public function execute()
{
$available_fields = array_merge($this->generic_fields, $this->stack_fields);
$data = waRequest::post('data');
$photo_id = array();
foreach ($data as &$item_data) {
if (isset($item_data['id']) && ($id = array_unique(array_map('intval', explode(',', $item_data['id']))))) {
unset($item_data['id']);
$fields = array_diff_key(array_keys($item_data), $available_fields);
if ($fields) {
throw new waException("Invalid request format: unexpected field(s) " . implode(', ', $fields));
}
$photo_id = array_merge($photo_id, $id);
$item_data['id'] = $id;
} else {
throw new waException("Invalid request format: missed or invalid item ID");
}
}
unset($item_data);
$this->response['update'] = array();
if ($photo_id) {
$photo_rights_model = new photosPhotoRightsModel();
$allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($photo_id, true);
$denied_photo_id = array_diff($photo_id, $allowed_photo_id);
if ($allowed_photo_id) {
$photo_model = new photosPhotoModel();
$generic_fields = array_fill_keys($this->generic_fields, true);
$stack_fields = array_fill_keys($this->stack_fields, true);
foreach ($data as $item_data) {
if ($item_data_id = array_intersect($item_data['id'], $allowed_photo_id)) {
unset($item_data['id']);
foreach ($item_data as $field => &$value) {
$value = $this->validateField($field, $value);
}
unset($value);
if ($data = array_intersect_key($item_data, $stack_fields)) {
$photo_model->update($item_data_id, $data);
$this->response['update'][] = array('id' => $item_data_id, 'data' => $data);
}
if ($data = array_intersect_key($item_data, $generic_fields)) {
$photo_model->updateById($item_data_id, $data);
$this->response['update'][] = array('id' => $item_data_id, 'data' => $data);
}
}
}
}
if (count($denied_photo_id) > 0 && count($photo_id) > 0) {
$this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($photo_id))) . ', ' . _w("because you don't have sufficient access rights") . '.';
}
$allowed_photo_id_map = array();
foreach ($allowed_photo_id as $id) {
$allowed_photo_id_map[$id] = true;
}
$this->response['allowed_photo_id'] = $allowed_photo_id_map;
}
}
public function execute()
{
$name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
if (in_array($name, $this->availableFields) === false) {
throw new waException("Can't update photo: unknown field");
}
$photo_id = waRequest::post('id', null, waRequest::TYPE_ARRAY_INT);
$value = waRequest::post('value', '', waRequest::TYPE_STRING_TRIM);
if ($photo_id) {
$photo_rights_model = new photosPhotoRightsModel();
if (count($photo_id) == 1) {
// editing only one photo
if (!$photo_rights_model->checkRights(current($photo_id), true)) {
throw new waException(_w("You don't have sufficient access rights"));
}
// validations for one photo
if ($name == 'url') {
if (!$this->validateUrl($value, current($photo_id))) {
// $photo_id is array of ids, so make current()
$this->errors['url'] = _w('URL is in use');
return;
}
}
$allowed_photo_id = $photo_id;
$denied_photo_id = array();
} else {
$allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($photo_id, true);
$denied_photo_id = array_diff($photo_id, $allowed_photo_id);
}
if ($allowed_photo_id) {
if ($name == 'rate') {
$value = (int) $value;
if ($value < 0 || $value > 5) {
$value = 0;
}
}
$data[$name] = $value;
$this->photo_model = new photosPhotoModel();
if ($name == 'description' || $name == 'rate') {
$this->photo_model->update($allowed_photo_id, $data);
if (count($photo_id) == 1 && $allowed_photo_id) {
// means that we edit field in one-photo page
$photo_id = current($photo_id);
if ($parent_id = $this->photo_model->getStackParentId($photo_id)) {
$this->response['parent_id'] = $parent_id;
}
}
// change count of rated
if ($name == 'rate') {
$this->response['count'] = $this->photo_model->countRated();
$this->log('photos_rate', 1);
}
} else {
// update only parent photo(s)
$this->photo_model->updateById($allowed_photo_id, $data);
}
if ($name == 'name') {
$this->response['value'] = photosPhoto::escape($value);
}
}
if (count($denied_photo_id) > 0 && count($photo_id) > 0) {
$this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($photo_id))) . ', ' . _w("because you don't have sufficient access rights") . '.';
}
$allowed_photo_id_map = array();
foreach ($allowed_photo_id as $id) {
$allowed_photo_id_map[$id] = true;
}
$this->response['allowed_photo_id'] = $allowed_photo_id_map;
}
}
