public function execute() { if (!$this->getUser()->getRights('photos', 'edit')) { throw new waException(_w("Access denied")); } $moderation = waRequest::post('moderation', '', waRequest::TYPE_STRING_TRIM); $id = waRequest::post('id', '', waRequest::TYPE_INT); $photo_model = new photosPhotoModel(); $photo = $photo_model->getById($id); if (!$photo) { $this->errors[] = _wp('Unknown photo'); } if ($moderation == 'approve') { $photo_model->updateById($id, array('moderation' => 1)); $photo_model->updateAccess($id, 1, array(0)); } if ($moderation == 'decline') { $photo_model->updateById($id, array('moderation' => -1)); $photo_model->updateAccess($id, 0, array(0)); } $this->response['photo'] = $photo_model->getById($id); // update for making inline-editable widget $this->response['frontend_link_template'] = photosFrontendPhoto::getLink(array('url' => '%url%')); $this->response['counters'] = array('declined' => $photo_model->countByField('moderation', -1), 'awaiting' => $photo_model->countByField('moderation', 0)); // l18n string $count = (int) waRequest::post('count'); $total_count = (int) waRequest::post('total_count'); $this->response['string'] = array('loaded' => _w('%d photo', '%d photos', $count), 'of' => sprintf(_w('of %d'), $total_count), 'chunk' => $count < $total_count ? _w('%d photo', '%d photos', min($this->getConfig()->getOption('photos_per_page'), $count - $total_count)) : false); }
public function execute() { $album_id = waRequest::post('id', null, waRequest::TYPE_INT); $status = waRequest::post('status', 0, waRequest::TYPE_INT); $groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT); $count = waRequest::post('count', 0, waRequest::TYPE_INT); $offset = waRequest::post('offset', 0, waRequest::TYPE_INT); $collection = new photosCollection('album/' . $album_id); $this->response['offset'] = $offset; $photos = $collection->getPhotos('*', $offset, $count, false); $photo_ids = array(); foreach ($photos as $photo) { if ($photo['status'] == 1 && $status == 1) { continue; } if ($photo['stack_count'] > 0) { $photo_ids = array_merge($photo_ids, $photo_model->getIdsByParent($photo['id'])); } else { $photo_ids[] = $photo['id']; } } $photo_rights_model = new photosPhotoRightsModel(); $allowed_photo_ids = $photo_rights_model->filterAllowedPhotoIds($photo_ids, true); $photo_model = new photosPhotoModel(); $photo_model->updateAccess($allowed_photo_ids, $status, $groups); }
public function execute() { $this->id = waRequest::post('id', null, waRequest::TYPE_INT); $group_ids = null; $status = waRequest::post('status', 0, waRequest::TYPE_INT); if (!$status) { $group_ids = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT); if (!$group_ids) { // visible only for creator $status = -1; $group_ids = array(-$this->getUser()->getId()); } } $this->album_model = new photosAlbumModel(); if (!$this->id) { if (!$this->getRights('upload')) { throw new waException(_w("You don't have sufficient access rights")); } $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM); $type = waRequest::post('type', 0, waRequest::TYPE_INT); $data = array('name' => $name, 'status' => $status, 'type' => $type, 'group_ids' => $group_ids); if ($status <= 0) { $data['hash'] = md5(uniqid(time(), true)); } else { $data['url'] = $this->album_model->suggestUniqueUrl(photosPhoto::suggestUrl($name)); } if ($type == photosAlbumModel::TYPE_DYNAMIC) { $data['conditions'] = $this->getPrepareConditions(); } $this->save($data); $this->response = array('id' => $this->id, 'name' => photosPhoto::escape($name), 'type' => $type, 'status' => $status); } else { $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($this->id, true)) { throw new waException(_w("You don't have sufficient access rights")); } $conditions = $this->getPrepareConditions(); $params = array(); $album_params = waRequest::post('params', '', waRequest::TYPE_STRING_TRIM); $album_params = explode(PHP_EOL, $album_params); foreach ($album_params as $param) { $param = explode('=', $param); if (count($param) < 2) { continue; } $params[$param[0]] = $param[1]; } $params = $params ? $params : null; $description = waRequest::post('description', null, waRequest::TYPE_STRING_TRIM); $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM); $url = waRequest::post('url', null, waRequest::TYPE_STRING_TRIM); $data = array('status' => $status, 'group_ids' => $group_ids, 'conditions' => $conditions, 'url' => $url, 'description' => $description, 'params' => $params, 'name' => $name); if ($status <= 0) { $data['hash'] = md5(uniqid(time(), true)); } if (waRequest::post('order') == 'rate') { $data['params']['order'] = 'rate'; } if (!$this->validate($data)) { return; } $this->save($data); $apply_all_photos = waRequest::post('apply_all_photos', 0, waRequest::TYPE_INT); if ($apply_all_photos) { // apply to first of $count photos $count = waRequest::post('count', 50, waRequest::TYPE_INT); $collection = new photosCollection('album/' . $this->id); $total_count = $collection->count(); $photos = $collection->getPhotos('*', 0, $count, false); $photo_model = new photosPhotoModel(); $photo_ids = array(); foreach ($photos as $photo) { if ($photo['status'] == 1 && $status == 1) { continue; } if ($photo['stack_count'] > 0) { $photo_ids = array_merge($photo_ids, $photo_model->getIdsByParent($photo['id'])); } else { $photo_ids[] = $photo['id']; } } $photo_rights_model = new photosPhotoRightsModel(); $allowed_photo_ids = $photo_rights_model->filterAllowedPhotoIds($photo_ids, true); $photo_model->updateAccess($allowed_photo_ids, $status, $group_ids); $this->response['total_count'] = $total_count; $this->response['count'] = $count; $this->response['status'] = $status; $this->response['groups'] = $group_ids; } } }
public function execute() { $photo_id = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT); $status = waRequest::post('status', 0, waRequest::TYPE_INT); $groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT); if (!$groups) { $status = -1; // only author have access to this photo $groups = array(-$this->getUser()->getId()); } // necessary when manage access rights for one photo. When in one photo extra info is needed in response $is_one_photo = waRequest::post('one_photo', 0, waRequest::TYPE_INT); // necessary only when manage access rights for several photos $prev_allowed_photo_id = waRequest::post('allowed_photo_id', array(), waRequest::TYPE_ARRAY_INT); $prev_denied_photo_id = waRequest::post('denied_photo_id', array(), waRequest::TYPE_ARRAY_INT); $this->photo_model = new photosPhotoModel(); $this->photo_rights_model = new photosPhotoRightsModel(); $allowed_photo_id = $this->photo_rights_model->filterAllowedPhotoIds($photo_id, true); $denied_photo_id = array_diff($photo_id, $allowed_photo_id); $this->photo_model->updateAccess($allowed_photo_id, $status, $groups); // leave only id of parents $denied_parent_id = array(); if ($denied_photo_id) { foreach ($this->photo_model->getByField('id', $denied_photo_id, 'id') as $photo) { $denied_parent_id[] = $photo['parent_id'] > 0 ? $photo['parent_id'] : $photo['id']; } } $denied_photo_id = array_values(array_unique(array_merge($prev_denied_photo_id, $denied_parent_id))); $this->response['denied_photo_id'] = $denied_photo_id; // leave only id of parents $allowed_parent_id = array(); if ($allowed_photo_id) { foreach ($this->photo_model->getByField('id', $allowed_photo_id, 'id') as $photo) { $allowed_parent_id[] = $photo['parent_id'] > 0 ? $photo['parent_id'] : $photo['id']; } } $allowed_photo_id = array_values(array_unique(array_merge($prev_allowed_photo_id, $allowed_parent_id))); $this->response['allowed_photo_id'] = $allowed_photo_id; $all_photos_length = waRequest::post('photos_length', 0, waRequest::TYPE_INT); if (!$all_photos_length) { $all_photos_length = count($photo_id); } $denied_photos_length = count($denied_photo_id); if ($denied_photos_length > 0 && $all_photos_length > 0) { $this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", $denied_photos_length, _w("out of %d selected", "out of %d selected", $all_photos_length)) . ', ' . _w("because you don't have sufficient access rights") . '.'; } // if one photo send extra info for update cache and widget if ($is_one_photo && $allowed_photo_id) { $frontend_link_template = photosFrontendPhoto::getLink(array('url' => '%url%')); if (count($photo_id) > 1) { // stack $stack = $this->photo_model->getStack($photo_id[0]); foreach ($stack as &$photo) { $photo = $this->workup($photo); } unset($photo); $this->response['stack'] = array_values($stack); } else { // just photo $photo_id = $photo_id[0]; $photo = $this->photo_model->getById($photo_id); $photo = $this->workup($photo); $this->response['photo'] = $photo; } $this->response['frontend_link_template'] = $frontend_link_template; } }