/**
* Edit rights of the Judge. Because you can.
*
* @param string $f
* @param string $groups
* @param string $users
* @return void
* @author Thibaud Rohmer
*/
public static function edit($f, $users = array(), $groups = array(), $private = false)
{
/// Just to be sure, check that user is admin
if (!CurrentUser::$admin) {
return;
}
if (is_array($f)) {
foreach ($f as $file) {
Judge::edit($file, $users, $groups, $private);
}
return;
}
// Create new Judge, no need to read its rights
$rights = new Judge($f, false);
/// Put the values in the Judge (poor guy)
if (isset($groups)) {
$rights->groups = $groups;
}
if (isset($users)) {
$rights->users = $users;
}
$rights->public = !$private ? 1 : 0;
// Save the Judge
$rights->save();
}
/**
* Retrieves info for the current user account
*
* @author Thibaud Rohmer
*/
public static function init()
{
CurrentUser::$accounts_file = Settings::$conf_dir . "/accounts.xml";
CurrentUser::$groups_file = Settings::$conf_dir . "/groups.xml";
/// Set path
if (isset($_GET['f'])) {
CurrentUser::$path = stripslashes(File::r2a($_GET['f']));
if (isset($_GET['p'])) {
switch ($_GET['p']) {
case 'n':
CurrentUser::$path = File::next(CurrentUser::$path);
break;
case 'p':
CurrentUser::$path = File::prev(CurrentUser::$path);
break;
}
}
} else {
/// Path not defined in URL
CurrentUser::$path = Settings::$photos_dir;
}
/// Set CurrentUser account
if (isset($_SESSION['login'])) {
self::$account = new Account($_SESSION['login']);
// groups sometimes can be null
$groups = self::$account->groups === NULL ? array() : self::$account->groups;
self::$admin = in_array("root", $groups);
self::$uploader = in_array("uploaders", $groups);
}
/// Set action (needed for page layout)
if (isset($_GET['t'])) {
switch ($_GET['t']) {
case "Page":
case "Img":
case "Thb":
CurrentUser::$action = $_GET['t'];
break;
case "Big":
case "BDl":
case "Zip":
if (!Settings::$nodownload) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Reg":
if (isset($_POST['login']) && isset($_POST['password'])) {
if (!Account::create($_POST['login'], $_POST['password'], $_POST['verif'])) {
echo "Error creating account.";
}
}
case "Log":
if (isset($_SESSION['login'])) {
CurrentUser::logout();
echo "logged out";
break;
}
if (isset($_POST['login']) && isset($_POST['password'])) {
try {
if (!CurrentUser::login($_POST['login'], $_POST['password'])) {
echo "Wrong password";
}
} catch (Exception $e) {
echo "Account not found";
}
}
if (!isset(CurrentUser::$account)) {
CurrentUser::$action = $_GET['t'];
}
break;
case "Acc":
if (isset($_POST['old_password'])) {
Account::edit($_POST['login'], $_POST['old_password'], $_POST['password'], $_POST['name'], $_POST['email']);
}
CurrentUser::$action = "Acc";
break;
case "Adm":
if (CurrentUser::$admin) {
CurrentUser::$action = "Adm";
}
break;
case "Com":
Comments::add(CurrentUser::$path, $_POST['content'], $_POST['login']);
break;
case "Rig":
Judge::edit(CurrentUser::$path, $_POST['users'], $_POST['groups'], true);
CurrentUser::$action = "Judge";
break;
case "Pub":
Judge::edit(CurrentUser::$path);
CurrentUser::$action = "Judge";
break;
case "Pri":
Judge::edit(CurrentUser::$path, array(), array(), true);
CurrentUser::$action = "Judge";
break;
case "Inf":
CurrentUser::$action = "Inf";
break;
case "Fs":
if (is_file(CurrentUser::$path)) {
CurrentUser::$action = "Fs";
}
break;
default:
CurrentUser::$action = "Page";
break;
}
} else {
CurrentUser::$action = "Page";
}
if (isset($_GET['a']) && CurrentUser::$action != "Adm") {
if (CurrentUser::$admin || CurrentUser::$uploader) {
new Admin();
}
}
if (isset($_GET['j'])) {
CurrentUser::$action = "JS";
}
/// Set default action
if (!isset(CurrentUser::$action)) {
CurrentUser::$action = "Page";
}
/// Throw exception if accounts file is missing
if (!file_exists(CurrentUser::$accounts_file)) {
throw new Exception("Accounts file missing", 69);
}
/// Create Group File if it doesn't exist
if (!file_exists(CurrentUser::$groups_file)) {
Group::create_group_file();
}
if (isset(CurrentUser::$account)) {
CurrentUser::$admin = in_array("root", CurrentUser::$account->groups);
}
}
/**
* Upload files on the server
*
* @author Thibaud Rohmer
*/
public function upload()
{
$allowedExtensions = array("tiff", "jpg", "jpeg", "gif", "png");
/// Just to be really sure ffmpeg enable - necessary generate thumbnail jpg and webm
if (Settings::$encode_video) {
array_push($allowedExtensions, "flv", "mov", "mpg", "mp4", "ogv", "mts", "3gp", "webm");
}
$already_set_rights = false;
/// Just to be really sure...
if (!(CurrentUser::$admin || CurrentUser::$uploader)) {
return;
}
/// Set upload path
$path = stripslashes(File::r2a($_POST['path']));
/// Create dir and update upload path if required
if (strlen(stripslashes($_POST['newdir'])) > 0 && !strpos(stripslashes($_POST['newdir']), '..')) {
$path = $path . "/" . stripslashes($_POST['newdir']);
if (!file_exists($path)) {
@mkdir($path, 0750, true);
@mkdir(File::r2a(File::a2r($path), Settings::$thumbs_dir), 0750, true);
}
/// Setup rights
if (!isset($_POST['inherit'])) {
if (isset($_POST['public'])) {
Judge::edit($path);
} else {
Judge::edit($path, $_POST['users'], $_POST['groups']);
}
}
$already_set_rights = true;
}
if (!isset($_FILES["images"])) {
return;
}
/// Treat uploaded files
foreach ($_FILES["images"]["error"] as $key => $error) {
// Check that file is uploaded
if ($error == UPLOAD_ERR_OK) {
// Name of the stored file
$tmp_name = $_FILES["images"]["tmp_name"][$key];
// Name on the website
$name = $_FILES["images"]["name"][$key];
$info = pathinfo($name);
$base_name = basename($name, '.' . $info['extension']);
// Check filetype
if (!in_array(strtolower($info['extension']), $allowedExtensions)) {
continue;
}
// Rename until this name isn't taken
$i = 1;
while (file_exists("{$path}/{$name}")) {
$name = $base_name . "-" . $i . "." . $info['extension'];
$i++;
}
// Save the files
if (move_uploaded_file($tmp_name, "{$path}/{$name}")) {
// $done .= "Successfully uploaded $name";
Video::FastEncodeVideo("{$path}/{$name}");
}
/// Setup rights
if (!$already_set_rights && !isset($_POST['inherit'])) {
if (isset($_POST['public'])) {
Judge::edit($path);
} else {
Judge::edit($path, $_POST['users'], $_POST['groups']);
}
}
}
}
}
