mirror of
https://github.com/Piwigo/Piwigo.git
synced 2026-07-03 16:32:22 +02:00
add AdminTools to trunk
git-svn-id: http://piwigo.org/svn/trunk@28694 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
@@ -0,0 +1,310 @@
|
||||
<?php
|
||||
defined('ADMINTOOLS_PATH') or die('Hacking attempt!');
|
||||
|
||||
/**
|
||||
* Class managing multi views system
|
||||
*/
|
||||
class MultiView
|
||||
{
|
||||
/** @var bool $is_admin */
|
||||
private $is_admin = false;
|
||||
|
||||
/** @var array $data */
|
||||
private $data = array();
|
||||
private $data_url_params = array();
|
||||
|
||||
/** @var array $user */
|
||||
private $user = array();
|
||||
|
||||
/**
|
||||
* Constructor, load $data from session
|
||||
*/
|
||||
function __construct()
|
||||
{
|
||||
global $conf;
|
||||
|
||||
$this->data = array_merge(
|
||||
array(
|
||||
'view_as' => 0,
|
||||
'theme' => '',
|
||||
'lang' => '',
|
||||
'show_queries' => $conf['show_queries'],
|
||||
'debug_l10n' => $conf['debug_l10n'],
|
||||
'debug_template' => $conf['debug_template'],
|
||||
'template_combine_files' => $conf['template_combine_files'],
|
||||
'no_history' => false,
|
||||
),
|
||||
pwg_get_session_var('multiview', array())
|
||||
);
|
||||
|
||||
$this->data_url_params = array_keys($this->data);
|
||||
$this->data_url_params = array_map(create_function('$d', 'return "ato_".$d;'), $this->data_url_params);
|
||||
}
|
||||
|
||||
/**
|
||||
* @return bool
|
||||
*/
|
||||
public function is_admin()
|
||||
{
|
||||
return $this->is_admin;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function get_data()
|
||||
{
|
||||
return $this->data;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function get_user()
|
||||
{
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
/**
|
||||
* Save $data in session
|
||||
*/
|
||||
private function save()
|
||||
{
|
||||
pwg_set_session_var('multiview', $this->data);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the current url minus MultiView params
|
||||
*
|
||||
* @param bool $with_amp - adds ? or & at the end of the url
|
||||
* @return string
|
||||
*/
|
||||
public function get_clean_url($with_amp=false)
|
||||
{
|
||||
if (script_basename() == 'picture')
|
||||
{
|
||||
$url = duplicate_picture_url(array(), $this->data_url_params);
|
||||
}
|
||||
else if (script_basename() == 'index')
|
||||
{
|
||||
$url = duplicate_index_url(array(), $this->data_url_params);
|
||||
}
|
||||
else
|
||||
{
|
||||
$url = get_query_string_diff($this->data_url_params);
|
||||
}
|
||||
|
||||
if ($with_amp)
|
||||
{
|
||||
$url.= strpos($url, '?')!==false ? '&' : '?';
|
||||
}
|
||||
|
||||
return $url;
|
||||
}
|
||||
|
||||
/**
|
||||
* Triggered on "user_init", change current view depending of URL params.
