<?php
defined('USER_COLLEC_PATH') or die('Hacking attempt!');

global $page, $template, $conf, $user;

$template->assign(array(
  'USER_COLLEC_PATH' => USER_COLLEC_PATH,
  'USER_COLLEC_ABS_PATH' => realpath(USER_COLLEC_PATH).'/',
  ));


switch ($page['sub_section'])
{
// +-----------------------------------------------------------------------+
// | Collections list                                                      |
// +-----------------------------------------------------------------------+
case 'list':
{
  if (is_a_guest())
  {
    access_denied();
  }
  
  $template->set_filename('index', realpath(USER_COLLEC_PATH.'template/collections_list.tpl'));
  
  // actions
  if ( isset($_GET['action']) and preg_match('#^([0-9]+)$#', $_GET['col_id']) )
  {
    switch ($_GET['action'])
    {
      ## new collection ##
      case 'new':
      {
        if (empty($_GET['name']))
        {
          $page['errors'][] = l10n('Please give a name');
        }
        else
        {
          $collection = new UserCollection('new', $_GET['name']);
          
          if (isset($_GET['redirect']))
          {
            $redirect = USER_COLLEC_PUBLIC . 'edit/' . $collection->getParam('id');
          }
          else
          {
            $redirect = USER_COLLEC_PUBLIC;
          }
          redirect($redirect);
        }
        break;
      }
        
      ## delete collection ##
      case 'delete':
      {
        try {
          $collection = new UserCollection($_GET['col_id']);
          $collection->delete();
          redirect(USER_COLLEC_PUBLIC);
        }
        catch (Exception $e)
        {
          $page['errors'][] = $e->getMessage();
        }
        break;
      }
    }
  }
  
  $template->assign('U_CREATE',
    add_url_params(USER_COLLEC_PUBLIC, array('action'=>'new','col_id'=>'0'))
    );
  
  $template->set_prefilter('index_category_thumbnails', 'user_collections_categories_list');
  
  include(USER_COLLEC_PATH . '/include/display_collections.inc.php');
  
  break;
}

// +-----------------------------------------------------------------------+
// | Edit collection                                                       |
// +-----------------------------------------------------------------------+
case 'edit':
{
  // security
  if (empty($page['col_id']))
  {
    $_SESSION['page_errors'][] = l10n('Invalid collection');
    redirect(USER_COLLEC_PUBLIC);
  }
  
  $template->set_filename('index', realpath(USER_COLLEC_PATH.'template/collection_edit.tpl'));
  
  $self_url = USER_COLLEC_PUBLIC . 'edit/' . $page['col_id'];
  
  $template->assign(array(
    'F_ACTION' => $self_url,
    'U_LIST' => USER_COLLEC_PUBLIC,
    'UC_IN_EDIT' => true,
    ));
  
  try {
    $collection = new UserCollection($page['col_id']);
    $collection->checkUser();
    
    // save properties
    if (isset($_POST['save_col']))
    {
      if (empty($_POST['name']))
      {
        $page['errors'][] = l10n('Please give a name');
      }
      else
      {
        $collection->updateParam('name', stripslashes($_POST['name']));
      }
      $collection->updateParam('comment', stripslashes($_POST['comment']));
    }
    
    // add key
    if ($conf['user_collections']['allow_public'])
    {
      $share = array(
        'share_key' => get_random_key(16),
        'password' => null,
        'deadline' => null,
        );
      
      if (isset($_POST['add_share']))
      {
        $share = array(
          'share_key' =>  trim($_POST['share_key']),
          'password' =>   isset($_POST['use_share_password']) ? trim($_POST['share_password']) : '',
          'deadline' =>   isset($_POST['use_share_deadline']) ? trim($_POST['share_deadline']) : '',
          );
          
        if (!verify_ephemeral_key(@$_POST['key']))
        {
          $result = array(l10n('Invalid key'));
        }
        else
        {
          $result = $collection->addShare($share);
        }
        if (is_array($result))
        {
          $share['errors'] = $result;
        }
        else
        {
          $share = array();
          $share['infos'][] = sprintf(l10n('New share added: <a href="%s">%s</a>'), $result, $result);
        }
        $share['open'] = true;
      }
      else if (isset($_GET['delete_share']))
      {
        if ($collection->deleteShare($_GET['delete_share']))
        {
          $share['infos'][] = l10n('Share deleted');
        }
        $share['open'] = true;
      }
      
      $template->assign('share', $share);
    }
    
    // send mail
    if ( $conf['user_collections']['allow_mails'] && $conf['user_collections']['allow_public'] )
    {
      $contact = array(
        'sender_name' =>      $user['username'],
        'sender_email' =>     $user['email'],
        'recipient_name' =>   null,
        'recipient_email' =>  null,
        'nb_images' =>        4,
        'message' =>          null,
        );
          
      if (isset($_POST['send_mail']))
      {
        $contact = array(
          'sender_email' =>     trim($_POST['sender_email']),
          'sender_name' =>      trim($_POST['sender_name']),
          'recipient_email' =>  trim($_POST['recipient_email']),
          'recipient_name' =>   trim($_POST['recipient_name']),
          'nb_images' =>        $_POST['nb_images'],
          'message' =>          $_POST['message'],
          );
        
        if (!verify_ephemeral_key(@$_POST['key']))
        {
          $result = array(l10n('Invalid key'));
        }
        else
        {
          $result = $collection->sendEmail($contact);
        }
        if (is_array($result))
        {
          $contact['errors'] = $result;
          $contact['open'] = true;
        }
        else
        {
          $contact = array();
          $page['infos'] = l10n('E-mail sent successfully');
        }
      }
      
      $template->assign('contact', $contact);
    }
    
    // clear
    if ( isset($_GET['action']) and $_GET['action'] == 'clear' )
    {
      $collection->clearImages();
    }
    
    
    // add remove item links
    $template->set_prefilter('index_thumbnails', 'user_collections_thumbnails_list_button');
    $template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
    
    // thumbnails
    include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
    
    
    // collection properties
    $infos = $collection->getCollectionInfo();
    $infos['DATE_CREATION'] = format_date($infos['DATE_CREATION'], true);
    $infos['SHARES'] = $collection->getShares();
    $template->assign('collection', $infos); 
    
    // toolbar buttons
    if (!empty($page['items']))
    {
      $template->assign('U_CLEAR',
        add_url_params($self_url, array('action'=>'clear'))
        );
    }
    $template->assign('U_DELETE',
      add_url_params(USER_COLLEC_PUBLIC, array('action'=>'delete','col_id'=>$page['col_id']))
      );
      
    if ( $conf['user_collections']['allow_public'] && !empty($page['items']) )
    {
      $template->assign('U_SHARE', USER_COLLEC_PUBLIC . 'view/' . $page['col_id'] .'-');
    }
    if ( $conf['user_collections']['allow_mails'] && $conf['user_collections']['allow_public'] && !empty($page['items']) )
    {
      $template->assign('U_MAIL', true);
    }
    $template->assign('UC_TKEY', get_ephemeral_key(3));
    
    // modify page title
    $template->concat('TITLE', 
      $conf['level_separator'] . trigger_event('render_category_name', $infos['NAME'])
      );
    
    // render description
    $template->assign('CONTENT_DESCRIPTION',
      trigger_event('render_category_description', nl2br($infos['COMMENT']))
      );
  }
  catch (Exception $e)
  {
    $page['errors'][] = $e->getMessage();
  }
  
  break;
}

// +-----------------------------------------------------------------------+
// | View collection                                                       |
// +-----------------------------------------------------------------------+
case 'view':
{
  $page['col_key'] = $page['col_id'];
  
  if (!$conf['user_collections']['allow_public'])
  {
    page_forbidden('');
  }
  if (empty($page['col_key']))
  {
    bad_request('');
  }
  
  $query = '
SELECT col_id, params
  FROM '.COLLECTION_SHARES_TABLE.'
  WHERE share_key = "'.$page['col_key'].'"
;';
  $result = pwg_query($query);
  if (!pwg_db_num_rows($result))
  {
    page_not_found(l10n('Collection not found'));
  }
  
  list($page['col_id'], $share_params) = pwg_db_fetch_row($result);
  $share_params = unserialize($share_params);
  
  // deadline check
  if ( !empty($share_params['deadline']) && strtotime($share_params['deadline'])<time() )
  {
    page_not_found(l10n('This link expired'));
  }
  
  $self_url = USER_COLLEC_PUBLIC . 'view/' . $page['col_key'];
  
  $template->set_filename('index', realpath(USER_COLLEC_PATH.'template/collection_view.tpl'));
  
  try {
    $collection = new UserCollection($page['col_id']);
    $col = $collection->getCollectionInfo();
    
    $mode = 'view';
    
    // password check
    if (!empty($share_params['password']))
    {
      if (isset($_POST['uc_password']))
      {
        $hash = sha1($conf['secret_key'].$_POST['uc_password'].$page['col_key']);
        if ($hash == $share_params['password'])
        {
          pwg_set_session_var('uc_key_'.$page['col_key'], get_ephemeral_key(0, $share_params['password']));
        }
        else
        {
          $page['errors'][] = l10n('Invalid password!');
          $mode = 'password';
        }
      }
      else if (($var = pwg_get_session_var('uc_key_'.$page['col_key'])) !== null)
      {
        if (!verify_ephemeral_key($var, $share_params['password']))
        {
          pwg_unset_session_var('uc_key_'.$page['col_key']);
          $mode = 'password';
        }
      }
      else
      {
        $mode = 'password';
      }
    }
    
    if ($mode == 'view')
    {
      $template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
      
      // thumbnails
      include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
      
      // render description
      $template->assign('CONTENT_DESCRIPTION',
        trigger_event('render_category_description', nl2br($col['COMMENT']))
        );
    }
    
    // add username in title
    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
    $template->concat('TITLE', 
      $conf['level_separator'] . trigger_event('render_category_name', $col['NAME']) .
      ' (' . sprintf(l10n('by %s'), get_username($collection->getParam('user_id'))) . ')'
      );
      
    $template->assign('UC_MODE', $mode);
  }
  catch (Exception $e)
  {
    access_denied();
  }
  
  break;
}
}


// modification on mainpage_categories.tpl
function user_collections_categories_list($content, &$samrty)
{
  $search = '<div class="thumbnailCategory">';
  $replace = '<div class="thumbnailCategory">
  <div class="collectionActions">
    <a href="{$cat.URL}" rel="nofollow">{"Edit"|@translate}</a>
    | <a href="{$cat.U_DELETE}" onClick="return confirm(\'{"Are you sure?"|@translate}\');" rel="nofollow">{"Delete"|@translate}</a>
  </div>';
  
  return str_replace($search, $replace, $content);
}

// colorbox
function user_collections_add_colorbox($content)
{
  $search = '<a href="{$thumbnail.URL}"';
  $replace = $search.' class="preview-box" data-src="{$thumbnail.FILE_SRC}" data-id="{$thumbnail.id}"';
  
  return str_replace($search, $replace, $content);
}

?>