function ngg_ajax_operation() { global $wpdb; // if nonce is not correct it returns -1 check_ajax_referer("ngg-ajax"); // check for correct capability if (!is_user_logged_in()) { die('-1'); } // check for correct NextGEN capability if (!current_user_can('NextGEN Upload images') || !current_user_can('NextGEN Manage gallery')) { die('-1'); } // include the ngg function include_once dirname(__FILE__) . '/functions.php'; // Get the image id if (isset($_POST['image'])) { $id = (int) $_POST['image']; // let's get the image data $picture = nggdb::find_image($id); // what do you want to do ? switch ($_POST['operation']) { case 'create_thumbnail': $result = nggAdmin::create_thumbnail($picture); break; case 'resize_image': $result = nggAdmin::resize_image($picture); break; case 'set_watermark': $result = nggAdmin::set_watermark($picture); break; default: die('-1'); break; } // A success should retun a '1' die($result); } // The script should never stop here die('0'); }
function processor() { global $wpdb, $ngg, $nggdb; // Delete a picture if ($this->mode == 'delpic') { //TODO:Remove also Tag reference check_admin_referer('ngg_delpicture'); $image = $nggdb->find_image($this->pid); if ($image) { if ($ngg->options['deleteImg']) { @unlink($image->imagePath); @unlink($image->thumbPath); @unlink($image->imagePath . '_backup'); } do_action('ngg_delete_picture', $this->pid); $result = nggdb::delete_image($this->pid); } if ($result) { nggGallery::show_message(__('Picture', 'nggallery') . ' \'' . $this->pid . '\' ' . __('deleted successfully', 'nggallery')); } $this->mode = 'edit'; // show pictures } // Recover picture from backup if ($this->mode == 'recoverpic') { check_admin_referer('ngg_recoverpicture'); $image = $nggdb->find_image($this->pid); // bring back the old image nggAdmin::recover_image($image); nggAdmin::create_thumbnail($image); nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); $this->mode = 'edit'; // show pictures } // will be called after a ajax operation if (isset($_POST['ajax_callback'])) { if ($_POST['ajax_callback'] == 1) { nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); } } // show sort order if (isset($_POST['sortGallery'])) { $this->mode = 'sort'; } if (isset($_GET['s'])) { $this->search_images(); } }
function ngg_rotateImage() { // check for correct capability if (!is_user_logged_in()) { die('-1'); } // check for correct NextGEN capability if (!current_user_can('NextGEN Manage gallery')) { die('-1'); } require_once dirname(dirname(__FILE__)) . '/ngg-config.php'; // include the ngg function include_once dirname(__FILE__) . '/functions.php'; $ngg_options = get_option('ngg_options'); $id = (int) $_POST['id']; $result = '-1'; switch ($_POST['ra']) { case 'cw': $result = nggAdmin::rotate_image($id, 'CW'); break; case 'ccw': $result = nggAdmin::rotate_image($id, 'CCW'); break; case 'fv': $result = nggAdmin::rotate_image($id, 0, 'V'); break; case 'fh': $result = nggAdmin::rotate_image($id, 0, 'H'); break; } // recreate the thumbnail nggAdmin::create_thumbnail($id); if ($result == 1) { die('1'); } header('HTTP/1.1 500 Internal Server Error'); die($result); }
/** * Method "ngg.uploadImage" * Uploads a image to a gallery * * @since 1.4 * * @copyright addapted from WP Core * @param array $args Method parameters. * - int blog_id * - string username * - string password * - struct data * o string name * o string type (optional) * o base64 bits * o bool overwrite (optional) * o int gallery * o int image_id (optional) * @return array with image meta data */ function uploadImage($args) { global $wpdb; require_once dirname(dirname(__FILE__)) . '/admin/functions.php'; // admin functions require_once 'meta.php'; // meta data import $blog_ID = (int) $args[0]; $username = $wpdb->escape($args[1]); $password = $wpdb->escape($args[2]); $data = $args[3]; $name = $data['name']; $type = $data['type']; $bits = $data['bits']; // gallery & image id $gid = (int) $data['gallery']; // required field $pid = (int) $data['image_id']; // optional but more foolproof of overwrite $image = false; // container for the image object logIO('O', '(NGG) Received ' . strlen($bits) . ' bytes'); if (!($user = $this->login($username, $password))) { return $this->error; } // Check if you have the correct capability for upload if (!current_user_can('NextGEN Upload images')) { logIO('O', '(NGG) User does not have upload_files capability'); $this->error = new IXR_Error(401, __('You are not allowed to upload files to this site.')); return $this->error; } // Look for the gallery , could we find it ? if (!($gallery = nggdb::find_gallery($gid))) { return new IXR_Error(404, __('Could not find gallery ' . $gid)); } // Now check if you have the correct capability for this gallery if (!nggAdmin::can_manage_this_gallery($gallery->author)) { logIO('O', '(NGG) User does not have upload_files capability'); $this->error = new IXR_Error(401, __('You are not allowed to upload files to this gallery.')); return $this->error; } //clean filename and extract extension $filepart = nggGallery::fileinfo($name); $name = $filepart['basename']; // check for allowed extension and if it's an image file $ext = array('jpg', 'png', 'gif'); if (!in_array($filepart['extension'], $ext)) { logIO('O', '(NGG) Not allowed file type'); $this->error = new IXR_Error(401, __('This is no valid image file.', 'nggallery')); return $this->error; } // in the case you would overwrite the image, let's delete the old one first if (!empty($data["overwrite"]) && $data["overwrite"] == true) { // search for the image based on the filename, if it's not already provided if ($pid == 0) { $pid = $wpdb->get_col(" SELECT pid FROM {$wpdb->nggpictures} WHERE filename = '{$name}' AND galleryid = '{$gid}' "); } if (!($image = nggdb::find_image($pid))) { return new IXR_Error(404, __('Could not find image id ' . $pid)); } // sync the gallery<->image parameter, otherwise we may copy it to the wrong gallery $gallery = $image; // delete now the image if (!@unlink($image->imagePath)) { $errorString = sprintf(__('Failed to delete image %1$s ', 'nggallery'), $image->imagePath); logIO('O', '(NGG) ' . $errorString); return new IXR_Error(500, $errorString); } } // upload routine from wp core, load first the image to the upload folder, $upload['file'] contain the path $upload = wp_upload_bits($name, $type, $bits); if (!empty($upload['error'])) { $errorString = sprintf(__('Could not write file %1$s (%2$s)'), $name, $upload['error']); logIO('O', '(NGG) ' . $errorString); return new IXR_Error(500, $errorString); } // this is the dir to the gallery $path = WINABSPATH . $gallery->path; // check if the filename already exist, if not add a counter index $filename = wp_unique_filename($path, $name); $destination = $path . '/' . $filename; // Move files to gallery folder if (!@rename($upload['file'], $destination)) { $errorString = sprintf(__('Failed to move image %1$s to %2$s', 'nggallery'), '<strong>' . $upload['file'] . '</strong>', $destination); logIO('O', '(NGG) ' . $errorString); return new IXR_Error(500, $errorString); } //add to database if it's a new image if (empty($data["overwrite"]) || $data["overwrite"] == false) { $pid_array = nggAdmin::add_Images($gallery->gid, array($filename)); // the first element is our new image id if (count($pid_array) == 1) { $pid = $pid_array[0]; } } //get all information about the image, in the case it's a new one if (!$image) { $image = nggdb::find_image($pid); } // create again the thumbnail, should return a '1' nggAdmin::create_thumbnail($image); return apply_filters('ngg_upload_image', $image); }
function processor() { global $wpdb, $ngg, $nggdb; // Delete a picture if ($this->mode == 'delpic') { //TODO:Remove also Tag reference check_admin_referer('ngg_delpicture'); $image = $nggdb->find_image($this->pid); if ($image) { if ($ngg->options['deleteImg']) { $storage = C_Component_Registry::get_instance()->get_utility('I_Gallery_Storage'); $storage->delete_image($this->pid); } $mapper = C_Image_Mapper::get_instance(); $result = $mapper->destroy($this->pid); do_action('ngg_delete_picture', $this->pid); if ($result) { nggGallery::show_message(__('Picture', 'nggallery') . ' \'' . $this->pid . '\' ' . __('deleted successfully', 'nggallery')); } } $this->mode = 'edit'; // show pictures } // Recover picture from backup if ($this->mode == 'recoverpic') { check_admin_referer('ngg_recoverpicture'); $image = $nggdb->find_image($this->pid); // bring back the old image nggAdmin::recover_image($image); nggAdmin::create_thumbnail($image); nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); $this->mode = 'edit'; // show pictures } // will be called after a ajax operation if (isset($_POST['ajax_callback'])) { if ($_POST['ajax_callback'] == 1) { nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); } } // show sort order if (isset($_POST['sortGallery'])) { $this->mode = 'sort'; } if (isset($_GET['s'])) { $this->search_images(); } }
/** * Function for uploading of images via the upload form * * @class nggAdmin * @return void */ function upload_images() { global $nggdb; // WPMU action if (nggWPMU::check_quota()) { return; } // Images must be an array $imageslist = array(); // get selected gallery $galleryID = (int) $_POST['galleryselect']; if ($galleryID == 0) { nggGallery::show_error(__('No gallery selected !', 'nggallery')); return; } // get the path to the gallery $gallery = $nggdb->find_gallery($galleryID); if (empty($gallery->path)) { nggGallery::show_error(__('Failure in database, no gallery path set !', 'nggallery')); return; } // read list of images $dirlist = nggAdmin::scandir($gallery->abspath); $imagefiles = $_FILES['imagefiles']; if (is_array($imagefiles)) { foreach ($imagefiles['name'] as $key => $value) { // look only for uploded files if ($imagefiles['error'][$key] == 0) { $temp_file = $imagefiles['tmp_name'][$key]; //clean filename and extract extension $filepart = nggGallery::fileinfo($imagefiles['name'][$key]); $filename = $filepart['basename']; // check for allowed extension and if it's an image file $ext = array('jpg', 'png', 'gif'); if (!in_array($filepart['extension'], $ext) || !@getimagesize($temp_file)) { nggGallery::show_error('<strong>' . esc_html($imagefiles['name'][$key]) . ' </strong>' . __('is no valid image file!', 'nggallery')); continue; } // check if this filename already exist in the folder $i = 0; while (in_array($filename, $dirlist)) { $filename = $filepart['filename'] . '_' . $i++ . '.' . $filepart['extension']; } $dest_file = $gallery->abspath . '/' . $filename; //check for folder permission if (!is_writeable($gallery->abspath)) { $message = sprintf(__('Unable to write to directory %s. Is this directory writable by the server?', 'nggallery'), esc_html($gallery->abspath)); nggGallery::show_error($message); return; } // save temp file to gallery if (!@move_uploaded_file($temp_file, $dest_file)) { nggGallery::show_error(__('Error, the file could not be moved to : ', 'nggallery') . esc_html($dest_file)); nggAdmin::check_safemode($gallery->abspath); continue; } if (!nggAdmin::chmod($dest_file)) { nggGallery::show_error(__('Error, the file permissions could not be set', 'nggallery')); continue; } // add to imagelist & dirlist $imageslist[] = $filename; $dirlist[] = $filename; } } } if (count($imageslist) > 0) { // add images to database $image_ids = nggAdmin::add_Images($galleryID, $imageslist); foreach ($image_ids as $current_image_id) { nggAdmin::create_thumbnail($current_image_id); } //create thumbnails //nggAdmin::do_ajax_operation( 'create_thumbnail' , $image_ids, __('Create new thumbnails','nggallery') ); //add the preview image if needed nggAdmin::set_gallery_preview($galleryID); nggGallery::show_message(count($image_ids) . __(' Image(s) successfully added', 'nggallery')); } return; }