public function execute()
     $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
     if (in_array($name, $this->availableFields) === false) {
         throw new waException(_w("Can't update album: unknown field"));
     $album_rights_model = new photosAlbumRightsModel();
     $id = waRequest::post('id', null, waRequest::TYPE_ARRAY_INT);
     if (is_array($id)) {
         $id = current($id);
     if ($id) {
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($id);
         if (!$album) {
             throw new waException(_w('Unknown album'));
         if (!$album_rights_model->checkRights($album, true)) {
             throw new waException(_w("You don't have sufficient access rights"));
         $value = waRequest::post('value', '', waRequest::TYPE_STRING_TRIM);
         $album_model->updateById($id, array($name => $value));
         $album['not_escaped_name'] = $value;
         $album['name'] = photosPhoto::escape($value);
         $this->response['album'] = $album;
 public function execute()
     if (!$this->getRights('upload')) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     $this->response['files'] = array();
     $this->model = new photosPhotoModel();
     $album_rights_model = new photosAlbumRightsModel();
     // rights for photos
     $status = waRequest::post('status', 0, 'int');
     $groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
     if (!$groups) {
         $status = -1;
         // only author have access to this photo
         $groups = array(-$this->getUser()->getId());
     // work with album
     $album_id = (int) waRequest::post('album_id');
     if ($album_id > 0 && !$album_rights_model->checkRights($album_id, true)) {
         $this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
     foreach (self::getFilesFromPost() as $file) {
         if ($file->error_code != UPLOAD_ERR_OK) {
             $this->response['files'][] = array('name' => $file->name, 'error' => $file->error);
         } else {
             try {
                 $this->response['files'][] = $this->save($file, array('status' => $status, 'groups' => $groups, 'album_id' => $album_id));
             } catch (Exception $e) {
                 $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
 public function execute()
     $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     $album_model = new photosAlbumModel();
     $this->log('album_delete', 1);
Ejemplo n.º 4
 public function execute()
     if (!wa()->getUser()->getRights('photos', 'upload')) {
         throw new waAPIException('access_denied', 403);
     $data = waRequest::post();
     // check required param name
     $this->post('name', true);
     $album_model = new photosAlbumModel();
     $group_ids = array(0);
     if (!isset($data['status'])) {
         $data['status'] = 1;
     } else {
         if ($data['status'] == -1) {
             $group_ids = array(-wa()->getUser()->getId());
     if ($data['status'] <= 0) {
         $data['hash'] = md5(uniqid(time(), true));
     } else {
         $data['url'] = $album_model->suggestUniqueUrl(photosPhoto::suggestUrl($data['name']));
     if (!isset($data['type'])) {
         $data['type'] == photosAlbumModel::TYPE_STATIC;
     $parent_id = waRequest::post('parent_id', 0, 'int');
     $parent = $album_model->getById($parent_id);
     if ($parent_id) {
         if (!$parent) {
             throw new waAPIException('invalid_request', 'Parent album not found', 404);
         if ($data['type'] == photosAlbumModel::TYPE_STATIC && $parent['type'] == photosAlbumModel::TYPE_DYNAMIC) {
             throw new waAPIException('invalid_request', 'Inserted album is static but parent album is dynamic', 404);
         if ($data['status'] > 0 && $parent['status'] <= 0) {
             throw new waAPIException('invalid_request', 'Inserted album is public but parent album is private', 404);
     if ($id = $album_model->add($data, $parent_id)) {
         // return info of the new album
         $_GET['id'] = $id;
         if ($parent_id) {
             $child = $album_model->getFirstChild($parent_id);
             $album_model->move($id, $child ? $child['id'] : 0, $parent_id);
         $album_rights_model = new photosAlbumRightsModel();
         $album_rights_model->setRights($id, $group_ids);
         $method = new photosAlbumGetInfoMethod();
         $this->response = $method->getResponse(true);
     } else {
         throw new waAPIException('server_error', 500);
 public function execute()
     $album_id = waRequest::get('id', null, waRequest::TYPE_INT);
     // check rights
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waRightsException(_w("Access denied"));
     $photo_id = waRequest::post('photo_id', null, waRequest::TYPE_ARRAY_INT);
     $album_photos_model = new photosAlbumPhotosModel();
     $album_photos_model->deletePhotos($album_id, $photo_id);
Ejemplo n.º 6
 public function execute()
     $id = waRequest::get('id', null, waRequest::TYPE_INT);
     if (!$id) {
         throw new waException(_w('Unknown album'));
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if (!$album) {
         throw new waException(_w('Unknown album'));
     // check rights
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album)) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     $album['edit_rights'] = $album_rights_model->checkRights($album, true);
     $child_albums = $album_model->getChildren($album['id']);
     $hash = '/album/' . $id;
     $frontend_link = photosCollection::getFrontendLink($hash);
     $collection = new photosCollection($hash);
     $config = $this->getConfig();
     $count = $config->getOption('photos_per_page');
     $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, $count);
     $photos = photosCollection::extendPhotos($photos);
     $album_photos_model = new photosAlbumPhotosModel();
     $album['count'] = $collection->count();
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
         $album['conditions'] = photosCollection::parseConditions($album['conditions']);
     $album['count_new'] = 0;
     $sort_method = 'sort';
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
         $params_model = new photosAlbumParamsModel();
         $params = $params_model->get($album['id']);
         if ($params && isset($params['order']) && $params['order'] == 'rate') {
             $sort_method = 'rate';
         } else {
             $sort_method = 'upload_datetime';
     $this->template = 'templates/actions/photo/PhotoList.html';
     $this->view->assign('sidebar_width', $config->getSidebarWidth());
     $this->view->assign('album', $album);
     $this->view->assign('child_albums', $child_albums);
     $this->view->assign('frontend_link', $frontend_link);
     $this->view->assign('photos', $photos);
     $this->view->assign('title', $collection->getTitle());
     $this->view->assign('hash', $hash);
     $this->view->assign('big_size', $config->getSize('big'));
     $this->view->assign('sort_method', $sort_method);
 public function execute()
     if (!$this->getRights('upload')) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     $this->response['files'] = array();
     $this->model = new photosPhotoModel();
     $album_rights_model = new photosAlbumRightsModel();
     // rights for photos
     $this->status = waRequest::post('status', 0, 'int');
     $this->groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
     if (!$this->groups) {
         $this->status = -1;
         // only author have access to this photo
         $this->groups = array(-$this->getUser()->getId());
     // work with album
     $this->album_id = waRequest::post('album_id');
     $this->album_id = (int) $this->album_id;
     if ($this->album_id > 0 && !$album_rights_model->checkRights($this->album_id, true)) {
         $this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
     if (waRequest::server('HTTP_X_FILE_NAME')) {
         $name = waRequest::server('HTTP_X_FILE_NAME');
         $size = waRequest::server('HTTP_X_FILE_SIZE');
         $file_path = wa()->getTempPath('photos/upload/') . $name;
         $append_file = is_file($file_path) && $size > filesize($file_path);
         file_put_contents($file_path, fopen('php://input', 'r'), $append_file ? FILE_APPEND : 0);
         $file = new waRequestFile(array('name' => $name, 'type' => waRequest::server('HTTP_X_FILE_TYPE'), 'size' => $size, 'tmp_name' => $file_path, 'error' => 0));
         try {
             $this->response['files'][] = $this->save($file);
         } catch (Exception $e) {
             $this->response['files'][] = array('error' => $e->getMessage());
     } else {
         $files = waRequest::file('files');
         foreach ($files as $file) {
             if ($file->error_code != UPLOAD_ERR_OK) {
                 $this->response['files'][] = array('error' => $file->error);
             } else {
                 try {
                     $this->response['files'][] = $this->save($file);
                 } catch (Exception $e) {
                     $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
 public function execute()
     $id = waRequest::get('id', null, waRequest::TYPE_INT);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if (!$album) {
         throw new waException(_w("Unknown album"), 404);
     $album_right_model = new photosAlbumRightsModel();
     if (!$album_right_model->checkRights($album, true)) {
         throw new waException(_w("You don't have sufficient access rights"), 403);
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC && $album['conditions']) {
         $album['conditions'] = photosCollection::parseConditions($album['conditions']);
     if (!$album['conditions']) {
         $album['conditions'] = array();
     $absolute_full_url = photosFrontendAlbum::getLink($album);
     if ($absolute_full_url) {
         $pos = strrpos($absolute_full_url, $album['url']);
         $full_base_url = $pos !== false ? rtrim(substr($absolute_full_url, 0, $pos), '/') . '/' : '';
         $album['full_base_url'] = $full_base_url;
     $this->view->assign('album', $album);
     if ($album['parent_id']) {
         $this->view->assign('parent', $album_model->getById($album['parent_id']));
     $collection = new photosCollection('album/' . $id);
     $photos_count = $collection->count();
     $this->view->assign('photos_count', $photos_count);
     $album_params_model = new photosAlbumParamsModel();
     $this->view->assign('params', $album_params_model->get($id));
     $groups_model = new waGroupModel();
     $groups = $groups_model->getAll('id', true);
     $rights = $album_right_model->getByField('album_id', $id, 'group_id');
     $photo_tag_model = new photosTagModel();
     $cloud = $photo_tag_model->getCloud('name');
     if (!empty($album['conditions']['tag'][1])) {
         foreach ($album['conditions']['tag'][1] as $tag_name) {
             $cloud[$tag_name]['checked'] = true;
     $this->view->assign('rights', $rights);
     $this->view->assign('groups', $groups);
     $this->view->assign('cloud', $cloud);
Ejemplo n.º 9
 public function execute()
     $data = waRequest::post();
     if (!wa()->getUser()->getRights('photos', 'upload')) {
         throw new waAPIException('access_denied', 403);
     $group_ids = array(0);
     if (!isset($data['status'])) {
         $data['status'] = 1;
     } else {
         if ($data['status'] == -1) {
             $group_ids = array(-wa()->getUser()->getId());
     $data['groups'] = $group_ids;
     $data['source'] = photosPhotoModel::SOURCE_API;
     // work with album
     if (isset($data['album_id'])) {
         $album_id = $data['album_id'];
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($album_id);
         if (!$album) {
             throw new waAPIException('invalid_param', 'Album not found', 404);
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($album_id, true)) {
             throw new waAPIException('access_denied', 'Not rights to album', 403);
     $file = waRequest::file('file');
     if (!$file->uploaded()) {
         throw new waAPIException('server_error', $file->error, 500);
     $id = null;
     $photo_model = new photosPhotoModel();
     try {
         $id = $photo_model->add($file, $data);
     } catch (Exception $e) {
         throw new waAPIException('server_error', $e->getMessage(), 500);
     if (!$id) {
         throw new waAPIException('server_error', 500);
     $_GET['id'] = $id;
     $method = new photosPhotoGetInfoMethod();
     $this->response = $method->getResponse(true);
 public function execute()
     $photo_id = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
     $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
     $before_id = waRequest::post('before_id', null, waRequest::TYPE_INT);
     if (!$photo_id || !$album_id) {
         throw new waException(_w("Can't move photo"));
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     if ($photo_id && $album_id) {
         $album_photos_model = new photosAlbumPhotosModel();
         $album_photos_model->movePhoto($photo_id, $album_id, $before_id);
 public function execute()
     $this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
     $album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT);
     $copy = waRequest::post('copy', 1, waRequest::TYPE_INT);
     $this->album_photos_model = new photosAlbumPhotosModel();
     $photo_rights_model = new photosPhotoRightsModel();
     if (!$copy) {
         // it means manage with one photo
         $photo_id = $this->photo_ids[0];
         if (!$photo_rights_model->checkRights($photo_id, true)) {
             throw new waException("You don't have sufficient access rights");
         $early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id'));
         // TODO: check rights for editing (take into account deleting!)
         $this->album_photos_model->set($photo_id, $album_id);
         $this->log('photos_move', 1);
         $albums = $this->getAlbumsCounters();
         $old_albums = array();
         foreach ($early_albums as $a_id) {
             if (!isset($albums[$a_id])) {
                 $collection = new photosCollection('/album/' . $a_id);
                 $album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0);
                 $old_albums[] = $album;
         $this->response['albums'] = array_values($albums);
         $this->response['old_albums'] = $old_albums;
     } else {
         // otherwise coping photos to albums
         $allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true);
         $denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id));
         $album_rights_model = new photosAlbumRightsModel();
         $allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true);
         $denied_album_id = array_values(array_diff($album_id, $allowed_album_id));
         if ($allowed_album_id && $allowed_photo_id) {
             $this->album_photos_model->add($allowed_photo_id, $allowed_album_id);
             $this->response['albums'] = array_values($this->getAlbumsCounters());
             $this->log('photos_move', 1);
         if ($denied_photo_id) {
             $this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.';
Ejemplo n.º 12
 public function execute()
     $id = $this->post('id', true);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById((int) $id);
     if ($album) {
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($id, true)) {
             throw new waAPIException('access_denied', 403);
         if ($album_model->delete($id)) {
             $this->response = true;
         } else {
             throw new waAPIException('server_error', 500);
     } else {
         throw new waAPIException('invalid_request', 'Album not found', 404);
 public function execute()
     $album_id = waRequest::post('album_id', 0, 'int');
     $photo_id = waRequest::post('photo_id', 0, 'int');
     if (!$album_id || !$photo_id) {
         throw new waException('Bad parameters', 404);
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     $photo_model = new photosPhotoModel();
     $photo = $photo_model->getById($photo_id);
     if (!$photo) {
         $this->errors[] = _w('Photo not found');
     $album_model = new photosAlbumModel();
     $album_model->updateById($album_id, array('key_photo_id' => $photo_id));
     photosPhoto::generateThumbs($photo, array('192x192'));
Ejemplo n.º 14
 public function execute()
     $id = $this->get('id', true);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if ($album) {
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($id, true)) {
             throw new waAPIException('access_denied', 403);
         $data = waRequest::post();
         if (isset($data['parent_id']) && $album['parent_id'] != $data['parent_id']) {
             if (!$album_model->getById($data['parent_id'])) {
                 throw new waAPIException('invalid_param', 'Parent album not found', 404);
             if (!$album_model->move($id, null, $data['parent_id'])) {
                 throw new waAPIException('server_error', 500);
         if (isset($data['type'])) {
         if ($album_model->update($id, $data)) {
             // correct rights
             $album = $album_model->getById($id);
             $group_ids = array(0);
             if ($data['status'] == -1) {
                 $group_ids = array(-wa()->getUser()->getId());
             $album_rights_model = new photosAlbumRightsModel();
             $album_rights_model->setRights($id, $group_ids);
             $method = new photosAlbumGetInfoMethod();
             $this->response = $method->getResponse(true);
         } else {
             throw new waAPIException('server_error', 500);
     } else {
         throw new waAPIException('invalid_param', 'Album not found', 404);
 public function execute()
     $collection = new photosCollection();
     $hash = '';
     // Specific album?
     if ($id = waRequest::request('album_id', null, 'int')) {
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($id);
         if (!$album) {
             throw new waException(_w('Unknown album'));
         // check rights
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($album)) {
             throw new waRightsException(_w("You don't have sufficient access rights"));
         $album['edit_rights'] = $album_rights_model->checkRights($album, true);
         $hash = '/album/' . $id;
     } else {
         if ($app_id = waRequest::request('app_id', '', 'string')) {
             if (wa()->appExists($app_id) && wa()->getUser()->getRights($app_id, 'backend')) {
                 $hash = 'app/' . $app_id;
             } else {
                 throw new waRightsException(_w("You don't have sufficient access rights"));
     // Photos
     $collection = new photosCollection($hash);
     $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, 100500);
     $photos = photosCollection::extendPhotos($photos);
     // Album tree
     $album_model = new photosAlbumModel();
     $albums = $album_model->getAlbums();
     $albums_tree = new photosViewTree($albums);
     $this->view->assign(array('title' => $collection->getTitle(), 'photos' => $photos, 'albums_tree_html' => $albums_tree->display(), 'app_albums' => photosDefaultLayout::getAppAlbums('blog'), 'hash' => '#/' . trim($hash, '/#') . '/'));
 private function save($data)
     if (!$this->id) {
         $this->log('album_create', 1);
         $this->id = $this->album_model->add($data);
     } else {
         $album = $this->album_model->getById($this->id);
         if (!$album) {
             throw new Exception("Album doesn't exist");
         $name = $album['name'];
         if (empty($data['name'])) {
             $data['name'] = $name;
         if ($album['type'] != photosAlbumModel::TYPE_DYNAMIC && isset($data['conditions'])) {
         if ($data['status'] <= 0) {
             if (isset($data['url']) && !$data['url']) {
         } else {
             if (empty($data['url'])) {
                 $data['url'] = photosPhoto::suggestUrl($data['name']);
         $this->album_model->update($this->id, $data);
         $album_params = new photosAlbumParamsModel();
         $album_params->set($this->id, $data['params']);
     $album_rights_model = new photosAlbumRightsModel();
     if ($data['status'] <= 0 && $data['group_ids']) {
         $album_rights_model->setRights($this->id, $data['group_ids']);
     } else {
         $album_rights_model->setRights($this->id, 0);
 public function execute()
     $this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
     $album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT);
     $copy = waRequest::post('copy', 1, waRequest::TYPE_INT);
     $this->album_photos_model = new photosAlbumPhotosModel();
     $photo_rights_model = new photosPhotoRightsModel();
     if (!$copy) {
         // it means manage with one photo
         $photo_id = $this->photo_ids[0];
         if (!$photo_rights_model->checkRights($photo_id, true)) {
             throw new waException("You don't have sufficient access rights");
         $early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id'));
         // TODO: check rights for editing (take into account deleting!)
         $this->album_photos_model->set($photo_id, $album_id);
         $this->log('photos_move', 1);
         $albums = $this->getAlbumsCounters();
         $old_albums = array();
         foreach ($early_albums as $a_id) {
             if (!isset($albums[$a_id])) {
                 $collection = new photosCollection('/album/' . $a_id);
                 $album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0);
                 $old_albums[] = $album;
         $this->response['albums'] = array_values($albums);
         $this->response['old_albums'] = $old_albums;
     } else {
         // otherwise copy photos to albums
         $allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true);
         $denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id));
         $album_rights_model = new photosAlbumRightsModel();
         $allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true);
         $denied_album_id = array_values(array_diff($album_id, $allowed_album_id));
         if ($allowed_album_id && $allowed_photo_id) {
             $this->album_photos_model->add($allowed_photo_id, $allowed_album_id);
             $this->log('photos_move', 1);
         $albums = $this->getAlbumsCounters();
         $this->response['albums'] = array_values($albums);
         if ($denied_photo_id) {
             $this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.';
     // Set cover photos for albums if first photo just been added to it
     $photo_model = new photosPhotoModel();
     $album_model = new photosAlbumModel();
     $allowed_photo_id = isset($allowed_photo_id) ? $allowed_photo_id : array($photo_id);
     $no_cover_album_ids = array();
     foreach (ifset($allowed_album_id, $album_id) as $album_id) {
         if (!empty($albums[$album_id]) && empty($albums[$album_id]['key_photo_id'])) {
             $no_cover_album_ids[] = $album_id;
     $photos = array();
     while ($allowed_photo_id && $no_cover_album_ids) {
         // Get random photo from added and make sure it exists
         $photo_id = array_pop($allowed_photo_id);
         if (!empty($photos[$photo_id])) {
             $photo = $photos[$photo_id];
         } else {
             $photos[$photo_id] = $photo = $photo_model->getById($photo_id);
         if (!$photo) {
         // Photo exists, so add it back
         $allowed_photo_id[] = $photo_id;
         // Set cover for one album
         $album_id = array_pop($no_cover_album_ids);
         $album_model->updateById($album_id, array('key_photo_id' => $photo_id));
         photosPhoto::generateThumbs($photo, array('192x192'));