$sort[] = $ref_dates[$row['id']]; } else { $sort[] = remove_accents($row['name']); } $categories[] = array('id' => $row['id'], 'id_uppercat' => $row['id_uppercat']); } array_multisort($sort, SORT_REGULAR, 'ASC' == $order_by_asc ? SORT_ASC : SORT_DESC, $categories); save_categories_order($categories); $page['infos'][] = l10n('Albums automatically sorted'); } // +-----------------------------------------------------------------------+ // | Navigation path | // +-----------------------------------------------------------------------+ if (isset($_GET['parent_id'])) { $navigation .= $conf['level_separator']; $navigation .= get_cat_display_name_from_id($_GET['parent_id'], $base_url . '&parent_id='); } // +-----------------------------------------------------------------------+ // | template initialization | // +-----------------------------------------------------------------------+ $template->set_filename('categories', 'cat_list.tpl'); $form_action = PHPWG_ROOT_PATH . 'admin.php?page=cat_list'; if (isset($_GET['parent_id'])) { $form_action .= '&parent_id=' . $_GET['parent_id']; } $sort_orders_checked = array_keys($sort_orders); $template->assign(array('CATEGORIES_NAV' => $navigation, 'F_ACTION' => $form_action, 'PWG_TOKEN' => get_pwg_token(), 'sort_orders' => $sort_orders, 'sort_order_checked' => array_shift($sort_orders_checked))); // +-----------------------------------------------------------------------+ // | Categories display | // +-----------------------------------------------------------------------+ $categories = array();
} // // add permissions to users // $grant_users = $_POST['users']; if (count($grant_users) > 0) { add_permission_on_category($page['cat'], $grant_users); } } $page['infos'][] = l10n('Album updated successfully'); } // +-----------------------------------------------------------------------+ // | template initialization | // +-----------------------------------------------------------------------+ $template->set_filename('cat_perm', 'cat_perm.tpl'); $template->assign(array('CATEGORIES_NAV' => get_cat_display_name_from_id($page['cat'], 'admin.php?page=album-'), 'U_HELP' => get_root_url() . 'admin/popuphelp.php?page=cat_perm', 'F_ACTION' => $admin_album_base_url . '-permissions', 'private' => 'private' == $category['status'])); // +-----------------------------------------------------------------------+ // | form construction | // +-----------------------------------------------------------------------+ // groups denied are the groups not granted. So we need to find all groups // minus groups granted to find groups denied. $groups = array(); $query = ' SELECT id, name FROM ' . GROUPS_TABLE . ' ORDER BY name ASC ;'; $groups = simple_hash_from_query($query, 'id', 'name'); $template->assign('groups', $groups); // groups granted to access the category $query = '
$query = ' SELECT name FROM ' . GROUPS_TABLE . ' WHERE id = ' . $_POST['group'] . ' ;'; list($group_name) = pwg_db_fetch_row(pwg_query($query)); $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name); } unset_make_full_url(); } // +-----------------------------------------------------------------------+ // | template initialization | // +-----------------------------------------------------------------------+ $template->set_filename('album_notification', 'album_notification.tpl'); $template->assign(array('CATEGORIES_NAV' => get_cat_display_name_from_id($page['cat'], 'admin.php?page=album-'), 'F_ACTION' => $admin_album_base_url . '-notification', 'PWG_TOKEN' => get_pwg_token())); // +-----------------------------------------------------------------------+ // | form construction | // +-----------------------------------------------------------------------+ $query = ' SELECT id AS group_id FROM ' . GROUPS_TABLE . ' ;'; $all_group_ids = array_from_query($query, 'group_id'); if (count($all_group_ids) == 0) { $template->assign('no_group_in_gallery', true); } else { if ('private' == $category['status']) { $query = ' SELECT
function ws_images_addRemote($params, &$service) { global $conf; if (!is_admin()) { return new PwgError(401, 'Access denied'); } load_language('plugin.lang', URLUPLOADER_PATH); $params = array_map('trim', $params); $allowed_extensions = array('jpg', 'jpeg', 'png', 'gif'); $allowed_mimes = array('image/jpeg', 'image/png', 'image/gif'); // check empty url if (empty($params['file_url'])) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('File URL is empty')); } // check remote url if (!url_is_remote($params['file_url'])) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file URL')); } // check file extension if (!in_array(strtolower(get_extension($params['file_url'])), $allowed_extensions)) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); } // download file include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $temp_filename = $conf['data_location'] . basename($params['file_url']); $file = fopen($temp_filename, 'w+'); $result = fetchRemote($params['file_url'], $file); fclose($file); // download failed ? if (!$result) { @unlink($temp_filename); return new PwgError(WS_ERR_INVALID_PARAM, l10n('Unable to download file')); } // check mime-type if (!in_array(get_mime($temp_filename, $allowed_mimes[0]), $allowed_mimes)) { @unlink($temp_filename); return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); } // add photo include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php'; $image_id = add_uploaded_file($temp_filename, basename($temp_filename), array($params['category']), $params['level']); $updates = array(); if (!empty($params['name'])) { $updates['name'] = $params['name']; } if ($params['url_in_comment'] == 'true') { $url = parse_url($params['file_url']); $url = $url['scheme'] . '://' . $url['host']; $updates['comment'] = '<a href="' . $url . '">' . $url . '</a>'; } single_update(IMAGES_TABLE, $updates, array('id' => $image_id)); // return infos $query = ' SELECT id, name, permalink FROM ' . CATEGORIES_TABLE . ' WHERE id = ' . $params['category'] . ' ;'; $category = pwg_db_fetch_assoc(pwg_query($query)); $url_params = array('image_id' => $image_id, 'section' => 'categories', 'category' => $category); $query = ' SELECT id, path, name FROM ' . IMAGES_TABLE . ' WHERE id = ' . $image_id . ' ;'; $image_infos = pwg_db_fetch_assoc(pwg_query($query)); $query = ' SELECT COUNT(*) AS nb_photos FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE category_id = ' . $params['category'] . ' ;'; $category_infos = pwg_db_fetch_assoc(pwg_query($query)); $category_name = get_cat_display_name_from_id($params['category'], null); return array('image_id' => $image_id, 'url' => make_picture_url($url_params), 'src' => DerivativeImage::thumb_url($image_infos), 'name' => $image_infos['name'], 'category' => array('id' => $params['category'], 'nb_photos' => $category_infos['nb_photos'], 'label' => $category_name)); }
/** * API method * Adds a image (simple way) * @param mixed[] $params * @option int[] category * @option string name (optional) * @option string author (optional) * @option string comment (optional) * @option int level * @option string|string[] tags * @option int image_id (optional) */ function ws_images_upload($params, $service) { global $conf; if (get_pwg_token() != $params['pwg_token']) { return new PwgError(403, 'Invalid security token'); } // usleep(100000); // if (!isset($_FILES['image'])) // { // return new PwgError(405, 'The image (file) is missing'); // } // file_put_contents('/tmp/plupload.log', "[".date('c')."] ".__FUNCTION__."\n\n", FILE_APPEND); // file_put_contents('/tmp/plupload.log', '$_FILES = '.var_export($_FILES, true)."\n", FILE_APPEND); // file_put_contents('/tmp/plupload.log', '$_POST = '.var_export($_POST, true)."\n", FILE_APPEND); $upload_dir = $conf['upload_dir'] . '/buffer'; // create the upload directory tree if not exists if (!mkgetdir($upload_dir, MKGETDIR_DEFAULT & ~MKGETDIR_DIE_ON_ERROR)) { return new PwgError(500, 'error during buffer directory creation'); } // Get a file name if (isset($_REQUEST["name"])) { $fileName = $_REQUEST["name"]; } elseif (!empty($_FILES)) { $fileName = $_FILES["file"]["name"]; } else { $fileName = uniqid("file_"); } $filePath = $upload_dir . DIRECTORY_SEPARATOR . $fileName; // Chunking might be enabled $chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0; $chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0; // file_put_contents('/tmp/plupload.log', "[".date('c')."] ".__FUNCTION__.', '.$fileName.' '.($chunk+1).'/'.$chunks."\n", FILE_APPEND); // Open temp file if (!($out = @fopen("{$filePath}.part", $chunks ? "ab" : "wb"))) { die('{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}'); } if (!empty($_FILES)) { if ($_FILES["file"]["error"] || !is_uploaded_file($_FILES["file"]["tmp_name"])) { die('{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}'); } // Read binary input stream and append it to temp file if (!($in = @fopen($_FILES["file"]["tmp_name"], "rb"))) { die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'); } } else { if (!($in = @fopen("php://input", "rb"))) { die('{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}'); } } while ($buff = fread($in, 4096)) { fwrite($out, $buff); } @fclose($out); @fclose($in); // Check if file has been uploaded if (!$chunks || $chunk == $chunks - 1) { // Strip the temp .part suffix off rename("{$filePath}.part", $filePath); include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php'; $image_id = add_uploaded_file($filePath, stripslashes($params['name']), $params['category'], $params['level'], null); $query = ' SELECT id, name, representative_ext, path FROM ' . IMAGES_TABLE . ' WHERE id = ' . $image_id . ' ;'; $image_infos = pwg_db_fetch_assoc(pwg_query($query)); $query = ' SELECT COUNT(*) AS nb_photos FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE category_id = ' . $params['category'][0] . ' ;'; $category_infos = pwg_db_fetch_assoc(pwg_query($query)); $category_name = get_cat_display_name_from_id($params['category'][0], null); return array('image_id' => $image_id, 'src' => DerivativeImage::thumb_url($image_infos), 'name' => $image_infos['name'], 'category' => array('id' => $params['category'][0], 'nb_photos' => $category_infos['nb_photos'], 'label' => $category_name)); } }