function TAT_no_photo_yet()
{
global $template;
load_language('plugin.lang', PHPWG_PLUGINS_PATH . 'TakeATour/');
$template->set_prefilter('no_photo_yet', 'TAT_no_photo_yet_prefilter');
$template->assign(array('F_ACTION' => get_root_url() . 'admin.php', 'pwg_token' => get_pwg_token()));
}
switch ($_GET['installstatus']) {
case 'ok':
$page['infos'][] = l10n('Theme has been successfully installed');
break;
case 'temp_path_error':
$page['errors'][] = l10n('Can\'t create temporary file.');
break;
case 'dl_archive_error':
$page['errors'][] = l10n('Can\'t download archive.');
break;
case 'archive_error':
$page['errors'][] = l10n('Can\'t read or extract archive.');
break;
default:
$page['errors'][] = l10n('An error occured during extraction (%s).', htmlspecialchars($_GET['installstatus']));
}
}
// +-----------------------------------------------------------------------+
// | template output |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('themes' => 'themes_new.tpl'));
if ($themes->get_server_themes(true)) {
foreach ($themes->server_themes as $theme) {
$url_auto_install = htmlentities($base_url) . '&revision=' . $theme['revision_id'] . '&extension=' . $theme['extension_id'] . '&pwg_token=' . get_pwg_token();
$template->append('new_themes', array('name' => $theme['extension_name'], 'thumbnail' => PEM_URL . '/upload/extension-' . $theme['extension_id'] . '/thumbnail.jpg', 'screenshot' => PEM_URL . '/upload/extension-' . $theme['extension_id'] . '/screenshot.jpg', 'install_url' => $url_auto_install));
}
} else {
$page['errors'][] = l10n('Can\'t connect to server.');
}
$template->assign('default_screenshot', get_root_url() . 'admin/themes/' . $conf['admin_theme'] . '/images/missing_screenshot.png');
$template->assign_var_from_handle('ADMIN_CONTENT', 'themes');
WHERE group_id IN (' . implode(',', $group_granted_ids) . ')
';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
if (!isset($granted_groups[$row['group_id']])) {
$granted_groups[$row['group_id']] = array();
}
$granted_groups[$row['group_id']][] = $row['user_id'];
}
$user_granted_by_group_ids = array();
foreach ($granted_groups as $group_users) {
$user_granted_by_group_ids = array_merge($user_granted_by_group_ids, $group_users);
}
$user_granted_by_group_ids = array_unique($user_granted_by_group_ids);
$user_granted_indirect_ids = array_diff($user_granted_by_group_ids, $user_granted_direct_ids);
$template->assign('nb_users_granted_indirect', count($user_granted_indirect_ids));
foreach ($granted_groups as $group_id => $group_users) {
$group_usernames = array();
foreach ($group_users as $user_id) {
if (in_array($user_id, $user_granted_indirect_ids)) {
$group_usernames[] = $users[$user_id];
}
}
$template->append('user_granted_indirect_groups', array('group_name' => $groups[$group_id], 'group_users' => implode(', ', $group_usernames)));
}
}
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'INHERIT' => $conf['inheritance_by_default'], 'CACHE_KEYS' => get_admin_client_cache_keys(array('groups', 'users'))));
$template->assign_var_from_handle('ADMIN_CONTENT', 'cat_perm');
// | group list |
// +-----------------------------------------------------------------------+
$query = '
SELECT id, name, is_default
FROM ' . GROUPS_TABLE . '
ORDER BY name ASC
;';
$result = pwg_query($query);
$admin_url = get_root_url() . 'admin.php?page=';
$perm_url = $admin_url . 'group_perm&group_id=';
$del_url = $admin_url . 'group_list&delete=';
$toggle_is_default_url = $admin_url . 'group_list&toggle_is_default=';
while ($row = pwg_db_fetch_assoc($result)) {
$query = '
SELECT u.' . $conf['user_fields']['username'] . ' AS username
FROM ' . USERS_TABLE . ' AS u
INNER JOIN ' . USER_GROUP_TABLE . ' AS ug
ON u.' . $conf['user_fields']['id'] . ' = ug.user_id
WHERE ug.group_id = ' . $row['id'] . '
;';
$members = array();
$res = pwg_query($query);
while ($us = pwg_db_fetch_assoc($res)) {
$members[] = $us['username'];
}
$template->append('groups', array('NAME' => $row['name'], 'ID' => $row['id'], 'IS_DEFAULT' => get_boolean($row['is_default']) ? ' [' . l10n('default') . ']' : '', 'NB_MEMBERS' => count($members), 'L_MEMBERS' => implode(' <span class="userSeparator">·</span> ', $members), 'MEMBERS' => l10n_dec('%d member', '%d members', count($members)), 'U_DELETE' => $del_url . $row['id'] . '&pwg_token=' . get_pwg_token(), 'U_PERM' => $perm_url . $row['id'], 'U_ISDEFAULT' => $toggle_is_default_url . $row['id'] . '&pwg_token=' . get_pwg_token()));
}
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'group_list');
/**
* API method
* Returns info about the current user
* @param mixed[] $params
*/
function ws_session_getStatus($params, &$service)
{
global $user, $conf;
$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
foreach (array('status', 'theme', 'language') as $k) {
$res[$k] = $user[$k];
}
$res['pwg_token'] = get_pwg_token();
$res['charset'] = get_pwg_charset();
list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
$res['current_datetime'] = $dbnow;
$res['version'] = PHPWG_VERSION;
if (is_admin()) {
$res['upload_file_types'] = implode(',', array_unique(array_map('strtolower', $conf['upload_form_all_types'] ? $conf['file_ext'] : $conf['picture_ext'])));
$res['upload_form_chunk_size'] = $conf['upload_form_chunk_size'];
}
return $res;
}
// | form options |
// +-----------------------------------------------------------------------+
$query = '
SELECT
pm.*,
uppercats
FROM ' . PFEMAIL_MAILBOXES_TABLE . ' AS pm
JOIN ' . CATEGORIES_TABLE . ' AS c ON c.id = category_id
ORDER BY pm.id DESC
;';
$mailboxes = query2array($query);
foreach ($mailboxes as $idx => $mailbox) {
$mailboxes[$idx]['album'] = get_cat_display_name_cache($mailbox['uppercats'], null, false);
$mailboxes[$idx]['data'] = json_encode($mailbox);
}
$template->assign(array('mailboxes' => $mailboxes, 'PWG_TOKEN' => get_pwg_token()));
// list of albums
$query = '
SELECT id,name,uppercats,global_rank
FROM ' . CATEGORIES_TABLE . '
;';
display_select_cat_wrapper($query, isset($category_options_selected) ? $category_options_selected : array(), 'category_options');
// groups
$query = '
SELECT id
FROM ' . GROUPS_TABLE . '
;';
$group_ids = query2array($query, null, 'id');
$query = '
SELECT id
FROM ' . GROUPS_TABLE . '
$user_ids[] = $row['id'];
}
$template->assign(array('users' => $users, 'all_users' => join(',', $user_ids), 'ACTIVATE_COMMENTS' => $conf['activate_comments'], 'Double_Password' => $conf['double_password_type_in_admin']));
$default_user = get_default_user_info(true);
$protected_users = array($user['id'], $conf['guest_id'], $conf['default_user_id'], $conf['webmaster_id']);
// an admin can't delete other admin/webmaster
if ('admin' == $user['status']) {
$query = '
SELECT
user_id
FROM ' . USER_INFOS_TABLE . '
WHERE status IN (\'webmaster\', \'admin\')
;';
$protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
}
$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'NB_IMAGE_PAGE' => $default_user['nb_image_page'], 'RECENT_PERIOD' => $default_user['recent_period'], 'theme_options' => get_pwg_themes(), 'theme_selected' => get_default_theme(), 'language_options' => get_languages(), 'language_selected' => get_default_language(), 'association_options' => $groups, 'protected_users' => implode(',', array_unique($protected_users)), 'guest_user' => $conf['guest_id']));
// Status options
foreach (get_enums(USER_INFOS_TABLE, 'status') as $status) {
$label_of_status[$status] = l10n('user_status_' . $status);
}
$pref_status_options = $label_of_status;
// a simple "admin" can set/remove statuses webmaster/admin
if ('admin' == $user['status']) {
unset($pref_status_options['webmaster']);
unset($pref_status_options['admin']);
}
$template->assign('label_of_status', $label_of_status);
$template->assign('pref_status_options', $pref_status_options);
$template->assign('pref_status_selected', 'normal');
// user level options
foreach ($conf['available_permission_levels'] as $level) {
/**
* API method
* Removes permissions
* @param mixed[] $params
* @option int[] cat_id
* @option int[] group_id (optional)
* @option int[] user_id (optional)
*/
function ws_permissions_remove($params, &$service)
{
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
$cat_ids = get_subcat_ids($params['cat_id']);
if (!empty($params['group_id'])) {
$query = '
DELETE
FROM ' . GROUP_ACCESS_TABLE . '
WHERE group_id IN (' . implode(',', $params['group_id']) . ')
AND cat_id IN (' . implode(',', $cat_ids) . ')
;';
pwg_query($query);
}
if (!empty($params['user_id'])) {
$query = '
DELETE
FROM ' . USER_ACCESS_TABLE . '
WHERE user_id IN (' . implode(',', $params['user_id']) . ')
AND cat_id IN (' . implode(',', $cat_ids) . ')
;';
pwg_query($query);
}
return $service->invoke('pwg.permissions.getList', array('cat_id' => $params['cat_id']));
}
ON c.id=i.storage_category_id
WHERE c.site_id IS NOT NULL
GROUP BY c.site_id
;';
$sites_detail = hash_from_query($query, 'site_id');
$query = '
SELECT *
FROM ' . SITES_TABLE . '
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$is_remote = url_is_remote($row['galleries_url']);
$base_url = PHPWG_ROOT_PATH . 'admin.php';
$base_url .= '?page=site_manager';
$base_url .= '&site=' . $row['id'];
$base_url .= '&pwg_token=' . get_pwg_token();
$base_url .= '&action=';
$update_url = PHPWG_ROOT_PATH . 'admin.php';
$update_url .= '?page=site_update';
$update_url .= '&site=' . $row['id'];
$tpl_var = array('NAME' => $row['galleries_url'], 'TYPE' => l10n($is_remote ? 'Remote' : 'Local'), 'CATEGORIES' => (int) @$sites_detail[$row['id']]['nb_categories'], 'IMAGES' => (int) @$sites_detail[$row['id']]['nb_images'], 'U_SYNCHRONIZE' => $update_url);
if ($row['id'] != 1) {
$tpl_var['U_DELETE'] = $base_url . 'delete';
}
$plugin_links = array();
//$plugin_links is array of array composed of U_HREF, U_HINT & U_CAPTION
$plugin_links = trigger_change('get_admins_site_links', $plugin_links, $row['id'], $is_remote);
$tpl_var['plugin_links'] = $plugin_links;
$template->append('sites', $tpl_var);
}
$template->assign_var_from_handle('ADMIN_CONTENT', 'site_manager');
$query = '
SELECT
name
FROM ' . GROUPS_TABLE . '
WHERE id = ' . $_POST['group'] . '
;';
list($group_name) = pwg_db_fetch_row(pwg_query($query));
$page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
}
unset_make_full_url();
}
// +-----------------------------------------------------------------------+
// | template initialization |
// +-----------------------------------------------------------------------+
$template->set_filename('album_notification', 'album_notification.tpl');
$template->assign(array('CATEGORIES_NAV' => get_cat_display_name_from_id($page['cat'], 'admin.php?page=album-'), 'F_ACTION' => $admin_album_base_url . '-notification', 'PWG_TOKEN' => get_pwg_token()));
// +-----------------------------------------------------------------------+
// | form construction |
// +-----------------------------------------------------------------------+
$query = '
SELECT
id AS group_id
FROM ' . GROUPS_TABLE . '
;';
$all_group_ids = array_from_query($query, 'group_id');
if (count($all_group_ids) == 0) {
$template->assign('no_group_in_gallery', true);
} else {
if ('private' == $category['status']) {
$query = '
SELECT
$page['infos'][] = l10n('locfiledit_saved_bak', substr(get_bak_file($edited_file), 2));
}
if ($file = @fopen($edited_file, "w")) {
@fwrite($file, $content_file);
@fclose($file);
array_unshift($page['infos'], l10n('locfiledit_save_config'));
$template->delete_compiled_templates();
} else {
$page['errors'][] = l10n('locfiledit_cant_save');
}
}
}
}
// +-----------------------------------------------------------------------+
// | template initialization
// +-----------------------------------------------------------------------+
$template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/template/admin.tpl'));
if (!empty($edited_file)) {
if (!empty($page['errors'])) {
$content_file = stripslashes($_POST['text']);
}
$template->assign('zone_edit', array('EDITED_FILE' => $edited_file, 'CONTENT_FILE' => htmlspecialchars($content_file), 'FILE_NAME' => trim($edited_file, './\\')));
if (file_exists(get_bak_file($edited_file))) {
$template->assign('restore', true);
}
if (file_exists($edited_file)) {
$template->assign('restore_infos', true);
}
}
$template->assign(array('F_ACTION' => PHPWG_ROOT_PATH . 'admin.php?page=plugin-LocalFilesEditor-' . $page['tab'], 'LOCALEDIT_PATH' => LOCALEDIT_PATH, 'PWG_TOKEN' => get_pwg_token(), 'CODEMIRROR_MODE' => @$codemirror_mode));
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
$template->set_filenames(array('plugins' => 'plugins_installed.tpl'));
// should we display details on plugins?
if (isset($_GET['show_details'])) {
if (1 == $_GET['show_details']) {
$show_details = true;
} else {
$show_details = false;
}
pwg_set_session_var('plugins_show_details', $show_details);
} elseif (null != pwg_get_session_var('plugins_show_details')) {
$show_details = pwg_get_session_var('plugins_show_details');
} else {
$show_details = false;
}
$base_url = get_root_url() . 'admin.php?page=' . $page['page'];
$pwg_token = get_pwg_token();
$action_url = $base_url . '&plugin=' . '%s' . '&pwg_token=' . $pwg_token;
$plugins = new plugins();
//--------------------------------------------------perform requested actions
if (isset($_GET['action']) and isset($_GET['plugin'])) {
if (!is_webmaster()) {
$page['errors'][] = l10n('Webmaster status is required.');
} else {
check_pwg_token();
$page['errors'] = $plugins->perform_action($_GET['action'], $_GET['plugin']);
if (empty($page['errors'])) {
if ($_GET['action'] == 'activate' or $_GET['action'] == 'deactivate') {
$template->delete_compiled_templates();
$persistent_cache->purge(true);
}
redirect($base_url);
/**
* API method
* Updates users
* @param mixed[] $params
* @option int[] user_id
* @option string username (optional)
* @option string password (optional)
* @option string email (optional)
* @option string status (optional)
* @option int level (optional)
* @option string language (optional)
* @option string theme (optional)
* @option int nb_image_page (optional)
* @option int recent_period (optional)
* @option bool expand (optional)
* @option bool show_nb_comments (optional)
* @option bool show_nb_hits (optional)
* @option bool enabled_high (optional)
*/
function ws_users_setInfo($params, &$service)
{
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
global $conf, $user;
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
$updates = $updates_infos = array();
$update_status = null;
if (count($params['user_id']) == 1) {
if (get_username($params['user_id'][0]) === false) {
return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.');
}
if (!empty($params['username'])) {
$user_id = get_userid($params['username']);
if ($user_id and $user_id != $params['user_id'][0]) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used'));
}
if ($params['username'] != strip_tags($params['username'])) {
return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login'));
}
$updates[$conf['user_fields']['username']] = $params['username'];
}
if (!empty($params['email'])) {
if (($error = validate_mail_address($params['user_id'][0], $params['email'])) != '') {
return new PwgError(WS_ERR_INVALID_PARAM, $error);
}
$updates[$conf['user_fields']['email']] = $params['email'];
}
if (!empty($params['password'])) {
$updates[$conf['user_fields']['password']] = $conf['password_hash']($params['password']);
}
}
if (!empty($params['status'])) {
if (in_array($params['status'], array('webmaster', 'admin')) and !is_webmaster()) {
return new PwgError(403, 'Only webmasters can grant "webmaster/admin" status');
}
if (!in_array($params['status'], array('guest', 'generic', 'normal', 'admin', 'webmaster'))) {
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid status');
}
$protected_users = array($user['id'], $conf['guest_id'], $conf['webmaster_id']);
// an admin can't change status of other admin/webmaster
if ('admin' == $user['status']) {
$query = '
SELECT
user_id
FROM ' . USER_INFOS_TABLE . '
WHERE status IN (\'webmaster\', \'admin\')
;';
$protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
}
// status update query is separated from the rest as not applying to the same
// set of users (current, guest and webmaster can't be changed)
$params['user_id_for_status'] = array_diff($params['user_id'], $protected_users);
$update_status = $params['status'];
}
if (!empty($params['level']) or @$params['level'] === 0) {
if (!in_array($params['level'], $conf['available_permission_levels'])) {
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level');
}
$updates_infos['level'] = $params['level'];
}
if (!empty($params['language'])) {
if (!in_array($params['language'], array_keys(get_languages()))) {
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid language');
}
$updates_infos['language'] = $params['language'];
}
if (!empty($params['theme'])) {
if (!in_array($params['theme'], array_keys(get_pwg_themes()))) {
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid theme');
}
$updates_infos['theme'] = $params['theme'];
}
if (!empty($params['nb_image_page'])) {
$updates_infos['nb_image_page'] = $params['nb_image_page'];
}
if (!empty($params['recent_period']) or @$params['recent_period'] === 0) {
$updates_infos['recent_period'] = $params['recent_period'];
}
if (!empty($params['expand']) or @$params['expand'] === false) {
$updates_infos['expand'] = boolean_to_string($params['expand']);
}
if (!empty($params['show_nb_comments']) or @$params['show_nb_comments'] === false) {
$updates_infos['show_nb_comments'] = boolean_to_string($params['show_nb_comments']);
}
if (!empty($params['show_nb_hits']) or @$params['show_nb_hits'] === false) {
$updates_infos['show_nb_hits'] = boolean_to_string($params['show_nb_hits']);
}
if (!empty($params['enabled_high']) or @$params['enabled_high'] === false) {
$updates_infos['enabled_high'] = boolean_to_string($params['enabled_high']);
}
// perform updates
single_update(USERS_TABLE, $updates, array($conf['user_fields']['id'] => $params['user_id'][0]));
if (isset($update_status) and count($params['user_id_for_status']) > 0) {
$query = '
UPDATE ' . USER_INFOS_TABLE . ' SET
status = "' . $update_status . '"
WHERE user_id IN(' . implode(',', $params['user_id_for_status']) . ')
;';
pwg_query($query);
}
if (count($updates_infos) > 0) {
$query = '
UPDATE ' . USER_INFOS_TABLE . ' SET ';
$first = true;
foreach ($updates_infos as $field => $value) {
if (!$first) {
$query .= ', ';
} else {
$first = false;
}
$query .= $field . ' = "' . $value . '"';
}
$query .= '
WHERE user_id IN(' . implode(',', $params['user_id']) . ')
;';
pwg_query($query);
}
// manage association to groups
if (!empty($params['group_id'])) {
$query = '
DELETE
FROM ' . USER_GROUP_TABLE . '
WHERE user_id IN (' . implode(',', $params['user_id']) . ')
;';
pwg_query($query);
// we remove all provided groups that do not really exist
$query = '
SELECT
id
FROM ' . GROUPS_TABLE . '
WHERE id IN (' . implode(',', $params['group_id']) . ')
;';
$group_ids = array_from_query($query, 'id');
// if only -1 (a group id that can't exist) is in the list, then no
// group is associated
if (count($group_ids) > 0) {
$inserts = array();
foreach ($group_ids as $group_id) {
foreach ($params['user_id'] as $user_id) {
$inserts[] = array('user_id' => $user_id, 'group_id' => $group_id);
}
}
mass_inserts(USER_GROUP_TABLE, array_keys($inserts[0]), $inserts);
}
}
invalidate_user_cache();
return $service->invoke('pwg.users.getList', array('user_id' => $params['user_id'], 'display' => 'basics,' . implode(',', array_keys($updates_infos))));
}
if (isset($_GET['installstatus'])) {
switch ($_GET['installstatus']) {
case 'ok':
$page['infos'][] = l10n('Language has been successfully installed');
break;
case 'temp_path_error':
$page['errors'][] = l10n('Can\'t create temporary file.');
break;
case 'dl_archive_error':
$page['errors'][] = l10n('Can\'t download archive.');
break;
case 'archive_error':
$page['errors'][] = l10n('Can\'t read or extract archive.');
break;
default:
$page['errors'][] = l10n('An error occured during extraction (%s).', htmlspecialchars($_GET['installstatus']));
}
}
// +-----------------------------------------------------------------------+
// | start template output |
// +-----------------------------------------------------------------------+
if ($languages->get_server_languages(true)) {
foreach ($languages->server_languages as $language) {
list($date, ) = explode(' ', $language['revision_date']);
$url_auto_install = htmlentities($base_url) . '&revision=' . $language['revision_id'] . '&pwg_token=' . get_pwg_token();
$template->append('languages', array('EXT_NAME' => $language['extension_name'], 'EXT_DESC' => $language['extension_description'], 'EXT_URL' => PEM_URL . '/extension_view.php?eid=' . $language['extension_id'], 'VERSION' => $language['revision_name'], 'VER_DESC' => $language['revision_description'], 'DATE' => $date, 'AUTHOR' => $language['author_name'], 'URL_INSTALL' => $url_auto_install, 'URL_DOWNLOAD' => $language['download_url'] . '&origin=piwigo_download'));
}
} else {
$page['errors'][] = l10n('Can\'t connect to server.');
}
$template->assign_var_from_handle('ADMIN_CONTENT', 'languages');
/**
* API method
* Removes user(s) from a group
* @param mixed[] $params
* @option int group_id
* @option int[] user_id
*/
function ws_groups_deleteUser($params, &$service)
{
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
// does the group exist ?
$query = '
SELECT COUNT(*)
FROM ' . GROUPS_TABLE . '
WHERE id = ' . $params['group_id'] . '
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0) {
return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.');
}
$query = '
DELETE FROM ' . USER_GROUP_TABLE . '
WHERE
group_id = ' . $params['group_id'] . '
AND user_id IN(' . implode(',', $params['user_id']) . ')
;';
pwg_query($query);
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
invalidate_user_cache();
return $service->invoke('pwg.groups.getList', array('group_id' => $params['group_id']));
}
if (can_manage_comment('delete', $row['author_id'])) {
$tpl_comment['U_DELETE'] = add_url_params($url_self, array('action' => 'delete_comment', 'comment_to_delete' => $row['id'], 'pwg_token' => get_pwg_token()));
}
if (can_manage_comment('edit', $row['author_id'])) {
$tpl_comment['U_EDIT'] = add_url_params($url_self, array('action' => 'edit_comment', 'comment_to_edit' => $row['id']));
if (isset($edit_comment) and $row['id'] == $edit_comment) {
$tpl_comment['IN_EDIT'] = true;
$tpl_comment['KEY'] = get_ephemeral_key(2);
$tpl_comment['CONTENT'] = $row['content'];
$tpl_comment['PWG_TOKEN'] = get_pwg_token();
$tpl_comment['U_CANCEL'] = $url_self;
}
}
if (is_admin()) {
if ($row['validated'] != 'true') {
$tpl_comment['U_VALIDATE'] = add_url_params($url_self, array('action' => 'validate_comment', 'comment_to_validate' => $row['id'], 'pwg_token' => get_pwg_token()));
}
}
$template->append('comments', $tpl_comment);
}
}
$show_add_comment_form = !is_a_guest() || $conf['guestbook']['guest_can_add'];
if (isset($edit_comment)) {
$show_add_comment_form = false;
}
if ($show_add_comment_form) {
foreach (array('content', 'author', 'website', 'email') as $el) {
${$el} = '';
if ('reject' === @$comment_action and !empty($comm[$el])) {
${$el} = htmlspecialchars(stripslashes($comm[$el]));
}
WHERE id = ' . $_GET['image_id'] . '
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
$storage_category_id = null;
if (!empty($row['storage_category_id'])) {
$storage_category_id = $row['storage_category_id'];
}
$image_file = $row['file'];
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('picture_modify' => 'picture_modify.tpl'));
$admin_url_start = $admin_photo_base_url . '-properties';
$admin_url_start .= isset($_GET['cat_id']) ? '&cat_id=' . $_GET['cat_id'] : '';
$src_image = new SrcImage($row);
$template->assign(array('tag_selection' => $tag_selection, 'U_SYNC' => $admin_url_start . '&sync_metadata=1', 'U_DELETE' => $admin_url_start . '&delete=1&pwg_token=' . get_pwg_token(), 'PATH' => $row['path'], 'TN_SRC' => DerivativeImage::url(IMG_THUMB, $src_image), 'FILE_SRC' => DerivativeImage::url(IMG_LARGE, $src_image), 'NAME' => isset($_POST['name']) ? stripslashes($_POST['name']) : @$row['name'], 'TITLE' => render_element_name($row), 'DIMENSIONS' => @$row['width'] . ' * ' . @$row['height'], 'FILESIZE' => @$row['filesize'] . ' KB', 'REGISTRATION_DATE' => format_date($row['date_available']), 'AUTHOR' => htmlspecialchars(isset($_POST['author']) ? stripslashes($_POST['author']) : @$row['author']), 'DATE_CREATION' => $row['date_creation'], 'DESCRIPTION' => htmlspecialchars(isset($_POST['description']) ? stripslashes($_POST['description']) : @$row['comment']), 'F_ACTION' => get_root_url() . 'admin.php' . get_query_string_diff(array('sync_metadata'))));
$added_by = 'N/A';
$query = '
SELECT ' . $conf['user_fields']['username'] . ' AS username
FROM ' . USERS_TABLE . '
WHERE ' . $conf['user_fields']['id'] . ' = ' . $row['added_by'] . '
;';
$result = pwg_query($query);
while ($user_row = pwg_db_fetch_assoc($result)) {
$row['added_by'] = $user_row['username'];
}
$intro_vars = array('file' => l10n('Original file : %s', $row['file']), 'add_date' => l10n('Posted %s on %s', time_since($row['date_available'], 'year'), format_date($row['date_available'], array('day', 'month', 'year'))), 'added_by' => l10n('Added by %s', $row['added_by']), 'size' => $row['width'] . '×' . $row['height'] . ' pixels, ' . sprintf('%.2f', $row['filesize'] / 1024) . 'MB', 'stats' => l10n('Visited %d times', $row['hit']), 'id' => l10n('Numeric identifier : %d', $row['id']));
if ($conf['rate'] and !empty($row['rating_score'])) {
$query = '
SELECT
COUNT(*)
case 'compiled-templates':
$template->delete_compiled_templates();
FileCombiner::clear_combined_files();
$persistent_cache->purge(true);
break;
case 'derivatives':
clear_derivative_cache($_GET['type']);
break;
default:
break;
}
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(array('maintenance' => 'maintenance.tpl'));
$url_format = get_root_url() . 'admin.php?page=maintenance&action=%s&pwg_token=' . get_pwg_token();
$purge_urls[l10n('All')] = sprintf($url_format, 'derivatives') . '&type=all';
foreach (ImageStdParams::get_defined_type_map() as $params) {
$purge_urls[l10n($params->type)] = sprintf($url_format, 'derivatives') . '&type=' . $params->type;
}
$purge_urls[l10n(IMG_CUSTOM)] = sprintf($url_format, 'derivatives') . '&type=' . IMG_CUSTOM;
$template->assign(array('U_MAINT_CATEGORIES' => sprintf($url_format, 'categories'), 'U_MAINT_IMAGES' => sprintf($url_format, 'images'), 'U_MAINT_ORPHAN_TAGS' => sprintf($url_format, 'delete_orphan_tags'), 'U_MAINT_USER_CACHE' => sprintf($url_format, 'user_cache'), 'U_MAINT_HISTORY_DETAIL' => sprintf($url_format, 'history_detail'), 'U_MAINT_HISTORY_SUMMARY' => sprintf($url_format, 'history_summary'), 'U_MAINT_SESSIONS' => sprintf($url_format, 'sessions'), 'U_MAINT_FEEDS' => sprintf($url_format, 'feeds'), 'U_MAINT_DATABASE' => sprintf($url_format, 'database'), 'U_MAINT_C13Y' => sprintf($url_format, 'c13y'), 'U_MAINT_SEARCH' => sprintf($url_format, 'search'), 'U_MAINT_COMPILED_TEMPLATES' => sprintf($url_format, 'compiled-templates'), 'U_MAINT_DERIVATIVES' => sprintf($url_format, 'derivatives'), 'purge_derivatives' => $purge_urls, 'U_HELP' => get_root_url() . 'admin/popuphelp.php?page=maintenance'));
if ($conf['gallery_locked']) {
$template->assign(array('U_MAINT_UNLOCK_GALLERY' => sprintf($url_format, 'unlock_gallery')));
} else {
$template->assign(array('U_MAINT_LOCK_GALLERY' => sprintf($url_format, 'lock_gallery')));
}
// +-----------------------------------------------------------------------+
// | Define advanced features |
// +-----------------------------------------------------------------------+
$advanced_features = array();
$page['infos'] = array();
$query = '
REPLACE INTO ' . PLUGINS_TABLE . '
(id, state)
VALUES (\'TakeATour\', \'active\')
;';
pwg_query($query);
$template->assign(array('button_label' => l10n('Home'), 'button_link' => 'index.php'));
// if the webmaster has a session, let's give a link to discover new features
if (!empty($_SESSION['pwg_uid'])) {
$version_ = str_replace('.', '_', get_branch_from_version(PHPWG_VERSION) . '.0');
if (file_exists(PHPWG_PLUGINS_PATH . 'TakeATour/tours/' . $version_ . '/config.inc.php')) {
load_language('plugin.lang', PHPWG_PLUGINS_PATH . 'TakeATour/', array('language' => $language, 'force_fallback' => 'en_UK'));
// we need the secret key for get_pwg_token()
load_conf_from_db();
$template->assign(array('button_label' => l10n('2_7_0_descrp'), 'button_link' => 'admin.php?submited_tour_path=tours/' . $version_ . '&pwg_token=' . get_pwg_token()));
}
}
// Delete cache data
invalidate_user_cache(true);
$template->delete_compiled_templates();
// Restore $page['infos'] in order to hide informations messages from functions calles
// errors messages are not hide
$page['infos'] = $page['infos_sav'];
}
} else {
if (!defined('PWG_CHARSET')) {
define('PWG_CHARSET', 'utf-8');
}
include_once PHPWG_ROOT_PATH . 'admin/include/languages.class.php';
$languages = new languages();
if (!$autoupdate->get_server_extensions()) {
$page['errors'][] = l10n('Can\'t connect to server.');
return;
// TODO: remove this return and add a proper "page killer"
}
foreach ($autoupdate->types as $type) {
$fs = 'fs_' . $type;
$server = 'server_' . $type;
$server_ext = $autoupdate->{$type}->{$server};
$fs_ext = $autoupdate->{$type}->{$fs};
if (empty($server_ext)) {
continue;
}
foreach ($fs_ext as $ext_id => $fs_ext) {
if (!isset($fs_ext['extension']) or !isset($server_ext[$fs_ext['extension']])) {
continue;
}
$ext_info = $server_ext[$fs_ext['extension']];
if (!safe_version_compare($fs_ext['version'], $ext_info['revision_name'], '>=')) {
$template->append('update_' . $type, array('ID' => $ext_info['extension_id'], 'REVISION_ID' => $ext_info['revision_id'], 'EXT_ID' => $ext_id, 'EXT_NAME' => $fs_ext['name'], 'EXT_URL' => PEM_URL . '/extension_view.php?eid=' . $ext_info['extension_id'], 'EXT_DESC' => trim($ext_info['extension_description'], " \n\r"), 'REV_DESC' => trim($ext_info['revision_description'], " \n\r"), 'CURRENT_VERSION' => $fs_ext['version'], 'NEW_VERSION' => $ext_info['revision_name'], 'AUTHOR' => $ext_info['author_name'], 'DOWNLOADS' => $ext_info['extension_nb_downloads'], 'URL_DOWNLOAD' => $ext_info['download_url'] . '&origin=piwigo_download', 'IGNORED' => in_array($ext_id, $conf['updates_ignored'][$type])));
}
}
if (!empty($conf['updates_ignored'][$type])) {
$show_reset = true;
}
}
$template->assign('SHOW_RESET', $show_reset);
$template->assign('PWG_TOKEN', get_pwg_token());
$template->assign('EXT_TYPE', $page['page'] == 'updates' ? 'extensions' : $page['page']);
$template->set_filename('plugin_admin_content', 'updates_ext.tpl');
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
/**
* check token comming from form posted or get params to prevent csrf attacks.
* if pwg_token is empty action doesn't require token
* else pwg_token is compare to server token
*
* @return void access denied if token given is not equal to server token
*/
function check_pwg_token()
{
if (!empty($_REQUEST['pwg_token'])) {
if (get_pwg_token() != $_REQUEST['pwg_token']) {
access_denied();
}
} else {
bad_request('missing token');
}
}
redirect(get_gallery_home_url());
}
if ('lost' == $page['action'] and !is_a_guest()) {
redirect(get_gallery_home_url());
}
// +-----------------------------------------------------------------------+
// | template initialization |
// +-----------------------------------------------------------------------+
$title = l10n('Password Reset');
if ('lost' == $page['action']) {
$title = l10n('Forgot your password?');
if (isset($_POST['username_or_email'])) {
$template->assign('username_or_email', htmlspecialchars(stripslashes($_POST['username_or_email'])));
}
}
$page['body_id'] = 'thePasswordPage';
$template->set_filenames(array('password' => 'password.tpl'));
$template->assign(array('title' => $title, 'form_action' => get_root_url() . 'password.php', 'action' => $page['action'], 'username' => isset($page['username']) ? $page['username'] : $user['username'], 'PWG_TOKEN' => get_pwg_token()));
// include menubar
$themeconf = $template->get_template_vars('themeconf');
if (!isset($themeconf['hide_menu_on']) or !in_array('thePasswordPage', $themeconf['hide_menu_on'])) {
include PHPWG_ROOT_PATH . 'include/menubar.inc.php';
}
// +-----------------------------------------------------------------------+
// | html code display |
// +-----------------------------------------------------------------------+
include PHPWG_ROOT_PATH . 'include/page_header.php';
trigger_notify('loc_end_password');
flush_page_messages();
$template->pparse('password');
include PHPWG_ROOT_PATH . 'include/page_tail.php';
// Save configuration
if (isset($_POST['submit'])) {
$params = array('height' => $_POST['height'], 'margin' => $_POST['margin'], 'nb_image_page' => $_POST['nb_image_page'], 'big_thumb' => !empty($_POST['big_thumb']), 'cache_big_thumb' => !empty($_POST['cache_big_thumb']), 'method' => $_POST['method'], 'show_thumbnail_caption' => !empty($_POST['show_thumbnail_caption']));
if (!is_numeric($params['height'])) {
array_push($page['errors'], 'Thumbnails max height must be an integer.');
}
if (!is_numeric($params['margin'])) {
array_push($page['errors'], 'Margin between thumbnails must be an integer.');
}
if (!is_numeric($params['nb_image_page'])) {
array_push($page['errors'], 'Number of photos per page must be an integer.');
}
if ($params['height'] != $conf['GThumb']['height']) {
delete_gthumb_cache($conf['GThumb']['height']);
} elseif ($params['margin'] != $conf['GThumb']['margin']) {
delete_gthumb_cache($conf['GThumb']['height'] * 2 + $conf['GThumb']['margin']);
}
if (empty($page['errors'])) {
$query = '
UPDATE ' . CONFIG_TABLE . '
SET value="' . addslashes(serialize($params)) . '"
WHERE param="GThumb"
LIMIT 1';
pwg_query($query);
array_push($page['infos'], l10n('Information data registered in database'));
}
}
// Configuration du template
$template->assign(array('HEIGHT' => $params['height'], 'MARGIN' => $params['margin'], 'NB_IMAGE_PAGE' => $params['nb_image_page'], 'BIG_THUMB' => $params['big_thumb'], 'CACHE_BIG_THUMB' => $params['cache_big_thumb'], 'METHOD' => $params['method'], 'SHOW_THUMBNAIL_CAPTION' => $params['show_thumbnail_caption'], 'PWG_TOKEN' => get_pwg_token()));
$template->set_filenames(array('plugin_admin_content' => dirname(__FILE__) . '/template/admin.tpl'));
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
$max_upload_width = round(sqrt($available_memory / (2 * $fudge_factor)));
$max_upload_height = round(2 * $max_upload_width / 3);
// we don't want dimensions like 2995x1992 but 3000x2000
$max_upload_width = round($max_upload_width / 100) * 100;
$max_upload_height = round($max_upload_height / 100) * 100;
$max_upload_resolution = floor($max_upload_width * $max_upload_height / 1000000);
// no need to display a limitation warning if the limitation is huge like 20MP
if ($max_upload_resolution < 25) {
$template->assign(array('max_upload_width' => $max_upload_width, 'max_upload_height' => $max_upload_height, 'max_upload_resolution' => $max_upload_resolution));
}
}
//warn the user if the picture will be resized after upload
if ($conf['original_resize']) {
$template->assign(array('original_resize_maxwidth' => $conf['original_resize_maxwidth'], 'original_resize_maxheight' => $conf['original_resize_maxheight']));
}
$template->assign(array('form_action' => PHOTOS_ADD_BASE_URL, 'pwg_token' => get_pwg_token()));
$unique_exts = array_unique(array_map('strtolower', $conf['upload_form_all_types'] ? $conf['file_ext'] : $conf['picture_ext']));
$template->assign(array('upload_file_types' => implode(', ', $unique_exts), 'file_exts' => implode(',', $unique_exts)));
// +-----------------------------------------------------------------------+
// | Categories |
// +-----------------------------------------------------------------------+
// we need to know the category in which the last photo was added
$selected_category = array();
if (isset($_GET['album'])) {
// set the category from get url or ...
check_input_parameter('album', $_GET, false, PATTERN_ID);
// test if album really exists
$query = '
SELECT id
FROM ' . CATEGORIES_TABLE . '
WHERE id = ' . $_GET['album'] . '
if (isset($_POST['submit'])) {
check_pwg_token();
$offsetX = trim($_POST['offsetX']);
$offsetY = trim($_POST['offsetY']);
if (strlen($offsetX) === 0 || strlen($offsetY) === 0 || !is_numeric($offsetX) || !is_numeric($offsetY)) {
$page['errors'][] = 'Invalid offset value';
}
if (count($page['errors']) === 0) {
$stereoTable = $prefixeTable . 'stereo';
if (isset($picture['x'])) {
$query = "UPDATE {$stereoTable}\n\t\t\t\tSET x={$offsetX}, y={$offsetY}\n\t\t\t\tWHERE media_id = {$id};";
} else {
$picture['x'] = $offsetX;
$picture['y'] = $offsetY;
$query = "INSERT INTO {$stereoTable} (media_id, x, y)\n\t\t\t\tVALUES ({$id}, {$offsetX}, {$offsetY})";
}
pwg_query($query);
array_push($page['infos'], l10n('STEREO_EDIT_SUCCESS'));
}
}
// needed for the photo tabsheet
$admin_photo_base_url = get_root_url() . 'admin.php?page=photo-' . $id;
$self_url = Stereo_get_admin_url($id);
include_once PHPWG_ROOT_PATH . 'admin/include/tabsheet.class.php';
$tabsheet = new tabsheet();
$tabsheet->set_id('photo');
$tabsheet->select('stereo');
$tabsheet->assign();
$template->assign(array('PWG_TOKEN' => get_pwg_token(), 'F_ACTION' => $self_url, 'TITLE' => render_element_name($picture), 'PICTURE' => Stereo_render_element_content('', $picture), 'OFFSET_X' => empty($picture['x']) ? 0 : $picture['x'], 'OFFSET_Y' => empty($picture['y']) ? 0 : $picture['y']));
$template->set_filename('plugin_admin_content', STEREO_PATH . 'admin.tpl');
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');
/**
* Save picture form
* @trigger loc_begin_picture
*/
function admintools_save_picture()
{
global $page, $conf, $MultiView, $user, $picture;
if (!isset($_GET['delete']) and !isset($_POST['action']) and @$_POST['action'] != 'quick_edit') {
return;
}
$query = 'SELECT added_by FROM ' . IMAGES_TABLE . ' WHERE id = ' . $page['image_id'] . ';';
list($added_by) = pwg_db_fetch_row(pwg_query($query));
if (!$MultiView->is_admin() and $user['id'] != $added_by) {
return;
}
if (isset($_GET['delete']) and get_pwg_token() == @$_GET['pwg_token']) {
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
delete_elements(array($page['image_id']), true);
invalidate_user_cache();
if (isset($page['rank_of'][$page['image_id']])) {
redirect(duplicate_index_url(array('start' => floor($page['rank_of'][$page['image_id']] / $page['nb_image_page']) * $page['nb_image_page'])));
} else {
redirect(make_index_url());
}
}
if ($_POST['action'] == 'quick_edit') {
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
$data = array('name' => $_POST['name'], 'author' => $_POST['author']);
if ($MultiView->is_admin()) {
$data['level'] = $_POST['level'];
}
if ($conf['allow_html_descriptions']) {
$data['comment'] = @$_POST['comment'];
} else {
$data['comment'] = strip_tags(@$_POST['comment']);
}
if (!empty($_POST['date_creation']) and strtotime($_POST['date_creation']) !== false) {
$data['date_creation'] = $_POST['date_creation'] . ' ' . $_POST['date_creation_time'];
}
single_update(IMAGES_TABLE, $data, array('id' => $page['image_id']));
$tag_ids = array();
if (!empty($_POST['tags'])) {
$tag_ids = get_tag_ids($_POST['tags']);
}
set_tags($tag_ids, $page['image_id']);
}
}
/**
* API method
* Moves a category
* @param mixed[] $params
* @option string|int[] category_id
* @option int parent
* @option string pwg_token
*/
function ws_categories_move($params, &$service)
{
global $page;
if (get_pwg_token() != $params['pwg_token']) {
return new PwgError(403, 'Invalid security token');
}
if (!is_array($params['category_id'])) {
$params['category_id'] = preg_split('/[\\s,;\\|]/', $params['category_id'], -1, PREG_SPLIT_NO_EMPTY);
}
$params['category_id'] = array_map('intval', $params['category_id']);
$category_ids = array();
foreach ($params['category_id'] as $category_id) {
if ($category_id > 0) {
$category_ids[] = $category_id;
}
}
if (count($category_ids) == 0) {
return new PwgError(403, 'Invalid category_id input parameter, no category to move');
}
// we can't move physical categories
$categories_in_db = array();
$query = '
SELECT id, name, dir
FROM ' . CATEGORIES_TABLE . '
WHERE id IN (' . implode(',', $category_ids) . ')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result)) {
$categories_in_db[$row['id']] = $row;
// we break on error at first physical category detected
if (!empty($row['dir'])) {
$row['name'] = strip_tags(trigger_change('render_category_name', $row['name'], 'ws_categories_move'));
return new PwgError(403, sprintf('Category %s (%u) is not a virtual category, you cannot move it', $row['name'], $row['id']));
}
}
if (count($categories_in_db) != count($category_ids)) {
$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
return new PwgError(403, sprintf('Category %u does not exist', $unknown_category_ids[0]));
}
// does this parent exists? This check should be made in the
// move_categories function, not here
// 0 as parent means "move categories at gallery root"
if (0 != $params['parent']) {
$subcat_ids = get_subcat_ids(array($params['parent']));
if (count($subcat_ids) == 0) {
return new PwgError(403, 'Unknown parent category id');
}
}
$page['infos'] = array();
$page['errors'] = array();
include_once PHPWG_ROOT_PATH . 'admin/include/functions.php';
move_categories($category_ids, $params['parent']);
invalidate_user_cache();
if (count($page['errors']) != 0) {
return new PwgError(403, implode('; ', $page['errors']));
}
}
/**
* Assign template variables, from arguments
* Used to build profile edition pages
*
* @param string $url_action
* @param string $url_redirect
* @param array $userdata
*/
function load_profile_in_template($url_action, $url_redirect, $userdata, $template_prefixe = null)
{
global $template, $conf;
$template->assign('radio_options', array('true' => l10n('Yes'), 'false' => l10n('No')));
$template->assign(array($template_prefixe . 'USERNAME' => stripslashes($userdata['username']), $template_prefixe . 'EMAIL' => @$userdata['email'], $template_prefixe . 'ALLOW_USER_CUSTOMIZATION' => $conf['allow_user_customization'], $template_prefixe . 'ACTIVATE_COMMENTS' => $conf['activate_comments'], $template_prefixe . 'NB_IMAGE_PAGE' => $userdata['nb_image_page'], $template_prefixe . 'RECENT_PERIOD' => $userdata['recent_period'], $template_prefixe . 'EXPAND' => $userdata['expand'] ? 'true' : 'false', $template_prefixe . 'NB_COMMENTS' => $userdata['show_nb_comments'] ? 'true' : 'false', $template_prefixe . 'NB_HITS' => $userdata['show_nb_hits'] ? 'true' : 'false', $template_prefixe . 'REDIRECT' => $url_redirect, $template_prefixe . 'F_ACTION' => $url_action));
$template->assign('template_selection', $userdata['theme']);
$template->assign('template_options', get_pwg_themes());
foreach (get_languages() as $language_code => $language_name) {
if (isset($_POST['submit']) or $userdata['language'] == $language_code) {
$template->assign('language_selection', $language_code);
}
$language_options[$language_code] = $language_name;
}
$template->assign('language_options', $language_options);
$special_user = in_array($userdata['id'], array($conf['guest_id'], $conf['default_user_id']));
$template->assign('SPECIAL_USER', $special_user);
$template->assign('IN_ADMIN', defined('IN_ADMIN'));
// allow plugins to add their own form data to content
trigger_notify('load_profile_in_template', $userdata);
$template->assign('PWG_TOKEN', get_pwg_token());
}
}
$nb_sub_photos[$cat_id] = $nb_photos;
}
}
$template->assign('categories', array());
$base_url = get_root_url() . 'admin.php?page=';
if (isset($_GET['parent_id'])) {
$template->assign('PARENT_EDIT', $base_url . 'album-' . $_GET['parent_id']);
}
foreach ($categories as $category) {
$cat_list_url = $base_url . 'cat_list';
$self_url = $cat_list_url;
if (isset($_GET['parent_id'])) {
$self_url .= '&parent_id=' . $_GET['parent_id'];
}
$tpl_cat = array('NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'NB_PHOTOS' => isset($nb_photos_in[$category['id']]) ? $nb_photos_in[$category['id']] : 0, 'NB_SUB_PHOTOS' => isset($nb_sub_photos[$category['id']]) ? $nb_sub_photos[$category['id']] : 0, 'NB_SUB_ALBUMS' => isset($subcats_of[$category['id']]) ? count($subcats_of[$category['id']]) : 0, 'ID' => $category['id'], 'RANK' => $category['rank'] * 10, 'U_JUMPTO' => make_index_url(array('category' => $category)), 'U_CHILDREN' => $cat_list_url . '&parent_id=' . $category['id'], 'U_EDIT' => $base_url . 'album-' . $category['id'], 'IS_VIRTUAL' => empty($category['dir']));
if (empty($category['dir'])) {
$tpl_cat['U_DELETE'] = $self_url . '&delete=' . $category['id'];
$tpl_cat['U_DELETE'] .= '&pwg_token=' . get_pwg_token();
} else {
if ($conf['enable_synchronization']) {
$tpl_cat['U_SYNC'] = $base_url . 'site_update&site=1&cat_id=' . $category['id'];
}
}
$template->append('categories', $tpl_cat);
}
trigger_notify('loc_end_cat_list');
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+
$template->assign_var_from_handle('ADMIN_CONTENT', 'categories');
JOIN ' . IMAGE_CATEGORY_TABLE . ' ON image_id = id
WHERE category_id = ' . $category['id'] . '
;';
list($image_count, $min_date, $max_date) = pwg_db_fetch_row(pwg_query($query));
if ($min_date == $max_date) {
$intro = l10n('This album contains %d photos, added on %s.', $image_count, format_date($min_date));
} else {
$intro = l10n('This album contains %d photos, added between %s and %s.', $image_count, format_date($min_date), format_date($max_date));
}
} else {
$intro = l10n('This album contains no photo.');
}
$intro .= '<br>' . l10n('Numeric identifier : %d', $category['id']);
$template->assign(array('INTRO' => $intro, 'U_MANAGE_RANKS' => $base_url . 'element_set_ranks&cat_id=' . $category['id'], 'CACHE_KEYS' => get_admin_client_cache_keys(array('categories'))));
if ($category['is_virtual']) {
$template->assign(array('U_DELETE' => $self_url . '&delete=' . $category['id'] . '&pwg_token=' . get_pwg_token()));
} else {
$category['cat_full_dir'] = get_complete_dir($_GET['cat_id']);
$template->assign(array('CAT_FULL_DIR' => preg_replace('/\\/$/', '', $category['cat_full_dir'])));
if ($conf['enable_synchronization']) {
$template->assign('U_SYNC', $base_url . 'site_update&site=1&cat_id=' . $category['id']);
}
}
// representant management
if ($category['has_images'] or !empty($category['representative_picture_id'])) {
$tpl_representant = array();
// picture to display : the identified representant or the generic random
// representant ?
if (!empty($category['representative_picture_id'])) {
$query = '
SELECT id,representative_ext,path
