public function edit($image_id) { //we cheat a little but we will make good later global $phpbb_root_path, $phpEx; $image_data = $this->image->get_image_data($image_id); $album_id = $image_data['image_album_id']; $album_data = $this->album->get_info($album_id); $this->user->add_lang_ext('phpbbgallery/core', array('gallery')); $this->display->generate_navigation($album_data); add_form_key('gallery'); $submit = $this->request->variable('submit', false); $image_backlink = append_sid('./gallery/image/' . $image_id); $album_backlink = append_sid('./gallery/album/' . $image_data['image_album_id']); $disp_image_data = $image_data; $owner_id = $image_data['image_user_id']; $album_loginlink = './ucp.php?mode=login'; $this->gallery_auth->load_user_premissions($this->user->data['user_id']); if (!$this->gallery_auth->acl_check('i_edit', $album_id, $owner_id) || $image_data['image_status'] == \phpbbgallery\core\image\image::STATUS_ORPHAN) { if (!$this->gallery_auth->acl_check('m_edit', $album_id, $owner_id)) { $this->misc->not_authorised($album_backlink, $album_loginlink, 'LOGIN_EXPLAIN_UPLOAD'); } } if ($submit) { if (!check_form_key('gallery')) { trigger_error('FORM_INVALID'); } $image_desc = $this->request->variable('message', array(''), true); $image_desc = $image_desc[0]; $image_name = $this->request->variable('image_name', array(''), true); $image_name = $image_name[0]; if (strlen($image_desc) > $this->gallery_config->get('description_length')) { trigger_error($this->user->lang('DESC_TOO_LONG')); } // Create message parser instance include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx; $message_parser = new \parse_message(); $message_parser->message = utf8_normalize_nfc($image_desc); if ($message_parser->message) { $message_parser->parse(true, true, true, true, false, true, true, true); } $sql_ary = array('image_name' => $image_name, 'image_name_clean' => utf8_clean_string($image_name), 'image_desc' => $message_parser->message, 'image_desc_uid' => $message_parser->bbcode_uid, 'image_desc_bitfield' => $message_parser->bbcode_bitfield, 'image_allow_comments' => $this->request->variable('allow_comments', 0)); $errors = array(); if (empty($sql_ary['image_name_clean'])) { $errors[] = $user->lang['MISSING_IMAGE_NAME']; } if (!$this->gallery_config->get('allow_comments') || !$this->gallery_config->get('comment_user_control')) { unset($sql_ary['image_allow_comments']); } $change_image_count = false; if ($this->gallery_auth->acl_check('m_edit', $album_id, $album_data['album_user_id'])) { $user_data = $this->image->get_new_author_info($this->request->variable('change_author', '', true)); if ($user_data) { $sql_ary = array_merge($sql_ary, array('image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour'])); if ($image_data['image_status'] != $this->image->get_status_unaproved()) { $change_image_count = true; } } else { if ($this->request->variable('change_author', '', true)) { $errors[] = $user->lang['INVALID_USERNAME']; } } } $move_to_personal = $this->request->variable('move_to_personal', 0); if ($move_to_personal) { $personal_album_id = 0; if ($user->data['user_id'] != $image_data['image_user_id']) { $image_user = new \phpbbgallery\core\user($db, $image_data['image_user_id']); $personal_album_id = $image_user->get_data('personal_album_id'); // The User has no personal album, moderators can created that without the need of permissions if (!$personal_album_id) { $personal_album_id = $this->album->generate_personal_album($image_data['image_username'], $image_data['image_user_id'], $image_data['image_user_colour'], $image_user); } } else { $personal_album_id = $this->user->get_data('personal_album_id'); if (!