archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

remove ws access table/partners functionality

Browse source 
git-svn-id: http://piwigo.org/svn/trunk@2516 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices 2008-09-11 01:20:25 +00:00
commit fdffe42bdc
17 changed files with 53 additions and 901 deletions
Download patch file Download diff file Expand all files Collapse all files

4
admin.php
View file

@ -96,10 +96,6 @@ $template->assign(
'U_ADMIN'=> PHPWG_ROOT_PATH.'admin.php'
)
);
if ($conf['ws_access_control']) // Do we need to display ws_checker
{
$template->assign('U_WS_CHECKER', $link_start.'ws_checker' );
}
//---------------------------------------------------------------- plugin menus
$plugin_menu_links = trigger_event('get_admin_plugin_menu_links', array() );

5
admin/include/functions_upgrade.php
View file

@ -71,14 +71,13 @@ function prepare_conf_upgrade()
define('TAGS_TABLE', $prefixeTable.'tags');
define('IMAGE_TAG_TABLE', $prefixeTable.'image_tag');
define('PLUGINS_TABLE', $prefixeTable.'plugins');
define('WEB_SERVICES_ACCESS_TABLE', $prefixeTable.'ws_access');
define('OLD_PERMALINKS_TABLE', $prefixeTable.'old_permalinks');
}
// Create empty local files to avoid log errors
function create_empty_local_files()
function create_empty_local_files()
{
$files =
$files =
array (
PHPWG_ROOT_PATH . 'template-common/local-layout.css',
PHPWG_ROOT_PATH . 'template/yoga/local-layout.css'

3
admin/template/yoga/admin.tpl
View file

@ -84,9 +84,6 @@ jQuery().ready(function(){ldelim}
<li><a href="{$U_HISTORY_STAT}">{'History'|@translate}</a></li>
<li><a href="{$U_MAINTENANCE}">{'Maintenance'|@translate}</a></li>
<li><a href="{$U_ADVANCED_FEATURE}">{'Advanced_features'|@translate}</a></li>
{if isset($U_WS_CHECKER) }
<li><a href="{$U_WS_CHECKER}">{'web_services'|@translate}</a></li>
{/if}
<li>
{'Plugins'|@translate}
<ul {* TODO conditional class="scroll" *}>

