Changeset 9913

Timestamp:

03/29/11 12:52:44 (2 years ago)

Author:

plg

Message:

merge back r9743, wrong method to merge a commit from trunk to branch 2.1

Location:

branches/2.1/include

Files:

• ws_core.inc.php (modified) (2 diffs)
• ws_functions.inc.php (modified) (24 diffs)

branches/2.1/include/ws_core.inc.php

@@ -1 +1 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
@@ -372 +372 @@
     @header('Content-Type: '.$contentType.'; charset='.get_pwg_charset());
     print_r($encodedResponse);
-    trigger_action('sendResponse', $encodedResponse );
   }
 

branches/2.1/include/ws_functions.inc.php

@@ -1 +1 @@
 <?php
 // +-----------------------------------------------------------------------+
-// | Piwigo - a PHP based photo gallery                                    |
+// | Piwigo - a PHP based picture gallery                                  |
 // +-----------------------------------------------------------------------+
-// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
+// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
 // | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
 // | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
@@ -69 +69 @@
     $clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
   }
-  if ( isset($params['f_min_date_available']) )
-  {
-    $clauses[] = $tbl_name."date_available>='".$params['f_min_date_available']."'";
-  }
-  if ( isset($params['f_max_date_available']) )
-  {
-    $clauses[] = $tbl_name."date_available<'".$params['f_max_date_available']."'";
+  if ( isset($params['f_min_date_posted']) )
+  {
+    $clauses[] = $tbl_name."date_available>='".$params['f_min_date_posted']."'";
+  }
+  if ( isset($params['f_max_date_posted']) )
+  {
+    $clauses[] = $tbl_name."date_available<'".$params['f_max_date_posted']."'";
   }
   if ( isset($params['f_min_date_created']) )
@@ -176 +176 @@
 {
   global $conf;
-  if ($conf['show_version'] or is_admin() )
+  if ($conf['show_version'])
     return PHPWG_VERSION;
   else
@@ -743 +743 @@
   {
     $comment_post_data['author'] = stripslashes($user['username']);
-    $comment_post_data['key'] = get_ephemeral_key(2, $params['image_id']);
+    $comment_post_data['key'] = get_comment_post_key($params['image_id']);
   }
 
@@ -893 +893 @@
 function ws_images_setPrivacyLevel($params, &$service)
 {
-  if (!is_admin())
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -936 +936 @@
   // position
 
-  if (!is_admin())
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -1077 +1077 @@
 function add_file($file_path, $type, $original_sum, $file_sum)
 {
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
-  
   $file_path = file_path_for_type($file_path, $type);
 
@@ -1142 +1140 @@
 
   global $conf;
-  if (!is_admin())
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -1210 +1208 @@
 function ws_images_add($params, &$service)
 {
-  global $conf, $user;
-  if (!is_admin())
+  global $conf;
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -1285 +1283 @@
     'height' => $file_infos['height'],
     'md5sum' => $params['original_sum'],
-    'added_by' => $user['id'],
     );
 
@@ -1339 +1336 @@
   
   invalidate_user_cache();
-}
-
-function ws_images_addSimple($params, &$service)
-{
-  global $conf;
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (!$service->isPost())
-  {
-    return new PwgError(405, "This method requires HTTP POST");
-  }
-  
-  $params['image_id'] = (int)$params['image_id'];
-  if ($params['image_id'] > 0)
-  {
-    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-
-    $query='
-SELECT *
-  FROM '.IMAGES_TABLE.'
-  WHERE id = '.$params['image_id'].'
-;';
-
-    $image_row = pwg_db_fetch_assoc(pwg_query($query));
-    if ($image_row == null)
-    {
-      return new PwgError(404, "image_id not found");
-    }
-  }
-
-  // category
-  $params['category'] = (int)$params['category'];
-  if ($params['category'] <= 0 and $params['image_id'] <= 0)
-  {
-    return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
-  }
-
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
-  prepare_upload_configuration();
-
-  $image_id = add_uploaded_file(
-    $_FILES['image']['tmp_name'],
-    $_FILES['image']['name'],
-    $params['category'] > 0 ? array($params['category']) : null,
-    8,
-    $params['image_id'] > 0 ? $params['image_id'] : null
-    );
-
-  $info_columns = array(
-    'name',
-    'author',
-    'comment',
-    'level',
-    'date_creation',
-    );
-
-  foreach ($info_columns as $key)
-  {
-    if (isset($params[$key]))
-    {
-      $update[$key] = $params[$key];
-    }
-  }
-
-  if (count(array_keys($update)) > 0)
-  {
-    $update['id'] = $image_id;
-
-    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-    mass_updates(
-      IMAGES_TABLE,
-      array(
-        'primary' => array('id'),
-        'update'  => array_diff(array_keys($update), array('id'))
-        ),
-      array($update)
-      );
-  }
-
-
-  if (isset($params['tags']) and !empty($params['tags']))
-  {
-    $tag_ids = array();
-    $tag_names = explode(',', $params['tags']);
-    foreach ($tag_names as $tag_name)
-    {
-      $tag_id = tag_id_from_tag_name($tag_name);
-      array_push($tag_ids, $tag_id);
-    }
-
-    add_tags($tag_ids, array($image_id));
-  }
-
-  $url_params = array('image_id' => $image_id);
-
-  if ($params['category'] > 0)
-  {
-    $query = '
-SELECT id, name, permalink
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id = '.$params['category'].'
-;';
-    $result = pwg_query($query);
-    $category = pwg_db_fetch_assoc($result);
-
-    $url_params['section'] = 'categories';
-    $url_params['category'] = $category;
-  }
-
-  return array(
-    'image_id' => $image_id,
-    'url' => make_picture_url($url_params),
-    );
 }
 
@@ -1580 +1461 @@
 
 
-  $where_clauses = ws_std_image_sql_filter($params);
-  if (!empty($where_clauses))
-  {
-    $where_clauses = implode( ' AND ', $where_clauses);
-  }
-  $image_ids = get_image_ids_for_tags(
-    $tag_ids,
-    $params['tag_mode_and'] ? 'AND' : 'OR',
-    $where_clauses,
-    ws_std_image_sql_order($params) );
-
-
-  $image_ids = array_slice($image_ids, (int)($params['per_page']*$params['page']), (int)$params['per_page'] );
-  
+  $image_ids = array();
   $image_tag_map = array();
-  if ( !empty($image_ids) and !$params['tag_mode_and'] )
+
+  if ( !empty($tag_ids) )
   { // build list of image ids with associated tags per image
-    $query = '
+    if ($params['tag_mode_and'])
+    {
+      $image_ids = get_image_ids_for_tags( $tag_ids );
+    }
+    else
+    {
+      $query = '
 SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
   FROM '.IMAGE_TAG_TABLE.'
-  WHERE tag_id IN ('.implode(',',$tag_ids).') AND image_id IN ('.implode(',',$image_ids).')
+  WHERE tag_id IN ('.implode(',',$tag_ids).')
   GROUP BY image_id';
+      $result = pwg_query($query);
+      while ( $row=pwg_db_fetch_assoc($result) )
+      {
+        $row['image_id'] = (int)$row['image_id'];
+        array_push( $image_ids, $row['image_id'] );
+        $image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
+      }
+    }
+  }
+
+  $images = array();
+  if ( !empty($image_ids))
+  {
+    $where_clauses = ws_std_image_sql_filter($params);
+    $where_clauses[] = get_sql_condition_FandF(
+        array
+          (
+            'forbidden_categories' => 'category_id',
+            'visible_categories' => 'category_id',
+            'visible_images' => 'i.id'
+          ),
+        '', true
+      );
+    $where_clauses[] = 'id IN ('.implode(',',$image_ids).')';
+
+    $order_by = ws_std_image_sql_order($params);
+    if (empty($order_by))
+    {
+      $order_by = $conf['order_by'];
+    }
+    else
+    {
+      $order_by = 'ORDER BY '.$order_by;
+    }
+
+    $query = '
+SELECT DISTINCT i.* FROM '.IMAGES_TABLE.' i
+  INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
+  WHERE '. implode('
+    AND ', $where_clauses).'
+'.$order_by.'
+LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
+
     $result = pwg_query($query);
-    while ( $row=pwg_db_fetch_assoc($result) )
-    {
-      $row['image_id'] = (int)$row['image_id'];
-      array_push( $image_ids, $row['image_id'] );
-      $image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
-    }
-  }
-
-  $images = array();
-  if (!empty($image_ids))
-  {
-    $rank_of = array_flip($image_ids);
-    $result = pwg_query('
-SELECT * FROM '.IMAGES_TABLE.'
-  WHERE id IN ('.implode(',',$image_ids).')');
     while ($row = pwg_db_fetch_assoc($result))
     {
       $image = array();
-      $image['rank'] = $rank_of[ $row['id'] ];
       foreach ( array('id', 'width', 'height', 'hit') as $k )
       {
@@ -1665 +1567 @@
       array_push($images, $image);
     }
-    usort($images, 'rank_compare');
-    unset($rank_of);
   }
 
@@ -1685 +1585 @@
 function ws_categories_add($params, &$service)
 {
-  if (!is_admin())
+  if (!is_admin() or is_adviser())
   {
     return new PwgError(401, 'Access denied');
@@ -1709 +1609 @@
 function ws_tags_add($params, &$service)
 {
-  if (!is_admin())
+  if (!is_admin() or is_adviser())
   {
     return new PwgError(401, 'Access denied');
@@ -1730 +1630 @@
   global $conf;
   
-  if (!is_admin())
+  if (!is_admin() or is_adviser())
   {
     return new PwgError(401, 'Access denied');
@@ -1806 +1706 @@
 function ws_images_checkFiles($params, &$service)
 {
-  if (!is_admin())
+  if (!is_admin() or is_adviser())
   {
     return new PwgError(401, 'Access denied');
@@ -1845 +1745 @@
 
     if (isset($params[$param_name.'_sum'])) {
-      include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
       $type_path = file_path_for_type($path, $type);
       if (!is_file($type_path)) {
@@ -1864 +1763 @@
 }
 
+function file_path_for_type($file_path, $type='thumb')
+{
+  // resolve the $file_path depending on the $type
+  if ('thumb' == $type) {
+    $file_path = get_thumbnail_location(
+      array(
+        'path' => $file_path,
+        'tn_ext' => 'jpg',
+        )
+      );
+  }
+
+  if ('high' == $type) {
+    @include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
+    $file_path = get_high_location(
+      array(
+        'path' => $file_path,
+        'has_high' => 'true'
+        )
+      );
+  }
+
+  return $file_path;
+}
+
 function ws_images_setInfo($params, &$service)
 {
   global $conf;
-  if (!is_admin())
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -1993 +1917 @@
 }
 
-function ws_images_delete($params, &$service)
-{
-  global $conf;
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (!$service->isPost())
-  {
-    return new PwgError(405, "This method requires HTTP POST");
-  }
-
-  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
-  {
-    return new PwgError(403, 'Invalid security token');
-  }
-
-  $params['image_id'] = preg_split(
-    '/[\s,;\|]/',
-    $params['image_id'],
-    -1,
-    PREG_SPLIT_NO_EMPTY
-    );
-  $params['image_id'] = array_map('intval', $params['image_id']);
-
-  $image_ids = array();
-  foreach ($params['image_id'] as $image_id)
-  {
-    if ($image_id > 0)
-    {
-      array_push($image_ids, $image_id);
-    }
-  }
-
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-  delete_elements($image_ids, true);
-}
-
 function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
 {
@@ -2189 +2074 @@
 {
   global $conf;
-  if (!is_admin())
+  if (!is_admin() || is_adviser() )
   {
     return new PwgError(401, 'Access denied');
@@ -2244 +2129 @@
 }
 
-function ws_categories_delete($params, &$service)
-{
-  global $conf;
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (!$service->isPost())
-  {
-    return new PwgError(405, "This method requires HTTP POST");
-  }
-
-  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
-  {
-    return new PwgError(403, 'Invalid security token');
-  }
-
-  $modes = array('no_delete', 'delete_orphans', 'force_delete');
-  if (!in_array($params['photo_deletion_mode'], $modes))
-  {
-    return new PwgError(
-      500,
-      '[ws_categories_delete]'
-      .' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
-      .', possible values are {'.implode(', ', $modes).'}.'
-      );
-  }
-
-  $params['category_id'] = preg_split(
-    '/[\s,;\|]/',
-    $params['category_id'],
-    -1,
-    PREG_SPLIT_NO_EMPTY
-    );
-  $params['category_id'] = array_map('intval', $params['category_id']);
-
-  $category_ids = array();
-  foreach ($params['category_id'] as $category_id)
-  {
-    if ($category_id > 0)
-    {
-      array_push($category_ids, $category_id);
-    }
-  }
-
-  if (count($category_ids) == 0)
-  {
-    return;
-  }
-
-  $query = '
-SELECT id
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.implode(',', $category_ids).')
-;';
-  $category_ids = array_from_query($query, 'id');
-
-  if (count($category_ids) == 0)
-  {
-    return;
-  }
-  
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-  delete_categories($category_ids, $params['photo_deletion_mode']);
-  update_global_rank();
-}
-
-function ws_categories_move($params, &$service)
-{
-  global $conf, $page;
-  
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (!$service->isPost())
-  {
-    return new PwgError(405, "This method requires HTTP POST");
-  }
-
-  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
-  {
-    return new PwgError(403, 'Invalid security token');
-  }
-
-  $params['category_id'] = preg_split(
-    '/[\s,;\|]/',
-    $params['category_id'],
-    -1,
-    PREG_SPLIT_NO_EMPTY
-    );
-  $params['category_id'] = array_map('intval', $params['category_id']);
-
-  $category_ids = array();
-  foreach ($params['category_id'] as $category_id)
-  {
-    if ($category_id > 0)
-    {
-      array_push($category_ids, $category_id);
-    }
-  }
-
-  if (count($category_ids) == 0)
-  {
-    return new PwgError(403, 'Invalid category_id input parameter, no category to move');
-  }
-
-  // we can't move physical categories
-  $categories_in_db = array();
-  
-  $query = '
-SELECT
-    id,
-    name,
-    dir
-  FROM '.CATEGORIES_TABLE.'
-  WHERE id IN ('.implode(',', $category_ids).')
-;';
-  $result = pwg_query($query);
-  while ($row = pwg_db_fetch_assoc($result))
-  {
-    $categories_in_db[$row['id']] = $row;
-    // we break on error at first physical category detected
-    if (!empty($row['dir']))
-    {
-      $row['name'] = strip_tags(
-        trigger_event(
-          'render_category_name',
-          $row['name'],
-          'ws_categories_move'
-          )
-        );
-      
-      return new PwgError(
-        403,
-        sprintf(
-          'Category %s (%u) is not a virtual category, you cannot move it',
-          $row['name'],
-          $row['id']
-          )
-        );
-    }
-  }
-
-  if (count($categories_in_db) != count($category_ids))
-  {
-    $unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
-    
-    return new PwgError(
-      403,
-      sprintf(
-        'Category %u does not exist',
-        $unknown_category_ids[0]
-        )
-      );
-  }
-
-  // does this parent exists? This check should be made in the
-  // move_categories function, not here
-  //
-  // 0 as parent means "move categories at gallery root"
-  if (!is_numeric($params['parent']))
-  {
-    return new PwgError(403, 'Invalid parent input parameter');
-  }
-  
-  if (0 != $params['parent']) {
-    $params['parent'] = intval($params['parent']);
-    $subcat_ids = get_subcat_ids(array($params['parent']));
-    if (count($subcat_ids) == 0)
-    {
-      return new PwgError(403, 'Unknown parent category id');
-    }
-  }
-
-  $page['infos'] = array();
-  $page['errors'] = array();
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
-  move_categories($category_ids, $params['parent']);
-  invalidate_user_cache();
-
-  if (count($page['errors']) != 0)
-  {
-    return new PwgError(403, implode('; ', $page['errors']));
-  }
-}
-
 function ws_logfile($string)
 {
@@ -2452 +2148 @@
   global $conf;
 
-  if (!is_admin())
+  if (!is_admin() or is_adviser())
   {
     return new PwgError(401, 'Access denied');
   }
 
-  include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
   $ret['message'] = ready_for_upload_message();
   $ret['ready_for_upload'] = true;
@@ -2469 +2164 @@
 }
 
-function ws_plugins_getList($params, &$service)
+function ready_for_upload_message()
 {
   global $conf;
-  
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
-  $plugins = new plugins();
-  $plugins->sort_fs_plugins('name');
-  $plugin_list = array();
-
-  foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
-  {
-    if (isset($plugins->db_plugins_by_id[$plugin_id]))
-    {
-      $state = $plugins->db_plugins_by_id[$plugin_id]['state'];
-    }
-    else
-    {
-      $state = 'uninstalled';
-    }
-
-    array_push(
-      $plugin_list,
-      array(
-        'id' => $plugin_id,
-        'name' => $fs_plugin['name'],
-        'version' => $fs_plugin['version'],
-        'state' => $state,
-        'description' => $fs_plugin['description'],
-        )
-      );
-  }
-
-  return $plugin_list;
-}
-
-function ws_plugins_performAction($params, &$service)
-{
-  global $template;
-  
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
-  {
-    return new PwgError(403, 'Invalid security token');
-  }
-
-  define('IN_ADMIN', true);
-  include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
-  $plugins = new plugins();
-  $errors = $plugins->perform_action($params['action'], $params['plugin']);
-
-  
-  if (!empty($errors))
-  {
-    return new PwgError(500, $errors);
+
+  $relative_dir = preg_replace('#^'.PHPWG_ROOT_PATH.'#', '', $conf['upload_dir']);
+
+  if (!is_dir($conf['upload_dir']))
+  {
+    if (!is_writable(dirname($conf['upload_dir'])))
+    {
+      return sprintf(
+        l10n('Create the "%s" directory at the root of your Piwigo installation'),
+        $relative_dir
+        );
+    }
   }
   else
   {
-    if (in_array($params['action'], array('activate', 'deactivate')))
-    {
-      $template->delete_compiled_templates();
-    }
-    return true;
-  }
-}
-
-function ws_themes_performAction($params, &$service)
-{
-  global $template;
-  
-  if (!is_admin())
-  {
-    return new PwgError(401, 'Access denied');
-  }
-
-  if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
-  {
-    return new PwgError(403, 'Invalid security token');
-  }
-
-  define('IN_ADMIN', true);
-  include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
-  $themes = new themes();
-  $errors = $themes->perform_action($params['action'], $params['theme']);
-  
-  if (!empty($errors))
-  {
-    return new PwgError(500, $errors);
-  }
-  else
-  {
-    if (in_array($params['action'], array('activate', 'deactivate')))
-    {
-      $template->delete_compiled_templates();
-    }
-    return true;
-  }
+    if (!is_writable($conf['upload_dir']))
+    {
+      @chmod($conf['upload_dir'], 0777);
+      
+      if (!is_writable($conf['upload_dir']))
+      {
+        return sprintf(
+          l10n('Give write access (chmod 777) to "%s" directory at the root of your Piwigo installation'),
+          $relative_dir
+          );
+      }
+    }
+  }
+
+  return null;
 }
 ?>