public function execute() { $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM); if (in_array($name, $this->availableFields) === false) { throw new waException(_w("Can't update album: unknown field")); } $album_rights_model = new photosAlbumRightsModel(); $id = waRequest::post('id', null, waRequest::TYPE_ARRAY_INT); if (is_array($id)) { $id = current($id); } if ($id) { $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if (!$album) { throw new waException(_w('Unknown album')); } if (!$album_rights_model->checkRights($album, true)) { throw new waException(_w("You don't have sufficient access rights")); } $value = waRequest::post('value', '', waRequest::TYPE_STRING_TRIM); $album_model->updateById($id, array($name => $value)); $album['not_escaped_name'] = $value; $album['name'] = photosPhoto::escape($value); $this->response['album'] = $album; } }
public function execute() { if (!$this->getRights('upload')) { throw new waRightsException(_w("You don't have sufficient access rights")); } $this->response['files'] = array(); $this->model = new photosPhotoModel(); $album_rights_model = new photosAlbumRightsModel(); // rights for photos $status = waRequest::post('status', 0, 'int'); $groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT); if (!$groups) { $status = -1; // only author have access to this photo $groups = array(-$this->getUser()->getId()); } // work with album $album_id = (int) waRequest::post('album_id'); if ($album_id > 0 && !$album_rights_model->checkRights($album_id, true)) { $this->response['files'][] = array('error' => _w("You don't have sufficient access rights")); return; } $this->getStorage()->close(); foreach (self::getFilesFromPost() as $file) { if ($file->error_code != UPLOAD_ERR_OK) { $this->response['files'][] = array('name' => $file->name, 'error' => $file->error); } else { try { $this->response['files'][] = $this->save($file, array('status' => $status, 'groups' => $groups, 'album_id' => $album_id)); } catch (Exception $e) { $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage()); } } } }
public function execute() { $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT); $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album_id, true)) { throw new waException(_w("You don't have sufficient access rights")); } $album_model = new photosAlbumModel(); $album_model->delete($album_id); $this->log('album_delete', 1); }
public function execute() { if (!wa()->getUser()->getRights('photos', 'upload')) { throw new waAPIException('access_denied', 403); } $data = waRequest::post(); // check required param name $this->post('name', true); $album_model = new photosAlbumModel(); $group_ids = array(0); if (!isset($data['status'])) { $data['status'] = 1; } else { if ($data['status'] == -1) { $group_ids = array(-wa()->getUser()->getId()); } } if ($data['status'] <= 0) { $data['hash'] = md5(uniqid(time(), true)); } else { $data['url'] = $album_model->suggestUniqueUrl(photosPhoto::suggestUrl($data['name'])); } if (!isset($data['type'])) { $data['type'] == photosAlbumModel::TYPE_STATIC; } $parent_id = waRequest::post('parent_id', 0, 'int'); $parent = $album_model->getById($parent_id); if ($parent_id) { if (!$parent) { throw new waAPIException('invalid_request', 'Parent album not found', 404); } if ($data['type'] == photosAlbumModel::TYPE_STATIC && $parent['type'] == photosAlbumModel::TYPE_DYNAMIC) { throw new waAPIException('invalid_request', 'Inserted album is static but parent album is dynamic', 404); } if ($data['status'] > 0 && $parent['status'] <= 0) { throw new waAPIException('invalid_request', 'Inserted album is public but parent album is private', 404); } } if ($id = $album_model->add($data, $parent_id)) { // return info of the new album $_GET['id'] = $id; if ($parent_id) { $child = $album_model->getFirstChild($parent_id); $album_model->move($id, $child ? $child['id'] : 0, $parent_id); } $album_rights_model = new photosAlbumRightsModel(); $album_rights_model->setRights($id, $group_ids); $method = new photosAlbumGetInfoMethod(); $this->response = $method->getResponse(true); } else { throw new waAPIException('server_error', 500); } }
public function execute() { $album_id = waRequest::get('id', null, waRequest::TYPE_INT); // check rights $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album_id, true)) { throw new waRightsException(_w("Access denied")); } $photo_id = waRequest::post('photo_id', null, waRequest::TYPE_ARRAY_INT); $album_photos_model = new photosAlbumPhotosModel(); $album_photos_model->deletePhotos($album_id, $photo_id); }
public function execute() { $id = waRequest::get('id', null, waRequest::TYPE_INT); if (!$id) { throw new waException(_w('Unknown album')); } $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if (!$album) { throw new waException(_w('Unknown album')); } // check rights $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album)) { throw new waRightsException(_w("You don't have sufficient access rights")); } $album['edit_rights'] = $album_rights_model->checkRights($album, true); $child_albums = $album_model->getChildren($album['id']); $album_model->keyPhotos($child_albums); $hash = '/album/' . $id; $frontend_link = photosCollection::getFrontendLink($hash); $collection = new photosCollection($hash); $config = $this->getConfig(); $count = $config->getOption('photos_per_page'); $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, $count); $photos = photosCollection::extendPhotos($photos); $album_photos_model = new photosAlbumPhotosModel(); $album['count'] = $collection->count(); if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) { $album['conditions'] = photosCollection::parseConditions($album['conditions']); } $album['count_new'] = 0; $sort_method = 'sort'; if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) { $params_model = new photosAlbumParamsModel(); $params = $params_model->get($album['id']); if ($params && isset($params['order']) && $params['order'] == 'rate') { $sort_method = 'rate'; } else { $sort_method = 'upload_datetime'; } } $this->template = 'templates/actions/photo/PhotoList.html'; $this->view->assign('sidebar_width', $config->getSidebarWidth()); $this->view->assign('album', $album); $this->view->assign('child_albums', $child_albums); $this->view->assign('frontend_link', $frontend_link); $this->view->assign('photos', $photos); $this->view->assign('title', $collection->getTitle()); $this->view->assign('hash', $hash); $this->view->assign('big_size', $config->getSize('big')); $this->view->assign('sort_method', $sort_method); }
public function execute() { if (!$this->getRights('upload')) { throw new waRightsException(_w("You don't have sufficient access rights")); } $this->response['files'] = array(); $this->model = new photosPhotoModel(); $album_rights_model = new photosAlbumRightsModel(); // rights for photos $this->status = waRequest::post('status', 0, 'int'); $this->groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT); if (!$this->groups) { $this->status = -1; // only author have access to this photo $this->groups = array(-$this->getUser()->getId()); } // work with album $this->album_id = waRequest::post('album_id'); $this->album_id = (int) $this->album_id; if ($this->album_id > 0 && !$album_rights_model->checkRights($this->album_id, true)) { $this->response['files'][] = array('error' => _w("You don't have sufficient access rights")); return; } $this->getStorage()->close(); if (waRequest::server('HTTP_X_FILE_NAME')) { $name = waRequest::server('HTTP_X_FILE_NAME'); $size = waRequest::server('HTTP_X_FILE_SIZE'); $file_path = wa()->getTempPath('photos/upload/') . $name; $append_file = is_file($file_path) && $size > filesize($file_path); clearstatcache(); file_put_contents($file_path, fopen('php://input', 'r'), $append_file ? FILE_APPEND : 0); $file = new waRequestFile(array('name' => $name, 'type' => waRequest::server('HTTP_X_FILE_TYPE'), 'size' => $size, 'tmp_name' => $file_path, 'error' => 0)); try { $this->response['files'][] = $this->save($file); } catch (Exception $e) { $this->response['files'][] = array('error' => $e->getMessage()); } } else { $files = waRequest::file('files'); foreach ($files as $file) { if ($file->error_code != UPLOAD_ERR_OK) { $this->response['files'][] = array('error' => $file->error); } else { try { $this->response['files'][] = $this->save($file); } catch (Exception $e) { $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage()); } } } } }
public function execute() { $id = waRequest::get('id', null, waRequest::TYPE_INT); $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if (!$album) { throw new waException(_w("Unknown album"), 404); } $album_right_model = new photosAlbumRightsModel(); if (!$album_right_model->checkRights($album, true)) { throw new waException(_w("You don't have sufficient access rights"), 403); } if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC && $album['conditions']) { $album['conditions'] = photosCollection::parseConditions($album['conditions']); } if (!$album['conditions']) { $album['conditions'] = array(); } $absolute_full_url = photosFrontendAlbum::getLink($album); if ($absolute_full_url) { $pos = strrpos($absolute_full_url, $album['url']); $full_base_url = $pos !== false ? rtrim(substr($absolute_full_url, 0, $pos), '/') . '/' : ''; $album['full_base_url'] = $full_base_url; } $this->view->assign('album', $album); if ($album['parent_id']) { $this->view->assign('parent', $album_model->getById($album['parent_id'])); } $collection = new photosCollection('album/' . $id); $photos_count = $collection->count(); $this->view->assign('photos_count', $photos_count); $album_params_model = new photosAlbumParamsModel(); $this->view->assign('params', $album_params_model->get($id)); $groups_model = new waGroupModel(); $groups = $groups_model->getAll('id', true); $rights = $album_right_model->getByField('album_id', $id, 'group_id'); $photo_tag_model = new photosTagModel(); $cloud = $photo_tag_model->getCloud('name'); if (!empty($album['conditions']['tag'][1])) { foreach ($album['conditions']['tag'][1] as $tag_name) { $cloud[$tag_name]['checked'] = true; } } $this->view->assign('rights', $rights); $this->view->assign('groups', $groups); $this->view->assign('cloud', $cloud); }
public function execute() { $data = waRequest::post(); if (!wa()->getUser()->getRights('photos', 'upload')) { throw new waAPIException('access_denied', 403); } $group_ids = array(0); if (!isset($data['status'])) { $data['status'] = 1; } else { if ($data['status'] == -1) { $group_ids = array(-wa()->getUser()->getId()); } } $data['groups'] = $group_ids; $data['source'] = photosPhotoModel::SOURCE_API; // work with album if (isset($data['album_id'])) { $album_id = $data['album_id']; $album_model = new photosAlbumModel(); $album = $album_model->getById($album_id); if (!$album) { throw new waAPIException('invalid_param', 'Album not found', 404); } $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album_id, true)) { throw new waAPIException('access_denied', 'Not rights to album', 403); } } $file = waRequest::file('file'); if (!$file->uploaded()) { throw new waAPIException('server_error', $file->error, 500); } $id = null; $photo_model = new photosPhotoModel(); try { $id = $photo_model->add($file, $data); } catch (Exception $e) { throw new waAPIException('server_error', $e->getMessage(), 500); } if (!$id) { throw new waAPIException('server_error', 500); } $_GET['id'] = $id; $method = new photosPhotoGetInfoMethod(); $this->response = $method->getResponse(true); }
public function execute() { $photo_id = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT); $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT); $before_id = waRequest::post('before_id', null, waRequest::TYPE_INT); if (!$photo_id || !$album_id) { throw new waException(_w("Can't move photo")); } $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album_id, true)) { throw new waException(_w("You don't have sufficient access rights")); } if ($photo_id && $album_id) { $album_photos_model = new photosAlbumPhotosModel(); $album_photos_model->movePhoto($photo_id, $album_id, $before_id); } }
public function execute() { $this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT); $album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT); $copy = waRequest::post('copy', 1, waRequest::TYPE_INT); $this->album_photos_model = new photosAlbumPhotosModel(); $photo_rights_model = new photosPhotoRightsModel(); if (!$copy) { // it means manage with one photo $photo_id = $this->photo_ids[0]; if (!$photo_rights_model->checkRights($photo_id, true)) { throw new waException("You don't have sufficient access rights"); } $early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id')); // TODO: check rights for editing (take into account deleting!) $this->album_photos_model->set($photo_id, $album_id); $this->log('photos_move', 1); $albums = $this->getAlbumsCounters(); $old_albums = array(); foreach ($early_albums as $a_id) { if (!isset($albums[$a_id])) { $collection = new photosCollection('/album/' . $a_id); $album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0); $old_albums[] = $album; } } $this->response['albums'] = array_values($albums); $this->response['old_albums'] = $old_albums; } else { // otherwise coping photos to albums $allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true); $denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id)); $album_rights_model = new photosAlbumRightsModel(); $allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true); $denied_album_id = array_values(array_diff($album_id, $allowed_album_id)); if ($allowed_album_id && $allowed_photo_id) { $this->album_photos_model->add($allowed_photo_id, $allowed_album_id); $this->response['albums'] = array_values($this->getAlbumsCounters()); $this->log('photos_move', 1); } if ($denied_photo_id) { $this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.'; } } }
public function execute() { $id = $this->post('id', true); $album_model = new photosAlbumModel(); $album = $album_model->getById((int) $id); if ($album) { $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($id, true)) { throw new waAPIException('access_denied', 403); } if ($album_model->delete($id)) { $this->response = true; } else { throw new waAPIException('server_error', 500); } } else { throw new waAPIException('invalid_request', 'Album not found', 404); } }
public function execute() { $album_id = waRequest::post('album_id', 0, 'int'); $photo_id = waRequest::post('photo_id', 0, 'int'); if (!$album_id || !$photo_id) { throw new waException('Bad parameters', 404); } $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album_id, true)) { throw new waException(_w("You don't have sufficient access rights")); } $photo_model = new photosPhotoModel(); $photo = $photo_model->getById($photo_id); if (!$photo) { $this->errors[] = _w('Photo not found'); return; } $album_model = new photosAlbumModel(); $album_model->updateById($album_id, array('key_photo_id' => $photo_id)); photosPhoto::generateThumbs($photo, array('192x192')); }
public function execute() { $id = $this->get('id', true); $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if ($album) { $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($id, true)) { throw new waAPIException('access_denied', 403); } $data = waRequest::post(); if (isset($data['parent_id']) && $album['parent_id'] != $data['parent_id']) { if (!$album_model->getById($data['parent_id'])) { throw new waAPIException('invalid_param', 'Parent album not found', 404); } if (!$album_model->move($id, null, $data['parent_id'])) { throw new waAPIException('server_error', 500); } } if (isset($data['type'])) { unset($data['type']); } if ($album_model->update($id, $data)) { // correct rights $album = $album_model->getById($id); $group_ids = array(0); if ($data['status'] == -1) { $group_ids = array(-wa()->getUser()->getId()); } $album_rights_model = new photosAlbumRightsModel(); $album_rights_model->setRights($id, $group_ids); $method = new photosAlbumGetInfoMethod(); $this->response = $method->getResponse(true); } else { throw new waAPIException('server_error', 500); } } else { throw new waAPIException('invalid_param', 'Album not found', 404); } }
public function execute() { $collection = new photosCollection(); $hash = ''; // Specific album? if ($id = waRequest::request('album_id', null, 'int')) { $album_model = new photosAlbumModel(); $album = $album_model->getById($id); if (!$album) { throw new waException(_w('Unknown album')); } // check rights $album_rights_model = new photosAlbumRightsModel(); if (!$album_rights_model->checkRights($album)) { throw new waRightsException(_w("You don't have sufficient access rights")); } $album['edit_rights'] = $album_rights_model->checkRights($album, true); $hash = '/album/' . $id; } else { if ($app_id = waRequest::request('app_id', '', 'string')) { if (wa()->appExists($app_id) && wa()->getUser()->getRights($app_id, 'backend')) { $hash = 'app/' . $app_id; } else { throw new waRightsException(_w("You don't have sufficient access rights")); } } } // Photos $collection = new photosCollection($hash); $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, 100500); $photos = photosCollection::extendPhotos($photos); // Album tree $album_model = new photosAlbumModel(); $albums = $album_model->getAlbums(); $albums_tree = new photosViewTree($albums); $this->view->assign(array('title' => $collection->getTitle(), 'photos' => $photos, 'albums_tree_html' => $albums_tree->display(), 'app_albums' => photosDefaultLayout::getAppAlbums('blog'), 'hash' => '#/' . trim($hash, '/#') . '/')); }
private function save($data) { if (!$this->id) { $this->log('album_create', 1); $this->id = $this->album_model->add($data); } else { $album = $this->album_model->getById($this->id); if (!$album) { throw new Exception("Album doesn't exist"); } $name = $album['name']; if (empty($data['name'])) { $data['name'] = $name; } if ($album['type'] != photosAlbumModel::TYPE_DYNAMIC && isset($data['conditions'])) { unset($data['conditions']); } if ($data['status'] <= 0) { if (isset($data['url']) && !$data['url']) { unset($data['url']); } } else { if (empty($data['url'])) { $data['url'] = photosPhoto::suggestUrl($data['name']); } } $this->album_model->update($this->id, $data); $album_params = new photosAlbumParamsModel(); $album_params->set($this->id, $data['params']); } $album_rights_model = new photosAlbumRightsModel(); if ($data['status'] <= 0 && $data['group_ids']) { $album_rights_model->setRights($this->id, $data['group_ids']); } else { $album_rights_model->setRights($this->id, 0); } }
public function execute() { $this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT); $album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT); $copy = waRequest::post('copy', 1, waRequest::TYPE_INT); $this->album_photos_model = new photosAlbumPhotosModel(); $photo_rights_model = new photosPhotoRightsModel(); if (!$copy) { // it means manage with one photo $photo_id = $this->photo_ids[0]; if (!$photo_rights_model->checkRights($photo_id, true)) { throw new waException("You don't have sufficient access rights"); } $early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id')); // TODO: check rights for editing (take into account deleting!) $this->album_photos_model->set($photo_id, $album_id); $this->log('photos_move', 1); $albums = $this->getAlbumsCounters(); $old_albums = array(); foreach ($early_albums as $a_id) { if (!isset($albums[$a_id])) { $collection = new photosCollection('/album/' . $a_id); $album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0); $old_albums[] = $album; } } $this->response['albums'] = array_values($albums); $this->response['old_albums'] = $old_albums; } else { // otherwise copy photos to albums $allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true); $denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id)); $album_rights_model = new photosAlbumRightsModel(); $allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true); $denied_album_id = array_values(array_diff($album_id, $allowed_album_id)); if ($allowed_album_id && $allowed_photo_id) { $this->album_photos_model->add($allowed_photo_id, $allowed_album_id); $this->log('photos_move', 1); } $albums = $this->getAlbumsCounters(); $this->response['albums'] = array_values($albums); if ($denied_photo_id) { $this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.'; } } // Set cover photos for albums if first photo just been added to it $photo_model = new photosPhotoModel(); $album_model = new photosAlbumModel(); $allowed_photo_id = isset($allowed_photo_id) ? $allowed_photo_id : array($photo_id); $no_cover_album_ids = array(); foreach (ifset($allowed_album_id, $album_id) as $album_id) { if (!empty($albums[$album_id]) && empty($albums[$album_id]['key_photo_id'])) { $no_cover_album_ids[] = $album_id; } } $photos = array(); while ($allowed_photo_id && $no_cover_album_ids) { // Get random photo from added and make sure it exists shuffle($allowed_photo_id); $photo_id = array_pop($allowed_photo_id); if (!empty($photos[$photo_id])) { $photo = $photos[$photo_id]; } else { $photos[$photo_id] = $photo = $photo_model->getById($photo_id); } if (!$photo) { continue; } // Photo exists, so add it back $allowed_photo_id[] = $photo_id; // Set cover for one album $album_id = array_pop($no_cover_album_ids); $album_model->updateById($album_id, array('key_photo_id' => $photo_id)); photosPhoto::generateThumbs($photo, array('192x192')); } }