static function graphics_rotate($input_file, $output_file, $options)
{
// Make a copy of the original fullsized image before rotating it.
// If $input_file is located in VARPATH/albums/ then assume its a fullsize photo.
if (strncmp($input_file, VARPATH . "albums/", strlen(VARPATH . "albums/")) == 0) {
// Figure out where the original copy should be stashed at.
$temp_path = str_replace(VARPATH . "albums/", "", $input_file);
$original_image = VARPATH . "original/" . $temp_path;
$individual_dirs = split("[/\\]", "original/" . $temp_path);
// If any original file does not already exist, then create a folder structure
// similar to that found in VARPATH/albums/ and copy the photo over before
// rotating it.
if (!file_exists($original_image)) {
$new_img_path = VARPATH;
for ($i = 0; $i < count($individual_dirs) - 1; $i++) {
$new_img_path = $new_img_path . "/" . $individual_dirs[$i];
if (!file_exists($new_img_path)) {
@mkdir($new_img_path);
}
}
if (!@copy($input_file, $original_image)) {
// If the copy failed, display an error message.
message::error(t("Your original image was not backed up!"));
}
}
}
}
public function index()
{
$form = $this->_get_form();
if (request::method() == "post") {
access::verify_csrf();
if ($form->validate()) {
module::set_var("strip_exif", "exiv_path", $_POST['exiv_path']);
if ($_POST['exif_tags'] != "") {
module::set_var("strip_exif", "exif_remove", isset($_POST['exif_remove']) ? $_POST['exif_remove'] : false);
module::set_var("strip_exif", "exif_tags", $_POST['exif_tags']);
} else {
module::set_var("strip_exif", "exif_remove", false);
module::set_var("strip_exif", "exif_tags", self::$defExifTags);
}
if ($_POST['iptc_tags'] != "") {
module::set_var("strip_exif", "iptc_remove", isset($_POST['iptc_remove']) ? $_POST['iptc_remove'] : false);
module::set_var("strip_exif", "iptc_tags", $_POST['iptc_tags']);
} else {
module::set_var("strip_exif", "iptc_remove", false);
module::set_var("strip_exif", "iptc_tags", self::$defIptcTags);
}
if (isset($_POST['verbose'])) {
module::set_var("strip_exif", "verbose", $_POST['verbose']);
}
message::success(t("Settings have been saved"));
url::redirect("admin/strip_exif");
} else {
message::error(t("There was a problem with the submitted form. Please check your values and try again."));
}
}
print $this->_get_view();
}
public function action_index()
{
$type = $this->request->param('type');
$search = Security::xss_clean(Arr::get($_POST, 'search', ''));
if ($post = $this->request->post()) {
$title = Security::xss_clean(Arr::get($post, 'title1', ''));
if ($title != '') {
$titles = ORM::factory('Specprojecttitle', $type);
$titles->title = $title;
$titles->save();
message::success('Успешно изменено');
$this->redirect('manage/specprojects/' . $type);
} else {
message::error('Поле не может быть пустым.');
$this->redirect('manage/specprojects/' . $type);
}
}
if (!empty($search)) {
$this->redirect('manage/specprojects/' . $type . '/search/' . $search);
}
$public = ORM::factory('Publication')->join('spec_projects', 'LEFT')->on('publication.id', '=', 'spec_projects.id_publication')->select('publication.*', 'spec_projects.spec_published', 'spec_projects.in_slider', 'spec_projects.in_middle', 'spec_projects.in_bottom')->where('spec_projects.sproject', '=', $type)->order_by('order', 'desc')->order_by('date', 'DESC');
$paginate = Paginate::factory($public)->paginate(NULL, NULL, 10)->render();
$public = $public->find_all();
$title = ORM::factory('Specprojecttitle', $type)->title;
$this->set('title', $title);
$this->set('list', $public)->set('type', $type);
$this->set('paginate', $paginate);
}
public function index()
{
// require_once(MODPATH . "aws_s3/lib/s3.php");
$form = $this->_get_s3_form();
if (request::method() == "post") {
access::verify_csrf();
if ($form->validate()) {
module::set_var("aws_s3", "enabled", isset($_POST['enabled']) ? true : false);
module::set_var("aws_s3", "access_key", $_POST['access_key']);
module::set_var("aws_s3", "secret_key", $_POST['secret_key']);
module::set_var("aws_s3", "bucket_name", $_POST['bucket_name']);
module::set_var("aws_s3", "g3id", $_POST['g3id']);
module::set_var("aws_s3", "url_str", $_POST['url_str']);
module::set_var("aws_s3", "sig_exp", $_POST['sig_exp']);
module::set_var("aws_s3", "use_ssl", isset($_POST['use_ssl']) ? true : false);
if (module::get_var("aws_s3", "enabled") && !module::get_var("aws_s3", "synced", false)) {
site_status::warning(t('Your site has not yet been syncronised with your Amazon S3 bucket. Content will not appear correctly until you perform syncronisation. <a href="%url" class="g-dialog-link">Fix this now</a>', array("url" => html::mark_clean(url::site("admin/maintenance/start/aws_s3_task::sync?csrf=__CSRF__")))), "aws_s3_not_synced");
}
message::success(t("Settings have been saved"));
url::redirect("admin/aws_s3");
} else {
message::error(t("There was a problem with the submitted form. Please check your values and try again."));
}
}
$v = new Admin_View("admin.html");
$v->page_title = t("Amazon S3 Configuration");
$v->content = new View("admin_aws_s3.html");
$v->content->form = $form;
$v->content->end = "";
echo $v;
}
private function change_status($blog_post_id)
{
$post = ORM::factory('blog_post', (int) $blog_post_id);
if (!$post->loaded) {
message::error(__('Invalid ID'), 'admin/blog');
}
$post->comment_status = $status;
$post->save();
message::info(__('Comment status changed to "%status"', array('status' => $status)), 'admin/blog');
}
public function handler()
{
access::verify_csrf();
$form = $this->_get_form();
if ($form->validate()) {
$scrollsize = intval($form->navcarousel->scrollsize->value);
$showelements = intval($form->navcarousel->showelements->value);
$carouselwidth = intval($form->navcarousel->carouselwidth->value);
$thumbsize = intval($form->thumbsettings->thumbsize->value);
if ($showelements < 1) {
$showelements = 1;
message::error(t("You must show at least one item."));
}
if ($scrollsize < 1) {
$scrollsize = 1;
message::error(t("You must scroll by at least one item."));
}
if ($thumbsize > 150 || $thumbsize < 25) {
$thumbsize = 50;
message::error(t("The size of the thumbnails must be between 25 and 150 pixel."));
}
if ($carouselwidth < $thumbsize + 75 && $carouselwidth > 0) {
$carouselwidth = $thumbsize + 75;
message::error(t("The carousel must be at least %pixel wide.", array("pixel" => $carouselwidth)));
}
if ($carouselwidth > 0) {
if ($carouselwidth < ($thumbsize + 11) * $showelements + 64) {
$showelements = ($carouselwidth - 64) / ($thumbsize + 11);
$showelements = intval(floor($showelements));
message::error(t("With the selected carousel width and thumbnail size you can show a maximum of %itemno items.", array("itemno" => $showelements)));
}
} else {
message::warning(t("The maximum number of displayable items cannot be calculated when the carousel width is set to 0."));
}
if ($scrollsize > $showelements) {
$scrollsize = $showelements;
message::error(t("The number of items to scroll must not exceed the number of items to show."));
}
module::set_var("navcarousel", "scrollsize", $scrollsize);
module::set_var("navcarousel", "showelements", $showelements);
module::set_var("navcarousel", "carouselwidth", $carouselwidth);
module::set_var("navcarousel", "thumbsize", $thumbsize);
module::set_var("navcarousel", "abovephoto", $form->navcarousel->abovephoto->value, true);
module::set_var("navcarousel", "noajax", $form->navcarousel->noajax->value, true);
module::set_var("navcarousel", "showondomready", $form->navcarousel->showondomready->value, true);
module::set_var("navcarousel", "maintainaspect", $form->thumbsettings->maintainaspect->value, true);
module::set_var("navcarousel", "nomouseover", $form->thumbsettings->nomouseover->value, true);
module::set_var("navcarousel", "noresize", $form->thumbsettings->noresize->value, true);
message::success(t("Your settings have been saved."));
url::redirect("admin/navcarousel");
}
print $this->_get_view($form);
}
public function delete($id)
{
$user = ORM::factory('user', (int) $id);
if (!$user->loaded) {
message::error(__('Invalid ID'), 'admin/user');
}
if ($user->id === Auth::instance()->get_user()->id) {
message::error(__('You can\'t delete yourself'), 'admin/user');
}
$user->remove(ORM::factory('role', 'login'));
$user->remove(ORM::factory('role', 'admin'));
$user->delete();
message::info(__('User deleted successfully'), 'admin/user');
}
public function index()
{
$form = $this->_get_form();
if (request::method() == "post") {
access::verify_csrf();
if ($form->validate()) {
module::set_var("auto_date", "template", $_POST['template']);
message::success(t("Settings have been saved"));
url::redirect("admin/auto_date");
} else {
message::error(t("There was a problem with the submitted form. Please check your values and try again."));
}
}
print $this->_get_view();
}
public function saveprefs()
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
$post = new Validation($_POST);
$post->add_callbacks("IccPath", array($this, "_validate_icc_path"));
$icc_path = Input::instance()->post("IccPath");
if ($post->validate()) {
module::set_var("rawphoto", "icc_path", $icc_path);
message::success(t("Your preferences have been saved."));
} else {
message::error(t("Your preferences are not valid."));
}
print $this->_get_view($post->errors(), $icc_path);
}
/**
* Shorten a G3 item's link and display the result in a status message.
* @param int $item_id
*/
public function shorten($item_id)
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
$item = ORM::factory("item", $item_id);
// Ensure user has permission
access::required("view", $item);
access::required("edit", $item);
// Shorten the item's URL
$short_url = bitly::shorten_url($item_id);
if ($short_url) {
message::success("Item URL shortened to {$short_url}");
} else {
message::error("Unable to shorten " . url::abs_site($item->relative_url_cache));
}
// Redirect back to the item
url::redirect(url::abs_site($item->relative_url_cache));
}
public function restore($id)
{
// Allow the user to restore the original photo.
// Make sure the current user has suficient access to view and edit the item.
$item = ORM::factory("item", $id);
access::required("view", $item);
access::required("edit", $item);
// Figure out where the original was stashed at.
$original_image = VARPATH . "original/" . str_replace(VARPATH . "albums/", "", $item->file_path());
// Make sure the current item is a photo and that an original exists.
if ($item->is_photo() && file_exists($original_image)) {
// Delete the modified version of the photo.
@unlink($item->file_path());
// Copy the original image back over, display an error message if the copy fails.
if (@rename($original_image, $item->file_path())) {
// Re-generate the items resize and thumbnail.
$item_data = model_cache::get("item", $id);
$item_data->resize_dirty = 1;
$item_data->thumb_dirty = 1;
$item_data->save();
graphics::generate($item_data);
// If the item is the thumbnail for the parent album,
// fix the parent's thumbnail as well.
$parent = $item_data->parent();
if ($parent->album_cover_item_id == $item_data->id) {
copy($item_data->thumb_path(), $parent->thumb_path());
$parent->thumb_width = $item_data->thumb_width;
$parent->thumb_height = $item_data->thumb_height;
$parent->save();
}
// Display a success message and redirect to the items page.
message::success(t("Your original image has been restored."));
url::redirect($item->url());
} else {
// Display an error message if the copy failed.
message::error(t("Image restore failed!"));
url::redirect($item->url());
}
} else {
// Display an error message if there is not an original photo.
message::error(t("Image restore failed!"));
url::redirect($item->url());
}
}
/**
* Check a login and an API Key against bit.ly to make sure they're valid
* @param string $login bit.ly login
* @param string $api_key bit.ly API key
* @return boolean
*/
static function validate_config($login, $api_key)
{
if (!empty($login) && !empty($api_key)) {
$parameters = array('login' => $login, 'apiKey' => $api_key, 'x_login' => $login, 'x_apiKey' => $api_key);
$request = self::_build_http_request('validate', $parameters);
$response = self::_http_post($request, "api.bit.ly");
$json_decoded = json_decode($response->body[0]);
if (!$json_decoded->data->valid) {
if ("INVALID_LOGIN" == $json_decoded->status_txt) {
message::error(t("Your bit.ly login is incorrect"));
} else {
if ("INVALID_APIKEY" == $json_decoded->status_txt) {
message::error(t("Your bit.ly API Key is incorrect."));
}
}
return false;
} else {
return true;
}
}
}
public function index()
{
if (g1_import::is_configured()) {
g1_import::init();
}
$view = new Admin_View('admin.html');
$view->page_title = t('Gallery 1 import');
$view->content = new View('admin_g1_import.html');
if (is_dir(g1_import::$album_dir)) {
$view->content->g1_stats = $g1_stats = g1_import::g1_stats();
$view->content->g3_stats = $g3_stats = g1_import::g3_stats();
$view->content->g1_sizes = g1_import::common_sizes();
$view->content->g1_version = g1_import::version();
// Don't count tags because we don't track them in g1_map
$view->content->g1_resource_count = $g1_stats['users'] + $g1_stats['groups'] + $g1_stats['albums'] + $g1_stats['photos'] + $g1_stats['movies'] + $g1_stats['comments'];
$view->content->g3_resource_count = $g3_stats['user'] + $g3_stats['group'] + $g3_stats['album'] + $g3_stats['item'] + $g3_stats['comment'] + $g3_stats['tag'];
}
$view->content->form = $this->_get_import_form();
$view->content->version = '';
$view->content->thumb_size = module::get_var('gallery', 'thumb_size');
$view->content->resize_size = module::get_var('gallery', 'resize_size');
if (g1_import::is_initialized()) {
if (count(g1_import::$warn_utf8) > 0) {
message::error(t('Your G1 contains %count folder(s) containing nonstandard characters that G3 doesn\'t work with: <pre>%names</pre>Please rename the above folders in G1 before trying to import your data.', array('count' => count(g1_import::$warn_utf8), 'names' => "\n\n " . implode("\n ", g1_import::$warn_utf8) . "\n\n")));
}
if ((bool) ini_get('eaccelerator.enable') || (bool) ini_get('xcache.cacher')) {
message::warning(t('The eAccelerator and XCache PHP performance extensions are known to cause issues. If you\'re using either of those and are having problems, please disable them while you do your import. Add the following lines: <pre>%lines</pre> to gallery3/.htaccess and remove them when the import is done.', array('lines' => "\n\n php_value eaccelerator.enable 0\n php_value xcache.cacher off\n php_value xcache.optimizer off\n\n")));
}
foreach (array('notification', 'search', 'exif') as $module_id) {
if (module::is_active($module_id)) {
message::warning(t('<a href="%url">Deactivating</a> the <b>%module_id</b> module during your import will make it faster', array('url' => url::site('admin/modules'), 'module_id' => $module_id)));
}
}
} else {
if (g1_import::is_configured()) {
$view->content->form->configure_g1_import->albums_path->add_error('invalid', 1);
}
}
print $view;
}
static function watch_event($event, $args)
{
$msg = date('H:i:s', time() - 4 * 3600) . " {$event}: ";
$sep = "";
foreach ($args as $arg) {
if (is_object($arg)) {
$class = get_class($arg);
if (strcmp($class, 'User_Model') == 0 || strcmp($class, 'Group_Model') == 0 || strcmp($class, 'Item_Model') == 0 || strcmp($class, 'Module_Model') == 0 || strcmp($class, 'Tag_Model') == 0 || strcmp($class, 'Task_Model') == 0 || strcmp($class, 'Theme_Model') == 0 || strcmp($class, 'Var_Model') == 0) {
$msg = "{$msg} {$sep} {$class}(" . $arg->name . ")";
} elseif (strcmp($class, 'Comment_Model') == 0) {
$text = substr($arg->text, 0, 25);
$msg = "{$msg} {$sep} {$class}( {$text}... )";
} else {
$msg = $msg . $sep . get_class($arg);
}
} else {
$msg = $msg . $sep . $arg;
}
$sep = ", ";
}
message::error($msg);
}
public function converthandler()
{
access::verify_csrf();
$form = $this->_get_converter_form();
if ($form->validate()) {
//Load the source tag
$sourcetag = ORM::factory("tag", $form->sourcetag->value);
if (!$sourcetag->loaded()) {
message::error(t("The specified tag could not be found"));
url::redirect("admin/photoannotation/converter");
}
//Load the target user
$targetuser = ORM::factory("user", $form->targetuser->value);
if (!$targetuser->loaded()) {
message::error(t("The specified person could not be found"));
url::redirect("admin/photoannotation/converter");
}
//Load all existing tag annotations
$tag_annotations = ORM::factory("items_face")->where("tag_id", "=", $sourcetag->id)->find_all();
//Disable user notifications so that users don't get flooded with mails
$old_notification_setting = module::get_var("photoannotation", "nonotifications", false);
module::set_var("photoannotation", "nonotifications", true, true);
foreach ($tag_annotations as $tag_annotation) {
photoannotation::saveuser($targetuser->id, $tag_annotation->item_id, $tag_annotation->x1, $tag_annotation->y1, $tag_annotation->x2, $tag_annotation->y2, $tag_annotation->description);
//Delete the old annotation
$tag_annotation->delete();
}
//Remove and delete old tag
if ($form->deletetag->value) {
$this->_remove_tag($sourcetag, true);
} elseif ($form->removetag->value) {
$this->_remove_tag($sourcetag, false);
}
module::set_var("photoannotation", "nonotifications", $old_notification_setting, true);
message::success(t("%count tag annotations (%tagname) have been converted to user annotations (%username)", array("count" => count($tag_annotations), "tagname" => $sourcetag->name, "username" => $targetuser->display_name())));
url::redirect("admin/photoannotation/converter");
}
print $this->_get_converter_view($form);
}
public function confirm($hash)
{
$pending_user = ORM::factory("pending_user")->where("hash", "=", $hash)->where("state", "=", 0)->find();
if ($pending_user->loaded()) {
// @todo add a request date to the pending user table and check that it hasn't expired
$policy = module::get_var("registration", "policy");
$pending_user->state = 1;
$pending_user->save();
if ($policy == "vistor") {
$user = register::create_new_user($pending_user->id);
message::success(t("Your registration request has been approved"));
auth::login($user);
Session::instance()->set("registration_first_usage", true);
$pending_user->delete();
} else {
site_status::warning(t("There are pending user registration. <a href=\"%url\">Review now!</a>", array("url" => html::mark_clean(url::site("admin/register")))), "pending_user_registrations");
message::success(t("Your registration request is awaiting administrator approval"));
}
} else {
message::error(t("Your registration request is no longer valid, Please re-register."));
}
url::redirect(item::root()->abs_url());
}
public function index()
{
$form = $this->_get_form();
if (request::method() == "post") {
access::verify_csrf();
if ($form->validate()) {
module::set_var("transcode", "ffmpeg_path", $_POST['ffmpeg_path']);
module::set_var("transcode", "ffmpeg_flags", $_POST['ffmpeg_flags']);
module::set_var("transcode", "audio_codec", $_POST['audio_codec']);
module::set_var("transcode", "ffmpeg_audio_kbits", isset($_POST['ffmpeg_audio_kbits']) ? $_POST['ffmpeg_audio_kbits'] : false);
module::set_var("transcode", "resolution_240p", isset($_POST['resolution_240p']) ? $_POST['resolution_240p'] : false);
