/**
* Delete files on the server
*
* @author Thibaud Rohmer
*/
public function delete()
{
/// Just to be really sure...
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
$del = File::r2a(stripslashes($_POST['del']));
if ($del == Settings::$photos_dir) {
return;
}
return AdminDelete::rec_del($del);
}
public static function small($file)
{
require_once dirname(__FILE__) . '/../phpthumb/phpthumb.class.php';
$basefile = new File($file);
$basepath = File::a2r($file);
$webimg = dirname($basepath) . "/" . $basefile->name . "_small." . $basefile->extension;
list($x, $y) = getimagesize($file);
if ($x <= 1200 && $y <= 1200) {
return $file;
}
$path = File::r2a($webimg, Settings::$thumbs_dir);
/// Create smaller image
if (!file_exists($path) || filectime($file) > filectime($path)) {
if (!file_exists(dirname($path))) {
@mkdir(dirname($path), 0755, true);
}
$thumb = new phpthumb();
$thumb->config_imagemagick_path = Settings::$imagemagick_path;
$thumb->setSourceData(file_get_contents($file));
$thumb->CalculateThumbnailDimensions();
$thumb->w = 1200;
$thumb->h = 1200;
$thumb->q = Settings::$quality_small;
if (File::Type($file) == 'Image' && Provider::get_orientation_degrees($file) != 0) {
$thumb->SourceImageToGD();
//$thumb->ra = Provider::get_orientation_degrees($file);
$thumb->Rotate();
}
$thumb->GenerateThumbnail();
$thumb->RenderToFile($path);
}
return $path;
}
/**
* Provide an image to the user, if he is allowed to
* see it. If $thumb is true, provide the thumb associated
* to the image.
*
* @param string $file
* @param string $thumb
* @return void
* @author Thibaud Rohmer
*/
public static function image($file, $thumb = false, $large = false, $output = true, $dl = false)
{
if (!Judge::view($file)) {
return;
}
if (function_exists("error_reporting")) {
error_reporting(0);
}
/// Check item
//~ if(!File::Type($file) || File::Type($file) != "Image"){
//~ return;
//~ }
if (File::Type($file) == "Video") {
$basefile = new File($file);
$basepath = File::a2r($file);
/// Build relative path to webimg
$path = Settings::$thumbs_dir . dirname($basepath) . "/" . $basefile->name . ".jpg";
Video::FastEncodeVideo($file, $basefile->extension);
$large = true;
}
if (!$large) {
try {
if ($thumb) {
$path = File::r2a(File::a2r($file), Settings::$thumbs_dir);
if (!file_exists($path) || filectime($file) > filectime($path)) {
require_once dirname(__FILE__) . '/../phpthumb/ThumbLib.inc.php';
/// Create directories
if (!file_exists(dirname($path))) {
@mkdir(dirname($path), 0750, true);
}
/// Create thumbnail
$thumb = PhpThumbFactory::create($file);
$thumb->resize(200, 200);
$thumb->save($path);
}
} else {
list($x, $y) = getimagesize($file);
if ($x > 800 || $y > 600) {
require_once dirname(__FILE__) . '/../phpthumb/ThumbLib.inc.php';
$basefile = new File($file);
$basepath = File::a2r($file);
/// Build relative path to webimg
$webimg = dirname($basepath) . "/" . $basefile->name . "_small." . $basefile->extension;
/// Set absolute path to comments file
$path = File::r2a($webimg, Settings::$thumbs_dir);
if (!file_exists($path) || filectime($file) > filectime($path)) {
/// Create smaller image
if (!file_exists(dirname($path))) {
@mkdir(dirname($path), 0755, true);
}
$thumb = PhpThumbFactory::create($file);
$thumb->resize(800, 600);
$thumb->save($path);
}
} else {
$path = $file;
}
}
} catch (Exception $e) {
// do nothing
}
}
if (!isset($path) || !file_exists($path)) {
$path = $file;
}
if ($output) {
if ($dl) {
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
header('Content-type: image/jpeg');
} else {
$expires = 60 * 60 * 24 * 14;
$last_modified_time = filemtime($path);
$last_modified_time = 0;
$etag = md5_file($file);
header("Last-Modified: " . 0 . " GMT");
header("Pragma: public");
header("Cache-Control: max-age=360000");
header("Etag: {$etag}");
header("Cache-Control: maxage=" . $expires);
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + $expires) . ' GMT');
header('Content-type: image/jpeg');
}
readfile($path);
}
}
/**
* Retrieves info for the current user account
*
* @author Thibaud Rohmer
*/
public static function init()
{
CurrentUser::$accounts_file = Settings::$conf_dir . "/accounts.xml";
CurrentUser::$groups_file = Settings::$conf_dir . "/groups.xml";
/// Set path
if (isset($_GET['f'])) {
CurrentUser::$path = stripslashes(File::r2a($_GET['f']));
if (isset($_GET['p'])) {
switch ($_GET['p']) {
case 'n':
CurrentUser::$path = File::next(CurrentUser::$path);
break;
case 'p':
CurrentUser::$path = File::prev(CurrentUser::$path);
break;
}
}
} else {
/// Path not defined in URL
CurrentUser::$path = Settings::$photos_dir;
}
/// Set CurrentUser account
if (isset($_SESSION['login'])) {
self::$account = new Account($_SESSION['login']);
// groups sometimes can be null
$groups = self::$account->groups === NULL ? array() : self::$account->groups;
self::$admin = in_array("root", $groups);
self::$uploader = in_array("uploaders", $groups);
}
/// Set action (needed for page layout)
if (isset($_GET['t'])) {
switch ($_GET['t']) {
case "Page":
case "Img":
case "Thb":
CurrentUser::$action = $_GET['t'];
break;
case "Big":
case "BDl":
case "Zip":
if (!Settings::$nodownload) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Reg":
if (isset($_POST['login']) && isset($_POST['password'])) {
if (!Account::create($_POST['login'], $_POST['password'], $_POST['verif'])) {
echo "Error creating account.";
}
}
case "Log":
if (isset($_SESSION['login'])) {
CurrentUser::logout();
echo "logged out";
break;
}
if (isset($_POST['login']) && isset($_POST['password'])) {
try {
if (!CurrentUser::login($_POST['login'], $_POST['password'])) {
echo "Wrong password";
}
} catch (Exception $e) {
echo "Account not found";
}
}
if (!isset(CurrentUser::$account)) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Acc":
if (isset($_POST['old_password'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email']);
}
CurrentUser::$action = "Acc";
break;
case "Adm":
if (CurrentUser::$admin) {
CurrentUser::$action = "Adm";
}
break;
case "Com":
Comments::add(CurrentUser::$path, $_POST['content'], $_POST['login']);
break;
case "Rig":
Judge::edit(CurrentUser::$path, $_POST['users'], $_POST['groups'], true);
CurrentUser::$action = "Judge";
break;
case "Pub":
Judge::edit(CurrentUser::$path);
CurrentUser::$action = "Judge";
break;
case "Pri":
Judge::edit(CurrentUser::$path, array(), array(), true);
CurrentUser::$action = "Judge";
break;
case "Inf":
CurrentUser::$action = "Inf";
break;
case "Fs":
if (is_file(CurrentUser::$path)) {
CurrentUser::$action = "Fs";
}
break;
default:
CurrentUser::$action = "Page";
break;
}
} else {
CurrentUser::$action = "Page";
}
if (isset($_GET['a']) && CurrentUser::$action != "Adm") {
if (CurrentUser::$admin || CurrentUser::$uploader) {
new Admin();
}
}
if (isset($_GET['j'])) {
CurrentUser::$action = "JS";
}
/// Set default action
if (!isset(CurrentUser::$action)) {
CurrentUser::$action = "Page";
}
/// Throw exception if accounts file is missing
if (!file_exists(CurrentUser::$accounts_file)) {
throw new Exception("Accounts file missing", 69);
}
/// Create Group File if it doesn't exist
if (!file_exists(CurrentUser::$groups_file)) {
Group::create_group_file();
}
if (isset(CurrentUser::$account)) {
CurrentUser::$admin = in_array("root", CurrentUser::$account->groups);
}
}
/**
* Check if a file is viewable in a folder, and returns path to that file.
*/
public static function searchDir($dir, $public_search = false)
{
$rightsdir = File::r2a(File::a2r($dir), Settings::$thumbs_dir);
$rightsfiles = glob($rightsdir . "/.*ights.xml");
// Check files
foreach ($rightsfiles as $rf) {
$f = Judge::associated_file($rf);
if ($public_search and Judge::is_public($f) or !$public_search and Judge::view($f)) {
if (is_file($f)) {
return $f;
} else {
foreach (Menu::list_files($f, true) as $p) {
if ($public_search and Judge::is_public($p) or !$public_search and Judge::view($p)) {
return $p;
}
}
}
}
}
// Check subdirs
foreach (Menu::list_dirs($dir) as $d) {
if ($f = Judge::searchDir($d, $public_search)) {
return $f;
}
}
return false;
}
/**
* Returns path to associated file
*/
public static function associated_file($rf)
{
$associated_dir = File::r2a(File::a2r(dirname($rf), Settings::$thumbs_dir), Settings::$photos_dir);
if (basename($rf) == ".rights.xml") {
return $associated_dir;
} else {
return $associated_dir . "/" . substr(basename($rf), 1, -11);
}
}
/**
* Path comes in, relative and absolute path come out
*
* @param string $path
* @return void
* @author Thibaud Rohmer
*/
public static function paths($path, $dir = NULL)
{
if (!isset($dir)) {
$dir = Settings::$photos_dir;
}
try {
$rel = File::a2r($path, $dir);
$abs = $path;
} catch (Exception $e) {
// This path is already relative
$rel = $path;
$abs = File::r2a($path, $dir);
}
return array($rel, $abs);
}
/**
* Delete files on the server
*
* @author Thibaud Rohmer
*/
public function delete()
{
/// Just to be really sure...
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
if (!is_array($_POST['del'])) {
$del = File::r2a(stripslashes($_POST['del']));
return Admin::rec_del($del);
} else {
foreach ($_POST['del'] as $todel) {
$del = File::r2a(stripslashes($todel));
Admin::rec_del($del);
}
}
}
/**
* Read comments for item $file
*
* @param string $file
* @author Thibaud Rohmer
*/
public function __construct($file = null)
{
/// No item, no comment !
if (!isset($file)) {
return;
}
/// Set variables
$this->file = $file;
$settings = new Settings();
$basefile = new File($file);
$basepath = File::a2r($file);
/// Urlencode basepath
$this->webfile = urlencode(File::a2r($file));
/// Build relative path to comments file
if (is_file($file)) {
$comments = dirname($basepath) . "/." . basename($file) . "_comments.xml";
} else {
$comments = $basepath . "/.comments.xml";
}
/// Set absolute path to comments file
$this->commentsfile = File::r2a($comments, Settings::$thumbs_dir);
/// Check that comments file exists
if (file_exists($this->commentsfile)) {
$this->parse_comments_file();
}
}
/**
* Create admin page
*
* @author Thibaud Rohmer
*/
public function __construct()
{
/// Check that current user is an admin or an uploader
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Get actions available for Uploaders too
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Abo":
$this->page = new AdminAbout();
break;
case "Upl":
if (isset($_POST['path'])) {
AdminUpload::upload();
CurrentUser::$path = File::r2a(stripslashes($_POST['path']));
}
$this->page = new AdminFiles();
break;
case "Mov":
if (isset($_POST['pathFrom'])) {
try {
CurrentUser::$path = File::r2a(dirname(stripslashes($_POST['pathFrom'])));
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
AdminMove::move();
if (isset($_POST['move']) && $_POST['move'] == "rename") {
try {
// if(is_dir(File::r2a(stripslashes($_POST['pathFrom'])))){
// CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['pathFrom'])))."/".stripslashes($_POST['pathTo']);
// }
} catch (Exception $e) {
CurrentUser::$path = Settings::$photos_dir;
}
}
$this->page = new AdminFiles();
break;
case "Del":
if (isset($_POST['del'])) {
CurrentUser::$path = dirname(File::r2a(stripslashes($_POST['del'])));
AdminDelete::delete();
}
$this->page = new AdminFiles();
break;
}
}
/// Check that current user is an admin
if (!CurrentUser::$admin) {
return;
}
/// Get action
if (isset($_GET['a'])) {
switch ($_GET['a']) {
case "Sta":
$this->page = new AdminStats();
break;
case "Acc":
if (isset($_POST['old_password'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email']);
}
if (isset($_POST['login'])) {
$this->page = new Account($_POST['login']);
} else {
$this->page = CurrentUser::$account;
}
break;
case "GC":
Group::create($_POST['group']);
$this->page = new JSAccounts();
break;
case "AAc":
Account::create($_POST['login'], $_POST['password'], $_POST['verif']);
$this->page = new JSAccounts();
break;
case "AGA":
$a = new Account($_POST['acc']);
$a->add_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "AGR":
$a = new Account($_POST['acc']);
$a->remove_group($_POST['group']);
$a->save();
$this->page = CurrentUser::$account;
break;
case "ADe":
Account::delete($_POST['name']);
$this->page = new JSAccounts();
break;
case "GDe":
Group::delete($_POST['name']);
$this->page = new JSAccounts();
break;
case "CDe":
CurrentUser::$path = File::r2a($_POST['image']);
Comments::delete($_POST['image'], $_POST['date']);
$this->page = new MainPage();
break;
case "Fil":
$this->page = new AdminFiles();
break;
case "JS":
break;
case "EdA":
$this->page = new JSAccounts();
break;
case "GAl":
if (isset($_POST['path'])) {
Settings::gener_all(File::r2a(stripslashes($_POST['path'])));
}
case "Set":
if (isset($_POST['name'])) {
Settings::set();
}
$this->page = new Settings();
break;
}
}
if (!isset($this->page)) {
$this->page = new AdminStats();
}
/// Create menu
$this->menu = new AdminMenu();
}
/**
* Upload files on the server
*
* @author Thibaud Rohmer
*/
public function upload()
{
$allowedExtensions = array("tiff", "jpg", "jpeg", "gif", "png");
/// Just to be really sure ffmpeg enable - necessary generate thumbnail jpg and webm
if (Settings::$encode_video) {
array_push($allowedExtensions, "flv", "mov", "mpg", "mp4", "ogv", "mts", "3gp", "webm");
}
$already_set_rights = false;
/// Just to be really sure...
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Set upload path
$path = stripslashes(File::r2a($_POST['path']));
/// Create dir and update upload path if required
if (strlen(stripslashes($_POST['newdir'])) > 0 && !strpos(stripslashes($_POST['newdir']), '..')) {
$path = $path . "/" . stripslashes($_POST['newdir']);
if (!file_exists($path)) {
@mkdir($path, 0750, true);
@mkdir(File::r2a(File::a2r($path), Settings::$thumbs_dir), 0750, true);
}
/// Setup rights
if (!isset($_POST['inherit'])) {
if (isset($_POST['public'])) {
Judge::edit($path);
} else {
Judge::edit($path, $_POST['users'], $_POST['groups']);
}
}
$already_set_rights = true;
}
if (!isset($_FILES["images"])) {
return;
}
/// Treat uploaded files
foreach ($_FILES["images"]["error"] as $key => $error) {
// Check that file is uploaded
if ($error == UPLOAD_ERR_OK) {
// Name of the stored file
$tmp_name = $_FILES["images"]["tmp_name"][$key];
// Name on the website
$name = $_FILES["images"]["name"][$key];
$info = pathinfo($name);
$base_name = basename($name, '.' . $info['extension']);
// Check filetype
if (!in_array(strtolower($info['extension']), $allowedExtensions)) {
continue;
}
// Rename until this name isn't taken
$i = 1;
while (file_exists("{$path}/{$name}")) {
$name = $base_name . "-" . $i . "." . $info['extension'];
$i++;
}
// Save the files
if (move_uploaded_file($tmp_name, "{$path}/{$name}")) {
// $done .= "Successfully uploaded $name";
Video::FastEncodeVideo("{$path}/{$name}");
}
/// Setup rights
if (!$already_set_rights && !isset($_POST['inherit'])) {
if (isset($_POST['public'])) {
Judge::edit($path);
} else {
Judge::edit($path, $_POST['users'], $_POST['groups']);
}
}
}
}
}
/**
* Upload files on the server
*
* @author Thibaud Rohmer
*/
public function move()
{
/// Just to be really sure...
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
$from = File::r2a(stripslashes($_POST['pathFrom']));
$to = File::r2a(stripslashes($_POST['pathTo']));
$type = $_POST['move'];
if ($from == $to) {
return;
}
if ($type == "rename") {
@rename($from, dirname($from) . "/" . stripslashes($_POST['pathTo']));
return;
}
if (is_file($from) || $type == "directory") {
@rename($from, $to . "/" . basename($from));
return;
}
/// We are moving multiple files
$files = scandir($from);
foreach ($files as $file) {
if ($file != "." && $file != "..") {
@rename($from . "/" . $file, $to . "/" . $file);
}
}
return;
}
/**
* Return image(s) $img
*/
public static function get_img($key, $img, $t = 'large')
{
if (is_array($img)) {
$res = array();
foreach ($img as $i) {
$p = get_img($key, $i, $t);
if (isset($p)) {
$res[] = $p;
}
}
return $res;
} else {
$i = File::r2a($img);
if (Judge::view($i)) {
switch ($t) {
case "thumb":
return file_get_contents(Provider::thumb($i));
case "small":
return file_get_contents(Provider::small($i));
case "large":
default:
return file_get_contents($i);
}
}
}
}
