Changeset 25845


Ignore:
Timestamp:
Dec 8, 2013, 2:53:40 PM (7 years ago)
Author:
mistic100
Message:

photo owner has access to quick edit and delete !

Location:
extensions/AdminTools
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • extensions/AdminTools/include/events.inc.php

    r25818 r25845  
    88function admintools_add_public_controller()
    99{
    10   global $MultiView, $conf, $template, $page, $user;
    11 
    12   if (!$MultiView->is_admin())
     10  global $MultiView, $conf, $template, $page, $user, $picture;
     11
     12  $url_root = get_root_url();
     13  $tpl_vars = array();
     14
     15  if ($MultiView->is_admin())
     16  { // full options for admin
     17    $tpl_vars['U_SITE_ADMIN'] =     $url_root . 'admin.php?page=';
     18    $tpl_vars['MULTIVIEW'] =        $MultiView->get_data();
     19    $tpl_vars['USER'] =             $MultiView->get_user();
     20    $tpl_vars['CURRENT_USERNAME'] = $user['id']==$conf['guest_id'] ? l10n('guest') : $user['username'];
     21    $tpl_vars['DELETE_CACHE'] =     isset($conf['multiview_invalidate_cache']);
     22
     23    include_once(PHPWG_ROOT_PATH . 'include/functions_mail.inc.php');
     24    switch_lang_to(get_default_language());
     25  }
     26  else if (script_basename() == 'picture' and $picture['current']['added_by'] == $user['id'])
     27  { // only "edit" button for photo owner
     28  }
     29  else
    1330  {
    1431    return;
    1532  }
    1633
    17   $url_root = get_root_url();
    18 
    19   $tpl_vars = array(
    20     'U_SITE_ADMIN' =>     $url_root . 'admin.php?page=',
    21     'MULTIVIEW' =>        $MultiView->get_data(),
    22     'U_SELF' =>           $MultiView->get_clean_url(true),
    23     'USER' =>             $MultiView->get_user(),
    24     'CURRENT_USERNAME' => $user['id']==$conf['guest_id'] ? l10n('guest') : $user['username'],
    25     'PWG_TOKEN' =>        get_pwg_token(),
    26     'DELETE_CACHE' =>     isset($conf['multiview_invalidate_cache']),
    27     );
    28 
    29   // switch_lang is in mail functions file
    30   include_once(PHPWG_ROOT_PATH . 'include/functions_mail.inc.php');
    31 
    32   switch_lang_to(get_default_language());
    33 
    34   // TODO : param to allow owner modification
     34  $tpl_vars['U_SELF'] = $MultiView->get_clean_url(true);
     35
     36  // photo page
    3537  if (script_basename() == 'picture')
    3638  {
    37     global $picture;
    38 
    39     include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
    40 
    4139    $url_self = duplicate_picture_url();
    42 
    4340    $tpl_vars['IS_PICTURE'] = true;
    4441
    45     $template->clear_assign(array(
    46       'U_SET_AS_REPRESENTATIVE',
    47       'U_PHOTO_ADMIN',
    48       'U_CADDIE',
    49       ));
    50 
    51     $template->set_prefilter('picture', 'admintools_remove_privacy');
    52 
    53     $query = '
     42    // admin can add to caddie and set representattive
     43    if ($MultiView->is_admin())
     44    {
     45      $template->clear_assign(array(
     46        'U_SET_AS_REPRESENTATIVE',
     47        'U_PHOTO_ADMIN',
     48        'U_CADDIE',
     49        ));
     50
     51      $template->set_prefilter('picture', 'admintools_remove_privacy');
     52
     53      $tpl_vars['U_CADDIE'] = add_url_params(
     54        $url_self,
     55        array('action'=>'add_to_caddie')
     56        );
     57
     58      $query = '
    5459SELECT element_id FROM ' . CADDIE_TABLE . '
    5560  WHERE element_id = ' . $page['image_id'] .'
    5661;';
    57     $tpl_vars['IS_IN_CADDIE'] = pwg_db_num_rows(pwg_query($query)) > 0;
    58 
    59     if (isset($page['category']))
    60     {
    61       $tpl_vars['CATEGORY_ID'] = $page['category']['id'];
    62 
    63       $tpl_vars['U_SET_REPRESENTATIVE'] = add_url_params(
    64         $url_self,
    65         array('action'=>'set_as_representative')
    66         );
    67 
    68       $query = '
     62      $tpl_vars['IS_IN_CADDIE'] = pwg_db_num_rows(pwg_query($query)) > 0;
     63
     64      if (isset($page['category']))
     65      {
     66        $tpl_vars['CATEGORY_ID'] = $page['category']['id'];
     67
     68        $tpl_vars['U_SET_REPRESENTATIVE'] = add_url_params(
     69          $url_self,
     70          array('action'=>'set_as_representative')
     71          );
     72
     73        $query = '
    6974SELECT id FROM ' . CATEGORIES_TABLE.'
    7075  WHERE id = ' . $page['category']['id'] .'
    7176    AND representative_picture_id = ' . $page['image_id'] .'
    7277;';
    73       $tpl_vars['IS_REPRESENTATIVE'] = pwg_db_num_rows(pwg_query($query)) > 0;
    74     }
    75 
    76     $tpl_vars['U_EDIT'] = $url_root . 'admin.php?page=photo-' . $page['image_id']
    77       .(isset($page['category']) ? '&cat_id=' . $page['category']['id'] : '');
    78 
    79     $tpl_vars['U_CADDIE'] = add_url_params(
    80       $url_self,
    81       array('action'=>'add_to_caddie')
     78        $tpl_vars['IS_REPRESENTATIVE'] = pwg_db_num_rows(pwg_query($query)) > 0;
     79      }
     80
     81      $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=photo-' . $page['image_id']
     82        .(isset($page['category']) ? '&cat_id=' . $page['category']['id'] : '');
     83    }
     84
     85    $tpl_vars['U_DELETE'] = add_url_params(
     86      $url_self, array(
     87        'delete'=>'',
     88        'pwg_token'=>get_pwg_token()
     89        )
    8290      );
    8391
    8492    // gets tags (full available list is loaded in ajax)
     93    include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
     94
    8595    $query = '
    8696SELECT id, name
     
    102112      );
    103113  }
    104   else if (@$page['section'] == 'categories' and isset($page['category']))
     114  // album page (admin only)
     115  else if ($MultiView->is_admin() and @$page['section'] == 'categories' and isset($page['category']))
    105116  {
    106117    $url_self = duplicate_index_url();
     
    114125      ));
    115126
    116     $tpl_vars['U_EDIT'] = $url_root . 'admin.php?page=album-' . $page['category']['id'];
     127    $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=album-' . $page['category']['id'];
    117128
    118129    if (!empty($page['items']))
     
    151162  $template->parse('ato_public_controller');
    152163
    153   switch_lang_back();
     164  if ($MultiView->is_admin())
     165  {
     166    switch_lang_back();
     167  }
    154168}
    155169
     
    170184function admintools_save_picture()
    171185{
    172   global $page, $conf, $MultiView;
    173 
    174   if (!$MultiView->is_admin())
     186  global $page, $conf, $MultiView, $user, $picture;
     187
     188  $query = 'SELECT added_by FROM '. IMAGES_TABLE .' WHERE id = '. $page['image_id'] .';';
     189  list($added_by) = pwg_db_fetch_row(pwg_query($query));
     190
     191  if (!$MultiView->is_admin() && $user['id'] != $added_by)
    175192  {
    176193    return;
     
    205222      'name' =>   $_POST['name'],
    206223      'author' => $_POST['author'],
    207       'level' =>  $_POST['level'],
    208       );
     224      );
     225
     226    if ($MultiView->is_admin())
     227    {
     228      $data['level'] = $_POST['level'];
     229    }
    209230
    210231    if ($conf['allow_html_descriptions'])
     
    249270    return;
    250271  }
    251  
     272
    252273  if (@$_POST['action'] == 'quick_edit')
    253274  {
     
    270291      array('id' => $page['category']['id'])
    271292      );
    272      
     293
    273294    redirect(duplicate_index_url());
    274295  }
  • extensions/AdminTools/main.inc.php

    r25818 r25845  
    3939add_event_handler('register_user', array('MultiView', 'invalidate_cache'));
    4040
     41if (!defined('IN_ADMIN'))
     42{
     43  add_event_handler('loc_after_page_header', 'admintools_add_public_controller');
     44  add_event_handler('loc_begin_picture', 'admintools_save_picture');
     45  add_event_handler('loc_begin_index', 'admintools_save_category');
     46}
     47
    4148
    4249// +-----------------------------------------------------------------------+
     
    4653{
    4754  global $MultiView;
    48  
    49   if (!defined('IN_ADMIN') && $MultiView->is_admin())
    50   {
    51     add_event_handler('loc_after_page_header', 'admintools_add_public_controller');
    52     add_event_handler('loc_begin_picture', 'admintools_save_picture');
    53     add_event_handler('loc_begin_index', 'admintools_save_category');
    54   }
    55  
     55
    5656  load_language('plugin.lang', ADMINTOOLS_PATH);
    5757
     
    6161  // $maintain = new AdminTools_maintain(ADMINTOOLS_ID);
    6262  // $maintain->autoUpdate(ADMINTOOLS_VERSION, 'install');
    63  
     63
    6464  // $conf['AdminTools'] = unserialize($conf['AdminTools']);
    6565}
  • extensions/AdminTools/template/public_controller.tpl

    r25839 r25845  
    3333{footer_script require='admintools.controller'}
    3434AdminTools.urlWS = '{$ROOT_URL}ws.php?format=json&method=';
     35
     36{if isset($ato.MULTIVIEW)}
    3537AdminTools.multiView = {
    3638  view_as: {$ato.MULTIVIEW.view_as},
     
    3840  lang: '{$ato.MULTIVIEW.lang}'
    3941};
     42{/if}
    4043
    4144{if $ato.DELETE_CACHE}
     
    6770  <ul>
    6871    <li><a href="#" class="icon-ato-cancel close-panel"></a></li>
     72  {if isset($ato.U_SITE_ADMIN)}
    6973    <li class="parent"><a href="#" class="icon-menu ato-hide-1">{'Administration'|translate}</a>
    7074      <ul>
     
    7781      </ul>
    7882    </li>
    79   {if isset($ato.U_EDIT)}
     83  {/if}
     84  {if isset($ato.U_ADMIN_EDIT)}
    8085    <li class="parent"><a href="#" class="icon-pencil ato-hide-2">{'Edit'|translate}</a>
    8186      <ul>
    8287        <li><a href="#ato_quick_edit" class="icon-ato-flash edit-quick">{'Quick edit'|translate}</a></li>
    83         <li><a class="icon-ato-doc-text-inv" href="{$ato.U_EDIT}">{'Properties page'|translate}</a></li>
    84       {if isset($ato.IS_PICTURE)}
    85                                 <li style="margin-top:1em;"><a class="icon-ato-cancel" href="{$ato.U_SELF}delete&amp;pwg_token={$ato.PWG_TOKEN}" onclick="return confirm('{'Are you sure?'|translate|escape:javascript}')">{'delete photo'|translate|ucfirst}</a></li>
     88        <li><a class="icon-ato-doc-text-inv" href="{$ato.U_ADMIN_EDIT}">{'Properties page'|translate}</a></li>
     89      {if isset($ato.U_DELETE)}
     90                                <li style="margin-top:1em;"><a class="icon-ato-cancel" href="{$ato.U_DELETE}" onclick="return confirm('{'Are you sure?'|translate|escape:javascript}')">{'delete photo'|translate|ucfirst}</a></li>
    8691      {/if}
    8792      </ul>
    8893    </li>
     94  {else if isset($ato.QUICK_EDIT)}
     95    <li><a href="#ato_quick_edit" class="icon-pencil edit-quick ato-hide-2">{'Edit'|translate}</a></li>
     96    {if isset($ato.U_DELETE)}
     97      <li><a class="icon-ato-cancel ato-hide-2" href="{$ato.U_DELETE}" onclick="return confirm('{'Are you sure?'|translate|escape:javascript}')">{'delete photo'|translate|ucfirst}</a></li>
     98    {/if}
    8999  {/if}
    90100  {if isset($ato.U_SET_REPRESENTATIVE)}
     
    99109    <li class="saved"><span class="icon-ato-ok ato-hide-1">{'Saved'|translate}</span></li>
    100110
     111  {if isset($ato.MULTIVIEW)}
    101112    <li class="parent right multiview"><a class="icon-cog-alt ato-hide-1" href="#">{'Tools'|translate}</a>
    102113      <ul>
     
    118129      </ul>
    119130    </li>
    120   {if $ato.USER.id != $ato.MULTIVIEW.view_as}
     131    {if $ato.USER.id != $ato.MULTIVIEW.view_as}
    121132    <li class="right">
    122133      &nbsp;&nbsp;{'Viewing as <b>%s</b>.'|translate:$ato.CURRENT_USERNAME}
    123134      <a href="{$ato.U_SELF}ato_view_as={$ato.USER.id}">{'Revert'|translate}</a>
    124135    </li>
     136    {/if}
    125137  {/if}
    126138  </ul>
     
    156168        </select>
    157169
     170        {if isset($available_permission_levels)}
    158171        <label for="quick_edit_level">{'Who can see this photo?'|@translate}</label>
    159172        <select name="level" size="1">
    160173          {html_options options=$available_permission_levels selected=$ato.QUICK_EDIT.level}
    161174        </select>
     175        {/if}
    162176      {/if}
    163177
Note: See TracChangeset for help on using the changeset viewer.