Context Navigation

source: trunk/include/ws_functions.inc.php @ 13544

Last change on this file since 13544 was 13544, checked in by rvelices, 12 years ago

Property svn:eol-style set to `LF`
File size: 83.7 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2012 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	/** IMPLEMENTATION OF WEB SERVICE METHODS *********************************/
25
26	/**
27	* Event handler for method invocation security check. Should return a PwgError
28	* if the preconditions are not satifsied for method invocation.
29	*/
30	function ws_isInvokeAllowed($res, $methodName, $params)
31	{
32	global $conf;
33
34	if ( strpos($methodName,'reflection.')===0 )
35	{ // OK for reflection
36	return $res;
37	}
38
39	if ( !is_autorize_status(ACCESS_GUEST) and
40	strpos($methodName,'pwg.session.')!==0 )
41	{
42	return new PwgError(401, 'Access denied');
43	}
44
45	return $res;
46	}
47
48	/**
49	* returns a "standard" (for our web service) array of sql where clauses that
50	* filters the images (images table only)
51	*/
52	function ws_std_image_sql_filter( $params, $tbl_name='' )
53	{
54	$clauses = array();
55	if ( is_numeric($params['f_min_rate']) )
56	{
57	$clauses[] = $tbl_name.'rating_score>'.$params['f_min_rate'];
58	}
59	if ( is_numeric($params['f_max_rate']) )
60	{
61	$clauses[] = $tbl_name.'rating_score<='.$params['f_max_rate'];
62	}
63	if ( is_numeric($params['f_min_hit']) )
64	{
65	$clauses[] = $tbl_name.'hit>'.$params['f_min_hit'];
66	}
67	if ( is_numeric($params['f_max_hit']) )
68	{
69	$clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
70	}
71	if ( isset($params['f_min_date_available']) )
72	{
73	$clauses[] = $tbl_name."date_available>='".$params['f_min_date_available']."'";
74	}
75	if ( isset($params['f_max_date_available']) )
76	{
77	$clauses[] = $tbl_name."date_available<'".$params['f_max_date_available']."'";
78	}
79	if ( isset($params['f_min_date_created']) )
80	{
81	$clauses[] = $tbl_name."date_creation>='".$params['f_min_date_created']."'";
82	}
83	if ( isset($params['f_max_date_created']) )
84	{
85	$clauses[] = $tbl_name."date_creation<'".$params['f_max_date_created']."'";
86	}
87	if ( is_numeric($params['f_min_ratio']) )
88	{
89	$clauses[] = $tbl_name.'width/'.$tbl_name.'height>'.$params['f_min_ratio'];
90	}
91	if ( is_numeric($params['f_max_ratio']) )
92	{
93	$clauses[] = $tbl_name.'width/'.$tbl_name.'height<='.$params['f_max_ratio'];
94	}
95	if (is_numeric($params['f_max_level']) )
96	{
97	$clauses[] = $tbl_name.'level <= '.$params['f_max_level'];
98	}
99	return $clauses;
100	}
101
102	/**
103	* returns a "standard" (for our web service) ORDER BY sql clause for images
104	*/
105	function ws_std_image_sql_order( $params, $tbl_name='' )
106	{
107	$ret = '';
108	if ( empty($params['order']) )
109	{
110	return $ret;
111	}
112	$matches = array();
113	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
114	$params['order'], $matches);
115	for ($i=0; $i<count($matches[1]); $i++)
116	{
117	switch ($matches[1][$i])
118	{
119	case 'date_created':
120	$matches[1][$i] = 'date_creation'; break;
121	case 'date_posted':
122	$matches[1][$i] = 'date_available'; break;
123	case 'rand': case 'random':
124	$matches[1][$i] = DB_RANDOM_FUNCTION.'()'; break;
125	}
126	$sortable_fields = array('id', 'file', 'name', 'hit', 'rating_score',
127	'date_creation', 'date_available', DB_RANDOM_FUNCTION.'()' );
128	if ( in_array($matches[1][$i], $sortable_fields) )
129	{
130	if (!empty($ret))
131	$ret .= ', ';
132	if ($matches[1][$i] != DB_RANDOM_FUNCTION.'()' )
133	{
134	$ret .= $tbl_name;
135	}
136	$ret .= $matches[1][$i];
137	$ret .= ' '.$matches[2][$i];
138	}
139	}
140	return $ret;
141	}
142
143	/**
144	* returns an array map of urls (thumb/element) for image_row - to be returned
145	* in a standard way by different web service methods
146	*/
147	function ws_std_get_urls($image_row)
148	{
149	$ret = array();
150
151	$src_image = new SrcImage($image_row);
152
153	global $user;
154	if ($user['enabled_high'])
155	{
156	$ret['element_url'] = get_element_url($image_row);
157	}
158
159	$derivatives = DerivativeImage::get_all($src_image);
160	$derivatives_arr = array();
161	foreach($derivatives as $type=>$derivative)
162	{
163	$size = $derivative->get_size();
164	$size != null or $size=array(null,null);
165	$derivatives_arr[$type] = array('url' => $derivative->get_url(), 'width'=>$size[0], 'height'=>$size[1] );
166	}
167	$ret['derivatives'] = $derivatives_arr;;
168	return $ret;
169	}
170
171	/**
172	* returns an array of image attributes that are to be encoded as xml attributes
173	* instead of xml elements
174	*/
175	function ws_std_get_image_xml_attributes()
176	{
177	return array(
178	'id','element_url', 'file','width','height','hit','date_available','date_creation'
179	);
180	}
181
182	function ws_getMissingDerivatives($params, &$service)
183	{
184	if (!is_admin())
185	{
186	return new PwgError(403, 'Forbidden');
187	}
188
189	if ( empty($params['types']) )
190	{
191	$types = array_keys(ImageStdParams::get_defined_type_map());
192	}
193	else
194	{
195	$types = array_intersect(array_keys(ImageStdParams::get_defined_type_map()), $params['types']);
196	if (count($types)==0)
197	{
198	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid types");
199	}
200	}
201
202	if ( ($max_urls = intval($params['max_urls'])) <= 0)
203	{
204	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid max_urls");
205	}
206
207	list($max_id, $image_count) = pwg_db_fetch_row( pwg_query('SELECT MAX(id)+1, COUNT(*) FROM '.IMAGES_TABLE) );
208	$start_id = intval($params['prev_page']);
209	if ($start_id<=0)
210	{
211	$start_id = $max_id;
212	}
213
214	$uid = '&b='.time();
215	global $conf;
216	$conf['question_mark_in_urls'] = $conf['php_extension_in_urls'] = true;
217	$conf['derivative_url_style']=2; //script
218
219	$qlimit = min(5000, ceil(max($image_count/500, $max_urls/count($types))));
220	$where_clauses = ws_std_image_sql_filter( $params, '' );
221	$where_clauses[] = 'id<start_id';
222	if ( !empty($params['ids']) )
223	{
224	$where_clauses[] = 'id IN ('.implode(',',$params['ids']).')';
225	}
226
227	$query_model = 'SELECT id, path, representative_ext, width, height
228	FROM '.IMAGES_TABLE.'
229	WHERE '.implode(' AND ', $where_clauses).'
230	ORDER BY id DESC
231	LIMIT '.$qlimit;
232
233	$urls=array();
234	do
235	{
236	$result = pwg_query( str_replace('start_id', $start_id, $query_model));
237	$is_last = pwg_db_num_rows($result) < $qlimit;
238	while ($row=pwg_db_fetch_assoc($result))
239	{
240	$start_id = $row['id'];
241	$src_image = new SrcImage($row);
242	if ($src_image->is_mimetype())
243	continue;
244	foreach($types as $type)
245	{
246	$derivative = new DerivativeImage($type, $src_image);
247	if ($type != $derivative->get_type())
248	continue;
249	if (@filemtime($derivative->get_path())===false)
250	{
251	$urls[] = $derivative->get_url().$uid;
252	}
253	}
254	if (count($urls)>=$max_urls && !$is_last)
255	break;
256	}
257	if ($is_last)
258	{
259	$start_id = 0;
260	}
261	}while (count($urls)<$max_urls && $start_id);
262
263	$ret = array();
264	if ($start_id)
265	{
266	$ret['next_page']=$start_id;
267	}
268	$ret['urls']=$urls;
269	return $ret;
270	}
271
272	/**
273	* returns PWG version (web service method)
274	*/
275	function ws_getVersion($params, &$service)
276	{
277	global $conf;
278	if ($conf['show_version'] or is_admin() )
279	return PHPWG_VERSION;
280	else
281	return new PwgError(403, 'Forbidden');
282	}
283
284	/**
285	* returns general informations (web service method)
286	*/
287	function ws_getInfos($params, &$service)
288	{
289	if (!is_admin())
290	{
291	return new PwgError(403, 'Forbidden');
292	}
293
294	$infos['version'] = PHPWG_VERSION;
295
296	$query = 'SELECT COUNT(*) FROM '.IMAGES_TABLE.';';
297	list($infos['nb_elements']) = pwg_db_fetch_row(pwg_query($query));
298
299	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.';';
300	list($infos['nb_categories']) = pwg_db_fetch_row(pwg_query($query));
301
302	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NULL;';
303	list($infos['nb_virtual']) = pwg_db_fetch_row(pwg_query($query));
304
305	$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NOT NULL;';
306	list($infos['nb_physical']) = pwg_db_fetch_row(pwg_query($query));
307
308	$query = 'SELECT COUNT(*) FROM '.IMAGE_CATEGORY_TABLE.';';
309	list($infos['nb_image_category']) = pwg_db_fetch_row(pwg_query($query));
310
311	$query = 'SELECT COUNT(*) FROM '.TAGS_TABLE.';';
312	list($infos['nb_tags']) = pwg_db_fetch_row(pwg_query($query));
313
314	$query = 'SELECT COUNT(*) FROM '.IMAGE_TAG_TABLE.';';
315	list($infos['nb_image_tag']) = pwg_db_fetch_row(pwg_query($query));
316
317	$query = 'SELECT COUNT(*) FROM '.USERS_TABLE.';';
318	list($infos['nb_users']) = pwg_db_fetch_row(pwg_query($query));
319
320	$query = 'SELECT COUNT(*) FROM '.GROUPS_TABLE.';';
321	list($infos['nb_groups']) = pwg_db_fetch_row(pwg_query($query));
322
323	$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.';';
324	list($infos['nb_comments']) = pwg_db_fetch_row(pwg_query($query));
325
326	// first element
327	if ($infos['nb_elements'] > 0)
328	{
329	$query = 'SELECT MIN(date_available) FROM '.IMAGES_TABLE.';';
330	list($infos['first_date']) = pwg_db_fetch_row(pwg_query($query));
331	}
332
333	// unvalidated comments
334	if ($infos['nb_comments'] > 0)
335	{
336	$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.' WHERE validated=\'false\';';
337	list($infos['nb_unvalidated_comments']) = pwg_db_fetch_row(pwg_query($query));
338	}
339
340	foreach ($infos as $name => $value)
341	{
342	$output[] = array(
343	'name' => $name,
344	'value' => $value,
345	);
346	}
347
348	return array('infos' => new PwgNamedArray($output, 'item'));
349	}
350
351	function ws_caddie_add($params, &$service)
352	{
353	if (!is_admin())
354	{
355	return new PwgError(401, 'Access denied');
356	}
357	$params['image_id'] = array_map( 'intval',$params['image_id'] );
358	if ( empty($params['image_id']) )
359	{
360	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
361	}
362	global $user;
363	$query = '
364	SELECT id
365	FROM '.IMAGES_TABLE.' LEFT JOIN '.CADDIE_TABLE.' ON id=element_id AND user_id='.$user['id'].'
366	WHERE id IN ('.implode(',',$params['image_id']).')
367	AND element_id IS NULL';
368	$datas = array();
369	foreach ( array_from_query($query, 'id') as $id )
370	{
371	array_push($datas, array('element_id'=>$id, 'user_id'=>$user['id']) );
372	}
373	if (count($datas))
374	{
375	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
376	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
377	}
378	return count($datas);
379	}
380
381	/**
382	* returns images per category (web service method)
383	*/
384	function ws_categories_getImages($params, &$service)
385	{
386	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
387	global $user, $conf;
388
389	$images = array();
390
391	//------------------------------------------------- get the related categories
392	$where_clauses = array();
393	foreach($params['cat_id'] as $cat_id)
394	{
395	$cat_id = (int)$cat_id;
396	if ($cat_id<=0)
397	continue;
398	if ($params['recursive'])
399	{
400	$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.$cat_id.'(,\|$)\'';
401	}
402	else
403	{
404	$where_clauses[] = 'id='.$cat_id;
405	}
406	}
407	if (!empty($where_clauses))
408	{
409	$where_clauses = array( '('.
410	implode('
411	OR ', $where_clauses) . ')'
412	);
413	}
414	$where_clauses[] = get_sql_condition_FandF(
415	array('forbidden_categories' => 'id'),
416	NULL, true
417	);
418
419	$query = '
420	SELECT id, name, permalink, image_order
421	FROM '.CATEGORIES_TABLE.'
422	WHERE '. implode('
423	AND ', $where_clauses);
424	$result = pwg_query($query);
425	$cats = array();
426	while ($row = pwg_db_fetch_assoc($result))
427	{
428	$row['id'] = (int)$row['id'];
429	$cats[ $row['id'] ] = $row;
430	}
431
432	//-------------------------------------------------------- get the images
433	if ( !empty($cats) )
434	{
435	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
436	$where_clauses[] = 'category_id IN ('
437	.implode(',', array_keys($cats) )
438	.')';
439	$where_clauses[] = get_sql_condition_FandF( array(
440	'visible_images' => 'i.id'
441	), null, true
442	);
443
444	$order_by = ws_std_image_sql_order($params, 'i.');
445	if ( empty($order_by)
446	and count($params['cat_id'])==1
447	and isset($cats[ $params['cat_id'][0] ]['image_order'])
448	)
449	{
450	$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
451	}
452	$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
453
454	$query = '
455	SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids
456	FROM '.IMAGES_TABLE.' i
457	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
458	WHERE '. implode('
459	AND ', $where_clauses).'
460	GROUP BY i.id
461	'.$order_by.'
462	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
463
464	$result = pwg_query($query);
465	while ($row = pwg_db_fetch_assoc($result))
466	{
467	$image = array();
468	foreach ( array('id', 'width', 'height', 'hit') as $k )
469	{
470	if (isset($row[$k]))
471	{
472	$image[$k] = (int)$row[$k];
473	}
474	}
475	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
476	{
477	$image[$k] = $row[$k];
478	}
479	$image = array_merge( $image, ws_std_get_urls($row) );
480
481	$image_cats = array();
482	foreach ( explode(',', $row['cat_ids']) as $cat_id )
483	{
484	$url = make_index_url(
485	array(
486	'category' => $cats[$cat_id],
487	)
488	);
489	$page_url = make_picture_url(
490	array(
491	'category' => $cats[$cat_id],
492	'image_id' => $row['id'],
493	'image_file' => $row['file'],
494	)
495	);
496	array_push( $image_cats, array(
497	WS_XML_ATTRIBUTES => array (
498	'id' => (int)$cat_id,
499	'url' => $url,
500	'page_url' => $page_url,
501	)
502	)
503	);
504	}
505
506	$image['categories'] = new PwgNamedArray(
507	$image_cats,'category', array('id','url','page_url')
508	);
509	array_push($images, $image);
510	}
511	}
512
513	return array( 'images' =>
514	array (
515	WS_XML_ATTRIBUTES =>
516	array(
517	'page' => $params['page'],
518	'per_page' => $params['per_page'],
519	'count' => count($images)
520	),
521	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
522	ws_std_get_image_xml_attributes() )
523	)
524	);
525	}
526
527
528	/**
529	* create a tree from a flat list of categories, no recursivity for high speed
530	*/
531	function categories_flatlist_to_tree($categories)
532	{
533	$tree = array();
534	$key_of_cat = array();
535
536	foreach ($categories as $key => &$node)
537	{
538	$key_of_cat[$node['id']] = $key;
539
540	if (!isset($node['id_uppercat']))
541	{
542	$tree[$key] = &$node;
543	}
544	else
545	{
546	if (!isset($categories[ $key_of_cat[ $node['id_uppercat'] ] ]['sub_categories']))
547	{
548	$categories[ $key_of_cat[ $node['id_uppercat'] ] ]['sub_categories'] = array();
549	}
550
551	$categories[ $key_of_cat[ $node['id_uppercat'] ] ]['sub_categories'][$key] = &$node;
552	}
553	}
554
555	return $tree;
556	}
557
558	/**
559	* returns a list of categories (web service method)
560	*/
561	function ws_categories_getList($params, &$service)
562	{
563	global $user,$conf;
564
565	if ($params['tree_output'])
566	{
567	if (!isset($_GET['format']) or !in_array($_GET['format'], array('php', 'json')))
568	{
569	// the algorithm used to build a tree from a flat list of categories
570	// keeps original array keys, which is not compatible with
571	// PwgNamedArray.
572	//
573	// PwgNamedArray is useful to define which data is an attribute and
574	// which is an element in the XML output. The "hierarchy" output is
575	// only compatible with json/php output.
576
577	return new PwgError(405, "The tree_output option is only compatible with json/php output formats");
578	}
579	}
580
581	$where = array('1=1');
582	$join_type = 'INNER';
583	$join_user = $user['id'];
584
585	if (!$params['recursive'])
586	{
587	if ($params['cat_id']>0)
588	$where[] = '(id_uppercat='.(int)($params['cat_id']).'
589	OR id='.(int)($params['cat_id']).')';
590	else
591	$where[] = 'id_uppercat IS NULL';
592	}
593	else if ($params['cat_id']>0)
594	{
595	$where[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.
596	(int)($params['cat_id'])
597	.'(,\|$)\'';
598	}
599
600	if ($params['public'])
601	{
602	$where[] = 'status = "public"';
603	$where[] = 'visible = "true"';
604
605	$join_user = $conf['guest_id'];
606	}
607	elseif (is_admin())
608	{
609	// in this very specific case, we don't want to hide empty
610	// categories. Function calculate_permissions will only return
611	// categories that are either locked or private and not permitted
612	//
613	// calculate_permissions does not consider empty categories as forbidden
614	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
615	$where[]= 'id NOT IN ('.$forbidden_categories.')';
616	$join_type = 'LEFT';
617	}
618
619	$query = '
620	SELECT id, name, permalink, uppercats, global_rank, id_uppercat,
621	comment,
622	nb_images, count_images AS total_nb_images,
623	representative_picture_id, user_representative_picture_id, count_images, count_categories,
624	date_last, max_date_last, count_categories AS nb_categories
625	FROM '.CATEGORIES_TABLE.'
626	'.$join_type.' JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id AND user_id='.$join_user.'
627	WHERE '. implode('
628	AND ', $where);
629
630	$result = pwg_query($query);
631
632	// management of the album thumbnail -- starts here
633	$image_ids = array();
634	$categories = array();
635	$user_representative_updates_for = array();
636	// management of the album thumbnail -- stops here
637
638	$cats = array();
639	while ($row = pwg_db_fetch_assoc($result))
640	{
641	$row['url'] = make_index_url(
642	array(
643	'category' => $row
644	)
645	);
646	foreach( array('id','nb_images','total_nb_images','nb_categories') as $key)
647	{
648	$row[$key] = (int)$row[$key];
649	}
650
651	if ($params['fullname'])
652	{
653	$row['name'] = strip_tags(get_cat_display_name_cache($row['uppercats'], null, false));
654	}
655	else
656	{
657	$row['name'] = strip_tags(
658	trigger_event(
659	'render_category_name',
660	$row['name'],
661	'ws_categories_getList'
662	)
663	);
664	}
665
666	$row['comment'] = strip_tags(
667	trigger_event(
668	'render_category_description',
669	$row['comment'],
670	'ws_categories_getList'
671	)
672	);
673
674	// management of the album thumbnail -- starts here
675	//
676	// on branch 2.3, the algorithm is duplicated from
677	// include/category_cats, but we should use a common code for Piwigo 2.4
678	//
679	// warning : if the API method is called with $params['public'], the
680	// album thumbnail may be not accurate. The thumbnail can be viewed by
681	// the connected user, but maybe not by the guest. Changing the
682	// filtering method would be too complicated for now. We will simply
683	// avoid to persist the user_representative_picture_id in the database
684	// if $params['public']
685	if (!empty($row['user_representative_picture_id']))
686	{
687	$image_id = $row['user_representative_picture_id'];
688	}
689	else if (!empty($row['representative_picture_id']))
690	{ // if a representative picture is set, it has priority
691	$image_id = $row['representative_picture_id'];
692	}
693	else if ($conf['allow_random_representative'])
694	{
695	// searching a random representant among elements in sub-categories
696	$image_id = get_random_image_in_category($row);
697	}
698	else
699	{ // searching a random representant among representant of sub-categories
700	if ($row['count_categories']>0 and $row['count_images']>0)
701	{
702	$query = '
703	SELECT representative_picture_id
704	FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.'
705	ON id = cat_id and user_id = '.$user['id'].'
706	WHERE uppercats LIKE \''.$row['uppercats'].',%\'
707	AND representative_picture_id IS NOT NULL'
708	.get_sql_condition_FandF
709	(
710	array
711	(
712	'visible_categories' => 'id',
713	),
714	"\n AND"
715	).'
716	ORDER BY '.DB_RANDOM_FUNCTION.'()
717	LIMIT 1
718	;';
719	$subresult = pwg_query($query);
720	if (pwg_db_num_rows($subresult) > 0)
721	{
722	list($image_id) = pwg_db_fetch_row($subresult);
723	}
724	}
725	}
726
727	if (isset($image_id))
728	{
729	if ($conf['representative_cache_on_subcats'] and $row['user_representative_picture_id'] != $image_id)
730	{
731	$user_representative_updates_for[ $user['id'].'#'.$row['id'] ] = $image_id;
732	}
733
734	$row['representative_picture_id'] = $image_id;
735	array_push($image_ids, $image_id);
736	array_push($categories, $row);
737	}
738	unset($image_id);
739	// management of the album thumbnail -- stops here
740
741
742	array_push($cats, $row);
743	}
744	usort($cats, 'global_rank_compare');
745
746	// management of the album thumbnail -- starts here
747	if (count($categories) > 0)
748	{
749	$thumbnail_src_of = array();
750	$new_image_ids = array();
751
752	$query = '
753	SELECT id, path, representative_ext, level
754	FROM '.IMAGES_TABLE.'
755	WHERE id IN ('.implode(',', $image_ids).')
756	;';
757	$result = pwg_query($query);
758	while ($row = pwg_db_fetch_assoc($result))
759	{
760	if ($row['level'] <= $user['level'])
761	{
762	$thumbnail_src_of[$row['id']] = DerivativeImage::thumb_url($row);
763	}
764	else
765	{
766	// problem: we must not display the thumbnail of a photo which has a
767	// higher privacy level than user privacy level
768	//
769	// * what is the represented category?
