public function handlePost($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
$prefs = array();
foreach ($post as $key => $val) {
if ($key == 'target') {
continue;
} else {
$array = explode('|', $key);
if (count($array) != 2) {
$cameralife->error('Invalid module / key');
}
$prefs[] = array('module' => $array[0], 'param' => $array[1], 'value' => $val);
}
}
foreach ($prefs as $pref) {
if (isset($pref['module']) && isset($pref['param']) && isset($pref['value'])) {
Models\Preferences::setValueForModuleWithKey($pref['value'], $pref['module'], $pref['param']);
} else {
var_dump($prefs);
die('passed wrong');
}
}
echo "UPDATE DONE";
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
/* Set up the page view */
$view = new Views\AdminCommentsView();
$view->checkpointId = intval(Models\Preferences::valueForModuleWithKey('CameraLife', 'checkpointcomments'));
$view->checkpointDate = Models\Database::selectOne('logs', 'max(user_date)', 'id=' . $view->checkpointId);
$view->showFromMe = isset($get['fromMe']) && $get['fromMe'];
$view->showFromRegistered = isset($get['fromRegistered']) && $get['fromRegistered'];
$view->showFromUnregistered = isset($get['fromUnregistered']) && $get['fromUnregistered'];
if (!$view->showFromMe && !$view->showFromRegistered && !$view->showFromUnregistered) {
$view->showFromMe = true;
$view->showFromRegistered = true;
$view->showFromUnregistered = true;
}
/* Query the comment logs */
$currentUser = Models\User::currentUser($cookies);
$condition = "(0 ";
$condition .= $view->showFromMe ? "OR username = '******' " : '';
$condition .= $view->showFromRegistered ? "OR (username LIKE '_%' AND username != '" . $currentUser->name . "')" : '';
$condition .= $view->showFromUnregistered ? "OR username = '' " : '';
$condition .= ") ";
$condition .= " AND id > " . $view->checkpointId;
$query = Models\Database::select('comments', '*', $condition);
$commentRecords = array();
while ($record = $query->fetchAssoc()) {
$commentRecords[] = $record;
}
$view->commentRecords = $commentRecords;
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
/**
* Generate partial output for HTML header
*
* @access public
* @static
* @return void
*/
public function render()
{
$gravitarHTML = htmlentities($this->currentUser->gravitarUrl());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title><?php
echo htmlspecialchars($this->openGraphObject->title);
?>
</title>
<?php
$this->openGraphObject->htmlRenderMetaTags();
?>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="generator" content="Camera Life version <?php
echo constant('CAMERALIFE_VERSION');
?>
">
<meta name="author" content="<?php
echo htmlspecialchars($this->ownerEmail);
?>
">
<!-- Le styles -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.3/css/bootstrap.min.css" integrity="sha384-MIwDKRSSImVFAZCVLtU0LMDdON6KVCrZHyVQQj6e8wIEJkW4tvwqXrbMIya1vriY" crossorigin="anonymous">
<link rel="search" href="<?php
echo htmlspecialchars($this->openSearchUrl);
?>
" type="application/opensearchdescription+xml"
title="Content Search"/>
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css">
<link rel="stylesheet" href="<?php
echo constant('BASE_URL');
?>
/assets/main.css">
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<?php
}
public function handlePost($get, $post, $files, $cookies)
{
$currentUser = Models\User::currentUser($cookies);
switch ($post['action']) {
case 'favorite':
$this->model->favoriteByUser($currentUser);
break;
case 'unfavorite':
$this->model->unfavoriteByUser($currentUser);
break;
}
parent::handlePost($get, $post, $files, $cookies);
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
ini_set('max_execution_time', 9000);
chdir(constant('BASE_DIR'));
$lastdone = isset($get['lastdone']) ? (int) $get['lastdone'] : 0;
$starttime = isset($get['starttime']) ? (int) $get['starttime'] : time();
$numdone = isset($get['numdone']) ? (int) $get['numdone'] : 0;
$phpself = self::getUrl();
/* Rescan */
if (!isset($get['lastdone'])) {
Models\Folder::update();
}
/* Set up the page view */
$this->htmlHeader($cookies);
//TODO BREAKING MVC HERE BECAUSE OF INTREMENTAL RENDERING
echo '<h2>Rendering thumbnails <small>To avoid a delay when viewing photos for the first time</small></h2>';
$total = Models\Database::selectOne('photos', 'count(*)');
$done = Models\Database::selectOne('photos', 'count(*)', "id <= {$lastdone}");
$todo = Models\Database::selectOne('photos', 'count(*)', "id > {$lastdone}");
$timeleft = ceil((time() - $starttime) * $todo / ($numdone + $done / 1000 + 1) / 60);
echo "<p>Progress: " . number_format($done) . ' of ' . number_format($total) . " done";
echo " (about {$timeleft} minutes left)";
echo "</p>\n";
$percentage = $done / $total * 100;
echo "<progress class=\"progress\" value=\"{$percentage}\" max=\"100\">{$percentage}%</progress>";
$next1000 = Models\Database::select('photos', 'id', "id > {$lastdone} AND status != 9", 'ORDER BY id LIMIT 500');
$fixed = 0;
flush();
while (($next = $next1000->fetchAssoc()) && $fixed < 10) {
$photo = Models\Photo::getPhotoWithID($next['id']);
$redo = $photo->isCacheMissing();
if ($redo) {
echo "<div>Updating #" . $next['id'] . "</div>\n";
$photo->generateThumbnail();
echo "<div>Updated #" . $next['id'] . "</div>\n";
flush();
$fixed++;
$photo->destroy();
}
$lastdone = $next['id'];
}
$numdone += $fixed;
if ($todo > 0) {
echo "<script language='javascript'>window.setTimeout('window.location=\"" . htmlspecialchars($phpself) . "?lastdone={$lastdone}&starttime={$starttime}&numdone={$numdone}\"',400)</script>\n";
echo "<p><a href=\"?lastdone={$lastdone}&starttime={$starttime}&numdone={$numdone}\">Click here to continue</a> if the Javascript redirect doesn't work.</p>\n";
}
$this->htmlFooter();
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
/* Set up the page view */
$view = new Views\AdminLogsView();
$view->checkpointId = intval(Models\Preferences::valueForModuleWithKey('CameraLife', 'checkpointlogs'));
$view->checkpointDate = Models\Database::selectOne('logs', 'max(user_date)', 'id=' . $view->checkpointId);
$view->showFromMe = isset($get['fromMe']) && $get['fromMe'];
$view->showFromRegistered = isset($get['fromRegistered']) && $get['fromRegistered'];
$view->showFromUnregistered = isset($get['fromUnregistered']) && $get['fromUnregistered'];
$view->showChangedPhotos = isset($get['changedPhotos']) && $get['changedPhotos'];
$view->showChangedTags = isset($get['changedTags']) && $get['changedTags'];
$view->showChangedUsers = isset($get['changedUsers']) && $get['changedUsers'];
$view->showChangedPrefs = isset($get['changedPreferences']) && $get['changedPreferences'];
if (!$view->showFromMe && !$view->showFromRegistered && !$view->showFromUnregistered) {
$view->showFromMe = true;
$view->showFromRegistered = true;
$view->showFromUnregistered = true;
}
if (!$view->showChangedPhotos && !$view->showChangedTags && !$view->showChangedUsers && !$view->showChangedPrefs) {
$view->showChangedPhotos = true;
$view->showChangedTags = true;
$view->showChangedUsers = true;
$view->showChangedPrefs = true;
}
/* Query the audit logs */
$currentUser = Models\User::currentUser($cookies);
$condition = "(0 ";
$condition .= $view->showChangedPhotos ? "OR record_type = 'photo' " : '';
$condition .= $view->showChangedTags ? "OR record_type = 'album' " : '';
$condition .= $view->showChangedUsers ? "OR record_type = 'user' " : '';
$condition .= $view->showChangedPrefs ? "OR record_type = 'preference' " : '';
$condition .= ") AND (0 ";
$condition .= $view->showFromMe ? "OR user_name = '" . $currentUser->name . "' " : '';
$condition .= $view->showFromRegistered ? "OR (user_name LIKE '_%' AND user_name != '" . $currentUser->name . "')" : '';
$condition .= $view->showFromUnregistered ? "OR user_name = '' " : '';
$condition .= ") ";
$condition .= " AND logs.id > " . $view->checkpointId;
$extra = "GROUP BY record_id, record_type, value_field ORDER BY maxid DESC";
$query = Models\Database::select('logs', 'record_type, record_id, value_field, MAX(logs.id) as maxid', $condition, $extra);
$auditTrails = array();
while ($record = $query->fetchAssoc()) {
$auditTrails[] = Models\AuditTrail::getAuditTrailWithID($record['maxid']);
}
$view->auditTrails = $auditTrails;
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
protected function renderNavbar($cookies = array())
{
$navbarView = new Views\NavbarView();
$navbarView->openGraphObject = $this;
$navbarView->currentUser = Models\User::currentUser($cookies);
$navbarView->searchUrl = SearchController::getUrl();
$navbarView->adminUrl = AdminController::getUrl();
$navbarView->logoutUrl = LogoutController::getUrl();
$navbarView->favoritesUrl = FavoritesController::getUrl();
$navbarView->loginUrl = LoginController::getUrl();
$navbarView->numFavorites = Models\Favorites::favoritesForCurrentUser($cookies)->getPhotoCount();
$navbarView->ownerEmail = Models\Preferences::valueForModuleWithKey('CameraLife', 'owner_email');
$navbarView->render();
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
$results = Models\Folder::update();
/* Set up the page view */
$view = new Views\AdminRescanView();
$view->scanResults = $results;
$view->thumbnailUrl = AdminThumbnailController::getUrl();
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
/* Set up the page view */
$view = new Views\AdminSecurityView();
$users = array();
$query = Models\Database::select('users', '*', '', 'ORDER by id');
while ($record = $query->fetchAssoc()) {
$users[] = new Models\User($record['id']);
}
$view->users = $users;
$policies = array();
$view->securityPolicies = $policies;
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
public function handlePost($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
if (!isset($post['target'])) {
throw new \Exception('No target specified');
}
foreach ($post as $key => $val) {
if ($key == 'target') {
continue;
} else {
$array = explode('|', $key);
if (count($array) != 2) {
throw new \Exception('Invalid module / key');
}
Models\Preferences::setValueForModuleWithKey($val, $array[0], $array[1]);
}
}
header("Location: " . htmlspecialchars($post['target']));
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
/* Set up the page view */
$view = new Views\AdminView();
$view->runningVersion = constant('CAMERALIFE_VERSION');
$view->latestVersion = $this->latestAvailableVersion();
$checkpointLogs = intval(Models\Preferences::valueForModuleWithKey('CameraLife', 'checkpointlogs'));
$view->numNewLogs = Models\Database::selectOne('logs', 'COUNT(*)', 'id>' . $checkpointLogs);
$checkpointComments = intval(Models\Preferences::valueForModuleWithKey('CameraLife', 'checkpointcomments'));
$view->numNewComments = Models\Database::selectOne('comments', 'COUNT(*)', 'id>' . $checkpointComments);
$view->numNewUsers = Models\Database::selectOne('users', 'COUNT(*)', 'auth=1');
$view->numFlagged = Models\Database::selectOne('photos', 'COUNT(*)', 'status=1');
$view->appearanceUrl = AdminAppearanceController::getUrl();
$view->logsUrl = AdminLogsController::getUrl();
$view->commentsUrl = AdminCommentsController::getUrl();
$view->fileStoreUrl = AdminFileStoreController::getUrl();
$view->securityUrl = AdminSecurityController::getUrl();
$view->thumbnailUrl = AdminThumbnailController::getUrl();
$view->rescanUrl = AdminRescanController::getUrl();
$view->photosUrl = AdminPhotosController::getUrl();
$preferences = array();
$preferences[] = ['module' => 'CameraLife', 'key' => 'sitename', 'type' => 'string', 'name' => 'Site name'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'sitename', 'type' => 'string', 'name' => 'Site abbreviation'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'owner_email', 'type' => 'string', 'name' => 'Owner email address'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'rewrite', 'type' => 'yesno', 'name' => 'Use pretty URLs'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'autorotate', 'type' => 'yesno', 'name' => 'Autorotate photos'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'thumbsize', 'type' => 'number', 'name' => 'Size for thumbnails'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'scaledsize', 'type' => 'number', 'name' => 'Size for preview images'];
$preferences[] = ['module' => 'CameraLife', 'key' => 'optionsizes', 'type' => 'string', 'name' => 'Other available sizes', 'help' => 'comma separated (you can also leave this blank)'];
$view->preferences = $preferences;
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
public function handleGet($get, $post, $files, $cookies)
{
$photo = Models\Photo::getPhotoWithID($get['id']);
$scale = isset($get['scale']) ? $get['scale'] : null;
$extension = $photo->extension;
if (!is_numeric($get['ver'])) {
throw new \Exception('Required number ver missing! Query string: ' . htmlentities($_SERVER['QUERY_STRING']));
}
if ($photo->get('status') != 0) {
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('Photo access denied');
}
}
list($file, $temp, $mtime) = self::getFileForPhotoWithScale($photo, $scale);
if ($extension == 'jpg' || $extension == 'jpeg') {
header('Content-type: image/jpeg');
} elseif ($extension == 'png') {
header('Content-type: image/png');
} elseif ($extension == 'gif') {
header('Content-type: image/gif');
} else {
throw new \Exception('Unknown photo type');
}
header('Content-Disposition: inline; filename="' . htmlentities($photo->get('description')) . '.' . $extension . '";');
header('Content-Length: ' . filesize($file));
header("Date: " . gmdate("D, d M Y H:i:s", $mtime) . " GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s", $mtime) . " GMT");
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 2592000) . " GMT");
// One month
if ($file) {
readfile($file);
}
if ($temp) {
unlink($file);
}
}
public function handleGet($get, $post, $files, $cookies)
{
if (Models\User::currentUser($cookies)->authorizationLevel < 5) {
throw new \Exception('You are not authorized to view this page');
}
/* Set up the page view */
$checkpointId = intval(Models\Preferences::valueForModuleWithKey('CameraLife', 'checkpointphotos'));
$view = new Views\AdminPhotosView();
$view->isUsingHttps = isset($_SERVER['HTTPS']);
$view->myUrl = $_SERVER['REQUEST_URI'];
$query = Models\Database::select('photos', 'id', 'id>:0 AND status!=9', 'ORDER BY id LIMIT 200', null, array($checkpointId));
$view->photos = array();
while ($row = $query->fetchAssoc()) {
$view->photos[] = Models\Photo::getPhotoWithID($row['id']);
$view->lastReviewItem = $row['id'];
}
$done = Models\Database::selectOne('photos', 'count(id)', 'id<=:0 AND status!=9', null, null, array($checkpointId));
$view->reviewsDone = $done;
$remaining = Models\Database::selectOne('photos', 'count(id)', 'id>:0 AND status!=9', null, null, array($checkpointId));
$view->reviewsRemaining = $remaining;
$this->htmlHeader($cookies);
$view->render();
$this->htmlFooter();
}
/**
* Generate partial output for HTML header
*
* @access public
* @static
* @return void
*/
public function render()
{
$gravitarHTML = htmlentities($this->currentUser->gravitarUrl());
?>
<nav class="navbar navbar-light bg-faded navbar-static-top" style="margin-bottom:20px;background:rgba(247,249,249,0.90)">
<div class="container">
<button class="navbar-toggler hidden-sm-up" type="button" data-toggle="collapse" data-target="#exCollapsingNavbar2">
☰
</button>
<div class="collapse navbar-toggleable-xs" id="exCollapsingNavbar2">
<a class="navbar-brand" href="<?php
echo constant('BASE_URL');
?>
/"><?php
echo htmlspecialchars($this->openGraphObject->siteName);
?>
</a>
<ul class="nav navbar-nav">
<li class="nav-item">
<a href="<?php
echo htmlspecialchars($this->favoritesUrl);
?>
" class="nav-link"><i class="fa fa-star" style="color:gold"></i> My favorites (<?php
echo $this->numFavorites;
?>
)</a>
</li>
<?php
if ($this->currentUser->isLoggedIn) {
?>
<li class="nav-item">
<a class="dropdown-toggle nav-link" type="button" id="dropdownMenu1" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
<img src="<?php
echo $gravitarHTML;
?>
" height=16 width=16> <?php
echo htmlspecialchars($this->currentUser->name);
?>
</a>
<div class="dropdown-menu" aria-labelledby="dropdownMenu1">
<?php
if ($this->currentUser->authorizationLevel >= 5) {
?>
<a class="dropdown-item" href="<?php
echo htmlspecialchars($this->adminUrl);
?>
">Administer</a>
<?php
}
?>
<a class="dropdown-item" href="<?php
echo htmlspecialchars($this->logoutUrl);
?>
">Sign Out</a>
</div>
</li>
<?php
} else {
?>
<li class="nav-item">
<a href="<?php
echo htmlspecialchars($this->loginUrl);
?>
" class="nav-link">Login / Free account</a>
</li>
<?php
}
?>
</ul>
<form class="form-inline navbar-form pull-right" action="<?php
echo htmlspecialchars($this->searchUrl);
?>
" method="get">
<input class="form-control" type="text" placeholder="Search" name="id">
</form>
</div>
</div>
</nav>
<?php
}
public function handleGet($get, $post, $files, $cookies)
{
Models\User::logoutCurrentUser();
header('Location: ' . MainPageController::getUrl());
}
public function handleGet($get, $post, $files, $cookies)
{
/* Set up common page parts */
$this->htmlHeader($cookies);
try {
// Mewp told me specifically not to use SERVER_NAME.
// Change 'localhost' to your domain name.
$openid = new \LightOpenID($_SERVER['SERVER_NAME']);
if (!$openid->mode) {
if (isset($post['openid_identifier'])) {
$openid->identity = $post['openid_identifier'];
$openid->required = array('contact/email');
$openid->optional = array('namePerson', 'namePerson/friendly');
header('Location: ' . $openid->authUrl());
return;
}
} elseif ($openid->mode == 'cancel') {
echo 'User has canceled authentication!';
} else {
$identity = "";
$email = "";
if ($openid->validate()) {
$identity = $openid->identity;
$attr = $openid->getAttributes();
$email = $attr['contact/email'];
if (strlen($email)) {
session_start();
$_SESSION['openid_identity'] = $openid->identity;
$_SESSION['openid_email'] = $attr['contact/email'];
Models\User::userWithOpenId($_SESSION['openid_identity'], $_SESSION['openid_email']);
header('Location: ' . MainPageController::getUrl());
return;
} else {
throw new \Exception('Enough detail (email address) was not provided to process your login.');
}
} else {
throw new \Exception('Provider did not validate your login');
}
}
} catch (\ErrorException $e) {
echo $e->getMessage();
}
if (file_exists('../../config.php')) {
throw new \Exception("Camera Life already appears to be set up, because modules/config.inc exists.");
}
?>
<div class="panel panel-default">
<div class="panel-heading">
<h3 class="panel-title">Login</h3>
</div>
<div class="panel-body">
<p class="lead">Choose an OpenID provider to login:</p>
<form class="form-inline" method="post">
<input type="hidden" name="action" value="verify"/>
<button class="btn btn-primary" name="openid_identifier" value="https://www.google.com/accounts/o8/id"><i class="fa fa-google"></i> Google</button>
<button class="btn btn-primary" name="openid_identifier" value="http://me.yahoo.com/"><i class="fa fa-yahoo"></i> Yahoo</button>
</form>
<hr>
<form class="form-inline" method="post">
<input type="hidden" name="action" value="verify"/>
Other OpenID
<input name="openid_identifier" class="form-control" value="http://"/>
<input class="btn btn-primary" type="submit" value="Login"/>
</form>
</div>
</div>
<?php
/* Render footer */
$this->htmlFooter();
}
public function handlePost($get, $post, $files, $cookies)
{
session_start();
if (!isset($post['host'])) {
throw new \Exception('HOST is missing');
}
if (!isset($post['name'])) {
throw new \Exception('NAME is missing');
}
if (!isset($post['user'])) {
throw new \Exception('USER is missing');
}
if (!isset($post['pass'])) {
throw new \Exception('PASS is missing');
}
if (!isset($post['prefix'])) {
throw new \Exception('PREFIX is missing');
}
if (!isset($_SESSION['openid_identity'])) {
throw new \Exception('OpenID login is missing');
}
Models\Database::$dsn = "mysql:host={$post['host']};dbname={$post['name']}";
Models\Database::$username = $post['user'];
Models\Database::$password = $post['pass'];
Models\Database::$prefix = $post['prefix'];
Models\Database::setupTables();
Models\Preferences::setFactoryDefaults();
Models\User::userWithOpenId($_SESSION['openid_identity'], $_SESSION['openid_email']);
Models\Database::update('users', ['auth' => 5], 'email="' . $_SESSION['openid_email'] . '"');
//todo security
header('Location: ' . MainPageController::getUrl());
//todo URL / url http://www.teamten.com/lawrence/writings/capitalization_of_initialisms.html
}
