source: trunk/admin/picture_modify.php @ 6765

Last change on this file since 6765 was 6714, checked in by plg, 14 years ago

merge r6713 from branch 2.1 to trunk

bug 1757 fixed: ability to use HTML in author field

  • Property svn:eol-style set to LF
File size: 12.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if(!defined("PHPWG_ROOT_PATH"))
25{
26  die('Hacking attempt!');
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_ADMINISTRATOR);
35
36check_input_parameter('image_id', $_GET, false, PATTERN_ID);
37check_input_parameter('cat_id', $_GET, false, PATTERN_ID);
38
39// +-----------------------------------------------------------------------+
40// |                          synchronize metadata                         |
41// +-----------------------------------------------------------------------+
42
43if (isset($_GET['sync_metadata']) and !is_adviser())
44{
45  $query = '
46SELECT path
47  FROM '.IMAGES_TABLE.'
48  WHERE id = '.$_GET['image_id'].'
49;';
50  list($path) = pwg_db_fetch_row(pwg_query($query));
51  update_metadata(array($_GET['image_id'] => $path));
52
53  array_push($page['infos'], l10n('Metadata synchronized from file'));
54}
55
56//--------------------------------------------------------- update informations
57
58// first, we verify whether there is a mistake on the given creation date
59if (isset($_POST['date_creation_action'])
60    and 'set' == $_POST['date_creation_action'])
61{
62  if (!is_numeric($_POST['date_creation_year'])
63    or !checkdate(
64          $_POST['date_creation_month'],
65          $_POST['date_creation_day'],
66          $_POST['date_creation_year'])
67    )
68  {
69    array_push($page['errors'], l10n('wrong date'));
70  }
71}
72
73if (isset($_POST['submit']) and count($page['errors']) == 0 and !is_adviser())
74{
75  $data = array();
76  $data{'id'} = $_GET['image_id'];
77  $data{'name'} = $_POST['name'];
78  $data{'author'} = $_POST['author'];
79  $data['level'] = $_POST['level'];
80
81  if ($conf['allow_html_descriptions'])
82  {
83    $data{'comment'} = @$_POST['description'];
84  }
85  else
86  {
87    $data{'comment'} = strip_tags(@$_POST['description']);
88  }
89
90  if (isset($_POST['date_creation_action']))
91  {
92    if ('set' == $_POST['date_creation_action'])
93    {
94      $data{'date_creation'} = $_POST['date_creation_year']
95                                 .'-'.$_POST['date_creation_month']
96                                 .'-'.$_POST['date_creation_day'];
97    }
98    else if ('unset' == $_POST['date_creation_action'])
99    {
100      $data{'date_creation'} = '';
101    }
102  }
103
104  mass_updates(
105    IMAGES_TABLE,
106    array(
107      'primary' => array('id'),
108      'update' => array_diff(array_keys($data), array('id'))
109      ),
110    array($data)
111    );
112
113  // time to deal with tags
114  $tag_ids = array();
115  if (isset($_POST['tags']))
116  {
117    $tag_ids = get_fckb_tag_ids($_POST['tags']);
118  }
119  set_tags($tag_ids, $_GET['image_id']);
120
121  array_push($page['infos'], l10n('Picture informations updated'));
122}
123// associate the element to other categories than its storage category
124if (isset($_POST['associate'])
125    and isset($_POST['cat_dissociated'])
126    and count($_POST['cat_dissociated']) > 0
127    and !is_adviser()
128  )
129{
130  associate_images_to_categories(
131    array($_GET['image_id']),
132    $_POST['cat_dissociated']
133    );
134}
135// dissociate the element from categories (but not from its storage category)
136if (isset($_POST['dissociate'])
137    and isset($_POST['cat_associated'])
138    and count($_POST['cat_associated']) > 0
139    and !is_adviser()
140  )
141{
142  $query = '
143DELETE FROM '.IMAGE_CATEGORY_TABLE.'
144  WHERE image_id = '.$_GET['image_id'].'
145    AND category_id IN ('.implode(',', $_POST['cat_associated']).')
146';
147  pwg_query($query);
148
149  update_category($_POST['cat_associated']);
150}
151// elect the element to represent the given categories
152if (isset($_POST['elect'])
153    and isset($_POST['cat_dismissed'])
154    and count($_POST['cat_dismissed']) > 0
155    and !is_adviser()
156  )
157{
158  $datas = array();
159  foreach ($_POST['cat_dismissed'] as $category_id)
160  {
161    array_push($datas,
162               array('id' => $category_id,
163                     'representative_picture_id' => $_GET['image_id']));
164  }
165  $fields = array('primary' => array('id'),
166                  'update' => array('representative_picture_id'));
167  mass_updates(CATEGORIES_TABLE, $fields, $datas);
168}
169// dismiss the element as representant of the given categories
170if (isset($_POST['dismiss'])
171    and isset($_POST['cat_elected'])
172    and count($_POST['cat_elected']) > 0
173    and !is_adviser()
174  )
175{
176  set_random_representant($_POST['cat_elected']);
177}
178
179// tags
180$query = '
181SELECT
182    tag_id,
183    name AS tag_name
184  FROM '.IMAGE_TAG_TABLE.' AS it
185    JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
186  WHERE image_id = '.$_GET['image_id'].'
187;';
188$tags = get_fckb_taglist($query);
189
190// retrieving direct information about picture
191$query = '
192SELECT *
193  FROM '.IMAGES_TABLE.'
194  WHERE id = '.$_GET['image_id'].'
195;';
196$row = pwg_db_fetch_assoc(pwg_query($query));
197
198$storage_category_id = null;
199if (!empty($row['storage_category_id']))
200{
201  $storage_category_id = $row['storage_category_id'];
202}
203
204$image_file = $row['file'];
205
206// +-----------------------------------------------------------------------+
207// |                             template init                             |
208// +-----------------------------------------------------------------------+
209
210$template->set_filenames(
211  array(
212    'picture_modify' => 'picture_modify.tpl'
213    )
214  );
215
216$template->assign(
217  array(
218    'tags' => $tags,
219    'U_SYNC' =>
220        get_root_url().'admin.php?page=picture_modify'.
221        '&amp;image_id='.$_GET['image_id'].
222        (isset($_GET['cat_id']) ? '&amp;cat_id='.$_GET['cat_id'] : '').
223        '&amp;sync_metadata=1',
224
225    'PATH'=>$row['path'],
226
227    'TN_SRC' => get_thumbnail_url($row),
228
229    'NAME' =>
230      isset($_POST['name']) ?
231        stripslashes($_POST['name']) : @$row['name'],
232
233    'DIMENSIONS' => @$row['width'].' * '.@$row['height'],
234
235    'FILESIZE' => @$row['filesize'].' KB',
236
237    'REGISTRATION_DATE' => format_date($row['date_available']),
238
239    'AUTHOR' => htmlspecialchars(
240      isset($_POST['author'])
241        ? stripslashes($_POST['author'])
242        : @$row['author']
243      ),
244
245    'DESCRIPTION' =>
246      htmlspecialchars( isset($_POST['description']) ?
247        stripslashes($_POST['description']) : @$row['comment'] ),
248
249    'F_ACTION' =>
250        get_root_url().'admin.php'
251        .get_query_string_diff(array('sync_metadata'))
252    )
253  );
254
255if ($row['has_high'] == 'true')
256{
257  $template->assign(
258    'HIGH_FILESIZE',
259    isset($row['high_filesize'])
260        ? $row['high_filesize'].' KB'
261        : l10n('unknown')
262    );
263}
264
265// image level options
266$selected_level = isset($_POST['level']) ? $_POST['level'] : $row['level'];
267$template->assign(
268    array(
269      'level_options'=> get_privacy_level_options(),
270      'level_options_selected' => array($selected_level)
271    )
272  );
273
274// creation date
275unset($day, $month, $year);
276
277if (isset($_POST['date_creation_action'])
278    and 'set' == $_POST['date_creation_action'])
279{
280  foreach (array('day', 'month', 'year') as $varname)
281  {
282    $$varname = $_POST['date_creation_'.$varname];
283  }
284}
285else if (isset($row['date_creation']) and !empty($row['date_creation']))
286{
287  list($year, $month, $day) = explode('-', $row['date_creation']);
288}
289else
290{
291  list($year, $month, $day) = array('', 0, 0);
292}
293
294
295$month_list = $lang['month'];
296$month_list[0]='------------';
297ksort($month_list);
298
299$template->assign(
300    array(
301      'DATE_CREATION_DAY_VALUE' => $day,
302      'DATE_CREATION_MONTH_VALUE' => $month,
303      'DATE_CREATION_YEAR_VALUE' => $year,
304      'month_list' => $month_list,
305      )
306    );
307
308$query = '
309SELECT category_id, uppercats
310  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
311    INNER JOIN '.CATEGORIES_TABLE.' AS c
312      ON c.id = ic.category_id
313  WHERE image_id = '.$_GET['image_id'].'
314;';
315$result = pwg_query($query);
316
317while ($row = pwg_db_fetch_assoc($result))
318{
319  $name =
320    get_cat_display_name_cache(
321      $row['uppercats'],
322      get_root_url().'admin.php?page=cat_modify&amp;cat_id=',
323      false
324      );
325
326  if ($row['category_id'] == $storage_category_id)
327  {
328    $template->assign('STORAGE_CATEGORY', $name);
329  }
330  else
331  {
332    $template->append('related_categories', $name);
333  }
334}
335
336// jump to link
337//
338// 1. find all linked categories that are reachable for the current user.
339// 2. if a category is available in the URL, use it if reachable
340// 3. if URL category not available or reachable, use the first reachable
341//    linked category
342// 4. if no category reachable, no jumpto link
343
344$query = '
345SELECT category_id
346  FROM '.IMAGE_CATEGORY_TABLE.'
347  WHERE image_id = '.$_GET['image_id'].'
348;';
349
350$authorizeds = array_diff(
351  array_from_query($query, 'category_id'),
352  explode(
353    ',',
354    calculate_permissions($user['id'], $user['status'])
355    )
356  );
357
358if (isset($_GET['cat_id'])
359    and in_array($_GET['cat_id'], $authorizeds))
360{
361  $url_img = make_picture_url(
362    array(
363      'image_id' => $_GET['image_id'],
364      'image_file' => $image_file,
365      'category' => $cache['cat_names'][ $_GET['cat_id'] ],
366      )
367    );
368}
369else
370{
371  foreach ($authorizeds as $category)
372  {
373    $url_img = make_picture_url(
374      array(
375        'image_id' => $_GET['image_id'],
376        'image_file' => $image_file,
377        'category' => $cache['cat_names'][ $category ],
378        )
379      );
380    break;
381  }
382}
383
384if (isset($url_img))
385{
386  $template->assign( 'U_JUMPTO', $url_img );
387}
388
389// associate to another category ?
390$query = '
391SELECT id,name,uppercats,global_rank
392  FROM '.CATEGORIES_TABLE.'
393    INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id = category_id
394  WHERE image_id = '.$_GET['image_id'];
395if (isset($storage_category_id))
396{
397  $query.= '
398    AND id != '.$storage_category_id;
399}
400$query.= '
401;';
402display_select_cat_wrapper($query, array(), 'associated_options');
403
404$result = pwg_query($query);
405$associateds = array(-1);
406if (isset($storage_category_id))
407{
408  array_push($associateds, $storage_category_id);
409}
410while ($row = pwg_db_fetch_assoc($result))
411{
412  array_push($associateds, $row['id']);
413}
414$query = '
415SELECT id,name,uppercats,global_rank
416  FROM '.CATEGORIES_TABLE.'
417  WHERE id NOT IN ('.implode(',', $associateds).')
418;';
419display_select_cat_wrapper($query, array(), 'dissociated_options');
420
421// representing
422$query = '
423SELECT id,name,uppercats,global_rank
424  FROM '.CATEGORIES_TABLE.'
425  WHERE representative_picture_id = '.$_GET['image_id'].'
426;';
427display_select_cat_wrapper($query, array(), 'elected_options');
428
429$query = '
430SELECT id,name,uppercats,global_rank
431  FROM '.CATEGORIES_TABLE.'
432  WHERE representative_picture_id != '.$_GET['image_id'].'
433    OR representative_picture_id IS NULL
434;';
435display_select_cat_wrapper($query, array(), 'dismissed_options');
436
437//----------------------------------------------------------- sending html code
438
439$template->assign_var_from_handle('ADMIN_CONTENT', 'picture_modify');
440?>
Note: See TracBrowser for help on using the repository browser.