770	// * find a random photo matching user permissions
771	// * register it at user_representative_picture_id
772	// * set it as the representative_picture_id for the category
773
774	foreach ($categories as &$category)
775	{
776	if ($row['id'] == $category['representative_picture_id'])
777	{
778	// searching a random representant among elements in sub-categories
779	$image_id = get_random_image_in_category($category);
780
781	if (isset($image_id) and !in_array($image_id, $image_ids))
782	{
783	array_push($new_image_ids, $image_id);
784	}
785
786	if ($conf['representative_cache_on_level'])
787	{
788	$user_representative_updates_for[ $user['id'].'#'.$category['id'] ] = $image_id;
789	}
790
791	$category['representative_picture_id'] = $image_id;
792	}
793	}
794	unset($category);
795	}
796	}
797
798	if (count($new_image_ids) > 0)
799	{
800	$query = '
801	SELECT id, path, representative_ext
802	FROM '.IMAGES_TABLE.'
803	WHERE id IN ('.implode(',', $new_image_ids).')
804	;';
805	$result = pwg_query($query);
806	while ($row = pwg_db_fetch_assoc($result))
807	{
808	$thumbnail_src_of[$row['id']] = DerivativeImage::thumb_url($row);
809	}
810	}
811	}
812
813	// compared to code in include/category_cats, we only persist the new
814	// user_representative if we have used $user['id'] and not the guest id,
815	// or else the real guest may see thumbnail that he should not
816	if (!$params['public'] and count($user_representative_updates_for))
817	{
818	$updates = array();
819
820	foreach ($user_representative_updates_for as $user_cat => $image_id)
821	{
822	list($user_id, $cat_id) = explode('#', $user_cat);
823
824	array_push(
825	$updates,
826	array(
827	'user_id' => $user_id,
828	'cat_id' => $cat_id,
829	'user_representative_picture_id' => $image_id,
830	)
831	);
832	}
833
834	mass_updates(
835	USER_CACHE_CATEGORIES_TABLE,
836	array(
837	'primary' => array('user_id', 'cat_id'),
838	'update' => array('user_representative_picture_id')
839	),
840	$updates
841	);
842	}
843
844	foreach ($cats as &$cat)
845	{
846	foreach ($categories as $category)
847	{
848	if ($category['id'] == $cat['id'])
849	{
850	$cat['tn_url'] = $thumbnail_src_of[$category['representative_picture_id']];
851	}
852	}
853	// we don't want them in the output
854	unset($cat['user_representative_picture_id']);
855	unset($cat['count_images']);
856	unset($cat['count_categories']);
857	}
858	unset($cat);
859	// management of the album thumbnail -- stops here
860
861	if ($params['tree_output'])
862	{
863	return categories_flatlist_to_tree($cats);
864	}
865	else
866	{
867	return array(
868	'categories' => new PwgNamedArray(
869	$cats,
870	'category',
871	array(
872	'id',
873	'url',
874	'nb_images',
875	'total_nb_images',
876	'nb_categories',
877	'date_last',
878	'max_date_last',
879	)
880	)
881	);
882	}
883	}
884
885	/**
886	* returns the list of categories as you can see them in administration (web
887	* service method).
888	*
889	* Only admin can run this method and permissions are not taken into
890	* account.
891	*/
892	function ws_categories_getAdminList($params, &$service)
893	{
894	if (!is_admin())
895	{
896	return new PwgError(401, 'Access denied');
897	}
898
899	$query = '
900	SELECT
901	category_id,
902	COUNT(*) AS counter
903	FROM '.IMAGE_CATEGORY_TABLE.'
904	GROUP BY category_id
905	;';
906	$nb_images_of = simple_hash_from_query($query, 'category_id', 'counter');
907
908	$query = '
909	SELECT
910	id,
911	name,
912	comment,
913	uppercats,
914	global_rank
915	FROM '.CATEGORIES_TABLE.'
916	;';
917	$result = pwg_query($query);
918	$cats = array();
919
920	while ($row = pwg_db_fetch_assoc($result))
921	{
922	$id = $row['id'];
923	$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
924	$row['name'] = strip_tags(
925	trigger_event(
926	'render_category_name',
927	$row['name'],
928	'ws_categories_getAdminList'
929	)
930	);
931	$row['comment'] = strip_tags(
932	trigger_event(
933	'render_category_description',
934	$row['comment'],
935	'ws_categories_getAdminList'
936	)
937	);
938	array_push($cats, $row);
939	}
940
941	usort($cats, 'global_rank_compare');
942	return array(
943	'categories' => new PwgNamedArray(
944	$cats,
945	'category',
946	array(
947	'id',
948	'nb_images',
949	'name',
950	'uppercats',
951	'global_rank',
952	)
953	)
954	);
955	}
956
957	/**
958	* returns detailed information for an element (web service method)
959	*/
960	function ws_images_addComment($params, &$service)
961	{
962	if (!$service->isPost())
963	{
964	return new PwgError(405, "This method requires HTTP POST");
965	}
966	$params['image_id'] = (int)$params['image_id'];
967	$query = '
968	SELECT DISTINCT image_id
969	FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id
970	WHERE commentable="true"
971	AND image_id='.$params['image_id'].
972	get_sql_condition_FandF(
973	array(
974	'forbidden_categories' => 'id',
975	'visible_categories' => 'id',
976	'visible_images' => 'image_id'
977	),
978	' AND'
979	);
980	if ( !pwg_db_num_rows( pwg_query( $query ) ) )
981	{
982	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
983	}
984
985	$comm = array(
986	'author' => trim( $params['author'] ),
987	'content' => trim( $params['content'] ),
988	'image_id' => $params['image_id'],
989	);
990
991	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
992
993	$comment_action = insert_user_comment(
994	$comm, $params['key'], $infos
995	);
996
997	switch ($comment_action)
998	{
999	case 'reject':
1000	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
1001	return new PwgError(403, implode("; ", $infos) );
1002	case 'validate':
1003	case 'moderate':
1004	$ret = array(
1005	'id' => $comm['id'],
1006	'validation' => $comment_action=='validate',
1007	);
1008	return new PwgNamedStruct(
1009	'comment',
1010	$ret,
1011	null, array()
1012	);
1013	default:
1014	return new PwgError(500, "Unknown comment action ".$comment_action );
1015	}
1016	}
1017
1018	/**
1019	* returns detailed information for an element (web service method)
1020	*/
1021	function ws_images_getInfo($params, &$service)
1022	{
1023	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
1024	global $user, $conf;
1025	$params['image_id'] = (int)$params['image_id'];
1026	if ( $params['image_id']<=0 )
1027	{
1028	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1029	}
1030
1031	$query='
1032	SELECT * FROM '.IMAGES_TABLE.'
1033	WHERE id='.$params['image_id'].
1034	get_sql_condition_FandF(
1035	array('visible_images' => 'id'),
1036	' AND'
1037	).'
1038	LIMIT 1';
1039
1040	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1041	if ($image_row==null)
1042	{
1043	return new PwgError(404, "image_id not found");
1044	}
1045	$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
1046
1047	//-------------------------------------------------------- related categories
1048	$query = '
1049	SELECT id, name, permalink, uppercats, global_rank, commentable
1050	FROM '.IMAGE_CATEGORY_TABLE.'
1051	INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id
1052	WHERE image_id = '.$image_row['id'].
1053	get_sql_condition_FandF(
1054	array( 'forbidden_categories' => 'category_id' ),
1055	' AND'
1056	).'
1057	;';
1058	$result = pwg_query($query);
1059	$is_commentable = false;
1060	$related_categories = array();
1061	while ($row = pwg_db_fetch_assoc($result))
1062	{
1063	if ($row['commentable']=='true')
1064	{
1065	$is_commentable = true;
1066	}
1067	unset($row['commentable']);
1068	$row['url'] = make_index_url(
1069	array(
1070	'category' => $row
1071	)
1072	);
1073
1074	$row['page_url'] = make_picture_url(
1075	array(
1076	'image_id' => $image_row['id'],
1077	'image_file' => $image_row['file'],
1078	'category' => $row
1079	)
1080	);
1081	$row['id']=(int)$row['id'];
1082	array_push($related_categories, $row);
1083	}
1084	usort($related_categories, 'global_rank_compare');
1085	if ( empty($related_categories) )
1086	{
1087	return new PwgError(401, 'Access denied');
1088	}
1089
1090	//-------------------------------------------------------------- related tags
1091	$related_tags = get_common_tags( array($image_row['id']), -1 );
1092	foreach( $related_tags as $i=>$tag)
1093	{
1094	$tag['url'] = make_index_url(
1095	array(
1096	'tags' => array($tag)
1097	)
1098	);
1099	$tag['page_url'] = make_picture_url(
1100	array(
1101	'image_id' => $image_row['id'],
1102	'image_file' => $image_row['file'],
1103	'tags' => array($tag),
1104	)
1105	);
1106	unset($tag['counter']);
1107	$tag['id']=(int)$tag['id'];
1108	$related_tags[$i]=$tag;
1109	}
1110	//------------------------------------------------------------- related rates
1111	$rating = array('score'=>$image_row['rating_score'], 'count'=>0, 'average'=>null);
1112	if (isset($rating['score']))
1113	{
1114	$query = '
1115	SELECT COUNT(rate) AS count
1116	, ROUND(AVG(rate),2) AS average
1117	FROM '.RATE_TABLE.'
1118	WHERE element_id = '.$image_row['id'].'
1119	;';
1120	$row = pwg_db_fetch_assoc(pwg_query($query));
1121	$rating['score'] = (float)$rating['score'];
1122	$rating['average'] = (float)$row['average'];
1123	$rating['count'] = (int)$row['count'];
1124	}
1125
1126	//---------------------------------------------------------- related comments
1127	$related_comments = array();
1128
1129	$where_comments = 'image_id = '.$image_row['id'];
1130	if ( !is_admin() )
1131	{
1132	$where_comments .= '
1133	AND validated="true"';
1134	}
1135
1136	$query = '
1137	SELECT COUNT(id) AS nb_comments
1138	FROM '.COMMENTS_TABLE.'
1139	WHERE '.$where_comments;
1140	list($nb_comments) = array_from_query($query, 'nb_comments');
1141	$nb_comments = (int)$nb_comments;
1142
1143	if ( $nb_comments>0 and $params['comments_per_page']>0 )
1144	{
1145	$query = '
1146	SELECT id, date, author, content
1147	FROM '.COMMENTS_TABLE.'
1148	WHERE '.$where_comments.'
1149	ORDER BY date
1150	LIMIT '.(int)$params['comments_per_page'].
1151	' OFFSET '.(int)($params['comments_per_page']*$params['comments_page']);
1152
1153	$result = pwg_query($query);
1154	while ($row = pwg_db_fetch_assoc($result))
1155	{
1156	$row['id']=(int)$row['id'];
1157	array_push($related_comments, $row);
1158	}
1159	}
1160
1161	$comment_post_data = null;
1162	if ($is_commentable and
1163	(!is_a_guest()
1164	or (is_a_guest() and $conf['comments_forall'] )
1165	)
1166	)
1167	{
1168	$comment_post_data['author'] = stripslashes($user['username']);
1169	$comment_post_data['key'] = get_ephemeral_key(2, $params['image_id']);
1170	}
1171
1172	$ret = $image_row;
1173	foreach ( array('id','width','height','hit','filesize') as $k )
1174	{
1175	if (isset($ret[$k]))
1176	{
1177	$ret[$k] = (int)$ret[$k];
1178	}
1179	}
1180	foreach ( array('path', 'storage_category_id') as $k )
1181	{
1182	unset($ret[$k]);
1183	}
1184
1185	$ret['rates'] = array( WS_XML_ATTRIBUTES => $rating );
1186	$ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') );
1187	$ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','name','page_url') );
1188	if ( isset($comment_post_data) )
1189	{
1190	$ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data );
1191	}
1192	$ret['comments'] = array(
1193	WS_XML_ATTRIBUTES =>
1194	array(
1195	'page' => $params['comments_page'],
1196	'per_page' => $params['comments_per_page'],
1197	'count' => count($related_comments),
1198	'nb_comments' => $nb_comments,
1199	),
1200	WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') )
1201	);
1202
1203	return new PwgNamedStruct('image',$ret, null, array('name','comment') );
1204	}
1205
1206
1207	/**
1208	* rates the image_id in the parameter
1209	*/
1210	function ws_images_Rate($params, &$service)
1211	{
1212	$image_id = (int)$params['image_id'];
1213	$query = '
1214	SELECT DISTINCT id FROM '.IMAGES_TABLE.'
1215	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
1216	WHERE id='.$image_id
1217	.get_sql_condition_FandF(
1218	array(
1219	'forbidden_categories' => 'category_id',
1220	'forbidden_images' => 'id',
1221	),
1222	' AND'
1223	).'
1224	LIMIT 1';
1225	if ( pwg_db_num_rows( pwg_query($query) )==0 )
1226	{
1227	return new PwgError(404, "Invalid image_id or access denied" );
1228	}
1229	$rate = (int)$params['rate'];
1230	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
1231	$res = rate_picture( $image_id, $rate );
1232	if ($res==false)
1233	{
1234	global $conf;
1235	return new PwgError( 403, "Forbidden or rate not in ". implode(',',$conf['rate_items']));
1236	}
1237	return $res;
1238	}
1239
1240
1241	/**
1242	* returns a list of elements corresponding to a query search
1243	*/
1244	function ws_images_search($params, &$service)
1245	{
1246	global $page;
1247	$images = array();
1248	include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
1249	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
1250
1251	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
1252	$order_by = ws_std_image_sql_order($params, 'i.');
1253
1254	$super_order_by = false;
1255	if ( !empty($order_by) )
1256	{
1257	global $conf;
1258	$conf['order_by'] = 'ORDER BY '.$order_by;
1259	$super_order_by=true; // quick_search_result might be faster
1260	}
1261
1262	$search_result = get_quick_search_results($params['query'],
1263	$super_order_by,
1264	implode(',', $where_clauses)
1265	);
1266
1267	$image_ids = array_slice(
1268	$search_result['items'],
1269	$params['page']*$params['per_page'],
1270	$params['per_page']
1271	);
1272
1273	if ( count($image_ids) )
1274	{
1275	$query = '
1276	SELECT * FROM '.IMAGES_TABLE.'
1277	WHERE id IN ('.implode(',', $image_ids).')';
1278
1279	$image_ids = array_flip($image_ids);
1280	$result = pwg_query($query);
1281	while ($row = pwg_db_fetch_assoc($result))
1282	{
1283	$image = array();
1284	foreach ( array('id', 'width', 'height', 'hit') as $k )
1285	{
1286	if (isset($row[$k]))
1287	{
1288	$image[$k] = (int)$row[$k];
1289	}
1290	}
1291	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
1292	{
1293	$image[$k] = $row[$k];
1294	}
1295	$image = array_merge( $image, ws_std_get_urls($row) );
1296	$images[$image_ids[$image['id']]] = $image;
1297	}
1298	ksort($images, SORT_NUMERIC);
1299	$images = array_values($images);
1300	}
1301
1302
1303	return array( 'images' =>
1304	array (
1305	WS_XML_ATTRIBUTES =>
1306	array(
1307	'page' => $params['page'],
1308	'per_page' => $params['per_page'],
1309	'count' => count($images)
1310	),
1311	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
1312	ws_std_get_image_xml_attributes() )
1313	)
1314	);
1315	}
1316
1317	function ws_images_setPrivacyLevel($params, &$service)
1318	{
1319	if (!is_admin())
1320	{
1321	return new PwgError(401, 'Access denied');
1322	}
1323	if (!$service->isPost())
1324	{
1325	return new PwgError(405, "This method requires HTTP POST");
1326	}
1327	$params['image_id'] = array_map( 'intval',$params['image_id'] );
1328	if ( empty($params['image_id']) )
1329	{
1330	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1331	}
1332	global $conf;
1333	if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
1334	{
1335	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
1336	}
1337
1338	$query = '
1339	UPDATE '.IMAGES_TABLE.'
1340	SET level='.(int)$params['level'].'
1341	WHERE id IN ('.implode(',',$params['image_id']).')';
1342	$result = pwg_query($query);
1343	$affected_rows = pwg_db_changes($result);
1344	if ($affected_rows)
1345	{
1346	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1347	invalidate_user_cache();
1348	}
1349	return $affected_rows;
1350	}
1351
1352	function ws_images_setRank($params, &$service)
1353	{
1354	if (!is_admin())
1355	{
1356	return new PwgError(401, 'Access denied');
1357	}
1358
1359	if (!$service->isPost())
1360	{
1361	return new PwgError(405, "This method requires HTTP POST");
1362	}
1363
1364	// is the image_id valid?
1365	$params['image_id'] = (int)$params['image_id'];
1366	if ($params['image_id'] <= 0)
1367	{
1368	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1369	}
1370
1371	// is the category valid?
1372	$params['category_id'] = (int)$params['category_id'];
1373	if ($params['category_id'] <= 0)
1374	{
1375	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
1376	}
1377
1378	// is the rank valid?
1379	$params['rank'] = (int)$params['rank'];
1380	if ($params['rank'] <= 0)
1381	{
1382	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid rank");
1383	}
1384
1385	// does the image really exist?
1386	$query='
1387	SELECT
1388	*
1389	FROM '.IMAGES_TABLE.'
1390	WHERE id = '.$params['image_id'].'
1391	;';
1392
1393	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1394	if ($image_row == null)
1395	{
1396	return new PwgError(404, "image_id not found");
1397	}
1398
1399	// is the image associated to this category?
1400	$query = '
1401	SELECT
1402	image_id,
1403	category_id,
1404	rank
1405	FROM '.IMAGE_CATEGORY_TABLE.'
1406	WHERE image_id = '.$params['image_id'].'
1407	AND category_id = '.$params['category_id'].'
1408	;';
1409	$category_row = pwg_db_fetch_assoc(pwg_query($query));
1410	if ($category_row == null)
1411	{
1412	return new PwgError(404, "This image is not associated to this category");
1413	}
1414
1415	// what is the current higher rank for this category?
1416	$query = '
1417	SELECT
1418	MAX(rank) AS max_rank
1419	FROM '.IMAGE_CATEGORY_TABLE.'
1420	WHERE category_id = '.$params['category_id'].'
1421	;';
1422	$result = pwg_query($query);
1423	$row = pwg_db_fetch_assoc($result);
1424
1425	if (is_numeric($row['max_rank']))
1426	{
1427	if ($params['rank'] > $row['max_rank'])
1428	{
1429	$params['rank'] = $row['max_rank'] + 1;
1430	}
1431	}
1432	else
1433	{
1434	$params['rank'] = 1;
1435	}
1436
1437	// update rank for all other photos in the same category
1438	$query = '
1439	UPDATE '.IMAGE_CATEGORY_TABLE.'
1440	SET rank = rank + 1
1441	WHERE category_id = '.$params['category_id'].'
1442	AND rank IS NOT NULL
1443	AND rank >= '.$params['rank'].'
1444	;';
1445	pwg_query($query);
1446
1447	// set the new rank for the photo
1448	$query = '
1449	UPDATE '.IMAGE_CATEGORY_TABLE.'
1450	SET rank = '.$params['rank'].'
1451	WHERE image_id = '.$params['image_id'].'
1452	AND category_id = '.$params['category_id'].'
1453	;';
1454	pwg_query($query);
1455
1456	// return data for client
1457	return array(
1458	'image_id' => $params['image_id'],
1459	'category_id' => $params['category_id'],
1460	'rank' => $params['rank'],
1461	);
1462	}
1463
1464	function ws_images_add_chunk($params, &$service)
1465	{
1466	global $conf;
1467
1468	// data
1469	// original_sum
1470	// type {thumb, file, high}
1471	// position
1472
1473	if (!is_admin())
1474	{
1475	return new PwgError(401, 'Access denied');
1476	}
1477
1478	if (!$service->isPost())
1479	{
1480	return new PwgError(405, "This method requires HTTP POST");
1481	}
1482
1483	foreach ($params as $param_key => $param_value) {
1484	if ('data' == $param_key) {
1485	continue;
1486	}
1487
1488	ws_logfile(
1489	sprintf(
1490	'[ws_images_add_chunk] input param "%s" : "%s"',
1491	$param_key,
1492	is_null($param_value) ? 'NULL' : $param_value
1493	)
1494	);
1495	}
1496
1497	$upload_dir = $conf['upload_dir'].'/buffer';
1498
1499	// create the upload directory tree if not exists
1500	if (!is_dir($upload_dir)) {
1501	umask(0000);
1502	if (!@mkdir($upload_dir, 0777, true))
1503	{
1504	return new PwgError(500, 'error during buffer directory creation');
1505	}
1506	}
1507
1508	if (!is_writable($upload_dir))
1509	{
1510	// last chance to make the directory writable
1511	@chmod($upload_dir, 0777);
1512
1513	if (!is_writable($upload_dir))
1514	{
1515	return new PwgError(500, 'buffer directory has no write access');
1516	}
1517	}
1518
1519	secure_directory($upload_dir);
1520
1521	$filename = sprintf(
1522	'%s-%s-%05u.block',
1523	$params['original_sum'],
1524	$params['type'],
1525	$params['position']
1526	);
1527
1528	ws_logfile('[ws_images_add_chunk] data length : '.strlen($params['data']));
1529
1530	$bytes_written = file_put_contents(
1531	$upload_dir.'/'.$filename,
1532	base64_decode($params['data'])
1533	);
1534
1535	if (false === $bytes_written) {
1536	return new PwgError(
1537	500,
1538	'an error has occured while writting chunk '.$params['position'].' for '.$params['type']
1539	);
1540	}
1541	}
1542
1543	function merge_chunks($output_filepath, $original_sum, $type)
1544	{
1545	global $conf;
1546
1547	ws_logfile('[merge_chunks] input parameter $output_filepath : '.$output_filepath);
1548
1549	if (is_file($output_filepath))
1550	{
1551	unlink($output_filepath);
1552
1553	if (is_file($output_filepath))
1554	{
1555	return new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath);
1556	}
1557	}
1558
1559	$upload_dir = $conf['upload_dir'].'/buffer';
1560	$pattern = '/'.$original_sum.'-'.$type.'/';
1561	$chunks = array();
1562
1563	if ($handle = opendir($upload_dir))
1564	{
1565	while (false !== ($file = readdir($handle)))
1566	{
1567	if (preg_match($pattern, $file))
1568	{
1569	ws_logfile($file);
1570	array_push($chunks, $upload_dir.'/'.$file);
1571	}
1572	}
1573	closedir($handle);
1574	}
1575
1576	sort($chunks);
1577
1578	if (function_exists('memory_get_usage')) {
1579	ws_logfile('[merge_chunks] memory_get_usage before loading chunks: '.memory_get_usage());
1580	}
1581
1582	$i = 0;
1583
1584	foreach ($chunks as $chunk)
1585	{
1586	$string = file_get_contents($chunk);
1587
1588	if (function_exists('memory_get_usage')) {
1589	ws_logfile('[merge_chunks] memory_get_usage on chunk '.++$i.': '.memory_get_usage());
1590	}
1591
1592	if (!file_put_contents($output_filepath, $string, FILE_APPEND))
1593	{
1594	return new PwgError(500, '[merge_chunks] error while writting chunks for '.$output_filepath);
1595	}
1596
1597	unlink($chunk);
1598	}
1599
1600	if (function_exists('memory_get_usage')) {
1601	ws_logfile('[merge_chunks] memory_get_usage after loading chunks: '.memory_get_usage());
1602	}
1603	}
1604
1605	/**
1606	* Function introduced for Piwigo 2.4 and the new "multiple size"
1607	* (derivatives) feature. As we only need the biggest sent photo as
1608	* "original", we remove chunks for smaller sizes. We can't make it earlier
1609	* in ws_images_add_chunk because at this moment we don't know which $type
1610	* will be the biggest (we could remove the thumb, but let's use the same
1611	* algorithm)
1612	*/
1613	function remove_chunks($original_sum, $type)
1614	{
1615	global $conf;
1616
1617	$upload_dir = $conf['upload_dir'].'/buffer';
1618	$pattern = '/'.$original_sum.'-'.$type.'/';
1619	$chunks = array();
1620
1621	if ($handle = opendir($upload_dir))
1622	{
1623	while (false !== ($file = readdir($handle)))
1624	{
1625	if (preg_match($pattern, $file))
1626	{
1627	array_push($chunks, $upload_dir.'/'.$file);
1628	}
1629	}
1630	closedir($handle);
1631	}
1632
1633	foreach ($chunks as $chunk)
1634	{
1635	unlink($chunk);
1636	}
1637	}
1638
1639	function ws_images_addFile($params, &$service)
1640	{
1641	ws_logfile(__FUNCTION__.', input : '.var_export($params, true));
1642	// image_id
1643	// type {thumb, file, high}
1644	// sum -> not used currently (Piwigo 2.4)
1645
1646	global $conf;
1647	if (!is_admin())
1648	{
1649	return new PwgError(401, 'Access denied');
1650	}
1651
1652	$params['image_id'] = (int)$params['image_id'];
1653	if ($params['image_id'] <= 0)
1654	{
1655	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1656	}
1657
1658	//
1659	// what is the path and other infos about the photo?
1660	//
1661	$query = '
1662	SELECT
1663	path,
1664	file,
1665	md5sum,
1666	width,
1667	height,
1668	filesize
1669	FROM '.IMAGES_TABLE.'
1670	WHERE id = '.$params['image_id'].'
1671	;';
1672	$image = pwg_db_fetch_assoc(pwg_query($query));
1673
1674	if ($image == null)
1675	{
1676	return new PwgError(404, "image_id not found");
1677	}
1678
1679	// since Piwigo 2.4 and derivatives, we do not take the imported "thumb"
1680	// into account
1681	if ('thumb' == $params['type'])
1682	{
1683	remove_chunks($image['md5sum'], $type);
1684	return true;
1685	}
1686
1687	// since Piwigo 2.4 and derivatives, we only care about the "original"
1688	$original_type = 'file';
1689	if ('high' == $params['type'])
1690	{
1691	$original_type = 'high';
1692	}
1693
1694	$file_path = $conf['upload_dir'].'/buffer/'.$image['md5sum'].'-original';
1695
1696	merge_chunks($file_path, $image['md5sum'], $original_type);
1697	chmod($file_path, 0644);
1698
1699	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1700
1701	// if we receive the "file", we only update the original if the "file" is
1702	// bigger than current original
1703	if ('file' == $params['type'])
1704	{
1705	$do_update = false;
1706
1707	$infos = pwg_image_infos($file_path);
1708
1709	foreach (array('width', 'height', 'filesize') as $image_info)
1710	{
1711	if ($infos[$image_info] > $image[$image_info])
1712	{
1713	$do_update = true;
1714	}
1715	}
1716
1717	if (!$do_update)
1718	{
1719	unlink($file_path);
1720	return true;
1721	}
1722	}
1723
1724	$image_id = add_uploaded_file(
1725	$file_path,
1726	$image['file'],
1727	null,
1728	null,
1729	$params['image_id'],
1730	$image['md5sum'] // we force the md5sum to remain the same
1731	);
1732	}
1733
1734	function ws_images_add($params, &$service)
1735	{
1736	global $conf, $user;
1737	if (!is_admin())
1738	{
1739	return new PwgError(401, 'Access denied');
1740	}
1741
1742	foreach ($params as $param_key => $param_value) {
1743	ws_logfile(
1744	sprintf(
1745	'[pwg.images.add] input param "%s" : "%s"',
1746	$param_key,
1747	is_null($param_value) ? 'NULL' : $param_value
1748	)
1749	);
1750	}
1751
1752	$params['image_id'] = (int)$params['image_id'];
1753	if ($params['image_id'] > 0)
1754	{
1755	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1756
1757	$query='
1758	SELECT *
1759	FROM '.IMAGES_TABLE.'
1760	WHERE id = '.$params['image_id'].'
1761	;';
1762
1763	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1764	if ($image_row == null)
1765	{
1766	return new PwgError(404, "image_id not found");
1767	}
1768	}
1769
1770	// does the image already exists ?
1771	if ($params['check_uniqueness'])
1772	{
1773	if ('md5sum' == $conf['uniqueness_mode'])
1774	{
1775	$where_clause = "md5sum = '".$params['original_sum']."'";
1776	}
1777	if ('filename' == $conf['uniqueness_mode'])
1778	{
1779	$where_clause = "file = '".$params['original_filename']."'";
1780	}
1781
1782	$query = '
1783	SELECT
1784	COUNT(*) AS counter
1785	FROM '.IMAGES_TABLE.'
1786	WHERE '.$where_clause.'
1787	;';
1788	list($counter) = pwg_db_fetch_row(pwg_query($query));
1789	if ($counter != 0) {
1790	return new PwgError(500, 'file already exists');
1791	}
1792	}
1793
1794	// due to the new feature "derivatives" (multiple sizes) introduced for
1795	// Piwigo 2.4, we only take the biggest photos sent on
1796	// pwg.images.addChunk. If "high" is available we use it as "original"
1797	// else we use "file".
1798	remove_chunks($params['original_sum'], 'thumb');
1799
1800	if (isset($params['high_sum']))
1801	{
1802	$original_type = 'high';
1803	remove_chunks($params['original_sum'], 'file');
1804	}
1805	else
1806	{
1807	$original_type = 'file';
1808	}
1809
1810	$file_path = $conf['upload_dir'].'/buffer/'.$params['original_sum'].'-original';
1811
1812	merge_chunks($file_path, $params['original_sum'], $original_type);
1813	chmod($file_path, 0644);
1814
1815	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1816
1817	$image_id = add_uploaded_file(
1818	$file_path,
1819	$params['original_filename'],
1820	null, // categories
1821	isset($params['level']) ? $params['level'] : null,
1822	$params['image_id'] > 0 ? $params['image_id'] : null,
1823	$params['original_sum']
1824	);
1825
1826	$info_columns = array(
1827	'name',
1828	'author',
1829	'comment',
1830	'date_creation',
1831	);
1832
1833	$update = array();
1834
1835	foreach ($info_columns as $key)
1836	{
1837	if (isset($params[$key]))
1838	{
1839	$update[$key] = $params[$key];
1840	}
1841	}
1842
1843	if (count(array_keys($update)) > 0)
1844	{
1845	single_update(
1846	IMAGES_TABLE,
1847	$update,
1848	array('id' => $image_id)
1849	);
1850	}
1851
1852	$url_params = array('image_id' => $image_id);
1853
1854	// let's add links between the image and the categories
1855	if (isset($params['categories']))
1856	{
1857	ws_add_image_category_relations($image_id, $params['categories']);
1858
1859	if (preg_match('/^\d+/', $params['categories'], $matches)) {
1860	$category_id = $matches[0];
1861
1862	$query = '
1863	SELECT id, name, permalink
1864	FROM '.CATEGORIES_TABLE.'
1865	WHERE id = '.$category_id.'
1866	;';
1867	$result = pwg_query($query);
1868	$category = pwg_db_fetch_assoc($result);
1869
1870	$url_params['section'] = 'categories';
1871	$url_params['category'] = $category;
1872	}
1873	}
1874
1875	// and now, let's create tag associations
1876	if (isset($params['tag_ids']) and !empty($params['tag_ids']))
1877	{
1878	set_tags(
1879	explode(',', $params['tag_ids']),
1880	$image_id
1881	);
1882	}
1883
1884	invalidate_user_cache();
1885
1886	return array(
1887	'image_id' => $image_id,
1888	'url' => make_picture_url($url_params),
1889	);
1890	}
1891
1892	function ws_images_addSimple($params, &$service)
1893	{
1894	global $conf;
1895	if (!is_admin())
1896	{
1897	return new PwgError(401, 'Access denied');
1898	}
1899
1900	if (!$service->isPost())
1901	{
1902	return new PwgError(405, "This method requires HTTP POST");
1903	}
1904
1905	if (!isset($_FILES['image']))
1906	{
1907	return new PwgError(405, "The image (file) parameter is missing");
1908	}
1909
1910	$params['image_id'] = (int)$params['image_id'];
1911	if ($params['image_id'] > 0)
1912	{
1913	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1914
1915	$query='
1916	SELECT *
1917	FROM '.IMAGES_TABLE.'
1918	WHERE id = '.$params['image_id'].'
1919	;';
1920
1921	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1922	if ($image_row == null)
1923	{
1924	return new PwgError(404, "image_id not found");
1925	}
1926	}
1927
1928	// category
1929	$params['category'] = (int)$params['category'];
1930	if ($params['category'] <= 0 and $params['image_id'] <= 0)
1931	{
1932	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
1933	}
1934
1935	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1936
1937	$image_id = add_uploaded_file(
1938	$_FILES['image']['tmp_name'],
1939	$_FILES['image']['name'],
1940	$params['category'] > 0 ? array($params['category']) : null,
1941	8,
1942	$params['image_id'] > 0 ? $params['image_id'] : null
1943	);
1944
1945	$info_columns = array(
1946	'name',
1947	'author',
1948	'comment',
1949	'level',
1950	'date_creation',
1951	);
1952
1953	foreach ($info_columns as $key)
1954	{
1955	if (isset($params[$key]))
1956	{
1957	$update[$key] = $params[$key];
1958	}
1959	}
1960
1961	if (count(array_keys($update)) > 0)
1962	{
1963	$update['id'] = $image_id;
1964
1965	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1966	mass_updates(
1967	IMAGES_TABLE,
1968	array(
1969	'primary' => array('id'),
1970	'update' => array_diff(array_keys($update), array('id'))
1971	),
1972	array($update)
1973	);
1974	}
1975
1976
1977	if (isset($params['tags']) and !empty($params['tags']))
1978	{
1979	$tag_ids = array();
1980	$tag_names = explode(',', $params['tags']);
1981	foreach ($tag_names as $tag_name)
1982	{
1983	$tag_id = tag_id_from_tag_name($tag_name);
1984	array_push($tag_ids, $tag_id);
1985	}
1986
1987	add_tags($tag_ids, array($image_id));
1988	}
1989
1990	$url_params = array('image_id' => $image_id);
1991
1992	if ($params['category'] > 0)
1993	{
1994	$query = '
1995	SELECT id, name, permalink
1996	FROM '.CATEGORIES_TABLE.'
1997	WHERE id = '.$params['category'].'
1998	;';
1999	$result = pwg_query($query);
2000	$category = pwg_db_fetch_assoc($result);
2001
2002	$url_params['section'] = 'categories';
2003	$url_params['category'] = $category;
2004	}
2005
2006	// update metadata from the uploaded file (exif/iptc), even if the sync
2007	// was already performed by add_uploaded_file().
2008
2009	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
2010	sync_metadata(array($image_id));
2011
2012	return array(
2013	'image_id' => $image_id,
2014	'url' => make_picture_url($url_params),
2015	);
2016	}
2017
2018	function ws_rates_delete($params, &$service)
2019	{
2020	global $conf;
2021
2022	if (!$service->isPost())
2023	{
2024	return new PwgError(405, 'This method requires HTTP POST');
2025	}
2026
2027	if (!is_admin())
2028	{
2029	return new PwgError(401, 'Access denied');
2030	}
2031
2032	$user_id = (int)$params['user_id'];
2033	if ($user_id<=0)
2034	{
2035	return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid user_id');
2036	}
2037
2038	$query = '
2039	DELETE FROM '.RATE_TABLE.'
2040	WHERE user_id='.$user_id;
2041
2042	if (!empty($params['anonymous_id']))
2043	{
2044	$query .= ' AND anonymous_id=\''.$params['anonymous_id'].'\'';
2045	}
2046
2047	$changes = pwg_db_changes(pwg_query($query));
2048	if ($changes)
2049	{
2050	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
2051	update_rating_score();
2052	}
2053	return $changes;
2054	}
2055
2056
2057	/**
2058	* perform a login (web service method)
2059	*/
2060	function ws_session_login($params, &$service)
2061	{
2062	global $conf;
2063
2064	if (!$service->isPost())
2065	{
2066	return new PwgError(405, "This method requires HTTP POST");
2067	}
2068	if (try_log_user($params['username'], $params['password'],false))
2069	{
2070	return true;
2071	}
2072	return new PwgError(999, 'Invalid username/password');
2073	}
2074
2075
2076	/**
2077	* performs a logout (web service method)
2078	*/
2079	function ws_session_logout($params, &$service)
2080	{
2081	if (!is_a_guest())
2082	{
2083	logout_user();
2084	}
2085	return true;
2086	}
2087
2088	function ws_session_getStatus($params, &$service)
2089	{
2090	global $user;
2091	$res = array();
2092	$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
2093	foreach ( array('status', 'theme', 'language') as $k )
2094	{
2095	$res[$k] = $user[$k];
2096	}
2097	$res['pwg_token'] = get_pwg_token();
2098	$res['charset'] = get_pwg_charset();
2099
2100	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
2101	$res['current_datetime'] = $dbnow;
2102
2103	return $res;
2104	}
2105
2106
2107	/**
2108	* returns a list of tags (web service method)
2109	*/
2110	function ws_tags_getList($params, &$service)
2111	{
2112	$tags = get_available_tags();
2113	if ($params['sort_by_counter'])
2114	{
2115	usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
2116	}
2117	else
2118	{
2119	usort($tags, 'tag_alpha_compare');
2120	}
2121	for ($i=0; $i<count($tags); $i++)
2122	{
2123	$tags[$i]['id'] = (int)$tags[$i]['id'];
2124	$tags[$i]['counter'] = (int)$tags[$i]['counter'];
2125	$tags[$i]['url'] = make_index_url(
2126	array(
2127	'section'=>'tags',
2128	'tags'=>array($tags[$i])
2129	)
2130	);
2131	}
2132	return array('tags' => new PwgNamedArray($tags, 'tag', array('id','url_name','url', 'name', 'counter' )) );
2133	}
2134
2135	/**
2136	* returns the list of tags as you can see them in administration (web
2137	* service method).
2138	*
2139	* Only admin can run this method and permissions are not taken into
2140	* account.
2141	*/
2142	function ws_tags_getAdminList($params, &$service)
2143	{
2144	if (!is_admin())
2145	{
2146	return new PwgError(401, 'Access denied');
2147	}
2148
2149	$tags = get_all_tags();
2150	return array(
2151	'tags' => new PwgNamedArray(
2152	$tags,
2153	'tag',
2154	array(
2155	'name',
2156	'id',
2157	'url_name',
2158	)
2159	)
2160	);
2161	}
2162
2163	/**
2164	* returns a list of images for tags (web service method)
2165	*/
2166	function ws_tags_getImages($params, &$service)
2167	{
2168	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
2169	global $conf;
2170
2171	// first build all the tag_ids we are interested in
2172	$params['tag_id'] = array_map( 'intval',$params['tag_id'] );
2173	$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
2174	$tags_by_id = array();
2175	foreach( $tags as $tag )
2176	{
2177	$tags['id'] = (int)$tag['id'];
2178	$tags_by_id[ $tag['id'] ] = $tag;
2179	}
2180	unset($tags);
2181	$tag_ids = array_keys($tags_by_id);
2182
2183
2184	$where_clauses = ws_std_image_sql_filter($params);
2185	if (!empty($where_clauses))
2186	{
2187	$where_clauses = implode( ' AND ', $where_clauses);
2188	}
2189	$image_ids = get_image_ids_for_tags(
2190	$tag_ids,
2191	$params['tag_mode_and'] ? 'AND' : 'OR',
2192	$where_clauses,
2193	ws_std_image_sql_order($params) );
2194
2195
2196	$image_ids = array_slice($image_ids, (int)($params['per_page']*$params['page']), (int)$params['per_page'] );
2197
2198	$image_tag_map = array();
2199	if ( !empty($image_ids) and !$params['tag_mode_and'] )
2200	{ // build list of image ids with associated tags per image
2201	$query = '
2202	SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
2203	FROM '.IMAGE_TAG_TABLE.'
2204	WHERE tag_id IN ('.implode(',',$tag_ids).') AND image_id IN ('.implode(',',$image_ids).')
2205	GROUP BY image_id';
2206	$result = pwg_query($query);
2207	while ( $row=pwg_db_fetch_assoc($result) )
2208	{
2209	$row['image_id'] = (int)$row['image_id'];
2210	array_push( $image_ids, $row['image_id'] );
2211	$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
2212	}
2213	}
2214
2215	$images = array();
2216	if (!empty($image_ids))
2217	{
2218	$rank_of = array_flip($image_ids);
2219	$result = pwg_query('
2220	SELECT * FROM '.IMAGES_TABLE.'
2221	WHERE id IN ('.implode(',',$image_ids).')');
2222	while ($row = pwg_db_fetch_assoc($result))
2223	{
2224	$image = array();
2225	$image['rank'] = $rank_of[ $row['id'] ];
2226	foreach ( array('id', 'width', 'height', 'hit') as $k )
2227	{
2228	if (isset($row[$k]))
2229	{
2230	$image[$k] = (int)$row[$k];
2231	}
2232	}
2233	foreach ( array('file', 'name', 'comment', 'date_creation', 'date_available') as $k )
2234	{
2235	$image[$k] = $row[$k];
2236	}
2237	$image = array_merge( $image, ws_std_get_urls($row) );
2238
2239	$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
2240	$image_tags = array();
2241	foreach ($image_tag_ids as $tag_id)
2242	{
2243	$url = make_index_url(
2244	array(
2245	'section'=>'tags',
2246	'tags'=> array($tags_by_id[$tag_id])
2247	)
2248	);
2249	$page_url = make_picture_url(
2250	array(
2251	'section'=>'tags',
2252	'tags'=> array($tags_by_id[$tag_id]),
2253	'image_id' => $row['id'],
2254	'image_file' => $row['file'],
2255	)
2256	);
2257	array_push($image_tags, array(
2258	'id' => (int)$tag_id,
2259	'url' => $url,
2260	'page_url' => $page_url,
2261	)
2262	);
2263	}
2264	$image['tags'] = new PwgNamedArray($image_tags, 'tag',
2265	array('id','url_name','url','page_url')
2266	);
2267	array_push($images, $image);
2268	}
2269	usort($images, 'rank_compare');
2270	unset($rank_of);
2271	}
2272
2273	return array( 'images' =>
2274	array (
2275	WS_XML_ATTRIBUTES =>
2276	array(
2277	'page' => $params['page'],
2278	'per_page' => $params['per_page'],
2279	'count' => count($images)
2280	),
2281	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
2282	ws_std_get_image_xml_attributes() )
2283	)
2284	);
2285	}
2286
2287	function ws_categories_add($params, &$service)
2288	{
2289	if (!is_admin())
2290	{
2291	return new PwgError(401, 'Access denied');
2292	}
2293
2294	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2295
2296	$creation_output = create_virtual_category(
2297	$params['name'],
2298	$params['parent']
2299	);
2300
2301	if (isset($creation_output['error']))
2302	{
2303	return new PwgError(500, $creation_output['error']);
2304	}
2305
2306	invalidate_user_cache();
2307
2308	return $creation_output;
2309	}
2310
2311	function ws_tags_add($params, &$service)
2312	{
2313	if (!is_admin())
2314	{
2315	return new PwgError(401, 'Access denied');
2316	}
2317
2318	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2319
2320	$creation_output = create_tag($params['name']);
2321
2322	if (isset($creation_output['error']))
2323	{
2324	return new PwgError(500, $creation_output['error']);
2325	}
2326
2327	return $creation_output;
2328	}
2329
2330	function ws_images_exist($params, &$service)
2331	{
2332	ws_logfile(__FUNCTION__.' '.var_export($params, true));
2333
2334	global $conf;
2335
2336	if (!is_admin())
2337	{
2338	return new PwgError(401, 'Access denied');
2339	}
2340
2341	$split_pattern = '/[\s,;\\|]/';
2342
2343	if ('md5sum' == $conf['uniqueness_mode'])
2344	{
2345	// search among photos the list of photos already added, based on md5sum
2346	// list
2347	$md5sums = preg_split(
2348	$split_pattern,
2349	$params['md5sum_list'],
2350	-1,
2351	PREG_SPLIT_NO_EMPTY
2352	);
2353
2354	$query = '
2355	SELECT
2356	id,
2357	md5sum
2358	FROM '.IMAGES_TABLE.'
2359	WHERE md5sum IN (\''.implode("','", $md5sums).'\')
2360	;';
2361	$id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
2362
2363	$result = array();
2364
2365	foreach ($md5sums as $md5sum)
2366	{
2367	$result[$md5sum] = null;
2368	if (isset($id_of_md5[$md5sum]))
2369	{
2370	$result[$md5sum] = $id_of_md5[$md5sum];
2371	}
2372	}
2373	}
2374
2375	if ('filename' == $conf['uniqueness_mode'])
2376	{
2377	// search among photos the list of photos already added, based on
2378	// filename list
2379	$filenames = preg_split(
2380	$split_pattern,
2381	$params['filename_list'],
2382	-1,
2383	PREG_SPLIT_NO_EMPTY
2384	);
2385
2386	$query = '
2387	SELECT
2388	id,
2389	file
2390	FROM '.IMAGES_TABLE.'
2391	WHERE file IN (\''.implode("','", $filenames).'\')
2392	;';
2393	$id_of_filename = simple_hash_from_query($query, 'file', 'id');
2394
2395	$result = array();
2396
2397	foreach ($filenames as $filename)
2398	{
2399	$result[$filename] = null;
2400	if (isset($id_of_filename[$filename]))
2401	{
2402	$result[$filename] = $id_of_filename[$filename];
2403	}
2404	}
2405	}
2406
2407	return $result;
2408	}
2409
2410	function ws_images_checkFiles($params, &$service)
2411	{
2412	ws_logfile(__FUNCTION__.', input : '.var_export($params, true));
2413
2414	if (!is_admin())
2415	{
2416	return new PwgError(401, 'Access denied');
2417	}
2418
2419	// input parameters
2420	//
2421	// image_id
2422	// thumbnail_sum
2423	// file_sum
2424	// high_sum
2425
2426	$params['image_id'] = (int)$params['image_id'];
2427	if ($params['image_id'] <= 0)
2428	{
2429	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
2430	}
2431
2432	$query = '
2433	SELECT
2434	path
2435	FROM '.IMAGES_TABLE.'
2436	WHERE id = '.$params['image_id'].'
2437	;';
2438	$result = pwg_query($query);
2439	if (pwg_db_num_rows($result) == 0)
2440	{
2441	return new PwgError(404, "image_id not found");
2442	}
2443	list($path) = pwg_db_fetch_row($result);
2444
2445	$ret = array();
2446
2447	if (isset($params['thumbnail_sum']))
2448	{
2449	// We always say the thumbnail is equal to create no reaction on the
2450	// other side. Since Piwigo 2.4 and derivatives, the thumbnails and web
2451	// sizes are always generated by Piwigo
2452	$ret['thumbnail'] = 'equals';
2453	}
2454
2455	if (isset($params['high_sum']))
2456	{
2457	$ret['file'] = 'equals';
2458	$compare_type = 'high';
2459	}
2460	elseif (isset($params['file_sum']))
2461	{
2462	$compare_type = 'file';
2463	}
2464
2465	if (isset($compare_type))
2466	{
2467	ws_logfile(__FUNCTION__.', md5_file($path) = '.md5_file($path));
2468	if (md5_file($path) != $params[$compare_type.'_sum'])
2469	{
2470	$ret[$compare_type] = 'differs';
2471	}
2472	else
2473	{
2474	$ret[$compare_type] = 'equals';
2475	}
2476	}
2477
2478	ws_logfile(__FUNCTION__.', output : '.var_export($ret, true));
2479
2480	return $ret;
2481	}
2482
2483	function ws_images_setInfo($params, &$service)
2484	{
2485	global $conf;
2486	if (!is_admin())
2487	{
2488	return new PwgError(401, 'Access denied');
2489	}
2490
2491	if (!$service->isPost())
2492	{
2493	return new PwgError(405, "This method requires HTTP POST");
2494	}
2495
2496	$params['image_id'] = (int)$params['image_id'];
2497	if ($params['image_id'] <= 0)
2498	{
2499	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
2500	}
2501
2502	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2503
2504	$query='
2505	SELECT *
2506	FROM '.IMAGES_TABLE.'
2507	WHERE id = '.$params['image_id'].'
2508	;';
2509
2510	$image_row = pwg_db_fetch_assoc(pwg_query($query));
2511	if ($image_row == null)
2512	{
2513	return new PwgError(404, "image_id not found");
2514	}
2515
2516	// database registration
2517	$update = array();
2518
2519	$info_columns = array(
2520	'name',
2521	'author',
2522	'comment',
2523	'level',
2524	'date_creation',
2525	);
2526
2527	foreach ($info_columns as $key)
2528	{
2529	if (isset($params[$key]))
2530	{
2531	if ('fill_if_empty' == $params['single_value_mode'])
2532	{
2533	if (empty($image_row[$key]))
2534	{
2535	$update[$key] = $params[$key];
2536	}
2537	}
2538	elseif ('replace' == $params['single_value_mode'])
2539	{
2540	$update[$key] = $params[$key];
2541	}
2542	else
2543	{
2544	return new PwgError(
2545	500,
2546	'[ws_images_setInfo]'
2547	.' invalid parameter single_value_mode "'.$params['single_value_mode'].'"'
2548	.', possible values are {fill_if_empty, replace}.'
2549	);
2550	}
2551	}
2552	}
2553
2554	if (isset($params['file']))
2555	{
2556	if (!empty($image_row['storage_category_id']))
2557	{
2558	return new PwgError(500, '[ws_images_setInfo] updating "file" is forbidden on photos added by synchronization');
2559	}
2560
2561	$update['file'] = $params['file'];
2562	}
2563
2564	if (count(array_keys($update)) > 0)
2565	{
2566	$update['id'] = $params['image_id'];
2567
2568	mass_updates(
2569	IMAGES_TABLE,
2570	array(
2571	'primary' => array('id'),
2572	'update' => array_diff(array_keys($update), array('id'))
2573	),
2574	array($update)
2575	);
2576	}
2577
2578	if (isset($params['categories']))
2579	{
2580	ws_add_image_category_relations(
2581	$params['image_id'],
2582	$params['categories'],
2583	('replace' == $params['multiple_value_mode'] ? true : false)
2584	);
2585	}
2586
2587	// and now, let's create tag associations
2588	if (isset($params['tag_ids']))
2589	{
2590	$tag_ids = explode(',', $params['tag_ids']);
2591
2592	if ('replace' == $params['multiple_value_mode'])
2593	{
2594	set_tags(
2595	$tag_ids,
2596	$params['image_id']
2597	);
2598	}
2599	elseif ('append' == $params['multiple_value_mode'])
2600	{
2601	add_tags(
2602	$tag_ids,
2603	array($params['image_id'])
2604	);
2605	}
2606	else
2607	{
2608	return new PwgError(
2609	500,
2610	'[ws_images_setInfo]'
2611	.' invalid parameter multiple_value_mode "'.$params['multiple_value_mode'].'"'
2612	.', possible values are {replace, append}.'
2613	);
2614	}
2615	}
2616
2617	invalidate_user_cache();
2618	}
2619
2620	function ws_images_delete($params, &$service)
2621	{
2622	global $conf;
2623	if (!is_admin())
2624	{
2625	return new PwgError(401, 'Access denied');
2626	}
2627
2628	if (!$service->isPost())
2629	{
2630	return new PwgError(405, "This method requires HTTP POST");
2631	}
2632
2633	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2634	{
2635	return new PwgError(403, 'Invalid security token');
2636	}
2637
2638	$params['image_id'] = preg_split(
2639	'/[\s,;\\|]/',
2640	$params['image_id'],
2641	-1,
2642	PREG_SPLIT_NO_EMPTY
2643	);
2644	$params['image_id'] = array_map('intval', $params['image_id']);
2645
2646	$image_ids = array();
2647	foreach ($params['image_id'] as $image_id)
2648	{
2649	if ($image_id > 0)
2650	{
2651	array_push($image_ids, $image_id);
2652	}
2653	}
2654
2655	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2656	delete_elements($image_ids, true);
2657	}
2658
2659	function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
2660	{
2661	// let's add links between the image and the categories
2662	//
2663	// $params['categories'] should look like 123,12;456,auto;789 which means:
2664	//
2665	// 1. associate with category 123 on rank 12
2666	// 2. associate with category 456 on automatic rank
2667	// 3. associate with category 789 on automatic rank
2668	$cat_ids = array();
2669	$rank_on_category = array();
2670	$search_current_ranks = false;
2671
2672	$tokens = explode(';', $categories_string);
2673	foreach ($tokens as $token)
2674	{
2675	@list($cat_id, $rank) = explode(',', $token);
2676
2677	if (!preg_match('/^\d+$/', $cat_id))
2678	{
2679	continue;
2680	}
2681
2682	array_push($cat_ids, $cat_id);
2683
2684	if (!isset($rank))
2685	{
2686	$rank = 'auto';
2687	}
2688	$rank_on_category[$cat_id] = $rank;
2689
2690	if ($rank == 'auto')
2691	{
2692	$search_current_ranks = true;
2693	}
2694	}
2695
2696	$cat_ids = array_unique($cat_ids);
2697
2698	if (count($cat_ids) == 0)
2699	{
2700	return new PwgError(
2701	500,
2702	'[ws_add_image_category_relations] there is no category defined in "'.$categories_string.'"'
2703	);
2704	}
2705
2706	$query = '
2707	SELECT
2708	id
2709	FROM '.CATEGORIES_TABLE.'
2710	WHERE id IN ('.implode(',', $cat_ids).')
2711	;';
2712	$db_cat_ids = array_from_query($query, 'id');
2713
2714	$unknown_cat_ids = array_diff($cat_ids, $db_cat_ids);
2715	if (count($unknown_cat_ids) != 0)
2716	{
2717	return new PwgError(
2718	500,
2719	'[ws_add_image_category_relations] the following categories are unknown: '.implode(', ', $unknown_cat_ids)
2720	);
2721	}
2722
2723	$to_update_cat_ids = array();
2724
2725	// in case of replace mode, we first check the existing associations
2726	$query = '
2727	SELECT
2728	category_id
2729	FROM '.IMAGE_CATEGORY_TABLE.'
2730	WHERE image_id = '.$image_id.'
2731	;';
2732	$existing_cat_ids = array_from_query($query, 'category_id');
2733
2734	if ($replace_mode)
2735	{
2736	$to_remove_cat_ids = array_diff($existing_cat_ids, $cat_ids);
2737	if (count($to_remove_cat_ids) > 0)
2738	{
2739	$query = '
2740	DELETE
2741	FROM '.IMAGE_CATEGORY_TABLE.'
2742	WHERE image_id = '.$image_id.'
2743	AND category_id IN ('.implode(', ', $to_remove_cat_ids).')
2744	;';
2745	pwg_query($query);
2746	update_category($to_remove_cat_ids);
2747	}
2748	}
2749
2750	$new_cat_ids = array_diff($cat_ids, $existing_cat_ids);
2751	if (count($new_cat_ids) == 0)
2752	{
2753	return true;
2754	}
2755
2756	if ($search_current_ranks)
2757	{
2758	$query = '
2759	SELECT
2760	category_id,
2761	MAX(rank) AS max_rank
2762	FROM '.IMAGE_CATEGORY_TABLE.'
2763	WHERE rank IS NOT NULL
2764	AND category_id IN ('.implode(',', $new_cat_ids).')
2765	GROUP BY category_id
2766	;';
2767	$current_rank_of = simple_hash_from_query(
2768	$query,
2769	'category_id',
2770	'max_rank'
2771	);
2772
2773	foreach ($new_cat_ids as $cat_id)
2774	{
2775	if (!isset($current_rank_of[$cat_id]))
2776	{
2777	$current_rank_of[$cat_id] = 0;
2778	}
2779
2780	if ('auto' == $rank_on_category[$cat_id])
2781	{
2782	$rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1;
2783	}
2784	}
2785	}
2786
2787	$inserts = array();
2788
2789	foreach ($new_cat_ids as $cat_id)
2790	{
2791	array_push(
2792	$inserts,
2793	array(
2794	'image_id' => $image_id,
2795	'category_id' => $cat_id,
2796	'rank' => $rank_on_category[$cat_id],
2797	)
2798	);
2799	}
2800
2801	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2802	mass_inserts(
2803	IMAGE_CATEGORY_TABLE,
2804	array_keys($inserts[0]),
2805	$inserts
2806	);
2807
2808	update_category($new_cat_ids);
2809	}
2810
2811	function ws_categories_setInfo($params, &$service)
2812	{
2813	global $conf;
2814	if (!is_admin())
2815	{
2816	return new PwgError(401, 'Access denied');
2817	}
2818
2819	if (!$service->isPost())
2820	{
2821	return new PwgError(405, "This method requires HTTP POST");
2822	}
2823
2824	// category_id
2825	// name
2826	// comment
2827
2828	$params['category_id'] = (int)$params['category_id'];
2829	if ($params['category_id'] <= 0)
2830	{
2831	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
2832	}
2833
2834	// database registration
2835	$update = array(
2836	'id' => $params['category_id'],
2837	);
2838
2839	$info_columns = array(
2840	'name',
2841	'comment',
2842	);
2843
2844	$perform_update = false;
2845	foreach ($info_columns as $key)
2846	{
2847	if (isset($params[$key]))
2848	{
2849	$perform_update = true;
2850	$update[$key] = $params[$key];
2851	}
2852	}
2853
2854	if ($perform_update)
2855	{
2856	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2857	mass_updates(
2858	CATEGORIES_TABLE,
2859	array(
2860	'primary' => array('id'),
2861	'update' => array_diff(array_keys($update), array('id'))
2862	),
2863	array($update)
2864	);
2865	}
2866
2867	}
2868
2869	function ws_categories_setRepresentative($params, &$service)
2870	{
2871	global $conf;
2872
2873	if (!is_admin())
2874	{
2875	return new PwgError(401, 'Access denied');
2876	}
2877
2878	if (!$service->isPost())
2879	{
2880	return new PwgError(405, "This method requires HTTP POST");
2881	}
2882
2883	// category_id
2884	// image_id
2885
2886	$params['category_id'] = (int)$params['category_id'];
2887	if ($params['category_id'] <= 0)
2888	{
2889	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
2890	}
2891
2892	// does the category really exist?
2893	$query='
2894	SELECT
2895	*
2896	FROM '.CATEGORIES_TABLE.'
2897	WHERE id = '.$params['category_id'].'
2898	;';
2899	$row = pwg_db_fetch_assoc(pwg_query($query));
2900	if ($row == null)
2901	{
2902	return new PwgError(404, "category_id not found");
2903	}
2904
2905	$params['image_id'] = (int)$params['image_id'];
2906	if ($params['image_id'] <= 0)
2907	{
2908	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
2909	}
2910
2911	// does the image really exist?
2912	$query='
2913	SELECT
2914	*
2915	FROM '.IMAGES_TABLE.'
2916	WHERE id = '.$params['image_id'].'
2917	;';
2918
2919	$row = pwg_db_fetch_assoc(pwg_query($query));
2920	if ($row == null)
2921	{
2922	return new PwgError(404, "image_id not found");
2923	}
2924
2925	// apply change
2926	$query = '
2927	UPDATE '.CATEGORIES_TABLE.'
2928	SET representative_picture_id = '.$params['image_id'].'
2929	WHERE id = '.$params['category_id'].'
2930	;';
2931	pwg_query($query);
2932
2933	$query = '
2934	UPDATE '.USER_CACHE_CATEGORIES_TABLE.'
2935	SET user_representative_picture_id = NULL
2936	WHERE cat_id = '.$params['category_id'].'
2937	;';
2938	pwg_query($query);
2939	}
2940
2941	function ws_categories_delete($params, &$service)
2942	{
2943	global $conf;
2944	if (!is_admin())
2945	{
2946	return new PwgError(401, 'Access denied');
2947	}
2948
2949	if (!$service->isPost())
2950	{
2951	return new PwgError(405, "This method requires HTTP POST");
2952	}
2953
2954	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2955	{
2956	return new PwgError(403, 'Invalid security token');
2957	}
2958
2959	$modes = array('no_delete', 'delete_orphans', 'force_delete');
2960	if (!in_array($params['photo_deletion_mode'], $modes))
2961	{
2962	return new PwgError(
2963	500,
2964	'[ws_categories_delete]'
2965	.' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
2966	.', possible values are {'.implode(', ', $modes).'}.'
2967	);
2968	}
2969
2970	$params['category_id'] = preg_split(
2971	'/[\s,;\\|]/',
2972	$params['category_id'],
2973	-1,
2974	PREG_SPLIT_NO_EMPTY
2975	);
2976	$params['category_id'] = array_map('intval', $params['category_id']);
2977
2978	$category_ids = array();
2979	foreach ($params['category_id'] as $category_id)
2980	{
2981	if ($category_id > 0)
2982	{
2983	array_push($category_ids, $category_id);
2984	}
2985	}
2986
2987	if (count($category_ids) == 0)
2988	{
2989	return;
2990	}
2991
2992	$query = '
2993	SELECT id
2994	FROM '.CATEGORIES_TABLE.'
2995	WHERE id IN ('.implode(',', $category_ids).')
2996	;';
2997	$category_ids = array_from_query($query, 'id');
2998
2999	if (count($category_ids) == 0)
3000	{
3001	return;
3002	}
3003
3004	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
3005	delete_categories($category_ids, $params['photo_deletion_mode']);
3006	update_global_rank();
3007	}
3008
3009	function ws_categories_move($params, &$service)
3010	{
3011	global $conf, $page;
3012
3013	if (!is_admin())
3014	{
3015	return new PwgError(401, 'Access denied');
3016	}
3017
3018	if (!$service->isPost())
3019	{
3020	return new PwgError(405, "This method requires HTTP POST");
3021	}
3022
3023	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
3024	{
3025	return new PwgError(403, 'Invalid security token');
3026	}
3027
3028	$params['category_id'] = preg_split(
3029	'/[\s,;\\|]/',
3030	$params['category_id'],
3031	-1,
3032	PREG_SPLIT_NO_EMPTY
3033	);
3034	$params['category_id'] = array_map('intval', $params['category_id']);
3035
3036	$category_ids = array();
3037	foreach ($params['category_id'] as $category_id)
3038	{
3039	if ($category_id > 0)
3040	{
3041	array_push($category_ids, $category_id);
3042	}
3043	}
3044
3045	if (count($category_ids) == 0)
3046	{
3047	return new PwgError(403, 'Invalid category_id input parameter, no category to move');
3048	}
3049
3050	// we can't move physical categories
3051	$categories_in_db = array();
3052
3053	$query = '
3054	SELECT
3055	id,
3056	name,
3057	dir
3058	FROM '.CATEGORIES_TABLE.'
3059	WHERE id IN ('.implode(',', $category_ids).')
3060	;';
3061	$result = pwg_query($query);
3062	while ($row = pwg_db_fetch_assoc($result))
3063	{
3064	$categories_in_db[$row['id']] = $row;
3065	// we break on error at first physical category detected
3066	if (!empty($row['dir']))
3067	{
3068	$row['name'] = strip_tags(
3069	trigger_event(
3070	'render_category_name',
3071	$row['name'],
3072	'ws_categories_move'
3073	)
3074	);
3075
3076	return new PwgError(
3077	403,
3078	sprintf(
3079	'Category %s (%u) is not a virtual category, you cannot move it',
3080	$row['name'],
3081	$row['id']
3082	)
3083	);
3084	}
3085	}
3086
3087	if (count($categories_in_db) != count($category_ids))
3088	{
3089	$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
3090
3091	return new PwgError(
3092	403,
3093	sprintf(
3094	'Category %u does not exist',
3095	$unknown_category_ids[0]
3096	)
3097	);
3098	}
3099
3100	// does this parent exists? This check should be made in the
3101	// move_categories function, not here
3102	//
3103	// 0 as parent means "move categories at gallery root"
3104	if (!is_numeric($params['parent']))
3105	{
3106	return new PwgError(403, 'Invalid parent input parameter');
3107	}
3108
3109	if (0 != $params['parent']) {
3110	$params['parent'] = intval($params['parent']);
3111	$subcat_ids = get_subcat_ids(array($params['parent']));
3112	if (count($subcat_ids) == 0)
3113	{
3114	return new PwgError(403, 'Unknown parent category id');
3115	}
3116	}
3117
3118	$page['infos'] = array();
3119	$page['errors'] = array();
3120	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
3121	move_categories($category_ids, $params['parent']);
3122	invalidate_user_cache();
3123
3124	if (count($page['errors']) != 0)
3125	{
3126	return new PwgError(403, implode('; ', $page['errors']));
3127	}
3128	}
3129
3130	function ws_logfile($string)
3131	{
3132	global $conf;
3133
3134	if (!$conf['ws_enable_log']) {
3135	return true;
3136	}
3137
3138	file_put_contents(
3139	$conf['ws_log_filepath'],
3140	'['.date('c').'] '.$string."\n",
3141	FILE_APPEND
3142	);
3143	}
3144
3145	function ws_images_checkUpload($params, &$service)
3146	{
3147	global $conf;
3148
3149	if (!is_admin())
3150	{
3151	return new PwgError(401, 'Access denied');
3152	}
3153
3154	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
3155	$ret['message'] = ready_for_upload_message();
3156	$ret['ready_for_upload'] = true;
3157
3158	if (!empty($ret['message']))
3159	{
3160	$ret['ready_for_upload'] = false;
3161	}
3162
3163	return $ret;
3164	}
3165
3166	function ws_plugins_getList($params, &$service)
3167	{
3168	global $conf;
3169
3170	if (!is_admin())
3171	{
3172	return new PwgError(401, 'Access denied');
3173	}
3174
3175	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
3176	$plugins = new plugins();
3177	$plugins->sort_fs_plugins('name');
3178	$plugin_list = array();
3179
3180	foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
3181	{
3182	if (isset($plugins->db_plugins_by_id[$plugin_id]))
3183	{
3184	$state = $plugins->db_plugins_by_id[$plugin_id]['state'];
3185	}
3186	else
3187	{
3188	$state = 'uninstalled';
3189	}
3190
3191	array_push(
3192	$plugin_list,
3193	array(
3194	'id' => $plugin_id,
3195	'name' => $fs_plugin['name'],
3196	'version' => $fs_plugin['version'],
3197	'state' => $state,
3198	'description' => $fs_plugin['description'],
3199	)
3200	);
3201	}
3202
3203	return $plugin_list;
3204	}
3205
3206	function ws_plugins_performAction($params, &$service)
3207	{
3208	global $template;
3209
3210	if (!is_admin())
3211	{
3212	return new PwgError(401, 'Access denied');
3213	}
3214
3215	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
3216	{
3217	return new PwgError(403, 'Invalid security token');
3218	}
3219
3220	define('IN_ADMIN', true);
3221	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
3222	$plugins = new plugins();
3223	$errors = $plugins->perform_action($params['action'], $params['plugin']);
3224
3225
3226	if (!empty($errors))
3227	{
3228	return new PwgError(500, $errors);
3229	}
3230	else
3231	{
3232	if (in_array($params['action'], array('activate', 'deactivate')))
3233	{
3234	$template->delete_compiled_templates();
3235	}
3236	return true;
3237	}
3238	}
3239
3240	function ws_themes_performAction($params, &$service)
3241	{
3242	global $template;
3243
3244	if (!is_admin())
3245	{
3246	return new PwgError(401, 'Access denied');
3247	}
3248
3249	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
3250	{
3251	return new PwgError(403, 'Invalid security token');
3252	}
3253
3254	define('IN_ADMIN', true);
3255	include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
3256	$themes = new themes();
3257	$errors = $themes->perform_action($params['action'], $params['theme']);
3258
3259	if (!empty($errors))
3260	{
3261	return new PwgError(500, $errors);
3262	}
3263	else
3264	{
3265	if (in_array($params['action'], array('activate', 'deactivate')))
3266	{
3267	$template->delete_compiled_templates();
3268	}
3269	return true;
3270	}
3271	}
3272
3273	function ws_extensions_update($params, &$service)
3274	{
3275	if (!is_webmaster())
3276	{
3277	return new PwgError(401, l10n('Webmaster status is required.'));
3278	}
3279
3280	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
3281	{
3282	return new PwgError(403, 'Invalid security token');
3283	}
3284
3285	if (empty($params['type']) or !in_array($params['type'], array('plugins', 'themes', 'languages')))
3286	{
3287	return new PwgError(403, "invalid extension type");
3288	}
3289
3290	if (empty($params['id']) or empty($params['revision']))
3291	{
3292	return new PwgError(null, 'Wrong parameters');
3293	}
3294
3295	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
3296	include_once(PHPWG_ROOT_PATH.'admin/include/'.$params['type'].'.class.php');
3297
3298	$type = $params['type'];
3299	$extension_id = $params['id'];
3300	$revision = $params['revision'];
3301
3302	$extension = new $type();
3303
3304	if ($type == 'plugins')
3305	{
3306	if (isset($extension->db_plugins_by_id[$extension_id]) and $extension->db_plugins_by_id[$extension_id]['state'] == 'active')
3307	{
3308	$extension->perform_action('deactivate', $extension_id);
3309
3310	redirect(PHPWG_ROOT_PATH
3311	. 'ws.php'
3312	. '?method=pwg.extensions.update'
3313	. '&type=plugins'
3314	. '&id=' . $extension_id
3315	. '&revision=' . $revision
3316	. '&reactivate=true'
3317	. '&pwg_token=' . get_pwg_token()
3318	. '&format=json'
3319	);
3320	}
3321
3322	$upgrade_status = $extension->extract_plugin_files('upgrade', $revision, $extension_id);
3323	$extension_name = $extension->fs_plugins[$extension_id]['name'];
3324
3325	if (isset($params['reactivate']))
3326	{
3327	$extension->perform_action('activate', $extension_id);
3328	}
3329	}
3330	elseif ($type == 'themes')
3331	{
3332	$upgrade_status = $extension->extract_theme_files('upgrade', $revision, $extension_id);
3333	$extension_name = $extension->fs_themes[$extension_id]['name'];
3334	}
3335	elseif ($type == 'languages')
3336	{
3337	$upgrade_status = $extension->extract_language_files('upgrade', $revision, $extension_id);
3338	$extension_name = $extension->fs_languages[$extension_id]['name'];
3339	}
3340
3341	global $template;
3342	$template->delete_compiled_templates();
3343
3344	switch ($upgrade_status)
3345	{
3346	case 'ok':
3347	return sprintf(l10n('%s has been successfully updated.'), $extension_name);
3348
3349	case 'temp_path_error':
3350	return new PwgError(null, l10n('Can\'t create temporary file.'));
3351
3352	case 'dl_archive_error':
3353	return new PwgError(null, l10n('Can\'t download archive.'));
3354
3355	case 'archive_error':
3356	return new PwgError(null, l10n('Can\'t read or extract archive.'));
3357
3358	default:
3359	return new PwgError(null, sprintf(l10n('An error occured during extraction (%s).'), $upgrade_status));
3360	}
3361	}
3362
3363	function ws_extensions_ignoreupdate($params, &$service)
3364	{
3365	global $conf;
3366
3367	define('IN_ADMIN', true);
3368	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
3369
3370	if (!is_webmaster())
3371	{
3372	return new PwgError(401, 'Access denied');
3373	}
3374
3375	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
3376	{
3377	return new PwgError(403, 'Invalid security token');
3378	}
3379
3380	$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
3381
3382	// Reset ignored extension
3383	if ($params['reset'])
3384	{
3385	if (!empty($params['type']) and isset($conf['updates_ignored'][$params['type']]))
3386	{
3387	$conf['updates_ignored'][$params['type']] = array();
3388	}
3389	else
3390	{
3391	$conf['updates_ignored'] = array(
3392	'plugins'=>array(),
3393	'themes'=>array(),
3394	'languages'=>array()
3395	);
3396	}
3397	conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
3398	unset($_SESSION['extensions_need_update']);
3399	return true;
3400	}
3401
3402	if (empty($params['id']) or empty($params['type']) or !in_array($params['type'], array('plugins', 'themes', 'languages')))
3403	{
3404	return new PwgError(403, 'Invalid parameters');
3405	}
3406
3407	// Add or remove extension from ignore list
3408	if (!in_array($params['id'], $conf['updates_ignored'][$params['type']]))
3409	{
3410	array_push($conf['updates_ignored'][$params['type']], $params['id']);
3411	}
3412	conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
3413	unset($_SESSION['extensions_need_update']);
3414	return true;
3415	}
3416
3417	function ws_extensions_checkupdates($params, &$service)
3418	{
3419	global $conf;
3420
3421	define('IN_ADMIN', true);
3422	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
3423	include_once(PHPWG_ROOT_PATH.'admin/include/updates.class.php');
3424	$update = new updates();
3425
3426	if (!is_admin())
3427	{
3428	return new PwgError(401, 'Access denied');
3429	}
3430
3431	$result = array();
3432
3433	if (!isset($_SESSION['need_update']))
3434	$update->check_piwigo_upgrade();
3435
3436	$result['piwigo_need_update'] = $_SESSION['need_update'];
3437
3438	$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
3439
3440	if (!isset($_SESSION['extensions_need_update']))
3441	$update->check_extensions();
3442	else
3443	$update->check_updated_extensions();
3444
3445	if (!is_array($_SESSION['extensions_need_update']))
3446	$result['ext_need_update'] = null;
3447	else
3448	$result['ext_need_update'] = !empty($_SESSION['extensions_need_update']);
3449
3450	return $result;
3451	}
3452	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: