public function execute()
{
$name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
if (in_array($name, $this->availableFields) === false) {
throw new waException(_w("Can't update album: unknown field"));
}
$album_rights_model = new photosAlbumRightsModel();
$id = waRequest::post('id', null, waRequest::TYPE_ARRAY_INT);
if (is_array($id)) {
$id = current($id);
}
if ($id) {
$album_model = new photosAlbumModel();
$album = $album_model->getById($id);
if (!$album) {
throw new waException(_w('Unknown album'));
}
if (!$album_rights_model->checkRights($album, true)) {
throw new waException(_w("You don't have sufficient access rights"));
}
$value = waRequest::post('value', '', waRequest::TYPE_STRING_TRIM);
$album_model->updateById($id, array($name => $value));
$album['not_escaped_name'] = $value;
$album['name'] = photosPhoto::escape($value);
$this->response['album'] = $album;
}
}
public function execute()
{
if (!$this->getRights('upload')) {
throw new waRightsException(_w("You don't have sufficient access rights"));
}
$this->response['files'] = array();
$this->model = new photosPhotoModel();
$album_rights_model = new photosAlbumRightsModel();
// rights for photos
$status = waRequest::post('status', 0, 'int');
$groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
if (!$groups) {
$status = -1;
// only author have access to this photo
$groups = array(-$this->getUser()->getId());
}
// work with album
$album_id = (int) waRequest::post('album_id');
if ($album_id > 0 && !$album_rights_model->checkRights($album_id, true)) {
$this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
return;
}
$this->getStorage()->close();
foreach (self::getFilesFromPost() as $file) {
if ($file->error_code != UPLOAD_ERR_OK) {
$this->response['files'][] = array('name' => $file->name, 'error' => $file->error);
} else {
try {
$this->response['files'][] = $this->save($file, array('status' => $status, 'groups' => $groups, 'album_id' => $album_id));
} catch (Exception $e) {
$this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
}
}
}
}
public function execute()
{
$album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album_id, true)) {
throw new waException(_w("You don't have sufficient access rights"));
}
$album_model = new photosAlbumModel();
$album_model->delete($album_id);
$this->log('album_delete', 1);
}
public function execute()
{
if (!wa()->getUser()->getRights('photos', 'upload')) {
throw new waAPIException('access_denied', 403);
}
$data = waRequest::post();
// check required param name
$this->post('name', true);
$album_model = new photosAlbumModel();
$group_ids = array(0);
if (!isset($data['status'])) {
$data['status'] = 1;
} else {
if ($data['status'] == -1) {
$group_ids = array(-wa()->getUser()->getId());
}
}
if ($data['status'] <= 0) {
$data['hash'] = md5(uniqid(time(), true));
} else {
$data['url'] = $album_model->suggestUniqueUrl(photosPhoto::suggestUrl($data['name']));
}
if (!isset($data['type'])) {
$data['type'] == photosAlbumModel::TYPE_STATIC;
}
$parent_id = waRequest::post('parent_id', 0, 'int');
$parent = $album_model->getById($parent_id);
if ($parent_id) {
if (!$parent) {
throw new waAPIException('invalid_request', 'Parent album not found', 404);
}
if ($data['type'] == photosAlbumModel::TYPE_STATIC && $parent['type'] == photosAlbumModel::TYPE_DYNAMIC) {
throw new waAPIException('invalid_request', 'Inserted album is static but parent album is dynamic', 404);
}
if ($data['status'] > 0 && $parent['status'] <= 0) {
throw new waAPIException('invalid_request', 'Inserted album is public but parent album is private', 404);
}
}
if ($id = $album_model->add($data, $parent_id)) {
// return info of the new album
$_GET['id'] = $id;
if ($parent_id) {
$child = $album_model->getFirstChild($parent_id);
$album_model->move($id, $child ? $child['id'] : 0, $parent_id);
}
$album_rights_model = new photosAlbumRightsModel();
$album_rights_model->setRights($id, $group_ids);
$method = new photosAlbumGetInfoMethod();
$this->response = $method->getResponse(true);
} else {
throw new waAPIException('server_error', 500);
}
}
public function execute()
{
$album_id = waRequest::get('id', null, waRequest::TYPE_INT);
// check rights
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album_id, true)) {
throw new waRightsException(_w("Access denied"));
}
$photo_id = waRequest::post('photo_id', null, waRequest::TYPE_ARRAY_INT);
$album_photos_model = new photosAlbumPhotosModel();
$album_photos_model->deletePhotos($album_id, $photo_id);
}
public function execute()
{
$id = waRequest::get('id', null, waRequest::TYPE_INT);
if (!$id) {
throw new waException(_w('Unknown album'));
}
$album_model = new photosAlbumModel();
$album = $album_model->getById($id);
if (!$album) {
throw new waException(_w('Unknown album'));
}
// check rights
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album)) {
throw new waRightsException(_w("You don't have sufficient access rights"));
}
$album['edit_rights'] = $album_rights_model->checkRights($album, true);
$child_albums = $album_model->getChildren($album['id']);
$album_model->keyPhotos($child_albums);
$hash = '/album/' . $id;
$frontend_link = photosCollection::getFrontendLink($hash);
$collection = new photosCollection($hash);
$config = $this->getConfig();
$count = $config->getOption('photos_per_page');
$photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, $count);
$photos = photosCollection::extendPhotos($photos);
$album_photos_model = new photosAlbumPhotosModel();
$album['count'] = $collection->count();
if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
$album['conditions'] = photosCollection::parseConditions($album['conditions']);
}
$album['count_new'] = 0;
$sort_method = 'sort';
if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
$params_model = new photosAlbumParamsModel();
$params = $params_model->get($album['id']);
if ($params && isset($params['order']) && $params['order'] == 'rate') {
$sort_method = 'rate';
} else {
$sort_method = 'upload_datetime';
}
}
$this->template = 'templates/actions/photo/PhotoList.html';
$this->view->assign('sidebar_width', $config->getSidebarWidth());
$this->view->assign('album', $album);
$this->view->assign('child_albums', $child_albums);
$this->view->assign('frontend_link', $frontend_link);
$this->view->assign('photos', $photos);
$this->view->assign('title', $collection->getTitle());
$this->view->assign('hash', $hash);
$this->view->assign('big_size', $config->getSize('big'));
$this->view->assign('sort_method', $sort_method);
}
public function execute()
{
if (!$this->getRights('upload')) {
throw new waRightsException(_w("You don't have sufficient access rights"));
}
$this->response['files'] = array();
$this->model = new photosPhotoModel();
$album_rights_model = new photosAlbumRightsModel();
// rights for photos
$this->status = waRequest::post('status', 0, 'int');
$this->groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
if (!$this->groups) {
$this->status = -1;
// only author have access to this photo
$this->groups = array(-$this->getUser()->getId());
}
// work with album
$this->album_id = waRequest::post('album_id');
$this->album_id = (int) $this->album_id;
if ($this->album_id > 0 && !$album_rights_model->checkRights($this->album_id, true)) {
$this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
return;
}
$this->getStorage()->close();
if (waRequest::server('HTTP_X_FILE_NAME')) {
$name = waRequest::server('HTTP_X_FILE_NAME');
$size = waRequest::server('HTTP_X_FILE_SIZE');
$file_path = wa()->getTempPath('photos/upload/') . $name;
$append_file = is_file($file_path) && $size > filesize($file_path);
clearstatcache();
file_put_contents($file_path, fopen('php://input', 'r'), $append_file ? FILE_APPEND : 0);
$file = new waRequestFile(array('name' => $name, 'type' => waRequest::server('HTTP_X_FILE_TYPE'), 'size' => $size, 'tmp_name' => $file_path, 'error' => 0));
try {
$this->response['files'][] = $this->save($file);
} catch (Exception $e) {
$this->response['files'][] = array('error' => $e->getMessage());
}
} else {
$files = waRequest::file('files');
foreach ($files as $file) {
if ($file->error_code != UPLOAD_ERR_OK) {
$this->response['files'][] = array('error' => $file->error);
} else {
try {
$this->response['files'][] = $this->save($file);
} catch (Exception $e) {
$this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
}
}
}
}
}
public function execute()
{
$id = waRequest::get('id', null, waRequest::TYPE_INT);
$album_model = new photosAlbumModel();
$album = $album_model->getById($id);
if (!$album) {
throw new waException(_w("Unknown album"), 404);
}
$album_right_model = new photosAlbumRightsModel();
if (!$album_right_model->checkRights($album, true)) {
throw new waException(_w("You don't have sufficient access rights"), 403);
}
if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC && $album['conditions']) {
$album['conditions'] = photosCollection::parseConditions($album['conditions']);
}
if (!$album['conditions']) {
$album['conditions'] = array();
}
$absolute_full_url = photosFrontendAlbum::getLink($album);
if ($absolute_full_url) {
$pos = strrpos($absolute_full_url, $album['url']);
$full_base_url = $pos !== false ? rtrim(substr($absolute_full_url, 0, $pos), '/') . '/' : '';
$album['full_base_url'] = $full_base_url;
}
$this->view->assign('album', $album);
if ($album['parent_id']) {
$this->view->assign('parent', $album_model->getById($album['parent_id']));
}
$collection = new photosCollection('album/' . $id);
$photos_count = $collection->count();
$this->view->assign('photos_count', $photos_count);
$album_params_model = new photosAlbumParamsModel();
$this->view->assign('params', $album_params_model->get($id));
$groups_model = new waGroupModel();
$groups = $groups_model->getAll('id', true);
$rights = $album_right_model->getByField('album_id', $id, 'group_id');
$photo_tag_model = new photosTagModel();
$cloud = $photo_tag_model->getCloud('name');
if (!empty($album['conditions']['tag'][1])) {
foreach ($album['conditions']['tag'][1] as $tag_name) {
$cloud[$tag_name]['checked'] = true;
}
}
$this->view->assign('rights', $rights);
$this->view->assign('groups', $groups);
$this->view->assign('cloud', $cloud);
}
public function execute()
{
$data = waRequest::post();
if (!wa()->getUser()->getRights('photos', 'upload')) {
throw new waAPIException('access_denied', 403);
}
$group_ids = array(0);
if (!isset($data['status'])) {
$data['status'] = 1;
} else {
if ($data['status'] == -1) {
$group_ids = array(-wa()->getUser()->getId());
}
}
$data['groups'] = $group_ids;
$data['source'] = photosPhotoModel::SOURCE_API;
// work with album
if (isset($data['album_id'])) {
$album_id = $data['album_id'];
$album_model = new photosAlbumModel();
$album = $album_model->getById($album_id);
if (!$album) {
throw new waAPIException('invalid_param', 'Album not found', 404);
}
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album_id, true)) {
throw new waAPIException('access_denied', 'Not rights to album', 403);
}
}
$file = waRequest::file('file');
if (!$file->uploaded()) {
throw new waAPIException('server_error', $file->error, 500);
}
$id = null;
$photo_model = new photosPhotoModel();
try {
$id = $photo_model->add($file, $data);
} catch (Exception $e) {
throw new waAPIException('server_error', $e->getMessage(), 500);
}
if (!$id) {
throw new waAPIException('server_error', 500);
}
$_GET['id'] = $id;
$method = new photosPhotoGetInfoMethod();
$this->response = $method->getResponse(true);
}
public function execute()
{
$photo_id = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
$album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
$before_id = waRequest::post('before_id', null, waRequest::TYPE_INT);
if (!$photo_id || !$album_id) {
throw new waException(_w("Can't move photo"));
}
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album_id, true)) {
throw new waException(_w("You don't have sufficient access rights"));
}
if ($photo_id && $album_id) {
$album_photos_model = new photosAlbumPhotosModel();
$album_photos_model->movePhoto($photo_id, $album_id, $before_id);
}
}
public function execute()
{
$this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
$album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT);
$copy = waRequest::post('copy', 1, waRequest::TYPE_INT);
$this->album_photos_model = new photosAlbumPhotosModel();
$photo_rights_model = new photosPhotoRightsModel();
if (!$copy) {
// it means manage with one photo
$photo_id = $this->photo_ids[0];
if (!$photo_rights_model->checkRights($photo_id, true)) {
throw new waException("You don't have sufficient access rights");
}
$early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id'));
// TODO: check rights for editing (take into account deleting!)
$this->album_photos_model->set($photo_id, $album_id);
$this->log('photos_move', 1);
$albums = $this->getAlbumsCounters();
$old_albums = array();
foreach ($early_albums as $a_id) {
if (!isset($albums[$a_id])) {
$collection = new photosCollection('/album/' . $a_id);
$album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0);
$old_albums[] = $album;
}
}
$this->response['albums'] = array_values($albums);
$this->response['old_albums'] = $old_albums;
} else {
// otherwise coping photos to albums
$allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true);
$denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id));
$album_rights_model = new photosAlbumRightsModel();
$allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true);
$denied_album_id = array_values(array_diff($album_id, $allowed_album_id));
if ($allowed_album_id && $allowed_photo_id) {
$this->album_photos_model->add($allowed_photo_id, $allowed_album_id);
$this->response['albums'] = array_values($this->getAlbumsCounters());
$this->log('photos_move', 1);
}
if ($denied_photo_id) {
$this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.';
}
}
}
public function execute()
{
$id = $this->post('id', true);
$album_model = new photosAlbumModel();
$album = $album_model->getById((int) $id);
if ($album) {
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($id, true)) {
throw new waAPIException('access_denied', 403);
}
if ($album_model->delete($id)) {
$this->response = true;
} else {
throw new waAPIException('server_error', 500);
}
} else {
throw new waAPIException('invalid_request', 'Album not found', 404);
}
}
public function execute()
{
$album_id = waRequest::post('album_id', 0, 'int');
$photo_id = waRequest::post('photo_id', 0, 'int');
if (!$album_id || !$photo_id) {
throw new waException('Bad parameters', 404);
}
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album_id, true)) {
throw new waException(_w("You don't have sufficient access rights"));
}
$photo_model = new photosPhotoModel();
$photo = $photo_model->getById($photo_id);
if (!$photo) {
$this->errors[] = _w('Photo not found');
return;
}
$album_model = new photosAlbumModel();
$album_model->updateById($album_id, array('key_photo_id' => $photo_id));
photosPhoto::generateThumbs($photo, array('192x192'));
}
public function execute()
{
$id = $this->get('id', true);
$album_model = new photosAlbumModel();
$album = $album_model->getById($id);
if ($album) {
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($id, true)) {
throw new waAPIException('access_denied', 403);
}
$data = waRequest::post();
if (isset($data['parent_id']) && $album['parent_id'] != $data['parent_id']) {
if (!$album_model->getById($data['parent_id'])) {
throw new waAPIException('invalid_param', 'Parent album not found', 404);
}
if (!$album_model->move($id, null, $data['parent_id'])) {
throw new waAPIException('server_error', 500);
}
}
if (isset($data['type'])) {
unset($data['type']);
}
if ($album_model->update($id, $data)) {
// correct rights
$album = $album_model->getById($id);
$group_ids = array(0);
if ($data['status'] == -1) {
$group_ids = array(-wa()->getUser()->getId());
}
$album_rights_model = new photosAlbumRightsModel();
$album_rights_model->setRights($id, $group_ids);
$method = new photosAlbumGetInfoMethod();
$this->response = $method->getResponse(true);
} else {
throw new waAPIException('server_error', 500);
}
} else {
throw new waAPIException('invalid_param', 'Album not found', 404);
}
}
public function execute()
{
$collection = new photosCollection();
$hash = '';
// Specific album?
if ($id = waRequest::request('album_id', null, 'int')) {
$album_model = new photosAlbumModel();
$album = $album_model->getById($id);
if (!$album) {
throw new waException(_w('Unknown album'));
}
// check rights
$album_rights_model = new photosAlbumRightsModel();
if (!$album_rights_model->checkRights($album)) {
throw new waRightsException(_w("You don't have sufficient access rights"));
}
$album['edit_rights'] = $album_rights_model->checkRights($album, true);
$hash = '/album/' . $id;
} else {
if ($app_id = waRequest::request('app_id', '', 'string')) {
if (wa()->appExists($app_id) && wa()->getUser()->getRights($app_id, 'backend')) {
$hash = 'app/' . $app_id;
} else {
throw new waRightsException(_w("You don't have sufficient access rights"));
}
}
}
// Photos
$collection = new photosCollection($hash);
$photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, 100500);
$photos = photosCollection::extendPhotos($photos);
// Album tree
$album_model = new photosAlbumModel();
$albums = $album_model->getAlbums();
$albums_tree = new photosViewTree($albums);
$this->view->assign(array('title' => $collection->getTitle(), 'photos' => $photos, 'albums_tree_html' => $albums_tree->display(), 'app_albums' => photosDefaultLayout::getAppAlbums('blog'), 'hash' => '#/' . trim($hash, '/#') . '/'));
}
private function save($data)
{
if (!$this->id) {
$this->log('album_create', 1);
$this->id = $this->album_model->add($data);
} else {
$album = $this->album_model->getById($this->id);
if (!$album) {
throw new Exception("Album doesn't exist");
}
$name = $album['name'];
if (empty($data['name'])) {
$data['name'] = $name;
}
if ($album['type'] != photosAlbumModel::TYPE_DYNAMIC && isset($data['conditions'])) {
unset($data['conditions']);
}
if ($data['status'] <= 0) {
if (isset($data['url']) && !$data['url']) {
unset($data['url']);
}
} else {
if (empty($data['url'])) {
$data['url'] = photosPhoto::suggestUrl($data['name']);
}
}
$this->album_model->update($this->id, $data);
$album_params = new photosAlbumParamsModel();
$album_params->set($this->id, $data['params']);
}
$album_rights_model = new photosAlbumRightsModel();
if ($data['status'] <= 0 && $data['group_ids']) {
$album_rights_model->setRights($this->id, $data['group_ids']);
} else {
$album_rights_model->setRights($this->id, 0);
}
}
public function execute()
{
$this->photo_ids = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
$album_id = waRequest::post('album_id', array(), waRequest::TYPE_ARRAY_INT);
$copy = waRequest::post('copy', 1, waRequest::TYPE_INT);
$this->album_photos_model = new photosAlbumPhotosModel();
$photo_rights_model = new photosPhotoRightsModel();
if (!$copy) {
// it means manage with one photo
$photo_id = $this->photo_ids[0];
if (!$photo_rights_model->checkRights($photo_id, true)) {
throw new waException("You don't have sufficient access rights");
}
$early_albums = array_keys($this->album_photos_model->getByField('photo_id', $photo_id, 'album_id'));
// TODO: check rights for editing (take into account deleting!)
$this->album_photos_model->set($photo_id, $album_id);
$this->log('photos_move', 1);
$albums = $this->getAlbumsCounters();
$old_albums = array();
foreach ($early_albums as $a_id) {
if (!isset($albums[$a_id])) {
$collection = new photosCollection('/album/' . $a_id);
$album = array('id' => $a_id, 'count' => $collection->count(), 'count_new' => 0);
$old_albums[] = $album;
}
}
$this->response['albums'] = array_values($albums);
$this->response['old_albums'] = $old_albums;
} else {
// otherwise copy photos to albums
$allowed_photo_id = $photo_rights_model->filterAllowedPhotoIds($this->photo_ids, true);
$denied_photo_id = array_values(array_diff($this->photo_ids, $allowed_photo_id));
$album_rights_model = new photosAlbumRightsModel();
$allowed_album_id = $album_rights_model->filterAllowedAlbumIds($album_id, true);
$denied_album_id = array_values(array_diff($album_id, $allowed_album_id));
if ($allowed_album_id && $allowed_photo_id) {
$this->album_photos_model->add($allowed_photo_id, $allowed_album_id);
$this->log('photos_move', 1);
}
$albums = $this->getAlbumsCounters();
$this->response['albums'] = array_values($albums);
if ($denied_photo_id) {
$this->response['alert_msg'] = photosPhoto::sprintf_wplural("The operation was not performed to %d photo (%%s)", "The operation was not performed to %d photos (%%s)", count($denied_photo_id), _w("out of %d selected", "out of %d selected", count($this->photo_ids))) . ', ' . _w("because you don't have sufficient access rights") . '.';
}
}
// Set cover photos for albums if first photo just been added to it
$photo_model = new photosPhotoModel();
$album_model = new photosAlbumModel();
$allowed_photo_id = isset($allowed_photo_id) ? $allowed_photo_id : array($photo_id);
$no_cover_album_ids = array();
foreach (ifset($allowed_album_id, $album_id) as $album_id) {
if (!empty($albums[$album_id]) && empty($albums[$album_id]['key_photo_id'])) {
$no_cover_album_ids[] = $album_id;
}
}
$photos = array();
while ($allowed_photo_id && $no_cover_album_ids) {
// Get random photo from added and make sure it exists
shuffle($allowed_photo_id);
$photo_id = array_pop($allowed_photo_id);
if (!empty($photos[$photo_id])) {
$photo = $photos[$photo_id];
} else {
$photos[$photo_id] = $photo = $photo_model->getById($photo_id);
}
if (!$photo) {
continue;
}
// Photo exists, so add it back
$allowed_photo_id[] = $photo_id;
// Set cover for one album
$album_id = array_pop($no_cover_album_ids);
$album_model->updateById($album_id, array('key_photo_id' => $photo_id));
photosPhoto::generateThumbs($photo, array('192x192'));
}
}
