1 | <?php |
---|
2 | |
---|
3 | // +-----------------------------------------------------------------------+ |
---|
4 | // | Piwigo - a PHP based picture gallery | |
---|
5 | // +-----------------------------------------------------------------------+ |
---|
6 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
7 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
8 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
9 | // +-----------------------------------------------------------------------+ |
---|
10 | // | This program is free software; you can redistribute it and/or modify | |
---|
11 | // | it under the terms of the GNU General Public License as published by | |
---|
12 | // | the Free Software Foundation | |
---|
13 | // | | |
---|
14 | // | This program is distributed in the hope that it will be useful, but | |
---|
15 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
16 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
17 | // | General Public License for more details. | |
---|
18 | // | | |
---|
19 | // | You should have received a copy of the GNU General Public License | |
---|
20 | // | along with this program; if not, write to the Free Software | |
---|
21 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
22 | // | USA. | |
---|
23 | // +-----------------------------------------------------------------------+ |
---|
24 | |
---|
25 | // *************************************************************************** |
---|
26 | // ** evntcats_admin_funcs.php : Admin functions (include) ** |
---|
27 | // ** for Piwigo plugin Event Cats ** |
---|
28 | // *************************************************************************** |
---|
29 | |
---|
30 | // +-----------------------------------------------------------------------+ |
---|
31 | // | Header | |
---|
32 | // +-----------------------------------------------------------------------+ |
---|
33 | |
---|
34 | global $conf, $page; |
---|
35 | |
---|
36 | // +-----------------------------------------------------------------------+ |
---|
37 | // | Utilities functions | |
---|
38 | // +-----------------------------------------------------------------------+ |
---|
39 | |
---|
40 | /* |
---|
41 | * ec_end1() |
---|
42 | * Process repetitive task when error in database modifying functions. |
---|
43 | * |
---|
44 | * @param |
---|
45 | * $pst : $_POST argument |
---|
46 | * $msg : message |
---|
47 | * @return |
---|
48 | * false as this function is used when there is a problem |
---|
49 | */ |
---|
50 | function ec_end1($pst, $msg) { |
---|
51 | global $page; |
---|
52 | if (isset($_POST[$pst])) |
---|
53 | $page['errors'][] = |
---|
54 | l10n($msg). |
---|
55 | '$_POST[\''.$pst.'\'] = '. |
---|
56 | $_POST[$pst]; |
---|
57 | else |
---|
58 | $page['errors'][] = |
---|
59 | l10n($msg). |
---|
60 | '$_POST[\''.$pst.'\'] unset'; |
---|
61 | return false; |
---|
62 | } |
---|
63 | |
---|
64 | /* |
---|
65 | * ec_create_user_OK() |
---|
66 | * Creates new generic user and eventually new group as described in $_POST. |
---|
67 | * |
---|
68 | * @param |
---|
69 | * no param needed |
---|
70 | * @return |
---|
71 | * the created user_id or false whether all operations suceeded or not |
---|
72 | */ |
---|
73 | function ec_create_user_OK() { |
---|
74 | global $page; |
---|
75 | |
---|
76 | // This function assumes that the validity of the different indexes it uses, |
---|
77 | // have been checked before it is used. |
---|
78 | |
---|
79 | // User creation, as generic |
---|
80 | $ec_user_id = false; |
---|
81 | $page['errors'] = register_user( |
---|
82 | $_POST['login'], $_POST['password'], '', false |
---|
83 | ); |
---|
84 | if ( |
---|
85 | count($page['errors']) != 0 or |
---|
86 | !($ec_user_id = get_userid($_POST['login'])) |
---|
87 | ) { |
---|
88 | array_unshift($page['errors'], l10n('ec_user_create_pb')); |
---|
89 | return false; |
---|
90 | } |
---|
91 | else |
---|
92 | $page['infos'][] = l10n('ec_user_create_OK').$_POST['login']; |
---|
93 | if ( |
---|
94 | pwg_query(" |
---|
95 | UPDATE `".USER_INFOS_TABLE."` |
---|
96 | SET `status` = 'generic' |
---|
97 | WHERE `user_id` = ".$ec_user_id."; |
---|
98 | ") !== false |
---|
99 | ) |
---|
100 | $page['infos'][] = l10n('ec_user_generic_OK').$_POST['login']; |
---|
101 | else |
---|
102 | $page['errors'][] =l10n('ec_user_generic_pb').$_POST['login']; |
---|
103 | |
---|
104 | // New group creation if required, |
---|
105 | // and association with user_id at the same time |
---|
106 | if ( |
---|
107 | isset($_POST['ec_in_up_newgroup']) and |
---|
108 | isset($_POST['groupname']) and |
---|
109 | $_POST['groupname'] != '' |
---|
110 | ) { |
---|
111 | $t2 = 0; $t3 = false; $t4 = false; |
---|
112 | while ( |
---|
113 | !($t3 = mysql_fetch_row(pwg_query(" |
---|
114 | SELECT `id` |
---|
115 | FROM `".GROUPS_TABLE."` |
---|
116 | WHERE `name` = '".$_POST['groupname']."'; |
---|
117 | "))) and |
---|
118 | $t2++ == 0 |
---|
119 | ) $t4 = pwg_query(" |
---|
120 | INSERT INTO `".GROUPS_TABLE."` (`name`, `is_default`) |
---|
121 | VALUES ('".$_POST['groupname']."', 'false'); |
---|
122 | "); |
---|
123 | if ($t4) |
---|
124 | $page['infos'][]=l10n('ec_group_create_OK').$_POST['groupname']; |
---|
125 | if (!$t3) |
---|
126 | $page['errors'][] = |
---|
127 | l10n('ec_group_create_pb').' (1) ; '. |
---|
128 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
129 | if ( |
---|
130 | pwg_query(" |
---|
131 | INSERT INTO `".USER_GROUP_TABLE."` (`user_id`, `group_id`) |
---|
132 | VALUES ('".$ec_user_id."', '".$t3[0]."'); |
---|
133 | ") === false |
---|
134 | ) $page['errors'][] = |
---|
135 | l10n('ec_group_create_pb').' (2) ; '. |
---|
136 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
137 | else |
---|
138 | $page['infos'][] = |
---|
139 | $_POST['login']. |
---|
140 | l10n('ec_group_create_OK2'). |
---|
141 | $_POST['groupname'] |
---|
142 | ; |
---|
143 | } |
---|
144 | return $ec_user_id; |
---|
145 | } |
---|
146 | |
---|
147 | // +-----------------------------------------------------------------------+ |
---|
148 | // | Tables building functions | |
---|
149 | // +-----------------------------------------------------------------------+ |
---|
150 | |
---|
151 | /* |
---|
152 | * build_ec_duplicable_codes() |
---|
153 | * |
---|
154 | * |
---|
155 | * @param |
---|
156 | * no parameter passed, the main material on which works the function, is |
---|
157 | * the global array variable $ec_lists. |
---|
158 | * @return |
---|
159 | * (no return value) |
---|
160 | */ |
---|
161 | function build_ec_duplicable_codes() { |
---|
162 | global $ec_lists, $template; |
---|
163 | $ec_lists['duplicable_codes'] = array(); |
---|
164 | $t = array(); |
---|
165 | foreach ($ec_lists['ec_table'] as $ec_entry) { |
---|
166 | if ( |
---|
167 | is_in($ec_entry['action'], 'ec_ok') and |
---|
168 | $ec_entry['forced'] == 'false' |
---|
169 | ) { |
---|
170 | $t[$ec_entry['id']] = $ec_entry['code']; |
---|
171 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = |
---|
172 | $ec_entry['id']; |
---|
173 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = |
---|
174 | $ec_entry['user_id']; |
---|
175 | } |
---|
176 | } |
---|
177 | foreach ($t as $ec_id => $ec_code) { |
---|
178 | $ec_lists['duplicable_codes']['ids'][$ec_id] = |
---|
179 | $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; |
---|
180 | } |
---|
181 | |
---|
182 | // Builds a category list displayed a best way |
---|
183 | build_ec_categories(false); |
---|
184 | } |
---|
185 | |
---|
186 | // +-----------------------------------------------------------------------+ |
---|
187 | // | Database modifying functions | |
---|
188 | // +-----------------------------------------------------------------------+ |
---|
189 | |
---|
190 | /* |
---|
191 | * ec_create_entry_OK() |
---|
192 | * returns true or false whether the creation of a new entry described by |
---|
193 | * $_POST was OK or not. |
---|
194 | * |
---|
195 | * @param |
---|
196 | * no param |
---|
197 | * @return |
---|
198 | * true if creation was OK ; false if not |
---|
199 | */ |
---|
200 | function ec_create_entry_OK() { |
---|
201 | global $page, $ec_lists; |
---|
202 | |
---|
203 | // $_POST validity checks : creation prevented in case of bad arguments |
---|
204 | if ( |
---|
205 | !isset($_POST['ec_in_up_code']) or |
---|
206 | !ereg('^[a-zA-Z0-9_-]{4,32}$', $_POST['ec_in_up_code']) |
---|
207 | ) return ec_end1('ec_in_up_code', 'ec_bad_argument7'); |
---|
208 | |
---|
209 | foreach ($ec_lists['ec_table'] as $ec_entry) |
---|
210 | if ($_POST['ec_in_up_code'] == $ec_entry['code']) |
---|
211 | return ec_end1('ec_in_up_code', 'ec_bad_argument2'); |
---|
212 | |
---|
213 | if ( |
---|
214 | !isset($_POST['ec_sel_user']) or ( |
---|
215 | $_POST['ec_sel_user'] != 'new' and |
---|
216 | $_POST['ec_sel_user'] != 'old' |
---|
217 | ) |
---|
218 | ) return ec_end1('ec_sel_user', 'ec_bad_argument1'); |
---|
219 | |
---|
220 | if ($_POST['ec_sel_user'] == 'new') { |
---|
221 | if ( |
---|
222 | !isset($_POST['login']) or |
---|
223 | $_POST['login'] == '' |
---|
224 | ) return ec_end1('login', 'ec_bad_argument1'); |
---|
225 | if (in_array($_POST['login'], $ec_lists['user_ids'])) |
---|
226 | return ec_end1('login', 'ec_bad_argument3'); |
---|
227 | } |
---|
228 | else { |
---|
229 | if (!isset($_POST['ec_in_up_usr_list'])) |
---|
230 | return ec_end1('login', 'ec_bad_argument1'); |
---|
231 | $ec_user_id = $_POST['ec_in_up_usr_list']; |
---|
232 | if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) |
---|
233 | return ec_end1('ec_in_up_usr_list', 'ec_bad_argument6'); |
---|
234 | } |
---|
235 | |
---|
236 | // code and user_id (if needed) are OK, creation can be done |
---|
237 | |
---|
238 | // User and eventually group creation, if needed |
---|
239 | if ($_POST['ec_sel_user'] == 'new') |
---|
240 | if (!($ec_user_id = ec_create_user_OK())) return false; |
---|
241 | |
---|
242 | // Preparation of $arg1, $arg2 and $forced |
---|
243 | $arg1 = ''; $arg2 = ''; |
---|
244 | if (isset($_POST['ec_input_action'])) switch ($_POST['ec_input_action']) { |
---|
245 | // case 'home': // Home : nothing to do : "arg"s are '' |
---|
246 | case 'add_p': // Additional Page |
---|
247 | if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; |
---|
248 | else ec_end1('ec_in_up_aps', 'ec_bad_argument1'); |
---|
249 | break; |
---|
250 | case 'cat': // Category |
---|
251 | case 'img': // Image |
---|
252 | if (isset($_POST['ec_in_up_cat'])) { |
---|
253 | $arg1 = $_POST['ec_in_up_cat']; |
---|
254 | if ($_POST['ec_input_action'] == 'img') { |
---|
255 | if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; |
---|
256 | else ec_end1('ec_in_up_img', 'ec_bad_argument1'); |
---|
257 | } |
---|
258 | } |
---|
259 | else ec_end1('ec_in_up_cat', 'ec_bad_argument1'); |
---|
260 | break; |
---|
261 | default: ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
262 | } |
---|
263 | else ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
264 | $forced = (isset($_POST['ec_in_up_forced'])) ? 'true' : 'false'; |
---|
265 | |
---|
266 | // Now we have the code, the user_id, arg1, arg2, and forced arguments |
---|
267 | if ( |
---|
268 | pwg_query(" |
---|
269 | INSERT INTO `".EVNTCATS_TABLE."` ( |
---|
270 | `code`, |
---|
271 | `user_id`, |
---|
272 | `action`, |
---|
273 | `arg1`, `arg2`, `forced` |
---|
274 | ) |
---|
275 | VALUES ( |
---|
276 | '".$_POST['ec_in_up_code']."', |
---|
277 | '".$ec_user_id."', |
---|
278 | 'ec_ok', |
---|
279 | '".$arg1."', '".$arg2."', '".$forced."' |
---|
280 | ); |
---|
281 | ") === false |
---|
282 | ) { |
---|
283 | $page['errors'][] = |
---|
284 | l10n('ec_entry_create_pb'). |
---|
285 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
286 | ; |
---|
287 | return false; |
---|
288 | } |
---|
289 | else { |
---|
290 | build_ec_lists(); |
---|
291 | $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); |
---|
292 | $page['infos'][] = |
---|
293 | l10n('ec_entry_create_OK').mysql_insert_id().' : '. |
---|
294 | $_POST['ec_in_up_code'].' => '. |
---|
295 | $ec_lists['user_ids'][$ec_user_id].$forced |
---|
296 | ; |
---|
297 | return true; |
---|
298 | } |
---|
299 | } |
---|
300 | |
---|
301 | /* |
---|
302 | * ec_duplicate_entry_OK() |
---|
303 | * returns true or false whether the duplication of an existing entry which # |
---|
304 | * is given by $_POST['ec_entry_sel'] was OK or not. |
---|
305 | * |
---|
306 | * @param |
---|
307 | * no param |
---|
308 | * @return |
---|
309 | * true if creation was OK ; false if not |
---|
310 | */ |
---|
311 | function ec_duplicate_entry_OK() { |
---|
312 | global $page, $ec_lists; |
---|
313 | |
---|
314 | build_ec_duplicable_codes(); |
---|
315 | if (array_key_exists($_POST['ec_entry_sel'], |
---|
316 | $ec_lists['duplicable_codes']['ids'])) { |
---|
317 | $arg1 = ''; $arg2 = ''; |
---|
318 | switch ($_POST['ec_input_action']) { |
---|
319 | // case 'home': // Home : nothing to do : "arg"s are '' |
---|
320 | case 'add_p': |
---|
321 | if (array_key_exists($_POST['ec_in_up_aps'],$ec_lists['add_pages'])) { |
---|
322 | $arg2 = $_POST['ec_in_up_aps']; } |
---|
323 | else return ec_end1('ec_in_up_aps', 'ec_bad_argument4'); |
---|
324 | case 'img': |
---|
325 | case 'cat': |
---|
326 | if (array_key_exists($_POST['ec_in_up_cat'], |
---|
327 | $ec_lists['categories'])) { |
---|
328 | if ($_POST['ec_input_action'] == 'img') { |
---|
329 | if ( |
---|
330 | ec_image_exists($_POST['ec_in_up_cat'], $_POST['ec_in_up_img']) |
---|
331 | ) $arg2 = $_POST['ec_in_up_img']; |
---|
332 | else return ec_end1('ec_in_up_img', 'ec_bad_argument4'); |
---|
333 | } |
---|
334 | $arg1 = $_POST['ec_in_up_cat']; |
---|
335 | } |
---|
336 | else return ec_end1('ec_in_up_cat', 'ec_bad_argument4'); |
---|
337 | break; |
---|
338 | default: return ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
339 | } |
---|
340 | if ( |
---|
341 | pwg_query(" |
---|
342 | INSERT INTO `".EVNTCATS_TABLE."` |
---|
343 | (`code`, `user_id`, `action`, `arg1`, `arg2`) |
---|
344 | VALUES ( |
---|
345 | '".$ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']."', |
---|
346 | '".$ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']."', |
---|
347 | 'ec_ok', |
---|
348 | '".$arg1."', |
---|
349 | '".$arg2."' |
---|
350 | ); |
---|
351 | ") === false |
---|
352 | ) { |
---|
353 | $page['errors'][] = |
---|
354 | l10n('ec_entry_dup_nok_pre1'). |
---|
355 | $_POST['ec_entry_sel']. |
---|
356 | l10n('ec_entry_dup_nok_end1'). |
---|
357 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
358 | ; |
---|
359 | return false; |
---|
360 | } |
---|
361 | else { |
---|
362 | $page['infos'][] = |
---|
363 | l10n('ec_entry_dup_ok_pre'). |
---|
364 | $_POST['ec_entry_sel'].' ('. |
---|
365 | $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code'].')'. |
---|
366 | l10n('ec_entry_dup_ok_end') |
---|
367 | ; |
---|
368 | build_ec_table(); |
---|
369 | return true; |
---|
370 | } |
---|
371 | } |
---|
372 | else return ec_end1('ec_entry_sel', 'ec_bad_argument5'); |
---|
373 | } |
---|
374 | |
---|
375 | /* |
---|
376 | * ec_modify_entry_OK() |
---|
377 | * returns true or false whether the modification of an existing entry which # |
---|
378 | * is given by $_POST['ec_entry_sel'] was OK or not. |
---|
379 | * |
---|
380 | * @param |
---|
381 | * no param |
---|
382 | * @return |
---|
383 | * true if modification was OK ; false if not |
---|
384 | */ |
---|
385 | function ec_modify_entry_OK() { |
---|
386 | global $page; |
---|
387 | $page['errors'][] = 'Y\'a pas eu une erreur ?...'; |
---|
388 | return false; |
---|
389 | } |
---|
390 | |
---|
391 | /* |
---|
392 | * ec_toggle_forced_entry() |
---|
393 | * Toggles the 'forced' property of an entry, provided it complies to the |
---|
394 | * rules. |
---|
395 | * |
---|
396 | * @param |
---|
397 | * no param |
---|
398 | * @return |
---|
399 | * no return value |
---|
400 | */ |
---|
401 | function ec_toggle_forced_entry() { |
---|
402 | global $page; |
---|
403 | $page['errors'][] = 'ec_toggle_forced_entry'; |
---|
404 | } |
---|
405 | |
---|
406 | /* |
---|
407 | * ec_delete_entry() |
---|
408 | * tries to delete an existing entry which # is given by |
---|
409 | * $_POST['ec_entry_sel']. |
---|
410 | * |
---|
411 | * @param |
---|
412 | * no param |
---|
413 | * @return |
---|
414 | * no return value : modifies $page['errors'] or $page['infos'] |
---|
415 | */ |
---|
416 | function ec_delete_entry() { |
---|
417 | global $page, $ec_lists; |
---|
418 | if (array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table'])) { |
---|
419 | if (!pwg_query(' |
---|
420 | DELETE FROM `'.EVNTCATS_TABLE.'` |
---|
421 | WHERE `id` = '.$_POST['ec_entry_sel'] |
---|
422 | )) { |
---|
423 | $page['errors'][] = |
---|
424 | l10n('ec_entry_del_nok_pre'). |
---|
425 | $_POST['ec_entry_sel']. |
---|
426 | l10n('ec_entry_del_nok_end'). |
---|
427 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
428 | ; |
---|
429 | } |
---|
430 | else { |
---|
431 | $page['infos'][] = |
---|
432 | l10n('ec_entry_del_ok_pre'). |
---|
433 | $_POST['ec_entry_sel']. |
---|
434 | l10n('ec_entry_del_ok_end'); |
---|
435 | build_ec_table(); |
---|
436 | } |
---|
437 | } |
---|
438 | else ec_end1('ec_entry_sel', 'ec_bad_argument1'); |
---|
439 | } |
---|
440 | |
---|
441 | ?> |
---|