Context Navigation

source: extensions/UserCollections/include/collections.inc.php @ 30251

Last change on this file since 30251 was 29317, checked in by mistic100, 10 years ago
Add allow_send_admin parameter
File size: 11.8 KB

Line
1	<?php
2	defined('USER_COLLEC_PATH') or die('Hacking attempt!');
3
4	global $page, $template, $conf, $user;
5
6	$template->assign(array(
7	'USER_COLLEC_PATH' => USER_COLLEC_PATH,
8	'USER_COLLEC_ABS_PATH' => realpath(USER_COLLEC_PATH).'/',
9	));
10
11
12	switch ($page['sub_section'])
13	{
14	// +-----------------------------------------------------------------------+
15	// \| Collections list \|
16	// +-----------------------------------------------------------------------+
17	case 'list':
18	{
19	if (is_a_guest())
20	{
21	access_denied();
22	}
23
24	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collections_list.tpl'));
25
26	$self_url = USER_COLLEC_PUBLIC . 'list';
27
28	// actions
29	if (isset($_GET['action']) and preg_match('#^([0-9]+)$#', $_GET['col_id']))
30	{
31	switch ($_GET['action'])
32	{
33	## new collection ##
34	case 'new':
35	{
36	if (empty($_GET['name']))
37	{
38	$page['errors'][] = l10n('Please give a name');
39	}
40	else
41	{
42	$collection = new UserCollection('new', $_GET['name']);
43
44	if (isset($_GET['redirect']))
45	{
46	$redirect = USER_COLLEC_PUBLIC . 'edit/' . $collection->getParam('id');
47	}
48	else
49	{
50	$redirect = USER_COLLEC_PUBLIC;
51	}
52	redirect($redirect);
53	}
54	break;
55	}
56
57	## delete collection ##
58	case 'delete':
59	{
60	try {
61	$collection = new UserCollection($_GET['col_id']);
62	$collection->delete();
63	redirect(USER_COLLEC_PUBLIC);
64	}
65	catch (Exception $e)
66	{
67	$page['errors'][] = $e->getMessage();
68	}
69	break;
70	}
71	}
72	}
73
74	$template->assign('U_CREATE',
75	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'new','col_id'=>'0'))
76	);
77
78	$template->set_prefilter('index_category_thumbnails', 'user_collections_categories_list');
79
80	include(USER_COLLEC_PATH . '/include/display_collections.inc.php');
81
82	break;
83	}
84
85	// +-----------------------------------------------------------------------+
86	// \| Edit collection \|
87	// +-----------------------------------------------------------------------+
88	case 'edit':
89	{
90	// security
91	if (empty($page['col_id']))
92	{
93	$_SESSION['page_errors'][] = l10n('Invalid collection');
94	redirect(USER_COLLEC_PUBLIC);
95	}
96
97	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_edit.tpl'));
98
99	$self_url = USER_COLLEC_PUBLIC . 'edit/' . $page['col_id'];
100
101	$template->assign(array(
102	'F_ACTION' => $self_url,
103	'U_LIST' => USER_COLLEC_PUBLIC,
104	'UC_IN_EDIT' => true,
105	));
106
107	try {
108	$collection = new UserCollection($page['col_id']);
109	$collection->checkUser();
110
111	// save properties
112	if (isset($_POST['save_col']))
113	{
114	if (empty($_POST['name']))
115	{
116	$page['errors'][] = l10n('Please give a name');
117	}
118	else
119	{
120	$collection->updateParam('name', stripslashes($_POST['name']));
121	}
122	$collection->updateParam('comment', stripslashes(@$_POST['comment']));
123	}
124
125	// add key
126	if ($conf['user_collections']['allow_public'])
127	{
128	if (isset($_POST['add_share']))
129	{
130	$share = array(
131	'share_key' => trim($_POST['share_key']),
132	'password' => isset($_POST['use_share_password']) ? trim($_POST['share_password']) : '',
133	'deadline' => isset($_POST['use_share_deadline']) ? trim($_POST['share_deadline']) : '',
134	);
135
136	if (!verify_ephemeral_key(@$_POST['key']))
137	{
138	$result = array(l10n('Invalid key'));
139	}
140	else
141	{
142	$result = $collection->addShare($share);
143	}
144	if (is_array($result))
145	{
146	$share['errors'] = $result;
147	}
148	else
149	{
150	$share = array();
151	$share['infos'][] = l10n('New share added: <a href="%s">%s</a>', $result, $result);
152	}
153	$share['open'] = true;
154	}
155	else if (isset($_GET['delete_share']))
156	{
157	if ($collection->deleteShare($_GET['delete_share']))
158	{
159	$share['infos'][] = l10n('Share deleted');
160	}
161	$share['open'] = true;
162	}
163
164	if (!isset($share['share_key']))
165	{
166	$share['share_key'] = get_random_key(16);
167	$share['password'] = null;
168	$share['deadline'] = null;
169	}
170
171	$template->assign('share', $share);
172	}
173
174	// send mail
175	if (($conf['user_collections']['allow_public'] && $conf['user_collections']['allow_mails'])
176	\|\| $conf['user_collections']['allow_send_admin'])
177	{
178	if (isset($_POST['send_mail']))
179	{
180	$contact = array(
181	'sender_email' => trim($_POST['sender_email']),
182	'sender_name' => trim($_POST['sender_name']),
183	'to' => $_POST['to'],
184	'recipient_email' => trim($_POST['recipient_email']),
185	'recipient_name' => trim($_POST['recipient_name']),
186	'nb_images' => $_POST['nb_images'],
187	'message' => $_POST['message'],
188	);
189
190	if (!verify_ephemeral_key(@$_POST['key']))
191	{
192	$result = array(l10n('Invalid key'));
193	}
194	else
195	{
196	$result = $collection->sendEmail($contact);
197	}
198	if (is_array($result))
199	{
200	$contact['errors'] = $result;
201	$contact['open'] = true;
202	}
203	else
204	{
205	$contact = array();
206	$page['infos'] = l10n('E-mail sent successfully');
207	}
208	}
209
210	if (!isset($contact['sender_email']))
211	{
212	$contact['sender_name'] = $user['username'];
213	$contact['sender_email'] = $user['email'];
214	$contact['recipient_name'] = null;
215	$contact['recipient_email'] = null;
216	$contact['nb_images'] = 4;
217	$contact['message'] = null;
218	}
219
220	$template->assign('contact', $contact);
221	}
222
223	// clear
224	if (isset($_GET['action']) && $_GET['action'] == 'clear')
225	{
226	$collection->clearImages();
227	}
228
229
230	// add remove item links
231	$template->set_prefilter('index_thumbnails', 'user_collections_thumbnails_list_button');
232	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
233
234	// thumbnails
235	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
236
237
238	// collection properties
239	$infos = $collection->getCollectionInfo();
240	$infos['DATE_CREATION'] = format_date($infos['DATE_CREATION'], true);
241	$infos['SHARES'] = $collection->getShares();
242	$template->assign('collection', $infos);
243
244
245	// toolbar buttons
246	if (!empty($page['items']))
247	{
248	if ($conf['user_collections']['allow_public'])
249	{
250	user_collections_add_button('share', 'U_SHARE',
251	USER_COLLEC_PUBLIC . 'view/' . $page['col_id'] .'-'
252	);
253	}
254
255	if (($conf['user_collections']['allow_public'] && $conf['user_collections']['allow_mails'])
256	\|\| $conf['user_collections']['allow_send_admin'])
257	{
258	user_collections_add_button('mail', 'U_MAIL', true);
259	}
260
261	user_collections_add_button('clear', 'U_CLEAR',
262	add_url_params($self_url, array('action'=>'clear'))
263	);
264	}
265
266	user_collections_add_button('delete', 'U_DELETE',
267	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'delete','col_id'=>$page['col_id']))
268	);
269
270	$template->assign(array(
271	'UC_TKEY' => get_ephemeral_key(3),
272	'UC_CONFIG' => $conf['user_collections']
273	));
274
275	// modify page title
276	$template->concat('TITLE',
277	$conf['level_separator'] . trigger_change('render_category_name', $infos['NAME'])
278	);
279
280	// render description
281	$template->assign('CONTENT_DESCRIPTION',
282	trigger_change('render_category_description', nl2br($infos['COMMENT']))
283	);
284	}
285	catch (Exception $e)
286	{
287	$page['errors'][] = $e->getMessage();
288	}
289
290	break;
291	}
292
293	// +-----------------------------------------------------------------------+
294	// \| View collection \|
295	// +-----------------------------------------------------------------------+
296	case 'view':
297	{
298	$page['col_key'] = $page['col_id'];
299
300	if (!$conf['user_collections']['allow_public'])
301	{
302	page_forbidden('');
303	}
304	if (empty($page['col_key']))
305	{
306	bad_request('');
307	}
308
309	$query = '
