function album_get_auth_keys($cur_cat_id = ALBUM_ROOT_CATEGORY, $auth_key = ALBUM_AUTH_VIEW, $all = false, $level = -1, $max = -1)
{
    global $album_data;
    $keys = array();
    $last_i = -1;
    // add the level
    if ($max < ALBUM_ROOT_CATEGORY + 1 || $level < $max || $level == $max && $album_data['parent'][$album_data['keys'][$cur_cat_id]] == ALBUM_ROOT_CATEGORY) {
        if ($cur_cat_id == ALBUM_ROOT_CATEGORY || album_check_permission($album_data['auth'][$cur_cat_id], $auth_key) || $all) {
            // if child of cat, align the level on the parent one
            $orig_level = $level;
            // store this level
            $last_i++;
            $keys['keys'][$cur_cat_id] = $last_i;
            $keys['id'][$last_i] = $cur_cat_id;
            $keys['real_level'][$last_i] = $orig_level;
            $keys['level'][$last_i] = $level;
            $keys['idx'][$last_i] = isset($album_data['keys'][$cur_cat_id]) ? $album_data['keys'][$cur_cat_id] : ALBUM_ROOT_CATEGORY;
            // get sub-levels
            for ($i = 0; $i < sizeof($album_data['sub'][$cur_cat_id]); $i++) {
                $subkeys = array();
                $subkeys = album_get_auth_keys($album_data['sub'][$cur_cat_id][$i], $auth_key, $all, $orig_level + 1, $max);
                // add sub-levels
                for ($j = 0; $j < sizeof($subkeys['id']); $j++) {
                    $last_i++;
                    $keys['keys'][$subkeys['id'][$j]] = $last_i;
                    $keys['id'][$last_i] = $subkeys['id'][$j];
                    $keys['real_level'][$last_i] = $subkeys['real_level'][$j];
                    $keys['level'][$last_i] = $subkeys['level'][$j];
                    $keys['idx'][$last_i] = $subkeys['idx'][$j];
                }
                // for( $j = 0.....
            }
            // for($i = 0.....
        }
        // if ($cur_cat_id == ALBUM_ROOT....
    }
    // if (($max < 0 .....
    if ($level <= ALBUM_ROOT_CATEGORY && ALBUM_HIERARCHY_DEBUG_ENABLED == true) {
        album_debug('album_get_auth_keys = %s', $keys);
    }
    return $keys;
}
function album_get_sub_cat_ids($cur_cat_id = ALBUM_ROOT_CATEGORY, &$cats, $auth_key = ALBUM_AUTH_VIEW, $include_cur_cat_id = false)
{
    global $album_data;
    if ($include_cur_cat_id == true) {
        if (album_check_permission($album_data['auth'][$cur_cat_id], $auth_key)) {
            $cats[] = $cur_cat_id;
        }
    }
    // get all the sub category id for current sub category
    for ($j = 0; $j < sizeof($album_data['sub'][$cur_cat_id]); $j++) {
        $subcur = $album_data['sub'][$cur_cat_id][$j];
        $subthis = $album_data['keys'][$subcur];
        $subdata = $album_data['data'][$subthis];
        // add the category id
        //if ($album_data['auth'][$cur][$auth_key] == 1)
        //if (album_check_permission($wdata['cat_id'], $auth_key))
        if (album_check_permission($album_data['auth'][$subcur], $auth_key)) {
            $cats[] = $subdata['cat_id'];
        }
    }
    // do this for each sub category... recursive
    for ($i = 0; $i < sizeof($album_data['sub'][$cur_cat_id]); $i++) {
        album_get_sub_cat_ids($album_data['sub'][$cur_cat_id][$i], $cats);
    }
}
    if (!album_check_permission($auth_data, ALBUM_AUTH_UPLOAD)) {
        if ($album_user_id != $user->data['user_id'] && $user->data['user_level'] != ADMIN) {
            if ($album_user_id <= 0 && !$user->data['session_logged_in']) {
                redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=album_cat.' . PHP_EXT));
            }
            $album_user_id = isset($_GET['user_id']) && intval($_GET['user_id']) > 1 ? intval($_GET['user_id']) : $user->data['user_id'];
            //$album_user_id = $user->data['user_id'];
        } else {
            $message = $lang['No_Personal_Category_admin'];
            $message .= '<br /><br />' . sprintf($lang['Click_return_album_index'], '<a href="' . append_sid(album_append_uid('album.' . PHP_EXT)) . '">', '</a>');
            message_die(GENERAL_MESSAGE, $message);
        }
    }
} else {
    $auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_MANAGE_PERSONAL_CATEGORIES);
    if (!album_check_permission($auth_data, ALBUM_AUTH_MANAGE_PERSONAL_CATEGORIES)) {
        if ($album_user_id != $user->data['user_id'] && $user->data['user_level'] != ADMIN) {
            if ($album_user_id <= 0 && !$user->data['session_logged_in']) {
                redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=album_cat.' . PHP_EXT));
            }
            if (!isset($_GET['action'])) {
                redirect(append_sid('album.' . PHP_EXT));
            }
            $album_user_id = $user->data['user_id'];
        } else {
            $message = $lang['No_Personal_Category_admin'];
            $message .= '<br /><br />' . sprintf($lang['Click_return_album_index'], '<a href="' . append_sid('album.' . PHP_EXT) . '">', '</a>');
            message_die(GENERAL_MESSAGE, $message);
        }
    }
}
Exemplo n.º 4
0
    $mode = 'delete';
} elseif (isset($_POST['approval'])) {
    $mode = 'approval';
} elseif (isset($_POST['unapproval'])) {
    $mode = 'unapproval';
} elseif (isset($_POST['copy'])) {
    $mode = 'copy';
}
// END $mode (select action)
//album_read_tree($album_user_id);
album_read_tree(ALBUM_ROOT_CATEGORY);
// ------------------------------------
// Check the permissions
// ------------------------------------
$auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_VIEW_AND_UPLOAD | ALBUM_AUTH_MODERATOR, $thiscat);
if (!album_check_permission($auth_data, ALBUM_AUTH_MODERATOR)) {
    if (!$user->data['session_logged_in']) {
        redirect(append_sid(album_append_uid(CMS_PAGE_LOGIN . '?redirect=album_modcp.' . PHP_EXT . '&amp;cat_id=' . $cat_id)));
    } else {
        message_die(GENERAL_ERROR, $lang['Not_Authorized']);
    }
}
// END permissions
/*
+----------------------------------------------------------
| Main work here...
+----------------------------------------------------------
*/
if (empty($mode)) {
    // --------------------------------
    // Moderator Control Panel
Exemplo n.º 5
0
$download_img = $images['download_pic'];
$download_link = append_sid(album_append_uid('album_download.' . PHP_EXT . '?cat_id=' . intval($cat_id) . ($sort_method != '' ? '&amp;sort_method=' . $sort_method : '') . ($sort_order != '' ? '&amp;sort_order=' . $sort_order : '') . ($start != '' ? '&amp;start=' . $start : '')));
$download_full_link = '<a href="' . $download_link . '"><img src="' . $download_img . '" alt="' . $lang['Download_page'] . '" title="' . $lang['Download_page'] . '" align="middle" border="0" /></a>';
if (album_check_permission($auth_data, ALBUM_AUTH_UPLOAD) == true && $enable_picture_upload_switch == false || ($no_personal_gallery = false)) {
    $template->assign_block_vars('enable_picture_upload_pg', array());
}
// Enable download only for own personal galleries
//if (($total_pics > 0) && ($enable_picture_download_switch == false) && ($thiscat['cat_user_id'] == $user->data['user_id']))
if ($total_pics > 0 && $enable_picture_download_switch == false) {
    $template->assign_block_vars('enable_picture_download_pg', array());
}
if ($no_personal_gallery == false) {
    $auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_ALL, $thiscat);
    $auth_list = album_build_auth_list($album_user_id, $cat_id);
    //if((album_check_permission($auth_data, ALBUM_AUTH_MANAGE_PERSONAL_CATEGORIES) == true) && ($is_root_cat) && (!$has_sub_cats && !$has_parent_cats))
    if (album_check_permission($auth_data, ALBUM_AUTH_MANAGE_PERSONAL_CATEGORIES) == true && ($is_root_cat && $row['count'] >= 0 || !$is_root_cat)) {
        $template->assign_block_vars('manage_personal_gal_folders', array());
    }
}
// ------------------------------------------------------------------------
// Check if we should show the view toggle button
// ------------------------------------------------------------------------
if ($album_config['show_all_in_personal_gallery'] == 1) {
    $template->assign_block_vars('enable_view_toggle', array());
}
if ($thiscat['cat_user_id'] == $user->data['user_id']) {
    $template->assign_block_vars('switch_own_gallery', array());
}
$template->assign_block_vars('personal_gallery_header', array());
// ------------------------------------------------------------------------
// Do our template info...