[20090] | 1 | <?php |
---|
| 2 | defined('USER_COLLEC_PATH') or die('Hacking attempt!'); |
---|
| 3 | |
---|
| 4 | function user_collections_ws_add_methods($arr) |
---|
| 5 | { |
---|
| 6 | $service = &$arr[0]; |
---|
| 7 | global $conf; |
---|
| 8 | |
---|
| 9 | $service->addMethod( |
---|
| 10 | 'pwg.collections.create', |
---|
| 11 | 'ws_collections_create', |
---|
| 12 | array( |
---|
| 13 | 'name' => array(), |
---|
[23361] | 14 | 'user_id' => array('default' => null, 'info'=>'Admin parameter, default is current user'), |
---|
[20090] | 15 | 'active' => array('default' => 0), |
---|
| 16 | 'public' => array('default' => 0), |
---|
| 17 | ), |
---|
[23361] | 18 | 'Create a new User Collection.' |
---|
[20090] | 19 | ); |
---|
| 20 | |
---|
| 21 | $service->addMethod( |
---|
| 22 | 'pwg.collections.delete', |
---|
| 23 | 'ws_collections_delete', |
---|
| 24 | array( |
---|
[23361] | 25 | 'col_id' => array('info'=>'The current user must be admin or owner of the collection'), |
---|
[20090] | 26 | ), |
---|
[23361] | 27 | 'Delete a User Collection.' |
---|
[20090] | 28 | ); |
---|
| 29 | |
---|
| 30 | $service->addMethod( |
---|
| 31 | 'pwg.collections.getList', |
---|
| 32 | 'ws_collections_getList', |
---|
| 33 | array( |
---|
| 34 | 'col_id' => array('default' => null), |
---|
[23361] | 35 | 'user_id' => array('default' => null, 'info'=>'Admin parameter, default is current user'), |
---|
[20090] | 36 | 'name' => array('default' => null), |
---|
| 37 | 'public' => array('default' => null), |
---|
| 38 | 'active' => array('default' => null), |
---|
| 39 | ), |
---|
| 40 | 'Retrive a list of collections.' |
---|
| 41 | ); |
---|
| 42 | |
---|
| 43 | $service->addMethod( |
---|
| 44 | 'pwg.collections.addImages', |
---|
| 45 | 'ws_collections_addImages', |
---|
| 46 | array( |
---|
[23361] | 47 | 'col_id' => array('info'=>'The current user must be admin or owner of the collection'), |
---|
[20090] | 48 | 'image_ids' => array('flags'=>WS_PARAM_FORCE_ARRAY), |
---|
| 49 | ), |
---|
[23361] | 50 | 'Add images to a collection.' |
---|
[20090] | 51 | ); |
---|
| 52 | |
---|
| 53 | $service->addMethod( |
---|
| 54 | 'pwg.collections.removeImages', |
---|
| 55 | 'ws_collections_removeImages', |
---|
| 56 | array( |
---|
[23361] | 57 | 'col_id' => array('info'=>'The current user must be admin or owner of the collection'), |
---|
[20090] | 58 | 'image_ids' => array('flags'=>WS_PARAM_FORCE_ARRAY), |
---|
| 59 | ), |
---|
[23361] | 60 | 'Remove images from a collection.' |
---|
[20090] | 61 | ); |
---|
| 62 | |
---|
| 63 | $service->addMethod( |
---|
| 64 | 'pwg.collections.getImages', |
---|
| 65 | 'ws_collections_getImages', |
---|
| 66 | array( |
---|
| 67 | 'col_id' => array(), |
---|
| 68 | 'per_page' => array('default'=>100, 'maxValue'=>$conf['ws_max_images_per_page']), |
---|
| 69 | 'page' => array('default'=>0), |
---|
| 70 | 'order' => array('default'=>null), |
---|
| 71 | ), |
---|
| 72 | 'Returns elements for the corresponding collection.' |
---|
| 73 | ); |
---|
| 74 | |
---|
| 75 | $service->addMethod( |
---|
| 76 | 'pwg.collections.getSerialized', |
---|
| 77 | 'ws_collections_getSerialized', |
---|
| 78 | array( |
---|
| 79 | 'col_id' => array(), |
---|
[23361] | 80 | 'content' => array( |
---|
| 81 | 'default'=>array('id','name','url','path'), |
---|
| 82 | 'flags'=>WS_PARAM_FORCE_ARRAY, |
---|
| 83 | 'info'=>'Available options are: id, file, name, url, path' |
---|
| 84 | ), |
---|
[20090] | 85 | ), |
---|
[23361] | 86 | 'Returns a serialized version of the collection in CSV.<br>The return type is plain/text whatever you select as response format.' |
---|
[20090] | 87 | ); |
---|
| 88 | } |
---|
| 89 | |
---|
| 90 | /** |
---|
| 91 | * create a new collection |
---|
| 92 | */ |
---|
| 93 | function ws_collections_create($params, &$service) |
---|
| 94 | { |
---|
| 95 | global $conf, $user; |
---|
| 96 | |
---|
| 97 | // check status |
---|
| 98 | if (is_a_guest()) |
---|
| 99 | { |
---|
| 100 | return new PwgError(403, 'Forbidden'); |
---|
| 101 | } |
---|
| 102 | |
---|
| 103 | // check name |
---|
| 104 | if (empty($params['name'])) |
---|
| 105 | { |
---|
| 106 | return new PwgError(WS_ERR_MISSING_PARAM, 'Empty collection name'); |
---|
| 107 | } |
---|
| 108 | |
---|
| 109 | // check user id |
---|
| 110 | if (!empty($params['user_id'])) |
---|
| 111 | { |
---|
| 112 | if (!is_admin() and $params['user_id'] != $user['id']) |
---|
| 113 | { |
---|
| 114 | return new PwgError(403, 'Forbidden'); |
---|
| 115 | } |
---|
| 116 | include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php'); |
---|
| 117 | if (get_username($params['user_id']) === false) |
---|
| 118 | { |
---|
| 119 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid user id'); |
---|
| 120 | } |
---|
| 121 | } |
---|
| 122 | else |
---|
| 123 | { |
---|
| 124 | $params['user_id'] = $user['id']; |
---|
| 125 | } |
---|
| 126 | |
---|
| 127 | // check public |
---|
| 128 | if ($params['public'] != 0 and $params['public'] != 1) |
---|
| 129 | { |
---|
| 130 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid "public" value, 0 or 1.'); |
---|
| 131 | } |
---|
| 132 | if (!$conf['user_collections']['allow_public']) |
---|
| 133 | { |
---|
| 134 | $params['public'] = 0; |
---|
| 135 | } |
---|
| 136 | |
---|
| 137 | // check active |
---|
| 138 | if ($params['active'] != 0 and $params['active'] != 1) |
---|
| 139 | { |
---|
| 140 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid "active" value, 0 or 1.'); |
---|
| 141 | } |
---|
| 142 | |
---|
| 143 | $UserCollection = new UserCollection('new', array(), $params['name'], $params['active'], $params['public'], $params['user_id']); |
---|
| 144 | |
---|
| 145 | $infos = array_change_key_case($UserCollection->getCollectionInfo(), CASE_LOWER); |
---|
| 146 | |
---|
| 147 | return $infos; |
---|
| 148 | } |
---|
| 149 | |
---|
| 150 | /** |
---|
| 151 | * delete a collection |
---|
| 152 | */ |
---|
| 153 | function ws_collections_delete($params, &$service) |
---|
| 154 | { |
---|
| 155 | global $user; |
---|
| 156 | |
---|
| 157 | // check status |
---|
| 158 | if (is_a_guest()) |
---|
| 159 | { |
---|
| 160 | return new PwgError(403, 'Forbidden'); |
---|
| 161 | } |
---|
| 162 | |
---|
| 163 | // check collection id |
---|
| 164 | if (!preg_match('#^[0-9]+$#', $params['col_id'])) |
---|
| 165 | { |
---|
| 166 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 167 | } |
---|
| 168 | |
---|
| 169 | $query = ' |
---|
| 170 | SELECT user_id |
---|
| 171 | FROM '.COLLECTIONS_TABLE.' |
---|
| 172 | WHERE id = '.$params['col_id'].' |
---|
| 173 | ;'; |
---|
| 174 | $result = pwg_query($query); |
---|
| 175 | |
---|
| 176 | if (!pwg_db_num_rows($result)) |
---|
| 177 | { |
---|
| 178 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 179 | } |
---|
| 180 | else |
---|
| 181 | { |
---|
| 182 | // check owner |
---|
| 183 | list($user_id) = pwg_db_fetch_row($result); |
---|
| 184 | |
---|
| 185 | if (!is_admin() and $user_id != $user['id']) |
---|
| 186 | { |
---|
| 187 | return new PwgError(403, 'Forbidden'); |
---|
| 188 | } |
---|
| 189 | |
---|
| 190 | // delete |
---|
| 191 | $query = ' |
---|
| 192 | DELETE ci, c |
---|
| 193 | FROM '.COLLECTION_IMAGES_TABLE.' AS ci |
---|
| 194 | RIGHT JOIN '.COLLECTIONS_TABLE.' AS c |
---|
| 195 | ON ci.col_id = c.id |
---|
| 196 | WHERE |
---|
| 197 | c.user_id = '.$user_id.' |
---|
| 198 | AND c.id = '.$params['col_id'].' |
---|
| 199 | ;'; |
---|
| 200 | pwg_query($query); |
---|
| 201 | } |
---|
| 202 | } |
---|
| 203 | |
---|
| 204 | /** |
---|
| 205 | * get a list of collections |
---|
| 206 | */ |
---|
| 207 | function ws_collections_getList($params, &$service) |
---|
| 208 | { |
---|
| 209 | global $user, $conf; |
---|
| 210 | |
---|
| 211 | // check status |
---|
| 212 | if (is_a_guest()) |
---|
| 213 | { |
---|
| 214 | return new PwgError(403, 'Forbidden'); |
---|
| 215 | } |
---|
| 216 | |
---|
| 217 | // check user_id |
---|
| 218 | if (!empty($params['user_id'])) |
---|
| 219 | { |
---|
| 220 | if (!is_admin() and $params['user_id'] != $user['id']) |
---|
| 221 | { |
---|
| 222 | return new PwgError(403, 'Forbidden'); |
---|
| 223 | } |
---|
| 224 | include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php'); |
---|
| 225 | if (get_username($params['user_id']) === false) |
---|
| 226 | { |
---|
| 227 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid user id'); |
---|
| 228 | } |
---|
| 229 | } |
---|
| 230 | else if (!is_admin()) |
---|
| 231 | { |
---|
| 232 | $params['user_id'] = $user['id']; |
---|
| 233 | } |
---|
| 234 | |
---|
| 235 | // check collection id |
---|
| 236 | if ( !empty($params['col_id']) and !preg_match('#^[0-9]+$#', $params['col_id']) ) |
---|
| 237 | { |
---|
| 238 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 239 | } |
---|
| 240 | |
---|
| 241 | // check public |
---|
| 242 | if ( !empty($params['public']) and $params['public'] != 0 and $params['public'] != 1 ) |
---|
| 243 | { |
---|
| 244 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid "public" value, 0 or 1.'); |
---|
| 245 | } |
---|
| 246 | |
---|
| 247 | // check active |
---|
| 248 | if ( !empty($params['active']) and $params['active'] != 0 and $params['active'] != 1 ) |
---|
| 249 | { |
---|
| 250 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid "active" value, 0 or 1.'); |
---|
| 251 | } |
---|
| 252 | |
---|
| 253 | // search |
---|
| 254 | $where_clauses = array('1=1'); |
---|
| 255 | if (!empty($params['col_id'])) |
---|
| 256 | { |
---|
| 257 | $where_clauses[] = 'c.id = '.$params['col_id']; |
---|
| 258 | } |
---|
| 259 | if (!empty($params['user_id'])) |
---|
| 260 | { |
---|
| 261 | $where_clauses[] = 'user_id = '.$params['user_id']; |
---|
| 262 | } |
---|
| 263 | if (!empty($params['public'])) |
---|
| 264 | { |
---|
| 265 | $where_clauses[] = 'public = '.$params['public']; |
---|
| 266 | } |
---|
| 267 | if (!empty($params['active'])) |
---|
| 268 | { |
---|
| 269 | $where_clauses[] = 'active = '.$params['active']; |
---|
| 270 | } |
---|
| 271 | if (!empty($params['name'])) |
---|
| 272 | { |
---|
| 273 | $where_clauses[] = 'name LIKE("%'.pwg_db_real_escape_string($params['name']).'%")'; |
---|
| 274 | } |
---|
| 275 | |
---|
| 276 | $query = ' |
---|
| 277 | SELECT |
---|
| 278 | c.*, |
---|
| 279 | u.'.$conf['user_fields']['username'].' AS username |
---|
| 280 | FROM '.COLLECTIONS_TABLE.' AS c |
---|
| 281 | INNER JOIN '.USERS_TABLE.' AS u |
---|
| 282 | ON c.user_id = u.'.$conf['user_fields']['id'].' |
---|
| 283 | WHERE |
---|
| 284 | '.implode("\n AND ", $where_clauses).' |
---|
| 285 | ORDER BY username ASC, name ASC |
---|
| 286 | ;'; |
---|
| 287 | $sets = hash_from_query($query, 'id'); |
---|
| 288 | |
---|
| 289 | $ret = array(); |
---|
| 290 | foreach ($sets as $row) |
---|
| 291 | { |
---|
| 292 | $ret[] = array( |
---|
| 293 | 'id' => $row['id'], |
---|
| 294 | 'name' => $row['name'], |
---|
| 295 | 'nb_images' => $row['nb_images'], |
---|
| 296 | 'active' => (bool)$row['active'], |
---|
| 297 | 'public' => (bool)$row['public'], |
---|
| 298 | 'date_creation' => $row['date_creation'], |
---|
| 299 | 'is_temp' => $row['name'] == 'temp', |
---|
| 300 | 'u_public' => USER_COLLEC_PUBLIC . 'view/'.$row['public_id'], |
---|
| 301 | 'user_id' => $row['user_id'], |
---|
| 302 | 'username' => $row['username'], |
---|
| 303 | ); |
---|
| 304 | } |
---|
| 305 | |
---|
| 306 | return $ret; |
---|
| 307 | } |
---|
| 308 | |
---|
| 309 | /** |
---|
| 310 | * add images to a collection |
---|
| 311 | */ |
---|
| 312 | function ws_collections_addImages($params, &$service) |
---|
| 313 | { |
---|
| 314 | global $conf, $user; |
---|
| 315 | |
---|
| 316 | // check status |
---|
| 317 | if (is_a_guest()) |
---|
| 318 | { |
---|
| 319 | return new PwgError(403, 'Forbidden'); |
---|
| 320 | } |
---|
| 321 | |
---|
| 322 | // check collection id |
---|
| 323 | if (!preg_match('#^[0-9]+$#', $params['col_id'])) |
---|
| 324 | { |
---|
| 325 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 326 | } |
---|
| 327 | |
---|
| 328 | try { |
---|
| 329 | $UserCollection = new UserCollection($params['col_id']); |
---|
| 330 | |
---|
| 331 | $UserCollection->addImages($params['image_ids']); |
---|
| 332 | |
---|
| 333 | return array('nb_images' => $UserCollection->getParam('nb_images')); |
---|
| 334 | } |
---|
| 335 | catch (Exception $e) |
---|
| 336 | { |
---|
| 337 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 338 | } |
---|
| 339 | } |
---|
| 340 | |
---|
| 341 | /** |
---|
| 342 | * remove images from a collection |
---|
| 343 | */ |
---|
| 344 | function ws_collections_removeImages($params, &$service) |
---|
| 345 | { |
---|
| 346 | global $conf, $user; |
---|
| 347 | |
---|
| 348 | // check status |
---|
| 349 | if (is_a_guest()) |
---|
| 350 | { |
---|
| 351 | return new PwgError(403, 'Forbidden'); |
---|
| 352 | } |
---|
| 353 | |
---|
| 354 | // check collection id |
---|
| 355 | if (!preg_match('#^[0-9]+$#', $params['col_id'])) |
---|
| 356 | { |
---|
| 357 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 358 | } |
---|
| 359 | |
---|
| 360 | try { |
---|
| 361 | $UserCollection = new UserCollection($params['col_id']); |
---|
| 362 | |
---|
| 363 | $UserCollection->removeImages($params['image_ids']); |
---|
| 364 | |
---|
| 365 | return array('nb_images' => $UserCollection->getParam('nb_images')); |
---|
| 366 | } |
---|
| 367 | catch (Exception $e) |
---|
| 368 | { |
---|
| 369 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 370 | } |
---|
| 371 | } |
---|
| 372 | |
---|
| 373 | /** |
---|
| 374 | * get images from a collection |
---|
| 375 | */ |
---|
| 376 | function ws_collections_getImages($params, &$service) |
---|
| 377 | { |
---|
| 378 | global $conf, $user; |
---|
| 379 | |
---|
| 380 | // check status |
---|
| 381 | if (is_a_guest()) |
---|
| 382 | { |
---|
| 383 | return new PwgError(403, 'Forbidden'); |
---|
| 384 | } |
---|
| 385 | |
---|
| 386 | // check collection id |
---|
| 387 | if (!preg_match('#^[0-9]+$#', $params['col_id'])) |
---|
| 388 | { |
---|
| 389 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 390 | } |
---|
| 391 | |
---|
| 392 | try { |
---|
| 393 | $UserCollection = new UserCollection($params['col_id']); |
---|
| 394 | |
---|
| 395 | $image_ids = $UserCollection->getImages(); |
---|
| 396 | $images = array(); |
---|
| 397 | |
---|
| 398 | if (!empty($image_ids)) |
---|
| 399 | { |
---|
| 400 | $where_clauses = array(); |
---|
| 401 | $where_clauses[] = 'i.id IN ('.implode(',', $image_ids ).')'; |
---|
| 402 | $where_clauses[] = get_sql_condition_FandF( array( |
---|
| 403 | 'visible_images' => 'i.id' |
---|
| 404 | ), null, true |
---|
| 405 | ); |
---|
| 406 | |
---|
| 407 | $order_by = ws_std_image_sql_order($params, 'i.'); |
---|
| 408 | $order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by; |
---|
| 409 | |
---|
| 410 | $query = ' |
---|
| 411 | SELECT i.* |
---|
| 412 | FROM '.IMAGES_TABLE.' i |
---|
| 413 | WHERE |
---|
| 414 | '. implode("\n AND ", $where_clauses).' |
---|
| 415 | GROUP BY i.id |
---|
| 416 | '.$order_by.' |
---|
| 417 | LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']); |
---|
| 418 | |
---|
| 419 | $result = pwg_query($query); |
---|
| 420 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 421 | { |
---|
| 422 | $image = array(); |
---|
| 423 | foreach (array('id', 'width', 'height', 'hit') as $k) |
---|
| 424 | { |
---|
| 425 | if (isset($row[$k])) |
---|
| 426 | { |
---|
| 427 | $image[$k] = (int)$row[$k]; |
---|
| 428 | } |
---|
| 429 | } |
---|
| 430 | foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k) |
---|
| 431 | { |
---|
| 432 | $image[$k] = $row[$k]; |
---|
| 433 | } |
---|
| 434 | $image = array_merge($image, ws_std_get_urls($row)); |
---|
| 435 | |
---|
| 436 | array_push($images, $image); |
---|
| 437 | } |
---|
| 438 | } |
---|
| 439 | |
---|
| 440 | return array('images' => array( |
---|
| 441 | WS_XML_ATTRIBUTES => array( |
---|
| 442 | 'page' => $params['page'], |
---|
| 443 | 'per_page' => $params['per_page'], |
---|
| 444 | 'count' => count($images) |
---|
| 445 | ), |
---|
| 446 | WS_XML_CONTENT => new PwgNamedArray( |
---|
| 447 | $images, |
---|
| 448 | 'image', |
---|
| 449 | ws_std_get_image_xml_attributes() |
---|
| 450 | ), |
---|
| 451 | )); |
---|
| 452 | } |
---|
| 453 | catch (Exception $e) |
---|
| 454 | { |
---|
| 455 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 456 | } |
---|
| 457 | } |
---|
| 458 | |
---|
| 459 | /** |
---|
| 460 | * get serialised collection |
---|
| 461 | */ |
---|
| 462 | function ws_collections_getSerialized($params, &$service) |
---|
| 463 | { |
---|
| 464 | global $conf, $user; |
---|
| 465 | |
---|
| 466 | // check status |
---|
| 467 | if (is_a_guest()) |
---|
| 468 | { |
---|
| 469 | return new PwgError(403, 'Forbidden'); |
---|
| 470 | } |
---|
| 471 | |
---|
| 472 | // check collection id |
---|
| 473 | if (!preg_match('#^[0-9]+$#', $params['col_id'])) |
---|
| 474 | { |
---|
| 475 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 476 | } |
---|
| 477 | |
---|
| 478 | try { |
---|
| 479 | $UserCollection = new UserCollection($params['col_id']); |
---|
| 480 | |
---|
| 481 | // change encoder to plain text |
---|
| 482 | include_once(USER_COLLEC_PATH.'include/plain_encoder.php'); |
---|
| 483 | $encoder = new PwgPlainEncoder(); |
---|
| 484 | $service->setEncoder('plain', $encoder); |
---|
| 485 | |
---|
| 486 | return $UserCollection->serialize($params['content']); |
---|
| 487 | } |
---|
| 488 | catch (Exception $e) |
---|
| 489 | { |
---|
| 490 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid collection id'); |
---|
| 491 | } |
---|
| 492 | } |
---|
| 493 | ?> |
---|