/** * API method * Returns images per category * @param mixed[] $params * @option int[] cat_id (optional) * @option bool recursive * @option int per_page * @option int page * @option string order (optional) */ function ws_categories_getImages($params, &$service) { global $user, $conf; $images = array(); //------------------------------------------------- get the related categories $where_clauses = array(); foreach ($params['cat_id'] as $cat_id) { if ($params['recursive']) { $where_clauses[] = 'uppercats ' . DB_REGEX_OPERATOR . ' \'(^|,)' . $cat_id . '(,|$)\''; } else { $where_clauses[] = 'id=' . $cat_id; } } if (!empty($where_clauses)) { $where_clauses = array('(' . implode("\n OR ", $where_clauses) . ')'); } $where_clauses[] = get_sql_condition_FandF(array('forbidden_categories' => 'id'), null, true); $query = ' SELECT id, name, permalink, image_order FROM ' . CATEGORIES_TABLE . ' WHERE ' . implode("\n AND ", $where_clauses) . ' ;'; $result = pwg_query($query); $cats = array(); while ($row = pwg_db_fetch_assoc($result)) { $row['id'] = (int) $row['id']; $cats[$row['id']] = $row; } //-------------------------------------------------------- get the images if (!empty($cats)) { $where_clauses = ws_std_image_sql_filter($params, 'i.'); $where_clauses[] = 'category_id IN (' . implode(',', array_keys($cats)) . ')'; $where_clauses[] = get_sql_condition_FandF(array('visible_images' => 'i.id'), null, true); $order_by = ws_std_image_sql_order($params, 'i.'); if (empty($order_by) and count($params['cat_id']) == 1 and isset($cats[$params['cat_id'][0]]['image_order'])) { $order_by = $cats[$params['cat_id'][0]]['image_order']; } $order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY ' . $order_by; $query = ' SELECT i.*, GROUP_CONCAT(category_id) AS cat_ids FROM ' . IMAGES_TABLE . ' i INNER JOIN ' . IMAGE_CATEGORY_TABLE . ' ON i.id=image_id WHERE ' . implode("\n AND ", $where_clauses) . ' GROUP BY i.id ' . $order_by . ' LIMIT ' . $params['per_page'] . ' OFFSET ' . $params['per_page'] * $params['page'] . ' ;'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { $image = array(); foreach (array('id', 'width', 'height', 'hit') as $k) { if (isset($row[$k])) { $image[$k] = (int) $row[$k]; } } foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k) { $image[$k] = $row[$k]; } $image = array_merge($image, ws_std_get_urls($row)); $image_cats = array(); foreach (explode(',', $row['cat_ids']) as $cat_id) { $url = make_index_url(array('category' => $cats[$cat_id])); $page_url = make_picture_url(array('category' => $cats[$cat_id], 'image_id' => $row['id'], 'image_file' => $row['file'])); $image_cats[] = array('id' => (int) $cat_id, 'url' => $url, 'page_url' => $page_url); } $image['categories'] = new PwgNamedArray($image_cats, 'category', array('id', 'url', 'page_url')); $images[] = $image; } } return array('paging' => new PwgNamedStruct(array('page' => $params['page'], 'per_page' => $params['per_page'], 'count' => count($images))), 'images' => new PwgNamedArray($images, 'image', ws_std_get_image_xml_attributes())); }
/** * API method * Returns a list of images for tags * @param mixed[] $params * @option int[] tag_id (optional) * @option string[] tag_url_name (optional) * @option string[] tag_name (optional) * @option bool tag_mode_and * @option int per_page * @option int page * @option string order */ function ws_tags_getImages($params, &$service) { // first build all the tag_ids we are interested in $tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']); $tags_by_id = array(); foreach ($tags as $tag) { $tags['id'] = (int) $tag['id']; $tags_by_id[$tag['id']] = $tag; } unset($tags); $tag_ids = array_keys($tags_by_id); $where_clauses = ws_std_image_sql_filter($params); if (!empty($where_clauses)) { $where_clauses = implode(' AND ', $where_clauses); } $order_by = ws_std_image_sql_order($params, 'i.'); if (!empty($order_by)) { $order_by = 'ORDER BY ' . $order_by; } $image_ids = get_image_ids_for_tags($tag_ids, $params['tag_mode_and'] ? 'AND' : 'OR', $where_clauses, $order_by); $count_set = count($image_ids); $image_ids = array_slice($image_ids, $params['per_page'] * $params['page'], $params['per_page']); $image_tag_map = array(); // build list of image ids with associated tags per image if (!empty($image_ids) and !$params['tag_mode_and']) { $query = ' SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids FROM ' . IMAGE_TAG_TABLE . ' WHERE tag_id IN (' . implode(',', $tag_ids) . ') AND image_id IN (' . implode(',', $image_ids) . ') GROUP BY image_id ;'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { $row['image_id'] = (int) $row['image_id']; $image_tag_map[$row['image_id']] = explode(',', $row['tag_ids']); } } $images = array(); if (!empty($image_ids)) { $rank_of = array_flip($image_ids); $query = ' SELECT * FROM ' . IMAGES_TABLE . ' WHERE id IN (' . implode(',', $image_ids) . ') ;'; $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { $image = array(); $image['rank'] = $rank_of[$row['id']]; foreach (array('id', 'width', 'height', 'hit') as $k) { if (isset($row[$k])) { $image[$k] = (int) $row[$k]; } } foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k) { $image[$k] = $row[$k]; } $image = array_merge($image, ws_std_get_urls($row)); $image_tag_ids = $params['tag_mode_and'] ? $tag_ids : $image_tag_map[$image['id']]; $image_tags = array(); foreach ($image_tag_ids as $tag_id) { $url = make_index_url(array('section' => 'tags', 'tags' => array($tags_by_id[$tag_id]))); $page_url = make_picture_url(array('section' => 'tags', 'tags' => array($tags_by_id[$tag_id]), 'image_id' => $row['id'], 'image_file' => $row['file'])); $image_tags[] = array('id' => (int) $tag_id, 'url' => $url, 'page_url' => $page_url); } $image['tags'] = new PwgNamedArray($image_tags, 'tag', ws_std_get_tag_xml_attributes()); $images[] = $image; } usort($images, 'rank_compare'); unset($rank_of); } return array('paging' => new PwgNamedStruct(array('page' => $params['page'], 'per_page' => $params['per_page'], 'count' => count($images), 'total_count' => $count_set)), 'images' => new PwgNamedArray($images, 'image', ws_std_get_image_xml_attributes())); }
/** * returns an array map of urls (thumb/element) for image_row - to be returned * in a standard way by different web service methods */ function ws_std_get_urls($image_row) { $ret = array(); $ret['page_url'] = make_picture_url(array('image_id' => $image_row['id'], 'image_file' => $image_row['file'])); $src_image = new SrcImage($image_row); if ($src_image->is_original()) { // we have a photo global $user; if ($user['enabled_high']) { $ret['element_url'] = $src_image->get_url(); } } else { $ret['element_url'] = get_element_url($image_row); } $derivatives = DerivativeImage::get_all($src_image); $derivatives_arr = array(); foreach ($derivatives as $type => $derivative) { $size = $derivative->get_size(); $size != null or $size = array(null, null); $derivatives_arr[$type] = array('url' => $derivative->get_url(), 'width' => $size[0], 'height' => $size[1]); } $ret['derivatives'] = $derivatives_arr; return $ret; }
function ws_images_addRemote($params, &$service) { global $conf; if (!is_admin()) { return new PwgError(401, 'Access denied'); } load_language('plugin.lang', URLUPLOADER_PATH); $params = array_map('trim', $params); $allowed_extensions = array('jpg', 'jpeg', 'png', 'gif'); $allowed_mimes = array('image/jpeg', 'image/png', 'image/gif'); // check empty url if (empty($params['file_url'])) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('File URL is empty')); } // check remote url if (!url_is_remote($params['file_url'])) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file URL')); } // check file extension if (!in_array(strtolower(get_extension($params['file_url'])), $allowed_extensions)) { return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); } // download file include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $temp_filename = $conf['data_location'] . basename($params['file_url']); $file = fopen($temp_filename, 'w+'); $result = fetchRemote($params['file_url'], $file); fclose($file); // download failed ? if (!$result) { @unlink($temp_filename); return new PwgError(WS_ERR_INVALID_PARAM, l10n('Unable to download file')); } // check mime-type if (!in_array(get_mime($temp_filename, $allowed_mimes[0]), $allowed_mimes)) { @unlink($temp_filename); return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); } // add photo include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php'; $image_id = add_uploaded_file($temp_filename, basename($temp_filename), array($params['category']), $params['level']); $updates = array(); if (!empty($params['name'])) { $updates['name'] = $params['name']; } if ($params['url_in_comment'] == 'true') { $url = parse_url($params['file_url']); $url = $url['scheme'] . '://' . $url['host']; $updates['comment'] = '<a href="' . $url . '">' . $url . '</a>'; } single_update(IMAGES_TABLE, $updates, array('id' => $image_id)); // return infos $query = ' SELECT id, name, permalink FROM ' . CATEGORIES_TABLE . ' WHERE id = ' . $params['category'] . ' ;'; $category = pwg_db_fetch_assoc(pwg_query($query)); $url_params = array('image_id' => $image_id, 'section' => 'categories', 'category' => $category); $query = ' SELECT id, path, name FROM ' . IMAGES_TABLE . ' WHERE id = ' . $image_id . ' ;'; $image_infos = pwg_db_fetch_assoc(pwg_query($query)); $query = ' SELECT COUNT(*) AS nb_photos FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE category_id = ' . $params['category'] . ' ;'; $category_infos = pwg_db_fetch_assoc(pwg_query($query)); $category_name = get_cat_display_name_from_id($params['category'], null); return array('image_id' => $image_id, 'url' => make_picture_url($url_params), 'src' => DerivativeImage::thumb_url($image_infos), 'name' => $image_infos['name'], 'category' => array('id' => $params['category'], 'nb_photos' => $category_infos['nb_photos'], 'label' => $category_name)); }
// 1. find all linked categories that are reachable for the current user. // 2. if a category is available in the URL, use it if reachable // 3. if URL category not available or reachable, use the first reachable // linked category // 4. if no category reachable, no jumpto link $query = ' SELECT category_id FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE image_id = ' . $_GET['image_id'] . ' ;'; $authorizeds = array_diff(array_from_query($query, 'category_id'), explode(',', calculate_permissions($user['id'], $user['status']))); if (isset($_GET['cat_id']) and in_array($_GET['cat_id'], $authorizeds)) { $url_img = make_picture_url(array('image_id' => $_GET['image_id'], 'image_file' => $image_file, 'category' => $cache['cat_names'][$_GET['cat_id']])); } else { foreach ($authorizeds as $category) { $url_img = make_picture_url(array('image_id' => $_GET['image_id'], 'image_file' => $image_file, 'category' => $cache['cat_names'][$category])); break; } } if (isset($url_img)) { $template->assign('U_JUMPTO', $url_img); } // associate to albums $query = ' SELECT id FROM ' . CATEGORIES_TABLE . ' INNER JOIN ' . IMAGE_CATEGORY_TABLE . ' ON id = category_id WHERE image_id = ' . $_GET['image_id'] . ' ;'; $associated_albums = query2array($query, null, 'id'); $template->assign(array('associated_albums' => $associated_albums, 'represented_albums' => $represented_albums, 'STORAGE_ALBUM' => $storage_category_id, 'CACHE_KEYS' => get_admin_client_cache_keys(array('tags', 'categories'))));
foreach ($related_categories as $category) { $cats = array(); foreach (explode(',', $category['uppercats']) as $id) { $cats[] = $cat_map[$id]; } $template->append('related_categories', get_cat_display_name($cats)); } } // maybe someone wants a special display (call it before page_header so that // they can add stylesheets) $element_content = trigger_change('render_element_content', '', $picture['current']); $template->assign('ELEMENT_CONTENT', $element_content); if (isset($picture['next']) and $picture['next']['src_image']->is_original() and $template->get_template_vars('U_PREFETCH') == null and strpos(@$_SERVER['HTTP_USER_AGENT'], 'Chrome/') === false) { $template->assign('U_PREFETCH', $picture['next']['derivatives'][pwg_get_session_var('picture_deriv', $conf['derivative_default_size'])]->get_url()); } $template->assign('U_CANONICAL', make_picture_url(array('image_id' => $picture['current']['id'], 'image_file' => $picture['current']['file']))); // +-----------------------------------------------------------------------+ // | sub pages | // +-----------------------------------------------------------------------+ include PHPWG_ROOT_PATH . 'include/picture_rate.inc.php'; if ($conf['activate_comments']) { include PHPWG_ROOT_PATH . 'include/picture_comment.inc.php'; } if ($metadata_showable and pwg_get_session_var('show_metadata') != null) { include PHPWG_ROOT_PATH . 'include/picture_metadata.inc.php'; } // include menubar $themeconf = $template->get_template_vars('themeconf'); if ($conf['picture_menu'] and (!isset($themeconf['hide_menu_on']) or !in_array('thePicturePage', $themeconf['hide_menu_on']))) { if (!isset($page['start'])) { $page['start'] = 0;
$rating['first_date'] = $row['date']; } $rating['rates'][$row['rate']][] = array('id' => $row['element_id'], 'date' => $row['date']); $image_ids[$row['element_id']] = 1; unset($rating); } // get image tn urls $image_urls = array(); if (count($image_ids) > 0) { $query = 'SELECT id, name, file, path, representative_ext, level FROM ' . IMAGES_TABLE . ' WHERE id IN (' . implode(',', array_keys($image_ids)) . ')'; $result = pwg_query($query); $params = ImageStdParams::get_by_type(IMG_SQUARE); while ($row = pwg_db_fetch_assoc($result)) { $image_urls[$row['id']] = array('tn' => DerivativeImage::url($params, $row), 'page' => make_picture_url(array('image_id' => $row['id'], 'image_file' => $row['file']))); } } //all image averages $query = 'SELECT element_id, AVG(rate) AS avg FROM ' . RATE_TABLE . ' GROUP BY element_id'; $all_img_sum = array(); $result = pwg_query($query); while ($row = pwg_db_fetch_assoc($result)) { $all_img_sum[(int) $row['element_id']] = array('avg' => (double) $row['avg']); } $query = 'SELECT id FROM ' . IMAGES_TABLE . ' ORDER by rating_score DESC
$user_string .= $username_of[$line['user_id']]; } else { $user_string .= $line['user_id']; } $user_string .= ' <a href="'; $user_string .= PHPWG_ROOT_PATH . 'admin.php?page=history'; $user_string .= '&search_id=' . $page['search_id']; $user_string .= '&user_id=' . $line['user_id']; $user_string .= '">+</a>'; $tags_string = ''; if (isset($line['tag_ids'])) { $tags_string = preg_replace_callback('/(\\d+)/', create_function('$m', 'global $name_of_tag; return isset($name_of_tag[$m[1]]) ? $name_of_tag[$m[1]] : $m[1];'), str_replace(',', ', ', $line['tag_ids'])); } $image_string = ''; if (isset($line['image_id'])) { $picture_url = make_picture_url(array('image_id' => $line['image_id'])); if (isset($image_infos[$line['image_id']])) { $element = array('id' => $line['image_id'], 'file' => $image_infos[$line['image_id']]['file'], 'path' => $image_infos[$line['image_id']]['path'], 'representative_ext' => $image_infos[$line['image_id']]['representative_ext']); $thumbnail_display = $page['search']['fields']['display_thumbnail']; } else { $thumbnail_display = 'no_display_thumbnail'; } $image_title = '(' . $line['image_id'] . ')'; if (isset($image_infos[$line['image_id']]['label'])) { $image_title .= ' ' . trigger_change('render_element_description', $image_infos[$line['image_id']]['label']); } else { $image_title .= ' unknown filename'; } $image_string = ''; switch ($thumbnail_display) { case 'no_display_thumbnail':
// info by email to an access granted group of category informations if (isset($_POST['submitEmail'])) { set_make_full_url(); /* TODO: if $category['representative_picture_id'] is empty find child representative_picture_id */ if (!empty($category['representative_picture_id'])) { $img = array(); $query = ' SELECT id, file, path, representative_ext FROM ' . IMAGES_TABLE . ' WHERE id = ' . $category['representative_picture_id'] . ' ;'; $result = pwg_query($query); if (pwg_db_num_rows($result) > 0) { $element = pwg_db_fetch_assoc($result); $img = array('link' => make_picture_url(array('image_id' => $element['id'], 'image_file' => $element['file'], 'category' => $category)), 'src' => DerivativeImage::url(IMG_THUMB, $element)); } } $args = array('subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list'))); $tpl = array('filename' => 'cat_group_info', 'assign' => array('IMG' => $img, 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'LINK' => make_index_url(array('category' => array('id' => $category['id'], 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'permalink' => $category['permalink']))), 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']))); if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0) { check_input_parameter('users', $_POST, true, PATTERN_ID); // TODO code very similar to function pwg_mail_group. We'd better create // a function pwg_mail_users that could be called from here and from // pwg_mail_group // TODO to make checks even better, we should check that theses users // have access to this album. No real privacy issue here, even if we // send the email to a user without permission. $query = ' SELECT ui.user_id,
/** * create a picture URL with current page parameters, but with redefinitions * and removes. See duplicate_index_url. * * @param array redefined keys * @param array removed keys * @return string */ function duplicate_picture_url($redefined = array(), $removed = array()) { return make_picture_url(params_for_duplication($redefined, $removed)); }
/** * Returns html description about recently published elements grouped by post date. * @todo clean up HTML output, currently messy and invalid ! * * @param array $date_detail returned value of get_recent_post_dates() * @return string */ function get_html_description_recent_post_date($date_detail, $auth_key = null) { global $conf; $add_url_params = array(); if (isset($auth_key)) { $add_url_params['auth'] = $auth_key; } $description = '<ul>'; $description .= '<li>' . l10n_dec('%d new photo', '%d new photos', $date_detail['nb_elements']) . ' (' . '<a href="' . add_url_params(make_index_url(array('section' => 'recent_pics')), $add_url_params) . '">' . l10n('Recent photos') . '</a>' . ')' . '</li><br>'; foreach ($date_detail['elements'] as $element) { $tn_src = DerivativeImage::thumb_url($element); $description .= '<a href="' . add_url_params(make_picture_url(array('image_id' => $element['id'], 'image_file' => $element['file'])), $add_url_params) . '"><img src="' . $tn_src . '"></a>'; } $description .= '...<br>'; $description .= '<li>' . l10n_dec('%d album updated', '%d albums updated', $date_detail['nb_cats']) . '</li>'; $description .= '<ul>'; foreach ($date_detail['categories'] as $cat) { $description .= '<li>' . get_cat_display_name_cache($cat['uppercats'], '', false, null, $auth_key) . ' (' . l10n_dec('%d new photo', '%d new photos', $cat['img_count']) . ')' . '</li>'; } $description .= '</ul>'; $description .= '</ul>'; return $description; }
function osm_make_map_picture_url($params) { $map_url = make_picture_url($params); return add_url_params($map_url, array('map' => null)); }
// +-----------------------------------------------------------------------+ // info by email to an access granted group of category informations if (isset($_POST['submitEmail']) and !empty($_POST['group'])) { set_make_full_url(); /* TODO: if $category['representative_picture_id'] is empty find child representative_picture_id */ if (!empty($category['representative_picture_id'])) { $query = ' SELECT id, file, path, representative_ext FROM ' . IMAGES_TABLE . ' WHERE id = ' . $category['representative_picture_id'] . ' ;'; $result = pwg_query($query); if (pwg_db_num_rows($result) > 0) { $element = pwg_db_fetch_assoc($result); $img_url = '<a href="' . make_picture_url(array('image_id' => $element['id'], 'image_file' => $element['file'], 'category' => $category)) . '" class="thumblnk"><img src="' . DerivativeImage::url(IMG_THUMB, $element) . '"></a>'; } } if (!isset($img_url)) { $img_url = ''; } pwg_mail_group($_POST['group'], array('subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list'))), array('filename' => 'cat_group_info', 'assign' => array('IMG_URL' => $img_url, 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'LINK' => make_index_url(array('category' => array('id' => $category['id'], 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'), 'permalink' => $category['permalink']))), 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content'])))); unset_make_full_url(); $query = ' SELECT name FROM ' . GROUPS_TABLE . ' WHERE id = ' . $_POST['group'] . ' ;'; list($group_name) = pwg_db_fetch_row(pwg_query($query)); $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
$elements = query2array($query, 'id'); // retrieving category informations $query = 'SELECT id, name, permalink, uppercats FROM ' . CATEGORIES_TABLE . ' WHERE id IN (' . implode(',', $category_ids) . ')'; $categories = query2array($query, 'id'); foreach ($comments as $comment) { if (!empty($elements[$comment['image_id']]['name'])) { $name = $elements[$comment['image_id']]['name']; } else { $name = get_name_from_file($elements[$comment['image_id']]['file']); } // source of the thumbnail picture $src_image = new SrcImage($elements[$comment['image_id']]); // link to the full size picture $url = make_picture_url(array('category' => $categories[$comment['category_id']], 'image_id' => $comment['image_id'], 'image_file' => $elements[$comment['image_id']]['file'])); $email = null; if (!empty($comment['user_email'])) { $email = $comment['user_email']; } else { if (!empty($comment['email'])) { $email = $comment['email']; } } $tpl_comment = array('ID' => $comment['comment_id'], 'U_PICTURE' => $url, 'src_image' => $src_image, 'ALT' => $name, 'AUTHOR' => trigger_change('render_comment_author', $comment['author']), 'WEBSITE_URL' => $comment['website_url'], 'DATE' => format_date($comment['date'], array('day_name', 'day', 'month', 'year', 'time')), 'CONTENT' => trigger_change('render_comment_content', $comment['content'])); if (is_admin()) { $tpl_comment['EMAIL'] = $email; } if (can_manage_comment('delete', $comment['author_id'])) { $tpl_comment['U_DELETE'] = add_url_params($url_self, array('delete' => $comment['comment_id'], 'pwg_token' => get_pwg_token())); }
/** * API method * Adds a image (simple way) * @param mixed[] $params * @option int[] category * @option string name (optional) * @option string author (optional) * @option string comment (optional) * @option int level * @option string|string[] tags * @option int image_id (optional) */ function ws_images_addSimple($params, $service) { global $conf; if (!isset($_FILES['image'])) { return new PwgError(405, 'The image (file) is missing'); } if ($params['image_id'] > 0) { $query = ' SELECT COUNT(*) FROM ' . IMAGES_TABLE . ' WHERE id = ' . $params['image_id'] . ' ;'; list($count) = pwg_db_fetch_row(pwg_query($query)); if ($count == 0) { return new PwgError(404, 'image_id not found'); } } include_once PHPWG_ROOT_PATH . 'admin/include/functions_upload.inc.php'; $image_id = add_uploaded_file($_FILES['image']['tmp_name'], $_FILES['image']['name'], $params['category'], 8, $params['image_id'] > 0 ? $params['image_id'] : null); $info_columns = array('name', 'author', 'comment', 'level', 'date_creation'); $update = array(); foreach ($info_columns as $key) { if (isset($params[$key])) { $update[$key] = $params[$key]; } } single_update(IMAGES_TABLE, $update, array('id' => $image_id)); if (isset($params['tags']) and !empty($params['tags'])) { include_once PHPWG_ROOT_PATH . 'admin/include/functions.php'; $tag_ids = array(); if (is_array($params['tags'])) { foreach ($params['tags'] as $tag_name) { $tag_ids[] = tag_id_from_tag_name($tag_name); } } else { $tag_names = preg_split('~(?<!\\\\),~', $params['tags']); foreach ($tag_names as $tag_name) { $tag_ids[] = tag_id_from_tag_name(preg_replace('#\\\\*,#', ',', $tag_name)); } } add_tags($tag_ids, array($image_id)); } $url_params = array('image_id' => $image_id); if (!empty($params['category'])) { $query = ' SELECT id, name, permalink FROM ' . CATEGORIES_TABLE . ' WHERE id = ' . $params['category'][0] . ' ;'; $result = pwg_query($query); $category = pwg_db_fetch_assoc($result); $url_params['section'] = 'categories'; $url_params['category'] = $category; } // update metadata from the uploaded file (exif/iptc), even if the sync // was already performed by add_uploaded_file(). require_once PHPWG_ROOT_PATH . 'admin/include/functions_metadata.php'; sync_metadata(array($image_id)); return array('image_id' => $image_id, 'url' => make_picture_url($url_params)); }
function pshare_section_init() { global $tokens, $page, $conf, $user, $template; if ($tokens[0] == 'pshare') { $page['section'] = 'pshare'; $page['title'] = l10n('Shared Picture'); if (!isset($tokens[1])) { die("missing key"); } if (!preg_match(PSHARE_KEY_PATTERN, $tokens[1])) { die("invalid key"); } $page['pshare_key'] = $tokens[1]; $query = ' SELECT *, NOW() AS dbnow FROM ' . PSHARE_KEYS_TABLE . ' WHERE uuid = \'' . $page['pshare_key'] . '\' ;'; $shares = query2array($query); if (count($shares) == 0) { die('unknown key'); } $share = $shares[0]; pshare_log($share['pshare_key_id'], 'visit'); // is the key still valid? if (strtotime($share['expire_on']) < strtotime($share['dbnow'])) { die('expired key'); } // if the user is permitted for this photo, let's redirect to // picture.php (with full details and actions) if (!is_a_guest() and pshare_is_photo_visible($share['image_id'])) { // find the first reachable category linked to the photo $query = ' SELECT category_id FROM ' . IMAGE_CATEGORY_TABLE . ' WHERE image_id = ' . $share['image_id'] . ' ;'; $authorizeds = array_diff(array_from_query($query, 'category_id'), explode(',', calculate_permissions($user['id'], $user['status']))); foreach ($authorizeds as $category_id) { $url = make_picture_url(array('image_id' => $share['image_id'], 'category' => get_cat_info($category_id))); if (function_exists('Fotorama_is_replace_picture') and Fotorama_is_replace_picture()) { $url .= '&slidestop'; } redirect($url); } redirect(make_picture_url(array('image_id' => $share['image_id']))); } $query = ' SELECT * FROM ' . IMAGES_TABLE . ' WHERE id = ' . $share['image_id'] . ' ;'; $rows = query2array($query); $image = $rows[0]; $src_image = new SrcImage($image); if (isset($tokens[2]) && 'download' == $tokens[2]) { $format_id = null; if (isset($tokens[3]) && preg_match('/^f(\\d+)$/', $tokens[3], $matches)) { $format_id = $matches[1]; $query = ' SELECT * FROM ' . IMAGE_FORMAT_TABLE . ' WHERE format_id = ' . $format_id . ' AND image_id = ' . $image['id'] . ' ;'; $formats = query2array($query); if (count($formats) == 0) { do_error(400, 'Invalid request - format'); } $format = $formats[0]; $file = original_to_format(get_element_path($image), $format['ext']); $image['file'] = get_filename_wo_extension($image['file']) . '.' . $format['ext']; } else { $file = $image['path']; } $gmt_mtime = gmdate('D, d M Y H:i:s', filemtime($file)) . ' GMT'; $http_headers = array('Content-Length: ' . @filesize($file), 'Last-Modified: ' . $gmt_mtime, 'Content-Type: ' . mime_content_type($file), 'Content-Disposition: attachment; filename="' . $image['file'] . '";', 'Content-Transfer-Encoding: binary'); foreach ($http_headers as $header) { header($header); } readfile($file); pshare_log($share['pshare_key_id'], 'download', $format_id); exit; } $template->set_filename('shared_picture', realpath(PSHARE_PATH . 'template/shared_picture.tpl')); $derivative = new DerivativeImage(ImageStdParams::get_by_type(IMG_MEDIUM), $src_image); $derivative_size = $derivative->get_size(); // a random string to avoid browser cache $rand = '&download=' . substr(md5(time()), 0, 6); $template->assign(array('SRC' => $derivative->get_url(), 'IMG_WIDTH' => $derivative_size[0], 'IMG_HEIGHT' => $derivative_size[1], 'DOWNLOAD_URL' => duplicate_index_url() . '/' . $page['pshare_key'] . '/download' . $rand)); // formats if (defined('IMAGE_FORMAT_TABLE')) { $query = ' SELECT * FROM ' . IMAGE_FORMAT_TABLE . ' WHERE image_id = ' . $share['image_id'] . ' ;'; $formats = query2array($query); if (!empty($formats)) { foreach ($formats as &$format) { $format['download_url'] = duplicate_index_url() . '/' . $page['pshare_key'] . '/download'; $format['download_url'] .= '/f' . $format['format_id'] . $rand; $format['filesize'] = sprintf('%.1fMB', $format['filesize'] / 1024); } } $template->assign('formats', $formats); } $template->parse('shared_picture'); $template->p(); exit; } }