Context Navigation

source: trunk/include/ws_functions.inc.php @ 8980

Last change on this file since 8980 was 8728, checked in by plg, 14 years ago

Happy new year 2011

Change "Piwigo - a PHP based picture gallery" into "Piwigo - a PHP based photo gallery"

Property svn:eol-style set to LF

File size: 60.2 KB

Rev	Line
[1698]	1	<?php
	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[8728]	5	// \| Copyright(C) 2008-2011 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[1698]	23
	24	/** IMPLEMENTATION OF WEB SERVICE METHODS *********************************/
	25
	26	/**
[1768]	27	* Event handler for method invocation security check. Should return a PwgError
	28	* if the preconditions are not satifsied for method invocation.
	29	*/
	30	function ws_isInvokeAllowed($res, $methodName, $params)
	31	{
[2572]	32	global $conf;
[2119]	33
[1849]	34	if ( strpos($methodName,'reflection.')===0 )
	35	{ // OK for reflection
	36	return $res;
	37	}
[2119]	38
[1849]	39	if ( !is_autorize_status(ACCESS_GUEST) and
	40	strpos($methodName,'pwg.session.')!==0 )
[1768]	41	{
[1849]	42	return new PwgError(401, 'Access denied');
	43	}
[2119]	44
[1768]	45	return $res;
	46	}
	47
	48	/**
[1698]	49	* returns a "standard" (for our web service) array of sql where clauses that
[1711]	50	* filters the images (images table only)
	51	*/
[1698]	52	function ws_std_image_sql_filter( $params, $tbl_name='' )
	53	{
	54	$clauses = array();
	55	if ( is_numeric($params['f_min_rate']) )
	56	{
	57	$clauses[] = $tbl_name.'average_rate>'.$params['f_min_rate'];
	58	}
	59	if ( is_numeric($params['f_max_rate']) )
	60	{
	61	$clauses[] = $tbl_name.'average_rate<='.$params['f_max_rate'];
	62	}
	63	if ( is_numeric($params['f_min_hit']) )
	64	{
	65	$clauses[] = $tbl_name.'hit>'.$params['f_min_hit'];
	66	}
	67	if ( is_numeric($params['f_max_hit']) )
	68	{
	69	$clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
	70	}
	71	if ( isset($params['f_min_date_posted']) )
	72	{
	73	$clauses[] = $tbl_name."date_available>='".$params['f_min_date_posted']."'";
	74	}
	75	if ( isset($params['f_max_date_posted']) )
	76	{
	77	$clauses[] = $tbl_name."date_available<'".$params['f_max_date_posted']."'";
	78	}
	79	if ( isset($params['f_min_date_created']) )
	80	{
	81	$clauses[] = $tbl_name."date_creation>='".$params['f_min_date_created']."'";
	82	}
	83	if ( isset($params['f_max_date_created']) )
	84	{
	85	$clauses[] = $tbl_name."date_creation<'".$params['f_max_date_created']."'";
	86	}
	87	if ( is_numeric($params['f_min_ratio']) )
	88	{
	89	$clauses[] = $tbl_name.'width/'.$tbl_name.'height>'.$params['f_min_ratio'];
	90	}
	91	if ( is_numeric($params['f_max_ratio']) )
	92	{
	93	$clauses[] = $tbl_name.'width/'.$tbl_name.'height<='.$params['f_max_ratio'];
	94	}
	95	if ( $params['f_with_thumbnail'] )
	96	{
	97	$clauses[] = $tbl_name.'tn_ext IS NOT NULL';
	98	}
	99	return $clauses;
	100	}
	101
	102	/**
	103	* returns a "standard" (for our web service) ORDER BY sql clause for images
[1711]	104	*/
[1698]	105	function ws_std_image_sql_order( $params, $tbl_name='' )
	106	{
	107	$ret = '';
	108	if ( empty($params['order']) )
	109	{
	110	return $ret;
	111	}
	112	$matches = array();
	113	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
	114	$params['order'], $matches);
	115	for ($i=0; $i<count($matches[1]); $i++)
	116	{
	117	switch ($matches[1][$i])
	118	{
	119	case 'date_created':
	120	$matches[1][$i] = 'date_creation'; break;
	121	case 'date_posted':
	122	$matches[1][$i] = 'date_available'; break;
	123	case 'rand': case 'random':
[4367]	124	$matches[1][$i] = DB_RANDOM_FUNCTION.'()'; break;
[1698]	125	}
[1711]	126	$sortable_fields = array('id', 'file', 'name', 'hit', 'average_rate',
[4367]	127	'date_creation', 'date_available', DB_RANDOM_FUNCTION.'()' );
[1698]	128	if ( in_array($matches[1][$i], $sortable_fields) )
	129	{
	130	if (!empty($ret))
	131	$ret .= ', ';
[4367]	132	if ($matches[1][$i] != DB_RANDOM_FUNCTION.'()' )
[1698]	133	{
	134	$ret .= $tbl_name;
	135	}
	136	$ret .= $matches[1][$i];
	137	$ret .= ' '.$matches[2][$i];
	138	}
	139	}
	140	return $ret;
	141	}
	142
	143	/**
	144	* returns an array map of urls (thumb/element) for image_row - to be returned
	145	* in a standard way by different web service methods
[1711]	146	*/
[1698]	147	function ws_std_get_urls($image_row)
	148	{
	149	$ret = array(
[1711]	150	'tn_url' => get_thumbnail_url($image_row),
[1698]	151	'element_url' => get_element_url($image_row)
	152	);
	153	global $user;
	154	if ($user['enabled_high'] and $image_row['has_high'] )
	155	{
	156	$ret['high_url'] = get_high_url($image_row);
	157	}
	158	return $ret;
	159	}
	160
[1845]	161	/**
	162	* returns an array of image attributes that are to be encoded as xml attributes
	163	* instead of xml elements
	164	*/
	165	function ws_std_get_image_xml_attributes()
	166	{
	167	return array(
	168	'id','tn_url','element_url','high_url', 'file','width','height','hit'
	169	);
	170	}
[1698]	171
[1781]	172	/**
	173	* returns PWG version (web service method)
	174	*/
[1698]	175	function ws_getVersion($params, &$service)
	176	{
[1852]	177	global $conf;
	178	if ($conf['show_version'])
	179	return PHPWG_VERSION;
	180	else
	181	return new PwgError(403, 'Forbidden');
[1698]	182	}
	183
[2429]	184	function ws_caddie_add($params, &$service)
	185	{
	186	if (!is_admin())
	187	{
	188	return new PwgError(401, 'Access denied');
	189	}
[2770]	190	$params['image_id'] = array_map( 'intval',$params['image_id'] );
[2429]	191	if ( empty($params['image_id']) )
	192	{
	193	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	194	}
	195	global $user;
	196	$query = '
	197	SELECT id
	198	FROM '.IMAGES_TABLE.' LEFT JOIN '.CADDIE_TABLE.' ON id=element_id AND user_id='.$user['id'].'
	199	WHERE id IN ('.implode(',',$params['image_id']).')
	200	AND element_id IS NULL';
	201	$datas = array();
	202	foreach ( array_from_query($query, 'id') as $id )
	203	{
	204	array_push($datas, array('element_id'=>$id, 'user_id'=>$user['id']) );
	205	}
	206	if (count($datas))
	207	{
	208	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	209	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
	210	}
	211	return count($datas);
	212	}
[1781]	213
[1698]	214	/**
[1781]	215	* returns images per category (web service method)
[1711]	216	*/
[1698]	217	function ws_categories_getImages($params, &$service)
	218	{
	219	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
	220	global $user, $conf;
	221
	222	$images = array();
	223
	224	//------------------------------------------------- get the related categories
	225	$where_clauses = array();
	226	foreach($params['cat_id'] as $cat_id)
	227	{
	228	$cat_id = (int)$cat_id;
	229	if ($cat_id<=0)
	230	continue;
	231	if ($params['recursive'])
	232	{
[4367]	233	$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.$cat_id.'(,\|$)\'';
[1698]	234	}
	235	else
	236	{
	237	$where_clauses[] = 'id='.$cat_id;
	238	}
	239	}
	240	if (!empty($where_clauses))
	241	{
	242	$where_clauses = array( '('.
	243	implode('
	244	OR ', $where_clauses) . ')'
	245	);
	246	}
[2119]	247	$where_clauses[] = get_sql_condition_FandF(
	248	array('forbidden_categories' => 'id'),
	249	NULL, true
	250	);
[1698]	251
	252	$query = '
[1866]	253	SELECT id, name, permalink, image_order
[1698]	254	FROM '.CATEGORIES_TABLE.'
	255	WHERE '. implode('
	256	AND ', $where_clauses);
	257	$result = pwg_query($query);
	258	$cats = array();
[4325]	259	while ($row = pwg_db_fetch_assoc($result))
[1698]	260	{
	261	$row['id'] = (int)$row['id'];
	262	$cats[ $row['id'] ] = $row;
	263	}
	264
	265	//-------------------------------------------------------- get the images
	266	if ( !empty($cats) )
	267	{
	268	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
	269	$where_clauses[] = 'category_id IN ('
	270	.implode(',', array_keys($cats) )
	271	.')';
[1781]	272	$where_clauses[] = get_sql_condition_FandF( array(
	273	'visible_images' => 'i.id'
	274	), null, true
	275	);
[1756]	276
[1698]	277	$order_by = ws_std_image_sql_order($params, 'i.');
[1852]	278	if ( empty($order_by)
	279	and count($params['cat_id'])==1
	280	and isset($cats[ $params['cat_id'][0] ]['image_order'])
	281	)
[1698]	282	{
[1852]	283	$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
[1698]	284	}
[1852]	285	$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
	286
[1698]	287	$query = '
[6652]	288	SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids
[1698]	289	FROM '.IMAGES_TABLE.' i
	290	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
	291	WHERE '. implode('
	292	AND ', $where_clauses).'
	293	GROUP BY i.id
	294	'.$order_by.'
[4334]	295	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
[1698]	296
	297	$result = pwg_query($query);
[4325]	298	while ($row = pwg_db_fetch_assoc($result))
[1698]	299	{
	300	$image = array();
	301	foreach ( array('id', 'width', 'height', 'hit') as $k )
	302	{
	303	if (isset($row[$k]))
	304	{
	305	$image[$k] = (int)$row[$k];
	306	}
	307	}
[1880]	308	foreach ( array('file', 'name', 'comment') as $k )
[1698]	309	{
	310	$image[$k] = $row[$k];
	311	}
	312	$image = array_merge( $image, ws_std_get_urls($row) );
	313
	314	$image_cats = array();
	315	foreach ( explode(',', $row['cat_ids']) as $cat_id )
	316	{
	317	$url = make_index_url(
	318	array(
[1861]	319	'category' => $cats[$cat_id],
[1698]	320	)
	321	);
	322	$page_url = make_picture_url(
	323	array(
[1861]	324	'category' => $cats[$cat_id],
[1698]	325	'image_id' => $row['id'],
	326	'image_file' => $row['file'],
	327	)
	328	);
	329	array_push( $image_cats, array(
	330	WS_XML_ATTRIBUTES => array (
	331	'id' => (int)$cat_id,
	332	'url' => $url,
	333	'page_url' => $page_url,
	334	)
	335	)
	336	);
	337	}
	338
	339	$image['categories'] = new PwgNamedArray(
	340	$image_cats,'category', array('id','url','page_url')
	341	);
	342	array_push($images, $image);
	343	}
	344	}
	345
	346	return array( 'images' =>
	347	array (
	348	WS_XML_ATTRIBUTES =>
	349	array(
	350	'page' => $params['page'],
	351	'per_page' => $params['per_page'],
	352	'count' => count($images)
	353	),
[1711]	354	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	355	ws_std_get_image_xml_attributes() )
[1698]	356	)
	357	);
	358	}
	359
[1781]	360
[1698]	361	/**
[1781]	362	* returns a list of categories (web service method)
[1698]	363	*/
	364	function ws_categories_getList($params, &$service)
	365	{
[1820]	366	global $user,$conf;
[1698]	367
[4884]	368	$where = array('1=1');
	369	$join_type = 'INNER';
	370	$join_user = $user['id'];
[1698]	371
	372	if (!$params['recursive'])
	373	{
	374	if ($params['cat_id']>0)
[1820]	375	$where[] = '(id_uppercat='.(int)($params['cat_id']).'
	376	OR id='.(int)($params['cat_id']).')';
[1698]	377	else
	378	$where[] = 'id_uppercat IS NULL';
	379	}
[1820]	380	else if ($params['cat_id']>0)
	381	{
[4367]	382	$where[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.
[1820]	383	(int)($params['cat_id'])
	384	.'(,\|$)\'';
	385	}
[1698]	386
	387	if ($params['public'])
	388	{
	389	$where[] = 'status = "public"';
[1711]	390	$where[] = 'visible = "true"';
[4884]	391
	392	$join_user = $conf['guest_id'];
[1698]	393	}
[4884]	394	elseif (is_admin())
[1698]	395	{
[4884]	396	// in this very specific case, we don't want to hide empty
	397	// categories. Function calculate_permissions will only return
	398	// categories that are either locked or private and not permitted
	399	//
	400	// calculate_permissions does not consider empty categories as forbidden
	401	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
	402	$where[]= 'id NOT IN ('.$forbidden_categories.')';
	403	$join_type = 'LEFT';
[1698]	404	}
	405
[1711]	406	$query = '
[1866]	407	SELECT id, name, permalink, uppercats, global_rank,
[7550]	408	comment,
[1845]	409	nb_images, count_images AS total_nb_images,
	410	date_last, max_date_last, count_categories AS nb_categories
[1711]	411	FROM '.CATEGORIES_TABLE.'
[4884]	412	'.$join_type.' JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id AND user_id='.$join_user.'
[1698]	413	WHERE '. implode('
	414	AND ', $where);
	415
	416	$result = pwg_query($query);
	417
	418	$cats = array();
[4325]	419	while ($row = pwg_db_fetch_assoc($result))
[1698]	420	{
	421	$row['url'] = make_index_url(
	422	array(
[1861]	423	'category' => $row
[1698]	424	)
	425	);
[1845]	426	foreach( array('id','nb_images','total_nb_images','nb_categories') as $key)
[1698]	427	{
	428	$row[$key] = (int)$row[$key];
	429	}
[2572]	430
[4903]	431	$row['name'] = strip_tags(
	432	trigger_event(
	433	'render_category_name',
	434	$row['name'],
	435	'ws_categories_getList'
	436	)
	437	);
	438
[7550]	439	$row['comment'] = strip_tags(
	440	trigger_event(
	441	'render_category_description',
	442	$row['comment'],
	443	'ws_categories_getList'
	444	)
	445	);
	446
[1698]	447	array_push($cats, $row);
	448	}
	449	usort($cats, 'global_rank_compare');
	450	return array(
[2548]	451	'categories' => new PwgNamedArray(
	452	$cats,
	453	'category',
	454	array(
	455	'id',
	456	'url',
	457	'nb_images',
	458	'total_nb_images',
	459	'nb_categories',
	460	'date_last',
	461	'max_date_last',
	462	)
	463	)
[1698]	464	);
	465	}
	466
[2563]	467	/**
	468	* returns the list of categories as you can see them in administration (web
	469	* service method).
	470	*
	471	* Only admin can run this method and permissions are not taken into
	472	* account.
	473	*/
	474	function ws_categories_getAdminList($params, &$service)
	475	{
	476	if (!is_admin())
	477	{
	478	return new PwgError(401, 'Access denied');
	479	}
[1781]	480
[2563]	481	$query = '
	482	SELECT
	483	category_id,
	484	COUNT(*) AS counter
	485	FROM '.IMAGE_CATEGORY_TABLE.'
	486	GROUP BY category_id
	487	;';
	488	$nb_images_of = simple_hash_from_query($query, 'category_id', 'counter');
	489
	490	$query = '
	491	SELECT
	492	id,
	493	name,
[7550]	494	comment,
[2563]	495	uppercats,
	496	global_rank
	497	FROM '.CATEGORIES_TABLE.'
	498	;';
	499	$result = pwg_query($query);
	500	$cats = array();
	501
[4325]	502	while ($row = pwg_db_fetch_assoc($result))
[2563]	503	{
	504	$id = $row['id'];
	505	$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
[4903]	506	$row['name'] = strip_tags(
	507	trigger_event(
	508	'render_category_name',
	509	$row['name'],
	510	'ws_categories_getAdminList'
	511	)
	512	);
[7550]	513	$row['comment'] = strip_tags(
	514	trigger_event(
	515	'render_category_description',
	516	$row['comment'],
	517	'ws_categories_getAdminList'
	518	)
	519	);
[2563]	520	array_push($cats, $row);
[2585]	521	}
	522
[2563]	523	usort($cats, 'global_rank_compare');
	524	return array(
	525	'categories' => new PwgNamedArray(
	526	$cats,
	527	'category',
	528	array(
	529	'id',
	530	'nb_images',
	531	'name',
	532	'uppercats',
	533	'global_rank',
	534	)
	535	)
	536	);
	537	}
	538
[1781]	539	/**
	540	* returns detailed information for an element (web service method)
	541	*/
[1849]	542	function ws_images_addComment($params, &$service)
	543	{
[1852]	544	if (!$service->isPost())
	545	{
	546	return new PwgError(405, "This method requires HTTP POST");
	547	}
[1849]	548	$params['image_id'] = (int)$params['image_id'];
	549	$query = '
[2119]	550	SELECT DISTINCT image_id
[1849]	551	FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id
[2119]	552	WHERE commentable="true"
[1849]	553	AND image_id='.$params['image_id'].
	554	get_sql_condition_FandF(
	555	array(
	556	'forbidden_categories' => 'id',
	557	'visible_categories' => 'id',
	558	'visible_images' => 'image_id'
	559	),
	560	' AND'
	561	);
[4325]	562	if ( !pwg_db_num_rows( pwg_query( $query ) ) )
[1849]	563	{
	564	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	565	}
[2119]	566
[1849]	567	$comm = array(
[6437]	568	'author' => trim( $params['author'] ),
	569	'content' => trim( $params['content'] ),
[1849]	570	'image_id' => $params['image_id'],
	571	);
	572
	573	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[2119]	574
	575	$comment_action = insert_user_comment(
[1849]	576	$comm, $params['key'], $infos
	577	);
	578
	579	switch ($comment_action)
	580	{
	581	case 'reject':
[5021]	582	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
[7782]	583	return new PwgError(403, implode("; ", $infos) );
[1849]	584	case 'validate':
	585	case 'moderate':
[2119]	586	$ret = array(
[1849]	587	'id' => $comm['id'],
	588	'validation' => $comment_action=='validate',
	589	);
	590	return new PwgNamedStruct(
	591	'comment',
[2119]	592	$ret,
	593	null, array()
[1849]	594	);
	595	default:
	596	return new PwgError(500, "Unknown comment action ".$comment_action );
	597	}
	598	}
	599
	600	/**
	601	* returns detailed information for an element (web service method)
	602	*/
[1698]	603	function ws_images_getInfo($params, &$service)
	604	{
	605	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1849]	606	global $user, $conf;
[1698]	607	$params['image_id'] = (int)$params['image_id'];
	608	if ( $params['image_id']<=0 )
	609	{
	610	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	611	}
[1781]	612
[1698]	613	$query='
	614	SELECT * FROM '.IMAGES_TABLE.'
[1711]	615	WHERE id='.$params['image_id'].
	616	get_sql_condition_FandF(
	617	array('visible_images' => 'id'),
	618	' AND'
[2516]	619	).'
	620	LIMIT 1';
[1711]	621
[4325]	622	$image_row = pwg_db_fetch_assoc(pwg_query($query));
[1698]	623	if ($image_row==null)
	624	{
[1852]	625	return new PwgError(404, "image_id not found");
[1698]	626	}
[1845]	627	$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
[1698]	628
	629	//-------------------------------------------------------- related categories
	630	$query = '
[1866]	631	SELECT id, name, permalink, uppercats, global_rank, commentable
[1698]	632	FROM '.IMAGE_CATEGORY_TABLE.'
[1849]	633	INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id
[2119]	634	WHERE image_id = '.$image_row['id'].
	635	get_sql_condition_FandF(
	636	array( 'forbidden_categories' => 'category_id' ),
	637	' AND'
	638	).'
