Context Navigation

source: trunk/include/ws_functions.inc.php @ 8528

Last change on this file since 8528 was 8464, checked in by plg, 13 years ago
feature 2095 added: new column images.added_by (foreign key on users.id)
Property svn:eol-style set to `LF`
File size: 60.5 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2010 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	/** IMPLEMENTATION OF WEB SERVICE METHODS *********************************/
25
26	/**
27	* Event handler for method invocation security check. Should return a PwgError
28	* if the preconditions are not satifsied for method invocation.
29	*/
30	function ws_isInvokeAllowed($res, $methodName, $params)
31	{
32	global $conf;
33
34	if ( strpos($methodName,'reflection.')===0 )
35	{ // OK for reflection
36	return $res;
37	}
38
39	if ( !is_autorize_status(ACCESS_GUEST) and
40	strpos($methodName,'pwg.session.')!==0 )
41	{
42	return new PwgError(401, 'Access denied');
43	}
44
45	return $res;
46	}
47
48	/**
49	* returns a "standard" (for our web service) array of sql where clauses that
50	* filters the images (images table only)
51	*/
52	function ws_std_image_sql_filter( $params, $tbl_name='' )
53	{
54	$clauses = array();
55	if ( is_numeric($params['f_min_rate']) )
56	{
57	$clauses[] = $tbl_name.'average_rate>'.$params['f_min_rate'];
58	}
59	if ( is_numeric($params['f_max_rate']) )
60	{
61	$clauses[] = $tbl_name.'average_rate<='.$params['f_max_rate'];
62	}
63	if ( is_numeric($params['f_min_hit']) )
64	{
65	$clauses[] = $tbl_name.'hit>'.$params['f_min_hit'];
66	}
67	if ( is_numeric($params['f_max_hit']) )
68	{
69	$clauses[] = $tbl_name.'hit<='.$params['f_max_hit'];
70	}
71	if ( isset($params['f_min_date_posted']) )
72	{
73	$clauses[] = $tbl_name."date_available>='".$params['f_min_date_posted']."'";
74	}
75	if ( isset($params['f_max_date_posted']) )
76	{
77	$clauses[] = $tbl_name."date_available<'".$params['f_max_date_posted']."'";
78	}
79	if ( isset($params['f_min_date_created']) )
80	{
81	$clauses[] = $tbl_name."date_creation>='".$params['f_min_date_created']."'";
82	}
83	if ( isset($params['f_max_date_created']) )
84	{
85	$clauses[] = $tbl_name."date_creation<'".$params['f_max_date_created']."'";
86	}
87	if ( is_numeric($params['f_min_ratio']) )
88	{
89	$clauses[] = $tbl_name.'width/'.$tbl_name.'height>'.$params['f_min_ratio'];
90	}
91	if ( is_numeric($params['f_max_ratio']) )
92	{
93	$clauses[] = $tbl_name.'width/'.$tbl_name.'height<='.$params['f_max_ratio'];
94	}
95	if ( $params['f_with_thumbnail'] )
96	{
97	$clauses[] = $tbl_name.'tn_ext IS NOT NULL';
98	}
99	return $clauses;
100	}
101
102	/**
103	* returns a "standard" (for our web service) ORDER BY sql clause for images
104	*/
105	function ws_std_image_sql_order( $params, $tbl_name='' )
106	{
107	$ret = '';
108	if ( empty($params['order']) )
109	{
110	return $ret;
111	}
112	$matches = array();
113	preg_match_all('/([a-z_]+) (?:(asc\|desc)(?:ending)?)? (?:, *\|$)/i',
114	$params['order'], $matches);
115	for ($i=0; $i<count($matches[1]); $i++)
116	{
117	switch ($matches[1][$i])
118	{
119	case 'date_created':
120	$matches[1][$i] = 'date_creation'; break;
121	case 'date_posted':
122	$matches[1][$i] = 'date_available'; break;
123	case 'rand': case 'random':
124	$matches[1][$i] = DB_RANDOM_FUNCTION.'()'; break;
125	}
126	$sortable_fields = array('id', 'file', 'name', 'hit', 'average_rate',
127	'date_creation', 'date_available', DB_RANDOM_FUNCTION.'()' );
128	if ( in_array($matches[1][$i], $sortable_fields) )
129	{
130	if (!empty($ret))
131	$ret .= ', ';
132	if ($matches[1][$i] != DB_RANDOM_FUNCTION.'()' )
133	{
134	$ret .= $tbl_name;
135	}
136	$ret .= $matches[1][$i];
137	$ret .= ' '.$matches[2][$i];
138	}
139	}
140	return $ret;
141	}
142
143	/**
144	* returns an array map of urls (thumb/element) for image_row - to be returned
145	* in a standard way by different web service methods
146	*/
147	function ws_std_get_urls($image_row)
148	{
149	$ret = array(
150	'tn_url' => get_thumbnail_url($image_row),
151	'element_url' => get_element_url($image_row)
152	);
153	global $user;
154	if ($user['enabled_high'] and $image_row['has_high'] )
155	{
156	$ret['high_url'] = get_high_url($image_row);
157	}
158	return $ret;
159	}
160
161	/**
162	* returns an array of image attributes that are to be encoded as xml attributes
163	* instead of xml elements
164	*/
165	function ws_std_get_image_xml_attributes()
166	{
167	return array(
168	'id','tn_url','element_url','high_url', 'file','width','height','hit'
169	);
170	}
171
172	/**
173	* returns PWG version (web service method)
174	*/
175	function ws_getVersion($params, &$service)
176	{
177	global $conf;
178	if ($conf['show_version'])
179	return PHPWG_VERSION;
180	else
181	return new PwgError(403, 'Forbidden');
182	}
183
184	function ws_caddie_add($params, &$service)
185	{
186	if (!is_admin())
187	{
188	return new PwgError(401, 'Access denied');
189	}
190	$params['image_id'] = array_map( 'intval',$params['image_id'] );
191	if ( empty($params['image_id']) )
192	{
193	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
194	}
195	global $user;
196	$query = '
197	SELECT id
198	FROM '.IMAGES_TABLE.' LEFT JOIN '.CADDIE_TABLE.' ON id=element_id AND user_id='.$user['id'].'
199	WHERE id IN ('.implode(',',$params['image_id']).')
200	AND element_id IS NULL';
201	$datas = array();
202	foreach ( array_from_query($query, 'id') as $id )
203	{
204	array_push($datas, array('element_id'=>$id, 'user_id'=>$user['id']) );
205	}
206	if (count($datas))
207	{
208	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
209	mass_inserts(CADDIE_TABLE, array('element_id','user_id'), $datas);
210	}
211	return count($datas);
212	}
213
214	/**
215	* returns images per category (web service method)
216	*/
217	function ws_categories_getImages($params, &$service)
218	{
219	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
220	global $user, $conf;
221
222	$images = array();
223
224	//------------------------------------------------- get the related categories
225	$where_clauses = array();
226	foreach($params['cat_id'] as $cat_id)
227	{
228	$cat_id = (int)$cat_id;
229	if ($cat_id<=0)
230	continue;
231	if ($params['recursive'])
232	{
233	$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.$cat_id.'(,\|$)\'';
234	}
235	else
236	{
237	$where_clauses[] = 'id='.$cat_id;
238	}
239	}
240	if (!empty($where_clauses))
241	{
242	$where_clauses = array( '('.
243	implode('
244	OR ', $where_clauses) . ')'
245	);
246	}
247	$where_clauses[] = get_sql_condition_FandF(
248	array('forbidden_categories' => 'id'),
249	NULL, true
250	);
251
252	$query = '
253	SELECT id, name, permalink, image_order
254	FROM '.CATEGORIES_TABLE.'
255	WHERE '. implode('
256	AND ', $where_clauses);
257	$result = pwg_query($query);
258	$cats = array();
259	while ($row = pwg_db_fetch_assoc($result))
260	{
261	$row['id'] = (int)$row['id'];
262	$cats[ $row['id'] ] = $row;
263	}
264
265	//-------------------------------------------------------- get the images
266	if ( !empty($cats) )
267	{
268	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
269	$where_clauses[] = 'category_id IN ('
270	.implode(',', array_keys($cats) )
271	.')';
272	$where_clauses[] = get_sql_condition_FandF( array(
273	'visible_images' => 'i.id'
274	), null, true
275	);
276
277	$order_by = ws_std_image_sql_order($params, 'i.');
278	if ( empty($order_by)
279	and count($params['cat_id'])==1
280	and isset($cats[ $params['cat_id'][0] ]['image_order'])
281	)
282	{
283	$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
284	}
285	$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
286
287	$query = '
288	SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids
289	FROM '.IMAGES_TABLE.' i
290	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
291	WHERE '. implode('
292	AND ', $where_clauses).'
293	GROUP BY i.id
294	'.$order_by.'
295	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
296
297	$result = pwg_query($query);
298	while ($row = pwg_db_fetch_assoc($result))
299	{
300	$image = array();
301	foreach ( array('id', 'width', 'height', 'hit') as $k )
302	{
303	if (isset($row[$k]))
304	{
305	$image[$k] = (int)$row[$k];
306	}
307	}
308	foreach ( array('file', 'name', 'comment') as $k )
309	{
310	$image[$k] = $row[$k];
311	}
312	$image = array_merge( $image, ws_std_get_urls($row) );
313
314	$image_cats = array();
315	foreach ( explode(',', $row['cat_ids']) as $cat_id )
316	{
317	$url = make_index_url(
318	array(
319	'category' => $cats[$cat_id],
320	)
321	);
322	$page_url = make_picture_url(
323	array(
324	'category' => $cats[$cat_id],
325	'image_id' => $row['id'],
326	'image_file' => $row['file'],
327	)
328	);
329	array_push( $image_cats, array(
330	WS_XML_ATTRIBUTES => array (
331	'id' => (int)$cat_id,
332	'url' => $url,
333	'page_url' => $page_url,
334	)
335	)
336	);
337	}
338
339	$image['categories'] = new PwgNamedArray(
340	$image_cats,'category', array('id','url','page_url')
341	);
342	array_push($images, $image);
343	}
344	}
345
346	return array( 'images' =>
347	array (
348	WS_XML_ATTRIBUTES =>
349	array(
350	'page' => $params['page'],
351	'per_page' => $params['per_page'],
352	'count' => count($images)
353	),
354	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
355	ws_std_get_image_xml_attributes() )
356	)
357	);
358	}
359
360
361	/**
362	* returns a list of categories (web service method)
363	*/
364	function ws_categories_getList($params, &$service)
365	{
366	global $user,$conf;
367
368	$where = array('1=1');
369	$join_type = 'INNER';
370	$join_user = $user['id'];
371
372	if (!$params['recursive'])
373	{
374	if ($params['cat_id']>0)
375	$where[] = '(id_uppercat='.(int)($params['cat_id']).'
376	OR id='.(int)($params['cat_id']).')';
377	else
378	$where[] = 'id_uppercat IS NULL';
379	}
380	else if ($params['cat_id']>0)
381	{
382	$where[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^\|,)'.
383	(int)($params['cat_id'])
384	.'(,\|$)\'';
385	}
386
387	if ($params['public'])
388	{
389	$where[] = 'status = "public"';
390	$where[] = 'visible = "true"';
391
392	$join_user = $conf['guest_id'];
393	}
394	elseif (is_admin())
395	{
396	// in this very specific case, we don't want to hide empty
397	// categories. Function calculate_permissions will only return
398	// categories that are either locked or private and not permitted
399	//
400	// calculate_permissions does not consider empty categories as forbidden
401	$forbidden_categories = calculate_permissions($user['id'], $user['status']);
402	$where[]= 'id NOT IN ('.$forbidden_categories.')';
403	$join_type = 'LEFT';
404	}
405
406	$query = '
407	SELECT id, name, permalink, uppercats, global_rank,
408	comment,
409	nb_images, count_images AS total_nb_images,
410	date_last, max_date_last, count_categories AS nb_categories
411	FROM '.CATEGORIES_TABLE.'
412	'.$join_type.' JOIN '.USER_CACHE_CATEGORIES_TABLE.' ON id=cat_id AND user_id='.$join_user.'
413	WHERE '. implode('
414	AND ', $where);
415
416	$result = pwg_query($query);
417
418	$cats = array();
419	while ($row = pwg_db_fetch_assoc($result))
420	{
421	$row['url'] = make_index_url(
422	array(
423	'category' => $row
424	)
425	);
426	foreach( array('id','nb_images','total_nb_images','nb_categories') as $key)
427	{
428	$row[$key] = (int)$row[$key];
429	}
430
431	$row['name'] = strip_tags(
432	trigger_event(
433	'render_category_name',
434	$row['name'],
435	'ws_categories_getList'
436	)
437	);
438
439	$row['comment'] = strip_tags(
440	trigger_event(
441	'render_category_description',
442	$row['comment'],
443	'ws_categories_getList'
444	)
445	);
446
447	array_push($cats, $row);
448	}
449	usort($cats, 'global_rank_compare');
450	return array(
451	'categories' => new PwgNamedArray(
452	$cats,
453	'category',
454	array(
455	'id',
456	'url',
457	'nb_images',
458	'total_nb_images',
459	'nb_categories',
460	'date_last',
461	'max_date_last',
462	)
463	)
464	);
465	}
466
467	/**
468	* returns the list of categories as you can see them in administration (web
469	* service method).
470	*
471	* Only admin can run this method and permissions are not taken into
472	* account.
473	*/
474	function ws_categories_getAdminList($params, &$service)
475	{
476	if (!is_admin())
477	{
478	return new PwgError(401, 'Access denied');
479	}
480
481	$query = '
482	SELECT
483	category_id,
484	COUNT(*) AS counter
485	FROM '.IMAGE_CATEGORY_TABLE.'
486	GROUP BY category_id
487	;';
488	$nb_images_of = simple_hash_from_query($query, 'category_id', 'counter');
489
490	$query = '
491	SELECT
492	id,
493	name,
494	comment,
495	uppercats,
496	global_rank
497	FROM '.CATEGORIES_TABLE.'
498	;';
499	$result = pwg_query($query);
500	$cats = array();
501
502	while ($row = pwg_db_fetch_assoc($result))
503	{
504	$id = $row['id'];
505	$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
506	$row['name'] = strip_tags(
507	trigger_event(
508	'render_category_name',
509	$row['name'],
510	'ws_categories_getAdminList'
511	)
512	);
513	$row['comment'] = strip_tags(
514	trigger_event(
515	'render_category_description',
516	$row['comment'],
517	'ws_categories_getAdminList'
518	)
519	);
520	array_push($cats, $row);
521	}
522
523	usort($cats, 'global_rank_compare');
524	return array(
525	'categories' => new PwgNamedArray(
526	$cats,
527	'category',
528	array(
529	'id',
530	'nb_images',
531	'name',
532	'uppercats',
533	'global_rank',
534	)
535	)
536	);
537	}
538
539	/**
540	* returns detailed information for an element (web service method)
541	*/
542	function ws_images_addComment($params, &$service)
543	{
544	if (!$service->isPost())
545	{
546	return new PwgError(405, "This method requires HTTP POST");
547	}
548	$params['image_id'] = (int)$params['image_id'];
549	$query = '
550	SELECT DISTINCT image_id
551	FROM '.IMAGE_CATEGORY_TABLE.' INNER JOIN '.CATEGORIES_TABLE.' ON category_id=id
552	WHERE commentable="true"
553	AND image_id='.$params['image_id'].
554	get_sql_condition_FandF(
555	array(
556	'forbidden_categories' => 'id',
557	'visible_categories' => 'id',
558	'visible_images' => 'image_id'
559	),
560	' AND'
561	);
562	if ( !pwg_db_num_rows( pwg_query( $query ) ) )
563	{
564	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
565	}
566
567	$comm = array(
568	'author' => trim( $params['author'] ),
569	'content' => trim( $params['content'] ),
570	'image_id' => $params['image_id'],
571	);
572
573	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
574
575	$comment_action = insert_user_comment(
576	$comm, $params['key'], $infos
577	);
578
579	switch ($comment_action)
580	{
581	case 'reject':
582	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
583	return new PwgError(403, implode("; ", $infos) );
584	case 'validate':
585	case 'moderate':
586	$ret = array(
587	'id' => $comm['id'],
588	'validation' => $comment_action=='validate',
589	);
590	return new PwgNamedStruct(
591	'comment',
592	$ret,
593	null, array()
594	);
595	default:
596	return new PwgError(500, "Unknown comment action ".$comment_action );
597	}
598	}
599
600	/**
601	* returns detailed information for an element (web service method)
602	*/
603	function ws_images_getInfo($params, &$service)
604	{
605	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
606	global $user, $conf;
607	$params['image_id'] = (int)$params['image_id'];
608	if ( $params['image_id']<=0 )
609	{
610	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
611	}
612
613	$query='
614	SELECT * FROM '.IMAGES_TABLE.'
615	WHERE id='.$params['image_id'].
616	get_sql_condition_FandF(
617	array('visible_images' => 'id'),
618	' AND'
619	).'
620	LIMIT 1';
621
622	$image_row = pwg_db_fetch_assoc(pwg_query($query));
623	if ($image_row==null)
624	{
625	return new PwgError(404, "image_id not found");
626	}
627	$image_row = array_merge( $image_row, ws_std_get_urls($image_row) );
628
629	//-------------------------------------------------------- related categories
630	$query = '
631	SELECT id, name, permalink, uppercats, global_rank, commentable
632	FROM '.IMAGE_CATEGORY_TABLE.'
633	INNER JOIN '.CATEGORIES_TABLE.' ON category_id = id
634	WHERE image_id = '.$image_row['id'].
635	get_sql_condition_FandF(
636	array( 'forbidden_categories' => 'category_id' ),
637	' AND'
638	).'
639	;';
640	$result = pwg_query($query);
641	$is_commentable = false;
642	$related_categories = array();
643	while ($row = pwg_db_fetch_assoc($result))
644	{
645	if ($row['commentable']=='true')
646	{
647	$is_commentable = true;
648	}
649	unset($row['commentable']);
650	$row['url'] = make_index_url(
651	array(
652	'category' => $row
653	)
654	);
655
656	$row['page_url'] = make_picture_url(
657	array(
658	'image_id' => $image_row['id'],
659	'image_file' => $image_row['file'],
660	'category' => $row
661	)
662	);
663	$row['id']=(int)$row['id'];
664	array_push($related_categories, $row);
665	}
666	usort($related_categories, 'global_rank_compare');
667	if ( empty($related_categories) )
668	{
669	return new PwgError(401, 'Access denied');
670	}
671
672	//-------------------------------------------------------------- related tags
673	$related_tags = get_common_tags( array($image_row['id']), -1 );
674	foreach( $related_tags as $i=>$tag)
675	{
676	$tag['url'] = make_index_url(
677	array(
678	'tags' => array($tag)
679	)
680	);
681	$tag['page_url'] = make_picture_url(
682	array(
683	'image_id' => $image_row['id'],
684	'image_file' => $image_row['file'],
685	'tags' => array($tag),
686	)
687	);
688	unset($tag['counter']);
689	$tag['id']=(int)$tag['id'];
690	$related_tags[$i]=$tag;
691	}
692	//------------------------------------------------------------- related rates
693	$query = '
694	SELECT COUNT(rate) AS count
695	, ROUND(AVG(rate),2) AS average
696	FROM '.RATE_TABLE.'
697	WHERE element_id = '.$image_row['id'].'
698	;';
699	$rating = pwg_db_fetch_assoc(pwg_query($query));
700	$rating['count'] = (int)$rating['count'];
701
702	//---------------------------------------------------------- related comments
703	$related_comments = array();
704
705	$where_comments = 'image_id = '.$image_row['id'];
706	if ( !is_admin() )
707	{
708	$where_comments .= '
709	AND validated="true"';
710	}
711
712	$query = '
713	SELECT COUNT(id) AS nb_comments
714	FROM '.COMMENTS_TABLE.'
715	WHERE '.$where_comments;
716	list($nb_comments) = array_from_query($query, 'nb_comments');
717	$nb_comments = (int)$nb_comments;
718
719	if ( $nb_comments>0 and $params['comments_per_page']>0 )
720	{
721	$query = '
722	SELECT id, date, author, content
723	FROM '.COMMENTS_TABLE.'
724	WHERE '.$where_comments.'
725	ORDER BY date
726	LIMIT '.(int)$params['comments_per_page'].
727	' OFFSET '.(int)($params['comments_per_page']*$params['comments_page']);
728
729	$result = pwg_query($query);
730	while ($row = pwg_db_fetch_assoc($result))
731	{
732	$row['id']=(int)$row['id'];
733	array_push($related_comments, $row);
734	}
735	}
736
737	$comment_post_data = null;
738	if ($is_commentable and
739	(!is_a_guest()
740	or (is_a_guest() and $conf['comments_forall'] )
741	)
742	)
743	{
744	$comment_post_data['author'] = stripslashes($user['username']);
745	$comment_post_data['key'] = get_ephemeral_key(2, $params['image_id']);
746	}
747
748	$ret = $image_row;
749	foreach ( array('id','width','height','hit','filesize') as $k )
750	{
751	if (isset($ret[$k]))
752	{
753	$ret[$k] = (int)$ret[$k];
754	}
755	}
756	foreach ( array('path', 'storage_category_id') as $k )
757	{
758	unset($ret[$k]);
759	}
760
761	$ret['rates'] = array( WS_XML_ATTRIBUTES => $rating );
762	$ret['categories'] = new PwgNamedArray($related_categories, 'category', array('id','url', 'page_url') );
763	$ret['tags'] = new PwgNamedArray($related_tags, 'tag', array('id','url_name','url','name','page_url') );
764	if ( isset($comment_post_data) )
765	{
766	$ret['comment_post'] = array( WS_XML_ATTRIBUTES => $comment_post_data );
767	}
768	$ret['comments'] = array(
769	WS_XML_ATTRIBUTES =>
770	array(
771	'page' => $params['comments_page'],
772	'per_page' => $params['comments_per_page'],
773	'count' => count($related_comments),
774	'nb_comments' => $nb_comments,
775	),
776	WS_XML_CONTENT => new PwgNamedArray($related_comments, 'comment', array('id','date') )
777	);
778
779	return new PwgNamedStruct('image',$ret, null, array('name','comment') );
780	}
781
782
783	/**
784	* rates the image_id in the parameter
785	*/
786	function ws_images_Rate($params, &$service)
787	{
788	$image_id = (int)$params['image_id'];
789	$query = '
790	SELECT DISTINCT id FROM '.IMAGES_TABLE.'
791	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON id=image_id
792	WHERE id='.$image_id
793	.get_sql_condition_FandF(
794	array(
795	'forbidden_categories' => 'category_id',
796	'forbidden_images' => 'id',
797	),
798	' AND'
799	).'
800	LIMIT 1';
801	if ( pwg_db_num_rows( pwg_query($query) )==0 )
802	{
803	return new PwgError(404, "Invalid image_id or access denied" );
804	}
805	$rate = (int)$params['rate'];
806	include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
807	$res = rate_picture( $image_id, $rate );
808	if ($res==false)
809	{
810	global $conf;
811	return new PwgError( 403, "Forbidden or rate not in ". implode(',',$conf['rate_items']));
812	}
813	return $res;
814	}
815
816
817	/**
818	* returns a list of elements corresponding to a query search
819	*/
820	function ws_images_search($params, &$service)
821	{
822	global $page;
823	$images = array();
824	include_once( PHPWG_ROOT_PATH .'include/functions_search.inc.php' );
825	include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
826
827	$where_clauses = ws_std_image_sql_filter( $params, 'i.' );
828	$order_by = ws_std_image_sql_order($params, 'i.');
829
830	$super_order_by = false;
831	if ( !empty($order_by) )
832	{
833	global $conf;
834	$conf['order_by'] = 'ORDER BY '.$order_by;
835	$super_order_by=true; // quick_search_result might be faster
836	}
837
838	$search_result = get_quick_search_results($params['query'],
839	$super_order_by,
840	implode(',', $where_clauses)
841	);
842
843	$image_ids = array_slice(
844	$search_result['items'],
845	$params['page']*$params['per_page'],
846	$params['per_page']
847	);
848
849	if ( count($image_ids) )
850	{
851	$query = '
852	SELECT * FROM '.IMAGES_TABLE.'
853	WHERE id IN ('.implode(',', $image_ids).')';
854
855	$image_ids = array_flip($image_ids);
856	$result = pwg_query($query);
857	while ($row = pwg_db_fetch_assoc($result))
858	{
859	$image = array();
860	foreach ( array('id', 'width', 'height', 'hit') as $k )
861	{
862	if (isset($row[$k]))
863	{
864	$image[$k] = (int)$row[$k];
865	}
866	}
867	foreach ( array('file', 'name', 'comment') as $k )
868	{
869	$image[$k] = $row[$k];
870	}
871	$image = array_merge( $image, ws_std_get_urls($row) );
872	$images[$image_ids[$image['id']]] = $image;
873	}
874	ksort($images, SORT_NUMERIC);
875	$images = array_values($images);
876	}
877
878
879	return array( 'images' =>
880	array (
881	WS_XML_ATTRIBUTES =>
882	array(
883	'page' => $params['page'],
884	'per_page' => $params['per_page'],
885	'count' => count($images)
886	),
887	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
888	ws_std_get_image_xml_attributes() )
889	)
890	);
891	}
892
893	function ws_images_setPrivacyLevel($params, &$service)
894	{
895	if (!is_admin())
896	{
897	return new PwgError(401, 'Access denied');
898	}
899	if (!$service->isPost())
900	{
901	return new PwgError(405, "This method requires HTTP POST");
902	}
903	$params['image_id'] = array_map( 'intval',$params['image_id'] );
904	if ( empty($params['image_id']) )
905	{
906	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
907	}
908	global $conf;
909	if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
910	{
911	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
912	}
913
914	$query = '
915	UPDATE '.IMAGES_TABLE.'
916	SET level='.(int)$params['level'].'
917	WHERE id IN ('.implode(',',$params['image_id']).')';
918	$result = pwg_query($query);
919	$affected_rows = pwg_db_changes($result);
920	if ($affected_rows)
921	{
922	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
923	invalidate_user_cache();
924	}
925	return $affected_rows;
926	}
927
928	function ws_images_add_chunk($params, &$service)
929	{
930	global $conf;
931
932	ws_logfile('[ws_images_add_chunk] welcome');
933	// data
934	// original_sum
935	// type {thumb, file, high}
936	// position
937
938	if (!is_admin())
939	{
940	return new PwgError(401, 'Access denied');
941	}
942
943	if (!$service->isPost())
944	{
945	return new PwgError(405, "This method requires HTTP POST");
946	}
947
948	foreach ($params as $param_key => $param_value) {
949	if ('data' == $param_key) {
950	continue;
951	}
952
953	ws_logfile(
954	sprintf(
955	'[ws_images_add_chunk] input param "%s" : "%s"',
956	$param_key,
957	is_null($param_value) ? 'NULL' : $param_value
958	)
959	);
960	}
961
962	$upload_dir = $conf['upload_dir'].'/buffer';
963
964	// create the upload directory tree if not exists
965	if (!is_dir($upload_dir)) {
966	umask(0000);
967	$recursive = true;
968	if (!@mkdir($upload_dir, 0777, $recursive))
969	{
970	return new PwgError(500, 'error during buffer directory creation');
971	}
972	}
973
974	if (!is_writable($upload_dir))
975	{
976	// last chance to make the directory writable
977	@chmod($upload_dir, 0777);
978
979	if (!is_writable($upload_dir))
980	{
981	return new PwgError(500, 'buffer directory has no write access');
982	}
983	}
984
985	secure_directory($upload_dir);
986
987	$filename = sprintf(
988	'%s-%s-%05u.block',
989	$params['original_sum'],
990	$params['type'],
991	$params['position']
992	);
993
994	ws_logfile('[ws_images_add_chunk] data length : '.strlen($params['data']));
995
996	$bytes_written = file_put_contents(
997	$upload_dir.'/'.$filename,
998	base64_decode($params['data'])
999	);
1000
1001	if (false === $bytes_written) {
1002	return new PwgError(
1003	500,
1004	'an error has occured while writting chunk '.$params['position'].' for '.$params['type']
1005	);
1006	}
1007	}
1008
1009	function merge_chunks($output_filepath, $original_sum, $type)
1010	{
1011	global $conf;
1012
1013	ws_logfile('[merge_chunks] input parameter $output_filepath : '.$output_filepath);
1014
1015	if (is_file($output_filepath))
1016	{
1017	unlink($output_filepath);
1018
1019	if (is_file($output_filepath))
1020	{
1021	new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath);
1022	exit();
1023	}
1024	}
1025
1026	$upload_dir = $conf['upload_dir'].'/buffer';
1027	$pattern = '/'.$original_sum.'-'.$type.'/';
1028	$chunks = array();
1029
1030	if ($handle = opendir($upload_dir))
1031	{
1032	while (false !== ($file = readdir($handle)))
1033	{
1034	if (preg_match($pattern, $file))
1035	{
1036	ws_logfile($file);
1037	array_push($chunks, $upload_dir.'/'.$file);
1038	}
1039	}
1040	closedir($handle);
1041	}
1042
1043	sort($chunks);
1044
1045	if (function_exists('memory_get_usage')) {
1046	ws_logfile('[merge_chunks] memory_get_usage before loading chunks: '.memory_get_usage());
1047	}
1048
1049	$i = 0;
1050
1051	foreach ($chunks as $chunk)
1052	{
1053	$string = file_get_contents($chunk);
1054
1055	if (function_exists('memory_get_usage')) {
1056	ws_logfile('[merge_chunks] memory_get_usage on chunk '.++$i.': '.memory_get_usage());
1057	}
1058
1059	if (!file_put_contents($output_filepath, $string, FILE_APPEND))
1060	{
1061	new PwgError(500, '[merge_chunks] error while writting chunks for '.$output_filepath);
1062	exit();
1063	}
1064
1065	unlink($chunk);
1066	}
1067
1068	if (function_exists('memory_get_usage')) {
1069	ws_logfile('[merge_chunks] memory_get_usage after loading chunks: '.memory_get_usage());
1070	}
1071	}
1072
1073	/*
1074	* The $file_path must be the path of the basic "web sized" photo
1075	* The $type value will automatically modify the $file_path to the corresponding file
1076	*/
1077	function add_file($file_path, $type, $original_sum, $file_sum)
1078	{
1079	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1080
1081	$file_path = file_path_for_type($file_path, $type);
1082
1083	$upload_dir = dirname($file_path);
1084	if (substr(PHP_OS, 0, 3) == 'WIN')
1085	{
1086	$upload_dir = str_replace('/', DIRECTORY_SEPARATOR, $upload_dir);
1087	}
1088
1089	ws_logfile('[add_file] file_path : '.$file_path);
1090	ws_logfile('[add_file] upload_dir : '.$upload_dir);
1091
1092	if (!is_dir($upload_dir)) {
1093	umask(0000);
1094	$recursive = true;
1095	if (!@mkdir($upload_dir, 0777, $recursive))
1096	{
1097	new PwgError(500, '[add_file] error during '.$type.' directory creation');
1098	exit();
1099	}
1100	}
1101
1102	if (!is_writable($upload_dir))
1103	{
1104	// last chance to make the directory writable
1105	@chmod($upload_dir, 0777);
1106
1107	if (!is_writable($upload_dir))
1108	{
1109	new PwgError(500, '[add_file] '.$type.' directory has no write access');
1110	exit();
1111	}
1112	}
1113
1114	secure_directory($upload_dir);
1115
1116	// merge the thumbnail
1117	merge_chunks($file_path, $original_sum, $type);
1118	chmod($file_path, 0644);
1119
1120	// check dumped thumbnail md5
1121	$dumped_md5 = md5_file($file_path);
1122	if ($dumped_md5 != $file_sum) {
1123	new PwgError(500, '[add_file] '.$type.' transfer failed');
1124	exit();
1125	}
1126
1127	list($width, $height) = getimagesize($file_path);
1128	$filesize = floor(filesize($file_path)/1024);
1129
1130	return array(
1131	'width' => $width,
1132	'height' => $height,
1133	'filesize' => $filesize,
1134	);
1135	}
1136
1137	function ws_images_addFile($params, &$service)
1138	{
1139	// image_id
1140	// type {thumb, file, high}
1141	// sum
1142
1143	global $conf;
1144	if (!is_admin())
1145	{
1146	return new PwgError(401, 'Access denied');
1147	}
1148
1149	$params['image_id'] = (int)$params['image_id'];
1150	if ($params['image_id'] <= 0)
1151	{
1152	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1153	}
1154
1155	//
1156	// what is the path?
1157	//
1158	$query = '
1159	SELECT
1160	path,
1161	md5sum
1162	FROM '.IMAGES_TABLE.'
1163	WHERE id = '.$params['image_id'].'
1164	;';
1165	list($file_path, $original_sum) = pwg_db_fetch_row(pwg_query($query));
1166
1167	// TODO only files added with web API can be updated with web API
1168
1169	//
1170	// makes sure directories are there and call the merge_chunks
1171	//
1172	$infos = add_file($file_path, $params['type'], $original_sum, $params['sum']);
1173
1174	//
1175	// update basic metadata from file
1176	//
1177	$update = array();
1178
1179	if ('high' == $params['type'])
1180	{
1181	$update['high_filesize'] = $infos['filesize'];
1182	$update['has_high'] = 'true';
1183	}
1184
1185	if ('file' == $params['type'])
1186	{
1187	$update['filesize'] = $infos['filesize'];
1188	$update['width'] = $infos['width'];
1189	$update['height'] = $infos['height'];
1190	}
1191
1192	// we may have nothing to update at database level, for example with a
1193	// thumbnail update
1194	if (count($update) > 0)
1195	{
1196	$update['id'] = $params['image_id'];
1197
1198	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1199	mass_updates(
1200	IMAGES_TABLE,
1201	array(
1202	'primary' => array('id'),
1203	'update' => array_diff(array_keys($update), array('id'))
1204	),
1205	array($update)
1206	);
1207	}
1208	}
1209
1210	function ws_images_add($params, &$service)
1211	{
1212	global $conf, $user;
1213	if (!is_admin())
1214	{
1215	return new PwgError(401, 'Access denied');
1216	}
1217
1218	foreach ($params as $param_key => $param_value) {
1219	ws_logfile(
1220	sprintf(
1221	'[pwg.images.add] input param "%s" : "%s"',
1222	$param_key,
1223	is_null($param_value) ? 'NULL' : $param_value
1224	)
1225	);
1226	}
1227
1228	// does the image already exists ?
1229	if ('md5sum' == $conf['uniqueness_mode'])
1230	{
1231	$where_clause = "md5sum = '".$params['original_sum']."'";
1232	}
1233	if ('filename' == $conf['uniqueness_mode'])
1234	{
1235	$where_clause = "file = '".$params['original_filename']."'";
1236	}
1237
1238	$query = '
1239	SELECT
1240	COUNT(*) AS counter
1241	FROM '.IMAGES_TABLE.'
1242	WHERE '.$where_clause.'
1243	;';
1244	list($counter) = pwg_db_fetch_row(pwg_query($query));
1245	if ($counter != 0) {
1246	return new PwgError(500, 'file already exists');
1247	}
1248
1249	// current date
1250	list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
1251	list($year, $month, $day) = preg_split('/[^\d]/', $dbnow, 4);
1252
1253	// upload directory hierarchy
1254	$upload_dir = sprintf(
1255	$conf['upload_dir'].'/%s/%s/%s',
1256	$year,
1257	$month,
1258	$day
1259	);
1260
1261	// compute file path
1262	$date_string = preg_replace('/[^\d]/', '', $dbnow);
1263	$random_string = substr($params['file_sum'], 0, 8);
1264	$filename_wo_ext = $date_string.'-'.$random_string;
1265	$file_path = $upload_dir.'/'.$filename_wo_ext.'.jpg';
1266
1267	// add files
1268	$file_infos = add_file($file_path, 'file', $params['original_sum'], $params['file_sum']);
1269	$thumb_infos = add_file($file_path, 'thumb', $params['original_sum'], $params['thumbnail_sum']);
1270
1271	if (isset($params['high_sum']))
1272	{
1273	$high_infos = add_file($file_path, 'high', $params['original_sum'], $params['high_sum']);
1274	}
1275
1276	// database registration
1277	$insert = array(
1278	'file' => !empty($params['original_filename']) ? $params['original_filename'] : $filename_wo_ext.'.jpg',
1279	'date_available' => $dbnow,
1280	'tn_ext' => 'jpg',
1281	'name' => $params['name'],
1282	'path' => $file_path,
1283	'filesize' => $file_infos['filesize'],
1284	'width' => $file_infos['width'],
1285	'height' => $file_infos['height'],
1286	'md5sum' => $params['original_sum'],
1287	'added_by' => $user['id'],
1288	);
1289
1290	$info_columns = array(
1291	'name',
1292	'author',
1293	'comment',
1294	'level',
1295	'date_creation',
1296	);
1297
1298	foreach ($info_columns as $key)
1299	{
1300	if (isset($params[$key]))
1301	{
1302	$insert[$key] = $params[$key];
1303	}
1304	}
1305
1306	if (isset($params['high_sum']))
1307	{
1308	$insert['has_high'] = 'true';
1309	$insert['high_filesize'] = $high_infos['filesize'];
1310	}
1311
1312	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1313	mass_inserts(
1314	IMAGES_TABLE,
1315	array_keys($insert),
1316	array($insert)
1317	);
1318
1319	$image_id = pwg_db_insert_id(IMAGES_TABLE);
1320
1321	// let's add links between the image and the categories
1322	if (isset($params['categories']))
1323	{
1324	ws_add_image_category_relations($image_id, $params['categories']);
1325	}
1326
1327	// and now, let's create tag associations
1328	if (isset($params['tag_ids']) and !empty($params['tag_ids']))
1329	{
1330	set_tags(
1331	explode(',', $params['tag_ids']),
1332	$image_id
1333	);
1334	}
1335
1336	// update metadata from the uploaded file (exif/iptc)
1337	require_once(PHPWG_ROOT_PATH.'admin/include/functions_metadata.php');
1338	update_metadata(array($image_id=>$file_path));
1339
1340	invalidate_user_cache();
1341	}
1342
1343	function ws_images_addSimple($params, &$service)
1344	{
1345	global $conf;
1346	if (!is_admin())
1347	{
1348	return new PwgError(401, 'Access denied');
1349	}
1350
1351	if (!$service->isPost())
1352	{
1353	return new PwgError(405, "This method requires HTTP POST");
1354	}
1355
1356	// category
1357	$params['category'] = (int)$params['category'];
1358	if ($params['category'] <= 0)
1359	{
1360	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
1361	}
1362
1363	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1364	prepare_upload_configuration();
1365
1366	$image_id = add_uploaded_file(
1367	$_FILES['image']['tmp_name'],
1368	$_FILES['image']['name'],
1369	array($params['category']),
1370	8
1371	);
1372
1373	$info_columns = array(
1374	'name',
1375	'author',
1376	'comment',
1377	'level',
1378	'date_creation',
1379	);
1380
1381	foreach ($info_columns as $key)
1382	{
1383	if (isset($params[$key]))
1384	{
1385	$update[$key] = $params[$key];
1386	}
1387	}
1388
1389	if (count(array_keys($update)) > 0)
1390	{
1391	$update['id'] = $image_id;
1392
1393	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1394	mass_updates(
1395	IMAGES_TABLE,
1396	array(
1397	'primary' => array('id'),
1398	'update' => array_diff(array_keys($update), array('id'))
1399	),
1400	array($update)
1401	);
1402	}
1403
1404
1405	if (isset($params['tags']) and !empty($params['tags']))
1406	{
1407	$tag_ids = array();
1408	$tag_names = explode(',', $params['tags']);
1409	foreach ($tag_names as $tag_name)
1410	{
1411	$tag_id = tag_id_from_tag_name($tag_name);
1412	array_push($tag_ids, $tag_id);
1413	}
1414
1415	add_tags($tag_ids, array($image_id));
1416	}
1417
1418	$query = '
1419	SELECT id, name, permalink
1420	FROM '.CATEGORIES_TABLE.'
1421	WHERE id = '.$params['category'].'
1422	;';
1423	$result = pwg_query($query);
1424	$category = pwg_db_fetch_assoc($result);
1425
1426	return array(
1427	'image_id' => $image_id,
1428	'url' => make_picture_url(
1429	array(
1430	'image_id' => $image_id,
1431	'section' => 'categories',
1432	'category' => $category
1433	)
1434	),
1435	);
1436	}
1437
1438	/**
1439	* perform a login (web service method)
1440	*/
1441	function ws_session_login($params, &$service)
1442	{
1443	global $conf;
1444
1445	if (!$service->isPost())
1446	{
1447	return new PwgError(405, "This method requires HTTP POST");
1448	}
1449	if (try_log_user($params['username'], $params['password'],false))
1450	{
1451	return true;
1452	}
1453	return new PwgError(999, 'Invalid username/password');
1454	}
1455
1456
1457	/**
1458	* performs a logout (web service method)
1459	*/
1460	function ws_session_logout($params, &$service)
1461	{
1462	if (!is_a_guest())
1463	{
1464	logout_user();
1465	}
1466	return true;
1467	}
1468
1469	function ws_session_getStatus($params, &$service)
1470	{
1471	global $user;
1472	$res = array();
1473	$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
1474	foreach ( array('status', 'theme', 'language') as $k )
1475	{
1476	$res[$k] = $user[$k];
1477	}
1478	$res['pwg_token'] = get_pwg_token();
1479	$res['charset'] = get_pwg_charset();
1480	return $res;
1481	}
1482
1483
1484	/**
1485	* returns a list of tags (web service method)
1486	*/
1487	function ws_tags_getList($params, &$service)
1488	{
1489	$tags = get_available_tags();
1490	if ($params['sort_by_counter'])
1491	{
1492	usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
1493	}
1494	else
1495	{
1496	usort($tags, 'tag_alpha_compare');
1497	}
1498	for ($i=0; $i<count($tags); $i++)
1499	{
1500	$tags[$i]['id'] = (int)$tags[$i]['id'];
1501	$tags[$i]['counter'] = (int)$tags[$i]['counter'];
1502	$tags[$i]['url'] = make_index_url(
1503	array(
1504	'section'=>'tags',
1505	'tags'=>array($tags[$i])
1506	)
1507	);
1508	}
1509	return array('tags' => new PwgNamedArray($tags, 'tag', array('id','url_name','url', 'name', 'counter' )) );
1510	}
1511
1512	/**
1513	* returns the list of tags as you can see them in administration (web
1514	* service method).
1515	*
1516	* Only admin can run this method and permissions are not taken into
1517	* account.
1518	*/
1519	function ws_tags_getAdminList($params, &$service)
1520	{
1521	if (!is_admin())
1522	{
1523	return new PwgError(401, 'Access denied');
1524	}
1525
1526	$tags = get_all_tags();
1527	return array(
1528	'tags' => new PwgNamedArray(
1529	$tags,
1530	'tag',
1531	array(
1532	'name',
1533	'id',
1534	'url_name',
1535	)
1536	)
1537	);
1538	}
1539
1540	/**
1541	* returns a list of images for tags (web service method)
1542	*/
1543	function ws_tags_getImages($params, &$service)
1544	{
1545	@include_once(PHPWG_ROOT_PATH.'include/functions_picture.inc.php');
1546	global $conf;
1547
1548	// first build all the tag_ids we are interested in
1549	$params['tag_id'] = array_map( 'intval',$params['tag_id'] );
1550	$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
1551	$tags_by_id = array();
1552	foreach( $tags as $tag )
1553	{
1554	$tags['id'] = (int)$tag['id'];
1555	$tags_by_id[ $tag['id'] ] = $tag;
1556	}
1557	unset($tags);
1558	$tag_ids = array_keys($tags_by_id);
1559
1560
1561	$image_ids = array();
1562	$image_tag_map = array();
1563
1564	if ( !empty($tag_ids) )
1565	{ // build list of image ids with associated tags per image
1566	if ($params['tag_mode_and'])
1567	{
1568	$image_ids = get_image_ids_for_tags( $tag_ids );
1569	}
1570	else
1571	{
1572	$query = '
1573	SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
1574	FROM '.IMAGE_TAG_TABLE.'
1575	WHERE tag_id IN ('.implode(',',$tag_ids).')
1576	GROUP BY image_id';
1577	$result = pwg_query($query);
1578	while ( $row=pwg_db_fetch_assoc($result) )
1579	{
1580	$row['image_id'] = (int)$row['image_id'];
1581	array_push( $image_ids, $row['image_id'] );
1582	$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
1583	}
1584	}
1585	}
1586
1587	$images = array();
1588	if ( !empty($image_ids))
1589	{
1590	$where_clauses = ws_std_image_sql_filter($params);
1591	$where_clauses[] = get_sql_condition_FandF(
1592	array
1593	(
1594	'forbidden_categories' => 'category_id',
1595	'visible_categories' => 'category_id',
1596	'visible_images' => 'i.id'
1597	),
1598	'', true
1599	);
1600	$where_clauses[] = 'id IN ('.implode(',',$image_ids).')';
1601
1602	$order_by = ws_std_image_sql_order($params);
1603	if (empty($order_by))
1604	{
1605	$order_by = $conf['order_by'];
1606	}
1607	else
1608	{
1609	$order_by = 'ORDER BY '.$order_by;
1610	}
1611
1612	$query = '
1613	SELECT DISTINCT i.* FROM '.IMAGES_TABLE.' i
1614	INNER JOIN '.IMAGE_CATEGORY_TABLE.' ON i.id=image_id
1615	WHERE '. implode('
1616	AND ', $where_clauses).'
1617	'.$order_by.'
1618	LIMIT '.(int)$params['per_page'].' OFFSET '.(int)($params['per_page']*$params['page']);
1619
1620	$result = pwg_query($query);
1621	while ($row = pwg_db_fetch_assoc($result))
1622	{
1623	$image = array();
1624	foreach ( array('id', 'width', 'height', 'hit') as $k )
1625	{
1626	if (isset($row[$k]))
1627	{
1628	$image[$k] = (int)$row[$k];
1629	}
1630	}
1631	foreach ( array('file', 'name', 'comment') as $k )
1632	{
1633	$image[$k] = $row[$k];
1634	}
1635	$image = array_merge( $image, ws_std_get_urls($row) );
1636
1637	$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
1638	$image_tags = array();
1639	foreach ($image_tag_ids as $tag_id)
1640	{
1641	$url = make_index_url(
1642	array(
1643	'section'=>'tags',
1644	'tags'=> array($tags_by_id[$tag_id])
1645	)
1646	);
1647	$page_url = make_picture_url(
1648	array(
1649	'section'=>'tags',
1650	'tags'=> array($tags_by_id[$tag_id]),
1651	'image_id' => $row['id'],
1652	'image_file' => $row['file'],
1653	)
1654	);
1655	array_push($image_tags, array(
1656	'id' => (int)$tag_id,
1657	'url' => $url,
1658	'page_url' => $page_url,
1659	)
1660	);
1661	}
1662	$image['tags'] = new PwgNamedArray($image_tags, 'tag',
1663	array('id','url_name','url','page_url')
1664	);
1665	array_push($images, $image);
1666	}
1667	}
1668
1669	return array( 'images' =>
1670	array (
1671	WS_XML_ATTRIBUTES =>
1672	array(
1673	'page' => $params['page'],
1674	'per_page' => $params['per_page'],
1675	'count' => count($images)
1676	),
1677	WS_XML_CONTENT => new PwgNamedArray($images, 'image',
1678	ws_std_get_image_xml_attributes() )
1679	)
1680	);
1681	}
1682
1683	function ws_categories_add($params, &$service)
1684	{
1685	if (!is_admin())
1686	{
1687	return new PwgError(401, 'Access denied');
1688	}
1689
1690	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1691
1692	$creation_output = create_virtual_category(
1693	$params['name'],
1694	$params['parent']
1695	);
1696
1697	if (isset($creation_output['error']))
1698	{
1699	return new PwgError(500, $creation_output['error']);
1700	}
1701
1702	invalidate_user_cache();
1703
1704	return $creation_output;
1705	}
1706
1707	function ws_tags_add($params, &$service)
1708	{
1709	if (!is_admin())
1710	{
1711	return new PwgError(401, 'Access denied');
1712	}
1713
1714	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1715
1716	$creation_output = create_tag($params['name']);
1717
1718	if (isset($creation_output['error']))
1719	{
1720	return new PwgError(500, $creation_output['error']);
1721	}
1722
1723	return $creation_output;
1724	}
1725
1726	function ws_images_exist($params, &$service)
1727	{
1728	global $conf;
1729
1730	if (!is_admin())
1731	{
1732	return new PwgError(401, 'Access denied');
1733	}
1734
1735	$split_pattern = '/[\s,;\\|]/';
1736
1737	if ('md5sum' == $conf['uniqueness_mode'])
1738	{
1739	// search among photos the list of photos already added, based on md5sum
1740	// list
1741	$md5sums = preg_split(
1742	$split_pattern,
1743	$params['md5sum_list'],
1744	-1,
1745	PREG_SPLIT_NO_EMPTY
1746	);
1747
1748	$query = '
1749	SELECT
1750	id,
1751	md5sum
1752	FROM '.IMAGES_TABLE.'
1753	WHERE md5sum IN (\''.implode("','", $md5sums).'\')
1754	;';
1755	$id_of_md5 = simple_hash_from_query($query, 'md5sum', 'id');
1756
1757	$result = array();
1758
1759	foreach ($md5sums as $md5sum)
1760	{
1761	$result[$md5sum] = null;
1762	if (isset($id_of_md5[$md5sum]))
1763	{
1764	$result[$md5sum] = $id_of_md5[$md5sum];
1765	}
1766	}
1767	}
1768
1769	if ('filename' == $conf['uniqueness_mode'])
1770	{
1771	// search among photos the list of photos already added, based on
1772	// filename list
1773	$filenames = preg_split(
1774	$split_pattern,
1775	$params['filename_list'],
1776	-1,
1777	PREG_SPLIT_NO_EMPTY
1778	);
1779
1780	$query = '
1781	SELECT
1782	id,
1783	file
1784	FROM '.IMAGES_TABLE.'
1785	WHERE file IN (\''.implode("','", $filenames).'\')
1786	;';
1787	$id_of_filename = simple_hash_from_query($query, 'file', 'id');
1788
1789	$result = array();
1790
1791	foreach ($filenames as $filename)
1792	{
1793	$result[$filename] = null;
1794	if (isset($id_of_filename[$filename]))
1795	{
1796	$result[$filename] = $id_of_filename[$filename];
1797	}
1798	}
1799	}
1800
1801	return $result;
1802	}
1803
1804	function ws_images_checkFiles($params, &$service)
1805	{
1806	if (!is_admin())
1807	{
1808	return new PwgError(401, 'Access denied');
1809	}
1810
1811	// input parameters
1812	//
1813	// image_id
1814	// thumbnail_sum
1815	// file_sum
1816	// high_sum
1817
1818	$params['image_id'] = (int)$params['image_id'];
1819	if ($params['image_id'] <= 0)
1820	{
1821	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1822	}
1823
1824	$query = '
1825	SELECT
1826	path
1827	FROM '.IMAGES_TABLE.'
1828	WHERE id = '.$params['image_id'].'
1829	;';
1830	$result = pwg_query($query);
1831	if (pwg_db_num_rows($result) == 0) {
1832	return new PwgError(404, "image_id not found");
1833	}
1834	list($path) = pwg_db_fetch_row($result);
1835
1836	$ret = array();
1837
1838	foreach (array('thumb', 'file', 'high') as $type) {
1839	$param_name = $type;
1840	if ('thumb' == $type) {
1841	$param_name = 'thumbnail';
1842	}
1843
1844	if (isset($params[$param_name.'_sum'])) {
1845	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
1846	$type_path = file_path_for_type($path, $type);
1847	if (!is_file($type_path)) {
1848	$ret[$param_name] = 'missing';
1849	}
1850	else {
1851	if (md5_file($type_path) != $params[$param_name.'_sum']) {
1852	$ret[$param_name] = 'differs';
1853	}
1854	else {
1855	$ret[$param_name] = 'equals';
1856	}
1857	}
1858	}
1859	}
1860
1861	return $ret;
1862	}
1863
1864	function ws_images_setInfo($params, &$service)
1865	{
1866	global $conf;
1867	if (!is_admin())
1868	{
1869	return new PwgError(401, 'Access denied');
1870	}
1871
1872	if (!$service->isPost())
1873	{
1874	return new PwgError(405, "This method requires HTTP POST");
1875	}
1876
1877	$params['image_id'] = (int)$params['image_id'];
1878	if ($params['image_id'] <= 0)
1879	{
1880	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
1881	}
1882
1883	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
1884
1885	$query='
1886	SELECT *
1887	FROM '.IMAGES_TABLE.'
1888	WHERE id = '.$params['image_id'].'
1889	;';
1890
1891	$image_row = pwg_db_fetch_assoc(pwg_query($query));
1892	if ($image_row == null)
1893	{
1894	return new PwgError(404, "image_id not found");
1895	}
1896
1897	// database registration
1898	$update = array();
1899
1900	$info_columns = array(
1901	'name',
1902	'author',
1903	'comment',
1904	'level',
1905	'date_creation',
1906	);
1907
1908	foreach ($info_columns as $key)
1909	{
1910	if (isset($params[$key]))
1911	{
1912	if ('fill_if_empty' == $params['single_value_mode'])
1913	{
1914	if (empty($image_row[$key]))
1915	{
1916	$update[$key] = $params[$key];
1917	}
1918	}
1919	elseif ('replace' == $params['single_value_mode'])
1920	{
1921	$update[$key] = $params[$key];
1922	}
1923	else
1924	{
1925	new PwgError(
1926	500,
1927	'[ws_images_setInfo]'
1928	.' invalid parameter single_value_mode "'.$params['single_value_mode'].'"'
1929	.', possible values are {fill_if_empty, replace}.'
1930	);
1931	exit();
1932	}
1933	}
1934	}
1935
1936	if (count(array_keys($update)) > 0)
1937	{
1938	$update['id'] = $params['image_id'];
1939
1940	mass_updates(
1941	IMAGES_TABLE,
1942	array(
1943	'primary' => array('id'),
1944	'update' => array_diff(array_keys($update), array('id'))
1945	),
1946	array($update)
1947	);
1948	}
1949
1950	if (isset($params['categories']))
1951	{
1952	ws_add_image_category_relations(
1953	$params['image_id'],
1954	$params['categories'],
1955	('replace' == $params['multiple_value_mode'] ? true : false)
1956	);
1957	}
1958
1959	// and now, let's create tag associations
1960	if (isset($params['tag_ids']))
1961	{
1962	$tag_ids = explode(',', $params['tag_ids']);
1963
1964	if ('replace' == $params['multiple_value_mode'])
1965	{
1966	set_tags(
1967	$tag_ids,
1968	$params['image_id']
1969	);
1970	}
1971	elseif ('append' == $params['multiple_value_mode'])
1972	{
1973	add_tags(
1974	$tag_ids,
1975	array($params['image_id'])
1976	);
1977	}
1978	else
1979	{
1980	new PwgError(
1981	500,
1982	'[ws_images_setInfo]'
1983	.' invalid parameter multiple_value_mode "'.$params['multiple_value_mode'].'"'
1984	.', possible values are {replace, append}.'
1985	);
1986	exit();
1987	}
1988	}
1989
1990	invalidate_user_cache();
1991	}
1992
1993	function ws_images_delete($params, &$service)
1994	{
1995	global $conf;
1996	if (!is_admin())
1997	{
1998	return new PwgError(401, 'Access denied');
1999	}
2000
2001	if (!$service->isPost())
2002	{
2003	return new PwgError(405, "This method requires HTTP POST");
2004	}
2005
2006	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2007	{
2008	return new PwgError(403, 'Invalid security token');
2009	}
2010
2011	$params['image_id'] = preg_split(
2012	'/[\s,;\\|]/',
2013	$params['image_id'],
2014	-1,
2015	PREG_SPLIT_NO_EMPTY
2016	);
2017	$params['image_id'] = array_map('intval', $params['image_id']);
2018
2019	$image_ids = array();
2020	foreach ($params['image_id'] as $image_id)
2021	{
2022	if ($image_id > 0)
2023	{
2024	array_push($image_ids, $image_id);
2025	}
2026	}
2027
2028	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2029	delete_elements($image_ids, true);
2030	}
2031
2032	function ws_add_image_category_relations($image_id, $categories_string, $replace_mode=false)
2033	{
2034	// let's add links between the image and the categories
2035	//
2036	// $params['categories'] should look like 123,12;456,auto;789 which means:
2037	//
2038	// 1. associate with category 123 on rank 12
2039	// 2. associate with category 456 on automatic rank
2040	// 3. associate with category 789 on automatic rank
2041	$cat_ids = array();
2042	$rank_on_category = array();
2043	$search_current_ranks = false;
2044
2045	$tokens = explode(';', $categories_string);
2046	foreach ($tokens as $token)
2047	{
2048	@list($cat_id, $rank) = explode(',', $token);
2049
2050	if (!preg_match('/^\d+$/', $cat_id))
2051	{
2052	continue;
2053	}
2054
2055	array_push($cat_ids, $cat_id);
2056
2057	if (!isset($rank))
2058	{
2059	$rank = 'auto';
2060	}
2061	$rank_on_category[$cat_id] = $rank;
2062
2063	if ($rank == 'auto')
2064	{
2065	$search_current_ranks = true;
2066	}
2067	}
2068
2069	$cat_ids = array_unique($cat_ids);
2070
2071	if (count($cat_ids) == 0)
2072	{
2073	new PwgError(
2074	500,
2075	'[ws_add_image_category_relations] there is no category defined in "'.$categories_string.'"'
2076	);
2077	exit();
2078	}
2079
2080	$query = '
2081	SELECT
2082	id
2083	FROM '.CATEGORIES_TABLE.'
2084	WHERE id IN ('.implode(',', $cat_ids).')
2085	;';
2086	$db_cat_ids = array_from_query($query, 'id');
2087
2088	$unknown_cat_ids = array_diff($cat_ids, $db_cat_ids);
2089	if (count($unknown_cat_ids) != 0)
2090	{
2091	new PwgError(
2092	500,
2093	'[ws_add_image_category_relations] the following categories are unknown: '.implode(', ', $unknown_cat_ids)
2094	);
2095	exit();
2096	}
2097
2098	$to_update_cat_ids = array();
2099
2100	// in case of replace mode, we first check the existing associations
2101	$query = '
2102	SELECT
2103	category_id
2104	FROM '.IMAGE_CATEGORY_TABLE.'
2105	WHERE image_id = '.$image_id.'
2106	;';
2107	$existing_cat_ids = array_from_query($query, 'category_id');
2108
2109	if ($replace_mode)
2110	{
2111	$to_remove_cat_ids = array_diff($existing_cat_ids, $cat_ids);
2112	if (count($to_remove_cat_ids) > 0)
2113	{
2114	$query = '
2115	DELETE
2116	FROM '.IMAGE_CATEGORY_TABLE.'
2117	WHERE image_id = '.$image_id.'
2118	AND category_id IN ('.implode(', ', $to_remove_cat_ids).')
2119	;';
2120	pwg_query($query);
2121	update_category($to_remove_cat_ids);
2122	}
2123	}
2124
2125	$new_cat_ids = array_diff($cat_ids, $existing_cat_ids);
2126	if (count($new_cat_ids) == 0)
2127	{
2128	return true;
2129	}
2130
2131	if ($search_current_ranks)
2132	{
2133	$query = '
2134	SELECT
2135	category_id,
2136	MAX(rank) AS max_rank
2137	FROM '.IMAGE_CATEGORY_TABLE.'
2138	WHERE rank IS NOT NULL
2139	AND category_id IN ('.implode(',', $new_cat_ids).')
2140	GROUP BY category_id
2141	;';
2142	$current_rank_of = simple_hash_from_query(
2143	$query,
2144	'category_id',
2145	'max_rank'
2146	);
2147
2148	foreach ($new_cat_ids as $cat_id)
2149	{
2150	if (!isset($current_rank_of[$cat_id]))
2151	{
2152	$current_rank_of[$cat_id] = 0;
2153	}
2154
2155	if ('auto' == $rank_on_category[$cat_id])
2156	{
2157	$rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1;
2158	}
2159	}
2160	}
2161
2162	$inserts = array();
2163
2164	foreach ($new_cat_ids as $cat_id)
2165	{
2166	array_push(
2167	$inserts,
2168	array(
2169	'image_id' => $image_id,
2170	'category_id' => $cat_id,
2171	'rank' => $rank_on_category[$cat_id],
2172	)
2173	);
2174	}
2175
2176	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2177	mass_inserts(
2178	IMAGE_CATEGORY_TABLE,
2179	array_keys($inserts[0]),
2180	$inserts
2181	);
2182
2183	update_category($new_cat_ids);
2184	}
2185
2186	function ws_categories_setInfo($params, &$service)
2187	{
2188	global $conf;
2189	if (!is_admin())
2190	{
2191	return new PwgError(401, 'Access denied');
2192	}
2193
2194	if (!$service->isPost())
2195	{
2196	return new PwgError(405, "This method requires HTTP POST");
2197	}
2198
2199	// category_id
2200	// name
2201	// comment
2202
2203	$params['category_id'] = (int)$params['category_id'];
2204	if ($params['category_id'] <= 0)
2205	{
2206	return new PwgError(WS_ERR_INVALID_PARAM, "Invalid category_id");
2207	}
2208
2209	// database registration
2210	$update = array(
2211	'id' => $params['category_id'],
2212	);
2213
2214	$info_columns = array(
2215	'name',
2216	'comment',
2217	);
2218
2219	$perform_update = false;
2220	foreach ($info_columns as $key)
2221	{
2222	if (isset($params[$key]))
2223	{
2224	$perform_update = true;
2225	$update[$key] = $params[$key];
2226	}
2227	}
2228
2229	if ($perform_update)
2230	{
2231	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2232	mass_updates(
2233	CATEGORIES_TABLE,
2234	array(
2235	'primary' => array('id'),
2236	'update' => array_diff(array_keys($update), array('id'))
2237	),
2238	array($update)
2239	);
2240	}
2241
2242	}
2243
2244	function ws_categories_delete($params, &$service)
2245	{
2246	global $conf;
2247	if (!is_admin())
2248	{
2249	return new PwgError(401, 'Access denied');
2250	}
2251
2252	if (!$service->isPost())
2253	{
2254	return new PwgError(405, "This method requires HTTP POST");
2255	}
2256
2257	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2258	{
2259	return new PwgError(403, 'Invalid security token');
2260	}
2261
2262	$modes = array('no_delete', 'delete_orphans', 'force_delete');
2263	if (!in_array($params['photo_deletion_mode'], $modes))
2264	{
2265	return new PwgError(
2266	500,
2267	'[ws_categories_delete]'
2268	.' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
2269	.', possible values are {'.implode(', ', $modes).'}.'
2270	);
2271	}
2272
2273	$params['category_id'] = preg_split(
2274	'/[\s,;\\|]/',
2275	$params['category_id'],
2276	-1,
2277	PREG_SPLIT_NO_EMPTY
2278	);
2279	$params['category_id'] = array_map('intval', $params['category_id']);
2280
2281	$category_ids = array();
2282	foreach ($params['category_id'] as $category_id)
2283	{
2284	if ($category_id > 0)
2285	{
2286	array_push($category_ids, $category_id);
2287	}
2288	}
2289
2290	if (count($category_ids) == 0)
2291	{
2292	return;
2293	}
2294
2295	$query = '
2296	SELECT id
2297	FROM '.CATEGORIES_TABLE.'
2298	WHERE id IN ('.implode(',', $category_ids).')
2299	;';
2300	$category_ids = array_from_query($query, 'id');
2301
2302	if (count($category_ids) == 0)
2303	{
2304	return;
2305	}
2306
2307	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2308	delete_categories($category_ids, $params['photo_deletion_mode']);
2309	update_global_rank();
2310	}
2311
2312	function ws_categories_move($params, &$service)
2313	{
2314	global $conf, $page;
2315
2316	if (!is_admin())
2317	{
2318	return new PwgError(401, 'Access denied');
2319	}
2320
2321	if (!$service->isPost())
2322	{
2323	return new PwgError(405, "This method requires HTTP POST");
2324	}
2325
2326	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2327	{
2328	return new PwgError(403, 'Invalid security token');
2329	}
2330
2331	$params['category_id'] = preg_split(
2332	'/[\s,;\\|]/',
2333	$params['category_id'],
2334	-1,
2335	PREG_SPLIT_NO_EMPTY
2336	);
2337	$params['category_id'] = array_map('intval', $params['category_id']);
2338
2339	$category_ids = array();
2340	foreach ($params['category_id'] as $category_id)
2341	{
2342	if ($category_id > 0)
2343	{
2344	array_push($category_ids, $category_id);
2345	}
2346	}
2347
2348	if (count($category_ids) == 0)
2349	{
2350	return new PwgError(403, 'Invalid category_id input parameter, no category to move');
2351	}
2352
2353	// we can't move physical categories
2354	$categories_in_db = array();
2355
2356	$query = '
2357	SELECT
2358	id,
2359	name,
2360	dir
2361	FROM '.CATEGORIES_TABLE.'
2362	WHERE id IN ('.implode(',', $category_ids).')
2363	;';
2364	$result = pwg_query($query);
2365	while ($row = pwg_db_fetch_assoc($result))
2366	{
2367	$categories_in_db[$row['id']] = $row;
2368	// we break on error at first physical category detected
2369	if (!empty($row['dir']))
2370	{
2371	$row['name'] = strip_tags(
2372	trigger_event(
2373	'render_category_name',
2374	$row['name'],
2375	'ws_categories_move'
2376	)
2377	);
2378
2379	return new PwgError(
2380	403,
2381	sprintf(
2382	'Category %s (%u) is not a virtual category, you cannot move it',
2383	$row['name'],
2384	$row['id']
2385	)
2386	);
2387	}
2388	}
2389
2390	if (count($categories_in_db) != count($category_ids))
2391	{
2392	$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
2393
2394	return new PwgError(
2395	403,
2396	sprintf(
2397	'Category %u does not exist',
2398	$unknown_category_ids[0]
2399	)
2400	);
2401	}
2402
2403	// does this parent exists? This check should be made in the
2404	// move_categories function, not here
2405	//
2406	// 0 as parent means "move categories at gallery root"
2407	if (!is_numeric($params['parent']))
2408	{
2409	return new PwgError(403, 'Invalid parent input parameter');
2410	}
2411
2412	if (0 != $params['parent']) {
2413	$params['parent'] = intval($params['parent']);
2414	$subcat_ids = get_subcat_ids(array($params['parent']));
2415	if (count($subcat_ids) == 0)
2416	{
2417	return new PwgError(403, 'Unknown parent category id');
2418	}
2419	}
2420
2421	$page['infos'] = array();
2422	$page['errors'] = array();
2423	include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
2424	move_categories($category_ids, $params['parent']);
2425	invalidate_user_cache();
2426
2427	if (count($page['errors']) != 0)
2428	{
2429	return new PwgError(403, implode('; ', $page['errors']));
2430	}
2431	}
2432
2433	function ws_logfile($string)
2434	{
2435	global $conf;
2436
2437	if (!$conf['ws_enable_log']) {
2438	return true;
2439	}
2440
2441	file_put_contents(
2442	$conf['ws_log_filepath'],
2443	'['.date('c').'] '.$string."\n",
2444	FILE_APPEND
2445	);
2446	}
2447
2448	function ws_images_checkUpload($params, &$service)
2449	{
2450	global $conf;
2451
2452	if (!is_admin())
2453	{
2454	return new PwgError(401, 'Access denied');
2455	}
2456
2457	include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php');
2458	$ret['message'] = ready_for_upload_message();
2459	$ret['ready_for_upload'] = true;
2460
2461	if (!empty($ret['message']))
2462	{
2463	$ret['ready_for_upload'] = false;
2464	}
2465
2466	return $ret;
2467	}
2468
2469	function ws_plugins_getList($params, &$service)
2470	{
2471	global $conf;
2472
2473	if (!is_admin())
2474	{
2475	return new PwgError(401, 'Access denied');
2476	}
2477
2478	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
2479	$plugins = new plugins();
2480	$plugins->sort_fs_plugins('name');
2481	$plugin_list = array();
2482
2483	foreach($plugins->fs_plugins as $plugin_id => $fs_plugin)
2484	{
2485	if (isset($plugins->db_plugins_by_id[$plugin_id]))
2486	{
2487	$state = $plugins->db_plugins_by_id[$plugin_id]['state'];
2488	}
2489	else
2490	{
2491	$state = 'uninstalled';
2492	}
2493
2494	array_push(
2495	$plugin_list,
2496	array(
2497	'id' => $plugin_id,
2498	'name' => $fs_plugin['name'],
2499	'version' => $fs_plugin['version'],
2500	'state' => $state,
2501	'description' => $fs_plugin['description'],
2502	)
2503	);
2504	}
2505
2506	return $plugin_list;
2507	}
2508
2509	function ws_plugins_performAction($params, &$service)
2510	{
2511	global $template;
2512
2513	if (!is_admin())
2514	{
2515	return new PwgError(401, 'Access denied');
2516	}
2517
2518	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2519	{
2520	return new PwgError(403, 'Invalid security token');
2521	}
2522
2523	define('IN_ADMIN', true);
2524	include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
2525	$plugins = new plugins();
2526	$errors = $plugins->perform_action($params['action'], $params['plugin']);
2527
2528
2529	if (!empty($errors))
2530	{
2531	return new PwgError(500, $errors);
2532	}
2533	else
2534	{
2535	if (in_array($params['action'], array('activate', 'deactivate')))
2536	{
2537	$template->delete_compiled_templates();
2538	}
2539	return true;
2540	}
2541	}
2542
2543	function ws_themes_performAction($params, &$service)
2544	{
2545	global $template;
2546
2547	if (!is_admin() \|\| is_adviser() )
2548	{
2549	return new PwgError(401, 'Access denied');
2550	}
2551
2552	if (empty($params['pwg_token']) or get_pwg_token() != $params['pwg_token'])
2553	{
2554	return new PwgError(403, 'Invalid security token');
2555	}
2556
2557	define('IN_ADMIN', true);
2558	include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
2559	$themes = new themes();
2560	$errors = $themes->perform_action($params['action'], $params['theme']);
2561
2562	if (!empty($errors))
2563	{
2564	return new PwgError(500, $errors);
2565	}
2566	else
2567	{
2568	if (in_array($params['action'], array('activate', 'deactivate')))
2569	{
2570	$template->delete_compiled_templates();
2571	}
2572	return true;
2573	}
2574	}
2575	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: