	array_push($image_tags, array(
	1884	'id' => (int)$tag_id,
	1885	'url' => $url,
	1886	'page_url' => $page_url,
	1887	)
	1888	);
	1889	}
[1711]	1890	$image['tags'] = new PwgNamedArray($image_tags, 'tag',
	1891	array('id','url_name','url','page_url')
[1698]	1892	);
	1893	array_push($images, $image);
	1894	}
[8726]	1895	usort($images, 'rank_compare');
	1896	unset($rank_of);
[1698]	1897	}
	1898
	1899	return array( 'images' =>
	1900	array (
	1901	WS_XML_ATTRIBUTES =>
	1902	array(
	1903	'page' => $params['page'],
	1904	'per_page' => $params['per_page'],
	1905	'count' => count($images)
	1906	),
[1711]	1907	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	1908	ws_std_get_image_xml_attributes() )
[1698]	1909	)
	1910	);
	1911	}
[2583]	1912
	1913	function ws_categories_add($params, &$service)
	1914	{
[8126]	1915	if (!is_admin())
[2583]	1916	{
	1917	return new PwgError(401, 'Access denied');
	1918	}
	1919
	1920	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1921
	1922	$creation_output = create_virtual_category(
	1923	$params['name'],
	1924	$params['parent']
	1925	);
	1926
	1927	if (isset($creation_output['error']))
	1928	{
	1929	return new PwgError(500, $creation_output['error']);
	1930	}
[2585]	1931
[2644]	1932	invalidate_user_cache();
[2757]	1933
[2583]	1934	return $creation_output;
	1935	}
[2634]	1936
	1937	function ws_tags_add($params, &$service)
	1938	{
[8126]	1939	if (!is_admin())
[2634]	1940	{
	1941	return new PwgError(401, 'Access denied');
	1942	}
	1943
	1944	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1945
	1946	$creation_output = create_tag($params['name']);
	1947
	1948	if (isset($creation_output['error']))
	1949	{
	1950	return new PwgError(500, $creation_output['error']);
	1951	}
	1952
	1953	return $creation_output;
	1954	}
[2683]	1955
	1956	function ws_images_exist($params, &$service)
	1957	{
[4954]	1958	global $conf;
	1959
[8126]	1960	if (!is_admin())
[2683]	1961	{
	1962	return new PwgError(401, 'Access denied');
	1963	}
	1964
[4954]	1965	$split_pattern = '/[\s,;\\|]/';
	1966
	1967	if ('md5sum' == $conf['uniqueness_mode'])
	1968	{
	1969	// search among photos the list of photos already added, based on md5sum
	1970	// list
	1971	$md5sums = preg_split(
	1972	$split_pattern,
	1973	$params['md5sum_list'],
	1974	-1,
	1975	PREG_SPLIT_NO_EMPTY
[2683]	1976	);
[2757]	1977
[4954]	1978	$query = '
[2683]	1979	SELECT
	1980	id,
	1981	md5sum
	1982	FROM '.IMAGES_TABLE.'
[2757]	1983	WHERE md5sum IN (\''.implode("','", $md5sums).'\')
[2683]	1984	;';
[4954]	1985	$id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
[2683]	1986
[4954]	1987	$result = array();
[2757]	1988
[4954]	1989	foreach ($md5sums as $md5sum)
	1990	{
	1991	$result[$md5sum] = null;
	1992	if (isset($id_of_md5[$md5sum]))
	1993	{
	1994	$result[$md5sum] = $id_of_md5[$md5sum];
	1995	}
	1996	}
	1997	}
	1998
	1999	if ('filename' == $conf['uniqueness_mode'])
[2683]	2000	{
[4954]	2001	// search among photos the list of photos already added, based on
	2002	// filename list
	2003	$filenames = preg_split(
	2004	$split_pattern,
	2005	$params['filename_list'],
	2006	-1,
	2007	PREG_SPLIT_NO_EMPTY
	2008	);
	2009
	2010	$query = '
	2011	SELECT
	2012	id,
	2013	file
	2014	FROM '.IMAGES_TABLE.'
	2015	WHERE file IN (\''.implode("','", $filenames).'\')
	2016	;';
	2017	$id_of_filename = simple_hash_from_query($query, 'file', 'id');
	2018
	2019	$result = array();
	2020
	2021	foreach ($filenames as $filename)
[2683]	2022	{
[4954]	2023	$result[$filename] = null;
	2024	if (isset($id_of_filename[$filename]))
	2025	{
	2026	$result[$filename] = $id_of_filename[$filename];
	2027	}
[2683]	2028	}
	2029	}
	2030
	2031	return $result;
	2032	}
[2919]	2033
[4347]	2034	function ws_images_checkFiles($params, &$service)
	2035	{
[8126]	2036	if (!is_admin())
[4347]	2037	{
	2038	return new PwgError(401, 'Access denied');
	2039	}
	2040
	2041	// input parameters
	2042	//
	2043	// image_id
	2044	// thumbnail_sum
	2045	// file_sum
	2046	// high_sum
	2047
	2048	$params['image_id'] = (int)$params['image_id'];
	2049	if ($params['image_id'] <= 0)
	2050	{
	2051	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	2052	}
	2053
	2054	$query = '
	2055	SELECT
	2056	path
	2057	FROM '.IMAGES_TABLE.'
	2058	WHERE id = '.$params['image_id'].'
	2059	;';
	2060	$result = pwg_query($query);
[6500]	2061	if (pwg_db_num_rows($result) == 0) {
[4347]	2062	return new PwgError(404, "image_id not found");
	2063	}
[6500]	2064	list($path) = pwg_db_fetch_row($result);
[4347]	2065
	2066	$ret = array();
	2067
	2068	foreach (array('thumb', 'file', 'high') as $type) {
	2069	$param_name = $type;
	2070	if ('thumb' == $type) {
	2071	$param_name = 'thumbnail';
	2072	}
	2073
	2074	if (isset($params[$param_name.'_sum'])) {
[8249]	2075	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
[4347]	2076	$type_path = file_path_for_type($path, $type);
	2077	if (!is_file($type_path)) {
	2078	$ret[$param_name] = 'missing';
	2079	}
	2080	else {
	2081	if (md5_file($type_path) != $params[$param_name.'_sum']) {
	2082	$ret[$param_name] = 'differs';
	2083	}
	2084	else {
	2085	$ret[$param_name] = 'equals';
	2086	}
	2087	}
	2088	}
	2089	}
	2090
	2091	return $ret;
	2092	}
	2093
[2919]	2094	function ws_images_setInfo($params, &$service)
	2095	{
	2096	global $conf;
[8126]	2097	if (!is_admin())
[2919]	2098	{
	2099	return new PwgError(401, 'Access denied');
	2100	}
	2101
[4511]	2102	if (!$service->isPost())
	2103	{
	2104	return new PwgError(405, "This method requires HTTP POST");
	2105	}
	2106
[2919]	2107	$params['image_id'] = (int)$params['image_id'];
	2108	if ($params['image_id'] <= 0)
	2109	{
	2110	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	2111	}
	2112
[7613]	2113	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2114
[2919]	2115	$query='
	2116	SELECT *
	2117	FROM '.IMAGES_TABLE.'
	2118	WHERE id = '.$params['image_id'].'
	2119	;';
	2120
[4325]	2121	$image_row = pwg_db_fetch_assoc(pwg_query($query));
[2919]	2122	if ($image_row == null)
	2123	{
	2124	return new PwgError(404, "image_id not found");
	2125	}
	2126
	2127	// database registration
[4460]	2128	$update = array();
[2919]	2129
	2130	$info_columns = array(
	2131	'name',
	2132	'author',
	2133	'comment',
	2134	'level',
	2135	'date_creation',
	2136	);
	2137
	2138	foreach ($info_columns as $key)
	2139	{
	2140	if (isset($params[$key]))
	2141	{
[4460]	2142	if ('fill_if_empty' == $params['single_value_mode'])
	2143	{
	2144	if (empty($image_row[$key]))
	2145	{
	2146	$update[$key] = $params[$key];
	2147	}
	2148	}
	2149	elseif ('replace' == $params['single_value_mode'])
	2150	{
	2151	$update[$key] = $params[$key];
	2152	}
	2153	else
	2154	{
	2155	new PwgError(
	2156	500,
	2157	'[ws_images_setInfo]'
	2158	.' invalid parameter single_value_mode "'.$params['single_value_mode'].'"'
	2159	.', possible values are {fill_if_empty, replace}.'
	2160	);
	2161	exit();
	2162	}
[2919]	2163	}
	2164	}
	2165
[4460]	2166	if (count(array_keys($update)) > 0)
[2919]	2167	{
[4460]	2168	$update['id'] = $params['image_id'];
	2169
[2919]	2170	mass_updates(
	2171	IMAGES_TABLE,
	2172	array(
	2173	'primary' => array('id'),
	2174	'update' => array_diff(array_keys($update), array('id'))
	2175	),
	2176	array($update)
	2177	);
	2178	}
[3145]	2179
[2919]	2180	if (isset($params['categories']))
	2181	{
	2182	ws_add_image_category_relations(
	2183	$params['image_id'],
[4445]	2184	$params['categories'],
[4460]	2185	('replace' == $params['multiple_value_mode'] ? true : false)
[2919]	2186	);
	2187	}
	2188
	2189	// and now, let's create tag associations
	2190	if (isset($params['tag_ids']))
	2191	{
[4445]	2192	$tag_ids = explode(',', $params['tag_ids']);
	2193
[4460]	2194	if ('replace' == $params['multiple_value_mode'])
[4445]	2195	{
	2196	set_tags(
	2197	$tag_ids,
	2198	$params['image_id']
	2199	);
	2200	}
[4460]	2201	elseif ('append' == $params['multiple_value_mode'])
[4445]	2202	{
	2203	add_tags(
	2204	$tag_ids,
	2205	array($params['image_id'])
	2206	);
	2207	}
[4460]	2208	else
	2209	{
	2210	new PwgError(
	2211	500,
	2212	'[ws_images_setInfo]'
	2213	.' invalid parameter multiple_value_mode "'.$params['multiple_value_mode'].'"'