310	SELECT col_id, params
311	FROM '.COLLECTION_SHARES_TABLE.'
312	WHERE share_key = "'.$page['col_key'].'"
313	;';
314	$result = pwg_query($query);
315
316	if (!pwg_db_num_rows($result))
317	{
318	page_not_found(l10n('Collection not found'));
319	}
320
321	list($page['col_id'], $share_params) = pwg_db_fetch_row($result);
322	$share_params = unserialize($share_params);
323
324	// deadline check
325	if (!empty($share_params['deadline']) && strtotime($share_params['deadline'])<time())
326	{
327	page_not_found(l10n('This link expired'));
328	}
329
330	$self_url = USER_COLLEC_PUBLIC . 'view/' . $page['col_key'];
331
332	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_view.tpl'));
333
334	try {
335	$collection = new UserCollection($page['col_id']);
336	$col = $collection->getCollectionInfo();
337
338	$mode = 'view';
339
340	// password check
341	if (!empty($share_params['password']))
342	{
343	if (isset($_POST['uc_password']))
344	{
345	$hash = sha1($conf['secret_key'].$_POST['uc_password'].$page['col_key']);
346	if ($hash == $share_params['password'])
347	{
348	pwg_set_session_var('uc_key_'.$page['col_key'], get_ephemeral_key(0, $share_params['password']));
349	}
350	else
351	{
352	$page['errors'][] = l10n('Invalid password!');
353	$mode = 'password';
354	}
355	}
356	else if (($var = pwg_get_session_var('uc_key_'.$page['col_key'])) !== null)
357	{
358	if (!verify_ephemeral_key($var, $share_params['password']))
359	{
360	pwg_unset_session_var('uc_key_'.$page['col_key']);
361	$mode = 'password';
362	}
363	}
364	else
365	{
366	$mode = 'password';
367	}
368	}
369
370	if ($mode == 'view')
371	{
372	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
373
374	// thumbnails
375	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
376
377	// render description
378	$template->assign('CONTENT_DESCRIPTION',
379	trigger_change('render_category_description', nl2br($col['COMMENT']))
380	);
381	}
382
383	// add username in title
384	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
385
386	$template->concat('TITLE',
387	$conf['level_separator'] . trigger_change('render_category_name', $col['NAME']) .
388	' (' . l10n('by %s', get_username($collection->getParam('user_id'))) . ')'
389	);
390
391	$template->assign('UC_MODE', $mode);
392	}
393	catch (Exception $e)
394	{
395	access_denied();
396	}
397
398	break;
399	}
400	}
401
402	$template->assign_var_from_handle('CONTENT', 'uc_page');
403
404
405	// modification on mainpage_categories.tpl
406	function user_collections_categories_list($content, &$samrty)
407	{
408	$search = '<div class="thumbnailCategory">';
409	$replace = '<div class="thumbnailCategory">
410	<div class="collectionActions">
411	<a href="{$cat.URL}" rel="nofollow">{"Edit"\|@translate}</a>
412	\| <a href="{$cat.U_DELETE}" onClick="return confirm(\'{"Are you sure?"\|@translate}\');" rel="nofollow">{"Delete"\|@translate}</a>
413	</div>';
414
415	return str_replace($search, $replace, $content);
416	}
417
418	// colorbox
419	function user_collections_add_colorbox($content)
420	{
421	$search = '<a href="{$thumbnail.URL}"';
422	$replace = $search.' class="preview-box" data-src="{$thumbnail.FILE_SRC}" data-id="{$thumbnail.id}"';
423
424	return str_replace($search, $replace, $content);
425	}
426
427	// add special buttons
428	function user_collections_add_button($tpl_file, $tpl_var, $value)
429	{
430	global $template;
431
432	$template->assign($tpl_var, $value);
433	$template->set_filename('uc_button_'.$tpl_file, realpath(USER_COLLEC_PATH.'template/buttons/'. $tpl_file .'.tpl'));
434	$template->add_index_button($template->parse('uc_button_'.$tpl_file, true));
435	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: