public function execute()
 {
     $id = waRequest::get('id', null, waRequest::TYPE_INT);
     if (!$id) {
         throw new waException(_w('Unknown album'));
     }
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if (!$album) {
         throw new waException(_w('Unknown album'));
     }
     // check rights
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album)) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     }
     $album['edit_rights'] = $album_rights_model->checkRights($album, true);
     $child_albums = $album_model->getChildren($album['id']);
     $album_model->keyPhotos($child_albums);
     $hash = '/album/' . $id;
     $frontend_link = photosCollection::getFrontendLink($hash);
     $collection = new photosCollection($hash);
     $config = $this->getConfig();
     $count = $config->getOption('photos_per_page');
     $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, $count);
     $photos = photosCollection::extendPhotos($photos);
     $album_photos_model = new photosAlbumPhotosModel();
     $album['count'] = $collection->count();
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
         $album['conditions'] = photosCollection::parseConditions($album['conditions']);
     }
     $album['count_new'] = 0;
     $sort_method = 'sort';
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC) {
         $params_model = new photosAlbumParamsModel();
         $params = $params_model->get($album['id']);
         if ($params && isset($params['order']) && $params['order'] == 'rate') {
             $sort_method = 'rate';
         } else {
             $sort_method = 'upload_datetime';
         }
     }
     $this->template = 'templates/actions/photo/PhotoList.html';
     $this->view->assign('sidebar_width', $config->getSidebarWidth());
     $this->view->assign('album', $album);
     $this->view->assign('child_albums', $child_albums);
     $this->view->assign('frontend_link', $frontend_link);
     $this->view->assign('photos', $photos);
     $this->view->assign('title', $collection->getTitle());
     $this->view->assign('hash', $hash);
     $this->view->assign('big_size', $config->getSize('big'));
     $this->view->assign('sort_method', $sort_method);
 }
 public function execute()
 {
     $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
     if (in_array($name, $this->availableFields) === false) {
         throw new waException(_w("Can't update album: unknown field"));
     }
     $album_rights_model = new photosAlbumRightsModel();
     $id = waRequest::post('id', null, waRequest::TYPE_ARRAY_INT);
     if (is_array($id)) {
         $id = current($id);
     }
     if ($id) {
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($id);
         if (!$album) {
             throw new waException(_w('Unknown album'));
         }
         if (!$album_rights_model->checkRights($album, true)) {
             throw new waException(_w("You don't have sufficient access rights"));
         }
         $value = waRequest::post('value', '', waRequest::TYPE_STRING_TRIM);
         $album_model->updateById($id, array($name => $value));
         $album['not_escaped_name'] = $value;
         $album['name'] = photosPhoto::escape($value);
         $this->response['album'] = $album;
     }
 }
 public function execute()
 {
     if (!$this->getRights('upload')) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     }
     $this->response['files'] = array();
     $this->model = new photosPhotoModel();
     $album_rights_model = new photosAlbumRightsModel();
     // rights for photos
     $status = waRequest::post('status', 0, 'int');
     $groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
     if (!$groups) {
         $status = -1;
         // only author have access to this photo
         $groups = array(-$this->getUser()->getId());
     }
     // work with album
     $album_id = (int) waRequest::post('album_id');
     if ($album_id > 0 && !$album_rights_model->checkRights($album_id, true)) {
         $this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
         return;
     }
     $this->getStorage()->close();
     foreach (self::getFilesFromPost() as $file) {
         if ($file->error_code != UPLOAD_ERR_OK) {
             $this->response['files'][] = array('name' => $file->name, 'error' => $file->error);
         } else {
             try {
                 $this->response['files'][] = $this->save($file, array('status' => $status, 'groups' => $groups, 'album_id' => $album_id));
             } catch (Exception $e) {
                 $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
             }
         }
     }
 }
 public function execute()
 {
     $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     }
     $album_model = new photosAlbumModel();
     $album_model->delete($album_id);
     $this->log('album_delete', 1);
 }
 public function execute()
 {
     $album_id = waRequest::get('id', null, waRequest::TYPE_INT);
     // check rights
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waRightsException(_w("Access denied"));
     }
     $photo_id = waRequest::post('photo_id', null, waRequest::TYPE_ARRAY_INT);
     $album_photos_model = new photosAlbumPhotosModel();
     $album_photos_model->deletePhotos($album_id, $photo_id);
 }
 public function execute()
 {
     if (!$this->getRights('upload')) {
         throw new waRightsException(_w("You don't have sufficient access rights"));
     }
     $this->response['files'] = array();
     $this->model = new photosPhotoModel();
     $album_rights_model = new photosAlbumRightsModel();
     // rights for photos
     $this->status = waRequest::post('status', 0, 'int');
     $this->groups = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
     if (!$this->groups) {
         $this->status = -1;
         // only author have access to this photo
         $this->groups = array(-$this->getUser()->getId());
     }
     // work with album
     $this->album_id = waRequest::post('album_id');
     $this->album_id = (int) $this->album_id;
     if ($this->album_id > 0 && !$album_rights_model->checkRights($this->album_id, true)) {
         $this->response['files'][] = array('error' => _w("You don't have sufficient access rights"));
         return;
     }
     $this->getStorage()->close();
     if (waRequest::server('HTTP_X_FILE_NAME')) {
         $name = waRequest::server('HTTP_X_FILE_NAME');
         $size = waRequest::server('HTTP_X_FILE_SIZE');
         $file_path = wa()->getTempPath('photos/upload/') . $name;
         $append_file = is_file($file_path) && $size > filesize($file_path);
         clearstatcache();
         file_put_contents($file_path, fopen('php://input', 'r'), $append_file ? FILE_APPEND : 0);
         $file = new waRequestFile(array('name' => $name, 'type' => waRequest::server('HTTP_X_FILE_TYPE'), 'size' => $size, 'tmp_name' => $file_path, 'error' => 0));
         try {
             $this->response['files'][] = $this->save($file);
         } catch (Exception $e) {
             $this->response['files'][] = array('error' => $e->getMessage());
         }
     } else {
         $files = waRequest::file('files');
         foreach ($files as $file) {
             if ($file->error_code != UPLOAD_ERR_OK) {
                 $this->response['files'][] = array('error' => $file->error);
             } else {
                 try {
                     $this->response['files'][] = $this->save($file);
                 } catch (Exception $e) {
                     $this->response['files'][] = array('name' => $file->name, 'error' => $e->getMessage());
                 }
             }
         }
     }
 }
 public function execute()
 {
     $collection = new photosCollection();
     $hash = '';
     // Specific album?
     if ($id = waRequest::request('album_id', null, 'int')) {
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($id);
         if (!$album) {
             throw new waException(_w('Unknown album'));
         }
         // check rights
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($album)) {
             throw new waRightsException(_w("You don't have sufficient access rights"));
         }
         $album['edit_rights'] = $album_rights_model->checkRights($album, true);
         $hash = '/album/' . $id;
     } else {
         if ($app_id = waRequest::request('app_id', '', 'string')) {
             if (wa()->appExists($app_id) && wa()->getUser()->getRights($app_id, 'backend')) {
                 $hash = 'app/' . $app_id;
             } else {
                 throw new waRightsException(_w("You don't have sufficient access rights"));
             }
         }
     }
     // Photos
     $collection = new photosCollection($hash);
     $photos = $collection->getPhotos("*,thumb,thumb_crop,thumb_middle,thumb_big,tags,edit_rights", 0, 100500);
     $photos = photosCollection::extendPhotos($photos);
     // Album tree
     $album_model = new photosAlbumModel();
     $albums = $album_model->getAlbums();
     $albums_tree = new photosViewTree($albums);
     $this->view->assign(array('title' => $collection->getTitle(), 'photos' => $photos, 'albums_tree_html' => $albums_tree->display(), 'app_albums' => photosDefaultLayout::getAppAlbums('blog'), 'hash' => '#/' . trim($hash, '/#') . '/'));
 }
 public function execute()
 {
     $id = waRequest::get('id', null, waRequest::TYPE_INT);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if (!$album) {
         throw new waException(_w("Unknown album"), 404);
     }
     $album_right_model = new photosAlbumRightsModel();
     if (!$album_right_model->checkRights($album, true)) {
         throw new waException(_w("You don't have sufficient access rights"), 403);
     }
     if ($album['type'] == photosAlbumModel::TYPE_DYNAMIC && $album['conditions']) {
         $album['conditions'] = photosCollection::parseConditions($album['conditions']);
     }
     if (!$album['conditions']) {
         $album['conditions'] = array();
     }
     $absolute_full_url = photosFrontendAlbum::getLink($album);
     if ($absolute_full_url) {
         $pos = strrpos($absolute_full_url, $album['url']);
         $full_base_url = $pos !== false ? rtrim(substr($absolute_full_url, 0, $pos), '/') . '/' : '';
         $album['full_base_url'] = $full_base_url;
     }
     $this->view->assign('album', $album);
     if ($album['parent_id']) {
         $this->view->assign('parent', $album_model->getById($album['parent_id']));
     }
     $collection = new photosCollection('album/' . $id);
     $photos_count = $collection->count();
     $this->view->assign('photos_count', $photos_count);
     $album_params_model = new photosAlbumParamsModel();
     $this->view->assign('params', $album_params_model->get($id));
     $groups_model = new waGroupModel();
     $groups = $groups_model->getAll('id', true);
     $rights = $album_right_model->getByField('album_id', $id, 'group_id');
     $photo_tag_model = new photosTagModel();
     $cloud = $photo_tag_model->getCloud('name');
     if (!empty($album['conditions']['tag'][1])) {
         foreach ($album['conditions']['tag'][1] as $tag_name) {
             $cloud[$tag_name]['checked'] = true;
         }
     }
     $this->view->assign('rights', $rights);
     $this->view->assign('groups', $groups);
     $this->view->assign('cloud', $cloud);
 }
 public function execute()
 {
     $data = waRequest::post();
     if (!wa()->getUser()->getRights('photos', 'upload')) {
         throw new waAPIException('access_denied', 403);
     }
     $group_ids = array(0);
     if (!isset($data['status'])) {
         $data['status'] = 1;
     } else {
         if ($data['status'] == -1) {
             $group_ids = array(-wa()->getUser()->getId());
         }
     }
     $data['groups'] = $group_ids;
     $data['source'] = photosPhotoModel::SOURCE_API;
     // work with album
     if (isset($data['album_id'])) {
         $album_id = $data['album_id'];
         $album_model = new photosAlbumModel();
         $album = $album_model->getById($album_id);
         if (!$album) {
             throw new waAPIException('invalid_param', 'Album not found', 404);
         }
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($album_id, true)) {
             throw new waAPIException('access_denied', 'Not rights to album', 403);
         }
     }
     $file = waRequest::file('file');
     if (!$file->uploaded()) {
         throw new waAPIException('server_error', $file->error, 500);
     }
     $id = null;
     $photo_model = new photosPhotoModel();
     try {
         $id = $photo_model->add($file, $data);
     } catch (Exception $e) {
         throw new waAPIException('server_error', $e->getMessage(), 500);
     }
     if (!$id) {
         throw new waAPIException('server_error', 500);
     }
     $_GET['id'] = $id;
     $method = new photosPhotoGetInfoMethod();
     $this->response = $method->getResponse(true);
 }
 public function execute()
 {
     $photo_id = waRequest::post('photo_id', array(), waRequest::TYPE_ARRAY_INT);
     $album_id = waRequest::post('album_id', null, waRequest::TYPE_INT);
     $before_id = waRequest::post('before_id', null, waRequest::TYPE_INT);
     if (!$photo_id || !$album_id) {
         throw new waException(_w("Can't move photo"));
     }
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     }
     if ($photo_id && $album_id) {
         $album_photos_model = new photosAlbumPhotosModel();
         $album_photos_model->movePhoto($photo_id, $album_id, $before_id);
     }
 }
 public function execute()
 {
     $id = $this->post('id', true);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById((int) $id);
     if ($album) {
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($id, true)) {
             throw new waAPIException('access_denied', 403);
         }
         if ($album_model->delete($id)) {
             $this->response = true;
         } else {
             throw new waAPIException('server_error', 500);
         }
     } else {
         throw new waAPIException('invalid_request', 'Album not found', 404);
     }
 }
 public function execute()
 {
     $album_id = waRequest::post('album_id', 0, 'int');
     $photo_id = waRequest::post('photo_id', 0, 'int');
     if (!$album_id || !$photo_id) {
         throw new waException('Bad parameters', 404);
     }
     $album_rights_model = new photosAlbumRightsModel();
     if (!$album_rights_model->checkRights($album_id, true)) {
         throw new waException(_w("You don't have sufficient access rights"));
     }
     $photo_model = new photosPhotoModel();
     $photo = $photo_model->getById($photo_id);
     if (!$photo) {
         $this->errors[] = _w('Photo not found');
         return;
     }
     $album_model = new photosAlbumModel();
     $album_model->updateById($album_id, array('key_photo_id' => $photo_id));
     photosPhoto::generateThumbs($photo, array('192x192'));
 }
 public function execute()
 {
     $id = $this->get('id', true);
     $album_model = new photosAlbumModel();
     $album = $album_model->getById($id);
     if ($album) {
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($id, true)) {
             throw new waAPIException('access_denied', 403);
         }
         $data = waRequest::post();
         if (isset($data['parent_id']) && $album['parent_id'] != $data['parent_id']) {
             if (!$album_model->getById($data['parent_id'])) {
                 throw new waAPIException('invalid_param', 'Parent album not found', 404);
             }
             if (!$album_model->move($id, null, $data['parent_id'])) {
                 throw new waAPIException('server_error', 500);
             }
         }
         if (isset($data['type'])) {
             unset($data['type']);
         }
         if ($album_model->update($id, $data)) {
             // correct rights
             $album = $album_model->getById($id);
             $group_ids = array(0);
             if ($data['status'] == -1) {
                 $group_ids = array(-wa()->getUser()->getId());
             }
             $album_rights_model = new photosAlbumRightsModel();
             $album_rights_model->setRights($id, $group_ids);
             $method = new photosAlbumGetInfoMethod();
             $this->response = $method->getResponse(true);
         } else {
             throw new waAPIException('server_error', 500);
         }
     } else {
         throw new waAPIException('invalid_param', 'Album not found', 404);
     }
 }
 public function execute()
 {
     $this->id = waRequest::post('id', null, waRequest::TYPE_INT);
     $group_ids = null;
     $status = waRequest::post('status', 0, waRequest::TYPE_INT);
     if (!$status) {
         $group_ids = waRequest::post('groups', array(), waRequest::TYPE_ARRAY_INT);
         if (!$group_ids) {
             // visible only for creator
             $status = -1;
             $group_ids = array(-$this->getUser()->getId());
         }
     }
     $this->album_model = new photosAlbumModel();
     if (!$this->id) {
         if (!$this->getRights('upload')) {
             throw new waException(_w("You don't have sufficient access rights"));
         }
         $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
         $type = waRequest::post('type', 0, waRequest::TYPE_INT);
         $data = array('name' => $name, 'status' => $status, 'type' => $type, 'group_ids' => $group_ids);
         if ($status <= 0) {
             $data['hash'] = md5(uniqid(time(), true));
         } else {
             $data['url'] = $this->album_model->suggestUniqueUrl(photosPhoto::suggestUrl($name));
         }
         if ($type == photosAlbumModel::TYPE_DYNAMIC) {
             $data['conditions'] = $this->getPrepareConditions();
         }
         $this->save($data);
         $this->response = array('id' => $this->id, 'name' => photosPhoto::escape($name), 'type' => $type, 'status' => $status);
     } else {
         $album_rights_model = new photosAlbumRightsModel();
         if (!$album_rights_model->checkRights($this->id, true)) {
             throw new waException(_w("You don't have sufficient access rights"));
         }
         $conditions = $this->getPrepareConditions();
         $params = array();
         $album_params = waRequest::post('params', '', waRequest::TYPE_STRING_TRIM);
         $album_params = explode(PHP_EOL, $album_params);
         foreach ($album_params as $param) {
             $param = explode('=', $param);
             if (count($param) < 2) {
                 continue;
             }
             $params[$param[0]] = $param[1];
         }
         $params = $params ? $params : null;
         $description = waRequest::post('description', null, waRequest::TYPE_STRING_TRIM);
         $name = waRequest::post('name', '', waRequest::TYPE_STRING_TRIM);
         $url = waRequest::post('url', null, waRequest::TYPE_STRING_TRIM);
         $data = array('status' => $status, 'group_ids' => $group_ids, 'conditions' => $conditions, 'url' => $url, 'description' => $description, 'params' => $params, 'name' => $name);
         if ($status <= 0) {
             $data['hash'] = md5(uniqid(time(), true));
         }
         if (waRequest::post('order') == 'rate') {
             $data['params']['order'] = 'rate';
         }
         if (!$this->validate($data)) {
             return;
         }
         $this->save($data);
         $apply_all_photos = waRequest::post('apply_all_photos', 0, waRequest::TYPE_INT);
         if ($apply_all_photos) {
             // apply to first of $count photos
             $count = waRequest::post('count', 50, waRequest::TYPE_INT);
             $collection = new photosCollection('album/' . $this->id);
             $total_count = $collection->count();
             $photos = $collection->getPhotos('*', 0, $count, false);
             $photo_model = new photosPhotoModel();
             $photo_ids = array();
             foreach ($photos as $photo) {
                 if ($photo['status'] == 1 && $status == 1) {
                     continue;
                 }
                 if ($photo['stack_count'] > 0) {
                     $photo_ids = array_merge($photo_ids, $photo_model->getIdsByParent($photo['id']));
                 } else {
                     $photo_ids[] = $photo['id'];
                 }
             }
             $photo_rights_model = new photosPhotoRightsModel();
             $allowed_photo_ids = $photo_rights_model->filterAllowedPhotoIds($photo_ids, true);
             $photo_model->updateAccess($allowed_photo_ids, $status, $group_ids);
             $this->response['total_count'] = $total_count;
             $this->response['count'] = $count;
             $this->response['status'] = $status;
             $this->response['groups'] = $group_ids;
         }
     }
 }