source: extensions/community/include/functions_community.inc.php @ 26592

Last change on this file since 26592 was 26592, checked in by plg, 7 years ago

bug fixed: version_compare can't compare 2.5.c and 2.5.d. mistic has written a
new function safe_version_compare which correctly handles letters in version
numbers.

File size: 11.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24function community_get_user_permissions($user_id)
25{
26  // echo __FUNCTION__.' => call for user '.$user_id.'<br>';
27 
28  global $conf, $user;
29
30  $cache_key = community_get_cache_key();
31  if (!isset($cache_key))
32  {
33    $cache_key = community_update_cache_key();
34  }
35
36  // I (plg) don't understand why, but when you connect, you keep the
37  // permissions calculated for the "guest" : the session "inherits"
38  // variables from guest to the connected user, so I add a
39  // $_SESSION['community_user_id'] to force refresh if the permissions were
40  // not calculated for the right user
41  if (
42    isset($_SESSION['community_user_id'])
43    and $_SESSION['community_user_id'] == $user_id
44    and $_SESSION['community_cache_key'] == $cache_key
45    )
46  {
47    return $_SESSION['community_user_permissions'];
48  }
49
50  $return = array(
51    'upload_whole_gallery' => false,
52    'create_whole_gallery' => false,
53    'user_album' => false,
54    'create_categories' => array(),
55    'upload_categories' => array(),
56    'permission_ids' => array(),
57    'nb_photos' => 0,
58    'storage' => 0,
59    );
60 
61  // what are the user groups?
62  $query = '
63SELECT
64    group_id
65  FROM '.USER_GROUP_TABLE.'
66  WHERE user_id = '.$user_id.'
67;';
68  $user_group_ids = array_from_query($query, 'group_id');
69
70  $query = '
71SELECT
72    id,
73    type,
74    category_id,
75    user_album,
76    recursive,
77    create_subcategories,
78    nb_photos,
79    storage
80  FROM '.COMMUNITY_PERMISSIONS_TABLE.'
81  WHERE (type = \'any_visitor\')';
82
83  if ($user_id != $conf['guest_id'])
84  {
85    $query.= '
86    OR (type = \'any_registered_user\')
87    OR (type = \'user\' AND user_id = '.$user_id.')';
88
89    if (count($user_group_ids) > 0)
90    {
91      $query.= '
92    OR (type = \'group\' AND group_id IN ('.implode(',', $user_group_ids).'))';
93    }
94  }
95   
96  $query.= '
97;';
98
99  $recursive_categories = array();
100
101  $result = pwg_query($query);
102  while ($row = pwg_db_fetch_assoc($result))
103  {
104    array_push($return['permission_ids'], $row['id']);
105
106    if ('false' == $row['user_album'])
107    {
108      if (empty($row['category_id']))
109      {
110        $return['upload_whole_gallery'] = true;
111      }
112      else
113      {
114        array_push($return['upload_categories'], $row['category_id']);
115
116        if ('true' == $row['recursive'])
117        {
118          array_push($recursive_categories, $row['category_id']);
119        }
120      }
121    }
122
123    if ('true' == $row['create_subcategories'])
124    {
125      if (empty($row['category_id']))
126      {
127        $return ['create_whole_gallery'] = true;
128      }
129      else
130      {
131        array_push($return['create_categories'], $row['category_id']);
132      }
133    }
134
135    if ($return['nb_photos'] != -1)
136    {
137      if (empty($row['nb_photos']) or -1 == $row['nb_photos'])
138      {
139        // that means "no limit"
140        $return['nb_photos'] = -1;
141      }
142      elseif ($row['nb_photos'] > $return['nb_photos'])
143      {
144        $return['nb_photos'] = $row['nb_photos'];
145      }
146    }
147   
148    if ($return['storage'] != -1)
149    {
150      if (empty($row['storage']) or -1 == $row['storage'])
151      {
152        // that means "no limit"
153        $return['storage'] = -1;
154      }
155      elseif ($row['storage'] > $return['storage'])
156      {
157        $return['storage'] = $row['storage'];
158      }
159    }
160
161    if ($conf['community']['user_albums'] and 'any_visitor' != $row['type'])
162    {
163      $return['user_album'] = true;
164    }
165  }
166
167  if (is_admin())
168  {
169    $return ['upload_whole_gallery'] = true;
170    $return ['create_whole_gallery'] = true;
171    $return['nb_photos'] = -1;
172    $return['storage'] = -1;
173  }
174
175  // these are categories with access permission but considering the user
176  // has a level 8 (maximum level). We want to keep categories with no
177  // photos inside (for nobody)
178  $forbidden_categories = calculate_permissions($user['id'], $user['status']);
179 
180  $empty_categories = array_diff(
181    explode(',', $user['forbidden_categories']),
182    explode(',', $forbidden_categories)
183    );
184
185  if (count($empty_categories) > 0)
186  {
187    $query = '
188SELECT
189    category_id
190  FROM '.IMAGE_CATEGORY_TABLE.'
191    JOIN '.IMAGES_TABLE.' ON image_id = id
192  WHERE category_id IN ('.implode(',', $empty_categories).')
193    AND level > '.$user['level'].'
194    AND level <= 8
195  GROUP BY category_id
196;';
197    $not_really_empty_categories = array_keys(hash_from_query($query, 'category_id'));
198    $forbidden_categories.= ','.implode(',', $not_really_empty_categories);
199  }
200
201  $query = '
202SELECT
203    id
204  FROM '.CATEGORIES_TABLE.'
205;';
206  $all_categories = array_keys(hash_from_query($query, 'id'));
207
208  if ($return['upload_whole_gallery'])
209  {
210    $return['upload_categories'] = array_diff(
211      $all_categories,
212      explode(',', $forbidden_categories)
213      );
214  }
215  elseif (count($return['upload_categories']) > 0)
216  {
217    if (count($recursive_categories) > 0)
218    {
219      $return['upload_categories'] = array_unique(
220        array_merge(
221          $return['upload_categories'],
222          get_subcat_ids($recursive_categories)
223          )
224        );
225    }
226
227    $return['upload_categories'] = array_diff(
228      $return['upload_categories'],
229      explode(',', $forbidden_categories)
230      );
231  }
232
233  if ($return ['create_whole_gallery'])
234  {
235    $return['create_categories'] = array_diff(
236      $all_categories,
237      explode(',', $forbidden_categories)
238      );
239  }
240  elseif (count($return['create_categories']) > 0)
241  {
242    // no need to check for "recursive", an upload permission can't be
243    // "create_subcategories" without being "recursive"
244    $return['create_categories'] = get_subcat_ids($return['create_categories']);
245
246    $return['create_categories'] = array_diff(
247      $return['create_categories'],
248      explode(',', $forbidden_categories)
249      );
250  }
251
252  if ($return['user_album'])
253  {
254    $user_album_category_id = community_get_user_album($user_id);
255
256    if (!empty($user_album_category_id) and !in_array($user_album_category_id, $return['upload_categories']))
257    {
258      array_push($return['upload_categories'], $user_album_category_id);
259    }
260  }
261
262  // is the user allowed to use community upload?
263  if (count($return['upload_categories']) > 0 or $return['create_whole_gallery'] or $return['user_album'])
264  {
265    $return['community_enabled'] = true;
266  }
267  else
268  {
269    $return['community_enabled'] = false;
270  }
271
272  $_SESSION['community_user_permissions'] = $return;
273  $_SESSION['community_cache_key'] = $cache_key;
274  $_SESSION['community_user_id'] = $user_id;
275
276  // echo __FUNCTION__.' => cache reset for user '.$user_id.'<br>';
277 
278  return $_SESSION['community_user_permissions'];
279}
280
281/**
282 * return the user album category_id. The album is automatically created if
283 * it does not exist (or has been deleted)
284 */
285function community_get_user_album($user_id)
286{
287  global $conf;
288 
289  $user_album_category_id = null;
290 
291  $query = '
292SELECT *
293  FROM '.CATEGORIES_TABLE.'
294  WHERE community_user = '.$user_id.'
295;';
296  $result = pwg_query($query);
297  while ($row = pwg_db_fetch_assoc($result))
298  {
299    $user_album_category_id = $row['id'];
300    break;
301  }
302
303  if (!isset($user_album_category_id))
304  {
305    $user_infos = getuserdata($user_id, false);
306
307    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
308    $category_info = create_virtual_category($user_infos['username'], $conf['community']['user_albums_parent']);
309
310    single_update(
311      CATEGORIES_TABLE,
312      array('community_user' => $user_id),
313      array('id' => $category_info['id'])
314      );
315
316    $user_album_category_id = $category_info['id'];
317
318    // in functions_html::get_cat_display_name_cache we use a cache and this
319    // cache must be reset so that new album is included inside it.
320    global $cache;
321    unset($cache['cat_names']);
322  }
323
324  return $user_album_category_id;
325}
326
327function community_reject_pendings($image_ids)
328{
329  if (count($image_ids) == 0)
330  {
331    return;
332  }
333 
334  $query = '
335DELETE
336  FROM '.COMMUNITY_PENDINGS_TABLE.'
337  WHERE image_id IN ('.implode(',', $image_ids).')
338;';
339  pwg_query($query);
340
341  // needs to be in administration panel
342  delete_elements($image_ids, true);
343}
344
345function community_reject_user_pendings($user_id)
346{
347  $query = '
348SELECT
349    image_id
350  FROM '.COMMUNITY_PENDINGS_TABLE.' AS cp
351    INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = cp.image_id
352  WHERE state != \'validated\'
353    AND added_by = '.$user_id.'
354;';
355  $result = pwg_query($query);
356  $image_ids = array();
357  while ($row = pwg_db_fetch_assoc($result))
358  {
359    array_push($image_ids, $row['image_id']);
360  }
361
362  community_reject_pendings($image_ids);
363}
364
365function community_update_cache_key()
366{
367  $cache_key = generate_key(20);
368  conf_update_param('community_cache_key', $cache_key);
369  return $cache_key;
370}
371
372function community_get_cache_key()
373{
374  global $conf;
375
376  if (isset($conf['community_cache_key']))
377  {
378    return $conf['community_cache_key'];
379  }
380  else
381  {
382    return null;
383  }
384}
385
386function community_get_user_limits($user_id)
387{
388  // how many photos and storage for this user?
389  $query = '
390SELECT
391    COUNT(id) AS nb_photos,
392    IFNULL(FLOOR(SUM(filesize)/1024), 0) AS storage
393  FROM '.IMAGES_TABLE.'
394  WHERE added_by = '.$user_id.'
395;';
396  return pwg_db_fetch_assoc(pwg_query($query));
397}
398
399// will be included in Piwigo 2.6
400if (!function_exists('safe_version_compare'))
401{
402  function safe_version_compare($a, $b, $cmp=null)
403  {
404    $replace_chars = create_function('$m', 'return ord(strtolower($m[1]));');
405    $a = preg_replace('#([0-9]+)([a-z]+)#i', '$1.$2', $a);
406    $b = preg_replace('#([0-9]+)([a-z]+)#i', '$1.$2', $b);
407    $a = preg_replace_callback('#\b([a-z]{1})\b#i', $replace_chars, $a);
408    $b = preg_replace_callback('#\b([a-z]{1})\b#i', $replace_chars, $b);
409    if (empty($cmp))
410    {
411      return version_compare($a, $b);
412    }
413    else
414    {
415      return version_compare($a, $b, $cmp);
416    }
417  }
418}
419?>
Note: See TracBrowser for help on using the repository browser.