/** * Check if fe-user has access to a certain album * * @param string * @return bool */ protected function authenticate($strAlbumalias) { if (TL_MODE == 'FE') { $objAlb = \GalleryCreatorAlbumsModel::findByAlias($strAlbumalias); if ($objAlb !== null) { if (!$objAlb->protected) { return true; } $this->import('FrontendUser', 'User'); $groups = deserialize($objAlb->groups); if (!FE_USER_LOGGED_IN || !is_array($groups) || count($groups) < 1 || !array_intersect($groups, $this->User->groups)) { // abort script and display authentification error $strContent = sprintf("<div>\r\n<h1>%s</h1>\r\n<p>%s</p>\r\n</div>", $GLOBALS['TL_LANG']['gallery_creator']['fe_authentification_error'][0], $GLOBALS['TL_LANG']['gallery_creator']['fe_authentification_error'][1]); die($strContent); } } } return true; }
/** * Check if fe-user has access to a certain album * * @param string * @return bool */ protected function authenticate($strAlbumalias) { if (TL_MODE == 'FE') { $objAlb = \GalleryCreatorAlbumsModel::findByAlias($strAlbumalias); if ($objAlb !== null) { if (!$objAlb->protected) { return true; } $this->import('FrontendUser', 'User'); $groups = deserialize($objAlb->groups); if (!FE_USER_LOGGED_IN || !is_array($groups) || count($groups) < 1 || !array_intersect($groups, $this->User->groups)) { return false; } } } return true; }
/** * Generate module */ protected function compile() { global $objPage; // process request variables $this->getUrlParams(); if (!is_array(deserialize($this->gc_publish_albums)) && !$this->gc_publish_all_albums) { return; } if ($this->gc_publish_all_albums) { // if all albums should be shown $arrSelectedAlb = $this->listAllAlbums(); } else { // if only selected albums should be shown $arrSelectedAlb = deserialize($this->gc_publish_albums); } // clean array from unpublished or empty or protected albums foreach ($arrSelectedAlb as $key => $albumId) { $objAlbum = $this->Database->prepare('SELECT * FROM tl_gallery_creator_albums WHERE id=? AND published=?')->execute($albumId, '1'); $objPics = $this->Database->prepare('SELECT id FROM tl_gallery_creator_pictures WHERE pid = ? AND published=?')->execute($albumId, '1'); // if the album doesn't exist if (!$objAlbum->numRows) { unset($arrSelectedAlb[$key]); continue; } // if the album doesn't contain any pictures if (!$objPics->numRows) { unset($arrSelectedAlb[$key]); continue; } // remove id from $arrSelectedAlb if user is not allowed if (TL_MODE == 'FE' && $objAlbum->protected == true) { $blnAllowed = null; $this->import('FrontendUser', 'User'); // remove id from $arrSelectedAlb if user is not allowed if (FE_USER_LOGGED_IN && is_array(unserialize($this->User->allGroups))) { // check for accordance if (array_intersect(unserialize($this->User->allGroups), unserialize($objAlbum->groups))) { $blnAllowed = true; } } if (!$blnAllowed) { unset($arrSelectedAlb[$key]); continue; } } } // build up the new array $arrAllowedAlbums = array_values($arrSelectedAlb); $switch = strlen(\Input::get('items')) ? 'detailview' : 'albumlisting'; $switch = strlen(\Input::get('jw_imagerotator')) ? 'jw_imagerotator' : $switch; $switch = strlen(\Input::get('img')) ? 'single_image' : $switch; switch ($switch) { case 'albumlisting': // abort if no album is selected if (count($arrAllowedAlbums) < 1) { return; } // pagination settings $limit = $this->gc_AlbumsPerPage; if ($limit > 0) { $page = \Input::get('page') ? \Input::get('page') : 1; $offset = ($page - 1) * $limit; // count albums $itemsTotal = count($arrAllowedAlbums); // create pagination menu $numberOfLinks = $this->gc_PaginationNumberOfLinks < 1 ? 