	2214	.', possible values are {replace, append}.'
	2215	);
	2216	exit();
	2217	}
[2919]	2218	}
	2219
	2220	invalidate_user_cache();
	2221	}
	2222
[8266]	2223	function ws_images_delete($params, &$service)
	2224	{
	2225	global $conf;
[8274]	2226	if (!is_admin())
[8266]	2227	{
	2228	return new PwgError(401, 'Access denied');
	2229	}
	2230
	2231	if (!$service->isPost())
	2232	{
	2233	return new PwgError(405, "This method requires HTTP POST");
	2234	}
	2235
	2236	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2237	{
	2238	return new PwgError(403, 'Invalid security token');
	2239	}
	2240
	2241	$params['image_id'] = preg_split(
	2242	'/[\s,;\\|]/',
	2243	$params['image_id'],
	2244	-1,
	2245	PREG_SPLIT_NO_EMPTY
	2246	);
	2247	$params['image_id'] = array_map('intval', $params['image_id']);
	2248
	2249	$image_ids = array();
	2250	foreach ($params['image_id'] as $image_id)
	2251	{
	2252	if ($image_id > 0)
	2253	{
	2254	array_push($image_ids, $image_id);
	2255	}
	2256	}
	2257
	2258	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2259	delete_elements($image_ids, true);
	2260	}
	2261
[4445]	2262	function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
[2919]	2263	{
	2264	// let's add links between the image and the categories
	2265	//
	2266	// $params['categories'] should look like 123,12;456,auto;789 which means:
	2267	//
	2268	// 1. associate with category 123 on rank 12
	2269	// 2. associate with category 456 on automatic rank
	2270	// 3. associate with category 789 on automatic rank
	2271	$cat_ids = array();
	2272	$rank_on_category = array();
	2273	$search_current_ranks = false;
	2274
	2275	$tokens = explode(';', $categories_string);
	2276	foreach ($tokens as $token)
	2277	{
[2920]	2278	@list($cat_id, $rank) = explode(',', $token);
[2919]	2279
[4445]	2280	if (!preg_match('/^\d+$/', $cat_id))
	2281	{
	2282	continue;
	2283	}
	2284
[2919]	2285	array_push($cat_ids, $cat_id);
	2286
	2287	if (!isset($rank))
	2288	{
	2289	$rank = 'auto';
	2290	}
	2291	$rank_on_category[$cat_id] = $rank;
	2292
	2293	if ($rank == 'auto')
	2294	{
	2295	$search_current_ranks = true;
	2296	}
	2297	}
	2298
	2299	$cat_ids = array_unique($cat_ids);
	2300
[4445]	2301	if (count($cat_ids) == 0)
[2919]	2302	{
[4445]	2303	new PwgError(
	2304	500,
	2305	'[ws_add_image_category_relations] there is no category defined in "'.$categories_string.'"'
	2306	);
	2307	exit();
	2308	}
[4513]	2309
[4445]	2310	$query = '
	2311	SELECT
	2312	id
	2313	FROM '.CATEGORIES_TABLE.'
	2314	WHERE id IN ('.implode(',', $cat_ids).')
	2315	;';
	2316	$db_cat_ids = array_from_query($query, 'id');
	2317
	2318	$unknown_cat_ids = array_diff($cat_ids, $db_cat_ids);
	2319	if (count($unknown_cat_ids) != 0)
	2320	{
	2321	new PwgError(
	2322	500,
	2323	'[ws_add_image_category_relations] the following categories are unknown: '.implode(', ', $unknown_cat_ids)
	2324	);
	2325	exit();
	2326	}
[4513]	2327
[4445]	2328	$to_update_cat_ids = array();
[4513]	2329
[4445]	2330	// in case of replace mode, we first check the existing associations
	2331	$query = '
	2332	SELECT
	2333	category_id
	2334	FROM '.IMAGE_CATEGORY_TABLE.'
	2335	WHERE image_id = '.$image_id.'
	2336	;';
	2337	$existing_cat_ids = array_from_query($query, 'category_id');
	2338
	2339	if ($replace_mode)
	2340	{
	2341	$to_remove_cat_ids = array_diff($existing_cat_ids, $cat_ids);
	2342	if (count($to_remove_cat_ids) > 0)
[2919]	2343	{
	2344	$query = '
[4445]	2345	DELETE
	2346	FROM '.IMAGE_CATEGORY_TABLE.'
	2347	WHERE image_id = '.$image_id.'
	2348	AND category_id IN ('.implode(', ', $to_remove_cat_ids).')
	2349	;';
	2350	pwg_query($query);
	2351	update_category($to_remove_cat_ids);
	2352	}
	2353	}
[4513]	2354
[4445]	2355	$new_cat_ids = array_diff($cat_ids, $existing_cat_ids);
	2356	if (count($new_cat_ids) == 0)
	2357	{
	2358	return true;
	2359	}
[4513]	2360
[4445]	2361	if ($search_current_ranks)
	2362	{
	2363	$query = '
[2919]	2364	SELECT
	2365	category_id,
	2366	MAX(rank) AS max_rank
	2367	FROM '.IMAGE_CATEGORY_TABLE.'
	2368	WHERE rank IS NOT NULL
[4445]	2369	AND category_id IN ('.implode(',', $new_cat_ids).')