|
||||
*/
|
||||
public function user_init()
|
||||
{
|
||||
global $user, $conf;
|
||||
|
||||
$this->is_admin = is_admin();
|
||||
|
||||
$this->user = array(
|
||||
'id' => $user['id'],
|
||||
'username' => $user['username'],
|
||||
'language' => $user['language'],
|
||||
'theme' => $user['theme'],
|
||||
);
|
||||
|
||||
// inactive on ws.php to allow AJAX admin tasks
|
||||
if ($this->is_admin && script_basename() != 'ws')
|
||||
{
|
||||
if ($this->data['view_as'] == 0)
|
||||
{
|
||||
$this->data['view_as'] = $user['id'];
|
||||
}
|
||||
if (empty($this->data['lang']))
|
||||
{
|
||||
$this->data['lang'] = $user['language'];
|
||||
}
|
||||
if (empty($this->data['theme']))
|
||||
{
|
||||
$this->data['theme'] = $user['theme'];
|
||||
}
|
||||
|
||||
// view_as
|
||||
if (!defined('IN_ADMIN'))
|
||||
{
|
||||
if (isset($_GET['ato_view_as']))
|
||||
{
|
||||
$this->data['view_as'] = (int)$_GET['ato_view_as'];
|
||||
}
|
||||
if ($this->data['view_as'] != $user['id'])
|
||||
{
|
||||
$user = build_user($this->data['view_as'], true);
|
||||
if (isset($_GET['ato_view_as']))
|
||||
{
|
||||
$this->data['theme'] = $user['theme'];
|
||||
$this->data['lang'] = $user['language'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// theme
|
||||
if (isset($_GET['ato_theme']))
|
||||
{
|
||||
$this->data['theme'] = $_GET['ato_theme'];
|
||||
}
|
||||
$user['theme'] = $this->data['theme'];
|
||||
|
||||
// lang
|
||||
if (isset($_GET['ato_lang']))
|
||||
{
|
||||
$this->data['lang'] = $_GET['ato_lang'];
|
||||
}
|
||||
$user['language'] = $this->data['lang'];
|
||||
|
||||
// show_queries
|
||||
if (isset($_GET['ato_show_queries']))
|
||||
{
|
||||
$this->data['show_queries'] = (bool)$_GET['ato_show_queries'];
|
||||
}
|
||||
$conf['show_queries'] = $this->data['show_queries'];
|
||||
|
||||
// debug_l10n
|
||||
if (isset($_GET['ato_debug_l10n']))
|
||||
{
|
||||
$this->data['debug_l10n'] = (bool)$_GET['ato_debug_l10n'];
|
||||
}
|
||||
$conf['debug_l10n'] = $this->data['debug_l10n'];
|
||||
|
||||
// debug_template
|
||||
if (isset($_GET['ato_debug_template']))
|
||||
{
|
||||
$this->data['debug_template'] = (bool)$_GET['ato_debug_template'];
|
||||
}
|
||||
$conf['debug_template'] = $this->data['debug_template'];
|
||||
|
||||
// template_combine_files
|
||||
if (isset($_GET['ato_template_combine_files']))
|
||||
{
|
||||
$this->data['template_combine_files'] = (bool)$_GET['ato_template_combine_files'];
|
||||
}
|
||||
$conf['template_combine_files'] = $this->data['template_combine_files'];
|
||||
|
||||
// no_history
|
||||
if (isset($_GET['ato_no_history']))
|
||||
{
|
||||
$this->data['no_history'] = (bool)$_GET['ato_no_history'];
|
||||
}
|
||||
if ($this->data['no_history'])
|
||||
{
|
||||
add_event_handler('pwg_log_allowed', create_function('', 'return false;'));
|
||||
}
|
||||
|
||||
$this->save();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the language of the current user if different from the current language
|
||||
* false otherwise
|
||||
*/
|
||||
function get_user_language()
|
||||
{
|
||||
if (isset($this->user['language']) && isset($this->data['lang'])
|
||||
&& $this->user['language'] != $this->data['lang']
|
||||
)
|
||||
{
|
||||
return $this->user['language'];
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Triggered on "init", in order to clean template files (not initialized on "user_init")
|
||||
*/
|
||||
public function init()
|
||||
{
|
||||
if ($this->is_admin)
|
||||
{
|
||||
if (isset($_GET['ato_purge_template']))
|
||||
{
|
||||
global $template;
|
||||
$template->delete_compiled_templates();
|
||||
FileCombiner::clear_combined_files();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Mark browser session cache for deletion
|
||||
*/
|
||||
public static function invalidate_cache()
|
||||
{
|
||||
global $conf;
|
||||
conf_update_param('multiview_invalidate_cache', true, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Register custom API methods
|
||||
*/
|
||||
public static function register_ws($arr)
|
||||
{
|
||||
$service = &$arr[0];
|
||||
|
||||
$service->addMethod(
|
||||
'multiView.getData',
|
||||
array('MultiView', 'ws_get_data'),
|
||||
array(),
|
||||
'AdminTools private method.',
|
||||
null,
|
||||
array('admin_only' => true, 'hidden' => true)
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* API method
|
||||
* Return full list of users, themes and languages
|
||||
*/
|
||||
public static function ws_get_data($params)
|
||||
{
|
||||
global $conf;
|
||||
|
||||
// get users
|
||||
$query = '
|
||||
SELECT
|
||||
'.$conf['user_fields']['id'].' AS id,
|
||||
'.$conf['user_fields']['username'].' AS username
|
||||
FROM '.USERS_TABLE.'
|
||||
ORDER BY CONVERT('.$conf['user_fields']['username'].', CHAR)
|
||||
;';
|
||||
$out['users'] = array_from_query($query);
|
||||
|
||||
// get themes
|
||||
include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
|
||||
$themes = new themes();
|
||||
foreach (array_keys($themes->db_themes_by_id) as $theme)
|
||||
{
|
||||
if (!empty($theme))
|
||||
{
|
||||
$out['themes'][] = $theme;
|
||||
}
|
||||
}
|
||||
|
||||
// get languages
|
||||
foreach (get_languages() as $code => $name)
|
||||
{
|
||||
$out['languages'][] = array(
|
||||
'id' => $code,
|
||||
'name' => $name,
|
||||
);
|
||||
}
|
||||
|
||||
conf_delete_param('multiview_invalidate_cache');
|
||||
|
||||
return $out;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,312 @@
|
||||
<?php
|
||||
defined('ADMINTOOLS_PATH') or die('Hacking attempt!');
|
||||
|
||||
/**
|
||||
* Add main toolbar to current page
|
||||
* @trigger loc_after_page_header
|
||||
*/
|
||||
function admintools_add_public_controller()
|
||||
{
|
||||
global $MultiView, $conf, $template, $page, $user, $picture;
|
||||
|
||||
if (script_basename() == 'picture' and empty($picture['current']))
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$url_root = get_root_url();
|
||||
$tpl_vars = array();
|
||||
|
||||
if ($MultiView->is_admin())
|
||||
{ // full options for admin
|
||||
$tpl_vars['U_SITE_ADMIN'] = $url_root . 'admin.php?page=';
|
||||
$tpl_vars['MULTIVIEW'] = $MultiView->get_data();
|
||||
$tpl_vars['USER'] = $MultiView->get_user();
|
||||
$tpl_vars['CURRENT_USERNAME'] = $user['id']==$conf['guest_id'] ? l10n('guest') : $user['username'];
|
||||
$tpl_vars['DELETE_CACHE'] = isset($conf['multiview_invalidate_cache']);
|
||||
|
||||
if (($admin_lang = $MultiView->get_user_language()) !== false)
|
||||
{
|
||||
include_once(PHPWG_ROOT_PATH . 'include/functions_mail.inc.php');
|
||||
switch_lang_to($admin_lang);
|
||||
}
|
||||
}
|
||||
else if ($conf['AdminTools']['public_quick_edit'] and
|
||||
script_basename() == 'picture' and $picture['current']['added_by'] == $user['id']
|
||||
)
|
||||
{ // only "edit" button for photo owner
|
||||
}
|
||||
else
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$tpl_vars['POSITION'] = $conf['AdminTools']['closed_position'];
|
||||
$tpl_vars['DEFAULT_OPEN'] = $conf['AdminTools']['default_open'];
|
||||
$tpl_vars['U_SELF'] = $MultiView->get_clean_url(true);
|
||||
|
||||
// photo page
|
||||
if (script_basename() == 'picture')
|
||||
{
|
||||
$url_self = duplicate_picture_url();
|
||||
$tpl_vars['IS_PICTURE'] = true;
|
||||
|
||||
// admin can add to caddie and set representattive
|
||||
if ($MultiView->is_admin())
|
||||
{
|
||||
$template->clear_assign(array(
|
||||
'U_SET_AS_REPRESENTATIVE',
|
||||
'U_PHOTO_ADMIN',
|
||||
'U_CADDIE',
|
||||
));
|
||||
|
||||
$template->set_prefilter('picture', 'admintools_remove_privacy');
|
||||
|
||||
$tpl_vars['U_CADDIE'] = add_url_params(
|
||||
$url_self,
|
||||
array('action'=>'add_to_caddie')
|
||||
);
|
||||
|
||||
$query = '
|
||||
SELECT element_id FROM ' . CADDIE_TABLE . '
|
||||
WHERE element_id = ' . $page['image_id'] .'
|
||||
;';
|
||||
$tpl_vars['IS_IN_CADDIE'] = pwg_db_num_rows(pwg_query($query)) > 0;
|
||||
|
||||
if (isset($page['category']))
|
||||
{
|
||||
$tpl_vars['CATEGORY_ID'] = $page['category']['id'];
|
||||
|
||||
$tpl_vars['U_SET_REPRESENTATIVE'] = add_url_params(
|
||||
$url_self,
|
||||
array('action'=>'set_as_representative')
|
||||
);
|
||||
|
||||
$tpl_vars['IS_REPRESENTATIVE'] = $page['category']['representative_picture_id'] == $page['image_id'];
|
||||
}
|
||||
|
||||
$tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=photo-' . $page['image_id']
|
||||
.(isset($page['category']) ? '&cat_id=' . $page['category']['id'] : '');
|
||||
}
|
||||
|
||||
$tpl_vars['U_DELETE'] = add_url_params(
|
||||
$url_self, array(
|
||||
'delete'=>'',
|
||||
'pwg_token'=>get_pwg_token()
|
||||
)
|
||||
);
|
||||
|
||||
// gets tags (full available list is loaded in ajax)
|
||||
include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
|
||||
|
||||
$query = '
|
||||
SELECT id, name
|
||||
FROM '.IMAGE_TAG_TABLE.' AS it
|
||||
JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
|
||||
WHERE image_id = '.$page['image_id'].'
|
||||
;';
|
||||
$tag_selection = get_taglist($query);
|
||||
|
||||
$tpl_vars['QUICK_EDIT'] = array(
|
||||
'img' => $picture['current']['derivatives']['square']->get_url(),
|
||||
'name' => $picture['current']['name'],
|
||||
'comment' => $picture['current']['comment'],
|
||||
'author' => $picture['current']['author'],
|
||||
'level' => $picture['current']['level'],
|
||||
'date_creation' => substr($picture['current']['date_creation'], 0, 10),
|
||||
'date_creation_time' => substr($picture['current']['date_creation'], 11, 5),
|
||||
'tag_selection' => $tag_selection,
|
||||
);
|
||||
}
|
||||
// album page (admin only)
|
||||
else if ($MultiView->is_admin() and @$page['section'] == 'categories' and isset($page['category']))
|
||||
{
|
||||
$url_self = duplicate_index_url();
|
||||
|
||||
$tpl_vars['IS_CATEGORY'] = true;
|
||||
$tpl_vars['CATEGORY_ID'] = $page['category']['id'];
|
||||
|
||||
$template->clear_assign(array(
|
||||
'U_EDIT',
|
||||
'U_CADDIE',
|
||||
));
|
||||
|
||||
$tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=album-' . $page['category']['id'];
|
||||
|
||||
if (!empty($page['items']))
|
||||
{
|
||||
$tpl_vars['U_CADDIE'] = add_url_params(
|
||||
$url_self,
|
||||
array('caddie'=>1)
|
||||
);
|
||||
}
|
||||
|
||||
$tpl_vars['QUICK_EDIT'] = array(
|
||||
'img' => null,
|
||||
'name' => $page['category']['name'],
|
||||
'comment' => $page['category']['comment'],
|
||||
);
|
||||
|
||||
if (!empty($page['category']['representative_picture_id']))
|
||||
{
|
||||
$query = '
|
||||
SELECT * FROM '.IMAGES_TABLE.'
|
||||
WHERE id = '. $page['category']['representative_picture_id'] .'
|
||||
;';
|
||||
$image_infos = pwg_db_fetch_assoc(pwg_query($query));
|
||||
|
||||
$tpl_vars['QUICK_EDIT']['img'] = DerivativeImage::get_one(IMG_SQUARE, $image_infos)->get_url();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$template->assign(array(
|
||||
'ADMINTOOLS_PATH' => './plugins/' . ADMINTOOLS_ID .'/',
|
||||
'ato' => $tpl_vars,
|
||||
));
|
||||
|
||||
$template->set_filename('ato_public_controller', realpath(ADMINTOOLS_PATH . 'template/public_controller.tpl'));
|
||||
$template->parse('ato_public_controller');
|
||||
|
||||
if ($MultiView->is_admin() && @$admin_lang !== false)
|
||||
{
|
||||
switch_lang_back();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Disable privacy level switchbox
|
||||
*/
|
||||
function admintools_remove_privacy($content)
|
||||
{
|
||||
$search = '{if $display_info.privacy_level and isset($available_permission_levels)}';
|
||||
$replace = '{if false}';
|
||||
return str_replace($search, $replace, $content);
|
||||
}
|
||||
|
||||
/**
|
||||
* Save picture form
|
||||
* @trigger loc_begin_picture
|
||||
*/
|
||||
function admintools_save_picture()
|
||||
{
|
||||
global $page, $conf, $MultiView, $user, $picture;
|
||||
|
||||
if (!isset($_GET['delete']) and !isset($_POST['action']) and @$_POST['action'] != 'quick_edit')
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
$query = 'SELECT added_by FROM '. IMAGES_TABLE .' WHERE id = '. $page['image_id'] .';';
|
||||
list($added_by) = pwg_db_fetch_row(pwg_query($query));
|
||||
|
||||
if (!$MultiView->is_admin() and $user['id'] != $added_by)
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if (isset($_GET['delete']) and get_pwg_token()==@$_GET['pwg_token'])
|
||||
{
|
||||
include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
|
||||
|
||||
delete_elements(array($page['image_id']), true);
|
||||
invalidate_user_cache();
|
||||
|
||||
if (isset($page['rank_of'][ $page['image_id'] ]))
|
||||
{
|
||||
redirect(
|
||||
duplicate_index_url(
|
||||
array(
|
||||
'start' =>
|
||||
floor($page['rank_of'][ $page['image_id'] ] / $page['nb_image_page'])
|
||||
* $page['nb_image_page']
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
else
|
||||
{
|
||||
redirect(make_index_url());
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST['action'] == 'quick_edit')
|
||||
{
|
||||
include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
|
||||
|
||||
$data = array(
|
||||
'name' => $_POST['name'],
|
||||
'author' => $_POST['author'],
|
||||
);
|
||||
|
||||
if ($MultiView->is_admin())
|
||||
{
|
||||
$data['level'] = $_POST['level'];
|
||||
}
|
||||
|
||||
if ($conf['allow_html_descriptions'])
|
||||
{
|
||||
$data['comment'] = @$_POST['comment'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$data['comment'] = strip_tags(@$_POST['comment']);
|
||||
}
|
||||
|
||||
if (!empty($_POST['date_creation']) and strtotime($_POST['date_creation']) !== false)
|
||||
{
|
||||
$data['date_creation'] = $_POST['date_creation'] .' '. $_POST['date_creation_time'];
|
||||
}
|
||||
|
||||
single_update(
|
||||
IMAGES_TABLE,
|
||||
$data,
|
||||
array('id' => $page['image_id'])
|
||||
);
|
||||
|
||||
$tag_ids = array();
|
||||
if (!empty($_POST['tags']))
|
||||
{
|
||||
$tag_ids = get_tag_ids($_POST['tags']);
|
||||
}
|
||||
set_tags($tag_ids, $page['image_id']);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Save category form
|
||||
* @trigger loc_begin_index
|
||||
*/
|
||||
function admintools_save_category()
|
||||
{
|
||||
global $page, $conf, $MultiView;
|
||||
|
||||
if (!$MultiView->is_admin())
|
||||
{
|
||||
return;
|
||||
}
|
||||
|
||||
if (@$_POST['action'] == 'quick_edit')
|
||||
{
|
||||
$data = array(
|
||||
'name' => $_POST['name'],
|
||||
);
|
||||
|
||||
if ($conf['allow_html_descriptions'])
|
||||
{
|
||||
$data['comment'] = @$_POST['comment'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$data['comment'] = strip_tags(@$_POST['comment']);
|
||||
}
|
||||
|
||||
single_update(
|
||||
CATEGORIES_TABLE,
|
||||
$data,
|
||||
array('id' => $page['category']['id'])
|
||||
);
|
||||
|
||||
redirect(duplicate_index_url());
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,7 @@
|
||||
<?php
|
||||
$url = '../';
|
||||
header( 'Request-URI: '.$url );
|
||||
header( 'Content-Location: '.$url );
|
||||
header( 'Location: '.$url );
|
||||
exit();
|
||||
?>
|
||||
Reference in New Issue
Block a user