1 | <?php |
---|
2 | |
---|
3 | // +-----------------------------------------------------------------------+ |
---|
4 | // | Piwigo - a PHP based picture gallery | |
---|
5 | // +-----------------------------------------------------------------------+ |
---|
6 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
7 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
8 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
9 | // +-----------------------------------------------------------------------+ |
---|
10 | // | This program is free software; you can redistribute it and/or modify | |
---|
11 | // | it under the terms of the GNU General Public License as published by | |
---|
12 | // | the Free Software Foundation | |
---|
13 | // | | |
---|
14 | // | This program is distributed in the hope that it will be useful, but | |
---|
15 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
16 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
17 | // | General Public License for more details. | |
---|
18 | // | | |
---|
19 | // | You should have received a copy of the GNU General Public License | |
---|
20 | // | along with this program; if not, write to the Free Software | |
---|
21 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
22 | // | USA. | |
---|
23 | // +-----------------------------------------------------------------------+ |
---|
24 | |
---|
25 | // *************************************************************************** |
---|
26 | // ** evntcats_admin_funcs.php : Admin functions (include) ** |
---|
27 | // ** for Piwigo plugin Event Cats ** |
---|
28 | // *************************************************************************** |
---|
29 | |
---|
30 | // +-----------------------------------------------------------------------+ |
---|
31 | // | Header | |
---|
32 | // +-----------------------------------------------------------------------+ |
---|
33 | |
---|
34 | global $conf, $page; |
---|
35 | |
---|
36 | // +-----------------------------------------------------------------------+ |
---|
37 | // | Utilities functions | |
---|
38 | // +-----------------------------------------------------------------------+ |
---|
39 | |
---|
40 | /* |
---|
41 | * ec_end1() |
---|
42 | * Process repetitive task when error in database modifying functions. |
---|
43 | * |
---|
44 | * @param |
---|
45 | * $pst : $_POST argument |
---|
46 | * $msg : message |
---|
47 | * @return |
---|
48 | * false as this function is used when there is a problem |
---|
49 | */ |
---|
50 | function ec_end1($pst, $msg) { |
---|
51 | global $page; |
---|
52 | if (isset($_POST[$pst])) |
---|
53 | $page['errors'][] = |
---|
54 | l10n($msg). |
---|
55 | '$_POST[\''.$pst.'\'] = '. |
---|
56 | $_POST[$pst]; |
---|
57 | else |
---|
58 | $page['errors'][] = |
---|
59 | l10n($msg). |
---|
60 | '$_POST[\''.$pst.'\'] unset'; |
---|
61 | return false; |
---|
62 | } |
---|
63 | |
---|
64 | /* |
---|
65 | * ec_create_user_OK() |
---|
66 | * Creates new generic user and eventually new group as described in $_POST. |
---|
67 | * Assumes that the validity of the different indexes of $_POST it uses, have |
---|
68 | * already been checked. |
---|
69 | * |
---|
70 | * @param |
---|
71 | * no param needed |
---|
72 | * @return |
---|
73 | * the created user_id or false whether all operations suceeded or not |
---|
74 | */ |
---|
75 | function ec_create_user_OK() { |
---|
76 | global $page; |
---|
77 | |
---|
78 | // This function assumes that the validity of the different indexes of |
---|
79 | // $_POST it uses, have already been checked. |
---|
80 | |
---|
81 | // User creation, as generic |
---|
82 | $ec_user_id = false; |
---|
83 | $page['errors'] = register_user( |
---|
84 | $_POST['login'], $_POST['password'], '', false |
---|
85 | ); |
---|
86 | if ( |
---|
87 | count($page['errors']) != 0 or |
---|
88 | !($ec_user_id = get_userid($_POST['login'])) |
---|
89 | ) { |
---|
90 | array_unshift($page['errors'], l10n('ec_user_create_pb')); |
---|
91 | return false; |
---|
92 | } |
---|
93 | else |
---|
94 | $page['infos'][] = l10n('ec_user_create_OK').$_POST['login']; |
---|
95 | if ( |
---|
96 | pwg_query(" |
---|
97 | UPDATE `".USER_INFOS_TABLE."` |
---|
98 | SET `status` = 'generic' |
---|
99 | WHERE `user_id` = ".$ec_user_id."; |
---|
100 | ") !== false |
---|
101 | ) |
---|
102 | $page['infos'][] = l10n('ec_user_generic_OK').$_POST['login']; |
---|
103 | else |
---|
104 | $page['errors'][] =l10n('ec_user_generic_pb').$_POST['login']; |
---|
105 | |
---|
106 | // New group creation if required, |
---|
107 | // and association with user_id at the same time |
---|
108 | if ( |
---|
109 | isset($_POST['ec_in_up_newgroup']) and |
---|
110 | isset($_POST['groupname']) and |
---|
111 | $_POST['groupname'] != '' |
---|
112 | ) { |
---|
113 | $t2 = 0; $t3 = false; $t4 = false; |
---|
114 | while ( |
---|
115 | !($t3 = mysql_fetch_row(pwg_query(" |
---|
116 | SELECT `id` |
---|
117 | FROM `".GROUPS_TABLE."` |
---|
118 | WHERE `name` = '".$_POST['groupname']."'; |
---|
119 | "))) and |
---|
120 | $t2++ == 0 |
---|
121 | ) $t4 = pwg_query(" |
---|
122 | INSERT INTO `".GROUPS_TABLE."` (`name`, `is_default`) |
---|
123 | VALUES ('".$_POST['groupname']."', 'false'); |
---|
124 | "); |
---|
125 | if ($t4) |
---|
126 | $page['infos'][]=l10n('ec_group_create_OK').$_POST['groupname']; |
---|
127 | if (!$t3) |
---|
128 | $page['errors'][] = |
---|
129 | l10n('ec_group_create_pb').' (1) ; '. |
---|
130 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
131 | if ( |
---|
132 | pwg_query(" |
---|
133 | INSERT INTO `".USER_GROUP_TABLE."` (`user_id`, `group_id`) |
---|
134 | VALUES ('".$ec_user_id."', '".$t3[0]."'); |
---|
135 | ") === false |
---|
136 | ) $page['errors'][] = |
---|
137 | l10n('ec_group_create_pb').' (2) ; '. |
---|
138 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
139 | else |
---|
140 | $page['infos'][] = |
---|
141 | $_POST['login']. |
---|
142 | l10n('ec_group_create_OK2'). |
---|
143 | $_POST['groupname'] |
---|
144 | ; |
---|
145 | } |
---|
146 | return $ec_user_id; |
---|
147 | } |
---|
148 | |
---|
149 | // +-----------------------------------------------------------------------+ |
---|
150 | // | Tables building functions | |
---|
151 | // +-----------------------------------------------------------------------+ |
---|
152 | |
---|
153 | /* |
---|
154 | * build_ec_duplicable_codes() |
---|
155 | * |
---|
156 | * |
---|
157 | * @param |
---|
158 | * no parameter passed, the main material on which works the function, is |
---|
159 | * the global array variable $ec_lists. |
---|
160 | * @return |
---|
161 | * (no return value) |
---|
162 | */ |
---|
163 | function build_ec_duplicable_codes() { |
---|
164 | global $ec_lists, $template; |
---|
165 | $ec_lists['duplicable_codes'] = array(); |
---|
166 | $t = array(); |
---|
167 | foreach ($ec_lists['ec_table'] as $ec_entry) { |
---|
168 | if ( |
---|
169 | is_in($ec_entry['action'], 'ec_ok') and |
---|
170 | $ec_entry['forced'] == 'false' |
---|
171 | ) { |
---|
172 | $t[$ec_entry['id']] = $ec_entry['code']; |
---|
173 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['id'] = |
---|
174 | $ec_entry['id']; |
---|
175 | $ec_lists['duplicable_codes']['codes'][$ec_entry['code']]['user_id'] = |
---|
176 | $ec_entry['user_id']; |
---|
177 | } |
---|
178 | } |
---|
179 | foreach ($t as $ec_id => $ec_code) { |
---|
180 | $ec_lists['duplicable_codes']['ids'][$ec_id] = |
---|
181 | $ec_lists['duplicable_codes']['codes'][$ec_code]['id']; |
---|
182 | } |
---|
183 | |
---|
184 | // Builds a category list displayed a best way |
---|
185 | build_ec_categories(false); |
---|
186 | } |
---|
187 | |
---|
188 | // +-----------------------------------------------------------------------+ |
---|
189 | // | Database modifying functions | |
---|
190 | // +-----------------------------------------------------------------------+ |
---|
191 | |
---|
192 | /* |
---|
193 | * ec_create_modify_entry_OK() |
---|
194 | * returns true or false whether the creation of a new entry described by |
---|
195 | * $_POST was OK or not. |
---|
196 | * |
---|
197 | * @param |
---|
198 | * no param |
---|
199 | * @return |
---|
200 | * true if creation was OK ; false if not |
---|
201 | */ |
---|
202 | function ec_create_modify_entry_OK() { |
---|
203 | global $page, $ec_lists; |
---|
204 | |
---|
205 | // $_POST validity checks : action prevented in case of bad arguments |
---|
206 | |
---|
207 | if (!isset($_POST['ec_act1'])) |
---|
208 | return ec_end1('ec_act1', 'ec_bad_argument1'); |
---|
209 | |
---|
210 | if (!isset($_POST['ec_input_action'])) |
---|
211 | return ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
212 | |
---|
213 | $is_creation = true; |
---|
214 | $action = 'ec_ok'; |
---|
215 | $arg1 = ''; |
---|
216 | $arg2 = ''; |
---|
217 | switch ($_POST['ec_act1']) { |
---|
218 | |
---|
219 | case 'create': |
---|
220 | |
---|
221 | if ( |
---|
222 | !isset($_POST['ec_in_up_code']) or |
---|
223 | !ereg('^[a-zA-Z0-9_-]{4,32}$', $_POST['ec_in_up_code']) |
---|
224 | ) return ec_end1('ec_in_up_code', 'ec_bad_argument7'); |
---|
225 | else $ec_code = $_POST['ec_in_up_code']; |
---|
226 | |
---|
227 | foreach ($ec_lists['ec_table'] as $ec_entry) |
---|
228 | if ($ec_code == $ec_entry['code']) |
---|
229 | return ec_end1('ec_in_up_code', 'ec_bad_argument2'); |
---|
230 | |
---|
231 | if ( |
---|
232 | !isset($_POST['ec_sel_user']) or ( |
---|
233 | $_POST['ec_sel_user'] != 'new' and |
---|
234 | $_POST['ec_sel_user'] != 'old' |
---|
235 | ) |
---|
236 | ) return ec_end1('ec_sel_user', 'ec_bad_argument1'); |
---|
237 | |
---|
238 | case 'modify_entry_submit': |
---|
239 | |
---|
240 | $ec_user_id = ''; |
---|
241 | if (isset($_POST['ec_sel_user'])) { |
---|
242 | if ($_POST['ec_sel_user'] == 'new') { |
---|
243 | if ( |
---|
244 | !isset($_POST['login']) or |
---|
245 | $_POST['login'] == '' |
---|
246 | ) return ec_end1('login', 'ec_bad_argument1'); |
---|
247 | if (in_array($_POST['login'], $ec_lists['user_ids'])) |
---|
248 | return ec_end1('login', 'ec_bad_argument3'); |
---|
249 | } |
---|
250 | elseif ($_POST['ec_sel_user'] == 'old') { |
---|
251 | if (!isset($_POST['ec_in_up_usr_list'])) |
---|
252 | return ec_end1('login', 'ec_bad_argument1'); |
---|
253 | $ec_user_id = $_POST['ec_in_up_usr_list']; |
---|
254 | if (!array_key_exists($ec_user_id, $ec_lists['user_ids'])) |
---|
255 | return ec_end1('ec_in_up_usr_list', 'ec_bad_argument6'); |
---|
256 | } |
---|
257 | else $action = 'ec_nok'; |
---|
258 | } |
---|
259 | else $action = 'ec_nok'; |
---|
260 | |
---|
261 | if ($_POST['ec_act1'] == 'create') break; |
---|
262 | |
---|
263 | $is_creation = false; |
---|
264 | |
---|
265 | case 'duplicate_entry_submit': |
---|
266 | |
---|
267 | if ( |
---|
268 | !isset($_POST['ec_entry_sel']) or |
---|
269 | !array_key_exists($_POST['ec_entry_sel'], $ec_lists['ec_table']) |
---|
270 | ) return ec_end1('ec_entry_sel', 'ec_bad_argument5'); |
---|
271 | |
---|
272 | if ($_POST['ec_act1'] == 'modify_entry_submit') break; |
---|
273 | |
---|
274 | build_ec_duplicable_codes(); |
---|
275 | if (!array_key_exists($_POST['ec_entry_sel'], |
---|
276 | $ec_lists['duplicable_codes']['ids']) |
---|
277 | ) return ec_end1('ec_entry_sel', 'ec_bad_argument5'); |
---|
278 | $ec_code = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['code']; |
---|
279 | $ec_user_id = $ec_lists['ec_table'][$_POST['ec_entry_sel']]['user_id']; |
---|
280 | |
---|
281 | break; |
---|
282 | default: ec_end1('ec_act1', 'ec_bad_argument1'); |
---|
283 | } |
---|
284 | |
---|
285 | // Preparation of $arg1, $arg2 and $forced |
---|
286 | switch ($_POST['ec_input_action']) { |
---|
287 | // case 'home': // Home : nothing to do : "arg"s are '' |
---|
288 | // case 'refused': $_POST['ec_sel_user'] unset, nothing to do |
---|
289 | case 'add_p': // Additional Page |
---|
290 | if (isset($_POST['ec_in_up_aps'])) $arg2 = $_POST['ec_in_up_aps']; |
---|
291 | else ec_end1('ec_in_up_aps', 'ec_bad_argument1'); |
---|
292 | break; |
---|
293 | case 'cat': // Category |
---|
294 | case 'img': // Image |
---|
295 | if (isset($_POST['ec_in_up_cat'])) { |
---|
296 | $arg1 = $_POST['ec_in_up_cat']; |
---|
297 | if ($_POST['ec_input_action'] == 'img') { |
---|
298 | if (isset($_POST['ec_in_up_img'])) $arg2 = $_POST['ec_in_up_img']; |
---|
299 | else ec_end1('ec_in_up_img', 'ec_bad_argument1'); |
---|
300 | } |
---|
301 | } |
---|
302 | else ec_end1('ec_in_up_cat', 'ec_bad_argument1'); |
---|
303 | break; |
---|
304 | default: ec_end1('ec_input_action', 'ec_bad_argument1'); |
---|
305 | } |
---|
306 | |
---|
307 | if (isset($_POST['ec_in_up_forced'])) { |
---|
308 | if ($_POST['ec_act1'] == 'duplicate_entry_submit') |
---|
309 | ec_end1('ec_in_up_forced', 'ec_bad_argument1'); |
---|
310 | if (!$is_creation) { |
---|
311 | if ( |
---|
312 | $t1 = mysql_fetch_row(pwg_query(" |
---|
313 | SELECT `code` |
---|
314 | FROM `".EVNTCATS_TABLE."` |
---|
315 | WHERE `id` = '".$_POST['ec_entry_sel']."' |
---|
316 | ")) === false |
---|
317 | ) die('Code not found in DB ?!'); |
---|
318 | $r = pwg_query(" |
---|
319 | SELECT `id` |
---|
320 | FROM `".EVNTCATS_TABLE."` |
---|
321 | WHERE `code` = '".$t1[0]."' |
---|
322 | AND `id` <> '".$_POST['ec_entry_sel']."' |
---|
323 | "); |
---|
324 | while ($t2 = mysql_fetch_row($r)) if (!ec_delete_entry_OK($t2[0])) |
---|
325 | return false; |
---|
326 | } |
---|
327 | $forced = 'true'; |
---|
328 | } |
---|
329 | else $forced = 'false'; |
---|
330 | |
---|
331 | // User and eventually group creation, if needed |
---|
332 | if ($_POST['ec_act1'] != 'duplicate_entry_submit') |
---|
333 | if ($_POST['ec_sel_user'] == 'new') |
---|
334 | if (!($ec_user_id = ec_create_user_OK())) return false; |
---|
335 | |
---|
336 | // Now we have all infos |
---|
337 | if ($is_creation) { |
---|
338 | if ( |
---|
339 | pwg_query(" |
---|
340 | INSERT INTO `".EVNTCATS_TABLE."` ( |
---|
341 | `code`, |
---|
342 | `user_id`, |
---|
343 | `action`, |
---|
344 | `arg1`, `arg2`, `forced` |
---|
345 | ) |
---|
346 | VALUES ( |
---|
347 | '".$ec_code."', |
---|
348 | '".$ec_user_id."', |
---|
349 | '".$action."', |
---|
350 | '".$arg1."', '".$arg2."', '".$forced."' |
---|
351 | ); |
---|
352 | ") === false |
---|
353 | ) { |
---|
354 | $page['errors'][] = |
---|
355 | l10n('ec_entry_create_pb'). |
---|
356 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
357 | ; |
---|
358 | return false; |
---|
359 | } |
---|
360 | else { |
---|
361 | build_ec_lists(); |
---|
362 | $forced = ($forced == 'false') ? '' : l10n('ec_cnfrm_forced'); |
---|
363 | $page['infos'][] = |
---|
364 | l10n('ec_entry_create_OK').mysql_insert_id().' : '. |
---|
365 | $_POST['ec_in_up_code'].' => '. |
---|
366 | $ec_lists['user_ids'][$ec_user_id].$forced |
---|
367 | ; |
---|
368 | } |
---|
369 | } |
---|
370 | else { |
---|
371 | if ( |
---|
372 | pwg_query(" |
---|
373 | UPDATE `".EVNTCATS_TABLE."` |
---|
374 | SET |
---|
375 | `user_id` = '".$ec_user_id."', |
---|
376 | `action` = '".$action."', |
---|
377 | `arg1` = '".$arg1."', |
---|
378 | `arg2` = '".$arg2."', |
---|
379 | `forced` = '".$forced."' |
---|
380 | WHERE `id` = '".$_POST['ec_entry_sel']."' |
---|
381 | ") === false |
---|
382 | ) { |
---|
383 | $page['errors'][] = |
---|
384 | l10n('ec_entry_create_pb'). |
---|
385 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"' |
---|
386 | ; |
---|
387 | return false; |
---|
388 | } |
---|
389 | else { |
---|
390 | $page['infos'][] = l10n('ec_entry_modify_OK').$_POST['ec_entry_sel']; |
---|
391 | build_ec_lists(); |
---|
392 | } |
---|
393 | } |
---|
394 | return true; |
---|
395 | } |
---|
396 | |
---|
397 | /* |
---|
398 | * ec_toggle_forced_entry() |
---|
399 | * Toggles the 'forced' property of an entry, provided it complies to the |
---|
400 | * rules. |
---|
401 | * |
---|
402 | * @param |
---|
403 | * no param |
---|
404 | * @return |
---|
405 | * no return value |
---|
406 | */ |
---|
407 | function ec_toggle_forced_entry() { |
---|
408 | global $page; |
---|
409 | $page['errors'][] = 'ec_toggle_forced_entry'; |
---|
410 | } |
---|
411 | |
---|
412 | /* |
---|
413 | * ec_delete_entry_OK($ec_id) |
---|
414 | * tries to delete an existing entry. |
---|
415 | * |
---|
416 | * @param |
---|
417 | * $ec_id : the entry to be deleted |
---|
418 | * @return |
---|
419 | * true or false whether deleting succeeded. |
---|
420 | */ |
---|
421 | function ec_delete_entry_OK($ec_id) { |
---|
422 | global $page; |
---|
423 | if (!pwg_query(" |
---|
424 | DELETE FROM `".EVNTCATS_TABLE."` |
---|
425 | WHERE `id` = ".$ec_id |
---|
426 | )) { |
---|
427 | $page['errors'][] = |
---|
428 | l10n('ec_entry_del_nok_pre'). |
---|
429 | $ec_id. |
---|
430 | l10n('ec_entry_del_nok_end'). |
---|
431 | 'MySQL error '.mysql_errno().', "'.mysql_error().'"'; |
---|
432 | return false; |
---|
433 | } |
---|
434 | else $page['infos'][] = |
---|
435 | l10n('ec_entry_del_ok_pre'). |
---|
436 | $ec_id. |
---|
437 | l10n('ec_entry_del_ok_end'); |
---|
438 | return true; |
---|
439 | } |
---|
440 | |
---|
441 | ?> |
---|