[2919]	2370	GROUP BY category_id
	2371	;';
[4445]	2372	$current_rank_of = simple_hash_from_query(
	2373	$query,
	2374	'category_id',
	2375	'max_rank'
	2376	);
[2919]	2377
[4445]	2378	foreach ($new_cat_ids as $cat_id)
	2379	{
	2380	if (!isset($current_rank_of[$cat_id]))
[2919]	2381	{
[4445]	2382	$current_rank_of[$cat_id] = 0;
[2919]	2383	}
[4513]	2384
[4445]	2385	if ('auto' == $rank_on_category[$cat_id])
	2386	{
	2387	$rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1;
	2388	}
[2919]	2389	}
[4445]	2390	}
[4513]	2391
[4445]	2392	$inserts = array();
[4513]	2393
[4445]	2394	foreach ($new_cat_ids as $cat_id)
	2395	{
	2396	array_push(
	2397	$inserts,
	2398	array(
	2399	'image_id' => $image_id,
	2400	'category_id' => $cat_id,
	2401	'rank' => $rank_on_category[$cat_id],
	2402	)
[2919]	2403	);
	2404	}
[4513]	2405
[4445]	2406	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2407	mass_inserts(
	2408	IMAGE_CATEGORY_TABLE,
	2409	array_keys($inserts[0]),
	2410	$inserts
	2411	);
[4513]	2412
[4445]	2413	update_category($new_cat_ids);
[2919]	2414	}
[3193]	2415
[3454]	2416	function ws_categories_setInfo($params, &$service)
	2417	{
	2418	global $conf;
[8126]	2419	if (!is_admin())
[3454]	2420	{
	2421	return new PwgError(401, 'Access denied');
	2422	}
	2423
[4511]	2424	if (!$service->isPost())
	2425	{
	2426	return new PwgError(405, "This method requires HTTP POST");
	2427	}
	2428
[3454]	2429	// category_id
	2430	// name
	2431	// comment
	2432
	2433	$params['category_id'] = (int)$params['category_id'];
	2434	if ($params['category_id'] <= 0)
	2435	{
	2436	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	2437	}
	2438
	2439	// database registration
	2440	$update = array(
	2441	'id' => $params['category_id'],
	2442	);
	2443
	2444	$info_columns = array(
	2445	'name',
	2446	'comment',
	2447	);
	2448
	2449	$perform_update = false;
	2450	foreach ($info_columns as $key)
	2451	{
	2452	if (isset($params[$key]))
	2453	{
	2454	$perform_update = true;
	2455	$update[$key] = $params[$key];
	2456	}
	2457	}
	2458
	2459	if ($perform_update)
	2460	{
	2461	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2462	mass_updates(
	2463	CATEGORIES_TABLE,
	2464	array(
	2465	'primary' => array('id'),
	2466	'update' => array_diff(array_keys($update), array('id'))
	2467	),
	2468	array($update)
	2469	);
	2470	}
[3488]	2471
[3454]	2472	}
	2473
[11746]	2474	function ws_categories_setRepresentative($params, &$service)
	2475	{
	2476	global $conf;
	2477
	2478	if (!is_admin())
	2479	{
	2480	return new PwgError(401, 'Access denied');
	2481	}
	2482
	2483	if (!$service->isPost())
	2484	{
	2485	return new PwgError(405, "This method requires HTTP POST");
	2486	}
	2487
	2488	// category_id
	2489	// image_id
	2490
	2491	$params['category_id'] = (int)$params['category_id'];
	2492	if ($params['category_id'] <= 0)
	2493	{
	2494	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	2495	}
	2496
	2497	// does the category really exist?
	2498	$query='
	2499	SELECT
	2500	*
	2501	FROM '.CATEGORIES_TABLE.'
	2502	WHERE id = '.$params['category_id'].'
	2503	;';
	2504	$row = pwg_db_fetch_assoc(pwg_query($query));
	2505	if ($row == null)
	2506	{
	2507	return new PwgError(404, "category_id not found");
	2508	}
	2509
	2510	$params['image_id'] = (int)$params['image_id'];
	2511	if ($params['image_id'] <= 0)
	2512	{
	2513	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	2514	}
	2515
	2516	// does the image really exist?
	2517	$query='
	2518	SELECT
	2519	*
	2520	FROM '.IMAGES_TABLE.'
	2521	WHERE id = '.$params['image_id'].'
	2522	;';
	2523
	2524	$row = pwg_db_fetch_assoc(pwg_query($query));
	2525	if ($row == null)
	2526	{
	2527	return new PwgError(404, "image_id not found");
	2528	}
	2529
	2530	// apply change
	2531	$query = '
	2532	UPDATE '.CATEGORIES_TABLE.'
	2533	SET representative_picture_id = '.$params['image_id'].'
	2534	WHERE id = '.$params['category_id'].'
	2535	;';
	2536	pwg_query($query);
	2537
	2538	$query = '
	2539	UPDATE '.USER_CACHE_CATEGORIES_TABLE.'
	2540	SET user_representative_picture_id = NULL
	2541	WHERE cat_id = '.$params['category_id'].'
	2542	;';
	2543	pwg_query($query);
	2544	}
	2545
[8266]	2546	function ws_categories_delete($params, &$service)
	2547	{
	2548	global $conf;
[8274]	2549	if (!is_admin())
[8266]	2550	{
	2551	return new PwgError(401, 'Access denied');
	2552	}
	2553
	2554	if (!$service->isPost())
	2555	{
	2556	return new PwgError(405, "This method requires HTTP POST");
	2557	}
	2558
	2559	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2560	{
	2561	return new PwgError(403, 'Invalid security token');
	2562	}
	2563
	2564	$modes = array('no_delete', 'delete_orphans', 'force_delete');
	2565	if (!in_array($params['photo_deletion_mode'], $modes))
	2566	{
	2567	return new PwgError(
	2568	500,
	2569	'[ws_categories_delete]'
	2570	.' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
	2571	.', possible values are {'.implode(', ', $modes).'}.'
	2572	);
	2573	}
	2574
	2575	$params['category_id'] = preg_split(
	2576	'/[\s,;\\|]/',
	2577	$params['category_id'],
	2578	-1,
	2579	PREG_SPLIT_NO_EMPTY
	2580	);
	2581	$params['category_id'] = array_map('intval', $params['category_id']);
	2582
	2583	$category_ids = array();
	2584	foreach ($params['category_id'] as $category_id)
	2585	{
	2586	if ($category_id > 0)
	2587	{
	2588	array_push($category_ids, $category_id);
	2589	}
	2590	}
	2591
	2592	if (count($category_ids) == 0)
	2593	{
	2594	return;
	2595	}
	2596
	2597	$query = '
	2598	SELECT id
	2599	FROM '.CATEGORIES_TABLE.'
	2600	WHERE id IN ('.implode(',', $category_ids).')
	2601	;';
	2602	$category_ids = array_from_query($query, 'id');
	2603
	2604	if (count($category_ids) == 0)
	2605	{
	2606	return;
	2607	}
	2608
	2609	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2610	delete_categories($category_ids, $params['photo_deletion_mode']);
	2611	update_global_rank();
	2612	}
	2613
[8272]	2614	function ws_categories_move($params, &$service)
	2615	{
	2616	global $conf, $page;
	2617
[8274]	2618	if (!is_admin())
[8272]	2619	{
	2620	return new PwgError(401, 'Access denied');
	2621	}
	2622
	2623	if (!$service->isPost())
	2624	{
	2625	return new PwgError(405, "This method requires HTTP POST");
	2626	}
	2627
	2628	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2629	{
	2630	return new PwgError(403, 'Invalid security token');
	2631	}
	2632
	2633	$params['category_id'] = preg_split(
	2634	'/[\s,;\\|]/',
	2635	$params['category_id'],
	2636	-1,
	2637	PREG_SPLIT_NO_EMPTY
	2638	);
	2639	$params['category_id'] = array_map('intval', $params['category_id']);
	2640
	2641	$category_ids = array();
	2642	foreach ($params['category_id'] as $category_id)
	2643	{
	2644	if ($category_id > 0)
	2645	{
	2646	array_push($category_ids, $category_id);
	2647	}
	2648	}
	2649
	2650	if (count($category_ids) == 0)
	2651	{
	2652	return new PwgError(403, 'Invalid category_id input parameter, no category to move');
	2653	}
	2654
	2655	// we can't move physical categories
	2656	$categories_in_db = array();
	2657
	2658	$query = '
	2659	SELECT
	2660	id,
	2661	name,
	2662	dir
	2663	FROM '.CATEGORIES_TABLE.'
	2664	WHERE id IN ('.implode(',', $category_ids).')
	2665	;';
	2666	$result = pwg_query($query);
	2667	while ($row = pwg_db_fetch_assoc($result))
	2668	{
	2669	$categories_in_db[$row['id']] = $row;
	2670	// we break on error at first physical category detected
	2671	if (!empty($row['dir']))
	2672	{
	2673	$row['name'] = strip_tags(
	2674	trigger_event(
	2675	'render_category_name',
	2676	$row['name'],
	2677	'ws_categories_move'
	2678	)
	2679	);
	2680
	2681	return new PwgError(
	2682	403,
	2683	sprintf(
	2684	'Category %s (%u) is not a virtual category, you cannot move it',
	2685	$row['name'],
	2686	$row['id']
	2687	)
	2688	);
	2689	}
	2690	}
	2691
	2692	if (count($categories_in_db) != count($category_ids))
	2693	{
	2694	$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
	2695
	2696	return new PwgError(
	2697	403,
	2698	sprintf(
	2699	'Category %u does not exist',
	2700	$unknown_category_ids[0]
	2701	)
	2702	);
	2703	}
	2704
	2705	// does this parent exists? This check should be made in the
	2706	// move_categories function, not here
	2707	//
	2708	// 0 as parent means "move categories at gallery root"
	2709	if (!is_numeric($params['parent']))
	2710	{
	2711	return new PwgError(403, 'Invalid parent input parameter');
	2712	}
	2713
	2714	if (0 != $params['parent']) {
	2715	$params['parent'] = intval($params['parent']);
	2716	$subcat_ids = get_subcat_ids(array($params['parent']));
	2717	if (count($subcat_ids) == 0)
	2718	{
	2719	return new PwgError(403, 'Unknown parent category id');
	2720	}
	2721	}
	2722
	2723	$page['infos'] = array();
	2724	$page['errors'] = array();
	2725	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2726	move_categories($category_ids, $params['parent']);
	2727	invalidate_user_cache();
	2728
	2729	if (count($page['errors']) != 0)
	2730	{
	2731	return new PwgError(403, implode('; ', $page['errors']));
	2732	}
	2733	}
	2734
[3193]	2735	function ws_logfile($string)
	2736	{
[3662]	2737	global $conf;
[3488]	2738
[3662]	2739	if (!$conf['ws_enable_log']) {
	2740	return true;
	2741	}
	2742
[3193]	2743	file_put_contents(
[3662]	2744	$conf['ws_log_filepath'],
[3193]	2745	'['.date('c').'] '.$string."\n",
	2746	FILE_APPEND
	2747	);
	2748	}
[6049]	2749
	2750	function ws_images_checkUpload($params, &$service)
	2751	{
	2752	global $conf;
	2753
[8126]	2754	if (!is_admin())
[6049]	2755	{
	2756	return new PwgError(401, 'Access denied');
	2757	}
	2758
[8249]	2759	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
[6051]	2760	$ret['message'] = ready_for_upload_message();
	2761	$ret['ready_for_upload'] = true;
	2762
	2763	if (!empty($ret['message']))
	2764	{
	2765	$ret['ready_for_upload'] = false;
	2766	}
	2767
	2768	return $ret;
	2769	}
[8273]	2770
	2771	function ws_plugins_getList($params, &$service)
	2772	{
	2773	global $conf;
	2774
	2775	if (!is_admin())
	2776	{
	2777	return new PwgError(401, 'Access denied');
	2778	}
	2779
	2780	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
	2781	$plugins = new plugins();
	2782	$plugins->sort_fs_plugins('name');
	2783	$plugin_list = array();
	2784
	2785	foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
	2786	{
	2787	if (isset($plugins->db_plugins_by_id[$plugin_id]))
	2788	{
	2789	$state = $plugins->db_plugins_by_id[$plugin_id]['state'];
	2790	}
	2791	else
	2792	{
	2793	$state = 'uninstalled';
	2794	}
	2795
	2796	array_push(
	2797	$plugin_list,
	2798	array(
	2799	'id' => $plugin_id,
	2800	'name' => $fs_plugin['name'],
	2801	'version' => $fs_plugin['version'],
	2802	'state' => $state,
	2803	'description' => $fs_plugin['description'],
	2804	)
	2805	);
	2806	}
	2807
	2808	return $plugin_list;
	2809	}
	2810
	2811	function ws_plugins_performAction($params, &$service)
	2812	{
	2813	global $template;
	2814
	2815	if (!is_admin())
	2816	{
	2817	return new PwgError(401, 'Access denied');
	2818	}
	2819
	2820	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2821	{
	2822	return new PwgError(403, 'Invalid security token');
	2823	}
	2824
	2825	define('IN_ADMIN', true);
	2826	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
	2827	$plugins = new plugins();
	2828	$errors = $plugins->perform_action($params['action'], $params['plugin']);
	2829
	2830
	2831	if (!empty($errors))
	2832	{
	2833	return new PwgError(500, $errors);
	2834	}
	2835	else
	2836	{
	2837	if (in_array($params['action'], array('activate', 'deactivate')))
	2838	{
	2839	$template->delete_compiled_templates();
	2840	}
	2841	return true;
	2842	}
	2843	}
	2844
[8297]	2845	function ws_themes_performAction($params, &$service)
	2846	{
	2847	global $template;
	2848
[8726]	2849	if (!is_admin())
[8297]	2850	{
	2851	return new PwgError(401, 'Access denied');
	2852	}
	2853
	2854	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2855	{
	2856	return new PwgError(403, 'Invalid security token');
	2857	}
	2858
	2859	define('IN_ADMIN', true);
	2860	include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
	2861	$themes = new themes();
	2862	$errors = $themes->perform_action($params['action'], $params['theme']);
	2863
	2864	if (!empty($errors))
	2865	{
	2866	return new PwgError(500, $errors);
	2867	}
	2868	else
	2869	{
	2870	if (in_array($params['action'], array('activate', 'deactivate')))
	2871	{
	2872	$template->delete_compiled_templates();
	2873	}
	2874	return true;
	2875	}
	2876	}
[10235]	2877
[10686]	2878	function ws_images_resizethumbnail($params, &$service)
[10235]	2879	{
	2880	if (!is_admin())
	2881	{
	2882	return new PwgError(401, 'Access denied');
	2883	}
	2884
[10563]	2885	if (empty($params['image_id']) and empty($params['image_path']))
	2886	{
	2887	return new PwgError(403, "image_id or image_path is missing");
	2888	}
	2889
	2890	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
[10641]	2891	include_once(PHPWG_ROOT_PATH.'admin/include/image.class.php');
[10563]	2892
	2893	if (!empty($params['image_id']))
	2894	{
	2895	$query='
[10235]	2896	SELECT id, path, tn_ext, has_high
[10563]	2897	FROM '.IMAGES_TABLE.'
	2898	WHERE id = '.(int)$params['image_id'].'
[10235]	2899	;';
[10563]	2900	$image = pwg_db_fetch_assoc(pwg_query($query));
[10235]	2901
[10563]	2902	if ($image == null)
	2903	{
	2904	return new PwgError(403, "image_id not found");
	2905	}
	2906
	2907	$image_path = $image['path'];
	2908	$thumb_path = get_thumbnail_path($image);
	2909	}
	2910	else
[10235]	2911	{
[10563]	2912	$image_path = $params['image_path'];
	2913	$thumb_path = file_path_for_type($image_path, 'thumb');
[10235]	2914	}
	2915
[10686]	2916	if (!file_exists($image_path) or !is_valid_image_extension(get_extension($image_path)))
[10235]	2917	{
	2918	return new PwgError(403, "image can't be resized");
	2919	}
	2920
[10563]	2921	$result = false;
[10686]	2922	prepare_directory(dirname($thumb_path));
	2923	$img = new pwg_image($image_path, $params['library']);
[10563]	2924
[10686]	2925	$result = $img->pwg_resize(
	2926	$thumb_path,
	2927	$params['maxwidth'],
	2928	$params['maxheight'],
	2929	$params['quality'],
	2930	false, // automatic rotation is not needed for thumbnails.
	2931	true, // strip metadata
	2932	get_boolean($params['crop']),
	2933	get_boolean($params['follow_orientation'])
	2934	);
	2935
	2936	$img->destroy();
	2937	return $result;
	2938	}
	2939
	2940	function ws_images_resizewebsize($params, &$service)
	2941	{
	2942	if (!is_admin())
[10235]	2943	{
[10686]	2944	return new PwgError(401, 'Access denied');
	2945	}
[10563]	2946
[10686]	2947	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
	2948	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
	2949	include_once(PHPWG_ROOT_PATH.'admin/include/image.class.php');
[10641]	2950
[10686]	2951	$query='
	2952	SELECT id, path, tn_ext, has_high
	2953	FROM '.IMAGES_TABLE.'
	2954	WHERE id = '.(int)$params['image_id'].'
	2955	;';
	2956	$image = pwg_db_fetch_assoc(pwg_query($query));
[10641]	2957
[10686]	2958	if ($image == null)
	2959	{
	2960	return new PwgError(403, "image_id not found");
[10235]	2961	}
[10686]	2962
	2963	$image_path = $image['path'];
	2964	$hd_path = get_high_path($image);
	2965
	2966	if (empty($image['has_high']) or !file_exists($hd_path) or !is_valid_image_extension(get_extension($image_path)))
[10235]	2967	{
[10686]	2968	return new PwgError(403, "image can't be resized");
	2969	}
[10641]	2970
[10686]	2971	$result = false;
[10747]	2972	$img = new pwg_image($hd_path, $params['library']);
[10454]	2973
[10686]	2974	$result = $img->pwg_resize(
	2975	$image_path,
	2976	$params['maxwidth'],
	2977	$params['maxheight'],
	2978	$params['quality'],
	2979	$params['automatic_rotation'],
	2980	false // strip metadata
	2981	);
[10641]	2982
[10686]	2983	$img->destroy();
	2984
	2985	global $conf;
	2986	$conf['use_exif'] = false;
	2987	$conf['use_iptc'] = false;
	2988	update_metadata(array($image['id'] => $image['path']));
	2989
[10563]	2990	return $result;
[10235]	2991	}
[10511]	2992
	2993	function ws_extensions_update($params, &$service)
	2994	{
	2995	if (!is_webmaster())
	2996	{
	2997	return new PwgError(401, l10n('Webmaster status is required.'));
	2998	}
	2999
	3000	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	3001	{
	3002	return new PwgError(403, 'Invalid security token');
	3003	}
	3004
	3005	if (empty($params['type']) or !in_array($params['type'], array('plugins', 'themes', 'languages')))
	3006	{
	3007	return new PwgError(403, "invalid extension type");
	3008	}
	3009
	3010	if (empty($params['id']) or empty($params['revision']))
	3011	{
	3012	return new PwgError(null, 'Wrong parameters');
	3013	}
	3014
	3015	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	3016	include_once(PHPWG_ROOT_PATH.'admin/include/'.$params['type'].'.class.php');
	3017
	3018	$type = $params['type'];
	3019	$extension_id = $params['id'];
	3020	$revision = $params['revision'];
	3021
	3022	$extension = new $type();
	3023
	3024	if ($type == 'plugins')
	3025	{
	3026	if (isset($extension->db_plugins_by_id[$extension_id]) and $extension->db_plugins_by_id[$extension_id]['state'] == 'active')
	3027	{
	3028	$extension->perform_action('deactivate', $extension_id);
	3029
	3030	redirect(PHPWG_ROOT_PATH
	3031	. 'ws.php'
	3032	. '?method=pwg.extensions.update'
	3033	. '&type=plugins'
	3034	. '&id=' . $extension_id
	3035	. '&revision=' . $revision
	3036	. '&reactivate=true'
	3037	. '&pwg_token=' . get_pwg_token()
	3038	. '&format=json'
	3039	);
	3040	}
	3041
	3042	$upgrade_status = $extension->extract_plugin_files('upgrade', $revision, $extension_id);
	3043	$extension_name = $extension->fs_plugins[$extension_id]['name'];
	3044
	3045	if (isset($params['reactivate']))
	3046	{
	3047	$extension->perform_action('activate', $extension_id);
	3048	}
	3049	}
	3050	elseif ($type == 'themes')
	3051	{
	3052	$upgrade_status = $extension->extract_theme_files('upgrade', $revision, $extension_id);
	3053	$extension_name = $extension->fs_themes[$extension_id]['name'];
	3054	}
	3055	elseif ($type == 'languages')
	3056	{
	3057	$upgrade_status = $extension->extract_language_files('upgrade', $revision, $extension_id);
	3058	$extension_name = $extension->fs_languages[$extension_id]['name'];
	3059	}
	3060
	3061	global $template;
	3062	$template->delete_compiled_templates();
	3063
	3064	switch ($upgrade_status)
	3065	{
	3066	case 'ok':
	3067	return sprintf(l10n('%s has been successfully updated.'), $extension_name);
	3068
	3069	case 'temp_path_error':
	3070	return new PwgError(null, l10n('Can\'t create temporary file.'));
	3071
	3072	case 'dl_archive_error':
	3073	return new PwgError(null, l10n('Can\'t download archive.'));
	3074
	3075	case 'archive_error':
	3076	return new PwgError(null, l10n('Can\'t read or extract archive.'));
	3077
	3078	default:
	3079	return new PwgError(null, sprintf(l10n('An error occured during extraction (%s).'), $upgrade_status));
	3080	}
	3081	}
	3082
	3083	function ws_extensions_ignoreupdate($params, &$service)
	3084	{
	3085	global $conf;
	3086
	3087	define('IN_ADMIN', true);
	3088	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	3089
	3090	if (!is_webmaster())
	3091	{
	3092	return new PwgError(401, 'Access denied');
	3093	}
	3094
	3095	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	3096	{
	3097	return new PwgError(403, 'Invalid security token');
	3098	}
	3099
	3100	$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
	3101
[10538]	3102	// Reset ignored extension
[10511]	3103	if ($params['reset'])
	3104	{
[10596]	3105	if (!empty($params['type']) and isset($conf['updates_ignored'][$params['type']]))
	3106	{
	3107	$conf['updates_ignored'][$params['type']] = array();
	3108	}
	3109	else
	3110	{
	3111	$conf['updates_ignored'] = array(
	3112	'plugins'=>array(),
	3113	'themes'=>array(),
	3114	'languages'=>array()
	3115	);
	3116	}
[10511]	3117	conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
	3118	unset($_SESSION['extensions_need_update']);
	3119	return true;
	3120	}
	3121
	3122	if (empty($params['id']) or empty($params['type']) or !in_array($params['type'], array('plugins', 'themes', 'languages')))
	3123	{
	3124	return new PwgError(403, 'Invalid parameters');
	3125	}
	3126
	3127	// Add or remove extension from ignore list
	3128	if (!in_array($params['id'], $conf['updates_ignored'][$params['type']]))
	3129	{
	3130	array_push($conf['updates_ignored'][$params['type']], $params['id']);
	3131	}
	3132	conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
	3133	unset($_SESSION['extensions_need_update']);
	3134	return true;
	3135	}
[10538]	3136
	3137	function ws_extensions_checkupdates($params, &$service)
	3138	{
	3139	global $conf;
	3140
	3141	define('IN_ADMIN', true);
	3142	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	3143	include_once(PHPWG_ROOT_PATH.'admin/include/updates.class.php');
	3144	$update = new updates();
	3145
	3146	if (!is_admin())
	3147	{
	3148	return new PwgError(401, 'Access denied');
	3149	}
	3150
	3151	$result = array();
	3152
	3153	if (!isset($_SESSION['need_update']))
	3154	$update->check_piwigo_upgrade();
	3155
	3156	$result['piwigo_need_update'] = $_SESSION['need_update'];
	3157
	3158	$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
	3159
	3160	if (!isset($_SESSION['extensions_need_update']))
	3161	$update->check_extensions();
	3162	else
	3163	$update->check_updated_extensions();
	3164
	3165	if (!is_array($_SESSION['extensions_need_update']))
	3166	$result['ext_need_update'] = null;
	3167	else
	3168	$result['ext_need_update'] = !empty($_SESSION['extensions_need_update']);
	3169
	3170	return $result;
	3171	}
[1698]	3172	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: