source: extensions/Icy_Picture_Modify/icy_picture_modify.php @ 13281

Last change on this file since 13281 was 12818, checked in by icy, 13 years ago

Merge branch 'master' into svn

File size: 18.2 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25if (!defined('ICY_PICTURE_MODIFY_PATH')) die('Hacking attempt!');
26
27include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
28include_once(ICY_PICTURE_MODIFY_PATH.'include/functions_icy_picture_modify.inc.php');
29
30global $template, $conf, $user, $page, $lang, $cache;
31
32// <admin.php>
33$page['errors'] = array();
34$page['infos']  = array();
35$page['warnings']  = array();
36// </admin.php>
37
38// +-----------------------------------------------------------------------+
39// |                             check permission                          |
40// +-----------------------------------------------------------------------+
41
42// redirect users to the index page or category page if 'image_id' isn't provided
43if (!isset($_GET['image_id']))
44{
45  if (isset($_GET['cat_id']))
46  {
47    redirect_http(get_root_url().'?/category/'.$_GET['cat_id']);
48  }
49  else
50  {
51    // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
52    redirect_http(make_index_url());
53  }
54}
55
56check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
57check_input_parameter('image_id', $_GET, false, PATTERN_ID);
58
59// Simplify redirect to administrator page if current user == admin
60if (is_admin())
61{
62  if (icy_does_image_exist($_GET['image_id']))
63  {
64    $url = get_root_url().'admin.php?page=picture_modify';
65    $url.= '&amp;image_id='.$_GET['image_id'];
66    $url.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
67    // FIXME: What happens if a POST data were sent within admin uid?
68    redirect_http($url);
69  }
70  else
71  {
72    bad_request('invalid picture identifier');
73  }
74}
75elseif (!icy_check_image_owner($_GET['image_id'], $user['id']))
76{
77  $url = make_picture_url(
78      array(
79        'image_id' => $_GET['image_id'],
80        'cat_id' => isset($_GET['cat_id']) ? $_GET['cat_id'] : ""
81      )
82    );
83  // FIXME: $_SESSION['page_infos'] = array(l10n('Permission denied'));
84  redirect_http($url);
85}
86
87// Update the page sessions
88if (isset($_SESSION['page_infos']))
89{
90  $page['infos'] = array_merge($page['infos'], $_SESSION['page_infos']);
91  unset($_SESSION['page_infos']);
92}
93
94// <find writable categories>
95
96// * Purpose: Find all categories that are reachable for the current user.
97// * FIXME:   This query will include all readable categories, included
98//            the ones user can't write to them.
99
100$my_categories = array();
101$my_permissions = null;
102$has_plugin_community = false;
103
104// <community support>
105if (is_file(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php'))
106{
107  include_once(PHPWG_PLUGINS_PATH.'community/include/functions_community.inc.php');
108  $has_plugin_community = true;
109
110  $user_permissions = community_get_user_permissions($user['id']);
111  $my_categories = $user_permissions['upload_categories'];
112}
113// </community support>
114
115if (($has_plugin_community == false) or $user_permissions['create_whole_gallery'])
116{
117  $query = '
118  SELECT category_id
119    FROM '.IMAGE_CATEGORY_TABLE.'
120  ;';
121
122  // list of categories to which the user can read
123  $my_categories = array_diff(
124    array_from_query($query, 'category_id'),
125    explode(',',calculate_permissions($user['id'], $user['status'])));
126}
127// </find writable categories>
128
129// +-----------------------------------------------------------------------+
130// |                             delete photo                              |
131// +-----------------------------------------------------------------------+
132
133if (isset($_GET['delete']))
134{
135  check_pwg_token();
136
137  delete_elements(array($_GET['image_id']), true);
138
139  // where to redirect the user now?
140  //
141  // 1. if a category is available in the URL, use it
142  // 2. else use the first reachable linked category
143  // 3. redirect to gallery root
144
145  if (isset($_GET['cat_id']) and !empty($_GET['cat_id']))
146  {
147    redirect(
148      make_index_url(
149        array(
150          'category' => get_cat_info($_GET['cat_id'])
151          )
152        )
153      );
154  }
155
156  $query = '
157SELECT category_id
158  FROM '.IMAGE_CATEGORY_TABLE.'
159  WHERE image_id = '.$_GET['image_id'].'
160;';
161
162  $authorizeds = array_intersect($my_categories,
163    array_from_query($query, 'category_id'));
164
165  foreach ($authorizeds as $category_id)
166  {
167    redirect(
168      make_index_url(
169        array(
170          'category' => get_cat_info($category_id)
171          )
172        )
173      );
174  }
175
176  redirect(make_index_url());
177}
178
179// +-----------------------------------------------------------------------+
180// |                          synchronize metadata                         |
181// +-----------------------------------------------------------------------+
182
183if (isset($_GET['sync_metadata']))
184{
185  $query = '
186SELECT path
187  FROM '.IMAGES_TABLE.'
188  WHERE id = '.$_GET['image_id'].'
189;';
190  list($path) = pwg_db_fetch_row(pwg_query($query));
191  update_metadata(array($_GET['image_id'] => $path));
192
193  array_push($page['infos'], l10n('Metadata synchronized from file'));
194}
195
196// +-----------------------------------------------------------------------+
197// |                          update informations                          |
198// +-----------------------------------------------------------------------+
199
200// first, we verify whether there is a mistake on the given creation date
201if (isset($_POST['date_creation_action'])
202    and 'set' == $_POST['date_creation_action'])
203{
204  if (!is_numeric($_POST['date_creation_year'])
205    or !checkdate(
206          $_POST['date_creation_month'],
207          $_POST['date_creation_day'],
208          $_POST['date_creation_year'])
209    )
210  {
211    array_push($page['errors'], l10n('wrong date'));
212  }
213}
214
215if (isset($_POST['submit']) and count($page['errors']) == 0)
216{
217  $data = array();
218  $data{'id'} = $_GET['image_id'];
219  $data{'name'} = $_POST['name'];
220  $data{'author'} = $_POST['author'];
221  $data['level'] = $_POST['level'];
222
223  if ($conf['allow_html_descriptions'])
224  {
225    $data{'comment'} = @$_POST['description'];
226  }
227  else
228  {
229    $data{'comment'} = strip_tags(@$_POST['description']);
230  }
231
232  if (isset($_POST['date_creation_action']))
233  {
234    if ('set' == $_POST['date_creation_action'])
235    {
236      $data{'date_creation'} = $_POST['date_creation_year']
237                                 .'-'.$_POST['date_creation_month']
238                                 .'-'.$_POST['date_creation_day'];
239    }
240    else if ('unset' == $_POST['date_creation_action'])
241    {
242      $data{'date_creation'} = '';
243    }
244  }
245
246  mass_updates(
247    IMAGES_TABLE,
248    array(
249      'primary' => array('id'),
250      'update' => array_diff(array_keys($data), array('id'))
251      ),
252    array($data)
253    );
254
255  // time to deal with tags
256  $tag_ids = array();
257  if (!empty($_POST['tags']))
258  {
259    $tag_ids = get_tag_ids($_POST['tags']);
260  }
261  set_tags($tag_ids, $_GET['image_id']);
262
263  array_push($page['infos'], l10n('Photo informations updated'));
264}
265
266// +-----------------------------------------------------------------------+
267// |                              associate                                |
268// +-----------------------------------------------------------------------+
269// associate the element to other categories than its storage category
270//
271if (isset($_POST['associate'])
272    and ($has_plugin_community == true)
273    and isset($_POST['cat_dissociated'])
274    and count($_POST['cat_dissociated']) > 0
275  )
276{
277  associate_images_to_categories(
278    array($_GET['image_id']),
279    array_intersect($_POST['cat_dissociated'], $my_categories)
280    );
281}
282
283
284// dissociate the element from categories (but not from its storage category)
285if (isset($_POST['dissociate'])
286    and ($has_plugin_community == true)
287    and isset($_POST['cat_associated'])
288    and count($_POST['cat_associated']) > 0
289  )
290{
291  $arr_dissociate = array_intersect($_POST['cat_associated'], $my_categories);
292  $query = '
293DELETE FROM '.IMAGE_CATEGORY_TABLE.'
294  WHERE image_id = '.$_GET['image_id'].'
295    AND category_id IN ('.implode(',', $arr_dissociate).')
296';
297  pwg_query($query);
298
299  update_category($arr_dissociate);
300}
301
302// +-----------------------------------------------------------------------+
303// |                              representation                           |
304// +-----------------------------------------------------------------------+
305
306// select the element to represent the given categories
307if (isset($_POST['elect'])
308    and ($has_plugin_community == true)
309    and isset($_POST['cat_dismissed'])
310    and count($_POST['cat_dismissed']) > 0
311  )
312{
313  $datas = array();
314  $arr_dimissed = array_intersect($_POST['cat_dismissed'], $my_categories);
315  if (count($arr_dimissed) > 0)
316  {
317    foreach ($arr_dimissed as $category_id)
318    {
319      array_push($datas,
320                 array('id' => $category_id,
321                       'representative_picture_id' => $_GET['image_id']));
322    }
323    $fields = array('primary' => array('id'),
324                    'update' => array('representative_picture_id'));
325    mass_updates(CATEGORIES_TABLE, $fields, $datas);
326  }
327}
328
329// dismiss the element as representant of the given categories
330if (isset($_POST['dismiss'])
331    and ($has_plugin_community == true)
332    and isset($_POST['cat_elected'])
333    and count($_POST['cat_elected']) > 0
334  )
335{
336  $arr_dismiss = array_intersect($_POST['cat_elected'], $my_categories);
337  if (count($arr_dismiss) > 0)
338  {
339    set_random_representant($arr_dismiss);
340  }
341}
342
343// +-----------------------------------------------------------------------+
344// |                             tagging support                           |
345// +-----------------------------------------------------------------------+
346
347if (version_compare(PHPWG_VERSION, '2.2.5', '<')) {
348  $q_tag_selection = "tag_id, name AS tag_name";
349  $q_tags = 'id AS tag_id, name AS tag_name';
350}
351else {
352  $q_tag_selection = "tag_id AS id, name";
353  $q_tags = 'id, name';
354}
355
356$query = '
357SELECT
358    '.$q_tag_selection.'
359  FROM '.IMAGE_TAG_TABLE.' AS it
360    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
361  WHERE image_id = '.$_GET['image_id'].'
362;';
363$tag_selection = get_taglist($query);
364
365$query = '
366SELECT
367    '.$q_tags.'
368  FROM '.TAGS_TABLE.'
369;';
370$tags = get_taglist($query);
371
372// retrieving direct information about picture
373$query = '
374SELECT *
375  FROM '.IMAGES_TABLE.'
376  WHERE id = '.$_GET['image_id'].'
377;';
378$row = pwg_db_fetch_assoc(pwg_query($query));
379
380// the physical storage directory contains the image
381$storage_category_id = null;
382if (!empty($row['storage_category_id']))
383{
384  $storage_category_id = $row['storage_category_id'];
385}
386
387$image_file = $row['file'];
388
389// +-----------------------------------------------------------------------+
390// |                             template init                             |
391// +-----------------------------------------------------------------------+
392
393$template->set_template_dir(ICY_PICTURE_MODIFY_PATH.'template/');
394$template->set_filenames(array('icy_picture_modify' => 'icy_picture_modify.tpl'));
395
396$admin_url_start = get_root_url().'index.php?/icy_picture_modify';
397$admin_url_start.= '&amp;image_id='.$_GET['image_id'];
398$admin_url_start.= isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '';
399
400$template->assign(
401  array(
402    'ICY_PICTURE_MODIFY_PATH' => ICY_PICTURE_MODIFY_PATH,
403    'ICY_ROOT_PATH' => realpath(dirname(PHPWG_PLUGINS_PATH)),
404    'tag_selection' => $tag_selection,
405    'tags' => $tags,
406    'U_SYNC' => $admin_url_start.'&amp;sync_metadata=1',
407    'U_DELETE' => $admin_url_start.'&amp;delete=1&amp;pwg_token='.get_pwg_token(),
408
409    'PATH'=>$row['path'],
410
411    'TN_SRC' => get_thumbnail_url($row),
412
413    'NAME' =>
414      isset($_POST['name']) ?
415        stripslashes($_POST['name']) : @$row['name'],
416
417    'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
418
419    'FILESIZE' => @$row['filesize'].' KB',
420
421    'REGISTRATION_DATE' => format_date($row['date_available']),
422
423    'AUTHOR' => htmlspecialchars(
424      isset($_POST['author'])
425        ? stripslashes($_POST['author'])
426        : @$row['author']
427      ),
428
429    'DESCRIPTION' =>
430      htmlspecialchars( isset($_POST['description']) ?
431        stripslashes($_POST['description']) : @$row['comment'] ),
432
433    'F_ACTION' =>
434        get_root_url() # .'index.php?/icy_picture_modify'
435        .get_query_string_diff(array('sync_metadata'))
436    )
437  );
438
439if ($row['has_high'] == 'true')
440{
441  $template->assign(
442    'HIGH_FILESIZE',
443    isset($row['high_filesize'])
444        ? $row['high_filesize'].' KB'
445        : l10n('unknown')
446    );
447}
448
449// image level options
450$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
451$template->assign(
452    array(
453      'level_options'=> get_privacy_level_options(),
454      'level_options_selected' => array($selected_level)
455    )
456  );
457
458// creation date
459unset($day, $month, $year);
460
461if (isset($_POST['date_creation_action'])
462    and 'set' == $_POST['date_creation_action'])
463{
464  foreach (array('day', 'month', 'year') as $varname)
465  {
466    $$varname = $_POST['date_creation_'.$varname];
467  }
468}
469else if (isset($row['date_creation']) and !empty($row['date_creation']))
470{
471  list($year, $month, $day) = explode('-', $row['date_creation']);
472}
473else
474{
475  list($year, $month, $day) = array('', 0, 0);
476}
477
478
479$month_list = $lang['month'];
480$month_list[0]='------------';
481ksort($month_list);
482
483$template->assign(
484    array(
485      'DATE_CREATION_DAY_VALUE' => $day,
486      'DATE_CREATION_MONTH_VALUE' => $month,
487      'DATE_CREATION_YEAR_VALUE' => $year,
488      'month_list' => $month_list,
489      )
490    );
491
492$query = '
493SELECT category_id, uppercats
494  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
495    INNER JOIN '.CATEGORIES_TABLE.' AS c
496      ON c.id = ic.category_id
497  WHERE image_id = '.$_GET['image_id'].'
498;';
499$result = pwg_query($query);
500
501while ($row = pwg_db_fetch_assoc($result))
502{
503  $name =
504    get_cat_display_name_cache(
505      $row['uppercats'],
506      get_root_url().'index.php?/icy_picture_modify&amp;cat_id=',
507      false
508      );
509
510  if ($row['category_id'] == $storage_category_id)
511  {
512    $template->assign('STORAGE_CATEGORY', $name);
513  }
514  else
515  {
516    $template->append('related_categories', $name);
517  }
518}
519
520// jump to link
521//
522// 1. find all linked categories that are reachable for the current user.
523// 2. if a category is available in the URL, use it if reachable
524// 3. if URL category not available or reachable, use the first reachable
525//    linked category
526// 4. if no category reachable, no jumpto link
527
528$query = '
529SELECT category_id
530  FROM '.IMAGE_CATEGORY_TABLE.'
531  WHERE image_id = '.$_GET['image_id'].'
532;';
533
534// list of categories (OF THIS IMAGE) to which the user can access
535$authorizeds = array_intersect($my_categories,
536  array_from_query($query, 'category_id'));
537
538// if current category belongs to list of authorized categories
539// we simply provide link to that category
540if (isset($_GET['cat_id'])
541    and in_array($_GET['cat_id'], $authorizeds))
542{
543  $url_img = make_picture_url(
544    array(
545      'image_id' => $_GET['image_id'],
546      'image_file' => $image_file,
547      'category' => $cache['cat_names'][ $_GET['cat_id'] ],
548      )
549    );
550}
551// otherwise we provide links to the *first* category in the list
552else
553{
554  foreach ($authorizeds as $category)
555  {
556    $url_img = make_picture_url(
557      array(
558        'image_id' => $_GET['image_id'],
559        'image_file' => $image_file,
560        'category' => $cache['cat_names'][ $category ],
561        )
562      );
563    // FIXME: why the first category is selected?
564    break;
565  }
566}
567
568if (isset($url_img))
569{
570  $template->assign( 'U_JUMPTO', $url_img );
571}
572
573// associate to another category ?
574$query = '
575SELECT id,name,uppercats,global_rank
576  FROM '.CATEGORIES_TABLE.'
577    INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
578  WHERE image_id = '.$_GET['image_id'] . '
579    AND id IN ('. join(",", $my_categories).')';
580// if the image belongs to a physical storage,
581// we simply ignore that storage album
582if (isset($storage_category_id))
583{
584  $query.= '
585    AND id != '.$storage_category_id;
586}
587$query.= '
588;';
589display_select_cat_wrapper($query, array(), 'associated_options');
590
591$result = pwg_query($query);
592$associateds = array(-1);
593if (isset($storage_category_id))
594{
595  array_push($associateds, $storage_category_id);
596}
597while ($row = pwg_db_fetch_assoc($result))
598{
599  array_push($associateds, $row['id']);
600}
601$query = '
602SELECT id,name,uppercats,global_rank
603  FROM '.CATEGORIES_TABLE.'
604  WHERE id NOT IN ('.implode(',', $associateds).')
605  AND id IN ('. join(",", $my_categories).')
606;';
607display_select_cat_wrapper($query, array(), 'dissociated_options');
608
609// display list of categories for representing
610$query = '
611SELECT id,name,uppercats,global_rank
612  FROM '.CATEGORIES_TABLE.'
613  WHERE representative_picture_id = '.$_GET['image_id'].'
614    AND id IN ('. join(",", $my_categories).')
615;';
616display_select_cat_wrapper($query, array(), 'elected_options');
617
618$query = '
619SELECT id,name,uppercats,global_rank
620  FROM '.CATEGORIES_TABLE.'
621  WHERE id IN ('. join(",", $my_categories).')
622    AND (representative_picture_id != '.$_GET['image_id'].'
623    OR representative_picture_id IS NULL)
624;';
625display_select_cat_wrapper($query, array(), 'dismissed_options');
626
627//----------------------------------------------------------- sending html code
628
629$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'icy_picture_modify');
630
631?>
Note: See TracBrowser for help on using the repository browser.