7 : $this->gc_PaginationNumberOfLinks; $objPagination = new \Pagination($itemsTotal, $limit, $numberOfLinks); $this->Template->pagination = $objPagination->generate("\n "); } if ($limit == '0') { $limit = count($arrAllowedAlbums); $offset = 0; } $arrAlbums = array(); for ($i = $offset; $i < $offset + $limit; $i++) { if (!$arrAllowedAlbums[$i]) { continue; } $currAlbumId = $arrAllowedAlbums[$i]; $objAlbum = $this->Database->prepare('SELECT id, alias FROM tl_gallery_creator_albums WHERE id=?')->execute($currAlbumId); if (false === $this->authenticate($objAlbum->alias)) { continue; } $arrAlbums[$objAlbum->id] = GcHelpers::getAlbumInformationArray($objAlbum->id, $this); } $this->Template->imagemargin = $this->generateMargin(unserialize($this->gc_imagemargin_albumlisting)); $this->Template->arrAlbums = $arrAlbums; $this->getAlbumTemplateVars($objAlbum->id); // Call gcGenerateFrontendTemplateHook $this->Template = $this->callGcGenerateFrontendTemplateHook($this); break; case 'detailview': $objAlbum = \GalleryCreatorAlbumsModel::findByAlias($this->strAlbumalias); $published = $objAlbum->published ? true : false; // for security reasons... if (!$published || !$this->gc_publish_all_albums && !in_array($this->intAlbumId, $arrAllowedAlbums)) { die("Gallery with alias " . $this->strAlbumalias . " is either not published or not available or you haven't got enough permission to watch it!!!"); } // pagination settings $limit = $this->gc_ThumbsPerPage; if ($limit > 0) { $page = \Input::get('page') ? \Input::get('page') : 1; $offset = ($page - 1) * $limit; // count albums $objTotal = $this->Database->prepare('SELECT COUNT(id) as itemsTotal FROM tl_gallery_creator_pictures WHERE published=? AND pid=? GROUP BY ?')->execute('1', $this->intAlbumId, 'id'); $itemsTotal = $objTotal->itemsTotal; // create the pagination menu $numberOfLinks = $this->gc_PaginationNumberOfLinks < 1 ? 7 : $this->gc_PaginationNumberOfLinks; $objPagination = new \Pagination($itemsTotal, $limit, $numberOfLinks); $this->Template->pagination = $objPagination->generate("\n "); } // picture sorting $str_sorting = $this->gc_picture_sorting == '' || $this->gc_picture_sorting_direction == '' ? 'sorting ASC' : $this->gc_picture_sorting . ' ' . $this->gc_picture_sorting_direction; // sort by name is done below $str_sorting = str_replace('name', 'id', $str_sorting); $objPictures = $this->Database->prepare('SELECT * FROM tl_gallery_creator_pictures WHERE published=? AND pid=? ORDER BY ' . $str_sorting); if ($limit > 0) { $objPictures->limit($limit, $offset); } $objPictures = $objPictures->execute('1', $this->intAlbumId); // build up $arrPictures $arrPictures = array(); $auxBasename = array(); while ($objPictures->next()) { $objFilesModel = \FilesModel::findByUuid($objPictures->uuid); $basename = 'undefined'; if ($objFilesModel !== null) { $basename = $objFilesModel->name; } $auxBasename[] = $basename; $arrPictures[$objPictures->id] = GcHelpers::getPictureInformationArray($objPictures->id, $this); } // sort by basename if ($this->gc_picture_sorting == 'name') { if ($this->gc_picture_sorting_direction == 'ASC') { array_multisort($arrPictures, SORT_STRING, $auxBasename, SORT_ASC); } else { array_multisort($arrPictures, SORT_STRING, $auxBasename, SORT_DESC); } } $arrPictures = array_values($arrPictures); // store $arrPictures in the template variable $this->Template->arrPictures = $arrPictures; // generate other template variables $this->getAlbumTemplateVars($this->intAlbumId); // init the counter $this->initCounter($this->intAlbumId); // Call gcGenerateFrontendTemplateHook $this->Template = $this->callGcGenerateFrontendTemplateHook($this, $objAlbum); break; case 'single_image': $objAlbum = \GalleryCreatorAlbumsModel::findByAlias(\Input::get('items')); if ($objAlbum === null) { die('Invalid album alias: ' . \Input::get('items')); } $objPic = \Database::getInstance()->prepare("SELECT * FROM tl_gallery_creator_pictures WHERE pid=? AND name LIKE '" . \Input::get('img') . ".%'")->execute($objAlbum->id); if (!$objPic->numRows) { die(sprintf('File with filename "%s" does not exist in album with alias "%s".', \Input::get('img'), \Input::get('items'))); } $picId = $objPic->id; $published = $objPic->published ? true : false; $published = $objAlbum->published ? $published : false; // for security reasons... if (!$published || !$this->gc_publish_all_albums && !in_array($this->intAlbumId, $arrAllowedAlbums)) { die("Picture with id " . $picId . " is either not published or not available or you haven't got enough permission to watch it!!!"); } // picture sorting $str_sorting = $this->gc_picture_sorting == '' || $this->gc_picture_sorting_direction == '' ? 'sorting ASC' : $this->gc_picture_sorting . ' ' . $this->gc_picture_sorting_direction; $objPictures = $this->Database->prepare('SELECT id FROM tl_gallery_creator_pictures WHERE published=? AND pid=? ORDER BY ' . $str_sorting); $objPictures = $objPictures->execute('1', $this->intAlbumId); // build up $arrPictures $arrIDS = array(); $i = 0; $currentIndex = null; while ($objPictures->next()) { if ($picId == $objPictures->id) { $currentIndex = $i; } $arrIDS[] = $objPictures->id; $i++; } $arrPictures = array(); if (count($arrIDS)) { // store $arrPictures in the template variable $arrPictures['prev'] = GcHelpers::getPictureInformationArray($arrIDS[$currentIndex - 1], $this); $arrPictures['current'] = GcHelpers::getPictureInformationArray($arrIDS[$currentIndex], $this); $arrPictures['next'] = GcHelpers::getPictureInformationArray($arrIDS[$currentIndex + 1], $this); // add navigation href's to the template $this->Template->prevHref = $arrPictures['prev']['single_image_url']; $this->Template->nextHref = $arrPictures['next']['single_image_url']; if ($currentIndex == 0) { $arrPictures['prev'] = null; $this->Template->prevHref = null; } if ($currentIndex == count($arrIDS) - 1) { $arrPictures['next'] = null; $this->Template->nextHref = null; } if (count($arrIDS) == 1) { $arrPictures['next'] = null; $arrPictures['prev'] = null; $this->Template->nextHref = null; $this->Template->prevItem = null; } } // Get the page model $objPageModel = \PageModel::findByPk($objPage->id); $this->Template->returnHref = $objPageModel->getFrontendUrl(($GLOBALS['TL_CONFIG']['useAutoItem'] ? '/' : '/items/') . \Input::get('items'), $objPage->language); $this->Template->arrPictures = $arrPictures; // generate other template variables $this->getAlbumTemplateVars($this->intAlbumId); // init the counter $this->initCounter($this->intAlbumId); // Call gcGenerateFrontendTemplateHook $this->Template = $this->callGcGenerateFrontendTemplateHook($this, $objAlbum); break; case 'jw_imagerotator': header("content-type:text/xml;charset=utf-8"); echo $this->getJwImagerotatorXml($this->strAlbumalias); exit; break; } // end switch }