215
admin/template/yoga/admin/ws_checker.tpl
View file

@ -1,215 +0,0 @@
{* $Id$ *}
<div class="titrePage">
<h2>{'title_wscheck'|@translate} - {'web_services'|@translate}</h2>
</div>
{if !empty($update_results)}
<ul>
{foreach from=$update_results item=result}
<li>$result</li>
{/foreach}
</ul>
{/if}
{* Add Access *}
<form method="post" name="adding_access" action="{$F_STATUS_ACTION}">
<!-- Current Default -->
<fieldset>
<legend>{'ws_adding_legend'|@translate}</legend>
<table>
{* Access key *}
<tr>
<td>
<label for="KeyName">{'Confidential partner key'|@translate} </label>
</td>
<td>
<input type="text" maxlength="35" size="35" name="add_partner"
id="add_partner" value="{$F_ADD_PARTNER}"
title="{'Basis of access key calculation'|@translate}" />
</td>
</tr>
{* Target (cat/ids, tag/ids, or list/ids ids=id,id-id,...) *}
<tr>
<td>
<label for="Access">{'Target'|@translate}</label>
</td>
<td>
<input type="text" maxlength="128" size="35" name="add_target"
id="add_target" value="{$F_ADD_ACCESS}"
title="{'Facultative and restrictive option'|@translate}" />
<i><small> ({'Access: see help text for more'|@translate})
</small></i>
</td>
</tr>
{* Restricted access to specific request *}
<tr>
<td>
<label for="add_request">{'Restrict access to'|@translate}</label>
</td>
<td>
<select name="add_request" id="add_request" style="width: 18em"
onfocus="this.className='focus';"
onblur="this.className='nofocus';">
<option value=""></option>
{html_options values=$add_requests output=$add_requests}
</select>
<i><small> ({'ws_Methods'|@translate})</small></i>
</td>
</tr>
{* Limit number of images information to be return *}
<tr>
<td>
<label for="add_limit">{'Returned images limit'|@translate}</label>
</td>
<td>
<select name="add_limit" id="add_limit" style="width: 10em"
onfocus="this.className='focus';"
onblur="this.className='nofocus';">
{html_options values=$add_limits output=$add_limits}
</select>
</td>
</tr>
{* Open service is postponed by n days *}
{* In comment currently
<tr>
<td>
<label for="add_start">{'Postponed availability in days'|@translate}</label>
</td>
<td>
<select name="add_start" id="add_start" style="width: 10em"
onfocus="this.className='focus';"
onblur="this.className='nofocus';">
<!-- BEGIN add_start -->
<option value="{add_start.VALUE}"
{add_start.SELECTED}>{add_start.CONTENT}
</option>
<!-- END add_start -->
</select>
</td>
</tr>
*}
{* Opened service only for n days *}
<tr>
<td>
<label for="add_end">{'Duration in days'|@translate}</label>
</td>
<td>
<select name="add_end" id="add_end" style="width: 10em"
onfocus="this.className='focus';"
onblur="this.className='nofocus';">
{html_options values=$add_ends output=$add_ends}
</select>
</td>
</tr>
{* Idendify your partner (name / website / phone) as you want *}
<tr>
<td>
<label for="add_Comment">{'ws_Comment'|@translate}</label>
<br />
</td>
<td>
<textarea name="add_comment" id="add_comment"
rows="4" cols="80">{'Comment to identify your partner clearly'|@translate}</textarea>
</td>
</tr>
{* Add submit button *}
<tr>
<td>
</td>
<td>
<input class="submit" type="submit" name="wsa_submit" style="width: 10em; padding-top: 3px;"
value="{'Submit'|@translate}" {$TAG_INPUT_ENABLED}
title="{'Add this access definition'|@translate}" />
</td>
</tr>
</table>
</fieldset>
</form>
{if !empty($access_list)}
<!-- Access list -->
<form method="post" name="preferences" action="{$F_STATUS_ACTION}">
<input type="hidden" name="partner_prev" value="{$F_PREV_PARTNER}">
<input type="hidden" name="request_prev" value="{$F_PREV_REQUEST}">
<input type="hidden" name="high_prev" value="{$F_PREV_HIGH}">
<input type="hidden" name="normal_prev" value="{$F_PREV_NORMAL}">
<input type="hidden" name="order_prev" value="{$F_PREV_ORDER}">
<input type="hidden" name="dir5n_prev" value="{$F_PREV_DIR5N}">
<!-- Delete / Update Selected -->
<fieldset>
<legend>{'ws_update_legend'|@translate}</legend>
<table class="table2">
<tr class="throw">
<th>&nbsp;</th>
<th>{'ws_KeyName'|@translate}</th>
<th>{'ws_Access'|@translate}</th>
<th>{'ws_End'|@translate}</th>
<th>{'ws_Request'|@translate}</th>
<th>{'ws_Limit'|@translate}</th>
<th>{'ws_Comment'|@translate}</th>
</tr>
{foreach from=$access_list item=access name=access_loop}
<tr class="{if $smarty.foreach.access_loop.index is odd}row1{else}row2{/if}">
<td>
<input type="radio" name="selection"
value="{$access.ID}" id="selection-{$access.ID}">
</td>
<td><label for="selection-{$access.ID}">{$access.NAME}</label></td>
<td>{$access.TARGET}</td>
<td>{$access.END}</td>
<td>{$access.REQUEST}</td>
<td>{$access.LIMIT}</td>
<td>{$access.COMMENT}</td>
</tr>
{/foreach}
</table>
<table>
<tr>
<td>
{'ws_delete_legend'|@translate}
</td>
<td>
<input type="radio" name="delete_confirmation"
value="true">
<input class="submit" type="submit" name="wsX_submit" style="width: 10em; padding-top: 3px;"
value="{'Delete'|@translate}" {$TAG_INPUT_ENABLED}>
</td>
</tr>
</table>
<hr>
<table>
<tr>
<td>
<span class="property">
<label for="upd_end">{'Modify End from Now +'|@translate} </label>
</span>
<select name="upd_end" id="upd_end" style="width: 10em"
onfocus="this.className='focus';"
onblur="this.className='nofocus';">
{html_options values=$add_ends output=$add_ends}
</select>
<input class="submit" type="submit" name="wsu_submit" style="width: 10em; padding-top: 3px;"
value="{'Submit'|@translate}" {$TAG_INPUT_ENABLED}>
</td>
<td>
<i><small> ({'Web Services availability duration in days'|@translate})</small></i>
</td>
</tr>
</table>
</fieldset>
</form>
{/if}
{if isset($WS_STATUS)}
<h3>{$WS_STATUS}</h3>
{/if}

1
admin/template/yoga/theme/admin/themeconf.inc.php
View file

@ -39,7 +39,6 @@ function selected_admin_menu()
case 'history':
case 'maintenance':
case 'advanced_feature':
case 'ws_checker':
case 'plugins_list':
case 'plugin':
return 5;

334
admin/ws_checker.php
View file

@ -1,334 +0,0 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based picture gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
// Next evolution...
// Out of parameter WS management
// The remainer objective is to check
// - Does Web Service working properly?
// - Does any access return something really?
// Give a way to check to the webmaster...
// These questions are one of module name explanations (checker).
if((!defined("PHPWG_ROOT_PATH")) or (!$conf['allow_web_services']))
{
die('Hacking attempt!');
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
include_once(PHPWG_ROOT_PATH.'include/ws_functions.inc.php');
/**
* official_req returns the managed requests list in array format
* FIXME A New list need to be build for ws_checker.php
* returns array of authrorized request/methods
* */
function official_req()
{
$official = array( /* Requests are limited to */
'categories.' /* all categories. methods */
, 'categories.getImages'
, 'categories.getList'
, 'images.' /* all images. methods */
, 'images.getInfo'
, 'images.addComment'
, 'images.search'
, 'tags.' /* all tags. methods */
, 'tags.getImages'
, 'tags.getList'
);
if (function_exists('local_req')) {
$local = local_req();
return array_merge( $official, $local );
}
return $official;
}
/**
* check_target($string) verifies and corrects syntax of target parameter
* example : check_target(cat/23,24,24,24,25,27) returns cat/23-25,27
* */
function check_target($list)
{
if ( $list !== '' )
{
$type = explode('/',$list); // Find type list
if ( !in_array($type[0],array('list','cat','tag') ) )
{
$type[0] = 'list'; // Assume an id list
}
$ids = explode( ',',$type[1] );
$list = $type[0] . '/';
// 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,
$result = expand_id_list( $ids );
// 1,2,3,4,5,6,9,10,11,12,13,21,22,
// I would like
// 1-6,9-13,21-22
$serial[] = $result[0]; // To be shifted
foreach ($result as $k => $id)
{
$next_less_1 = (isset($result[$k + 1]))? $result[$k + 1] - 1:-1;
if ( $id == $next_less_1 and end($serial)=='-' )
{ // nothing to do
}
elseif ( $id == $next_less_1 )
{
$serial[]=$id;
$serial[]='-';
}
else
{
$serial[]=$id; // end serie or non serie
}
}
$null = array_shift($serial); // remove first value
$list .= array_shift($serial); // add the real first one
$separ = ',';
foreach ($serial as $id)
{
$list .= ($id=='-') ? '' : $separ . $id;
$separ = ($id=='-') ? '-':','; // add comma except if hyphen
}
}
return $list;
}
// +-----------------------------------------------------------------------+
// | Check Access and exit when user status is not ok |
// +-----------------------------------------------------------------------+
check_status(ACCESS_ADMINISTRATOR);
// accepted queries
$req_type_list = official_req();
//--------------------------------------------------------- update informations
$chk_partner = '';
// Is a new access required?
if (isset($_POST['wsa_submit']))
{
// Check $_post (Some values are commented - maybe a future use)
$add_partner = htmlspecialchars( $_POST['add_partner'], ENT_QUOTES);
$add_target = check_target( $_POST['add_target']) ;
$add_end = ( is_numeric($_POST['add_end']) ) ? $_POST['add_end']:0;
$add_request = htmlspecialchars( $_POST['add_request'], ENT_QUOTES);
$add_limit = ( is_numeric($_POST['add_limit']) ) ? $_POST['add_limit']:1;
$add_comment = htmlspecialchars( $_POST['add_comment'], ENT_QUOTES);
if ( strlen($add_partner) < 8 )
{ // TODO What? Complete with some MD5...
}
$query = '
INSERT INTO '.WEB_SERVICES_ACCESS_TABLE.'
( `name` , `access` , `start` , `end` , `request` , `limit` , `comment` )
VALUES (' . "
'$add_partner', '$add_target',
NOW(),
ADDDATE( NOW(), INTERVAL $add_end DAY),
'$add_request', '$add_limit', '$add_comment' );";
pwg_query($query);
$chk_partner = $add_partner;
$template->append(
'update_results',
l10n('ws_adding_legend').l10n('ws_success_upd')
);
}
// Next, Update selected access
if (isset($_POST['wsu_submit']))
{
$upd_end = ( is_numeric($_POST['upd_end']) ) ? $_POST['upd_end']:0;
$settxt = ' end = ADDDATE(NOW(), INTERVAL '. $upd_end .' DAY)';
if ((isset($_POST['selection'])) and (trim($settxt) != ''))
{
$uid = (int) $_POST['selection'];
$query = '
UPDATE '.WEB_SERVICES_ACCESS_TABLE.'
SET '.$settxt.'
WHERE id = '.$uid.'; ';
pwg_query($query);
$template->append(
'update_results',
l10n('ws_update_legend').l10n('ws_success_upd')
);
} else {
$template->append(
'update_results',
l10n('ws_update_legend').l10n('ws_failed_upd')
);
}
}
// Next, Delete selected access
if (isset($_POST['wsX_submit']))
{
if ((isset($_POST['delete_confirmation']))
and (isset($_POST['selection'])))
{
$uid = (int) $_POST['selection'];
$query = 'DELETE FROM '.WEB_SERVICES_ACCESS_TABLE.'
WHERE id = '.$uid.'; ';
pwg_query($query);
$template->append(
'update_results',
l10n('ws_delete_legend').l10n('ws_success_upd')
);
} else {
$template->append(
'update_results',
l10n('Not selected / Not confirmed').l10n('ws_failed_upd')
);
}
}
$template->assign(
array(
'U_HELP' => get_root_url().'popuphelp.php?page=web_service',
)
);
// Build where
$where = '';
$order = ' ORDER BY `id` DESC' ;
$query = '
SELECT *
FROM '.WEB_SERVICES_ACCESS_TABLE.'
WHERE 1=1 '
.$where.
' '
.$order.
';';
$result = pwg_query($query);
$acc_list = mysql_num_rows($result);
$result = pwg_query($query);
// +-----------------------------------------------------------------------+
// | template init |
// +-----------------------------------------------------------------------+
$template->set_filenames(
array(
'ws_checker' => 'admin/ws_checker.tpl'
)
);
// Access List
while ($row = mysql_fetch_array($result))
{
$chk_partner = ( $chk_partner == '' ) ? $row['name'] : $chk_partner;
$template->append(
'access_list',
array(
'ID' => $row['id'],
'NAME' =>
(is_adviser()) ? '*********' : $row['name'],
'TARGET' => $row['access'],
'END' => $row['end'],
'REQUEST' => $row['request'],
'LIMIT' => $row['limit'],
'COMMENT' => $row['comment'],
)
);
}
$template->assign('add_requests', $req_type_list);
$template->assign('add_limits', $conf['ws_allowed_limit'] );
// Postponed Start Date
// By default 0, 1, 2, 3, 5, 7, 14 or 30 days
/*foreach ($conf['ws_postponed_start'] as $value) {
$template->assign_block_vars(
'add_start',
array(
'VALUE'=> $value,
'CONTENT' => $value,
'SELECTED' => ($conf['ws_postponed_start'][0] == $value) ? $selected:'',
)
);
}*/
// Durations (Allowed Web Services Period)
// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s) or 15, 10, 7, 5, 1, 0 day(s)
$template->assign('add_ends', $conf['ws_durations']);
if ( $chk_partner !== '' )
{
if (function_exists('curl_init'))
{
$request = get_absolute_root_url().'ws.php?method=pwg.getVersion&format=rest&'
. "partner=$chk_partner" ;
$session = curl_init($request);
curl_setopt ($session, CURLOPT_POST, true);
curl_setopt($session, CURLOPT_HEADER, true);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($session);
curl_close($session);
$status_code = array();
preg_match('/\d\d\d/', $response, $status_code);
switch( $status_code[0] ) {
case 200:
$ws_status = l10n('Web Services under control');
break;
case 503:
$ws_status = 'Piwigo Web Services failed and returned an '
. 'HTTP status of 503. Service is unavailable. An internal '
. 'problem prevented us from returning data to you.';
break;
case 403:
$ws_status = 'Piwigo Web Services failed and returned an '
. 'HTTP status of 403. Access is forbidden. You do not have '
. 'permission to access this resource, or are over '
. 'your rate limit.';
break;
case 400:
// You may want to fall through here and read the specific XML error
$ws_status = 'Piwigo Web Services failed and returned an '
. 'HTTP status of 400. Bad request. The parameters passed '
. 'to the service did not match as expected. The exact '
. 'error is returned in the XML response.';
break;
default:
$ws_status = 'Piwigo Web Services returned an unexpected HTTP '
. 'status of:' . $status_code[0];
}
}
else
{
$ws_status = 'Cannot check - curl not installed';
}
$template->assign( 'WS_STATUS', $ws_status );
}
//----------------------------------------------------------- sending html code
$template->assign_var_from_handle('ADMIN_CONTENT', 'ws_checker');
include_once(PHPWG_ROOT_PATH.'include/ws_core.inc.php');
?>

18
include/config_default.inc.php
View file

@ -618,24 +618,6 @@ $conf['allow_web_services'] = true;
// Maximum number of images to be returned foreach call to the web service
$conf['ws_max_images_per_page'] = 500;
// On Access control false / Admim Web Service need Php cURL extension
// Controls are done on public basis or
// if connected on member authorization basis
$conf['ws_access_control'] = false;
// Additionnal controls are made based on Web Service Access Table
// Max returned rows number ( > 0 )
$conf['ws_allowed_limit'] = array(1,2,3,5,10,25);
// By default can be delayed by 0, 1, 2, 3, 5, 7, 14 or 30 days
// 0 it's Now(), don't remove that one
$conf['ws_postponed_start'] = array(0,1,2,3,5,7,14,30); /* In days */
// By default 10, 5, 2, 1 year(s) or 6, 3, 1 month(s)
// or 15, 10, 7, 5, 1, 0 day(s)
// 0 it's temporary closed (Useful for one access)
$conf['ws_durations'] = array(3650,1825,730,365,182,91,30,15,10,7,5,1,0);
// +-----------------------------------------------------------------------+
// | Filter |
// +-----------------------------------------------------------------------+

2
include/constants.php
View file

@ -104,8 +104,6 @@ if (!defined('IMAGE_TAG_TABLE'))
define('IMAGE_TAG_TABLE', $prefixeTable.'image_tag');
if (!defined('PLUGINS_TABLE'))
define('PLUGINS_TABLE', $prefixeTable.'plugins');
if (!defined('WEB_SERVICES_ACCESS_TABLE'))
define('WEB_SERVICES_ACCESS_TABLE', $prefixeTable.'ws_access');
if (!defined('OLD_PERMALINKS_TABLE'))
define('OLD_PERMALINKS_TABLE', $prefixeTable.'old_permalinks');

