protected function checkUploadPermissins($entityType, $entityId) { // disallow not authenticated access if (!OW::getUser()->isAuthenticated()) { throw new AuthenticateException(); } $language = OW::getLanguage(); $userId = OW::getUser()->getId(); $config = OW::getConfig(); $userQuota = (int) $config->getValue('photo', 'user_quota'); if (!OW::getUser()->isAuthorized('photo', 'upload')) { throw new PHOTO_Exception($language->text('photo', 'auth_upload_permissions')); } $eventParams = array('pluginKey' => 'photo', 'action' => 'add_photo'); $credits = OW::getEventManager()->call('usercredits.check_balance', $eventParams); if ($credits === false) { throw new PHOTO_Exception(OW::getEventManager()->call('usercredits.error_message', $eventParams)); } else { if (!($this->photoService->countUserPhotos($userId) <= $userQuota)) { throw new PHOTO_Exception($language->text('photo', 'quota_exceeded', array('limit' => $userQuota))); } } }
public function photo(array $params = null) { if (!OW::getUser()->isAuthenticated()) { throw new AuthenticateException(); } $language = OW::getLanguage(); if (!OW::getUser()->isAuthorized('photo', 'upload')) { $status = BOL_AuthorizationService::getInstance()->getActionStatus('photo', 'upload'); $this->assign('auth_msg', $status['msg']); return; } $config = OW::getConfig(); $userQuota = (int) $config->getValue('photo', 'user_quota'); $userId = OW::getUser()->getId(); if (!($this->photoService->countUserPhotos($userId) <= $userQuota)) { $this->assign('auth_msg', $language->text('photo', 'quota_exceeded', array('limit' => $userQuota))); } else { $accepted = floatval($config->getValue('photo', 'accepted_filesize') * 1024 * 1024); $this->assign('auth_msg', null); $form = new PHOTO_MCLASS_UploadForm(); $this->addForm($form); $photoAlbumService = PHOTO_BOL_PhotoAlbumService::getInstance(); $albums = $photoAlbumService->findUserAlbumList($userId, 1, 100); $this->assign('albums', $albums); if (!empty($params['album']) && (int) $params['album']) { $albumId = (int) $params['album']; $uploadToAlbum = $photoAlbumService->findAlbumById($albumId); if (!$uploadToAlbum || $uploadToAlbum->userId != $userId) { $this->redirect(OW::getRouter()->urlForRoute('photo_upload')); } $form->getElement('album')->setValue($uploadToAlbum->name); } if ($albums) { $script = '$("#album_select").change(function(event){ $("#album_input").val($(this).val()); });'; OW::getDocument()->addOnloadScript($script); } $script = '$("#upload-file-field").change(function(){ var img = $("#photo-file-prevew"); var name = $(".owm_upload_img_name_label span"); img.hide(); name.text(""); if (!this.files || !this.files[0]) return; if ( window.FileReader ) { var reader = new FileReader(); reader.onload = function (e) { img.show().attr("src", e.target.result); } reader.readAsDataURL(this.files[0]); } else { name.text(this.files[0].name); } $(".owm_upload_photo_browse_wrap").addClass("owm_upload_photo_attach_wrap"); });'; OW::getDocument()->addOnloadScript($script); if (OW::getRequest()->isPost()) { $form->isValid($_POST); $values = $form->getValues(); // Delete old temporary photos $tmpPhotoService = PHOTO_BOL_PhotoTemporaryService::getInstance(); $photoService = PHOTO_BOL_PhotoService::getInstance(); $file = $_FILES['photo']; $tmpPhotoService->deleteUserTemporaryPhotos($userId); if (strlen($file['tmp_name'])) { if (!UTIL_File::validateImage($file['name']) || $file['size'] > $accepted) { OW::getFeedback()->warning($language->text('photo', 'no_photo_uploaded')); $this->redirect(); } $tmpPhotoService->addTemporaryPhoto($file['tmp_name'], $userId, 1); $tmpList = $tmpPhotoService->findUserTemporaryPhotos($userId, 'order'); $tmpList = array_reverse($tmpList); // check album exists if (!($album = $photoAlbumService->findAlbumByName($values['album'], $userId))) { $album = new PHOTO_BOL_PhotoAlbum(); $album->name = $values['album']; $album->userId = $userId; $album->createDatetime = time(); $photoAlbumService->addAlbum($album); } foreach ($tmpList as $tmpPhoto) { $photo = $tmpPhotoService->moveTemporaryPhoto($tmpPhoto['dto']->id, $album->id, $values['description']); if ($photo) { BOL_AuthorizationService::getInstance()->trackAction('photo', 'upload'); $photoService->createAlbumCover($album->id, array($photo)); $photoService->triggerNewsfeedEventOnSinglePhotoAdd($album, $photo); $photoParams = array('addTimestamp' => $photo->addDatetime, 'photoId' => $photo->id, 'hash' => $photo->hash, 'description' => $photo->description); $event = new OW_Event(PHOTO_CLASS_EventHandler::EVENT_ON_PHOTO_ADD, array($photoParams)); OW::getEventManager()->trigger($event); $photo = $this->photoService->findPhotoById($photo->id); if ($photo->status != PHOTO_BOL_PhotoDao::STATUS_APPROVED) { OW::getFeedback()->info(OW::getLanguage()->text('photo', 'photo_uploaded_pending_approval')); if (PHOTO_BOL_PhotoAlbumService::getInstance()->countAlbumPhotos($photo->albumId)) { $this->redirect(OW::getRouter()->urlForRoute('photo_user_album', array('user' => BOL_UserService::getInstance()->getUserName($userId), 'album' => $album->id))); } else { $this->redirect(OW::getRouter()->urlForRoute('photo_user_albums', array('user' => BOL_UserService::getInstance()->getUserName($userId)))); } } else { OW::getFeedback()->info($language->text('photo', 'photos_uploaded', array('count' => 1))); $this->redirect(OW::getRouter()->urlForRoute('view_photo', array('id' => $photo->id))); } } } } else { OW::getFeedback()->warning($language->text('photo', 'no_photo_uploaded')); $this->redirect(); } } } OW::getDocument()->setHeading($language->text('photo', 'upload_photos')); OW::getDocument()->setTitle($language->text('photo', 'meta_title_photo_upload')); }