/** * insert a new entry in tl_gallery_creator_pictures * * @param integer * @param string * $intAlbumId - albumId * $strFilepath - filepath -> files/gallery_creator_albums/albumalias/filename.jpg * @return bool */ public static function createNewImage($intAlbumId, $strFilepath) { //get the file-object $objFile = new \File($strFilepath); if (!$objFile->isGdImage) { return false; } //get the album-object $objAlbum = \GalleryCreatorAlbumsModel::findById($intAlbumId); // get the assigned album directory $objFolder = \FilesModel::findByUuid($objAlbum->assignedDir); $assignedDir = null; if ($objFolder !== null) { if (is_dir(TL_ROOT . '/' . $objFolder->path)) { $assignedDir = $objFolder->path; } } if ($assignedDir == null) { die('Aborted Script, because there is no upload directory assigned to the Album with ID ' . $intAlbumId); } //check if the file ist stored in the album-directory or if it is stored in an external directory $blnExternalFile = false; if (\Input::get('importFromFilesystem')) { $blnExternalFile = strstr($objFile->dirname, $assignedDir) ? false : true; } //get the album object and the alias $strAlbumAlias = $objAlbum->alias; //db insert $objImg = new \GalleryCreatorPicturesModel(); $objImg->tstamp = time(); $objImg->pid = $objAlbum->id; $objImg->externalFile = $blnExternalFile ? "1" : ""; $objImg->save(); if ($objImg->id) { $insertId = $objImg->id; // Get the next sorting index $objImg_2 = \Database::getInstance()->prepare('SELECT MAX(sorting)+10 AS maximum FROM tl_gallery_creator_pictures WHERE pid=?')->execute($objAlbum->id); $sorting = $objImg_2->maximum; // If filename should be generated if (!$objAlbum->preserve_filename && $blnExternalFile === false) { $newFilepath = sprintf('%s/alb%s_img%s.%s', $assignedDir, $objAlbum->id, $insertId, $objFile->extension); $objFile->renameTo($newFilepath); } if (is_file(TL_ROOT . '/' . $objFile->path)) { //get the userId $userId = '0'; if (TL_MODE == 'BE') { $userId = \BackendUser::getInstance()->id; } // the album-owner is automaticaly the image owner, if the image was uploaded by a by a frontend user if (TL_MODE == 'FE') { $userId = $objAlbum->owner; } // Get the FilesModel $objFileModel = \FilesModel::findByPath($objFile->path); //finally save the new image in tl_gallery_creator_pictures $objPicture = \GalleryCreatorPicturesModel::findByPk($insertId); $objPicture->uuid = $objFileModel->uuid; $objPicture->owner = $userId; $objPicture->date = $objAlbum->date; $objPicture->sorting = $sorting; $objPicture->save(); \System::log('A new version of tl_gallery_creator_pictures ID ' . $insertId . ' has been created', __METHOD__, TL_GENERAL); //check for a valid preview-thumb for the album $objAlbum = \GalleryCreatorAlbumsModel::findByAlias($strAlbumAlias); if ($objAlbum !== null) { if ($objAlbum->thumb == "") { $objAlbum->thumb = $insertId; $objAlbum->save(); } } // GalleryCreatorImagePostInsert - HOOK // übergibt die id des neu erstellten db-Eintrages ($lastInsertId) if (isset($GLOBALS['TL_HOOKS']['galleryCreatorImagePostInsert']) && is_array($GLOBALS['TL_HOOKS']['galleryCreatorImagePostInsert'])) { foreach ($GLOBALS['TL_HOOKS']['galleryCreatorImagePostInsert'] as $callback) { $objClass = self::importStatic($callback[0]); $objClass->{$callback}[1]($insertId); } } return true; } else { if ($blnExternalFile === true) { $_SESSION['TL_ERROR'][] = sprintf($GLOBALS['TL_LANG']['ERR']['link_to_not_existing_file'], $strFilepath); } else { $_SESSION['TL_ERROR'][] = sprintf($GLOBALS['TL_LANG']['ERR']['uploadError'], $strFilepath); } \System::log('Unable to create the new image in: ' . $strFilepath . '!', __METHOD__, TL_ERROR); } } return false; }