156
include/ws_functions.inc.php
View file

@ -42,108 +42,9 @@ function ws_isInvokeAllowed($res, $methodName, $params)
return new PwgError(401, 'Access denied');
}
if ( !$conf['ws_access_control'] )
{
return $res; // No controls are requested
}
$query = '
SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
WHERE `name` = '$calling_partner_id'
AND NOW() <= end; ";
$result = pwg_query($query);
$row = mysql_fetch_assoc($result);
if ( empty($row) )
{
return new PwgError(403, 'Partner id does not exist or is expired');
}
if ( !empty($row['request'])
and strpos($methodName, $row['request'])==false
and strpos($methodName, 'session')==false
and strpos($methodName, 'getVersion')==false )
{ // session and getVersion are allowed to diagnose any failure reason
return new PwgError(403, 'Method not allowed');
}
return $res;
}
/**
* ws_addControls
* returns additionnal controls if requested
* usable for 99% of Web Service methods
*
* - Args
* $methodName: is the requested method
* $partner: is the key
* $tbl_name: is the alias_name in the query (sometimes called correlation name)
* null if !getting picture informations
* - Logic
* Access_control is not active: Return
* Key is incorrect: Return 0 = 1 (False condition for MySQL)
* One of Params doesn't match with type of request: return 0 = 1 again
* Access list(id/cat/tag) is converted in expended image-id list
* image-id list: converted to an in-where-clause
*
* The additionnal in-where-clause is return
*/
function ws_addControls( $methodName, &$params, $tbl_name )
{
global $conf, $calling_partner_id;
if ( !$conf['ws_access_control'] or !isset($calling_partner_id) )
{
return '1=1'; // No controls are requested
}
// Is it an active Partner?
$query = '
SELECT * FROM '.WEB_SERVICES_ACCESS_TABLE."
WHERE `name` = '$calling_partner_id'
AND NOW() <= end; ";
$result = pwg_query($query);
if ( mysql_num_rows( $result ) == 0 )
{
return '0=1'; // Unknown partner or Obsolate agreement
}
$row = mysql_fetch_array($result);
// Overide general object limit
$params['per_page'] = $row['limit'];
// Target restrict
// 3 cases: list, cat or tag
// Behind / we could found img-ids, cat-ids or tag-ids
$target = $row['access'];
if ( $target == '')
{
return '1=1'; // No controls are requested
}
list($type, $str_ids) = explode('/',$target); // Find type list
// (array) 1,2,21,3,22,4,5,9-12,6,11,12,13,2,4,6,
$arr_ids = expand_id_list( explode( ',',$str_ids ) );
$addings = implode(',', $arr_ids);
// (string) 1,2,3,4,5,6,9,10,11,12,13,21,22,
if ( $type == 'list')
{
return $tbl_name . 'id IN ( ' . $addings . ' ) ';
}
if ( $type == 'cat' )
{
$addings = implode(',', get_image_ids_for_cats($arr_ids));
return $tbl_name . 'id IN ( ' . $addings . ' ) ';
}
if ( $type == 'tag' )
{
$addings = implode(',', get_image_ids_for_tags($arr_ids, 'OR'));
return $tbl_name . 'id IN ( ' . $addings . ' ) ';
}
// Unmanaged new type?
return ' 0 = 1 '; // ???
}
/**
* returns a "standard" (for our web service) array of sql where clauses that
* filters the images (images table only)
@ -371,7 +272,6 @@ SELECT id, name, permalink, image_order
'visible_images' => 'i.id'
), null, true
);
$where_clauses[] = ws_addControls( 'categories.getImages', $params, 'i.' );
$order_by = ws_std_image_sql_order($params, 'i.');
if ( empty($order_by)
@ -609,9 +509,8 @@ SELECT * FROM '.IMAGES_TABLE.'
get_sql_condition_FandF(
array('visible_images' => 'id'),
' AND'
).' AND '.
ws_addControls( 'images.getInfo', $params, '' ).'
LIMIT 1;';
).'
LIMIT 1';
$image_row = mysql_fetch_assoc(pwg_query($query));
if ($image_row==null)
@ -1183,7 +1082,6 @@ SELECT image_id, GROUP_CONCAT(tag_id) tag_ids
'', true
);
$where_clauses[] = 'id IN ('.implode(',',$image_ids).')';
$where_clauses[] = ws_addControls( 'tags.getImages', $params, 'i.' );
$order_by = ws_std_image_sql_order($params);
if (empty($order_by))
@ -1266,54 +1164,4 @@ LIMIT '.$params['per_page']*$params['page'].','.$params['per_page'];
);
}
/**
* expand_id_list($ids) convert a human list expression to a full ordered list
* example : expand_id_list( array(5,2-3,2) ) returns array( 2, 3, 5)
* */
function expand_id_list($ids)
{
$tid = array();
foreach ( $ids as $id )
{
if ( is_numeric($id) )
{
$tid[] = (int) $id;
}
else
{
$range = explode( '-', $id );
if ( is_numeric($range[0]) and is_numeric($range[1]) )
{
$from = min($range[0],$range[1]);
$to = max($range[0],$range[1]);
for ($i = $from; $i <= $to; $i++)
{
$tid[] = (int) $i;
}
}
}
}
$result = array_unique ($tid); // remove duplicates...
sort ($result);
return $result;
}
/**
* converts a cat-ids array in image-ids array
* FIXME Function which should already exist somewhere else
* */
function get_image_ids_for_cats($cat_ids)
{
$cat_list = implode(',', $cat_ids);
$ret_ids = array();
$query = '
SELECT DISTINCT image_id
FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id in ('.$cat_list.')
;';
return array_from_query($query, 'image_id');
}
?>

46
install/db/75-database.php Normal file
View file

@ -0,0 +1,46 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based picture gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
if (!defined('PHPWG_ROOT_PATH'))
{
die('Hacking attempt!');
}
$upgrade_description = 'Add blk_menubar config';
// +-----------------------------------------------------------------------+
// | Upgrade content |
// +-----------------------------------------------------------------------+
$query = 'DROP TABLE IF EXISTS '.$prefixeTable.'ws_access';
pwg_query($query);
$upgrade_description = $query;
echo
"\n"
.'"'.$upgrade_description.'"'.' ended'
."\n"
;
?>

3
install/upgrade_1.6.2.php
View file

@ -169,6 +169,7 @@ CREATE TABLE `".PREFIX_TABLE."user_cache_categories` (
) TYPE=MyISAM
;",
/* TABLE DROPPED BEFORE Butterfly/Piwigo release - see later DROP IF EXISTS
"
CREATE TABLE `".PREFIX_TABLE."ws_access` (
`id` smallint(5) unsigned NOT NULL auto_increment,
@ -182,7 +183,7 @@ CREATE TABLE `".PREFIX_TABLE."ws_access` (
PRIMARY KEY (`id`),
UNIQUE KEY `ws_access_ui1` (`name`)
) TYPE=MyISAM COMMENT='Access for Web Services'
;",
;",*/
"
INSERT INTO ".PREFIX_TABLE."config

30
language/en_UK/admin.lang.php
View file

@ -465,36 +465,6 @@ $lang['is_default_group'] = 'default';
$lang['toggle_is_default_group'] = 'Toggle \'default group\' property';
$lang['Advanced_features'] = 'Advanced features';
$lang['Elements_not_linked'] = 'Not linked elements';
$lang['web_services'] = 'Web services ';
$lang['title_wscheck'] = ' Access management ';
$lang['ws_failed_upd'] = ' -> <strong>Uncompleted demand</strong> ';
$lang['ws_success_upd'] = ' -> Successfully completed ';
$lang['ws_adding_legend'] = ' Add a new partner access to Web Services ';
$lang['ws_update_legend'] = ' Revoke / Update selected partner access ';
$lang['ws_delete_legend'] = ' Revoke selected partner access ';
$lang['ws_Methods'] = ' Methods ';
$lang['ws_KeyName'] = ' Partner ';
$lang['ws_Access'] = ' Access ';
$lang['ws_Start'] = ' Start ';
$lang['ws_End'] = ' End ';
$lang['ws_Request'] = ' Request ';
$lang['ws_Limit'] = ' Limit ';
$lang['ws_Comment'] = ' Comment ';
$lang['Modify End from Now +'] = 'Modify End from Now + ';
$lang['Delete'] = ' Remove ';
$lang['Confidential partner key'] = 'Confidential partner key';
$lang['Basis of access key calculation'] = 'Basis of access key calculation';
$lang['Target'] = 'Target';
$lang['Access: see help text for more'] = 'Access: see help text for more';
$lang['Facultative and restrictive option'] = 'Facultative and restrictive option';
$lang['Postponed availability in days'] = 'Postponed availability in days';
$lang['Duration in days'] = 'Duration in days';
$lang['Restrict access to'] = 'Restrict access to';
$lang['Returned images limit'] = 'Returned images limit';
$lang['Comment to identify your partner clearly'] = 'Comment to identify your partner clearly';
$lang['Add this access definition'] = 'Add this access definition';
$lang['Web Services availability duration in days'] = 'Web Services availability duration in days';
$lang['Web Services under control'] = 'Piwigo Web Services are fully operationals and all requests are under control.';
$lang['special_admin_menu'] = 'Specials';
$lang['Duplicates'] = 'Files with same name in more than one physical category';

35
language/es_ES/admin.lang.php
View file

@ -338,7 +338,6 @@ $lang['permissions'] = 'Permisos';
$lang['private'] = 'intimidad';
$lang['properties'] = 'Propiedades';
$lang['public'] = 'público';
$lang['purge history'] = 'purgar la reseña histórica';
$lang['purge never used notification feeds'] = 'Purgar los flujos jamás utilizados de notificación';
$lang['purge sessions'] = 'Purgar las sesiones';
$lang['randomly represented'] = 'Representando al azar';
@ -466,41 +465,7 @@ $lang['is_default_group'] = 'por defecto';
$lang['toggle_is_default_group'] = 'Invertir la propiedad \'grupo por defecto\'';
$lang['Advanced_features'] = 'Funciones avanzadas';
$lang['Elements_not_linked'] = 'Elementos no atados';
$lang['web_services'] = 'Servicios Web ';
$lang['title_wscheck'] = ' Gestión de los accesos ';
$lang['ws_failed_upd'] = ' -> <strong>Operación no realizada</strong> ';
$lang['ws_success_upd'] = ' -> Acción realizada correctamente ';
$lang['ws_adding_legend'] = ' Añadido de un acceso compañero a los Servicios Web ';
$lang['ws_update_legend'] = ' Suprimir / Modificar el acceso del compañero seleccionado ';
$lang['ws_delete_legend'] = ' Suprimir definitivamente el acceso del compañero seleccionado ';
$lang['ws_Methods'] = ' Métodos ';
$lang['ws_KeyName'] = ' Compañero ';
$lang['ws_Access'] = ' Accesso ';
$lang['ws_Start'] = ' Principio ';
$lang['ws_End'] = ' Fin ';
$lang['ws_Request'] = 'Demanda';
$lang['ws_Limit'] = ' Límite ';
$lang['ws_Comment'] = ' Comentario ';
$lang['Modify End from Now +'] = 'Modificar el Fin por este instante + ';
$lang['Delete'] = ' Retirada ';
$lang['Confidential partner key'] = 'Llave confidencial';
$lang['Basis of access key calculation'] = 'Base de cálculo de la llave';
$lang['Target'] = 'Blanco';
$lang['Access: see help text for more'] = 'Acceso : ver la ayuda en línea';
$lang['Facultative and restrictive option'] = 'Opción facultativa y restrictiva';
$lang['Postponed availability in days'] = 'Saldo de disponibilidad en días';
$lang['Duration in days'] = 'Durada en días';
$lang['Restrict access to'] = 'Acceso restringindo a';
$lang['Returned images limit'] = 'Límite de transmision';
$lang['Comment to identify your partner clearly'] = 'Comentario que le permite identificar a su compañero fácilmente';
$lang['Add this access definition']= 'Añadir esta definición de acceso';
$lang['Web Services availability duration in days'] = 'Duración de abertura de los Servicios Web en días';
$lang['Web Services under control'] = 'Los Servicios Web de Piwigo totalmente son operativos y todas las demandas son controladas.';
$lang['special_admin_menu'] = 'Clases de matemáticas superiores';
$lang['note_check_exif'] = '%s debe ser puesto a "false" en su fichero config_local.inc.php porque el extejo no es sostenido.';
$lang['note_check_more_info'] = 'Vaya sobre %s or %s para más informaciones.';
$lang['note_check_more_info_forum'] = 'el foro';
$lang['note_check_more_info_wiki'] = 'el wiki';
$lang['Duplicates'] = 'Ficheros que llevan el mismo nombre en varias categorías físicas';
$lang['Export data'] = 'Exportar los datos';

30
language/fr_FR/admin.lang.php
View file

@ -465,36 +465,6 @@ $lang['is_default_group'] = 'par défaut';
$lang['toggle_is_default_group'] = 'Inverser la propriété \'groupe par défaut\'';
$lang['Advanced_features'] = 'Fonctions avancées';
$lang['Elements_not_linked'] = 'Eléments non liés';
$lang['web_services'] = 'Services Web ';
$lang['title_wscheck'] = ' Gestion des accès ';
$lang['ws_failed_upd'] = ' -> <strong>Opération non réalisée</strong> ';
$lang['ws_success_upd'] = ' -> Action réalisée correctement ';
$lang['ws_adding_legend'] = ' Ajout d\'un accès partenaire aux Services Web ';
$lang['ws_update_legend'] = ' Supprimer / Modifier l\'accès du partenaire sélectionné ';
$lang['ws_delete_legend'] = ' Supprimer définitivement l\'accès du partenaire sélectionné ';
$lang['ws_Methods'] = ' Méthodes ';
$lang['ws_KeyName'] = ' Partenaire ';
$lang['ws_Access'] = ' Access ';
$lang['ws_Start'] = ' Début ';
$lang['ws_End'] = ' Fin ';
$lang['ws_Request'] = 'Requête';
$lang['ws_Limit'] = ' Limite ';
$lang['ws_Comment'] = ' Commentaire ';
$lang['Modify End from Now +'] = 'Modifier la Fin par cet instant + ';
$lang['Delete'] = ' Retrait ';
$lang['Confidential partner key'] = 'Clé confidentielle';
$lang['Basis of access key calculation'] = 'Base de calcul de la clé';
$lang['Target'] = 'Cible';
$lang['Access: see help text for more'] = 'Accès: voir l\'aide en ligne';
$lang['Facultative and restrictive option'] = 'Option facultative et restrictive';
$lang['Postponed availability in days'] = 'Report de disponibilité en jours';
$lang['Duration in days'] = 'Durée en jours';
$lang['Restrict access to'] = 'Accès restreint à';
$lang['Returned images limit'] = 'Limite de transmision';
$lang['Comment to identify your partner clearly'] = 'Commentaire vous permettant d\'identifier votre partenaire facilement';
$lang['Add this access definition']= 'Ajouter cette définition d\'accès';
$lang['Web Services availability duration in days'] = 'Durée d\'ouverture des Services Web en jours';
$lang['Web Services under control'] = 'Les Services Web de Piwigo sont totalement operationnels et toutes les requêtes sont contrôlées.';
$lang['special_admin_menu'] = 'Spéciales';
$lang['Duplicates'] = 'Fichiers portant le même nom dans plusieurs catégories physiques';

30
language/it_IT/admin.lang.php
View file

@ -465,36 +465,6 @@ $lang['is_default_group'] = 'di default';
$lang['toggle_is_default_group'] = 'Invertire la proprietà "gruppo di default"';
$lang['Advanced_features'] = 'Funzioni avanzate';
$lang['Elements_not_linked'] = 'Elementi sciolti';
$lang['web_services'] = 'Servizzi Web ';
$lang['title_wscheck'] = ' Gestione degli accessi ';
$lang['ws_failed_upd'] = ' -> <strong>Operazione non efettuata</strong> ';
$lang['ws_success_upd'] = ' -> Operazione realizzata correttamente ';
$lang['ws_adding_legend'] = ' Aggiungere un nuovo accesso partner ai Servizi Web ';
$lang['ws_update_legend'] = ' Cancellare / Modificare l\'accesso del partner selezionato ';
$lang['ws_delete_legend'] = ' Cancellare definitivamente l\'accesso del partner selezionato ';
$lang['ws_Methods'] = ' Methods ';
$lang['ws_KeyName'] = ' Partner ';
$lang['ws_Access'] = ' Access ';
$lang['ws_Start'] = ' Inizzio ';
$lang['ws_End'] = ' Fine ';
$lang['ws_Request'] = ' Selezione ';
$lang['ws_Limit'] = ' Limite ';
$lang['ws_Comment'] = ' Commento ';
$lang['Modify End from Now +'] = 'Modificare la Fine da quest\'instante + ';
$lang['Delete'] = ' Togliere ';
$lang['Confidential partner key'] = 'Chiave confidentiale';
$lang['Basis of access key calculation'] = 'Base di calcolo della chiave';
$lang['Target'] = 'Target';
$lang['Access: see help text for more'] = 'Accesso: vedere aiuto on line';
$lang['Facultative and restrictive option'] = 'Opzione facoltativa e restrittiva';
$lang['Postponed availability in days'] = 'Disponibilità posposta in giorni';
$lang['Duration in days'] = 'Durata in giorni';
$lang['Restrict access to'] = 'Accesso limitato a';
$lang['Returned images limit'] = 'Limite di trasferimento';
$lang['Comment to identify your partner clearly'] = 'Commento che vi permetterà di identificare il vostro partner facilmente';
$lang['Add this access definition']= 'Aggiungere questa definizione d\'accesso';
$lang['Web Services availability duration in days'] = 'Durata d\'appertura dei Servizzi Web in giorni';
$lang['Web Services under control'] = 'I Servizzi Web di Piwigo sono totalmente operativi e tutte le selezioni sono controllate.';
$lang['special_admin_menu'] = 'Speciale';
$lang['Duplicates'] = 'File con stesso nome in più di una categoria fisica';