module::set_var("transcode", "resolution_360p", isset($_POST['resolution_360p']) ? $_POST['resolution_360p'] : false);
module::set_var("transcode", "resolution_480p", isset($_POST['resolution_480p']) ? $_POST['resolution_480p'] : false);
module::set_var("transcode", "resolution_576p", isset($_POST['resolution_576p']) ? $_POST['resolution_576p'] : false);
module::set_var("transcode", "resolution_720p", isset($_POST['resolution_720p']) ? $_POST['resolution_720p'] : false);
module::set_var("transcode", "resolution_1080p", isset($_POST['resolution_1080p']) ? $_POST['resolution_1080p'] : false);
message::success(t("Settings have been saved"));
url::redirect("admin/transcode");
} else {
message::error(t("There was a problem with the submitted form. Please check your values and try again."));
}
}
print $this->_get_view();
}
public function checkpassword()
{
// Check that a password is valid, then store in a browser cookie.
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Convert submitted data to local variables.
$album_password = strtolower(Input::instance()->post("albumpassword_password"));
// See if the submitted password matches any in the database.
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", $album_password)->find_all();
if (count($existing_password) > 0) {
// If the password if valid, then store it, and display a success message.
// If not, close the dialog and display a rejected message.
cookie::delete("g3_albumpassword_id");
cookie::set("g3_albumpassword", $album_password);
message::success(t("Password Accepted."));
json::reply(array("result" => "success"));
} else {
message::error(t("Password Rejected."));
json::reply(array("result" => "success"));
}
}
public function delete()
{
// Prevent Cross Site Request Forgery
access::verify_csrf();
//Get form data
$noteid = $_POST["noteid"];
$notetype = $_POST["notetype"];
$redir_uri = $_POST["currenturl"];
if ($noteid == "" || $notetype == "") {
message::error(t("Please select a tag or note to delete."));
url::redirect($redir_uri);
return;
}
if ($notetype == "face") {
db::build()->delete("items_faces")->where("id", "=", $noteid)->execute();
message::success(t("Annotation deleted."));
} elseif ($notetype == "note") {
db::build()->delete("items_notes")->where("id", "=", $noteid)->execute();
message::success(t("Annotation deleted."));
} else {
message::error(t("Please select a tag or note to delete."));
}
url::redirect($redir_uri);
}
/**
* Post a status update to Twitter
* @param int $item_id
*/
public function tweet($item_id)
{
access::verify_csrf();
$item = ORM::factory("item", $item_id);
$form = twitter::get_tweet_form($item);
if ($form->validate()) {
$item_url = url::abs_site($item->relative_url_cache);
$user = $this->_get_twitter_user(identity::active_user()->id);
$consumer_key = module::get_var("twitter", "consumer_key");
$consumer_secret = module::get_var("twitter", "consumer_secret");
require_once MODPATH . "twitter/vendor/twitteroauth/twitteroauth.php";
$connection = new TwitterOAuth($consumer_key, $consumer_secret, $user->oauth_token, $user->oauth_token_secret);
$message = $form->twitter_message->tweet->value;
$attach_image = $form->twitter_message->attach_image->value;
if ($attach_image == 1) {
$filename = APPPATH . "../var/resizes/" . $item->relative_path_cache;
$handle = fopen($filename, "rb");
$image = fread($handle, filesize($filename));
fclose($handle);
$response = $connection->upload('statuses/update_with_media', array('media[]' => "{$image};type=image/jpeg;filename={$filename}", 'status' => $message));
} else {
$response = $connection->post('statuses/update', array('status' => $message));
}
if (200 == $connection->http_code) {
message::success(t("Tweet sent!"));
json::reply(array("result" => "success", "location" => $item->url()));
} else {
message::error(t("Unable to send, your Tweet has been saved. Please try again later: %http_code, %response_error", array("http_code" => $connection->http_code, "response_error" => $response->error)));
log::error("content", "Twitter", t("Unable to send tweet: %http_code", array("http_code" => $connection->http_code)));
json::reply(array("result" => "success", "location" => $item->url()));
}
$tweet->item_id = $item_id;
!empty($response->id) ? $tweet->twitter_id = $response->id : ($tweet->twitter_id = NULL);
$tweet->tweet = $message;
$tweet->id = $form->twitter_message->tweet_id->value;
$this->_save_tweet($tweet);
} else {
json::reply(array("result" => "error", "html" => (string) $form));
}
}
public function make_tag_album_cover($id, $tag_id, $album_id)
{
if (!identity::active_user()->admin) {
message::error(t("You do not have sufficient privileges to do this"));
url::redirect("tag_albums/show/" . $id . "/" . $tag_id . "/" . $album_id . "/" . urlencode($item->name));
}
$item = ORM::factory("item", $id);
if ($album_id > 0 && $tag_id == 0) {
// If we are dealing with a dynamic album, set it's thumbnail to this pics.
// Based on modules/gallery/helpers/item.php
$album_tags = ORM::factory("tags_album_id")->where("id", "=", $album_id)->find_all();
if (count($album_tags) > 0) {
$parent = ORM::factory("item", $album_tags[0]->album_id);
$parent->album_cover_item_id = $item->id;
$parent->thumb_dirty = 1;
graphics::generate($parent);
$parent->save();
$grand_parent = $parent->parent();
if ($grand_parent && access::can("edit", $grand_parent) && $grand_parent->album_cover_item_id == null) {
item::make_album_cover($parent);
}
}
message::success(t("Made " . $item->title . " this album's cover"));
url::redirect("tag_albums/show/" . $id . "/" . $tag_id . "/" . $album_id . "/" . urlencode($item->name));
} else {
// If setting a thumbnail for an auto-generated all tags->tag album.
$record = ORM::factory("tags_album_tag_cover")->where("tag_id", "=", $tag_id)->find();
if (!$record->loaded()) {
$record->tag_id = $tag_id;
}
$record->photo_id = $id;
$record->save();
message::success(t("Made " . $item->title . " this album's cover"));
url::redirect("tag_albums/show/" . $id . "/" . $tag_id . "/" . $album_id . "/" . urlencode($item->name));
}
}
public function checkpassword()
{
// Check that a password is valid, then store in a browser cookie.
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Convert submitted data to local variables.
$album_password = Input::instance()->post("albumpassword_password");
// See if the submitted password matches any in the database.
$existing_password = ORM::factory("items_albumpassword")->where("password", "=", $album_password)->find_all();
if (count($existing_password) > 0) {
// If the password if valid, then store it, and display a success message.
// If not, close the dialog and display a rejected message.
cookie::set("g3_albumpassword", $album_password);
message::success(t("Password Accepted."));
print "<html>\n<body>\n<script type=\"text/javascript\">\n\$(\"#g-dialog\").dialog(\"close\");\nwindow.location.reload();\n</script>\n</body>\n</html>\n";
} else {
message::error(t("Password Rejected."));
print "<html>\n<body>\n<script type=\"text/javascript\">\n\$(\"#g-dialog\").dialog(\"close\");\nwindow.location.reload();\n</script>\n</body>\n</html>\n";
}
}
public function add()
{
access::verify_csrf();
$form = watermark::get_add_form();
if ($form->validate()) {
$file = $_POST["file"];
$pathinfo = pathinfo($file);
// Forge prefixes files with "uploadfile-xxxxxxx" for uniqueness
$name = preg_replace("/uploadfile-[^-]+-(.*)/", '$1', $pathinfo["basename"]);
if (!($image_info = getimagesize($file)) || !in_array($image_info[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) {
message::error(t("Unable to identify this image file"));
@unlink($file);
return;
}
rename($file, VARPATH . "modules/watermark/{$name}");
module::set_var("watermark", "name", $name);
module::set_var("watermark", "width", $image_info[0]);
module::set_var("watermark", "height", $image_info[1]);
module::set_var("watermark", "mime_type", $image_info["mime"]);
module::set_var("watermark", "position", $form->add_watermark->position->value);
module::set_var("watermark", "transparency", $form->add_watermark->transparency->value);
$this->_update_graphics_rules();
@unlink($file);
message::success(t("Watermark saved"));
log::success("watermark", t("Watermark saved"));
json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
} else {
// rawurlencode the results because the JS code that uploads the file buffers it in an
// iframe which entitizes the HTML and makes it difficult for the JS to process. If we url
// encode it now, it passes through cleanly. See ticket #797.
json::reply(array("result" => "error", "html" => rawurlencode((string) $form)));
}
// Override the application/json mime type. The dialog based HTML uploader uses an iframe to
// buffer the reply, and on some browsers (Firefox 3.6) it does not know what to do with the
// JSON that it gets back so it puts up a dialog asking the user what to do with it. So force
// the encoding type back to HTML for the iframe.
// See: http://jquery.malsup.com/form/#file-upload
header("Content-Type: text/html; charset=" . Kohana::CHARSET);
}
public function add()
{
access::verify_csrf();
$form = watermark::get_add_form();
// For TEST_MODE, we want to simulate a file upload. Because this is not a true upload, Forge's
// validation logic will correctly reject it. So, we skip validation when we're running tests.
if (TEST_MODE || $form->validate()) {
$file = $_POST["file"];
// Forge prefixes files with "uploadfile-xxxxxxx" for uniqueness
$name = preg_replace("/uploadfile-[^-]+-(.*)/", '$1', basename($file));
try {
list($width, $height, $mime_type, $extension) = photo::get_file_metadata($file);
// Sanitize filename, which ensures a valid extension. This renaming prevents the issues
// addressed in ticket #1855, where an image that looked valid (header said jpg) with a
// php extension was previously accepted without changing its extension.
$name = legal_file::sanitize_filename($name, $extension, "photo");
} catch (Exception $e) {
message::error(t("Invalid or unidentifiable image file"));
system::delete_later($file);
return;
}
rename($file, VARPATH . "modules/watermark/{$name}");
module::set_var("watermark", "name", $name);
module::set_var("watermark", "width", $width);
module::set_var("watermark", "height", $height);
module::set_var("watermark", "mime_type", $mime_type);
module::set_var("watermark", "position", $form->add_watermark->position->value);
module::set_var("watermark", "transparency", $form->add_watermark->transparency->value);
$this->_update_graphics_rules();
system::delete_later($file);
message::success(t("Watermark saved"));
log::success("watermark", t("Watermark saved"));
json::reply(array("result" => "success", "location" => url::site("admin/watermarks")));
} else {
// rawurlencode the results because the JS code that uploads the file buffers it in an
// iframe which entitizes the HTML and makes it difficult for the JS to process. If we url
// encode it now, it passes through cleanly. See ticket #797.
json::reply(array("result" => "error", "html" => rawurlencode((string) $form)));
}
// Override the application/json mime type. The dialog based HTML uploader uses an iframe to
// buffer the reply, and on some browsers (Firefox 3.6) it does not know what to do with the
// JSON that it gets back so it puts up a dialog asking the user what to do with it. So force
// the encoding type back to HTML for the iframe.
// See: http://jquery.malsup.com/form/#file-upload
header("Content-Type: text/html; charset=" . Kohana::CHARSET);
}
public function edit_group($id)
{
access::verify_csrf();
$group = group::lookup($id);
if (empty($group)) {
kohana::show_404();
}
$form = $this->_get_group_edit_form_admin($group);
$valid = $form->validate();
if ($valid) {
$new_name = $form->edit_group->inputs["name"]->value;
$group = group::lookup_by_name($name);
if ($group->loaded) {
$form->edit_group->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
}
if ($valid) {
$group->name = $form->edit_group->inputs["name"]->value;
$group->save();
message::success(t("Changed group %group_name", array("group_name" => $group->name)));
print json_encode(array("result" => "success"));
} else {
message::error(t("Failed to change group %group_name", array("group_name" => $group->name)));
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
public function edit_group($id)
{
access::verify_csrf();
$group = ORM::factory("group", $id);
if (!$group->loaded) {
kohana::show_404();
}
$form = group::get_edit_form_admin($group);
$valid = $form->validate();
if ($valid) {
$new_name = $form->edit_group->inputs["name"]->value;
$group = ORM::factory("group")->where("name", $new_name)->find();
if ($group->loaded) {
$form->edit_group->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
}
if ($valid) {
$group->name = $form->edit_group->inputs["name"]->value;
$group->save();
message::success(t("Changed group %group_name", array("group_name" => p::clean($group->name))));
print json_encode(array("result" => "success"));
} else {
message::error(t("Failed to change group %group_name", array("group_name" => p::clean($group->name))));
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
static function change_provider($new_provider)
{
$current_provider = module::get_var("gallery", "identity_provider");
if (!empty($current_provider)) {
module::uninstall($current_provider);
}
try {
IdentityProvider::reset();
$provider = new IdentityProvider($new_provider);
module::set_var("gallery", "identity_provider", $new_provider);
if (method_exists("{$new_provider}_installer", "initialize")) {
call_user_func("{$new_provider}_installer::initialize");
}
module::event("identity_provider_changed", $current_provider, $new_provider);
auth::login($provider->admin_user());
Session::instance()->regenerate();
} catch (Exception $e) {
static $restore_already_running;
// In case of error, make an attempt to restore the old provider. Since that's calling into
// this function again and can fail, we should be sure not to get into an infinite recursion.
if (!$restore_already_running) {
$restore_already_running = true;
// Make sure new provider is not in the database
module::uninstall($new_provider);
// Lets reset to the current provider so that the gallery installation is still
// working.
module::set_var("gallery", "identity_provider", null);
IdentityProvider::change_provider($current_provider);
module::activate($current_provider);
message::error(t("Error attempting to enable \"%new_provider\" identity provider, " . "reverted to \"%old_provider\" identity provider", array("new_provider" => $new_provider, "old_provider" => $current_provider)));
$restore_already_running = false;
}
throw $e;
}
}
public function saveface()
{
// Save the face coordinates to the specified tag.