$personal_album_id && $this->gallery_auth->acl_check('i_upload', $this->gallery_auth->get_own_album())) { $personal_album_id = $this->album->generate_personal_album($image_data['image_username'], $image_data['image_user_id'], $image_data['image_user_colour'], phpbb_gallery::$user); } } if ($personal_album_id) { $sql_ary['image_album_id'] = $personal_album_id; } } $rotate = $this->request->variable('rotate', array(0)); $rotate = isset($rotate[0]) ? $rotate[0] : 0; if ($this->gallery_config->get('allow_rotate') && $rotate > 0 && $rotate % 90 == 0) { $image_tools = new \phpbbgallery\core\file\file(); $image_tools->set_image_options($this->gallery_config->get('max_filesize'), $this->gallery_config->get('max_height'), $this->gallery_config->get('max_width')); $image_tools->set_image_data($this->url->path('upload') . $image_data['image_filename']); // Rotate the image $image_tools->rotate_image($rotate, $this->gallery_config->get('allow_rotate')); if ($image_tools->rotated) { $image_tools->write_image($image_tools->image_source, $this->gallery_config->get('jpg_quality'), true); } @unlink($this->url->path('thumbnail') . $image_data['image_filename']); @unlink($this->url->path('medium') . $image_data['image_filename']); } $error = implode('<br />', $errors); if (!$error) { $sql = 'UPDATE ' . $this->table_images . ' SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . ' WHERE image_id = ' . $image_id; $this->db->sql_query($sql); $this->album->update_info($album_data['album_id']); if ($move_to_personal && $personal_album_id) { $this->album->update_info($personal_album_id); } if ($change_image_count) { $new_user = new phpbb_gallery_user($db, $user_data['user_id'], false); $new_user->update_images(1); $old_user = new phpbb_gallery_user($db, $image_data['image_user_id'], false); $old_user->update_images(-1); } if ($this->user->data['user_id'] != $image_data['image_user_id']) { $this->gallery_log->add_log('moderator', 'edit', $image_data['image_album_id'], $image_id, array('LOG_GALLERY_EDITED', $image_name)); } $message = $this->user->lang['IMAGES_UPDATED_SUCCESSFULLY']; $message .= '<br /><br />' . sprintf($this->user->lang['CLICK_RETURN_IMAGE'], '<a href="' . $image_backlink . '">', '</a>'); $message .= '<br /><br />' . sprintf($this->user->lang['CLICK_RETURN_ALBUM'], '<a href="' . $album_backlink . '">', '</a>'); $this->url->meta_refresh(3, $image_backlink); trigger_error($message); } $disp_image_data = array_merge($disp_image_data, $sql_ary); } if (!class_exists('bbcode')) { include $this->phpbb_root_path . 'includes/bbcode.' . $this->php_ext; } include_once $this->phpbb_root_path . 'includes/message_parser.' . $this->php_ext; $message_parser = new \parse_message(); $message_parser->message = $disp_image_data['image_desc']; $message_parser->decode_message($disp_image_data['image_desc_uid']); $page_title = $disp_image_data['image_name']; $this->template->assign_block_vars('image', array('U_IMAGE' => $this->image->generate_link('thumbnail', 'plugin', $image_id, $image_data['image_name'], $album_id), 'IMAGE_NAME' => $disp_image_data['image_name'], 'IMAGE_DESC' => $message_parser->message)); $this->template->assign_vars(array('L_DESCRIPTION_LENGTH' => $this->user->lang('DESCRIPTION_LENGTH', $this->gallery_config->get('description_length')), 'S_EDIT' => true, 'S_ALBUM_ACTION' => $this->helper->route('phpbbgallery_image_edit', array('image_id' => $image_id)), 'ERROR' => isset($error) ? $error : '', 'U_VIEW_IMAGE' => $this->helper->route('phpbbgallery_image', array('image_id' => $image_id)), 'IMAGE_NAME' => $image_data['image_name'], 'S_CHANGE_AUTHOR' => $this->gallery_auth->acl_check('m_edit', $album_id, $album_data['album_user_id']), 'U_FIND_USERNAME' => $this->url->append_sid('phpbb', 'memberlist', 'mode=searchuser&form=postform&field=change_author&select_single=true'), 'S_COMMENTS_ENABLED' => $this->gallery_config->get('allow_comments') && $this->gallery_config->get('comment_user_control'), 'S_ALLOW_COMMENTS' => $image_data['image_allow_comments'], 'NUM_IMAGES' => 1, 'S_ALLOW_ROTATE' => $this->gallery_config->get('allow_rotate') && function_exists('imagerotate'), 'S_MOVE_MODERATOR' => $this->user->data['user_id'] != $image_data['image_user_id'] ? true : false)); return $this->helper->render('gallery/posting_body.html', $page_title); }
function import() { global $db, $template, $user, $phpbb_dispatcher, $phpbb_container, $gallery_url, $request, $table_prefix, $gallery_config, $gallery_album, $request; $import_schema = $request->variable('import_schema', ''); $images = $request->variable('images', array(''), true); $submit = isset($_POST['submit']) ? true : (empty($images) ? false : true); if ($import_schema) { if ($gallery_url->_file_exists($import_schema, 'import', '')) { include $gallery_url->_return_file($import_schema, 'import', ''); // Replace the md5 with the ' again and remove the space at the end to prevent \' troubles $user_data['username'] = utf8_substr(str_replace("{{$import_schema}}", "'", $user_data['username']), 0, -1); $image_name = utf8_substr(str_replace("{{$import_schema}}", "'", $image_name), 0, -1); } else { global $phpEx; trigger_error($user->lang('MISSING_IMPORT_SCHEMA', $import_schema . '.' . $phpEx), E_USER_WARNING); } $images_loop = 0; foreach ($images as $image_src) { /** * Import the images */ $image_src = str_replace("{{$import_schema}}", "'", $image_src); $image_src_full = $gallery_url->path('import') . utf8_decode($image_src); if (file_exists($image_src_full)) { $filetype = getimagesize($image_src_full); $filetype_ext = ''; $error_occured = false; switch ($filetype['mime']) { case 'image/jpeg': case 'image/jpg': case 'image/pjpeg': $filetype_ext = '.jpg'; $read_function = 'imagecreatefromjpeg'; if (substr(strtolower($image_src), -4) != '.jpg' && substr(strtolower($image_src), -5) != '.jpeg') { $this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime'])); $error_occured = true; } break; case 'image/png': case 'image/x-png': $filetype_ext = '.png'; $read_function = 'imagecreatefrompng'; if (substr(strtolower($image_src), -4) != '.png') { $this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime'])); $error_occured = true; } break; case 'image/gif': case 'image/giff': $filetype_ext = '.gif'; $read_function = 'imagecreatefromgif'; if (substr(strtolower($image_src), -4) != '.gif') { $this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime'])); $error_occured = true; } break; default: $this->log_import_error($import_schema, $user->lang['NOT_ALLOWED_FILE_TYPE']); $error_occured = true; break; } $image_filename = md5(unique_id()) . $filetype_ext; if (!$error_occured || !@move_uploaded_file($image_src_full, $gallery_url->path('upload') . $image_filename)) { if (!@copy($image_src_full, $gallery_url->path('upload') . $image_filename)) { $user->add_lang('posting'); $this->log_import_error($import_schema, sprintf($user->lang['GENERAL_UPLOAD_ERROR'], $gallery_url->path('upload') . $image_filename)); $error_occured = true; } } if (!$error_occured) { @chmod($gallery_url->path('upload') . $image_filename, 0777); // The source image is imported, so we delete it. @unlink($image_src_full); $sql_ary = array('image_filename' => $image_filename, 'image_desc' => '', 'image_desc_uid' => '', 'image_desc_bitfield' => '', 'image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour'], 'image_user_ip' => $user->ip, 'image_time' => $start_time + $done_images, 'image_album_id' => $album_id, 'image_status' => \phpbbgallery\core\image\image::STATUS_APPROVED); $image_tools = new \phpbbgallery\core\file\file(); $image_tools->set_image_options($gallery_config->get('max_filesize'), $gallery_config->get('max_height'), $gallery_config->get('max_width')); $image_tools->set_image_data($gallery_url->path('upload') . $image_filename); $additional_sql_data = array(); $file_link = $gallery_url->path('upload') . $image_filename; /** * Event to trigger before mass update * * @event phpbbgallery.acpimport.update_image_before * @var array additional_sql_data array of additional sql_data * @var string file_link String with real file link * @since 1.2.0 */ $vars = array('additional_sql_data', 'file_link'); extract($phpbb_dispatcher->trigger_event('phpbbgallery.acpimport.update_image_before', compact($vars))); if ($filetype[0] > $gallery_config->get('max_width') || $filetype[1] > $gallery_config->get('max_height')) { /** * Resize overside images */ if ($gallery_config->get('allow_resize')) { $image_tools->resize_image($gallery_config->get('max_width'), $gallery_config->get('max_height')); if ($image_tools->resized) { $image_tools->write_image($gallery_url->path('upload') . $image_filename, $gallery_config->get('jpg_quality'), true); } } } $file_updated = (bool) $image_tools->resized; /** * Event to trigger before mass update * * @event phpbbgallery.acpimport.update_image * @var array additional_sql_data array of additional sql_data * @var bool file_updated is file resized * @since 1.2.0 */ $vars = array('additional_sql_data', 'file_updated'); extract($phpbb_dispatcher->trigger_event('phpbbgallery.acpimport.update_image', compact($vars))); $sql_ary = array_merge($sql_ary, $additional_sql_data); // Try to get real filesize from temporary folder (not always working) ;) $sql_ary['filesize_upload'] = @filesize($gallery_url->path('upload') . $image_filename) ? @filesize($gallery_url->path('upload') . $image_filename) : 0; if ($filename || $image_name == '') { $sql_ary['image_name'] = str_replace("_", " ", utf8_substr($image_src, 0, utf8_strrpos($image_src, '.'))); } else { $sql_ary['image_name'] = str_replace('{NUM}', $num_offset + $done_images, $image_name); } $sql_ary['image_name_clean'] = utf8_clean_string($sql_ary['image_name']); // Put the images into the database $db->sql_query('INSERT INTO ' . $table_prefix . 'gallery_images ' . $db->sql_build_array('INSERT', $sql_ary)); } $done_images++; } // Remove the image from the list unset($images[$images_loop]); $images_loop++; if ($images_loop == 10) { // We made 10 images, so we end for this turn break; } } if ($images_loop) { $image_user = $phpbb_container->get('phpbbgallery.core.user'); $image_user->set_user_id($user_data['user_id']); $image_user->update_images($images_loop); $gallery_config->inc('num_images', $images_loop); $todo_images = $todo_images - $images_loop; } \phpbbgallery\core\album\album::update_info($album_id); if (!$todo_images) { unlink($gallery_url->_return_file($import_schema, 'import', '')); $errors = @file_get_contents($gallery_url->_return_file($import_schema . '_errors', 'import', '')); @unlink($gallery_url->_return_file($import_schema . '_errors', 'import', '')); if (!$errors) { trigger_error(sprintf($user->lang['IMPORT_FINISHED'], $done_images) . adm_back_link($this->u_action)); } else { $errors = explode("\n", $errors); trigger_error(sprintf($user->lang['IMPORT_FINISHED_ERRORS'], $done_images - sizeof($errors)) . implode('<br />', $errors) . adm_back_link($this->u_action), E_USER_WARNING); } } else { // Write the new list $this->create_import_schema($import_schema, $album_id, $user_data, $start_time, $num_offset, $done_images, $todo_images, $image_name, $filename, $images); // Redirect $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(1, $forward_url); trigger_error(sprintf($user->lang['IMPORT_DEBUG_MES'], $done_images, $todo_images)); } } else { if ($submit) { if (!check_form_key('acp_gallery')) { trigger_error('FORM_INVALID', E_USER_WARNING); } if (!$images) { trigger_error('NO_FILE_SELECTED', E_USER_WARNING); } // Who is the uploader? $username = $request->variable('username', '', true); $user_id = 0; if ($username) { if (!function_exists('user_get_id_name')) { $gallery_url->_include('functions_user', 'phpbb'); } user_get_id_name($user_id, $username); } if (is_array($user_id)) { $user_id = $user_id[0]; } if (!$user_id) { $user_id = $user->data['user_id']; } $sql = 'SELECT username, user_colour, user_id FROM ' . USERS_TABLE . ' WHERE user_id = ' . $user_id; $result = $db->sql_query($sql); $user_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$user_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } $album_id = $request->variable('album_id', 0); if (isset($_POST['users_pega'])) { $image_user = $phpbb_container->get('phpbbgallery.core.user'); $image_user->set_user_id($user_row['user_id']); if ($user->data['user_id'] != $user_row['user_id']) { $album_id = $image_user->get_data('personal_album_id'); if (!$album_id) { // The User has no personal album $album_id = $gallery_album->generate_personal_album($user_row['username'], $user_row['user_id'], $user_row['user_colour'], $image_user); } unset($image_user); } else { $album_id = $image_user->get_data('personal_album_id'); if (!$album_id) { $album_id = $gallery_album->generate_personal_album($user_row['username'], $user_row['user_id'], $user_row['user_colour'], $image_user); } } } // Where do we put them to? $sql = 'SELECT album_id, album_name FROM ' . $table_prefix . 'gallery_albums WHERE album_id = ' . $album_id; $result = $db->sql_query($sql); $album_row = $db->sql_fetchrow($result); $db->sql_freeresult($result); if (!$album_row) { trigger_error('HACKING_ATTEMPT', E_USER_WARNING); } $start_time = time(); $import_schema = md5($start_time); $filename = $request->variable('filename', '') == 'filename' ? true : false; $image_name = $request->variable('image_name', '', true); $num_offset = $request->variable('image_num', 0); $this->create_import_schema($import_schema, $album_row['album_id'], $user_row, $start_time, $num_offset, 0, sizeof($images), $image_name, $filename, $images); $forward_url = $this->u_action . "&import_schema={$import_schema}"; meta_refresh(2, $forward_url); trigger_error('IMPORT_SCHEMA_CREATED'); } } $handle = opendir($gallery_url->path('import')); $files = array(); while ($file = readdir($handle)) { if (!is_dir($gallery_url->path('import') . $file) && (substr(strtolower($file), -4) == '.png' && $gallery_config->get('allow_png') || substr(strtolower($file), -4) == '.gif' && $gallery_config->get('allow_gif') || substr(strtolower($file), -4) == '.jpg' && $gallery_config->get('allow_jpg') || substr(strtolower($file), -5) == '.jpeg' && $gallery_config->get('allow_jpg'))) { $files[utf8_strtolower($file)] = $file; } } closedir($handle); // Sort the files by name again ksort($files); foreach ($files as $file) { $template->assign_block_vars('imagerow', array('FILE_NAME' => utf8_encode($file))); } $template->assign_vars(array('S_IMPORT_IMAGES' => true, 'ACP_GALLERY_TITLE' => $user->lang['ACP_IMPORT_ALBUMS'], 'ACP_GALLERY_TITLE_EXPLAIN' => $user->lang['ACP_IMPORT_ALBUMS_EXPLAIN'], 'L_IMPORT_DIR_EMPTY' => sprintf($user->lang['IMPORT_DIR_EMPTY'], $gallery_url->path('import')), 'S_ALBUM_IMPORT_ACTION' => $this->u_action, 'S_SELECT_IMPORT' => $gallery_album->get_albumbox(false, 'album_id', false, false, false, \phpbbgallery\core\album\album::PUBLIC_ALBUM, \phpbbgallery\core\album\album::TYPE_UPLOAD), 'U_FIND_USERNAME' => $gallery_url->append_sid('phpbb', 'memberlist', 'mode=searchuser&form=acp_gallery&field=username&select_single=true'))); }