35
language/nl_NL/admin.lang.php
View file

@ -338,7 +338,6 @@ $lang['permissions'] = 'Rechten';
$lang['private'] = 'private';
$lang['properties'] = 'Eigenschappen';
$lang['public'] = 'publiek';
$lang['purge history'] = 'verwijder geschiedenis';
$lang['purge never used notification feeds'] = 'verwijder nimmer gebruikte meldingen';
$lang['purge sessions'] = 'verwijder sessies';
$lang['randomly represented'] = 'willekeurig represented';
@ -466,41 +465,7 @@ $lang['is_default_group'] = 'standaard';
$lang['toggle_is_default_group'] = 'Aanpassen \'standaard groep\' eigenschap';
$lang['Advanced_features'] = 'Geavanceerde functies';
$lang['Elements_not_linked'] = 'Niet gelinkte elementen';
$lang['web_services'] = 'Web services ';
$lang['title_wscheck'] = ' Toegangsbeheer';
$lang['ws_failed_upd'] = ' -> <strong>Niet voltooide eis</strong> ';
$lang['ws_success_upd'] = ' -> Succesvol afgerond ';
$lang['ws_adding_legend'] = ' Voeg een nieuwe partner toegang toe aan Web Services ';
$lang['ws_update_legend'] = ' Ongedaan maken / bijwerken geselecteerde partner toegangaccess ';
$lang['ws_delete_legend'] = ' Maak geselecteerde partner toegang ongedaan';
$lang['ws_Methods'] = ' Methode ';
$lang['ws_KeyName'] = ' Partner ';
$lang['ws_Access'] = ' Toegang ';
$lang['ws_Start'] = ' Start ';
$lang['ws_End'] = ' Eind ';
$lang['ws_Request'] = ' Vraag ';
$lang['ws_Limit'] = ' Limiet ';
$lang['ws_Comment'] = ' Commentaar ';
$lang['Modify End from Now +'] = 'Verander eind vanaf hier + ';
$lang['Delete'] = ' Verwijderen ';
$lang['Confidential partner key'] = 'Vertrouwelijke partner sleutel';
$lang['Basis of access key calculation'] = 'Basis van de toegangssleutel berekening';
$lang['Target'] = 'Doel';
$lang['Access: see help text for more'] = 'Toegang: Zie help tekst voor meer info';
$lang['Facultative and restrictive option'] = 'Facultatieve en restrictieve optie ';
$lang['Postponed availability in days'] = 'Uitgestelde beschikbaarheid in dagen';
$lang['Duration in days'] = 'Duur in dagen';
$lang['Restrict access to'] = 'Beperk toegang tot';
$lang['Returned images limit'] = 'Teruggekeerde beeldengrens';
$lang['Comment to identify your partner clearly'] = 'Commentaar om je partner te identificeren';
$lang['Add this access definition'] = 'Toevoegen toegangs defenitie';
$lang['Web Services availability duration in days'] = 'Web Services beschikbaar in aantal dagen';
$lang['Web Services under control'] = 'Piwigo Web Services zijn volledig operationeel en alle verzoeken worden uitgevoerd.';
$lang['special_admin_menu'] = 'Speciaal';
$lang['note_check_exif'] = '%s moet ingesteld zijn op false in je config_local.inc.php omdat exif niet ondersteund wordt.';
$lang['note_check_more_info'] = 'Ga naar %s of %s voor meer informatie.';
$lang['note_check_more_info_forum'] = 'het forum';
$lang['note_check_more_info_wiki'] = 'de wiki';
$lang['Duplicates'] = 'Bestanden met de zelfde naam in meer dan één physieke categorie';
$lang['Export data'] = 'Exporteer data';

7
ws.php
View file

@ -128,7 +128,7 @@ function ws_addDefaultMethods( $arr )
),
'Returns elements for the corresponding query search.'
);
$service->addMethod(
'pwg.images.setPrivacyLevel',
'ws_images_setPrivacyLevel',
@ -192,14 +192,9 @@ add_event_handler('ws_add_methods', 'ws_addDefaultMethods');
add_event_handler('ws_invoke_allowed', 'ws_isInvokeAllowed', EVENT_HANDLER_PRIORITY_NEUTRAL, 3);
$calling_partner_id = '';
$requestFormat = null;
$responseFormat = null;
if ( isset($_GET['partner']) )
{
$calling_partner_id = $_GET['partner'];
}
if ( isset($_GET['format']) )
{
$responseFormat = $_GET['format'];