Context Navigation

source: extensions/UserCollections/include/UserCollection.class.php @ 25676

Last change on this file since 25676 was 25676, checked in by mistic100, 10 years ago
Fatal error: Cannot pass parameter 1 by reference
File size: 15.7 KB

Line
1	<?php
2	defined('USER_COLLEC_PATH') or die('Hacking attempt!');
3
4	class UserCollection
5	{
6	private $data;
7	private $images;
8
9	/**
10	* __construct
11	* @param: mixed col id (##\|'new')
12	* @param: array images
13	*/
14	function __construct($col_id, $name=null, $comment=null, $user_id=null)
15	{
16	global $user;
17
18	if (empty($user_id))
19	{
20	$user_id = $user['id'];
21	}
22
23	$this->data = array(
24	'id' => 0,
25	'user_id' => $user_id,
26	'name' => null,
27	'date_creation' => '0000-00-00 00:00:00',
28	'comment' => null,
29	'nb_images' => 0,
30	);
31	$this->images = array();
32
33	// load specific collection
34	if (preg_match('#^[0-9]+$#', $col_id))
35	{
36	$query = '
37	SELECT *
38	FROM '.COLLECTIONS_TABLE.'
39	WHERE id = '.$col_id.'
40	;';
41	$result = pwg_query($query);
42
43	if (pwg_db_num_rows($result))
44	{
45	$this->data = array_merge(
46	$this->data,
47	pwg_db_fetch_assoc($result)
48	);
49
50	// make sure all pictures of the collection exist
51	$query = '
52	DELETE FROM '.COLLECTION_IMAGES_TABLE.'
53	WHERE image_id NOT IN (
54	SELECT id FROM '.IMAGES_TABLE.'
55	)
56	;';
57	pwg_query($query);
58
59	// select images of the collection
60	$query = '
61	SELECT image_id
62	FROM '.COLLECTION_IMAGES_TABLE.'
63	WHERE col_id = '.$this->data['id'].'
64	;';
65	$this->images = array_from_query($query, 'image_id');
66
67	$this->updateParam('nb_images', count($this->images));
68	}
69	else
70	{
71	throw new Exception(l10n('Invalid collection'), WS_ERR_INVALID_PARAM);
72	}
73	}
74	// create a new collection
75	else if ($col_id == 'new')
76	{
77	$this->data['name'] = $name;
78	$this->data['comment'] = $comment;
79
80	$query = '
81	INSERT INTO '.COLLECTIONS_TABLE.'(
82	user_id,
83	name,
84	date_creation,
85	comment
86	)
87	VALUES(
88	'.$this->data['user_id'].',
89	"'.$this->data['name'].'",
90	NOW(),
91	"'.$this->data['comment'].'"
92	)
93	;';
94	pwg_query($query);
95	$this->data['id'] = pwg_db_insert_id();
96
97	$date = pwg_query('SELECT NOW();');
98	list($this->data['date_creation']) = pwg_db_fetch_row($date);
99	}
100	else
101	{
102	trigger_error('UserCollection::__construct, invalid input parameter', E_USER_ERROR);
103	}
104	}
105
106	/**
107	* check if current user is owner of the collection or admin
108	*/
109	function checkUser()
110	{
111	global $user;
112
113	if (!is_admin() && $user['id'] != $this->data['user_id'])
114	{
115	throw new Exception('Forbidden', 403);
116	}
117	}
118
119	/**
120	* updateParam
121	* @param: string param name
122	* @param: mixed param value
123	*/
124	function updateParam($name, $value)
125	{
126	if ($value != $this->data[$name])
127	{
128	$this->data[$name] = $value;
129	pwg_query('UPDATE '.COLLECTIONS_TABLE.' SET '.$name.' = "'.pwg_db_real_escape_string($value).'" WHERE id = '.$this->data['id'].';');
130	}
131	}
132
133	/**
134	* getParam
135	* @param: string param name
136	* @return: mixed param value
137	*/
138	function getParam($name)
139	{
140	return $this->data[$name];
141	}
142
143	/**
144	* getImages
145	* @return: array
146	*/
147	function getImages()
148	{
149	return $this->images;
150	}
151
152	/**
153	* isInSet
154	* @param: int image id
155	* @return: bool
156	*/
157	function isInSet($image_id)
158	{
159	return in_array($image_id, $this->images);
160	}
161
162	/**
163	* removeImages
164	* @param: array image ids
165	*/
166	function removeImages($image_ids)
167	{
168	if (empty($image_ids) or !is_array($image_ids)) return;
169
170	$this->images = array_diff($this->images, $image_ids);
171
172	$query = '
173	DELETE FROM '.COLLECTION_IMAGES_TABLE.'
174	WHERE
175	col_id = '.$this->data['id'].'
176	AND image_id IN('.implode(',', $image_ids).')
177	;';
178	pwg_query($query);
179
180	$this->updateParam('nb_images', count($this->images));
181	}
182
183	/**
184	* addImages
185	* @param: array image ids
186	*/
187	function addImages($image_ids)
188	{
189	if (empty($image_ids) or !is_array($image_ids)) return;
190
191	$image_ids = array_unique($image_ids);
192	$inserts = array();
193
194	foreach ($image_ids as $image_id)
195	{
196	if ($this->isInSet($image_id)) continue;
197
198	$this->images[] = $image_id;
199	$inserts[] = array(
200	'col_id' => $this->data['id'],
201	'image_id' => $image_id,
202	);
203	}
204
205	mass_inserts(
206	COLLECTION_IMAGES_TABLE,
207	array('col_id', 'image_id'),
208	$inserts
209	);
210
211	$query = '
212	UPDATE '.COLLECTION_IMAGES_TABLE.'
213	SET add_date = NOW()
214	WHERE
215	col_id = '.$this->data['id'].'
216	AND image_id IN ('.implode(',', $image_ids).')
217	AND add_date IS NULL
218	';
219	pwg_query($query);
220
221	$this->updateParam('nb_images', count($this->images));
222	}
223
224	/**
225	* toggleImage
226	* @param: int image id
227	*/
228	function toggleImage($image_id)
229	{
230	if ($this->isInSet($image_id))
231	{
232	$this->removeImages(array($image_id));
233	}
234	else
235	{
236	$this->addImages(array($image_id));
237	}
238	}
239
240	/**
241	* clearImages
242	*/
243	function clearImages()
244	{
245	$this->images = array();
246	$this->updateParam('nb_images', 0);
247
248	$query = '
249	DELETE FROM '.COLLECTION_IMAGES_TABLE.'
250	WHERE col_id = '.$this->data['id'].'
251	;';
252	pwg_query($query);
253	}
254
255	/**
256	* getCollectionInfo
257	* @return: array
258	*/
259	function getCollectionInfo()
260	{
261	$set = array(
262	'ID' => $this->data['id'],
263	'NAME' => $this->data['name'],
264	'COMMENT' => $this->data['comment'],
265	'NB_IMAGES' => $this->data['nb_images'],
266	'DATE_CREATION' => $this->data['date_creation'],
267	);
268
269	return $set;
270	}
271
272	/**
273	* get share links
274	*/
275	function getShares()
276	{
277	$query = '
278	SELECT * FROM '.COLLECTION_SHARES_TABLE.'
279	WHERE col_id = '.$this->data['id'].'
280	ORDER BY add_date DESC
281	;';
282	$result = pwg_query($query);
283
284	$shares = array();
285	while ($row = pwg_db_fetch_assoc($result))
286	{
287	$row['expired'] = false;
288
289	$row['params'] = unserialize($row['params']);
290	if (!empty($row['params']['deadline']))
291	{
292	$row['expired'] = strtotime($row['params']['deadline']) < time();
293	$row['params']['deadline_readable'] = format_date($row['params']['deadline'], true, false);
294	}
295
296	$row['url'] = USER_COLLEC_PUBLIC . 'view/' . $row['share_key'];
297	$row['u_delete'] = USER_COLLEC_PUBLIC . 'edit/' . $this->data['id'] . '&delete_share=' . $row['id'];
298	$row['add_date_readable'] = format_date($row['add_date'], true, false);
299
300	$shares[] = $row;
301	}
302
303	return $shares;
304	}
305
306	/**
307	* delete a share
308	*/
309	function deleteShare($id)
310	{
311	$query = '
312	DELETE FROM '.COLLECTION_SHARES_TABLE.'
313	WHERE id = "'.pwg_db_real_escape_string($id).'"
314	AND col_id = '.$this->data['id'].'
315	;';
316	pwg_query($query);
317
318	return pwg_db_changes() != 0;
319	}
320
321	/**
322	* Add a share URL
323	* @param: array
324	* - share_key
325	* - password
326	* - deadline
327	* @return: array errors
328	*/
329	function addShare(&$share, $abord_on_duplicate=true)
330	{
331	global $conf, $page;
332
333	$errors = array();
334
335	$share = array_map('stripslashes', $share);
336
337	// check key
338	if (empty($share['share_key']) \|\| strlen($share['share_key']) < 8)
339	{
340	$errors[] = l10n('The key must be at least 8 characters long');
341	}
342	else
343	{
344	$share['share_key'] = str2url($share['share_key']);
345	$share_key = $this->data['id'].'-'.$share['share_key'];
346
347	$query = '
348	SELECT id FROM '.COLLECTION_SHARES_TABLE.'
349	WHERE col_id = '.$this->data['id'].'
350	AND share_key = "'.$share_key.'"
351	;';
352	$result = pwg_query($query);
353	if (pwg_db_num_rows($result))
354	{
355	if ($abord_on_duplicate)
356	{
357	$errors[] = l10n('This key is already used');
358	}
359	else
360	{
361	return USER_COLLEC_PUBLIC . 'view/' . $share_key;
362	}
363	}
364	}
365
366	// filter date
367	if (!empty($share['deadline']))
368	{
369	$date = DateTime::createFromFormat('Y-m-d H:i', $share['deadline']);
370	$share['deadline'] = $date->format('Y-m-d H:i');
371	}
372
373	// hash password
374	if (!empty($share['password']))
375	{
376	$share['password'] = sha1($conf['secret_key'].$share['password'].$share_key);
377	}
378
379	if (empty($errors))
380	{
381	$params = serialize(array(
382	'password' => @$share['password'],
383	'deadline' => @$share['deadline'],
384	));
385
386	$query = '
387	INSERT INTO '.COLLECTION_SHARES_TABLE.'(
388	col_id,
389	share_key,
390	params,
391	add_date
392	)
393	VALUES(
394	'.$this->data['id'].',
395	"'.$share_key.'",
396	"'.pwg_db_real_escape_string($params).'",
397	"'.date('Y-m-d H:i:s').'"
398	)
399	;';
400	pwg_query($query);
401
402	return USER_COLLEC_PUBLIC . 'view/' . $share_key;
403	}
404
405	return $errors;
406	}
407
408	/**
409	* Send the collection by email
410	* @param: array
411	* - sender_name
412	* - sender_email
413	* - recipient_email
414	* - recipient_name
415	* - nb_images
416	* - message
417	* @return: array errors
418	*/
419	function sendEmail($comm)
420	{
421	global $conf;
422
423	$errors = array();
424
425	$comm = array_map('stripslashes', $comm);
426
427	$comment_action='validate';
428
429	// check author
430	if (empty($comm['sender_name']))
431	{
432	array_push($errors, l10n('Please enter your name'));
433	$comment_action='reject';
434	}
435	if (empty($comm['recipient_name']))
436	{
437	array_push($errors, l10n('Please enter the recipient name'));
438	$comment_action='reject';
439	}
440
441	// check email
442	if (empty($comm['sender_email']))
443	{
444	array_push($errors, l10n('Please enter your e-mail'));
445	$comment_action='reject';
446	}
447	else if ( !empty($comm['sender_email']) and !uc_check_email_validity($comm['sender_email']) )
448	{
449	array_push($errors, l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)'));
450	$comment_action='reject';
451	}
452	if (empty($comm['recipient_email']))
453	{
454	array_push($errors, l10n('Please enter the recipient e-mail'));
455	$comment_action='reject';
456	}
457	else if ( !empty($comm['recipient_email']) and !uc_check_email_validity($comm['recipient_email']) )
458	{
459	array_push($errors, l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)'));
460	$comment_action='reject';
461	}
462
463	// check content
464	if (!empty($comm['message']))
465	{
466	$comm['message'] = nl2br($comm['message']);
467	}
468
469	include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
470
471	if ($comment_action == 'validate')
472	{
473	// format subject
474	$subject = '['.$conf['gallery_title'].'] '.sprintf(l10n('A photo collection by %s'), $comm['sender_name']);
475	$subject = encode_mime_header($subject);
476
477	// format expeditor
478	$args['from'] = format_email($comm['sender_name'], $comm['sender_email']);
479	$args['to'] = format_email($comm['recipient_name'], $comm['recipient_email']);
480
481	// hearders
482	$headers = 'From: '.$args['from']."\n";
483	$headers.= 'MIME-Version: 1.0'."\n";
484	$headers.= 'X-Mailer: Piwigo Mailer'."\n";
485	$headers.= 'Content-Transfer-Encoding: 8bit'."\n";
486	$headers.= 'Content-Type: text/html; charset="'.get_pwg_charset().'";'."\n";
487
488	// mail content
489	$content = $this->getMailContent($comm);
490	$content = wordwrap($content, 70, "\n", true);
491
492	// send mail
493	$result =
494	trigger_event('send_mail',
495	false, /* Result */
496	trigger_event('send_mail_to', $args['to']),
497	trigger_event('send_mail_subject', $subject),
498	trigger_event('send_mail_content', $content),
499	trigger_event('send_mail_headers', $headers),
500	$args
501	);
502
503	if ($result == false)
504	{
505	array_push($errors, l10n('Error while sending e-mail'));
506	}
507	else
508	{
509	return true;
510	}
511	}
512
513	return $errors;
514	}
515
516	/**
517	* get mail content for sendMail()
518	*/
519	function getMailContent($params)
520	{
521	global $user, $conf, $template;
522
523	// switch to guest user
524	$user_save = $user;
525	$user = build_user($conf['guest_id'], true);
526
527	// get pictures
528	$query = '
529	SELECT
530	id,
531	file,
532	name,
533	path
534	FROM '.IMAGES_TABLE.' AS i
535	JOIN '.IMAGE_CATEGORY_TABLE.' AS ci ON ci.image_id = i.id
536	WHERE id IN ('.implode(',', $this->images).')
537	'.get_sql_condition_FandF(array(
538	'forbidden_categories' => 'category_id',
539	'forbidden_images' => 'id'
540	),
541	'AND'
542	).'
543	GROUP BY i.id
544	ORDER BY '.DB_RANDOM_FUNCTION.'()
545	LIMIT '.$params['nb_images'].'
546	;';
547	$pictures = hash_from_query($query, 'id');
548
549	// switch back to current user
550	$user = $user_save;
551	unset($user_save);
552
553	// picture sinfos
554	set_make_full_url();
555	$tpl_vars = array();
556	foreach ($pictures as $row)
557	{
558	$name = render_element_name($row);
559
560	$tpl_vars[] = array(
561	'TN_ALT' => htmlspecialchars(strip_tags($name)),
562	'NAME' => $name,
563	'URL' => make_picture_url(array('image_id' => $row['id'])),
564	'THUMB' => DerivativeImage::url(IMG_SQUARE, $row),
565	);
566	}
567
568	// template
569	$mail_css = file_get_contents(dirname(__FILE__).'/../template/mail.css');
570
571	$share_key = array('share_key'=>'mail-' . substr(sha1($this->data['id'].$conf['secret_key']), 0, 11));
572
573	$template->assign(array(
574	'GALLERY_URL' => get_gallery_home_url(),
575	'PHPWG_URL' => PHPWG_URL,
576	'UC_MAIL_CSS' => str_replace("\n", null, $mail_css),
577	'MAIL_TITLE' => $this->getParam('name').' ('.sprintf(l10n('by %s'), $params['sender_name']).')',
578	'COL_URL' => $this->addShare($share_key, false),
579	'PARAMS' => $params,
580	'derivative_params' => ImageStdParams::get_by_type(IMG_SQUARE),
581	'thumbnails' => $tpl_vars,
582	));
583
584	$template->set_filename('uc_mail', dirname(__FILE__).'/../template/mail.tpl');
585	$content = $template->parse('uc_mail', true);
586
587	unset_make_full_url();
588
589	return $content;
590	}
591
592	/**
593	* generate a listing of the collection
594	*/
595	function serialize($params)
596	{
597	$params = array_intersect($params, array('id','file','name','url','path','date_creation','collection_add_date','filesize','width','height'));
598
599	$content = null;
600
601	// get images infos
602	$query = '
603	SELECT
604	id,
605	file,
606	name,
607	path,
608	date_creation,
609	filesize,
610	width,
611	height,
612	add_date AS collection_add_date
613	FROM '.IMAGES_TABLE.'
614	JOIN '.COLLECTION_IMAGES_TABLE.' ON id = image_id
615	WHERE col_id = '.$this->data['id'].'
616	ORDER BY id
617	;';
618	$pictures = hash_from_query($query, 'id');
619
620	if (count($pictures))
621	{
622	// generate csv
623	set_make_full_url();
624	$root_url = get_root_url();
625
626	$fp = fopen('php://temp', 'r+');
627	fputcsv($fp, $params);
628
629	foreach ($pictures as $row)
630	{
631	$element = array();
632	foreach ($params as $field)
633	{
634	switch ($field)
635	{
636	case 'name':
637	$element[] = render_element_name($row);
638	break;
639	case 'url':
640	$element[] = make_picture_url(array('image_id'=>$row['id'], 'image_file'=>$row['file']));
641	break;
642	case 'path':
643	$element[] = $root_url.ltrim($row['path'], './');
644	break;
645	default:
646	$element[] = $row[$field];
647	break;
648	}
649	}
650	if (!empty($element))
651	{
652	fputcsv($fp, $element);
653	}
654	}
655
656	rewind($fp);
657	$content = stream_get_contents($fp);
658	fclose($fp);
659
660	unset_make_full_url();
661	}
662
663	return $content;
664	}
665
666	/**
667	* delete
668	*/
669	function delete()
670	{
671	$this->clearImages();
672	pwg_query('DELETE FROM '.COLLECTIONS_TABLE.' WHERE id = '.$this->data['id'].';');
673	}
674	}
675
676	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: