source: extensions/community/add_photos.php @ 21281

Last change on this file since 21281 was 16637, checked in by plg, 12 years ago

Compatibility with Piwigo 2.4

Better "zoom" feature on gallery side and admin side

Bug fixed: the "Upload Photos" link in menubar is hidden when Advanced Menu Manager is activated.
File size: 10.5 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
25
26global $template, $conf, $user;
27
28include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
29include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
30include_once(COMMUNITY_PATH.'include/functions_community.inc.php');
31
32define('PHOTOS_ADD_BASE_URL', make_index_url(array('section' => 'add_photos')));
33
34$user_permissions = community_get_user_permissions($user['id']);
35
36if (count($user_permissions['upload_categories']) == 0 and !$user_permissions ['create_whole_gallery'])
37{
38  redirect(make_index_url());
39}
40
41// +-----------------------------------------------------------------------+
42// |                             process form                              |
43// +-----------------------------------------------------------------------+
44
45$page['errors'] = array();
46$page['infos'] = array();
47
48// this is for "browser uploader", for Flash Uploader the problem is solved
49// with function community_uploadify_privacy_level (see main.inc.php)
50$_POST['level'] = 16;
51
52if (isset($_GET['processed']))
53{
54  $hacking_attempt = false;
55 
56  // is the user authorized to upload in this album?
57  if (!in_array($_POST['category'], $user_permissions['upload_categories']))
58  {
59    echo 'Hacking attempt, you have no permission to upload in this album';
60    $hacking_attempt = true;
61  }
62
63  if ($hacking_attempt)
64  {
65    if (isset($_SESSION['uploads'][ $_POST['upload_id'] ]))
66    {
67      delete_elements($_SESSION['uploads'][ $_POST['upload_id'] ], true);
68    }
69    exit();
70  }
71}
72
73include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_process.inc.php');
74
75if (isset($image_ids) and count($image_ids) > 0)
76{
77  // reinitialize the informations to display on the result page
78  $page['infos'] = array();
79
80  if (isset($_POST['set_photo_properties']))
81  {
82    $data = array();
83   
84    $data['name'] = $_POST['name'];
85    $data['author'] = $_POST['author'];
86   
87    if ($conf['allow_html_descriptions'])
88    {
89      $data['comment'] = @$_POST['description'];
90    }
91    else
92    {
93      $data['comment'] = strip_tags(@$_POST['description']);
94    }
95
96    $updates = array();
97    foreach ($image_ids as $image_id)
98    {
99      $update = $data;
100      $update['id'] = $image_id;
101
102      array_push($updates, $update);
103    }
104
105    mass_updates(
106      IMAGES_TABLE,
107      array(
108        'primary' => array('id'),
109        'update' => array_diff(array_keys($updates[0]), array('id'))
110        ),
111      $updates
112      );
113  }
114 
115  // $category_id is set in the photos_add_direct_process.inc.php included script
116  $category_infos = get_cat_info($category_id);
117  $category_name = get_cat_display_name($category_infos['upper_names']);
118
119  array_push(
120    $page['infos'],
121    sprintf(
122      l10n('%d photos uploaded into album "%s"'),
123      count($page['thumbnails']),
124      '<em>'.$category_name.'</em>'
125      )
126    );
127
128  // should the photos be moderated?
129  //
130  // if one of the user community permissions is not moderated on the path
131  // to gallery root, then the upload is not moderated. For example, if the
132  // user is allowed to upload to events/parties with no admin moderation,
133  // then he's not moderated when uploading in
134  // events/parties/happyNewYear2011
135  $moderate = true;
136  if (is_admin())
137  {
138    $moderate = false;
139  }
140  else
141  { 
142    $query = '
143SELECT
144    cp.category_id,
145    c.uppercats
146  FROM '.COMMUNITY_PERMISSIONS_TABLE.' AS cp
147    LEFT JOIN '.CATEGORIES_TABLE.' AS c ON category_id = c.id
148  WHERE cp.id IN ('.implode(',', $user_permissions['permission_ids']).')
149    AND cp.moderated = \'false\'
150;';
151    $result = pwg_query($query);
152    while ($row = pwg_db_fetch_assoc($result))
153    {
154      if (empty($row['category_id']))
155      {
156        $moderate = false;
157      }
158      elseif (preg_match('/^'.$row['uppercats'].'(,|$)/', $category_infos['uppercats']))
159      {
160        $moderate = false;
161      }
162    }
163  }
164 
165  if ($moderate)
166  {
167    $inserts = array();
168
169    $query = '
170SELECT
171    id,
172    date_available
173  FROM '.IMAGES_TABLE.'
174  WHERE id IN ('.implode(',', $image_ids).')
175;';
176    $result = pwg_query($query);
177    while ($row = pwg_db_fetch_assoc($result))
178    {
179      array_push(
180        $inserts,
181        array(
182          'image_id' => $row['id'],
183          'added_on' => $row['date_available'],
184          'state' => 'moderation_pending',
185          )
186        );
187    }
188   
189    mass_inserts(
190      COMMUNITY_PENDINGS_TABLE,
191      array_keys($inserts[0]),
192      $inserts
193      );
194
195    // find the url to the medium size
196    $page['thumbnails'] = array();
197
198    $query = '
199SELECT *
200  FROM '.IMAGES_TABLE.'
201  WHERE id IN ('.implode(',', $image_ids).')
202;';
203    $result = pwg_query($query);
204    while ($row = pwg_db_fetch_assoc($result))
205    {
206      $src_image = new SrcImage($row);
207
208      $page['thumbnails'][] = array(
209        'file' => $row['file'],
210        'src' => DerivativeImage::url(IMG_THUMB, $src_image),
211        'title' => $row['name'],
212        'link' => $image_url = DerivativeImage::url(IMG_MEDIUM, $src_image),
213        'lightbox' => true,
214        );
215    }
216
217    array_push(
218      $page['infos'],
219      l10n('Your photos are waiting for validation, administrators have been notified')
220      );
221  }
222  else
223  {
224    // the level of a user upload photo with no moderation is 0
225    $query = '
226UPDATE '.IMAGES_TABLE.'
227  SET level = 0
228  WHERE id IN ('.implode(',', $image_ids).')
229;';
230    pwg_query($query);
231
232    // the link on thumbnail must go to picture.php
233    foreach ($page['thumbnails'] as $idx => $thumbnail)
234    {
235      if (preg_match('/image_id=(\d+)/', $thumbnail['link'], $matches))
236      {
237        $page['thumbnails'][$idx]['link'] = make_picture_url(
238          array(
239            'image_id' => $matches[1],
240            'image_file' => $thumbnail['file'],
241            'category' => $category_infos,
242            )
243          );
244      }
245    }
246  }
247
248  invalidate_user_cache();
249
250  // let's notify administrators
251  include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
252
253  $keyargs_content = array(
254    get_l10n_args('Hi administrators,', ''),
255    get_l10n_args('', ''),
256    get_l10n_args('Album: %s', get_cat_display_name($category_infos['upper_names'], null, false)),
257    get_l10n_args('User: %s', $user['username']),
258    get_l10n_args('Email: %s', $user['email']),
259    );
260
261  if ($moderate)
262  {
263    $keyargs_content[] = get_l10n_args('', '');
264   
265    array_push(
266      $keyargs_content,
267      get_l10n_args(
268        'Validation page: %s',
269        get_absolute_root_url().'admin.php?page=plugin-community-pendings'
270        )
271      );
272  }
273
274  pwg_mail_notification_admins(
275    get_l10n_args('%d photos uploaded by %s', array(count($image_ids), $user['username'])),
276    $keyargs_content,
277    false
278    );
279}
280
281// +-----------------------------------------------------------------------+
282// |                             prepare form                              |
283// +-----------------------------------------------------------------------+
284
285$template->set_filenames(array('add_photos' => dirname(__FILE__).'/add_photos.tpl'));
286
287include_once(PHPWG_ROOT_PATH.'admin/include/photos_add_direct_prepare.inc.php');
288
289// we have to change the list of uploadable albums
290$upload_categories = $user_permissions['upload_categories'];
291if (count($upload_categories) == 0)
292{
293  $upload_categories = array(-1);
294}
295
296$query = '
297SELECT id,name,uppercats,global_rank
298  FROM '.CATEGORIES_TABLE.'
299  WHERE id IN ('.implode(',', $upload_categories).')
300;';
301
302display_select_cat_wrapper(
303  $query,
304  $selected_category,
305  'category_options'
306  );
307
308$create_subcategories = false;
309if ($user_permissions['create_whole_gallery'] or count($user_permissions['create_categories']) > 0)
310{
311  $create_subcategories = true;
312}
313
314$create_categories = $user_permissions['create_categories'];
315if (count($user_permissions['create_categories']) == 0)
316{
317  $create_categories = array(-1);
318}
319
320$query = '
321SELECT id,name,uppercats,global_rank
322  FROM '.CATEGORIES_TABLE.'
323  WHERE id IN ('.implode(',', $create_categories).')
324;';
325
326display_select_cat_wrapper(
327  $query,
328  $selected_category,
329  'category_parent_options'
330  );
331
332$template->assign(
333  array(
334    'create_subcategories' => $create_subcategories,
335    'create_whole_gallery' => $user_permissions['create_whole_gallery'],
336    )
337  );
338
339if (isset($conf['community_ask_for_properties']) and $conf['community_ask_for_properties'])
340{
341  $template->assign(
342    array(
343      'community_ask_for_properties' => true,
344      )
345    );
346}
347
348// +-----------------------------------------------------------------------+
349// |                             display page                              |
350// +-----------------------------------------------------------------------+
351
352if (count($page['errors']) != 0)
353{
354  $template->assign('errors', $page['errors']);
355}
356
357if (count($page['infos']) != 0)
358{
359  $template->assign('infos', $page['infos']);
360}
361
362$title = l10n('Upload Photos');
363$page['body_id'] = 'theUploadPage';
364
365$template->assign_var_from_handle('PLUGIN_INDEX_CONTENT_BEGIN', 'add_photos');
366
367$template->clear_assign(array('U_MODE_POSTED', 'U_MODE_CREATED'));
368
369$template->assign(
370  array(
371    'TITLE' => '<a href="'.get_gallery_home_url().'">'.l10n('Home').'</a>'.$conf['level_separator'].$title,
372    )
373  );
374?>
Note: See TracBrowser for help on using the repository browser.