Context Navigation

source: extensions/community/include/functions_community.inc.php @ 17079

Last change on this file since 17079 was 10770, checked in by plg, 14 years ago
bug 2296 fixed: missing join clause, all albums with at least 1 photo inside were considered as not really empty if even if containing pending photos (level 16)
File size: 7.4 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	function community_get_user_permissions($user_id)
25	{
26	global $conf, $user;
27
28	$cache_key = community_get_cache_key();
29	if (!isset($cache_key))
30	{
31	$cache_key = community_update_cache_key();
32	}
33
34	// I (plg) don't understand why, but when you connect, you keep the
35	// permissions calculated for the "guest" : the session "inherits"
36	// variables from guest to the connected user, so I add a
37	// $_SESSION['community_user_id'] to force refresh if the permissions were
38	// not calculated for the right user
39	if (
40	isset($_SESSION['community_user_id'])
41	and $_SESSION['community_user_id'] == $user_id
42	and $_SESSION['community_cache_key'] == $cache_key
43	)
44	{
45	return $_SESSION['community_user_permissions'];
46	}
47
48	$return = array(
49	'upload_whole_gallery' => false,
50	'create_whole_gallery' => false,
51	'create_categories' => array(),
52	'upload_categories' => array(),
53	'permission_ids' => array(),
54	);
55
56	// what are the user groups?
57	$query = '
58	SELECT
59	group_id
60	FROM '.USER_GROUP_TABLE.'
61	WHERE user_id = '.$user_id.'
62	;';
63	$user_group_ids = array_from_query($query, 'group_id');
64
65	$query = '
66	SELECT
67	id,
68	category_id,
69	recursive,
70	create_subcategories
71	FROM '.COMMUNITY_PERMISSIONS_TABLE.'
72	WHERE (type = \'any_visitor\')';
73
74	if ($user_id != $conf['guest_id'])
75	{
76	$query.= '
77	OR (type = \'any_registered_user\')
78	OR (type = \'user\' AND user_id = '.$user_id.')';
79
80	if (count($user_group_ids) > 0)
81	{
82	$query.= '
83	OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).'))';
84	}
85	}
86
87	$query.= '
88	;';
89
90	$recursive_categories = array();
91
92	$result = pwg_query($query);
93	while ($row = pwg_db_fetch_assoc($result))
94	{
95	array_push($return['permission_ids'], $row['id']);
96
97	if (empty($row['category_id']))
98	{
99	$return ['upload_whole_gallery'] = true;
100	}
101	else
102	{
103	array_push($return['upload_categories'], $row['category_id']);
104
105	if ('true' == $row['recursive'])
106	{
107	array_push($recursive_categories, $row['category_id']);
108	}
109	}
110
111	if ('true' == $row['create_subcategories'])
112	{
113	if (empty($row['category_id']))
114	{
115	$return ['create_whole_gallery'] = true;
116	}
117	else
118	{
119	array_push($return['create_categories'], $row['category_id']);
120	}
121	}
122	}
123
124	if (is_admin())
125	{
126	$return ['upload_whole_gallery'] = true;
127	$return ['create_whole_gallery'] = true;
128	}
129
130	// these are categories with access permission but considering the user
131	// has a level 8 (maximum level). We want to keep categories with no
132	// photos inside (for nobody)
133	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
134
135	$empty_categories = array_diff(
136	explode(',', $user['forbidden_categories']),
137	explode(',', $forbidden_categories)
138	);
139
140	if (count($empty_categories) > 0)
141	{
142	$query = '
143	SELECT
144	category_id
145	FROM '.IMAGE_CATEGORY_TABLE.'
146	JOIN '.IMAGES_TABLE.' ON image_id = id
147	WHERE category_id IN ('.implode(',', $empty_categories).')
148	AND level > '.$user['level'].'
149	AND level <= 8
150	GROUP BY category_id
151	;';
152	$not_really_empty_categories = array_keys(hash_from_query($query, 'category_id'));
153	$forbidden_categories.= ','.implode(',', $not_really_empty_categories);
154	}
155
156	$query = '
157	SELECT
158	id
159	FROM '.CATEGORIES_TABLE.'
160	;';
161	$all_categories = array_keys(hash_from_query($query, 'id'));
162
163	if ($return['upload_whole_gallery'])
164	{
165	$return['upload_categories'] = array_diff(
166	$all_categories,
167	explode(',', $forbidden_categories)
168	);
169	}
170	elseif (count($return['upload_categories']) > 0)
171	{
172	if (count($recursive_categories) > 0)
173	{
174	$return['upload_categories'] = array_unique(
175	array_merge(
176	$return['upload_categories'],
177	get_subcat_ids($recursive_categories)
178	)
179	);
180	}
181
182	$return['upload_categories'] = array_diff(
183	$return['upload_categories'],
184	explode(',', $forbidden_categories)
185	);
186	}
187
188	if ($return ['create_whole_gallery'])
189	{
190	$return['create_categories'] = array_diff(
191	$all_categories,
192	explode(',', $forbidden_categories)
193	);
194	}
195	elseif (count($return['create_categories']) > 0)
196	{
197	// no need to check for "recursive", an upload permission can't be
198	// "create_subcategories" without being "recursive"
199	$return['create_categories'] = get_subcat_ids($return['create_categories']);
200
201	$return['create_categories'] = array_diff(
202	$return['create_categories'],
203	explode(',', $forbidden_categories)
204	);
205	}
206
207	$_SESSION['community_user_permissions'] = $return;
208	$_SESSION['community_cache_key'] = $cache_key;
209	$_SESSION['community_user_id'] = $user_id;
210
211	return $_SESSION['community_user_permissions'];
212	}
213
214	function community_reject_pendings($image_ids)
215	{
216	if (count($image_ids) == 0)
217	{
218	return;
219	}
220
221	$query = '
222	DELETE
223	FROM '.COMMUNITY_PENDINGS_TABLE.'
224	WHERE image_id IN ('.implode(',', $image_ids).')
225	;';
226	pwg_query($query);
227
228	// needs to be in administration panel
229	delete_elements($image_ids, true);
230	}
231
232	function community_reject_user_pendings($user_id)
233	{
234	$query = '
235	SELECT
236	image_id
237	FROM '.COMMUNITY_PENDINGS_TABLE.' AS cp
238	INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = cp.image_id
239	WHERE state != \'validated\'
240	AND added_by = '.$user_id.'
241	;';
242	$result = pwg_query($query);
243	$image_ids = array();
244	while ($row = pwg_db_fetch_assoc($result))
245	{
246	array_push($image_ids, $row['image_id']);
247	}
248
249	community_reject_pendings($image_ids);
250	}
251
252	function community_update_cache_key()
253	{
254	$cache_key = generate_key(20);
255	conf_update_param('community_cache_key', $cache_key);
256	return $cache_key;
257	}
258
259	function community_get_cache_key()
260	{
261	global $conf;
262
263	if (isset($conf['community_cache_key']))
264	{
265	return $conf['community_cache_key'];
266	}
267	else
268	{
269	return null;
270	}
271	}
272	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: