public function edit($image_id)
{
//we cheat a little but we will make good later
global $phpbb_root_path, $phpEx;
$image_data = $this->image->get_image_data($image_id);
$album_id = $image_data['image_album_id'];
$album_data = $this->album->get_info($album_id);
$this->user->add_lang_ext('phpbbgallery/core', array('gallery'));
$this->display->generate_navigation($album_data);
add_form_key('gallery');
$submit = $this->request->variable('submit', false);
$image_backlink = append_sid('./gallery/image/' . $image_id);
$album_backlink = append_sid('./gallery/album/' . $image_data['image_album_id']);
$disp_image_data = $image_data;
$owner_id = $image_data['image_user_id'];
$album_loginlink = './ucp.php?mode=login';
$this->gallery_auth->load_user_premissions($this->user->data['user_id']);
if (!$this->gallery_auth->acl_check('i_edit', $album_id, $owner_id) || $image_data['image_status'] == \phpbbgallery\core\image\image::STATUS_ORPHAN) {
if (!$this->gallery_auth->acl_check('m_edit', $album_id, $owner_id)) {
$this->misc->not_authorised($album_backlink, $album_loginlink, 'LOGIN_EXPLAIN_UPLOAD');
}
}
if ($submit) {
if (!check_form_key('gallery')) {
trigger_error('FORM_INVALID');
}
$image_desc = $this->request->variable('message', array(''), true);
$image_desc = $image_desc[0];
$image_name = $this->request->variable('image_name', array(''), true);
$image_name = $image_name[0];
if (strlen($image_desc) > $this->gallery_config->get('description_length')) {
trigger_error($this->user->lang('DESC_TOO_LONG'));
}
// Create message parser instance
include_once $phpbb_root_path . 'includes/message_parser.' . $phpEx;
$message_parser = new \parse_message();
$message_parser->message = utf8_normalize_nfc($image_desc);
if ($message_parser->message) {
$message_parser->parse(true, true, true, true, false, true, true, true);
}
$sql_ary = array('image_name' => $image_name, 'image_name_clean' => utf8_clean_string($image_name), 'image_desc' => $message_parser->message, 'image_desc_uid' => $message_parser->bbcode_uid, 'image_desc_bitfield' => $message_parser->bbcode_bitfield, 'image_allow_comments' => $this->request->variable('allow_comments', 0));
$errors = array();
if (empty($sql_ary['image_name_clean'])) {
$errors[] = $user->lang['MISSING_IMAGE_NAME'];
}
if (!$this->gallery_config->get('allow_comments') || !$this->gallery_config->get('comment_user_control')) {
unset($sql_ary['image_allow_comments']);
}
$change_image_count = false;
if ($this->gallery_auth->acl_check('m_edit', $album_id, $album_data['album_user_id'])) {
$user_data = $this->image->get_new_author_info($this->request->variable('change_author', '', true));
if ($user_data) {
$sql_ary = array_merge($sql_ary, array('image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour']));
if ($image_data['image_status'] != $this->image->get_status_unaproved()) {
$change_image_count = true;
}
} else {
if ($this->request->variable('change_author', '', true)) {
$errors[] = $user->lang['INVALID_USERNAME'];
}
}
}
$move_to_personal = $this->request->variable('move_to_personal', 0);
if ($move_to_personal) {
$personal_album_id = 0;
if ($user->data['user_id'] != $image_data['image_user_id']) {
$image_user = new \phpbbgallery\core\user($db, $image_data['image_user_id']);
$personal_album_id = $image_user->get_data('personal_album_id');
// The User has no personal album, moderators can created that without the need of permissions
if (!$personal_album_id) {
$personal_album_id = $this->album->generate_personal_album($image_data['image_username'], $image_data['image_user_id'], $image_data['image_user_colour'], $image_user);
}
} else {
$personal_album_id = $this->user->get_data('personal_album_id');
if (!$personal_album_id && $this->gallery_auth->acl_check('i_upload', $this->gallery_auth->get_own_album())) {
$personal_album_id = $this->album->generate_personal_album($image_data['image_username'], $image_data['image_user_id'], $image_data['image_user_colour'], phpbb_gallery::$user);
}
}
if ($personal_album_id) {
$sql_ary['image_album_id'] = $personal_album_id;
}
}
$rotate = $this->request->variable('rotate', array(0));
$rotate = isset($rotate[0]) ? $rotate[0] : 0;
if ($this->gallery_config->get('allow_rotate') && $rotate > 0 && $rotate % 90 == 0) {
$image_tools = new \phpbbgallery\core\file\file();
$image_tools->set_image_options($this->gallery_config->get('max_filesize'), $this->gallery_config->get('max_height'), $this->gallery_config->get('max_width'));
$image_tools->set_image_data($this->url->path('upload') . $image_data['image_filename']);
// Rotate the image
$image_tools->rotate_image($rotate, $this->gallery_config->get('allow_rotate'));
if ($image_tools->rotated) {
$image_tools->write_image($image_tools->image_source, $this->gallery_config->get('jpg_quality'), true);
}
@unlink($this->url->path('thumbnail') . $image_data['image_filename']);
@unlink($this->url->path('medium') . $image_data['image_filename']);
}
$error = implode('<br />', $errors);
if (!$error) {
$sql = 'UPDATE ' . $this->table_images . '
SET ' . $this->db->sql_build_array('UPDATE', $sql_ary) . '
WHERE image_id = ' . $image_id;
$this->db->sql_query($sql);
$this->album->update_info($album_data['album_id']);
if ($move_to_personal && $personal_album_id) {
$this->album->update_info($personal_album_id);
}
if ($change_image_count) {
$new_user = new phpbb_gallery_user($db, $user_data['user_id'], false);
$new_user->update_images(1);
$old_user = new phpbb_gallery_user($db, $image_data['image_user_id'], false);
$old_user->update_images(-1);
}
if ($this->user->data['user_id'] != $image_data['image_user_id']) {
$this->gallery_log->add_log('moderator', 'edit', $image_data['image_album_id'], $image_id, array('LOG_GALLERY_EDITED', $image_name));
}
$message = $this->user->lang['IMAGES_UPDATED_SUCCESSFULLY'];
$message .= '<br /><br />' . sprintf($this->user->lang['CLICK_RETURN_IMAGE'], '<a href="' . $image_backlink . '">', '</a>');
$message .= '<br /><br />' . sprintf($this->user->lang['CLICK_RETURN_ALBUM'], '<a href="' . $album_backlink . '">', '</a>');
$this->url->meta_refresh(3, $image_backlink);
trigger_error($message);
}
$disp_image_data = array_merge($disp_image_data, $sql_ary);
}
if (!class_exists('bbcode')) {
include $this->phpbb_root_path . 'includes/bbcode.' . $this->php_ext;
}
include_once $this->phpbb_root_path . 'includes/message_parser.' . $this->php_ext;
$message_parser = new \parse_message();
$message_parser->message = $disp_image_data['image_desc'];
$message_parser->decode_message($disp_image_data['image_desc_uid']);
$page_title = $disp_image_data['image_name'];
$this->template->assign_block_vars('image', array('U_IMAGE' => $this->image->generate_link('thumbnail', 'plugin', $image_id, $image_data['image_name'], $album_id), 'IMAGE_NAME' => $disp_image_data['image_name'], 'IMAGE_DESC' => $message_parser->message));
$this->template->assign_vars(array('L_DESCRIPTION_LENGTH' => $this->user->lang('DESCRIPTION_LENGTH', $this->gallery_config->get('description_length')), 'S_EDIT' => true, 'S_ALBUM_ACTION' => $this->helper->route('phpbbgallery_image_edit', array('image_id' => $image_id)), 'ERROR' => isset($error) ? $error : '', 'U_VIEW_IMAGE' => $this->helper->route('phpbbgallery_image', array('image_id' => $image_id)), 'IMAGE_NAME' => $image_data['image_name'], 'S_CHANGE_AUTHOR' => $this->gallery_auth->acl_check('m_edit', $album_id, $album_data['album_user_id']), 'U_FIND_USERNAME' => $this->url->append_sid('phpbb', 'memberlist', 'mode=searchuser&form=postform&field=change_author&select_single=true'), 'S_COMMENTS_ENABLED' => $this->gallery_config->get('allow_comments') && $this->gallery_config->get('comment_user_control'), 'S_ALLOW_COMMENTS' => $image_data['image_allow_comments'], 'NUM_IMAGES' => 1, 'S_ALLOW_ROTATE' => $this->gallery_config->get('allow_rotate') && function_exists('imagerotate'), 'S_MOVE_MODERATOR' => $this->user->data['user_id'] != $image_data['image_user_id'] ? true : false));
return $this->helper->render('gallery/posting_body.html', $page_title);
}
function import()
{
global $db, $template, $user, $phpbb_dispatcher, $phpbb_container, $gallery_url, $request, $table_prefix, $gallery_config, $gallery_album, $request;
$import_schema = $request->variable('import_schema', '');
$images = $request->variable('images', array(''), true);
$submit = isset($_POST['submit']) ? true : (empty($images) ? false : true);
if ($import_schema) {
if ($gallery_url->_file_exists($import_schema, 'import', '')) {
include $gallery_url->_return_file($import_schema, 'import', '');
// Replace the md5 with the ' again and remove the space at the end to prevent \' troubles
$user_data['username'] = utf8_substr(str_replace("{{$import_schema}}", "'", $user_data['username']), 0, -1);
$image_name = utf8_substr(str_replace("{{$import_schema}}", "'", $image_name), 0, -1);
} else {
global $phpEx;
trigger_error($user->lang('MISSING_IMPORT_SCHEMA', $import_schema . '.' . $phpEx), E_USER_WARNING);
}
$images_loop = 0;
foreach ($images as $image_src) {
/**
* Import the images
*/
$image_src = str_replace("{{$import_schema}}", "'", $image_src);
$image_src_full = $gallery_url->path('import') . utf8_decode($image_src);
if (file_exists($image_src_full)) {
$filetype = getimagesize($image_src_full);
$filetype_ext = '';
$error_occured = false;
switch ($filetype['mime']) {
case 'image/jpeg':
case 'image/jpg':
case 'image/pjpeg':
$filetype_ext = '.jpg';
$read_function = 'imagecreatefromjpeg';
if (substr(strtolower($image_src), -4) != '.jpg' && substr(strtolower($image_src), -5) != '.jpeg') {
$this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']));
$error_occured = true;
}
break;
case 'image/png':
case 'image/x-png':
$filetype_ext = '.png';
$read_function = 'imagecreatefrompng';
if (substr(strtolower($image_src), -4) != '.png') {
$this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']));
$error_occured = true;
}
break;
case 'image/gif':
case 'image/giff':
$filetype_ext = '.gif';
$read_function = 'imagecreatefromgif';
if (substr(strtolower($image_src), -4) != '.gif') {
$this->log_import_error($import_schema, sprintf($user->lang['FILETYPE_MIMETYPE_MISMATCH'], $image_src, $filetype['mime']));
$error_occured = true;
}
break;
default:
$this->log_import_error($import_schema, $user->lang['NOT_ALLOWED_FILE_TYPE']);
$error_occured = true;
break;
}
$image_filename = md5(unique_id()) . $filetype_ext;
if (!$error_occured || !@move_uploaded_file($image_src_full, $gallery_url->path('upload') . $image_filename)) {
if (!@copy($image_src_full, $gallery_url->path('upload') . $image_filename)) {
$user->add_lang('posting');
$this->log_import_error($import_schema, sprintf($user->lang['GENERAL_UPLOAD_ERROR'], $gallery_url->path('upload') . $image_filename));
$error_occured = true;
}
}
if (!$error_occured) {
@chmod($gallery_url->path('upload') . $image_filename, 0777);
// The source image is imported, so we delete it.
@unlink($image_src_full);
$sql_ary = array('image_filename' => $image_filename, 'image_desc' => '', 'image_desc_uid' => '', 'image_desc_bitfield' => '', 'image_user_id' => $user_data['user_id'], 'image_username' => $user_data['username'], 'image_username_clean' => utf8_clean_string($user_data['username']), 'image_user_colour' => $user_data['user_colour'], 'image_user_ip' => $user->ip, 'image_time' => $start_time + $done_images, 'image_album_id' => $album_id, 'image_status' => \phpbbgallery\core\image\image::STATUS_APPROVED);
$image_tools = new \phpbbgallery\core\file\file();
$image_tools->set_image_options($gallery_config->get('max_filesize'), $gallery_config->get('max_height'), $gallery_config->get('max_width'));
$image_tools->set_image_data($gallery_url->path('upload') . $image_filename);
$additional_sql_data = array();
$file_link = $gallery_url->path('upload') . $image_filename;
/**
* Event to trigger before mass update
*
* @event phpbbgallery.acpimport.update_image_before
* @var array additional_sql_data array of additional sql_data
* @var string file_link String with real file link
* @since 1.2.0
*/
$vars = array('additional_sql_data', 'file_link');
extract($phpbb_dispatcher->trigger_event('phpbbgallery.acpimport.update_image_before', compact($vars)));
if ($filetype[0] > $gallery_config->get('max_width') || $filetype[1] > $gallery_config->get('max_height')) {
/**
* Resize overside images
*/
if ($gallery_config->get('allow_resize')) {
$image_tools->resize_image($gallery_config->get('max_width'), $gallery_config->get('max_height'));
if ($image_tools->resized) {
$image_tools->write_image($gallery_url->path('upload') . $image_filename, $gallery_config->get('jpg_quality'), true);
}
}
}
$file_updated = (bool) $image_tools->resized;
/**
* Event to trigger before mass update
*
* @event phpbbgallery.acpimport.update_image
* @var array additional_sql_data array of additional sql_data
* @var bool file_updated is file resized
* @since 1.2.0
*/
$vars = array('additional_sql_data', 'file_updated');
extract($phpbb_dispatcher->trigger_event('phpbbgallery.acpimport.update_image', compact($vars)));
$sql_ary = array_merge($sql_ary, $additional_sql_data);
// Try to get real filesize from temporary folder (not always working) ;)
$sql_ary['filesize_upload'] = @filesize($gallery_url->path('upload') . $image_filename) ? @filesize($gallery_url->path('upload') . $image_filename) : 0;
if ($filename || $image_name == '') {
$sql_ary['image_name'] = str_replace("_", " ", utf8_substr($image_src, 0, utf8_strrpos($image_src, '.')));
} else {
$sql_ary['image_name'] = str_replace('{NUM}', $num_offset + $done_images, $image_name);
}
$sql_ary['image_name_clean'] = utf8_clean_string($sql_ary['image_name']);
// Put the images into the database
$db->sql_query('INSERT INTO ' . $table_prefix . 'gallery_images ' . $db->sql_build_array('INSERT', $sql_ary));
}
$done_images++;
}
// Remove the image from the list
unset($images[$images_loop]);
$images_loop++;
if ($images_loop == 10) {
// We made 10 images, so we end for this turn
break;
}
}
if ($images_loop) {
$image_user = $phpbb_container->get('phpbbgallery.core.user');
$image_user->set_user_id($user_data['user_id']);
$image_user->update_images($images_loop);
$gallery_config->inc('num_images', $images_loop);
$todo_images = $todo_images - $images_loop;
}
\phpbbgallery\core\album\album::update_info($album_id);
if (!$todo_images) {
unlink($gallery_url->_return_file($import_schema, 'import', ''));
$errors = @file_get_contents($gallery_url->_return_file($import_schema . '_errors', 'import', ''));
@unlink($gallery_url->_return_file($import_schema . '_errors', 'import', ''));
if (!$errors) {
trigger_error(sprintf($user->lang['IMPORT_FINISHED'], $done_images) . adm_back_link($this->u_action));
} else {
$errors = explode("\n", $errors);
trigger_error(sprintf($user->lang['IMPORT_FINISHED_ERRORS'], $done_images - sizeof($errors)) . implode('<br />', $errors) . adm_back_link($this->u_action), E_USER_WARNING);
}
} else {
// Write the new list
$this->create_import_schema($import_schema, $album_id, $user_data, $start_time, $num_offset, $done_images, $todo_images, $image_name, $filename, $images);
// Redirect
$forward_url = $this->u_action . "&import_schema={$import_schema}";
meta_refresh(1, $forward_url);
trigger_error(sprintf($user->lang['IMPORT_DEBUG_MES'], $done_images, $todo_images));
}
} else {
if ($submit) {
if (!check_form_key('acp_gallery')) {
trigger_error('FORM_INVALID', E_USER_WARNING);
}
if (!$images) {
trigger_error('NO_FILE_SELECTED', E_USER_WARNING);
}
// Who is the uploader?
$username = $request->variable('username', '', true);
$user_id = 0;
if ($username) {
if (!function_exists('user_get_id_name')) {
$gallery_url->_include('functions_user', 'phpbb');
}
user_get_id_name($user_id, $username);
}
if (is_array($user_id)) {
$user_id = $user_id[0];
}
if (!$user_id) {
$user_id = $user->data['user_id'];
}
$sql = 'SELECT username, user_colour, user_id
FROM ' . USERS_TABLE . '
WHERE user_id = ' . $user_id;
$result = $db->sql_query($sql);
$user_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$user_row) {
trigger_error('HACKING_ATTEMPT', E_USER_WARNING);
}
$album_id = $request->variable('album_id', 0);
if (isset($_POST['users_pega'])) {
$image_user = $phpbb_container->get('phpbbgallery.core.user');
$image_user->set_user_id($user_row['user_id']);
if ($user->data['user_id'] != $user_row['user_id']) {
$album_id = $image_user->get_data('personal_album_id');
if (!$album_id) {
// The User has no personal album
$album_id = $gallery_album->generate_personal_album($user_row['username'], $user_row['user_id'], $user_row['user_colour'], $image_user);
}
unset($image_user);
} else {
$album_id = $image_user->get_data('personal_album_id');
if (!$album_id) {
$album_id = $gallery_album->generate_personal_album($user_row['username'], $user_row['user_id'], $user_row['user_colour'], $image_user);
}
}
}
// Where do we put them to?
$sql = 'SELECT album_id, album_name
FROM ' . $table_prefix . 'gallery_albums
WHERE album_id = ' . $album_id;
$result = $db->sql_query($sql);
$album_row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!$album_row) {
trigger_error('HACKING_ATTEMPT', E_USER_WARNING);
}
$start_time = time();
$import_schema = md5($start_time);
$filename = $request->variable('filename', '') == 'filename' ? true : false;
$image_name = $request->variable('image_name', '', true);
$num_offset = $request->variable('image_num', 0);
$this->create_import_schema($import_schema, $album_row['album_id'], $user_row, $start_time, $num_offset, 0, sizeof($images), $image_name, $filename, $images);
$forward_url = $this->u_action . "&import_schema={$import_schema}";
meta_refresh(2, $forward_url);
trigger_error('IMPORT_SCHEMA_CREATED');
}
}
$handle = opendir($gallery_url->path('import'));
$files = array();
while ($file = readdir($handle)) {
if (!is_dir($gallery_url->path('import') . $file) && (substr(strtolower($file), -4) == '.png' && $gallery_config->get('allow_png') || substr(strtolower($file), -4) == '.gif' && $gallery_config->get('allow_gif') || substr(strtolower($file), -4) == '.jpg' && $gallery_config->get('allow_jpg') || substr(strtolower($file), -5) == '.jpeg' && $gallery_config->get('allow_jpg'))) {
$files[utf8_strtolower($file)] = $file;
}
}
closedir($handle);
// Sort the files by name again
ksort($files);
foreach ($files as $file) {
$template->assign_block_vars('imagerow', array('FILE_NAME' => utf8_encode($file)));
}
$template->assign_vars(array('S_IMPORT_IMAGES' => true, 'ACP_GALLERY_TITLE' => $user->lang['ACP_IMPORT_ALBUMS'], 'ACP_GALLERY_TITLE_EXPLAIN' => $user->lang['ACP_IMPORT_ALBUMS_EXPLAIN'], 'L_IMPORT_DIR_EMPTY' => sprintf($user->lang['IMPORT_DIR_EMPTY'], $gallery_url->path('import')), 'S_ALBUM_IMPORT_ACTION' => $this->u_action, 'S_SELECT_IMPORT' => $gallery_album->get_albumbox(false, 'album_id', false, false, false, \phpbbgallery\core\album\album::PUBLIC_ALBUM, \phpbbgallery\core\album\album::TYPE_UPLOAD), 'U_FIND_USERNAME' => $gallery_url->append_sid('phpbb', 'memberlist', 'mode=searchuser&form=acp_gallery&field=username&select_single=true')));
}
