/**
* proccess_request
* Process the request for the public area
*/
private function proccess_request()
{
global $lang;
$this->template = 404;
// Default template
$this->pages = $this->get_pages();
// get theme pages
// Prepare te request array to use the legacy request (?v=file.ext)
if (check_value($_GET['v']) && preg_match("/^\\w*\\.jpg|png|gif\$/", $_GET['v'])) {
$this->base_request = '?' . $this->request_array[1];
unset($this->request_array[1]);
}
@session_start();
if (count($_SESSION['ImagesUp']) > 0) {
$_SESSION['ImagesUp'] = array_values($_SESSION['ImagesUp']);
self::$uploaded = true;
}
if (chevereto_config('maintenance')) {
$this->base_request = 'maintenance';
}
// Switch according the request
switch ($this->base_request) {
case '':
case 'index.php':
@session_start();
$_SESSION['last_upload_request'] = time();
$this->template = 'index';
break;
case 'json':
json_prepare();
// Do a special trick for the json action=login
if ($_REQUEST['action'] == 'login') {
// Check for user match...
$login_user = login_user($_REQUEST['password'], $_REQUEST['keep']);
if ($login_user !== false) {
$json_array = array('status_code' => 200, 'status_txt' => 'logged in');
} else {
$json_array = array('status_code' => 403, 'status_txt' => 'invalid login');
}
} elseif ($_REQUEST['action'] == 'logout') {
do_logout();
$json_array = array('status_code' => 200, 'status_txt' => 'logged out');
}
$json_array = check_value($json_array) ? $json_array : array('status' => 403, 'status_txt' => 'unauthorized');
session_write_close();
die(json_output($json_array));
break;
case __CHV_VIRTUALFOLDER_IMAGE__:
// View request
$id_public = $this->request_array[1];
$this->template = !is_upload_result() ? 'view' : 'uploaded';
self::$is_viewer = true;
break;
case __CHV_VIRTUALFOLDER_UPLOADED__:
@session_start();
if (count($_SESSION['ImagesUp']) > 0) {
$this->template = 'uploaded';
self::$doctitle = $lang['doctitle_upload_complete'];
} else {
$this->redirect(__CHV_BASE_URL__, 400);
}
break;
case 'error-javascript':
chevereto_die(array(get_lang_txt('critical_js_step_1'), get_lang_txt('critical_js_step_2')), 'JavaScript', array(get_lang_txt('critical_js')));
break;
case '?chevereto':
$this->template = 'bool';
break;
// Legacy viewer
// Legacy viewer
case '?v=' . $_GET['v']:
// View request
$id_public = $_GET['v'];
$this->legacy_redirect = true;
break;
case 'delete':
case 'delete-confirm':
//$delete_what = $this->request_array[1];
$id_public = $this->request_array[2];
$deleteHash = $this->request_array[3];
$this->template = $this->base_request;
self::$is_viewer = true;
break;
case 'maintenance':
$this->template = 'maintenance';
self::$doctitle = chevereto_config('doctitle');
break;
default:
// Pages request
require_once $this->path_theme . 'pages/pages_config.php';
// We load the special pages config
if (in_array($this->base_request . '.php', $this->pages) and $this->request_array[1] == '' and $pages_config[$this->base_request]['live']) {
$this->template = 'pages/' . $this->base_request;
self::$doctitle = $pages_config[$this->base_request]['title'];
} else {
$this->template = 'shorturl';
$id_public = $this->base_request;
self::$is_viewer = true;
}
break;
}
// Ask for the login on index and pages
if ($this->template == 'index' || $this->template == 'pages/' . $this->base_request) {
if (conditional_config('private_mode')) {
if (!is_logged_user()) {
$doctitle = get_lang_txt('txt_enter_password') . ' - ' . chevereto_config('doctitle');
include __CHV_PATH_SYSTEM__ . 'login.php';
die;
}
}
}
if ($this->template == 'uploaded') {
self::$doctitle = get_lang_txt('doctitle_upload_complete');
self::$image_info = $_SESSION['ImagesUp'][0];
self::$uploaded_images = $_SESSION['ImagesUp'];
$_SESSION['ImagesUp'] = NULL;
unset($_SESSION['ImagesUp']);
}
if (preg_match('/view|shorturl|delete/', $this->template) || $this->legacy_redirect) {
// Test connection
if ($this->dB->dead) {
self::$doctitle = 'dB connection error';
$this->template = 404;
} else {
// get image info
$imageID = $this->legacy_redirect ? $id_public : decodeID($id_public);
self::$image_info = $this->dB->image_info($imageID);
self::$id_public = $id_public;
if (!is_array(self::$image_info)) {
// Record?
if ($this->template == 'delete-confirm') {
json_output(array('status_code' => 403, 'status_txt' => 'target image doesn\'t exists'));
} else {
$this->template = 404;
}
} else {
if ($this->legacy_redirect) {
$this->redirect(__CHV_BASE_URL__ . __CHV_VIRTUALFOLDER_IMAGE__ . '/' . encodeID(self::$image_info['image_id']), 301);
}
$target = get_image_target(self::$image_info);
self::$image_target = $target['image_path'];
self::$image_thumb_target = $target['image_thumb_path'];
self::$image_url = absolute_to_url($target['image_path']);
self::$image_thumb_url = absolute_to_url($target['image_thumb_path']);
self::$image_filename = self::$image_info['image_filename'];
self::$image_viewer = __CHV_BASE_URL__ . __CHV_VIRTUALFOLDER_IMAGE__ . '/' . $id_public;
self::$delete_image_url = __CHV_BASE_URL__ . 'delete/image/' . self::$id_public . '/' . self::$image_info['image_delete_hash'];
$image_delete_proceed = !empty(self::$image_info['image_delete_hash']) && $deleteHash === self::$image_info['image_delete_hash'] ? true : false;
switch ($this->template) {
case 'delete':
if (!$image_delete_proceed) {
$this->redirect(__CHV_BASE_URL__ . __CHV_VIRTUALFOLDER_IMAGE__ . '/' . self::$id_public, 301);
}
self::$delete_image_confirm_url = __CHV_BASE_URL__ . 'delete-confirm/image/' . self::$id_public . '/' . self::$image_info['image_delete_hash'];
self::$doctitle = get_lang_txt('doctitle_delete_confirm') . ' ' . self::$image_info['image_filename'];
break;
case 'delete-confirm':
if (!$image_delete_proceed) {
json_output(array('status_code' => 403, 'status_txt' => 'invalid delete hash'));
} else {
require_once __CHV_PATH_ADMIN_CLASSES__ . 'class.manage.php';
$manage = new Manage(array('id' => self::$image_info['image_id'], 'action' => 'delete'));
if ($manage->dead) {
$json_array = array('status_code' => 403, 'status_txt' => $manage->error);
} else {
$json_array = $manage->process();
}
}
// Make the status_txt more readable...
switch ($json_array['status_code']) {
case 200:
$json_array['status_txt'] = get_lang_txt('txt_image_deleted');
break;
default:
case 403:
$json_array['status_txt'] = get_lang_txt('txt_error_deleting_image');
break;
}
json_output($json_array);
break;
default:
self::$doctitle = get_lang_txt('doctitle_viewing_image') . ' ' . self::$image_info['image_filename'];
break;
}
}
}
}
if ($this->template == 404) {
status_header(404);
self::$doctitle = check_value(self::$doctitle) ? self::$doctitle : get_lang_txt('txt_404_title');
} else {
status_header(200);
}
// We load the template
if ($this->template == 'bool') {
exit(json_encode(true));
} else {
$this->load_template();
}
}
function get_image_by_id($id, $id_public = true)
{
global $dB;
$id = $id_public ? decodeID($id) : $id;
if ($dB->dead) {
return 'database error (' . $dB->error . ')';
} else {
$image_info = $dB->image_info($id);
return is_array($image_info) ? $image_info : 'image id not found';
}
}
