Changeset 25117 for trunk/include
- Timestamp:
- Oct 24, 2013, 3:38:12 PM (11 years ago)
- Location:
- trunk/include
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/config_default.inc.php
r24951 r25117 668 668 // Maximum number of images to be returned foreach call to the web service 669 669 $conf['ws_max_images_per_page'] = 500; 670 671 // Maximum number of users to be returned foreach call to the web service 672 $conf['ws_max_users_per_page'] = 1000; 670 673 671 674 // Display a link to subscribe to Piwigo Announcements Newsletter -
trunk/include/ws_functions.inc.php
r25115 r25117 464 464 } 465 465 $order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by; 466 467 $params['per_page'] = (int)$params['per_page'];468 $params['page'] = (int)$params['page'];469 466 470 467 $query = ' … … 3144 3141 return $result; 3145 3142 } 3143 3144 /** 3145 * API method 3146 * Returns the list of groups 3147 * @param mixed[] $params 3148 * @option int[] group_id (optional) 3149 * @option string name (optional) 3150 */ 3151 function ws_groups_getList($params, &$service) 3152 { 3153 $where_clauses = array('1=1'); 3154 3155 if (!empty($params['name'])) 3156 { 3157 $where_clauses[] = 'LOWER(name) LIKE \''. pwg_db_real_escape_string($params['name']) .'\''; 3158 } 3159 3160 if (!empty($params['group_id'])) 3161 { 3162 $where_clauses[] = 'id IN('. implode(',', $params['group_id']) .')'; 3163 } 3164 3165 $query = ' 3166 SELECT 3167 g.*, 3168 COUNT(user_id) AS nb_users 3169 FROM '.GROUPS_TABLE.' AS g 3170 LEFT JOIN '.USER_GROUP_TABLE.' AS ug 3171 ON ug.group_id = g.id 3172 WHERE '. implode(' AND ', $where_clauses) .' 3173 GROUP BY id 3174 ORDER BY '.$params['order'].' 3175 LIMIT '.$params['per_page'].' 3176 OFFSET '.($params['per_page']*$params['page']).' 3177 ;'; 3178 3179 $groups = array_from_query($query); 3180 3181 return array( 3182 'paging' => new PwgNamedStruct(array( 3183 'page' => $params['page'], 3184 'per_page' => $params['per_page'], 3185 'count' => count($groups) 3186 )), 3187 'groups' => new PwgNamedArray($groups, 'group') 3188 ); 3189 } 3190 3191 /** 3192 * API method 3193 * Adds a group 3194 * @param mixed[] $params 3195 * @option string name 3196 * @option bool is_default 3197 */ 3198 function ws_groups_add($params, &$service) 3199 { 3200 $params['name'] = pwg_db_real_escape_string($params['name']); 3201 3202 // is the name not already used ? 3203 $query = ' 3204 SELECT COUNT(*) 3205 FROM '.GROUPS_TABLE.' 3206 WHERE name = \''.$params['name'].'\' 3207 ;'; 3208 list($count) = pwg_db_fetch_row(pwg_query($query)); 3209 if ($count != 0) 3210 { 3211 return new PwgError(WS_ERR_INVALID_PARAM, 'This name is already used by another group.'); 3212 } 3213 3214 // creating the group 3215 single_insert( 3216 GROUPS_TABLE, 3217 array( 3218 'name' => $params['name'], 3219 'is_default' => $params['is_default'], 3220 ) 3221 ); 3222 3223 return $service->invoke('pwg.groups.getList', array('group_id' => pwg_db_insert_id())); 3224 } 3225 3226 /** 3227 * API method 3228 * Deletes a group 3229 * @param mixed[] $params 3230 * @option int[] group_id 3231 */ 3232 function ws_groups_delete($params, &$service) 3233 { 3234 $group_id_string = implode(',', $params['group_id']); 3235 3236 // destruction of the access linked to the group 3237 $query = ' 3238 DELETE 3239 FROM '.GROUP_ACCESS_TABLE.' 3240 WHERE group_id IN('. $group_id_string .') 3241 ;'; 3242 pwg_query($query); 3243 3244 // destruction of the users links for this group 3245 $query = ' 3246 DELETE 3247 FROM '.USER_GROUP_TABLE.' 3248 WHERE group_id IN('. $group_id_string .') 3249 ;'; 3250 pwg_query($query); 3251 3252 $query = ' 3253 SELECT name 3254 FROM '.GROUPS_TABLE.' 3255 WHERE id IN('. $group_id_string .') 3256 ;'; 3257 $groupnames = array_from_query($query, 'name'); 3258 3259 // destruction of the group 3260 $query = ' 3261 DELETE 3262 FROM '.GROUPS_TABLE.' 3263 WHERE id IN('. $group_id_string .') 3264 ;'; 3265 pwg_query($query); 3266 3267 return new PwgNamedArray($groupnames, 'group_deleted'); 3268 } 3269 3270 /** 3271 * API method 3272 * Updates a group 3273 * @param mixed[] $params 3274 * @option int group_id 3275 * @option string name (optional) 3276 * @option bool is_default (optional) 3277 */ 3278 function ws_groups_setInfo($params, &$service) 3279 { 3280 $updates = array(); 3281 3282 // does the group exist ? 3283 $query = ' 3284 SELECT COUNT(*) 3285 FROM '.GROUPS_TABLE.' 3286 WHERE id = '.$params['group_id'].' 3287 ;'; 3288 list($count) = pwg_db_fetch_row(pwg_query($query)); 3289 if ($count == 0) 3290 { 3291 return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.'); 3292 } 3293 3294 if (!empty($params['name'])) 3295 { 3296 $params['name'] = pwg_db_real_escape_string($params['name']); 3297 3298 // is the name not already used ? 3299 $query = ' 3300 SELECT COUNT(*) 3301 FROM '.GROUPS_TABLE.' 3302 WHERE name = \''.$params['name'].'\' 3303 ;'; 3304 list($count) = pwg_db_fetch_row(pwg_query($query)); 3305 if ($count != 0) 3306 { 3307 return new PwgError(WS_ERR_INVALID_PARAM, 'This name is already used by another group.'); 3308 } 3309 3310 $updates['name'] = $params['name']; 3311 } 3312 3313 if ($params['is_default'] !== null) 3314 { 3315 $updates['is_default'] = $params['is_default']; 3316 } 3317 3318 single_update( 3319 GROUPS_TABLE, 3320 $updates, 3321 array('id' => $params['group_id']) 3322 ); 3323 3324 return $service->invoke('pwg.groups.getList', array('group_id' => $params['group_id'])); 3325 } 3326 3327 /** 3328 * API method 3329 * Adds user(s) to a group 3330 * @param mixed[] $params 3331 * @option int group_id 3332 * @option int[] user_id 3333 */ 3334 function ws_groups_addUser($params, &$service) 3335 { 3336 // does the group exist ? 3337 $query = ' 3338 SELECT COUNT(*) 3339 FROM '.GROUPS_TABLE.' 3340 WHERE id = '.$params['group_id'].' 3341 ;'; 3342 list($count) = pwg_db_fetch_row(pwg_query($query)); 3343 if ($count == 0) 3344 { 3345 return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.'); 3346 } 3347 3348 $inserts = array(); 3349 foreach ($params['user_id'] as $user_id) 3350 { 3351 $inserts[] = array( 3352 'group_id' => $params['group_id'], 3353 'user_id' => $user_id, 3354 ); 3355 } 3356 3357 mass_inserts( 3358 USER_GROUP_TABLE, 3359 array('group_id', 'user_id'), 3360 $inserts, 3361 array('ignore'=>true) 3362 ); 3363 3364 return $service->invoke('pwg.users.getList', array('group_id' => $params['group_id'])); 3365 } 3366 3367 /** 3368 * API method 3369 * Removes user(s) from a group 3370 * @param mixed[] $params 3371 * @option int group_id 3372 * @option int[] user_id 3373 */ 3374 function ws_groups_deleteUser($params, &$service) 3375 { 3376 // does the group exist ? 3377 $query = ' 3378 SELECT COUNT(*) 3379 FROM '.GROUPS_TABLE.' 3380 WHERE id = '.$params['group_id'].' 3381 ;'; 3382 list($count) = pwg_db_fetch_row(pwg_query($query)); 3383 if ($count == 0) 3384 { 3385 return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.'); 3386 } 3387 3388 $query = ' 3389 DELETE FROM '.USER_GROUP_TABLE.' 3390 WHERE 3391 group_id = '.$params['group_id'].' 3392 AND user_id IN('. implode(',', $params['user_id']) .') 3393 ;'; 3394 pwg_query($query); 3395 3396 return $service->invoke('pwg.users.getList', array('group_id' => $params['group_id'])); 3397 } 3398 3399 /** 3400 * API method 3401 * Returns a list of users 3402 * @param mixed[] $params 3403 * @option int[] user_id (optional) 3404 * @option string username (optional) 3405 * @option string[] status (optional) 3406 * @option int min_level (optional) 3407 * @option int[] group_id (optional) 3408 * @option int per_page 3409 * @option int page 3410 * @option string order 3411 */ 3412 function ws_users_getList($params, &$service) 3413 { 3414 global $conf; 3415 3416 $where_clauses = array('1=1'); 3417 3418 if (!empty($params['user_id'])) 3419 { 3420 $where_clauses[] = 'u.'.$conf['user_fields']['id'].' IN('. implode(',', $params['user_id']) .')'; 3421 } 3422 3423 if (!empty($params['username'])) 3424 { 3425 $where_clauses[] = 'u.'.$conf['user_fields']['username'].' LIKE \''.pwg_db_real_escape_string($params['username']).'\''; 3426 } 3427 3428 if (!empty($params['status'])) 3429 { 3430 $params['status'] = array_intersect($params['status'], get_enums(USER_INFOS_TABLE, 'status')); 3431 if (count($params['status']) > 0) 3432 { 3433 $where_clauses[] = 'ui.status IN("'. implode('","', $params['status']) .'")'; 3434 } 3435 } 3436 3437 if (!empty($params['min_level'])) 3438 { 3439 if ( !in_array($params['min_level'], $conf['available_permission_levels']) ) 3440 { 3441 return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level'); 3442 } 3443 $where_clauses[] = 'ui.level >= '.$params['min_level']; 3444 } 3445 3446 if (!empty($params['group_id'])) 3447 { 3448 $where_clauses[] = 'ug.group_id IN('. implode(',', $params['group_id']) .')'; 3449 } 3450 3451 $query = ' 3452 SELECT DISTINCT 3453 u.'.$conf['user_fields']['id'].' AS id, 3454 u.'.$conf['user_fields']['username'].' AS username, 3455 u.'.$conf['user_fields']['email'].' AS email, 3456 ui.status, 3457 ui.level, 3458 "" AS groups 3459 FROM '.USERS_TABLE.' AS u 3460 INNER JOIN '.USER_INFOS_TABLE.' AS ui 3461 ON u.'.$conf['user_fields']['id'].' = ui.user_id 3462 LEFT JOIN '.USER_GROUP_TABLE.' AS ug 3463 ON u.'.$conf['user_fields']['id'].' = ug.user_id 3464 WHERE 3465 '. implode(' AND ', $where_clauses) .' 3466 ORDER BY '.$params['order'].' 3467 LIMIT '.$params['per_page'].' 3468 OFFSET '.($params['per_page']*$params['page']).' 3469 ;'; 3470 3471 $users = hash_from_query($query, 'id'); 3472 3473 if (count($users) > 0) 3474 { 3475 $query = ' 3476 SELECT user_id, group_id 3477 FROM '.USER_GROUP_TABLE.' 3478 WHERE user_id IN ('.implode(',', array_keys($users)).') 3479 ;'; 3480 $result = pwg_query($query); 3481 3482 while ($row = pwg_db_fetch_assoc($result)) 3483 { 3484 $users[ $row['user_id'] ]['groups'][] = $row['group_id']; 3485 } 3486 } 3487 3488 return array( 3489 'paging' => new PwgNamedStruct(array( 3490 'page' => $params['page'], 3491 'per_page' => $params['per_page'], 3492 'count' => count($users) 3493 )), 3494 'users' => new PwgNamedArray(array_values($users), 'user') 3495 ); 3496 } 3497 3498 /** 3499 * API method 3500 * Adds a user 3501 * @param mixed[] $params 3502 * @option string username 3503 * @option string password (optional) 3504 * @option string email (optional) 3505 */ 3506 function ws_users_add($params, &$service) 3507 { 3508 $user_id = register_user($params['username'], $params['password'], $params['email'], false, $errors); 3509 3510 if (!$user_id) 3511 { 3512 return new PwgError(WS_ERR_INVALID_PARAM, $errors[0]); 3513 } 3514 3515 return $service->invoke('pwg.users.getList', array('user_id'=>$user_id)); 3516 } 3517 3518 /** 3519 * API method 3520 * Deletes users 3521 * @param mixed[] $params 3522 * @option int[] user_id 3523 */ 3524 function ws_users_delete($params, &$service) 3525 { 3526 global $conf, $user; 3527 3528 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 3529 3530 // protect some users 3531 $params['user_id'] = array_diff($params['user_id'], array($user['id'], 3532 $conf['guest_id'], 3533 $conf['default_user_id'], 3534 $conf['webmaster_id'])); 3535 3536 foreach ($params['user_id'] as $user_id) 3537 { 3538 delete_user($user_id); 3539 } 3540 3541 return l10n_dec( 3542 '%d user deleted', '%d users deleted', 3543 count($params['user_id']) 3544 ); 3545 } 3546 3547 /** 3548 * API method 3549 * @param mixed[] $params 3550 * @option int user_id 3551 * @option string username (optional) 3552 * @option string password (optional) 3553 * @option string email (optional) 3554 */ 3555 function ws_users_setInfo($params, &$service) 3556 { 3557 global $conf; 3558 3559 include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); 3560 3561 if (get_username($params['user_id']) === false) 3562 { 3563 return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.'); 3564 } 3565 3566 $updates = array(); 3567 $params = array_map('trim', $params); 3568 3569 if (!empty($params['username'])) 3570 { 3571 $user_id = get_userid($params['username']); 3572 if ($user_id and $user_id != $params['user_id']) 3573 { 3574 return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used')); 3575 } 3576 if ($params['username'] != strip_tags($params['username'])) 3577 { 3578 return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login')); 3579 } 3580 $updates[ $conf['user_fields']['username'] ] = $params['username']; 3581 } 3582 3583 if (!empty($params['email'])) 3584 { 3585 if ( ($error = validate_mail_address($params['user_id'], $params['email'])) != '') 3586 { 3587 return new PwgError(WS_ERR_INVALID_PARAM, $error); 3588 } 3589 $updates[ $conf['user_fields']['email'] ] = $params['email']; 3590 } 3591 3592 if (!empty($params['password'])) 3593 { 3594 $updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']); 3595 } 3596 3597 single_update( 3598 USERS_TABLE, 3599 $updates, 3600 array($conf['user_fields']['id'] => $params['user_id']) 3601 ); 3602 3603 return $service->invoke('pwg.users.getList', array('user_id' => $params['user_id'])); 3604 } 3605 3146 3606 ?>
Note: See TracChangeset
for help on using the changeset viewer.