[9372] | 1 | <?php |
---|
| 2 | // +-----------------------------------------------------------------------+ |
---|
| 3 | // | Piwigo - a PHP based photo gallery | |
---|
| 4 | // +-----------------------------------------------------------------------+ |
---|
| 5 | // | Copyright(C) 2008-2011 Piwigo Team http://piwigo.org | |
---|
| 6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 8 | // +-----------------------------------------------------------------------+ |
---|
| 9 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 10 | // | it under the terms of the GNU General Public License as published by | |
---|
| 11 | // | the Free Software Foundation | |
---|
| 12 | // | | |
---|
| 13 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 16 | // | General Public License for more details. | |
---|
| 17 | // | | |
---|
| 18 | // | You should have received a copy of the GNU General Public License | |
---|
| 19 | // | along with this program; if not, write to the Free Software | |
---|
| 20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 21 | // | USA. | |
---|
| 22 | // +-----------------------------------------------------------------------+ |
---|
| 23 | |
---|
| 24 | function community_get_user_permissions($user_id) |
---|
| 25 | { |
---|
[9500] | 26 | global $conf, $user; |
---|
[9372] | 27 | |
---|
[9583] | 28 | $cache_key = community_get_cache_key(); |
---|
| 29 | if (!isset($cache_key)) |
---|
[9501] | 30 | { |
---|
[9583] | 31 | $cache_key = community_update_cache_key(); |
---|
[9501] | 32 | } |
---|
[9583] | 33 | |
---|
| 34 | // I (plg) don't understand why, but when you connect, you keep the |
---|
[9584] | 35 | // permissions calculated for the "guest" : the session "inherits" |
---|
| 36 | // variables from guest to the connected user, so I add a |
---|
[9583] | 37 | // $_SESSION['community_user_id'] to force refresh if the permissions were |
---|
| 38 | // not calculated for the right user |
---|
| 39 | if ( |
---|
| 40 | isset($_SESSION['community_user_id']) |
---|
| 41 | and $_SESSION['community_user_id'] == $user_id |
---|
| 42 | and $_SESSION['community_cache_key'] == $cache_key |
---|
| 43 | ) |
---|
[9501] | 44 | { |
---|
[9583] | 45 | return $_SESSION['community_user_permissions']; |
---|
[9501] | 46 | } |
---|
| 47 | |
---|
[9372] | 48 | $return = array( |
---|
| 49 | 'upload_whole_gallery' => false, |
---|
| 50 | 'create_whole_gallery' => false, |
---|
| 51 | 'create_categories' => array(), |
---|
| 52 | 'upload_categories' => array(), |
---|
| 53 | 'permission_ids' => array(), |
---|
| 54 | ); |
---|
| 55 | |
---|
| 56 | // what are the user groups? |
---|
| 57 | $query = ' |
---|
| 58 | SELECT |
---|
| 59 | group_id |
---|
| 60 | FROM '.USER_GROUP_TABLE.' |
---|
| 61 | WHERE user_id = '.$user_id.' |
---|
| 62 | ;'; |
---|
| 63 | $user_group_ids = array_from_query($query, 'group_id'); |
---|
| 64 | |
---|
| 65 | $query = ' |
---|
| 66 | SELECT |
---|
| 67 | id, |
---|
| 68 | category_id, |
---|
[9500] | 69 | recursive, |
---|
[9372] | 70 | create_subcategories |
---|
| 71 | FROM '.COMMUNITY_PERMISSIONS_TABLE.' |
---|
| 72 | WHERE (type = \'any_visitor\')'; |
---|
| 73 | |
---|
| 74 | if ($user_id != $conf['guest_id']) |
---|
| 75 | { |
---|
[9376] | 76 | $query.= ' |
---|
[9372] | 77 | OR (type = \'any_registered_user\') |
---|
[9376] | 78 | OR (type = \'user\' AND user_id = '.$user_id.')'; |
---|
| 79 | |
---|
| 80 | if (count($user_group_ids) > 0) |
---|
| 81 | { |
---|
| 82 | $query.= ' |
---|
| 83 | OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).'))'; |
---|
| 84 | } |
---|
[9372] | 85 | } |
---|
| 86 | |
---|
| 87 | $query.= ' |
---|
| 88 | ;'; |
---|
| 89 | |
---|
[9500] | 90 | $recursive_categories = array(); |
---|
| 91 | |
---|
[9372] | 92 | $result = pwg_query($query); |
---|
| 93 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 94 | { |
---|
| 95 | array_push($return['permission_ids'], $row['id']); |
---|
| 96 | |
---|
| 97 | if (empty($row['category_id'])) |
---|
| 98 | { |
---|
| 99 | $return ['upload_whole_gallery'] = true; |
---|
| 100 | } |
---|
| 101 | else |
---|
| 102 | { |
---|
| 103 | array_push($return['upload_categories'], $row['category_id']); |
---|
[9500] | 104 | |
---|
| 105 | if ('true' == $row['recursive']) |
---|
| 106 | { |
---|
| 107 | array_push($recursive_categories, $row['category_id']); |
---|
| 108 | } |
---|
[9372] | 109 | } |
---|
| 110 | |
---|
| 111 | if ('true' == $row['create_subcategories']) |
---|
| 112 | { |
---|
| 113 | if (empty($row['category_id'])) |
---|
| 114 | { |
---|
| 115 | $return ['create_whole_gallery'] = true; |
---|
| 116 | } |
---|
| 117 | else |
---|
| 118 | { |
---|
| 119 | array_push($return['create_categories'], $row['category_id']); |
---|
| 120 | } |
---|
| 121 | } |
---|
| 122 | } |
---|
| 123 | |
---|
[9500] | 124 | if (is_admin()) |
---|
[9372] | 125 | { |
---|
[9500] | 126 | $return ['upload_whole_gallery'] = true; |
---|
| 127 | $return ['create_whole_gallery'] = true; |
---|
[9372] | 128 | } |
---|
| 129 | |
---|
[9500] | 130 | // these are categories with access permission but considering the user |
---|
| 131 | // has a level 8 (maximum level). We want to keep categories with no |
---|
| 132 | // photos inside (for nobody) |
---|
| 133 | $forbidden_categories = calculate_permissions($user['id'], $user['status']); |
---|
| 134 | |
---|
| 135 | $empty_categories = array_diff( |
---|
| 136 | explode(',', $user['forbidden_categories']), |
---|
| 137 | explode(',', $forbidden_categories) |
---|
| 138 | ); |
---|
| 139 | |
---|
| 140 | if (count($empty_categories) > 0) |
---|
[9372] | 141 | { |
---|
[9500] | 142 | $query = ' |
---|
| 143 | SELECT |
---|
| 144 | category_id |
---|
| 145 | FROM '.IMAGE_CATEGORY_TABLE.' |
---|
| 146 | JOIN '.IMAGES_TABLE.' |
---|
| 147 | WHERE category_id IN ('.implode(',', $empty_categories).') |
---|
| 148 | AND level > '.$user['level'].' |
---|
| 149 | AND level <= 8 |
---|
| 150 | GROUP BY category_id |
---|
| 151 | ;'; |
---|
| 152 | $not_really_empty_categories = array_keys(hash_from_query($query, 'category_id')); |
---|
| 153 | $forbidden_categories.= ','.implode(',', $not_really_empty_categories); |
---|
| 154 | } |
---|
| 155 | |
---|
| 156 | $query = ' |
---|
| 157 | SELECT |
---|
| 158 | id |
---|
| 159 | FROM '.CATEGORIES_TABLE.' |
---|
| 160 | ;'; |
---|
| 161 | $all_categories = array_keys(hash_from_query($query, 'id')); |
---|
| 162 | |
---|
| 163 | if ($return['upload_whole_gallery']) |
---|
| 164 | { |
---|
| 165 | $return['upload_categories'] = array_diff( |
---|
| 166 | $all_categories, |
---|
| 167 | explode(',', $forbidden_categories) |
---|
| 168 | ); |
---|
| 169 | } |
---|
| 170 | elseif (count($return['upload_categories']) > 0) |
---|
| 171 | { |
---|
| 172 | if (count($recursive_categories) > 0) |
---|
| 173 | { |
---|
| 174 | $return['upload_categories'] = array_unique( |
---|
| 175 | array_merge( |
---|
| 176 | $return['upload_categories'], |
---|
| 177 | get_subcat_ids($recursive_categories) |
---|
| 178 | ) |
---|
| 179 | ); |
---|
| 180 | } |
---|
| 181 | |
---|
| 182 | $return['upload_categories'] = array_diff( |
---|
| 183 | $return['upload_categories'], |
---|
| 184 | explode(',', $forbidden_categories) |
---|
| 185 | ); |
---|
| 186 | } |
---|
| 187 | |
---|
| 188 | if ($return ['create_whole_gallery']) |
---|
| 189 | { |
---|
| 190 | $return['create_categories'] = array_diff( |
---|
| 191 | $all_categories, |
---|
| 192 | explode(',', $forbidden_categories) |
---|
| 193 | ); |
---|
| 194 | } |
---|
| 195 | elseif (count($return['create_categories']) > 0) |
---|
| 196 | { |
---|
| 197 | // no need to check for "recursive", an upload permission can't be |
---|
| 198 | // "create_subcategories" without being "recursive" |
---|
[9372] | 199 | $return['create_categories'] = get_subcat_ids($return['create_categories']); |
---|
[9500] | 200 | |
---|
| 201 | $return['create_categories'] = array_diff( |
---|
| 202 | $return['create_categories'], |
---|
| 203 | explode(',', $forbidden_categories) |
---|
| 204 | ); |
---|
[9372] | 205 | } |
---|
| 206 | |
---|
[9501] | 207 | $_SESSION['community_user_permissions'] = $return; |
---|
[9583] | 208 | $_SESSION['community_cache_key'] = $cache_key; |
---|
| 209 | $_SESSION['community_user_id'] = $user_id; |
---|
[9501] | 210 | |
---|
| 211 | return $_SESSION['community_user_permissions']; |
---|
[9372] | 212 | } |
---|
| 213 | |
---|
[9452] | 214 | function community_reject_pendings($image_ids) |
---|
| 215 | { |
---|
| 216 | if (count($image_ids) == 0) |
---|
| 217 | { |
---|
| 218 | return; |
---|
| 219 | } |
---|
| 220 | |
---|
| 221 | $query = ' |
---|
| 222 | DELETE |
---|
| 223 | FROM '.COMMUNITY_PENDINGS_TABLE.' |
---|
| 224 | WHERE image_id IN ('.implode(',', $image_ids).') |
---|
| 225 | ;'; |
---|
| 226 | pwg_query($query); |
---|
| 227 | |
---|
| 228 | // needs to be in administration panel |
---|
| 229 | delete_elements($image_ids, true); |
---|
| 230 | } |
---|
| 231 | |
---|
| 232 | function community_reject_user_pendings($user_id) |
---|
| 233 | { |
---|
| 234 | $query = ' |
---|
| 235 | SELECT |
---|
| 236 | image_id |
---|
| 237 | FROM '.COMMUNITY_PENDINGS_TABLE.' AS cp |
---|
| 238 | INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = cp.image_id |
---|
| 239 | WHERE state != \'validated\' |
---|
| 240 | AND added_by = '.$user_id.' |
---|
| 241 | ;'; |
---|
| 242 | $result = pwg_query($query); |
---|
| 243 | $image_ids = array(); |
---|
| 244 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 245 | { |
---|
| 246 | array_push($image_ids, $row['image_id']); |
---|
| 247 | } |
---|
| 248 | |
---|
| 249 | community_reject_pendings($image_ids); |
---|
| 250 | } |
---|
| 251 | |
---|
[9583] | 252 | function community_update_cache_key() |
---|
| 253 | { |
---|
| 254 | $cache_key = generate_key(20); |
---|
| 255 | conf_update_param('community_cache_key', $cache_key); |
---|
| 256 | return $cache_key; |
---|
| 257 | } |
---|
| 258 | |
---|
| 259 | function community_get_cache_key() |
---|
| 260 | { |
---|
| 261 | global $conf; |
---|
| 262 | |
---|
| 263 | if (isset($conf['community_cache_key'])) |
---|
| 264 | { |
---|
| 265 | return $conf['community_cache_key']; |
---|
| 266 | } |
---|
| 267 | else |
---|
| 268 | { |
---|
| 269 | return null; |
---|
| 270 | } |
---|
| 271 | } |
---|
[9372] | 272 | ?> |
---|