// Prevent Cross Site Request Forgery
access::verify_csrf();
// Convert submitted data to local variables.
$tag_data = Input::instance()->post("tagsList");
$str_face_title = str_replace("'", "\\'", Input::instance()->post("face_title"));
$str_face_description = str_replace("'", "\\'", Input::instance()->post("face_description"));
$item_data = Input::instance()->post("item_id");
$str_x1 = Input::instance()->post("x1");
$str_y1 = Input::instance()->post("y1");
$str_x2 = Input::instance()->post("x2");
$str_y2 = Input::instance()->post("y2");
// If the user didn't select a face, display an error and abort.
if ($str_x1 == "" || $str_x2 == "" || $str_y1 == "" || $str_y2 == "") {
message::error(t("Please select a face."));
url::redirect("tagfaces/drawfaces/{$item_data}");
return;
}
// Decide if we are saving a face or a note.
if ($tag_data == -1) {
// Make sure there's a title.
if ($str_face_title == "") {
message::error(t("Please select a Tag or specify a Title."));
url::redirect("tagfaces/drawfaces/{$item_data}");
return;
}
// Save a new Note to the database.
$newnote = ORM::factory("items_note");
$newnote->item_id = $item_data;
$newnote->x1 = $str_x1;
$newnote->y1 = $str_y1;
$newnote->x2 = $str_x2;
$newnote->y2 = $str_y2;
$newnote->title = $str_face_title;
$newnote->description = $str_face_description;
$newnote->save();
} else {
// Check to see if the tag already has a face associated with it.
$existingFace = ORM::factory("items_face")->where("tag_id", "=", $tag_data)->where("item_id", "=", $item_data)->find_all();
if (count($existingFace) == 0) {
// Save the new face to the database.
$newface = ORM::factory("items_face");
$newface->tag_id = $tag_data;
$newface->item_id = $item_data;
$newface->x1 = $str_x1;
$newface->y1 = $str_y1;
$newface->x2 = $str_x2;
$newface->y2 = $str_y2;
$newface->description = $str_face_description;
$newface->save();
} else {
// Update the coordinates of an existing face.
$updatedFace = ORM::factory("items_face", $existingFace[0]->id);
$updatedFace->x1 = $str_x1;
$updatedFace->y1 = $str_y1;
$updatedFace->x2 = $str_x2;
$updatedFace->y2 = $str_y2;
$updatedFace->description = $str_face_description;
$updatedFace->save();
}
}
// Redirect back to the main screen and display a "success" message.
message::success(t("Face saved."));
url::redirect("tagfaces/drawfaces/{$item_data}");
}
public function edit_group($id)
{
access::verify_csrf();
$group = group::lookup($id);
if (empty($group)) {
throw new Kohana_404_Exception();
}
$form = $this->_get_group_edit_form_admin($group);
try {
$valid = $form->validate();
$group->name = $form->edit_group->inputs["name"]->value;
$group->validate();
} catch (ORM_Validation_Exception $e) {
// Translate ORM validation errors into form error messages
foreach ($e->validation->errors() as $key => $error) {
$form->edit_group->inputs[$key]->add_error($error, 1);
}
$valid = false;
}
if ($valid) {
$group->save();
message::success(t("Changed group %group_name", array("group_name" => $group->name)));
json::reply(array("result" => "success"));
} else {
$group->reload();
message::error(t("Failed to change group %group_name", array("group_name" => $group->name)));
json::reply(array("result" => "error", "html" => (string) $form));
}
}
public function add()
{
$form = watermark::get_add_form();
if ($form->validate()) {
$file = $_POST["file"];
$pathinfo = pathinfo($file);
// Forge prefixes files with "uploadfile-xxxxxxx" for uniqueness
$name = preg_replace("/uploadfile-[^-]+-(.*)/", '$1', $pathinfo["basename"]);
if (!($image_info = getimagesize($file)) || !in_array($image_info[2], array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG))) {
message::error(t("Unable to identify this image file"));
@unlink($file);
return;
}
rename($file, VARPATH . "modules/watermark/{$name}");
module::set_var("watermark", "name", $name);
module::set_var("watermark", "width", $image_info[0]);
module::set_var("watermark", "height", $image_info[1]);
module::set_var("watermark", "mime_type", $image_info["mime"]);
module::set_var("watermark", "position", $form->add_watermark->position->value);
module::set_var("watermark", "transparency", $form->add_watermark->transparency->value);
$this->_update_graphics_rules();
@unlink($file);
message::success(t("Watermark saved"));
log::success("watermark", t("Watermark saved"));
print json_encode(array("result" => "success", "location" => url::site("admin/watermarks")));
} else {
print json_encode(array("result" => "error", "form" => $form->__toString()));
}
}
