Context Navigation

source: extensions/UserCollections/include/collections.inc.php @ 26854

Last change on this file since 26854 was 26854, checked in by mistic100, 10 years ago
keep old trigger functions (PHP 5.2 issue)
File size: 11.5 KB

Line
1	<?php
2	defined('USER_COLLEC_PATH') or die('Hacking attempt!');
3
4	global $page, $template, $conf, $user;
5
6	$template->assign(array(
7	'USER_COLLEC_PATH' => USER_COLLEC_PATH,
8	'USER_COLLEC_ABS_PATH' => realpath(USER_COLLEC_PATH).'/',
9	));
10
11
12	switch ($page['sub_section'])
13	{
14	// +-----------------------------------------------------------------------+
15	// \| Collections list \|
16	// +-----------------------------------------------------------------------+
17	case 'list':
18	{
19	if (is_a_guest())
20	{
21	access_denied();
22	}
23
24	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collections_list.tpl'));
25
26	// actions
27	if (isset($_GET['action']) and preg_match('#^([0-9]+)$#', $_GET['col_id']))
28	{
29	switch ($_GET['action'])
30	{
31	## new collection ##
32	case 'new':
33	{
34	if (empty($_GET['name']))
35	{
36	$page['errors'][] = l10n('Please give a name');
37	}
38	else
39	{
40	$collection = new UserCollection('new', $_GET['name']);
41
42	if (isset($_GET['redirect']))
43	{
44	$redirect = USER_COLLEC_PUBLIC . 'edit/' . $collection->getParam('id');
45	}
46	else
47	{
48	$redirect = USER_COLLEC_PUBLIC;
49	}
50	redirect($redirect);
51	}
52	break;
53	}
54
55	## delete collection ##
56	case 'delete':
57	{
58	try {
59	$collection = new UserCollection($_GET['col_id']);
60	$collection->delete();
61	redirect(USER_COLLEC_PUBLIC);
62	}
63	catch (Exception $e)
64	{
65	$page['errors'][] = $e->getMessage();
66	}
67	break;
68	}
69	}
70	}
71
72	$template->assign('U_CREATE',
73	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'new','col_id'=>'0'))
74	);
75
76	$template->set_prefilter('index_category_thumbnails', 'user_collections_categories_list');
77
78	include(USER_COLLEC_PATH . '/include/display_collections.inc.php');
79
80	break;
81	}
82
83	// +-----------------------------------------------------------------------+
84	// \| Edit collection \|
85	// +-----------------------------------------------------------------------+
86	case 'edit':
87	{
88	// security
89	if (empty($page['col_id']))
90	{
91	$_SESSION['page_errors'][] = l10n('Invalid collection');
92	redirect(USER_COLLEC_PUBLIC);
93	}
94
95	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_edit.tpl'));
96
97	$self_url = USER_COLLEC_PUBLIC . 'edit/' . $page['col_id'];
98
99	$template->assign(array(
100	'F_ACTION' => $self_url,
101	'U_LIST' => USER_COLLEC_PUBLIC,
102	'UC_IN_EDIT' => true,
103	));
104
105	try {
106	$collection = new UserCollection($page['col_id']);
107	$collection->checkUser();
108
109	// save properties
110	if (isset($_POST['save_col']))
111	{
112	if (empty($_POST['name']))
113	{
114	$page['errors'][] = l10n('Please give a name');
115	}
116	else
117	{
118	$collection->updateParam('name', stripslashes($_POST['name']));
119	}
120	$collection->updateParam('comment', stripslashes(@$_POST['comment']));
121	}
122
123	// add key
124	if ($conf['user_collections']['allow_public'])
125	{
126	if (isset($_POST['add_share']))
127	{
128	$share = array(
129	'share_key' => trim($_POST['share_key']),
130	'password' => isset($_POST['use_share_password']) ? trim($_POST['share_password']) : '',
131	'deadline' => isset($_POST['use_share_deadline']) ? trim($_POST['share_deadline']) : '',
132	);
133
134	if (!verify_ephemeral_key(@$_POST['key']))
135	{
136	$result = array(l10n('Invalid key'));
137	}
138	else
139	{
140	$result = $collection->addShare($share);
141	}
142	if (is_array($result))
143	{
144	$share['errors'] = $result;
145	}
146	else
147	{
148	$share = array();
149	$share['infos'][] = l10n('New share added: <a href="%s">%s</a>', $result, $result);
150	}
151	$share['open'] = true;
152	}
153	else if (isset($_GET['delete_share']))
154	{
155	if ($collection->deleteShare($_GET['delete_share']))
156	{
157	$share['infos'][] = l10n('Share deleted');
158	}
159	$share['open'] = true;
160	}
161
162	if (!isset($share['share_key']))
163	{
164	$share['share_key'] = get_random_key(16);
165	$share['password'] = null;
166	$share['deadline'] = null;
167	}
168
169	$template->assign('share', $share);
170	}
171
172	// send mail
173	if ($conf['user_collections']['allow_mails'] && $conf['user_collections']['allow_public'])
174	{
175	if (isset($_POST['send_mail']))
176	{
177	$contact = array(
178	'sender_email' => trim($_POST['sender_email']),
179	'sender_name' => trim($_POST['sender_name']),
180	'recipient_email' => trim($_POST['recipient_email']),
181	'recipient_name' => trim($_POST['recipient_name']),
182	'nb_images' => $_POST['nb_images'],
183	'message' => $_POST['message'],
184	);
185
186	if (!verify_ephemeral_key(@$_POST['key']))
187	{
188	$result = array(l10n('Invalid key'));
189	}
190	else
191	{
192	$result = $collection->sendEmail($contact);
193	}
194	if (is_array($result))
195	{
196	$contact['errors'] = $result;
197	$contact['open'] = true;
198	}
199	else
200	{
201	$contact = array();
202	$page['infos'] = l10n('E-mail sent successfully');
203	}
204	}
205
206	if (!isset($contact['sender_email']))
207	{
208	$contact['sender_name'] = $user['username'];
209	$contact['sender_email'] = $user['email'];
210	$contact['recipient_name'] = null;
211	$contact['recipient_email'] = null;
212	$contact['nb_images'] = 4;
213	$contact['message'] = null;
214	}
215
216	$template->assign('contact', $contact);
217	}
218
219	// clear
220	if (isset($_GET['action']) && $_GET['action'] == 'clear')
221	{
222	$collection->clearImages();
223	}
224
225
226	// add remove item links
227	$template->set_prefilter('index_thumbnails', 'user_collections_thumbnails_list_button');
228	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
229
230	// thumbnails
231	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
232
233
234	// collection properties
235	$infos = $collection->getCollectionInfo();
236	$infos['DATE_CREATION'] = format_date($infos['DATE_CREATION'], true);
237	$infos['SHARES'] = $collection->getShares();
238	$template->assign('collection', $infos);
239
240
241	// toolbar buttons
242	if (!empty($page['items']))
243	{
244	if ($conf['user_collections']['allow_public'])
245	{
246	user_collections_add_button('share', 'U_SHARE',
247	USER_COLLEC_PUBLIC . 'view/' . $page['col_id'] .'-'
248	);
249
250	if ($conf['user_collections']['allow_mails'])
251	{
252	user_collections_add_button('mail', 'U_MAIL', true);
253	}
254	}
255
256	user_collections_add_button('clear', 'U_CLEAR',
257	add_url_params($self_url, array('action'=>'clear'))
258	);
259	}
260
261	user_collections_add_button('delete', 'U_DELETE',
262	add_url_params(USER_COLLEC_PUBLIC, array('action'=>'delete','col_id'=>$page['col_id']))
263	);
264
265	$template->assign('UC_TKEY', get_ephemeral_key(3));
266
267	// modify page title
268	$template->concat('TITLE',
269	$conf['level_separator'] . trigger_event('render_category_name', $infos['NAME'])
270	);
271
272	// render description
273	$template->assign('CONTENT_DESCRIPTION',
274	trigger_event('render_category_description', nl2br($infos['COMMENT']))
275	);
276	}
277	catch (Exception $e)
278	{
279	$page['errors'][] = $e->getMessage();
280	}
281
282	break;
283	}
284
285	// +-----------------------------------------------------------------------+
286	// \| View collection \|
287	// +-----------------------------------------------------------------------+
288	case 'view':
289	{
290	$page['col_key'] = $page['col_id'];
291
292	if (!$conf['user_collections']['allow_public'])
293	{
294	page_forbidden('');
295	}
296	if (empty($page['col_key']))
297	{
298	bad_request('');
299	}
300
301	$query = '
302	SELECT col_id, params
303	FROM '.COLLECTION_SHARES_TABLE.'
304	WHERE share_key = "'.$page['col_key'].'"
305	;';
306	$result = pwg_query($query);
307
308	if (!pwg_db_num_rows($result))
309	{
310	page_not_found(l10n('Collection not found'));
311	}
312
313	list($page['col_id'], $share_params) = pwg_db_fetch_row($result);
314	$share_params = unserialize($share_params);
315
316	// deadline check
317	if (!empty($share_params['deadline']) && strtotime($share_params['deadline'])<time())
318	{
319	page_not_found(l10n('This link expired'));
320	}
321
322	$self_url = USER_COLLEC_PUBLIC . 'view/' . $page['col_key'];
323
324	$template->set_filename('uc_page', realpath(USER_COLLEC_PATH.'template/collection_view.tpl'));
325
326	try {
327	$collection = new UserCollection($page['col_id']);
328	$col = $collection->getCollectionInfo();
329
330	$mode = 'view';
331
332	// password check
333	if (!empty($share_params['password']))
334	{
335	if (isset($_POST['uc_password']))
336	{
337	$hash = sha1($conf['secret_key'].$_POST['uc_password'].$page['col_key']);
338	if ($hash == $share_params['password'])
339	{
340	pwg_set_session_var('uc_key_'.$page['col_key'], get_ephemeral_key(0, $share_params['password']));
341	}
342	else
343	{
344	$page['errors'][] = l10n('Invalid password!');
345	$mode = 'password';
346	}
347	}
348	else if (($var = pwg_get_session_var('uc_key_'.$page['col_key'])) !== null)
349	{
350	if (!verify_ephemeral_key($var, $share_params['password']))
351	{
352	pwg_unset_session_var('uc_key_'.$page['col_key']);
353	$mode = 'password';
354	}
355	}
356	else
357	{
358	$mode = 'password';
359	}
360	}
361
362	if ($mode == 'view')
363	{
364	$template->set_prefilter('index_thumbnails', 'user_collections_add_colorbox');
365
366	// thumbnails
367	include(USER_COLLEC_PATH . '/include/display_thumbnails.inc.php');
368
369	// render description
370	$template->assign('CONTENT_DESCRIPTION',
371	trigger_event('render_category_description', nl2br($col['COMMENT']))
372	);
373	}
374
375	// add username in title
376	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
377
378	$template->concat('TITLE',
379	$conf['level_separator'] . trigger_event('render_category_name', $col['NAME']) .
380	' (' . l10n('by %s', get_username($collection->getParam('user_id'))) . ')'
381	);
382
383	$template->assign('UC_MODE', $mode);
384	}
385	catch (Exception $e)
386	{
387	access_denied();
388	}
389
390	break;
391	}
392	}
393
394	$template->assign_var_from_handle('CONTENT', 'uc_page');
395
396
397	// modification on mainpage_categories.tpl
398	function user_collections_categories_list($content, &$samrty)
399	{
400	$search = '<div class="thumbnailCategory">';
401	$replace = '<div class="thumbnailCategory">
402	<div class="collectionActions">
403	<a href="{$cat.URL}" rel="nofollow">{"Edit"\|@translate}</a>
404	\| <a href="{$cat.U_DELETE}" onClick="return confirm(\'{"Are you sure?"\|@translate}\');" rel="nofollow">{"Delete"\|@translate}</a>
405	</div>';
406
407	return str_replace($search, $replace, $content);
408	}
409
410	// colorbox
411	function user_collections_add_colorbox($content)
412	{
413	$search = '<a href="{$thumbnail.URL}"';
414	$replace = $search.' class="preview-box" data-src="{$thumbnail.FILE_SRC}" data-id="{$thumbnail.id}"';
415
416	return str_replace($search, $replace, $content);
417	}
418
419	// add special buttons
420	function user_collections_add_button($tpl_file, $tpl_var, $value)
421	{
422	global $template;
423
424	$template->assign($tpl_var, $value);
425	$template->set_filename('uc_button_'.$tpl_file, realpath(USER_COLLEC_PATH.'template/buttons/'. $tpl_file .'.tpl'));
426	$template->add_index_button($template->parse('uc_button_'.$tpl_file, true));
427	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: