[61] | 1 | <?php |
---|
[362] | 2 | // +-----------------------------------------------------------------------+ |
---|
[2297] | 3 | // | Piwigo - a PHP based picture gallery | |
---|
| 4 | // +-----------------------------------------------------------------------+ |
---|
[3049] | 5 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
---|
[2297] | 6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
---|
| 7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
---|
| 8 | // +-----------------------------------------------------------------------+ |
---|
| 9 | // | This program is free software; you can redistribute it and/or modify | |
---|
| 10 | // | it under the terms of the GNU General Public License as published by | |
---|
| 11 | // | the Free Software Foundation | |
---|
| 12 | // | | |
---|
| 13 | // | This program is distributed in the hope that it will be useful, but | |
---|
| 14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
---|
| 15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
---|
| 16 | // | General Public License for more details. | |
---|
| 17 | // | | |
---|
| 18 | // | You should have received a copy of the GNU General Public License | |
---|
| 19 | // | along with this program; if not, write to the Free Software | |
---|
| 20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
---|
| 21 | // | USA. | |
---|
| 22 | // +-----------------------------------------------------------------------+ |
---|
[61] | 23 | |
---|
[575] | 24 | if(!defined("PHPWG_ROOT_PATH")) |
---|
[509] | 25 | { |
---|
[825] | 26 | die('Hacking attempt!'); |
---|
[509] | 27 | } |
---|
[825] | 28 | |
---|
[1072] | 29 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
| 30 | |
---|
[825] | 31 | // +-----------------------------------------------------------------------+ |
---|
[1072] | 32 | // | Check Access and exit when user status is not ok | |
---|
| 33 | // +-----------------------------------------------------------------------+ |
---|
| 34 | check_status(ACCESS_ADMINISTRATOR); |
---|
| 35 | |
---|
| 36 | // +-----------------------------------------------------------------------+ |
---|
[825] | 37 | // | synchronize metadata | |
---|
| 38 | // +-----------------------------------------------------------------------+ |
---|
| 39 | |
---|
[1085] | 40 | if (isset($_GET['sync_metadata']) and !is_adviser()) |
---|
[825] | 41 | { |
---|
| 42 | $query = ' |
---|
| 43 | SELECT path |
---|
| 44 | FROM '.IMAGES_TABLE.' |
---|
| 45 | WHERE id = '.$_GET['image_id'].' |
---|
| 46 | ;'; |
---|
| 47 | list($path) = mysql_fetch_row(pwg_query($query)); |
---|
| 48 | update_metadata(array($_GET['image_id'] => $path)); |
---|
| 49 | |
---|
| 50 | array_push($page['infos'], l10n('Metadata synchronized from file')); |
---|
| 51 | } |
---|
| 52 | |
---|
[61] | 53 | //--------------------------------------------------------- update informations |
---|
[825] | 54 | |
---|
[61] | 55 | // first, we verify whether there is a mistake on the given creation date |
---|
[825] | 56 | if (isset($_POST['date_creation_action']) |
---|
| 57 | and 'set' == $_POST['date_creation_action']) |
---|
[61] | 58 | { |
---|
[825] | 59 | if (!checkdate( |
---|
| 60 | $_POST['date_creation_month'], |
---|
| 61 | $_POST['date_creation_day'], |
---|
| 62 | $_POST['date_creation_year']) |
---|
| 63 | ) |
---|
[575] | 64 | { |
---|
[2201] | 65 | array_push($page['errors'], l10n('err_date')); |
---|
[575] | 66 | } |
---|
[61] | 67 | } |
---|
[825] | 68 | |
---|
[1571] | 69 | if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser()) |
---|
[61] | 70 | { |
---|
[825] | 71 | $data = array(); |
---|
| 72 | $data{'id'} = $_GET['image_id']; |
---|
| 73 | $data{'name'} = $_POST['name']; |
---|
| 74 | $data{'author'} = $_POST['author']; |
---|
[2090] | 75 | $data['level'] = $_POST['level']; |
---|
[61] | 76 | |
---|
[825] | 77 | if ($conf['allow_html_descriptions']) |
---|
| 78 | { |
---|
| 79 | $data{'comment'} = @$_POST['description']; |
---|
| 80 | } |
---|
[61] | 81 | else |
---|
[825] | 82 | { |
---|
| 83 | $data{'comment'} = strip_tags(@$_POST['description']); |
---|
| 84 | } |
---|
[61] | 85 | |
---|
[825] | 86 | if (isset($_POST['date_creation_action'])) |
---|
| 87 | { |
---|
| 88 | if ('set' == $_POST['date_creation_action']) |
---|
| 89 | { |
---|
| 90 | $data{'date_creation'} = $_POST['date_creation_year'] |
---|
| 91 | .'-'.$_POST['date_creation_month'] |
---|
| 92 | .'-'.$_POST['date_creation_day']; |
---|
| 93 | } |
---|
| 94 | else if ('unset' == $_POST['date_creation_action']) |
---|
| 95 | { |
---|
| 96 | $data{'date_creation'} = ''; |
---|
| 97 | } |
---|
| 98 | } |
---|
[61] | 99 | |
---|
[825] | 100 | mass_updates( |
---|
| 101 | IMAGES_TABLE, |
---|
| 102 | array( |
---|
| 103 | 'primary' => array('id'), |
---|
| 104 | 'update' => array_diff(array_keys($data), array('id')) |
---|
| 105 | ), |
---|
| 106 | array($data) |
---|
| 107 | ); |
---|
| 108 | |
---|
[1119] | 109 | set_tags( |
---|
| 110 | isset($_POST['tags']) ? $_POST['tags'] : array(), |
---|
| 111 | $_GET['image_id'] |
---|
| 112 | ); |
---|
| 113 | |
---|
[825] | 114 | array_push($page['infos'], l10n('Picture informations updated')); |
---|
[635] | 115 | } |
---|
| 116 | // associate the element to other categories than its storage category |
---|
| 117 | if (isset($_POST['associate']) |
---|
| 118 | and isset($_POST['cat_dissociated']) |
---|
[1571] | 119 | and count($_POST['cat_dissociated']) > 0 |
---|
| 120 | and !is_adviser() |
---|
| 121 | ) |
---|
[635] | 122 | { |
---|
[1121] | 123 | associate_images_to_categories( |
---|
| 124 | array($_GET['image_id']), |
---|
| 125 | $_POST['cat_dissociated'] |
---|
[1065] | 126 | ); |
---|
[635] | 127 | } |
---|
| 128 | // dissociate the element from categories (but not from its storage category) |
---|
| 129 | if (isset($_POST['dissociate']) |
---|
| 130 | and isset($_POST['cat_associated']) |
---|
[1571] | 131 | and count($_POST['cat_associated']) > 0 |
---|
| 132 | and !is_adviser() |
---|
| 133 | ) |
---|
[635] | 134 | { |
---|
[575] | 135 | $query = ' |
---|
| 136 | DELETE FROM '.IMAGE_CATEGORY_TABLE.' |
---|
| 137 | WHERE image_id = '.$_GET['image_id'].' |
---|
[1121] | 138 | AND category_id IN ('.implode(',', $_POST['cat_associated']).') |
---|
[635] | 139 | '; |
---|
| 140 | pwg_query($query); |
---|
[1609] | 141 | |
---|
[635] | 142 | update_category($_POST['cat_associated']); |
---|
[61] | 143 | } |
---|
[640] | 144 | // elect the element to represent the given categories |
---|
| 145 | if (isset($_POST['elect']) |
---|
| 146 | and isset($_POST['cat_dismissed']) |
---|
[1571] | 147 | and count($_POST['cat_dismissed']) > 0 |
---|
| 148 | and !is_adviser() |
---|
| 149 | ) |
---|
[640] | 150 | { |
---|
| 151 | $datas = array(); |
---|
| 152 | foreach ($_POST['cat_dismissed'] as $category_id) |
---|
| 153 | { |
---|
| 154 | array_push($datas, |
---|
| 155 | array('id' => $category_id, |
---|
| 156 | 'representative_picture_id' => $_GET['image_id'])); |
---|
| 157 | } |
---|
| 158 | $fields = array('primary' => array('id'), |
---|
| 159 | 'update' => array('representative_picture_id')); |
---|
| 160 | mass_updates(CATEGORIES_TABLE, $fields, $datas); |
---|
| 161 | } |
---|
| 162 | // dismiss the element as representant of the given categories |
---|
| 163 | if (isset($_POST['dismiss']) |
---|
| 164 | and isset($_POST['cat_elected']) |
---|
[1571] | 165 | and count($_POST['cat_elected']) > 0 |
---|
| 166 | and !is_adviser() |
---|
| 167 | ) |
---|
[640] | 168 | { |
---|
| 169 | set_random_representant($_POST['cat_elected']); |
---|
| 170 | } |
---|
[61] | 171 | |
---|
| 172 | // retrieving direct information about picture |
---|
[575] | 173 | $query = ' |
---|
[825] | 174 | SELECT * |
---|
| 175 | FROM '.IMAGES_TABLE.' |
---|
| 176 | WHERE id = '.$_GET['image_id'].' |
---|
[575] | 177 | ;'; |
---|
[587] | 178 | $row = mysql_fetch_array(pwg_query($query)); |
---|
[345] | 179 | |
---|
[2575] | 180 | $storage_category_id = null; |
---|
| 181 | if (!empty($row['storage_category_id'])) |
---|
| 182 | { |
---|
| 183 | $storage_category_id = $row['storage_category_id']; |
---|
| 184 | } |
---|
| 185 | |
---|
[1092] | 186 | $image_file = $row['file']; |
---|
[635] | 187 | |
---|
[1119] | 188 | // tags |
---|
| 189 | $query = ' |
---|
| 190 | SELECT tag_id |
---|
| 191 | FROM '.IMAGE_TAG_TABLE.' |
---|
| 192 | WHERE image_id = '.$_GET['image_id'].' |
---|
| 193 | ;'; |
---|
| 194 | $selected_tags = array_from_query($query, 'tag_id'); |
---|
| 195 | |
---|
[825] | 196 | // +-----------------------------------------------------------------------+ |
---|
| 197 | // | template init | |
---|
| 198 | // +-----------------------------------------------------------------------+ |
---|
| 199 | |
---|
[817] | 200 | $template->set_filenames( |
---|
| 201 | array( |
---|
[2530] | 202 | 'picture_modify' => 'picture_modify.tpl' |
---|
[817] | 203 | ) |
---|
| 204 | ); |
---|
| 205 | |
---|
[1314] | 206 | $all_tags = get_all_tags(); |
---|
| 207 | |
---|
| 208 | if (count($all_tags) > 0) |
---|
| 209 | { |
---|
| 210 | $tag_selection = get_html_tag_selection( |
---|
[1815] | 211 | $all_tags, |
---|
[1314] | 212 | 'tags', |
---|
| 213 | $selected_tags |
---|
| 214 | ); |
---|
| 215 | } |
---|
| 216 | else |
---|
| 217 | { |
---|
| 218 | $tag_selection = |
---|
| 219 | '<p>'. |
---|
| 220 | l10n('No tag defined. Use Administration>Pictures>Tags'). |
---|
| 221 | '</p>'; |
---|
| 222 | } |
---|
[1609] | 223 | |
---|
[2227] | 224 | $template->assign( |
---|
[825] | 225 | array( |
---|
| 226 | 'U_SYNC' => |
---|
[2304] | 227 | get_root_url().'admin.php?page=picture_modify'. |
---|
[825] | 228 | '&image_id='.$_GET['image_id']. |
---|
| 229 | (isset($_GET['cat_id']) ? '&cat_id='.$_GET['cat_id'] : ''). |
---|
[1004] | 230 | '&sync_metadata=1', |
---|
[1092] | 231 | |
---|
[825] | 232 | 'PATH'=>$row['path'], |
---|
[1092] | 233 | |
---|
[1609] | 234 | 'TN_SRC' => get_thumbnail_url($row), |
---|
[1092] | 235 | |
---|
[825] | 236 | 'NAME' => |
---|
| 237 | isset($_POST['name']) ? |
---|
| 238 | stripslashes($_POST['name']) : @$row['name'], |
---|
[1092] | 239 | |
---|
[825] | 240 | 'DIMENSIONS' => @$row['width'].' * '.@$row['height'], |
---|
[1092] | 241 | |
---|
[825] | 242 | 'FILESIZE' => @$row['filesize'].' KB', |
---|
[1092] | 243 | |
---|
[3122] | 244 | 'REGISTRATION_DATE' => format_date($row['date_available']), |
---|
[1092] | 245 | |
---|
[825] | 246 | 'AUTHOR' => isset($_POST['author']) ? $_POST['author'] : @$row['author'], |
---|
[1092] | 247 | |
---|
[1314] | 248 | 'TAG_SELECTION' => $tag_selection, |
---|
[1092] | 249 | |
---|
[825] | 250 | 'DESCRIPTION' => |
---|
[1861] | 251 | htmlspecialchars( isset($_POST['description']) ? |
---|
| 252 | stripslashes($_POST['description']) : @$row['comment'] ), |
---|
[1092] | 253 | |
---|
[825] | 254 | 'F_ACTION' => |
---|
[2304] | 255 | get_root_url().'admin.php' |
---|
[825] | 256 | .get_query_string_diff(array('sync_metadata')) |
---|
| 257 | ) |
---|
| 258 | ); |
---|
| 259 | |
---|
[1883] | 260 | if ($row['has_high'] == 'true') |
---|
| 261 | { |
---|
[2227] | 262 | $template->assign( |
---|
| 263 | 'HIGH_FILESIZE', |
---|
| 264 | isset($row['high_filesize']) |
---|
[1883] | 265 | ? $row['high_filesize'].' KB' |
---|
[2227] | 266 | : l10n('unknown') |
---|
[1883] | 267 | ); |
---|
| 268 | } |
---|
| 269 | |
---|
[2090] | 270 | // image level options |
---|
[2227] | 271 | $tpl_options = array(); |
---|
[2090] | 272 | foreach ($conf['available_permission_levels'] as $level) |
---|
| 273 | { |
---|
[2227] | 274 | $tpl_options[$level] = l10n( sprintf('Level %d', $level) ).' ('.$level.')'; |
---|
| 275 | } |
---|
| 276 | $selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level']; |
---|
| 277 | $template->assign( |
---|
[2090] | 278 | array( |
---|
[2227] | 279 | 'level_options'=> $tpl_options, |
---|
| 280 | 'level_options_selected' => array($selected_level) |
---|
| 281 | ) |
---|
| 282 | ); |
---|
[2090] | 283 | |
---|
[825] | 284 | // creation date |
---|
| 285 | unset($day, $month, $year); |
---|
| 286 | |
---|
| 287 | if (isset($_POST['date_creation_action']) |
---|
| 288 | and 'set' == $_POST['date_creation_action']) |
---|
| 289 | { |
---|
| 290 | foreach (array('day', 'month', 'year') as $varname) |
---|
| 291 | { |
---|
| 292 | $$varname = $_POST['date_creation_'.$varname]; |
---|
| 293 | } |
---|
| 294 | } |
---|
| 295 | else if (isset($row['date_creation']) and !empty($row['date_creation'])) |
---|
| 296 | { |
---|
| 297 | list($year, $month, $day) = explode('-', $row['date_creation']); |
---|
| 298 | } |
---|
| 299 | else |
---|
| 300 | { |
---|
| 301 | list($year, $month, $day) = array('', 0, 0); |
---|
| 302 | } |
---|
[2227] | 303 | |
---|
| 304 | |
---|
| 305 | $month_list = $lang['month']; |
---|
| 306 | $month_list[0]='------------'; |
---|
| 307 | ksort($month_list); |
---|
[1092] | 308 | |
---|
[2227] | 309 | $template->assign( |
---|
| 310 | array( |
---|
| 311 | 'DATE_CREATION_DAY_VALUE' => $day, |
---|
| 312 | 'DATE_CREATION_MONTH_VALUE' => $month, |
---|
| 313 | 'DATE_CREATION_YEAR_VALUE' => $year, |
---|
| 314 | 'month_list' => $month_list, |
---|
| 315 | ) |
---|
| 316 | ); |
---|
| 317 | |
---|
[825] | 318 | $query = ' |
---|
| 319 | SELECT category_id, uppercats |
---|
| 320 | FROM '.IMAGE_CATEGORY_TABLE.' AS ic |
---|
| 321 | INNER JOIN '.CATEGORIES_TABLE.' AS c |
---|
| 322 | ON c.id = ic.category_id |
---|
| 323 | WHERE image_id = '.$_GET['image_id'].' |
---|
| 324 | ;'; |
---|
| 325 | $result = pwg_query($query); |
---|
| 326 | |
---|
| 327 | while ($row = mysql_fetch_array($result)) |
---|
| 328 | { |
---|
| 329 | $name = |
---|
| 330 | get_cat_display_name_cache( |
---|
| 331 | $row['uppercats'], |
---|
[2227] | 332 | get_root_url().'admin.php?page=cat_modify&cat_id=', |
---|
[825] | 333 | false |
---|
| 334 | ); |
---|
[1092] | 335 | |
---|
[825] | 336 | if ($row['category_id'] == $storage_category_id) |
---|
| 337 | { |
---|
[2227] | 338 | $template->assign('STORAGE_CATEGORY', $name); |
---|
[825] | 339 | } |
---|
| 340 | else |
---|
| 341 | { |
---|
[2227] | 342 | $template->append('related_categories', $name); |
---|
[825] | 343 | } |
---|
| 344 | } |
---|
| 345 | |
---|
| 346 | // jump to link |
---|
| 347 | // |
---|
| 348 | // 1. find all linked categories that are reachable for the current user. |
---|
| 349 | // 2. if a category is available in the URL, use it if reachable |
---|
| 350 | // 3. if URL category not available or reachable, use the first reachable |
---|
| 351 | // linked category |
---|
| 352 | // 4. if no category reachable, no jumpto link |
---|
| 353 | |
---|
| 354 | $query = ' |
---|
| 355 | SELECT category_id |
---|
| 356 | FROM '.IMAGE_CATEGORY_TABLE.' |
---|
| 357 | WHERE image_id = '.$_GET['image_id'].' |
---|
| 358 | ;'; |
---|
[1082] | 359 | |
---|
[825] | 360 | $authorizeds = array_diff( |
---|
| 361 | array_from_query($query, 'category_id'), |
---|
[1082] | 362 | explode( |
---|
| 363 | ',', |
---|
| 364 | calculate_permissions($user['id'], $user['status']) |
---|
| 365 | ) |
---|
[825] | 366 | ); |
---|
| 367 | |
---|
| 368 | if (isset($_GET['cat_id']) |
---|
| 369 | and in_array($_GET['cat_id'], $authorizeds)) |
---|
| 370 | { |
---|
[1503] | 371 | $url_img = make_picture_url( |
---|
[1082] | 372 | array( |
---|
| 373 | 'image_id' => $_GET['image_id'], |
---|
[1092] | 374 | 'image_file' => $image_file, |
---|
[1861] | 375 | 'category' => $cache['cat_names'][ $_GET['cat_id'] ], |
---|
[1082] | 376 | ) |
---|
| 377 | ); |
---|
[825] | 378 | } |
---|
| 379 | else |
---|
| 380 | { |
---|
| 381 | foreach ($authorizeds as $category) |
---|
| 382 | { |
---|
[1503] | 383 | $url_img = make_picture_url( |
---|
[1082] | 384 | array( |
---|
| 385 | 'image_id' => $_GET['image_id'], |
---|
[1092] | 386 | 'image_file' => $image_file, |
---|
[1861] | 387 | 'category' => $cache['cat_names'][ $category ], |
---|
[1082] | 388 | ) |
---|
| 389 | ); |
---|
[825] | 390 | break; |
---|
| 391 | } |
---|
| 392 | } |
---|
| 393 | |
---|
| 394 | if (isset($url_img)) |
---|
| 395 | { |
---|
[2227] | 396 | $template->assign( 'U_JUMPTO', $url_img ); |
---|
[825] | 397 | } |
---|
[1092] | 398 | |
---|
[61] | 399 | // associate to another category ? |
---|
[635] | 400 | $query = ' |
---|
| 401 | SELECT id,name,uppercats,global_rank |
---|
| 402 | FROM '.CATEGORIES_TABLE.' |
---|
| 403 | INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id |
---|
[2575] | 404 | WHERE image_id = '.$_GET['image_id']; |
---|
| 405 | if (isset($storage_category_id)) |
---|
| 406 | { |
---|
| 407 | $query.= ' |
---|
| 408 | AND id != '.$storage_category_id; |
---|
| 409 | } |
---|
| 410 | $query.= ' |
---|
[635] | 411 | ;'; |
---|
[2227] | 412 | display_select_cat_wrapper($query, array(), 'associated_options'); |
---|
[635] | 413 | |
---|
| 414 | $result = pwg_query($query); |
---|
[3390] | 415 | $associateds = array(-1); |
---|
[2575] | 416 | if (isset($storage_category_id)) |
---|
| 417 | { |
---|
| 418 | array_push($associateds, $storage_category_id); |
---|
| 419 | } |
---|
[635] | 420 | while ($row = mysql_fetch_array($result)) |
---|
[345] | 421 | { |
---|
[635] | 422 | array_push($associateds, $row['id']); |
---|
[345] | 423 | } |
---|
[635] | 424 | $query = ' |
---|
| 425 | SELECT id,name,uppercats,global_rank |
---|
| 426 | FROM '.CATEGORIES_TABLE.' |
---|
| 427 | WHERE id NOT IN ('.implode(',', $associateds).') |
---|
| 428 | ;'; |
---|
[2227] | 429 | display_select_cat_wrapper($query, array(), 'dissociated_options'); |
---|
[809] | 430 | |
---|
[640] | 431 | // representing |
---|
| 432 | $query = ' |
---|
| 433 | SELECT id,name,uppercats,global_rank |
---|
| 434 | FROM '.CATEGORIES_TABLE.' |
---|
| 435 | WHERE representative_picture_id = '.$_GET['image_id'].' |
---|
| 436 | ;'; |
---|
[2227] | 437 | display_select_cat_wrapper($query, array(), 'elected_options'); |
---|
[640] | 438 | |
---|
| 439 | $query = ' |
---|
| 440 | SELECT id,name,uppercats,global_rank |
---|
| 441 | FROM '.CATEGORIES_TABLE.' |
---|
[809] | 442 | WHERE representative_picture_id != '.$_GET['image_id'].' |
---|
| 443 | OR representative_picture_id IS NULL |
---|
[640] | 444 | ;'; |
---|
[2227] | 445 | display_select_cat_wrapper($query, array(), 'dismissed_options'); |
---|
[817] | 446 | |
---|
[61] | 447 | //----------------------------------------------------------- sending html code |
---|
[817] | 448 | |
---|
[509] | 449 | $template->assign_var_from_handle('ADMIN_CONTENT', 'picture_modify'); |
---|
[362] | 450 | ?> |
---|