[1698]	639	;';
	640	$result = pwg_query($query);
[1849]	641	$is_commentable = false;
[1698]	642	$related_categories = array();
[4325]	643	while ($row = pwg_db_fetch_assoc($result))
[1698]	644	{
[1849]	645	if ($row['commentable']=='true')
	646	{
	647	$is_commentable = true;
	648	}
	649	unset($row['commentable']);
[1698]	650	$row['url'] = make_index_url(
	651	array(
[1861]	652	'category' => $row
[1698]	653	)
	654	);
	655
	656	$row['page_url'] = make_picture_url(
	657	array(
	658	'image_id' => $image_row['id'],
	659	'image_file' => $image_row['file'],
[1861]	660	'category' => $row
[1698]	661	)
	662	);
[1849]	663	$row['id']=(int)$row['id'];
[1698]	664	array_push($related_categories, $row);
	665	}
	666	usort($related_categories, 'global_rank_compare');
	667	if ( empty($related_categories) )
	668	{
	669	return new PwgError(401, 'Access denied');
	670	}
	671
	672	//-------------------------------------------------------------- related tags
[1815]	673	$related_tags = get_common_tags( array($image_row['id']), -1 );
	674	foreach( $related_tags as $i=>$tag)
[1698]	675	{
[1815]	676	$tag['url'] = make_index_url(
[1698]	677	array(
[1815]	678	'tags' => array($tag)
[1698]	679	)
	680	);
[1815]	681	$tag['page_url'] = make_picture_url(
[1698]	682	array(
	683	'image_id' => $image_row['id'],
	684	'image_file' => $image_row['file'],
[1815]	685	'tags' => array($tag),
[1698]	686	)
	687	);
[1815]	688	unset($tag['counter']);
[1849]	689	$tag['id']=(int)$tag['id'];
[1815]	690	$related_tags[$i]=$tag;
[1698]	691	}
[1849]	692	//------------------------------------------------------------- related rates
	693	$query = '
	694	SELECT COUNT(rate) AS count
	695	, ROUND(AVG(rate),2) AS average
	696	FROM '.RATE_TABLE.'
	697	WHERE element_id = '.$image_row['id'].'
	698	;';
[4325]	699	$rating = pwg_db_fetch_assoc(pwg_query($query));
[1849]	700	$rating['count'] = (int)$rating['count'];
	701
[1698]	702	//---------------------------------------------------------- related comments
[1849]	703	$related_comments = array();
[2119]	704
[1849]	705	$where_comments = 'image_id = '.$image_row['id'];
	706	if ( !is_admin() )
	707	{
	708	$where_comments .= '
	709	AND validated="true"';
	710	}
	711
[1698]	712	$query = '
[6652]	713	SELECT COUNT(id) AS nb_comments
[1698]	714	FROM '.COMMENTS_TABLE.'
[1849]	715	WHERE '.$where_comments;
[1698]	716	list($nb_comments) = array_from_query($query, 'nb_comments');
[1849]	717	$nb_comments = (int)$nb_comments;
[1698]	718
[1849]	719	if ( $nb_comments>0 and $params['comments_per_page']>0 )
	720	{
	721	$query = '
[1698]	722	SELECT id, date, author, content
	723	FROM '.COMMENTS_TABLE.'
[1849]	724	WHERE '.$where_comments.'
	725	ORDER BY date
[4334]	726	LIMIT '.(int)$params['comments_per_page'].
	727	' OFFSET '.(int)($params['comments_per_page']*$params['comments_page']);
[1698]	728
[1849]	729	$result = pwg_query($query);
[4325]	730	while ($row = pwg_db_fetch_assoc($result))
[1849]	731	{
	732	$row['id']=(int)$row['id'];
	733	array_push($related_comments, $row);
	734	}
	735	}
[2119]	736
[1849]	737	$comment_post_data = null;
[2119]	738	if ($is_commentable and
[2029]	739	(!is_a_guest()
	740	or (is_a_guest() and $conf['comments_forall'] )
[1849]	741	)
	742	)
[1698]	743	{
[4304]	744	$comment_post_data['author'] = stripslashes($user['username']);
[7495]	745	$comment_post_data['key'] = get_ephemeral_key(2, $params['image_id']);
[1698]	746	}
	747
[1849]	748	$ret = $image_row;
	749	foreach ( array('id','width','height','hit','filesize') as $k )
	750	{
	751	if (isset($ret[$k]))
	752	{
	753	$ret[$k] = (int)$ret[$k];
	754	}
	755	}
	756	foreach ( array('path', 'storage_category_id') as $k )
	757	{
	758	unset($ret[$k]);
	759	}
[1698]	760
[1849]	761	$ret['rates'] = array( WS_XML_ATTRIBUTES => $rating );
[1698]	762	$ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') );
[2585]	763	$ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','name','page_url') );
[1849]	764	if ( isset($comment_post_data) )
	765	{
	766	$ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data );
	767	}
[1698]	768	$ret['comments'] = array(
[2119]	769	WS_XML_ATTRIBUTES =>
[1849]	770	array(
	771	'page' => $params['comments_page'],
	772	'per_page' => $params['comments_per_page'],
	773	'count' => count($related_comments),
	774	'nb_comments' => $nb_comments,
	775	),
	776	WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') )
[1698]	777	);
[1845]	778
[1698]	779	return new PwgNamedStruct('image',$ret, null, array('name','comment') );
	780	}
	781
[2435]	782
[1837]	783	/**
[2435]	784	* rates the image_id in the parameter
	785	*/
	786	function ws_images_Rate($params, &$service)
	787	{
	788	$image_id = (int)$params['image_id'];
	789	$query = '
	790	SELECT DISTINCT id FROM '.IMAGES_TABLE.'
	791	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
	792	WHERE id='.$image_id
	793	.get_sql_condition_FandF(
	794	array(
	795	'forbidden_categories' => 'category_id',
	796	'forbidden_images' => 'id',
	797	),
	798	' AND'
	799	).'
	800	LIMIT 1';
[4325]	801	if ( pwg_db_num_rows( pwg_query($query) )==0 )
[2435]	802	{
	803	return new PwgError(404, "Invalid image_id or access denied" );
	804	}
	805	$rate = (int)$params['rate'];
	806	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
	807	$res = rate_picture( $image_id, $rate );
	808	if ($res==false)
	809	{
	810	global $conf;
	811	return new PwgError( 403, "Forbidden or rate not in ". implode(',',$conf['rate_items']));
	812	}
	813	return $res;
	814	}
	815
	816
	817	/**
[1837]	818	* returns a list of elements corresponding to a query search
	819	*/
	820	function ws_images_search($params, &$service)
	821	{
	822	global $page;
	823	$images = array();
	824	include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
	825	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1698]	826
[2135]	827	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
	828	$order_by = ws_std_image_sql_order($params, 'i.');
[1837]	829
[2451]	830	$super_order_by = false;
[2135]	831	if ( !empty($order_by) )
[1837]	832	{
[2135]	833	global $conf;
	834	$conf['order_by'] = 'ORDER BY '.$order_by;
[2451]	835	$super_order_by=true; // quick_search_result might be faster
[1837]	836	}
	837
[2135]	838	$search_result = get_quick_search_results($params['query'],
[2451]	839	$super_order_by,
	840	implode(',', $where_clauses)
	841	);
[2119]	842
[2451]	843	$image_ids = array_slice(
	844	$search_result['items'],
	845	$params['page']*$params['per_page'],
	846	$params['per_page']
	847	);
[1837]	848
	849	if ( count($image_ids) )
	850	{
	851	$query = '
	852	SELECT * FROM '.IMAGES_TABLE.'
[2451]	853	WHERE id IN ('.implode(',', $image_ids).')';
[1837]	854
[2451]	855	$image_ids = array_flip($image_ids);
[1837]	856	$result = pwg_query($query);
[4325]	857	while ($row = pwg_db_fetch_assoc($result))
[1837]	858	{
	859	$image = array();
	860	foreach ( array('id', 'width', 'height', 'hit') as $k )
	861	{
	862	if (isset($row[$k]))
	863	{
	864	$image[$k] = (int)$row[$k];
	865	}
	866	}
[1880]	867	foreach ( array('file', 'name', 'comment') as $k )
[1837]	868	{
	869	$image[$k] = $row[$k];
	870	}
	871	$image = array_merge( $image, ws_std_get_urls($row) );
[2451]	872	$images[$image_ids[$image['id']]] = $image;
[1837]	873	}
[2451]	874	ksort($images, SORT_NUMERIC);
	875	$images = array_values($images);
[1837]	876	}
	877
	878
	879	return array( 'images' =>
	880	array (
	881	WS_XML_ATTRIBUTES =>
	882	array(
	883	'page' => $params['page'],
	884	'per_page' => $params['per_page'],
	885	'count' => count($images)
	886	),
	887	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	888	ws_std_get_image_xml_attributes() )
[1837]	889	)
	890	);
	891	}
	892
[2413]	893	function ws_images_setPrivacyLevel($params, &$service)
	894	{
[8126]	895	if (!is_admin())
[2413]	896	{
	897	return new PwgError(401, 'Access denied');
	898	}
[4513]	899	if (!$service->isPost())
	900	{
	901	return new PwgError(405, "This method requires HTTP POST");
	902	}
[2770]	903	$params['image_id'] = array_map( 'intval',$params['image_id'] );
[2413]	904	if ( empty($params['image_id']) )
	905	{
	906	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	907	}
	908	global $conf;
	909	if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
	910	{
	911	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
	912	}
[4513]	913
[2413]	914	$query = '
	915	UPDATE '.IMAGES_TABLE.'
	916	SET level='.(int)$params['level'].'
	917	WHERE id IN ('.implode(',',$params['image_id']).')';
	918	$result = pwg_query($query);
[5930]	919	$affected_rows = pwg_db_changes($result);
[2413]	920	if ($affected_rows)
	921	{
	922	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	923	invalidate_user_cache();
	924	}
	925	return $affected_rows;
	926	}
	927
[3193]	928	function ws_images_add_chunk($params, &$service)
	929	{
[5014]	930	global $conf;
	931
[4900]	932	ws_logfile('[ws_images_add_chunk] welcome');
[3193]	933	// data
	934	// original_sum
	935	// type {thumb, file, high}
	936	// position
[3488]	937
[8126]	938	if (!is_admin())
[3193]	939	{
	940	return new PwgError(401, 'Access denied');
	941	}
	942
[4511]	943	if (!$service->isPost())
	944	{
	945	return new PwgError(405, "This method requires HTTP POST");
	946	}
	947
[4900]	948	foreach ($params as $param_key => $param_value) {
	949	if ('data' == $param_key) {
	950	continue;
	951	}
	952
	953	ws_logfile(
	954	sprintf(
	955	'[ws_images_add_chunk] input param "%s" : "%s"',
	956	$param_key,
	957	is_null($param_value) ? 'NULL' : $param_value
	958	)
	959	);
	960	}
	961
[5014]	962	$upload_dir = $conf['upload_dir'].'/buffer';
[3193]	963
	964	// create the upload directory tree if not exists
	965	if (!is_dir($upload_dir)) {
	966	umask(0000);
	967	$recursive = true;
	968	if (!@mkdir($upload_dir, 0777, $recursive))
	969	{
	970	return new PwgError(500, 'error during buffer directory creation');
	971	}
	972	}
	973
	974	if (!is_writable($upload_dir))
	975	{
	976	// last chance to make the directory writable
	977	@chmod($upload_dir, 0777);
	978
	979	if (!is_writable($upload_dir))
	980	{
	981	return new PwgError(500, 'buffer directory has no write access');
	982	}
	983	}
	984
	985	secure_directory($upload_dir);
	986
	987	$filename = sprintf(
	988	'%s-%s-%05u.block',
	989	$params['original_sum'],
	990	$params['type'],
	991	$params['position']
	992	);
	993
[3240]	994	ws_logfile('[ws_images_add_chunk] data length : '.strlen($params['data']));
	995
[3193]	996	$bytes_written = file_put_contents(
	997	$upload_dir.'/'.$filename,
[3240]	998	base64_decode($params['data'])
[3193]	999	);
	1000
	1001	if (false === $bytes_written) {
	1002	return new PwgError(
	1003	500,
	1004	'an error has occured while writting chunk '.$params['position'].' for '.$params['type']
	1005	);
	1006	}
	1007	}
	1008
	1009	function merge_chunks($output_filepath, $original_sum, $type)
	1010	{
[5014]	1011	global $conf;
	1012
[3193]	1013	ws_logfile('[merge_chunks] input parameter $output_filepath : '.$output_filepath);
	1014
[4348]	1015	if (is_file($output_filepath))
	1016	{
	1017	unlink($output_filepath);
[4513]	1018
[4348]	1019	if (is_file($output_filepath))
	1020	{
	1021	new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath);
	1022	exit();
	1023	}
	1024	}
[4513]	1025
[5014]	1026	$upload_dir = $conf['upload_dir'].'/buffer';
[3193]	1027	$pattern = '/'.$original_sum.'-'.$type.'/';
	1028	$chunks = array();
[3488]	1029
[3193]	1030	if ($handle = opendir($upload_dir))
	1031	{
	1032	while (false !== ($file = readdir($handle)))
	1033	{
	1034	if (preg_match($pattern, $file))
	1035	{
	1036	ws_logfile($file);
	1037	array_push($chunks, $upload_dir.'/'.$file);
	1038	}
	1039	}
	1040	closedir($handle);
	1041	}
	1042
	1043	sort($chunks);
[3240]	1044
[4425]	1045	if (function_exists('memory_get_usage')) {
	1046	ws_logfile('[merge_chunks] memory_get_usage before loading chunks: '.memory_get_usage());
	1047	}
[3488]	1048
[3514]	1049	$i = 0;
[4513]	1050
[3240]	1051	foreach ($chunks as $chunk)
	1052	{
	1053	$string = file_get_contents($chunk);
[3488]	1054
[4425]	1055	if (function_exists('memory_get_usage')) {
	1056	ws_logfile('[merge_chunks] memory_get_usage on chunk '.++$i.': '.memory_get_usage());
	1057	}
[3488]	1058
[3240]	1059	if (!file_put_contents($output_filepath, $string, FILE_APPEND))
	1060	{
[4346]	1061	new PwgError(500, '[merge_chunks] error while writting chunks for '.$output_filepath);
	1062	exit();
[3240]	1063	}
[3488]	1064
[3193]	1065	unlink($chunk);
	1066	}
[3240]	1067
[4425]	1068	if (function_exists('memory_get_usage')) {
	1069	ws_logfile('[merge_chunks] memory_get_usage after loading chunks: '.memory_get_usage());
	1070	}
[3193]	1071	}
	1072
[4346]	1073	/*
	1074	* The $file_path must be the path of the basic "web sized" photo
	1075	* The $type value will automatically modify the $file_path to the corresponding file
	1076	*/
	1077	function add_file($file_path, $type, $original_sum, $file_sum)
	1078	{
[8249]	1079	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
	1080
[4347]	1081	$file_path = file_path_for_type($file_path, $type);
[4346]	1082
	1083	$upload_dir = dirname($file_path);
[4900]	1084	if (substr(PHP_OS, 0, 3) == 'WIN')
	1085	{
	1086	$upload_dir = str_replace('/', DIRECTORY_SEPARATOR, $upload_dir);
	1087	}
[4513]	1088
[4900]	1089	ws_logfile('[add_file] file_path : '.$file_path);
	1090	ws_logfile('[add_file] upload_dir : '.$upload_dir);
	1091
[4346]	1092	if (!is_dir($upload_dir)) {
	1093	umask(0000);
	1094	$recursive = true;
	1095	if (!@mkdir($upload_dir, 0777, $recursive))
	1096	{
	1097	new PwgError(500, '[add_file] error during '.$type.' directory creation');
	1098	exit();
	1099	}
	1100	}
	1101
	1102	if (!is_writable($upload_dir))
	1103	{
	1104	// last chance to make the directory writable
	1105	@chmod($upload_dir, 0777);
	1106
	1107	if (!is_writable($upload_dir))
	1108	{
	1109	new PwgError(500, '[add_file] '.$type.' directory has no write access');
	1110	exit();
	1111	}
	1112	}
	1113
	1114	secure_directory($upload_dir);
	1115
	1116	// merge the thumbnail
	1117	merge_chunks($file_path, $original_sum, $type);
	1118	chmod($file_path, 0644);
	1119
	1120	// check dumped thumbnail md5
	1121	$dumped_md5 = md5_file($file_path);
	1122	if ($dumped_md5 != $file_sum) {
	1123	new PwgError(500, '[add_file] '.$type.' transfer failed');
	1124	exit();
	1125	}
	1126
	1127	list($width, $height) = getimagesize($file_path);
	1128	$filesize = floor(filesize($file_path)/1024);
	1129
	1130	return array(
	1131	'width' => $width,
	1132	'height' => $height,
	1133	'filesize' => $filesize,
	1134	);
	1135	}
	1136
[4348]	1137	function ws_images_addFile($params, &$service)
	1138	{
	1139	// image_id
	1140	// type {thumb, file, high}
	1141	// sum
	1142
	1143	global $conf;
[8126]	1144	if (!is_admin())
[4348]	1145	{
	1146	return new PwgError(401, 'Access denied');
	1147	}
	1148
	1149	$params['image_id'] = (int)$params['image_id'];
	1150	if ($params['image_id'] <= 0)
	1151	{
	1152	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	1153	}
	1154
	1155	//
	1156	// what is the path?
	1157	//
	1158	$query = '
	1159	SELECT
	1160	path,
	1161	md5sum
	1162	FROM '.IMAGES_TABLE.'
	1163	WHERE id = '.$params['image_id'].'
	1164	;';
[6500]	1165	list($file_path, $original_sum) = pwg_db_fetch_row(pwg_query($query));
[4348]	1166
	1167	// TODO only files added with web API can be updated with web API
	1168
	1169	//
	1170	// makes sure directories are there and call the merge_chunks
	1171	//
	1172	$infos = add_file($file_path, $params['type'], $original_sum, $params['sum']);
	1173
	1174	//
	1175	// update basic metadata from file
	1176	//
	1177	$update = array();
[4513]	1178
[4348]	1179	if ('high' == $params['type'])
	1180	{
	1181	$update['high_filesize'] = $infos['filesize'];
	1182	$update['has_high'] = 'true';
	1183	}
	1184
	1185	if ('file' == $params['type'])
	1186	{
	1187	$update['filesize'] = $infos['filesize'];
	1188	$update['width'] = $infos['width'];
	1189	$update['height'] = $infos['height'];
	1190	}
	1191
	1192	// we may have nothing to update at database level, for example with a
	1193	// thumbnail update
	1194	if (count($update) > 0)
	1195	{
	1196	$update['id'] = $params['image_id'];
[4513]	1197
[4348]	1198	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1199	mass_updates(
	1200	IMAGES_TABLE,
	1201	array(
	1202	'primary' => array('id'),
	1203	'update' => array_diff(array_keys($update), array('id'))
	1204	),
	1205	array($update)
	1206	);
	1207	}
	1208	}
	1209
[2463]	1210	function ws_images_add($params, &$service)
	1211	{
[8464]	1212	global $conf, $user;
[8126]	1213	if (!is_admin())
[2496]	1214	{
	1215	return new PwgError(401, 'Access denied');
	1216	}
	1217
[3662]	1218	foreach ($params as $param_key => $param_value) {
	1219	ws_logfile(
	1220	sprintf(
	1221	'[pwg.images.add] input param "%s" : "%s"',
	1222	$param_key,
	1223	is_null($param_value) ? 'NULL' : $param_value
	1224	)
	1225	);
	1226	}
[2496]	1227
[2592]	1228	// does the image already exists ?
[4954]	1229	if ('md5sum' == $conf['uniqueness_mode'])
	1230	{
	1231	$where_clause = "md5sum = '".$params['original_sum']."'";
	1232	}
	1233	if ('filename' == $conf['uniqueness_mode'])
	1234	{
	1235	$where_clause = "file = '".$params['original_filename']."'";
	1236	}
	1237
[2592]	1238	$query = '
	1239	SELECT
	1240	COUNT(*) AS counter
	1241	FROM '.IMAGES_TABLE.'
[4954]	1242	WHERE '.$where_clause.'
[2592]	1243	;';
[4325]	1244	list($counter) = pwg_db_fetch_row(pwg_query($query));
[2592]	1245	if ($counter != 0) {
	1246	return new PwgError(500, 'file already exists');
	1247	}
	1248
[2463]	1249	// current date
[4325]	1250	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
[2463]	1251	list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
[2496]	1252
[2501]	1253	// upload directory hierarchy
[2463]	1254	$upload_dir = sprintf(
[5014]	1255	$conf['upload_dir'].'/%s/%s/%s',
[2463]	1256	$year,
	1257	$month,
	1258	$day
	1259	);
	1260
[2501]	1261	// compute file path
[2463]	1262	$date_string = preg_replace('/[^\d]/', '', $dbnow);
	1263	$random_string = substr($params['file_sum'], 0, 8);
	1264	$filename_wo_ext = $date_string.'-'.$random_string;
[2501]	1265	$file_path = $upload_dir.'/'.$filename_wo_ext.'.jpg';
[2496]	1266
[4346]	1267	// add files
	1268	$file_infos = add_file($file_path, 'file', $params['original_sum'], $params['file_sum']);
	1269	$thumb_infos = add_file($file_path, 'thumb', $params['original_sum'], $params['thumbnail_sum']);
[2463]	1270
[3193]	1271	if (isset($params['high_sum']))
[2670]	1272	{
[4346]	1273	$high_infos = add_file($file_path, 'high', $params['original_sum'], $params['high_sum']);
[2670]	1274	}
	1275
[2463]	1276	// database registration
	1277	$insert = array(
[4911]	1278	'file' => !empty($params['original_filename']) ? $params['original_filename'] : $filename_wo_ext.'.jpg',
[2463]	1279	'date_available' => $dbnow,
	1280	'tn_ext' => 'jpg',
	1281	'name' => $params['name'],
	1282	'path' => $file_path,
[4346]	1283	'filesize' => $file_infos['filesize'],
	1284	'width' => $file_infos['width'],
	1285	'height' => $file_infos['height'],
[3065]	1286	'md5sum' => $params['original_sum'],
[8464]	1287	'added_by' => $user['id'],
[2463]	1288	);
	1289
[2569]	1290	$info_columns = array(
	1291	'name',
	1292	'author',
	1293	'comment',
	1294	'level',
	1295	'date_creation',
	1296	);
	1297
	1298	foreach ($info_columns as $key)
	1299	{
	1300	if (isset($params[$key]))
	1301	{
	1302	$insert[$key] = $params[$key];
	1303	}
	1304	}
	1305
[3193]	1306	if (isset($params['high_sum']))
[2670]	1307	{
	1308	$insert['has_high'] = 'true';
[4346]	1309	$insert['high_filesize'] = $high_infos['filesize'];
[2670]	1310	}
	1311
[2463]	1312	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1313	mass_inserts(
	1314	IMAGES_TABLE,
	1315	array_keys($insert),
	1316	array($insert)
	1317	);
	1318
[4892]	1319	$image_id = pwg_db_insert_id(IMAGES_TABLE);
[2463]	1320
[2569]	1321	// let's add links between the image and the categories
	1322	if (isset($params['categories']))
	1323	{
[2919]	1324	ws_add_image_category_relations($image_id, $params['categories']);
[2553]	1325	}
[2569]	1326
	1327	// and now, let's create tag associations
[3660]	1328	if (isset($params['tag_ids']) and !empty($params['tag_ids']))
[2553]	1329	{
[2569]	1330	set_tags(
	1331	explode(',', $params['tag_ids']),
	1332	$image_id
	1333	);
[2553]	1334	}
[2585]	1335
[4685]	1336	// update metadata from the uploaded file (exif/iptc)
	1337	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
	1338	update_metadata(array($image_id=>$file_path));
	1339
[2501]	1340	invalidate_user_cache();
[2463]	1341	}
	1342
[8249]	1343	function ws_images_addSimple($params, &$service)
	1344	{
	1345	global $conf;
[8274]	1346	if (!is_admin())
[8249]	1347	{
	1348	return new PwgError(401, 'Access denied');
	1349	}
	1350
	1351	if (!$service->isPost())
	1352	{
	1353	return new PwgError(405, "This method requires HTTP POST");
	1354	}
	1355
	1356	// category
	1357	$params['category'] = (int)$params['category'];
	1358	if ($params['category'] <= 0)
	1359	{
	1360	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	1361	}
	1362
	1363	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
	1364	prepare_upload_configuration();
	1365
	1366	$image_id = add_uploaded_file(
	1367	$_FILES['image']['tmp_name'],
	1368	$_FILES['image']['name'],
	1369	array($params['category']),
	1370	8
	1371	);
	1372
	1373	$info_columns = array(
	1374	'name',
	1375	'author',
	1376	'comment',
	1377	'level',
	1378	'date_creation',
	1379	);
	1380
	1381	foreach ($info_columns as $key)
	1382	{
	1383	if (isset($params[$key]))
	1384	{
	1385	$update[$key] = $params[$key];
	1386	}
	1387	}
	1388
	1389	if (count(array_keys($update)) > 0)
	1390	{
	1391	$update['id'] = $image_id;
	1392
	1393	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1394	mass_updates(
	1395	IMAGES_TABLE,
	1396	array(
	1397	'primary' => array('id'),
	1398	'update' => array_diff(array_keys($update), array('id'))
	1399	),
	1400	array($update)
	1401	);
	1402	}
	1403
	1404
	1405	if (isset($params['tags']) and !empty($params['tags']))
	1406	{
	1407	$tag_ids = array();
	1408	$tag_names = explode(',', $params['tags']);
	1409	foreach ($tag_names as $tag_name)
	1410	{
	1411	$tag_id = tag_id_from_tag_name($tag_name);
	1412	array_push($tag_ids, $tag_id);
	1413	}
	1414
	1415	add_tags($tag_ids, array($image_id));
	1416	}
	1417
	1418	$query = '
	1419	SELECT id, name, permalink
	1420	FROM '.CATEGORIES_TABLE.'
	1421	WHERE id = '.$params['category'].'
	1422	;';
	1423	$result = pwg_query($query);
	1424	$category = pwg_db_fetch_assoc($result);
	1425
	1426	return array(
	1427	'image_id' => $image_id,
	1428	'url' => make_picture_url(
	1429	array(
	1430	'image_id' => $image_id,
	1431	'section' => 'categories',
	1432	'category' => $category
	1433	)
	1434	),
	1435	);
	1436	}
	1437
[1781]	1438	/**
	1439	* perform a login (web service method)
	1440	*/
[1698]	1441	function ws_session_login($params, &$service)
	1442	{
	1443	global $conf;
	1444
	1445	if (!$service->isPost())
	1446	{
[1852]	1447	return new PwgError(405, "This method requires HTTP POST");
[1698]	1448	}
[1744]	1449	if (try_log_user($params['username'], $params['password'],false))
[1698]	1450	{
	1451	return true;
	1452	}
	1453	return new PwgError(999, 'Invalid username/password');
	1454	}
	1455
[1781]	1456
	1457	/**
	1458	* performs a logout (web service method)
	1459	*/
[1698]	1460	function ws_session_logout($params, &$service)
	1461	{
[2029]	1462	if (!is_a_guest())
[1698]	1463	{
[2757]	1464	logout_user();
[1698]	1465	}
	1466	return true;
	1467	}
	1468
	1469	function ws_session_getStatus($params, &$service)
	1470	{
[2356]	1471	global $user;
[1698]	1472	$res = array();
[4304]	1473	$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
[6437]	1474	foreach ( array('status', 'theme', 'language') as $k )
[1849]	1475	{
	1476	$res[$k] = $user[$k];
	1477	}
[7212]	1478	$res['pwg_token'] = get_pwg_token();
[2126]	1479	$res['charset'] = get_pwg_charset();
[1698]	1480	return $res;
	1481	}
	1482
	1483
[1781]	1484	/**
	1485	* returns a list of tags (web service method)
	1486	*/
[1698]	1487	function ws_tags_getList($params, &$service)
	1488	{
[1711]	1489	$tags = get_available_tags();
[1698]	1490	if ($params['sort_by_counter'])
	1491	{
	1492	usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
	1493	}
	1494	else
	1495	{
[2409]	1496	usort($tags, 'tag_alpha_compare');
[1698]	1497	}
	1498	for ($i=0; $i<count($tags); $i++)
	1499	{
[1815]	1500	$tags[$i]['id'] = (int)$tags[$i]['id'];
[1698]	1501	$tags[$i]['counter'] = (int)$tags[$i]['counter'];
	1502	$tags[$i]['url'] = make_index_url(
	1503	array(
	1504	'section'=>'tags',
	1505	'tags'=>array($tags[$i])
	1506	)
	1507	);
	1508	}
[2585]	1509	return array('tags' => new PwgNamedArray($tags, 'tag', array('id','url_name','url', 'name', 'counter' )) );
[1698]	1510	}
	1511
[2584]	1512	/**
	1513	* returns the list of tags as you can see them in administration (web
	1514	* service method).
	1515	*
	1516	* Only admin can run this method and permissions are not taken into
	1517	* account.
	1518	*/
	1519	function ws_tags_getAdminList($params, &$service)
	1520	{
	1521	if (!is_admin())
	1522	{
	1523	return new PwgError(401, 'Access denied');
	1524	}
[2585]	1525
[2584]	1526	$tags = get_all_tags();
	1527	return array(
	1528	'tags' => new PwgNamedArray(
	1529	$tags,
	1530	'tag',
	1531	array(
	1532	'name',
	1533	'id',
	1534	'url_name',
	1535	)
	1536	)
	1537	);
	1538	}
[1781]	1539
	1540	/**
	1541	* returns a list of images for tags (web service method)
	1542	*/
[1698]	1543	function ws_tags_getImages($params, &$service)
	1544	{
	1545	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
[1816]	1546	global $conf;
[2119]	1547
[1698]	1548	// first build all the tag_ids we are interested in
[1852]	1549	$params['tag_id'] = array_map( 'intval',$params['tag_id'] );
	1550	$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
[1698]	1551	$tags_by_id = array();
	1552	foreach( $tags as $tag )
	1553	{
[1852]	1554	$tags['id'] = (int)$tag['id'];
[1815]	1555	$tags_by_id[ $tag['id'] ] = $tag;
[1698]	1556	}
	1557	unset($tags);
[1852]	1558	$tag_ids = array_keys($tags_by_id);
[1698]	1559
	1560
[8726]	1561	$where_clauses = ws_std_image_sql_filter($params);
	1562	if (!empty($where_clauses))
	1563	{
	1564	$where_clauses = implode( ' AND ', $where_clauses);
	1565	}
	1566	$image_ids = get_image_ids_for_tags(
	1567	$tag_ids,
	1568	$params['tag_mode_and'] ? 'AND' : 'OR',
	1569	$where_clauses,
	1570	ws_std_image_sql_order($params) );
	1571
	1572
	1573	$image_ids = array_slice($image_ids, (int)($params['per_page']*$params['page']), (int)$params['per_page'] );
	1574
[1698]	1575	$image_tag_map = array();
[8726]	1576	if ( !empty($image_ids) and !$params['tag_mode_and'] )
[1698]	1577	{ // build list of image ids with associated tags per image
[8726]	1578	$query = '
[6652]	1579	SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
[1698]	1580	FROM '.IMAGE_TAG_TABLE.'
[8726]	1581	WHERE tag_id IN ('.implode(',',$tag_ids).') AND image_id IN ('.implode(',',$image_ids).')
[1698]	1582	GROUP BY image_id';
[8726]	1583	$result = pwg_query($query);
	1584	while ( $row=pwg_db_fetch_assoc($result) )
	1585	{
	1586	$row['image_id'] = (int)$row['image_id'];
	1587	array_push( $image_ids, $row['image_id'] );
	1588	$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
[1698]	1589	}
	1590	}
	1591
	1592	$images = array();
[8726]	1593	if (!empty($image_ids))
[1698]	1594	{
[8726]	1595	$rank_of = array_flip($image_ids);
	1596	$result = pwg_query('
	1597	SELECT * FROM '.IMAGES_TABLE.'
	1598	WHERE id IN ('.implode(',',$image_ids).')');
[4325]	1599	while ($row = pwg_db_fetch_assoc($result))
[1698]	1600	{
[2119]	1601	$image = array();
[8726]	1602	$image['rank'] = $rank_of[ $row['id'] ];
[1698]	1603	foreach ( array('id', 'width', 'height', 'hit') as $k )
	1604	{
	1605	if (isset($row[$k]))
	1606	{
	1607	$image[$k] = (int)$row[$k];
	1608	}
	1609	}
[1880]	1610	foreach ( array('file', 'name', 'comment') as $k )
[1698]	1611	{
	1612	$image[$k] = $row[$k];
	1613	}
	1614	$image = array_merge( $image, ws_std_get_urls($row) );
	1615
	1616	$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
	1617	$image_tags = array();
	1618	foreach ($image_tag_ids as $tag_id)
	1619	{
	1620	$url = make_index_url(
	1621	array(
	1622	'section'=>'tags',
	1623	'tags'=> array($tags_by_id[$tag_id])
	1624	)
	1625	);
	1626	$page_url = make_picture_url(
	1627	array(
	1628	'section'=>'tags',
	1629	'tags'=> array($tags_by_id[$tag_id]),
	1630	'image_id' => $row['id'],
	1631	'image_file' => $row['file'],
	1632	)
	1633	);
	1634	array_push($image_tags, array(
	1635	'id' => (int)$tag_id,
	1636	'url' => $url,
	1637	'page_url' => $page_url,
	1638	)
	1639	);
	1640	}
[1711]	1641	$image['tags'] = new PwgNamedArray($image_tags, 'tag',
	1642	array('id','url_name','url','page_url')
[1698]	1643	);
	1644	array_push($images, $image);
	1645	}
[8726]	1646	usort($images, 'rank_compare');
	1647	unset($rank_of);
[1698]	1648	}
	1649
	1650	return array( 'images' =>
	1651	array (
	1652	WS_XML_ATTRIBUTES =>
	1653	array(
	1654	'page' => $params['page'],
	1655	'per_page' => $params['per_page'],
	1656	'count' => count($images)
	1657	),
[1711]	1658	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
[1845]	1659	ws_std_get_image_xml_attributes() )
[1698]	1660	)
	1661	);
	1662	}
[2583]	1663
	1664	function ws_categories_add($params, &$service)
	1665	{
[8126]	1666	if (!is_admin())
[2583]	1667	{
	1668	return new PwgError(401, 'Access denied');
	1669	}
	1670
	1671	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1672
	1673	$creation_output = create_virtual_category(
	1674	$params['name'],
	1675	$params['parent']
	1676	);
	1677
	1678	if (isset($creation_output['error']))
	1679	{
	1680	return new PwgError(500, $creation_output['error']);
	1681	}
[2585]	1682
[2644]	1683	invalidate_user_cache();
[2757]	1684
[2583]	1685	return $creation_output;
	1686	}
[2634]	1687
	1688	function ws_tags_add($params, &$service)
	1689	{
[8126]	1690	if (!is_admin())
[2634]	1691	{
	1692	return new PwgError(401, 'Access denied');
	1693	}
	1694
	1695	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1696
	1697	$creation_output = create_tag($params['name']);
	1698
	1699	if (isset($creation_output['error']))
	1700	{
	1701	return new PwgError(500, $creation_output['error']);
	1702	}
	1703
	1704	return $creation_output;
	1705	}
[2683]	1706
	1707	function ws_images_exist($params, &$service)
	1708	{
[4954]	1709	global $conf;
	1710
[8126]	1711	if (!is_admin())
[2683]	1712	{
	1713	return new PwgError(401, 'Access denied');
	1714	}
	1715
[4954]	1716	$split_pattern = '/[\s,;\\|]/';
	1717
	1718	if ('md5sum' == $conf['uniqueness_mode'])
	1719	{
	1720	// search among photos the list of photos already added, based on md5sum
	1721	// list
	1722	$md5sums = preg_split(
	1723	$split_pattern,
	1724	$params['md5sum_list'],
	1725	-1,
	1726	PREG_SPLIT_NO_EMPTY
[2683]	1727	);
[2757]	1728
[4954]	1729	$query = '
[2683]	1730	SELECT
	1731	id,
	1732	md5sum
	1733	FROM '.IMAGES_TABLE.'
[2757]	1734	WHERE md5sum IN (\''.implode("','", $md5sums).'\')
[2683]	1735	;';
[4954]	1736	$id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
[2683]	1737
[4954]	1738	$result = array();
[2757]	1739
[4954]	1740	foreach ($md5sums as $md5sum)
	1741	{
	1742	$result[$md5sum] = null;
	1743	if (isset($id_of_md5[$md5sum]))
	1744	{
	1745	$result[$md5sum] = $id_of_md5[$md5sum];
	1746	}
	1747	}
	1748	}
	1749
	1750	if ('filename' == $conf['uniqueness_mode'])
[2683]	1751	{
[4954]	1752	// search among photos the list of photos already added, based on
	1753	// filename list
	1754	$filenames = preg_split(
	1755	$split_pattern,
	1756	$params['filename_list'],
	1757	-1,
	1758	PREG_SPLIT_NO_EMPTY
	1759	);
	1760
	1761	$query = '
	1762	SELECT
	1763	id,
	1764	file
	1765	FROM '.IMAGES_TABLE.'
	1766	WHERE file IN (\''.implode("','", $filenames).'\')
	1767	;';
	1768	$id_of_filename = simple_hash_from_query($query, 'file', 'id');
	1769
	1770	$result = array();
	1771
	1772	foreach ($filenames as $filename)
[2683]	1773	{
[4954]	1774	$result[$filename] = null;
	1775	if (isset($id_of_filename[$filename]))
	1776	{
	1777	$result[$filename] = $id_of_filename[$filename];
	1778	}
[2683]	1779	}
	1780	}
	1781
	1782	return $result;
	1783	}
[2919]	1784
[4347]	1785	function ws_images_checkFiles($params, &$service)
	1786	{
[8126]	1787	if (!is_admin())
[4347]	1788	{
	1789	return new PwgError(401, 'Access denied');
	1790	}
	1791
	1792	// input parameters
	1793	//
	1794	// image_id
	1795	// thumbnail_sum
	1796	// file_sum
	1797	// high_sum
	1798
	1799	$params['image_id'] = (int)$params['image_id'];
	1800	if ($params['image_id'] <= 0)
	1801	{
	1802	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	1803	}
	1804
	1805	$query = '
	1806	SELECT
	1807	path
	1808	FROM '.IMAGES_TABLE.'
	1809	WHERE id = '.$params['image_id'].'
	1810	;';
	1811	$result = pwg_query($query);
[6500]	1812	if (pwg_db_num_rows($result) == 0) {
[4347]	1813	return new PwgError(404, "image_id not found");
	1814	}
[6500]	1815	list($path) = pwg_db_fetch_row($result);
[4347]	1816
	1817	$ret = array();
	1818
	1819	foreach (array('thumb', 'file', 'high') as $type) {
	1820	$param_name = $type;
	1821	if ('thumb' == $type) {
	1822	$param_name = 'thumbnail';
	1823	}
	1824
	1825	if (isset($params[$param_name.'_sum'])) {
[8249]	1826	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
[4347]	1827	$type_path = file_path_for_type($path, $type);
	1828	if (!is_file($type_path)) {
	1829	$ret[$param_name] = 'missing';
	1830	}
	1831	else {
	1832	if (md5_file($type_path) != $params[$param_name.'_sum']) {
	1833	$ret[$param_name] = 'differs';
	1834	}
	1835	else {
	1836	$ret[$param_name] = 'equals';
	1837	}
	1838	}
	1839	}
	1840	}
	1841
	1842	return $ret;
	1843	}
	1844
[2919]	1845	function ws_images_setInfo($params, &$service)
	1846	{
	1847	global $conf;
[8126]	1848	if (!is_admin())
[2919]	1849	{
	1850	return new PwgError(401, 'Access denied');
	1851	}
	1852
[4511]	1853	if (!$service->isPost())
	1854	{
	1855	return new PwgError(405, "This method requires HTTP POST");
	1856	}
	1857
[2919]	1858	$params['image_id'] = (int)$params['image_id'];
	1859	if ($params['image_id'] <= 0)
	1860	{
	1861	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
	1862	}
	1863
[7613]	1864	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	1865
[2919]	1866	$query='
	1867	SELECT *
	1868	FROM '.IMAGES_TABLE.'
	1869	WHERE id = '.$params['image_id'].'
	1870	;';
	1871
[4325]	1872	$image_row = pwg_db_fetch_assoc(pwg_query($query));
[2919]	1873	if ($image_row == null)
	1874	{
	1875	return new PwgError(404, "image_id not found");
	1876	}
	1877
	1878	// database registration
[4460]	1879	$update = array();
[2919]	1880
	1881	$info_columns = array(
	1882	'name',
	1883	'author',
	1884	'comment',
	1885	'level',
	1886	'date_creation',
	1887	);
	1888
	1889	foreach ($info_columns as $key)
	1890	{
	1891	if (isset($params[$key]))
	1892	{
[4460]	1893	if ('fill_if_empty' == $params['single_value_mode'])
	1894	{
	1895	if (empty($image_row[$key]))
	1896	{
	1897	$update[$key] = $params[$key];
	1898	}
	1899	}
	1900	elseif ('replace' == $params['single_value_mode'])
	1901	{
	1902	$update[$key] = $params[$key];
	1903	}
	1904	else
	1905	{
	1906	new PwgError(
	1907	500,
	1908	'[ws_images_setInfo]'
	1909	.' invalid parameter single_value_mode "'.$params['single_value_mode'].'"'
	1910	.', possible values are {fill_if_empty, replace}.'
	1911	);
	1912	exit();
	1913	}
[2919]	1914	}
	1915	}
	1916
[4460]	1917	if (count(array_keys($update)) > 0)
[2919]	1918	{
[4460]	1919	$update['id'] = $params['image_id'];
	1920
[2919]	1921	mass_updates(
	1922	IMAGES_TABLE,
	1923	array(
	1924	'primary' => array('id'),
	1925	'update' => array_diff(array_keys($update), array('id'))
	1926	),
	1927	array($update)
	1928	);
	1929	}
[3145]	1930
[2919]	1931	if (isset($params['categories']))
	1932	{
	1933	ws_add_image_category_relations(
	1934	$params['image_id'],
[4445]	1935	$params['categories'],
[4460]	1936	('replace' == $params['multiple_value_mode'] ? true : false)
[2919]	1937	);
	1938	}
	1939
	1940	// and now, let's create tag associations
	1941	if (isset($params['tag_ids']))
	1942	{
[4445]	1943	$tag_ids = explode(',', $params['tag_ids']);
	1944
[4460]	1945	if ('replace' == $params['multiple_value_mode'])
[4445]	1946	{
	1947	set_tags(
	1948	$tag_ids,
	1949	$params['image_id']
	1950	);
	1951	}
[4460]	1952	elseif ('append' == $params['multiple_value_mode'])
[4445]	1953	{
	1954	add_tags(
	1955	$tag_ids,
	1956	array($params['image_id'])
	1957	);
	1958	}
[4460]	1959	else
	1960	{
	1961	new PwgError(
	1962	500,
	1963	'[ws_images_setInfo]'
	1964	.' invalid parameter multiple_value_mode "'.$params['multiple_value_mode'].'"'
	1965	.', possible values are {replace, append}.'
	1966	);
	1967	exit();
	1968	}
[2919]	1969	}
	1970
	1971	invalidate_user_cache();
	1972	}
	1973
[8266]	1974	function ws_images_delete($params, &$service)
	1975	{
	1976	global $conf;
[8274]	1977	if (!is_admin())
[8266]	1978	{
	1979	return new PwgError(401, 'Access denied');
	1980	}
	1981
	1982	if (!$service->isPost())
	1983	{
	1984	return new PwgError(405, "This method requires HTTP POST");
	1985	}
	1986
	1987	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	1988	{
	1989	return new PwgError(403, 'Invalid security token');
	1990	}
	1991
	1992	$params['image_id'] = preg_split(
	1993	'/[\s,;\\|]/',
	1994	$params['image_id'],
	1995	-1,
	1996	PREG_SPLIT_NO_EMPTY
	1997	);
	1998	$params['image_id'] = array_map('intval', $params['image_id']);
	1999
	2000	$image_ids = array();
	2001	foreach ($params['image_id'] as $image_id)
	2002	{
	2003	if ($image_id > 0)
	2004	{
	2005	array_push($image_ids, $image_id);
	2006	}
	2007	}
	2008
	2009	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2010	delete_elements($image_ids, true);
	2011	}
	2012
[4445]	2013	function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
[2919]	2014	{
	2015	// let's add links between the image and the categories
	2016	//
	2017	// $params['categories'] should look like 123,12;456,auto;789 which means:
	2018	//
	2019	// 1. associate with category 123 on rank 12
	2020	// 2. associate with category 456 on automatic rank
	2021	// 3. associate with category 789 on automatic rank
	2022	$cat_ids = array();
	2023	$rank_on_category = array();
	2024	$search_current_ranks = false;
	2025
	2026	$tokens = explode(';', $categories_string);
	2027	foreach ($tokens as $token)
	2028	{
[2920]	2029	@list($cat_id, $rank) = explode(',', $token);
[2919]	2030
[4445]	2031	if (!preg_match('/^\d+$/', $cat_id))
	2032	{
	2033	continue;
	2034	}
	2035
[2919]	2036	array_push($cat_ids, $cat_id);
	2037
	2038	if (!isset($rank))
	2039	{
	2040	$rank = 'auto';
	2041	}
	2042	$rank_on_category[$cat_id] = $rank;
	2043
	2044	if ($rank == 'auto')
	2045	{
	2046	$search_current_ranks = true;
	2047	}
	2048	}
	2049
	2050	$cat_ids = array_unique($cat_ids);
	2051
[4445]	2052	if (count($cat_ids) == 0)
[2919]	2053	{
[4445]	2054	new PwgError(
	2055	500,
	2056	'[ws_add_image_category_relations] there is no category defined in "'.$categories_string.'"'
	2057	);
	2058	exit();
	2059	}
[4513]	2060
[4445]	2061	$query = '
	2062	SELECT
	2063	id
	2064	FROM '.CATEGORIES_TABLE.'
	2065	WHERE id IN ('.implode(',', $cat_ids).')
	2066	;';
	2067	$db_cat_ids = array_from_query($query, 'id');
	2068
	2069	$unknown_cat_ids = array_diff($cat_ids, $db_cat_ids);
	2070	if (count($unknown_cat_ids) != 0)
	2071	{
	2072	new PwgError(
	2073	500,
	2074	'[ws_add_image_category_relations] the following categories are unknown: '.implode(', ', $unknown_cat_ids)
	2075	);
	2076	exit();
	2077	}
[4513]	2078
[4445]	2079	$to_update_cat_ids = array();
[4513]	2080
[4445]	2081	// in case of replace mode, we first check the existing associations
	2082	$query = '
	2083	SELECT
	2084	category_id
	2085	FROM '.IMAGE_CATEGORY_TABLE.'
	2086	WHERE image_id = '.$image_id.'
	2087	;';
	2088	$existing_cat_ids = array_from_query($query, 'category_id');
	2089
	2090	if ($replace_mode)
	2091	{
	2092	$to_remove_cat_ids = array_diff($existing_cat_ids, $cat_ids);
	2093	if (count($to_remove_cat_ids) > 0)
[2919]	2094	{
	2095	$query = '
[4445]	2096	DELETE
	2097	FROM '.IMAGE_CATEGORY_TABLE.'
	2098	WHERE image_id = '.$image_id.'
	2099	AND category_id IN ('.implode(', ', $to_remove_cat_ids).')
	2100	;';
	2101	pwg_query($query);
	2102	update_category($to_remove_cat_ids);
	2103	}
	2104	}
[4513]	2105
[4445]	2106	$new_cat_ids = array_diff($cat_ids, $existing_cat_ids);
	2107	if (count($new_cat_ids) == 0)
	2108	{
	2109	return true;
	2110	}
[4513]	2111
[4445]	2112	if ($search_current_ranks)
	2113	{
	2114	$query = '
[2919]	2115	SELECT
	2116	category_id,
	2117	MAX(rank) AS max_rank
	2118	FROM '.IMAGE_CATEGORY_TABLE.'
	2119	WHERE rank IS NOT NULL
[4445]	2120	AND category_id IN ('.implode(',', $new_cat_ids).')
[2919]	2121	GROUP BY category_id
	2122	;';
[4445]	2123	$current_rank_of = simple_hash_from_query(
	2124	$query,
	2125	'category_id',
	2126	'max_rank'
	2127	);
[2919]	2128
[4445]	2129	foreach ($new_cat_ids as $cat_id)
	2130	{
	2131	if (!isset($current_rank_of[$cat_id]))
[2919]	2132	{
[4445]	2133	$current_rank_of[$cat_id] = 0;
[2919]	2134	}
[4513]	2135
[4445]	2136	if ('auto' == $rank_on_category[$cat_id])
	2137	{
	2138	$rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1;
	2139	}
[2919]	2140	}
[4445]	2141	}
[4513]	2142
[4445]	2143	$inserts = array();
[4513]	2144
[4445]	2145	foreach ($new_cat_ids as $cat_id)
	2146	{
	2147	array_push(
	2148	$inserts,
	2149	array(
	2150	'image_id' => $image_id,
	2151	'category_id' => $cat_id,
	2152	'rank' => $rank_on_category[$cat_id],
	2153	)
[2919]	2154	);
	2155	}
[4513]	2156
[4445]	2157	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2158	mass_inserts(
	2159	IMAGE_CATEGORY_TABLE,
	2160	array_keys($inserts[0]),
	2161	$inserts
	2162	);
[4513]	2163
[4445]	2164	update_category($new_cat_ids);
[2919]	2165	}
[3193]	2166
[3454]	2167	function ws_categories_setInfo($params, &$service)
	2168	{
	2169	global $conf;
[8126]	2170	if (!is_admin())
[3454]	2171	{
	2172	return new PwgError(401, 'Access denied');
	2173	}
	2174
[4511]	2175	if (!$service->isPost())
	2176	{
	2177	return new PwgError(405, "This method requires HTTP POST");
	2178	}
	2179
[3454]	2180	// category_id
	2181	// name
	2182	// comment
	2183
	2184	$params['category_id'] = (int)$params['category_id'];
	2185	if ($params['category_id'] <= 0)
	2186	{
	2187	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
	2188	}
	2189
	2190	// database registration
	2191	$update = array(
	2192	'id' => $params['category_id'],
	2193	);
	2194
	2195	$info_columns = array(
	2196	'name',
	2197	'comment',
	2198	);
	2199
	2200	$perform_update = false;
	2201	foreach ($info_columns as $key)
	2202	{
	2203	if (isset($params[$key]))
	2204	{
	2205	$perform_update = true;
	2206	$update[$key] = $params[$key];
	2207	}
	2208	}
	2209
	2210	if ($perform_update)
	2211	{
	2212	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2213	mass_updates(
	2214	CATEGORIES_TABLE,
	2215	array(
	2216	'primary' => array('id'),
	2217	'update' => array_diff(array_keys($update), array('id'))
	2218	),
	2219	array($update)
	2220	);
	2221	}
[3488]	2222
[3454]	2223	}
	2224
[8266]	2225	function ws_categories_delete($params, &$service)
	2226	{
	2227	global $conf;
[8274]	2228	if (!is_admin())
[8266]	2229	{
	2230	return new PwgError(401, 'Access denied');
	2231	}
	2232
	2233	if (!$service->isPost())
	2234	{
	2235	return new PwgError(405, "This method requires HTTP POST");
	2236	}
	2237
	2238	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2239	{
	2240	return new PwgError(403, 'Invalid security token');
	2241	}
	2242
	2243	$modes = array('no_delete', 'delete_orphans', 'force_delete');
	2244	if (!in_array($params['photo_deletion_mode'], $modes))
	2245	{
	2246	return new PwgError(
	2247	500,
	2248	'[ws_categories_delete]'
	2249	.' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
	2250	.', possible values are {'.implode(', ', $modes).'}.'
	2251	);
	2252	}
	2253
	2254	$params['category_id'] = preg_split(
	2255	'/[\s,;\\|]/',
	2256	$params['category_id'],
	2257	-1,
	2258	PREG_SPLIT_NO_EMPTY
	2259	);
	2260	$params['category_id'] = array_map('intval', $params['category_id']);
	2261
	2262	$category_ids = array();
	2263	foreach ($params['category_id'] as $category_id)
	2264	{
	2265	if ($category_id > 0)
	2266	{
	2267	array_push($category_ids, $category_id);
	2268	}
	2269	}
	2270
	2271	if (count($category_ids) == 0)
	2272	{
	2273	return;
	2274	}
	2275
	2276	$query = '
	2277	SELECT id
	2278	FROM '.CATEGORIES_TABLE.'
	2279	WHERE id IN ('.implode(',', $category_ids).')
	2280	;';
	2281	$category_ids = array_from_query($query, 'id');
	2282
	2283	if (count($category_ids) == 0)
	2284	{
	2285	return;
	2286	}
	2287
	2288	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2289	delete_categories($category_ids, $params['photo_deletion_mode']);
	2290	update_global_rank();
	2291	}
	2292
[8272]	2293	function ws_categories_move($params, &$service)
	2294	{
	2295	global $conf, $page;
	2296
[8274]	2297	if (!is_admin())
[8272]	2298	{
	2299	return new PwgError(401, 'Access denied');
	2300	}
	2301
	2302	if (!$service->isPost())
	2303	{
	2304	return new PwgError(405, "This method requires HTTP POST");
	2305	}
	2306
	2307	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2308	{
	2309	return new PwgError(403, 'Invalid security token');
	2310	}
	2311
	2312	$params['category_id'] = preg_split(
	2313	'/[\s,;\\|]/',
	2314	$params['category_id'],
	2315	-1,
	2316	PREG_SPLIT_NO_EMPTY
	2317	);
	2318	$params['category_id'] = array_map('intval', $params['category_id']);
	2319
	2320	$category_ids = array();
	2321	foreach ($params['category_id'] as $category_id)
	2322	{
	2323	if ($category_id > 0)
	2324	{
	2325	array_push($category_ids, $category_id);
	2326	}
	2327	}
	2328
	2329	if (count($category_ids) == 0)
	2330	{
	2331	return new PwgError(403, 'Invalid category_id input parameter, no category to move');
	2332	}
	2333
	2334	// we can't move physical categories
	2335	$categories_in_db = array();
	2336
	2337	$query = '
	2338	SELECT
	2339	id,
	2340	name,
	2341	dir
	2342	FROM '.CATEGORIES_TABLE.'
	2343	WHERE id IN ('.implode(',', $category_ids).')
	2344	;';
	2345	$result = pwg_query($query);
	2346	while ($row = pwg_db_fetch_assoc($result))
	2347	{
	2348	$categories_in_db[$row['id']] = $row;
	2349	// we break on error at first physical category detected
	2350	if (!empty($row['dir']))
	2351	{
	2352	$row['name'] = strip_tags(
	2353	trigger_event(
	2354	'render_category_name',
	2355	$row['name'],
	2356	'ws_categories_move'
	2357	)
	2358	);
	2359
	2360	return new PwgError(
	2361	403,
	2362	sprintf(
	2363	'Category %s (%u) is not a virtual category, you cannot move it',
	2364	$row['name'],
	2365	$row['id']
	2366	)
	2367	);
	2368	}
	2369	}
	2370
	2371	if (count($categories_in_db) != count($category_ids))
	2372	{
	2373	$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
	2374
	2375	return new PwgError(
	2376	403,
	2377	sprintf(
	2378	'Category %u does not exist',
	2379	$unknown_category_ids[0]
	2380	)
	2381	);
	2382	}
	2383
	2384	// does this parent exists? This check should be made in the
	2385	// move_categories function, not here
	2386	//
	2387	// 0 as parent means "move categories at gallery root"
	2388	if (!is_numeric($params['parent']))
	2389	{
	2390	return new PwgError(403, 'Invalid parent input parameter');
	2391	}
	2392
	2393	if (0 != $params['parent']) {
	2394	$params['parent'] = intval($params['parent']);
	2395	$subcat_ids = get_subcat_ids(array($params['parent']));
	2396	if (count($subcat_ids) == 0)
	2397	{
	2398	return new PwgError(403, 'Unknown parent category id');
	2399	}
	2400	}
	2401
	2402	$page['infos'] = array();
	2403	$page['errors'] = array();
	2404	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
	2405	move_categories($category_ids, $params['parent']);
	2406	invalidate_user_cache();
	2407
	2408	if (count($page['errors']) != 0)
	2409	{
	2410	return new PwgError(403, implode('; ', $page['errors']));
	2411	}
	2412	}
	2413
[3193]	2414	function ws_logfile($string)
	2415	{
[3662]	2416	global $conf;
[3488]	2417
[3662]	2418	if (!$conf['ws_enable_log']) {
	2419	return true;
	2420	}
	2421
[3193]	2422	file_put_contents(
[3662]	2423	$conf['ws_log_filepath'],
[3193]	2424	'['.date('c').'] '.$string."\n",
	2425	FILE_APPEND
	2426	);
	2427	}
[6049]	2428
	2429	function ws_images_checkUpload($params, &$service)
	2430	{
	2431	global $conf;
	2432
[8126]	2433	if (!is_admin())
[6049]	2434	{
	2435	return new PwgError(401, 'Access denied');
	2436	}
	2437
[8249]	2438	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
[6051]	2439	$ret['message'] = ready_for_upload_message();
	2440	$ret['ready_for_upload'] = true;
	2441
	2442	if (!empty($ret['message']))
	2443	{
	2444	$ret['ready_for_upload'] = false;
	2445	}
	2446
	2447	return $ret;
	2448	}
[8273]	2449
	2450	function ws_plugins_getList($params, &$service)
	2451	{
	2452	global $conf;
	2453
	2454	if (!is_admin())
	2455	{
	2456	return new PwgError(401, 'Access denied');
	2457	}
	2458
	2459	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
	2460	$plugins = new plugins();
	2461	$plugins->sort_fs_plugins('name');
	2462	$plugin_list = array();
	2463
	2464	foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
	2465	{
	2466	if (isset($plugins->db_plugins_by_id[$plugin_id]))
	2467	{
	2468	$state = $plugins->db_plugins_by_id[$plugin_id]['state'];
	2469	}
	2470	else
	2471	{
	2472	$state = 'uninstalled';
	2473	}
	2474
	2475	array_push(
	2476	$plugin_list,
	2477	array(
	2478	'id' => $plugin_id,
	2479	'name' => $fs_plugin['name'],
	2480	'version' => $fs_plugin['version'],
	2481	'state' => $state,
	2482	'description' => $fs_plugin['description'],
	2483	)
	2484	);
	2485	}
	2486
	2487	return $plugin_list;
	2488	}
	2489
	2490	function ws_plugins_performAction($params, &$service)
	2491	{
	2492	global $template;
	2493
	2494	if (!is_admin())
	2495	{
	2496	return new PwgError(401, 'Access denied');
	2497	}
	2498
	2499	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2500	{
	2501	return new PwgError(403, 'Invalid security token');
	2502	}
	2503
	2504	define('IN_ADMIN', true);
	2505	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
	2506	$plugins = new plugins();
	2507	$errors = $plugins->perform_action($params['action'], $params['plugin']);
	2508
	2509
	2510	if (!empty($errors))
	2511	{
	2512	return new PwgError(500, $errors);
	2513	}
	2514	else
	2515	{
	2516	if (in_array($params['action'], array('activate', 'deactivate')))
	2517	{
	2518	$template->delete_compiled_templates();
	2519	}
	2520	return true;
	2521	}
	2522	}
	2523
[8297]	2524	function ws_themes_performAction($params, &$service)
	2525	{
	2526	global $template;
	2527
[8726]	2528	if (!is_admin())
[8297]	2529	{
	2530	return new PwgError(401, 'Access denied');
	2531	}
	2532
	2533	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
	2534	{
	2535	return new PwgError(403, 'Invalid security token');
	2536	}
	2537
	2538	define('IN_ADMIN', true);
	2539	include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
	2540	$themes = new themes();
	2541	$errors = $themes->perform_action($params['action'], $params['theme']);
	2542
	2543	if (!empty($errors))
	2544	{
	2545	return new PwgError(500, $errors);
	2546	}
	2547	else
	2548	{
	2549	if (in_array($params['action'], array('activate', 'deactivate')))
	2550	{
	2551	$template->delete_compiled_templates();
	2552	}
	2553	return true;
	2554	}
	2555	}
[1698]	2556	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: