/** * Batch move categories to a new category * * @param int $value The new parent category ID * @param array $pks An array of category IDs * @return boolean True on success, false otherwise * @since 3.0 */ protected function batchMove($value, $pks) { $categoryId = (int) $value; $table = $this->getTable('joomgallerycategories'); // Check that the parent category exists if ($categoryId) { if (!($parent_category = $table->load($categoryId))) { if ($error = $table->getError()) { $this->setError($error); return false; } else { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_MOVE_CATEGORY_NOT_FOUND')); return false; } } } if (!$categoryId) { // Check that the user has create permissions in root if (!$this->_user->authorise('core.create', _JOOM_OPTION)) { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_CREATE')); return false; } $categoryId = 1; } else { // Check that the user has create permissions if (!$this->_user->authorise('core.create', _JOOM_OPTION . '.category.' . $categoryId) && (!$this->_user->authorise('joom.create.inown', _JOOM_OPTION . '.category.' . $categoryId) || !$parent_category->owner || $parent_category->owner != $this->_user->get('id'))) { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_CREATE')); return false; } } foreach ($pks as $pk) { // Check that the category actually exists if (!$table->load($pk)) { if ($error = $table->getError()) { $this->setError($error); return false; } else { // Not fatal error $this->setError(JText::sprintf('JLIB_APPLICATION_ERROR_BATCH_MOVE_ROW_NOT_FOUND', $pk)); continue; } } if (!$this->_user->authorise('core.edit', _JOOM_OPTION . '.category.' . $pk) && (!$this->_user->authorise('joom.edit.own', _JOOM_OPTION . '.category.' . $pk) || !$table->owner || $table->owner != $this->_user->get('id'))) { $this->setError(JText::_('JLIB_APPLICATION_ERROR_BATCH_CANNOT_EDIT')); return false; } // New parent category ID $table->parent_id = $categoryId; // Set ordering $table->setLocation($categoryId, 'last-child'); // Save old path $catpath_old = $table->catpath; JFilterOutput::objectHTMLSafe($table->name); // Check if special characters of catname can be replaced for a valid catpath // if resulting string is invalid set an error $catpath = JoomFile::fixFilename($table->name); if (JoomFile::checkValidFilename($catpath_old, $catpath) == false) { $this->setError(JText::_('COM_JOOMGALLERY_CATMAN_MSG_ERROR_INVALID_FOLDERNAME')); return false; } // Add the category ID to catpath $catpath .= '_' . $table->cid; if ($table->parent_id > 1) { $parent_catpath = JoomHelper::getCatPath($table->parent_id); $catpath = $parent_catpath . $catpath; } // Move folders, only if the catpath has changed if ($catpath_old != $catpath && !$this->_moveFolders($catpath_old, $catpath)) { $this->setError(JText::_('COM_JOOMGALLERY_CATMAN_MSG_ERROR_MOVING_FOLDERS')); return false; } // Update catpath in the database $table->catpath = $catpath; // Modify catpath of all sub-categories in the database $this->updateNewCatpath($table->cid, $catpath_old, $catpath); // Make sure the record is valid if (!$table->check()) { $this->setError($table->getError()); return false; } // Store the entry to the database if (!$table->store()) { $this - setError($table->getError()); return false; } } return true; }
/** * Method to store a category * * @return int Category ID on success, boolean false otherwise * @since 1.5.5 */ public function store() { $row = $this->getTable('joomgallerycategories'); $data = JRequest::get('post', 2); // Creating a main category means creating // a category in ROOT category if ($data['parent_id'] == 0) { $data['parent_id'] = 1; } // Check for validation errors $form = $this->getForm($data); $data = $this->_validate($form, $data); if ($data === false) { return false; } // Check whether it is a new category if ($cid = intval($data['cid'])) { $isNew = false; // Load category from the database $row->load($cid); // Check whether we are allowed to edit it $asset = _JOOM_OPTION . '.category.' . $cid; if (!$this->_user->authorise('core.edit', $asset) && (!$this->_user->authorise('core.edit.own', $asset) || !$row->owner || $row->owner != $this->_user->get('id'))) { $this->_mainframe->redirect(JRoute::_('index.php?option=com_joomgallery&view=gallery', false), JText::_('COM_JOOMGALLERY_COMMON_MSG_NOT_ALLOWED_TO_EDIT_CATEGORY'), 'notice'); } // Read old category name $catname_old = $row->name; // Read old parent assignment $parent_old = $row->parent_id; } else { $isNew = true; $query = $this->_db->getQuery(true); $query->select('COUNT(cid)')->from(_JOOM_TABLE_CATEGORIES)->where('owner = ' . $this->_user->get('id')); $this->_db->setQuery($query); $count = $this->_db->loadResult(); if ($count >= $this->_config->get('jg_maxusercat') && $this->_user->get('id')) { $this->_mainframe->redirect(JRoute::_('index.php?view=usercategories', false), JText::_('COM_JOOMGALLERY_EDITCATEGORY_MSG_NOT_ALLOWED_CREATE_MORE_USERCATEGORIES'), 'notice'); } } // Bind the form fields to the category table if (!$row->bind($data)) { JError::raiseError(0, $row->getError()); return false; } // If it's a new category or the category will be moved // do an access check for the selected parent category $valid_parent = true; $row->parent_id = intval($row->parent_id); if ($isNew || $parent_old != $row->parent_id) { if ($row->parent_id > 1) { // Get data of the parent category $query = $this->_db->getQuery(true)->select('cid, owner')->from(_JOOM_TABLE_CATEGORIES)->where('cid = ' . $row->parent_id); $this->_db->setQuery($query); $parent_category = $this->_db->loadObject(); if (!$parent_category || !$this->_user->authorise('core.create', _JOOM_OPTION . '.category.' . $row->parent_id) && (!$this->_user->authorise('joom.create.inown', _JOOM_OPTION . '.category.' . $row->parent_id) || !$parent_category->owner || $parent_category->owner != $this->_user->get('id'))) { $valid_parent = false; } } else { if (!$this->_user->authorise('core.create', _JOOM_OPTION)) { $valid_parent = false; } } } if ($isNew) { // Check whether the user is allowed to store the category into the specified parent category or as a main category if (!$valid_parent) { $this->_mainframe->redirect(JRoute::_('index.php?view=editcategory', false), JText::_('COM_JOOMGALLERY_EDITCATEGORY_MSG_NOT_ALLOWED_STORE_CATEGORY_IN_PARENT'), 'error'); } // Determine location in category tree if (!isset($data['ordering']) || !$data['ordering'] || $data['ordering'] == 'first-child') { $row->setLocation($data['parent_id'], 'first-child'); } else { if ($data['ordering'] == 'last-child') { $row->setLocation($data['parent_id'], 'last-child'); } else { $row->setLocation($data['ordering'], 'after'); } } // Set the owner of the category $row->owner = $this->_user->get('id'); // Make sure the record is valid if (!$row->check()) { $this->setError($row->getError()); return false; } JFilterOutput::objectHTMLSafe($row->name); // Check if special characters of catname can be replaced for a valid catpath // if resulting string is invalid set an error $catpath = JoomFile::fixFilename($row->name); if (JoomFile::checkValidFilename($row->name, $catpath) == false) { $this->setError(JText::_('COM_JOOMGALLERY_CATMAN_MSG_ERROR_INVALID_FOLDERNAME')); return false; } // Store the entry to the database in order to get the new ID if (!$row->store()) { JError::raiseError(0, $row->getError()); return false; } if ($row->parent_id > 1) { $parent_catpath = JoomHelper::getCatPath($row->parent_id); $catpath = $parent_catpath . $catpath; } // Add the category id to catpath $catpath .= '_' . $row->cid; if (!$this->_createFolders($catpath)) { $this->setError(JText::_('COM_JOOMGALLERY_EDITCATEGORY_MSG_UNABLE_CREATE_FOLDERS')); // Delete the just stored database entry $row->delete(); return false; } else { $row->catpath = $catpath; // Make sure the record is valid if (!$row->check()) { $this->setError($row->getError()); return false; } // Store the entry to the database if (!$row->store()) { JError::raiseError(0, $row->getError()); return false; } } $this->_mainframe->triggerEvent('onContentAfterSave', array(_JOOM_OPTION . '.category', &$row, true)); // New category successfully created return $row->cid; } // Move the category folder, if parent assignment or category name changed if ($parent_old != $row->parent_id || $catname_old != $row->name) { // Check whether the user is allowed to move the category into the specified parent category if (!$valid_parent) { // If not store the category in the old parent category and leave a message. $row->parent_id = $parent_old; /*if(!$row->store()) { JError::raiseError(100, $row->getError()); return false; }*/ $this->_mainframe->enqueueMessage(JText::_('COM_JOOMGALLERY_COMMON_MSG_NOT_ALLOWED_STORE_IMAGE_IN_CATEGORY'), 'notice'); } else { if ($parent_old != $row->parent_id) { if (isset($data['ordering']) && $data['ordering'] != $data['cid']) { // Determine location in category tree if (!$data['ordering'] || $data['ordering'] == 'first-child') { $row->setLocation($data['parent_id'], 'first-child'); } else { if ($data['ordering'] == 'last-child') { $row->setLocation($data['parent_id'], 'last-child'); } else { $row->setLocation($data['ordering'], 'after'); } } } else { $row->setLocation($data['parent_id'], 'first-child'); } } } // Save old path $catpath_old = $row->catpath; JFilterOutput::objectHTMLSafe($row->name); // Check if special characters of catname can be replaced for a valid catpath // if resulting string is invalid set an error $catpath = JoomFile::fixFilename($row->name); if (JoomFile::checkValidFilename($row->name, $catpath) == false) { $this->setError(JText::_('COM_JOOMGALLERY_COMMON_ERROR_CATEGORY_INVALID_FOLDERNAME')); return false; } // Add the category id to catpath $catpath .= '_' . $row->cid; if ($row->parent_id > 1) { $parent_catpath = JoomHelper::getCatPath($row->parent_id); $catpath = $parent_catpath . $catpath; } // Move folders, only if the catpath has changed if ($catpath_old != $catpath && !$this->_moveFolders($catpath_old, $catpath)) { $this->setError(JText::_('COM_JOOMGALLERY_EDITCATEGORY_MSG_UNABLE_MOVE_FOLDERS')); return false; } // Update catpath in the database $row->catpath = $catpath; // Modify catpath of all sub-categories in the database $this->_updateNewCatpath($row->cid, $catpath_old, $catpath); } else { // Check whether ordering has changed if (isset($data['ordering']) && $data['ordering'] != $row->cid) { // Determine location in category tree if ($data['ordering'] == 'first-child' || $data['ordering'] == 'last-child') { $row->setLocation($data['parent_id'], $data['ordering']); } else { // Check whether the new reference category is a // valid child category of the current parent category $this->_db->setQuery($this->_db->getQuery(true)->select('cid')->from(_JOOM_TABLE_CATEGORIES)->where('parent_id = ' . $row->parent_id)->where('cid = ' . $data['ordering'])); if ($this->_db->loadResult()) { $row->setLocation($data['ordering'], 'after'); } } } } // Make sure the record is valid if (!$row->check()) { $this->setError($row->getError()); return false; } // Store the entry to the database if (!$row->store()) { JError::raiseError(0, $row->getError()); return false; } $this->_mainframe->triggerEvent('onContentAfterSave', array(_JOOM_OPTION . '.category', &$row, false)); return $row->cid; }
/** * AJAX upload * * An image is chosen and uploaded afore. * * @return void * @since 3.0 */ protected function uploadAJAX() { // Access check $category = $this->getCategory($this->catid); if (!$category || !$this->_user->authorise('joom.upload', _JOOM_OPTION . '.category.' . $this->catid) && (!$this->_user->authorise('joom.upload.inown', _JOOM_OPTION . '.category.' . $this->catid) || !$category->owner || $category->owner != $this->_user->get('id'))) { $this->setError(JText::_('COM_JOOMGALLERY_COMMON_MSG_YOU_ARE_NOT_ALLOWED_TO_UPLOAD_INTO_THIS_CATEGORY')); return false; } $image = JRequest::getVar('qqfile', '', 'files'); $qqtotalfilesize = JRequest::getInt('qqtotalfilesize', -1); $totalParts = JRequest::getInt('qqtotalparts', 1); $screenshot = $image['tmp_name']; $origfilename = JRequest::getString('qqfilename', ''); $screenshot_filesize = $image['size']; if (empty($origfilename)) { $origfilename = $image['name']; } // Clean up directory containing old image chunks $this->cleanupChunks(); if ($totalParts == 1 && $qqtotalfilesize > 0 && $screenshot_filesize != $qqtotalfilesize) { $this->setError(JText::_('COM_JOOMGALLERY_UPLOAD_ERROR_FILE_PARTLY_UPLOADED')); return false; } if ($image['error'] > 0) { $errorMsg = JText::_('COM_JOOMGALLERY_AJAXUPLOAD_UPLOAD_FAILED') . ' ' . JText::sprintf('COM_JOOMGALLERY_UPLOAD_ERROR_CODE', $image['error']); $this->setError($errorMsg); return false; } if ($this->_site && $this->counter > $this->_config->get('jg_maxuserimage') - 1 && $this->_user->get('id')) { $timespan = $this->_config->get('jg_maxuserimage_timespan'); $errorMsg = JText::sprintf('COM_JOOMGALLERY_UPLOAD_OUTPUT_MAY_ADD_MAX_OF', $this->_config->get('jg_maxuserimage'), $timespan > 0 ? JText::plural('COM_JOOMGALLERY_UPLOAD_NEW_IMAGE_MAXCOUNT_TIMESPAN', $timespan) : ''); $this->setError($errorMsg); return false; } $cleanChunkDir = false; // Save a chunk if ($totalParts > 1) { $partIndex = JRequest::getInt('qqpartindex'); $uuid = JRequest::getVar('qquuid'); if (!is_writable($this->chunksFolder)) { $errorMsg = JText::sprintf('COM_JOOMGALLERY_AJAXUPLOAD_ERROR_CHUNKSDIR_NOTWRITABLE', $this->chunksFolder); $this->setError($errorMsg); return false; } // Create unique target folder for chunks $targetFolder = $this->chunksFolder . '/' . $uuid; if (!JFolder::exists($targetFolder)) { if (!JFolder::create($targetFolder)) { return false; } } // Save chunk in target folder $target = $targetFolder . '/' . $partIndex; if (JFile::upload($screenshot, $target) === true) { // Last chunk if ($totalParts - 1 == $partIndex) { $target = $targetFolder . '/' . ($partIndex + 1); $cleanChunkDir = $targetFolder; $screenshot = $target; $screenshot_filesize = 0; if ($fp_target = fopen($target, 'wb')) { for ($parts = 0; $parts < $totalParts; $parts++) { $fp_chunk = fopen($targetFolder . '/' . $parts, "rb"); $screenshot_filesize += stream_copy_to_stream($fp_chunk, $fp_target); fclose($fp_chunk); } fclose($fp_target); } else { // Complete image could not be created return false; } } else { // Another chunk will arrive later return true; } } else { // Chunk could not be saved return false; } } // Trigger onJoomBeforeUpload $plugins = $this->_mainframe->triggerEvent('onJoomBeforeUpload'); if (in_array(false, $plugins, true)) { $errorMsg = JText::_('COM_JOOMGALLERY_AJAXUPLOAD_UPLOAD_FAILED'); $this->setError($errorMsg); return false; } $this->_debugoutput = '<hr />'; $this->_debugoutput .= JText::sprintf('COM_JOOMGALLERY_UPLOAD_FILENAME', $origfilename) . '<br />'; // Image size must not exceed the setting in backend if we are in frontend if ($this->_site && $screenshot_filesize > $this->_config->get('jg_maxfilesize')) { $errorMsg = JText::sprintf('COM_JOOMGALLERY_UPLOAD_OUTPUT_MAX_ALLOWED_FILESIZE', $this->_config->get('jg_maxfilesize')); $this->setError($errorMsg); $this->_debugoutput .= $errorMsg . '<br />'; $this->debug = true; return false; } // Get extension $tag = strtolower(JFile::getExt($origfilename)); // Check for right format if ($tag != 'jpeg' && $tag != 'jpg' && $tag != 'jpe' && $tag != 'gif' && $tag != 'png' || strlen($screenshot) == 0 || $screenshot == 'none') { $errorMsg = JText::_('COM_JOOMGALLERY_UPLOAD_OUTPUT_INVALID_IMAGE_TYPE'); $this->setError($errorMsg); $this->_debugoutput .= $errorMsg . '<br />'; $this->debug = true; return false; } $filecounter = null; if ($this->_site && $this->_config->get('jg_useruploadnumber') || !$this->_site && $this->_config->get('jg_filenamenumber')) { $filecounter = $this->_getSerial(); } // Create new filename // If generic filename set in backend use them if ($this->_site && $this->_config->get('jg_useruseorigfilename') || !$this->_site && $this->_config->get('jg_useorigfilename')) { $oldfilename = $origfilename; $newfilename = JoomFile::fixFilename($origfilename); } else { $oldfilename = $this->imgtitle; $newfilename = JoomFile::fixFilename($this->imgtitle); } // Check the new filename if (JoomFile::checkValidFilename($oldfilename, $newfilename) == false) { if ($this->_site) { $errorMsg = JText::_('COM_JOOMGALLERY_COMMON_ERROR_INVALID_FILENAME') . '<br />'; } else { $errorMsg = JText::sprintf('COM_JOOMGALLERY_UPLOAD_ERROR_INVALID_FILENAME', $newfilename, $oldfilename) . '<br />'; } $this->setError($errorMsg); $this->_debugoutput .= $errorMsg . '<br />'; $this->debug = true; return false; } $newfilename = $this->_genFilename($newfilename, $tag, $filecounter); if ($cleanChunkDir !== false) { $return = JFile::move($screenshot, $this->_ambit->getImg('orig_path', $newfilename, null, $this->catid)); // Clean up chunk directory JFolder::delete($cleanChunkDir); } else { // We'll assume that this file is ok because with open_basedir, // we can move the file, but may not be able to access it until it's moved $return = JFile::upload($screenshot, $this->_ambit->getImg('orig_path', $newfilename, null, $this->catid)); } if (!$return) { $errorMsg = JText::sprintf('COM_JOOMGALLERY_UPLOAD_ERROR_UPLOADING', $this->_ambit->getImg('orig_path', $newfilename, null, $this->catid)); $this->setError($errorMsg); $this->_debugoutput .= $errorMsg . '<br />'; $this->debug = true; return false; } $this->_debugoutput .= JText::_('COM_JOOMGALLERY_UPLOAD_OUTPUT_UPLOAD_COMPLETE') . '<br />'; // Set permissions of uploaded file $return = JoomFile::chmod($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), '0644'); // if(!$return) // { // $this->rollback($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), null, null); // $errorMsg = $this->_ambit->getImg('orig_path', $newfilename, null, $this->catid).' '.JText::_('COM_JOOMGALLERY_COMMON_CHECK_PERMISSIONS'); // $this->_debugoutput .= $errorMsg.'<br />'; // $this->debug = true; // return false; // } // Create thumbnail and detail image if (!$this->resizeImage($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), $newfilename)) { $this->rollback($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), $this->_ambit->getImg('img_path', $newfilename, null, $this->catid), $this->_ambit->getImg('thumb_path', $newfilename, null, $this->catid)); $this->debug = true; return false; } // Insert database entry $row = JTable::getInstance('joomgalleryimages', 'Table'); if (!$this->registerImage($row, $origfilename, $newfilename, $tag, $filecounter)) { $this->rollback($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), $this->_ambit->getImg('img_path', $newfilename, null, $this->catid), $this->_ambit->getImg('thumb_path', $newfilename, null, $this->catid)); $this->debug = true; return false; } // Message about new image if ($this->_site) { require_once JPATH_COMPONENT . '/helpers/messenger.php'; $messenger = new JoomMessenger(); $message = array('from' => $this->_user->get('id'), 'subject' => JText::_('COM_JOOMGALLERY_UPLOAD_MESSAGE_NEW_IMAGE_UPLOADED'), 'body' => JText::sprintf('COM_JOOMGALLERY_MESSAGE_NEW_IMAGE_SUBMITTED_BODY', $this->_config->get('jg_realname') ? $this->_user->get('name') : $this->_user->get('username'), $row->imgtitle), 'mode' => 'upload'); $messenger->send($message); } $this->_debugoutput .= JText::_('COM_JOOMGALLERY_UPLOAD_OUTPUT_IMAGE_SUCCESSFULLY_ADDED') . '<br />'; $this->_debugoutput .= JText::sprintf('COM_JOOMGALLERY_UPLOAD_NEW_FILENAME', $newfilename) . '<br />'; $this->_mainframe->triggerEvent('onJoomAfterUpload', array($row)); // Reset file counter, delete original and create special gif selection and debug information $this->_mainframe->setUserState('joom.upload.filecounter', 0); $this->_mainframe->setUserState('joom.upload.delete_original', false); $this->_mainframe->setUserState('joom.upload.create_special_gif', false); $this->_mainframe->setUserState('joom.upload.debug', false); $this->_mainframe->setUserState('joom.upload.debugoutput', null); return $row; }