diff options
author | rvelices <rv-github@modusoptimus.com> | 2009-12-18 21:12:41 +0000 |
---|---|---|
committer | rvelices <rv-github@modusoptimus.com> | 2009-12-18 21:12:41 +0000 |
commit | 8c051ea526b4c8436e5fd33c7e2deeecc278da9f (patch) | |
tree | c2a2f69df07f5752c6082e3965eaacfa9335c8da | |
parent | 975188d088f7dc554df05048091d6c6ebe43580d (diff) |
merge -r4512 from branch 2.0 to trunk
web method images.setPrivacyLevel (ws_images_setPrivacyLevel) is POST only
git-svn-id: http://piwigo.org/svn/trunk@4513 68402e56-0260-453c-a942-63ccdbb3a9ee
-rw-r--r-- | include/calendar_weekly.class.php | 4 | ||||
-rw-r--r-- | include/ws_functions.inc.php | 37 | ||||
-rw-r--r-- | template-common/scripts.js | 24 | ||||
-rw-r--r-- | template/yoga/picture.tpl | 1 | ||||
-rw-r--r-- | ws.php | 8 |
5 files changed, 46 insertions, 28 deletions
diff --git a/include/calendar_weekly.class.php b/include/calendar_weekly.class.php index a8a167679..f8df4afc6 100644 --- a/include/calendar_weekly.class.php +++ b/include/calendar_weekly.class.php @@ -54,11 +54,11 @@ class Calendar extends CalendarBase 'labels' => null ), array( - 'sql'=> pwg_db_get_week($this->date_field)+1, + 'sql'=> pwg_db_get_week($this->date_field).'+1', 'labels' => $week_no_labels, ), array( - 'sql'=> pwg_db_get_dayofweek($this->date_field)-1, + 'sql'=> pwg_db_get_dayofweek($this->date_field).'-1', 'labels' => $lang['day'] ), ); diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php index 432485dcf..23e3b18dd 100644 --- a/include/ws_functions.inc.php +++ b/include/ws_functions.inc.php @@ -855,6 +855,10 @@ function ws_images_setPrivacyLevel($params, &$service) { return new PwgError(401, 'Access denied'); } + if (!$service->isPost()) + { + return new PwgError(405, "This method requires HTTP POST"); + } $params['image_id'] = array_map( 'intval',$params['image_id'] ); if ( empty($params['image_id']) ) { @@ -865,6 +869,7 @@ function ws_images_setPrivacyLevel($params, &$service) { return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level"); } + $query = ' UPDATE '.IMAGES_TABLE.' SET level='.(int)$params['level'].' @@ -950,14 +955,14 @@ function merge_chunks($output_filepath, $original_sum, $type) if (is_file($output_filepath)) { unlink($output_filepath); - + if (is_file($output_filepath)) { new PwgError(500, '[merge_chunks] error while trying to remove existing '.$output_filepath); exit(); } } - + $upload_dir = PHPWG_ROOT_PATH.'upload/buffer'; $pattern = '/'.$original_sum.'-'.$type.'/'; $chunks = array(); @@ -982,7 +987,7 @@ function merge_chunks($output_filepath, $original_sum, $type) } $i = 0; - + foreach ($chunks as $chunk) { $string = file_get_contents($chunk); @@ -1014,7 +1019,7 @@ function add_file($file_path, $type, $original_sum, $file_sum) $file_path = file_path_for_type($file_path, $type); $upload_dir = dirname($file_path); - + if (!is_dir($upload_dir)) { umask(0000); $recursive = true; @@ -1101,7 +1106,7 @@ SELECT // update basic metadata from file // $update = array(); - + if ('high' == $params['type']) { $update['high_filesize'] = $infos['filesize']; @@ -1120,7 +1125,7 @@ SELECT if (count($update) > 0) { $update['id'] = $params['image_id']; - + include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); mass_updates( IMAGES_TABLE, @@ -1839,7 +1844,7 @@ function ws_add_image_category_relations($image_id, $categories_string, $replace ); exit(); } - + $query = ' SELECT id @@ -1857,9 +1862,9 @@ SELECT ); exit(); } - + $to_update_cat_ids = array(); - + // in case of replace mode, we first check the existing associations $query = ' SELECT @@ -1884,13 +1889,13 @@ DELETE update_category($to_remove_cat_ids); } } - + $new_cat_ids = array_diff($cat_ids, $existing_cat_ids); if (count($new_cat_ids) == 0) { return true; } - + if ($search_current_ranks) { $query = ' @@ -1914,16 +1919,16 @@ SELECT { $current_rank_of[$cat_id] = 0; } - + if ('auto' == $rank_on_category[$cat_id]) { $rank_on_category[$cat_id] = $current_rank_of[$cat_id] + 1; } } } - + $inserts = array(); - + foreach ($new_cat_ids as $cat_id) { array_push( @@ -1935,14 +1940,14 @@ SELECT ) ); } - + include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); mass_inserts( IMAGE_CATEGORY_TABLE, array_keys($inserts[0]), $inserts ); - + update_category($new_cat_ids); } diff --git a/template-common/scripts.js b/template-common/scripts.js index 519786ab7..d4595435b 100644 --- a/template-common/scripts.js +++ b/template-common/scripts.js @@ -111,8 +111,9 @@ PwgWS.prototype = { } this.transport.onreadystatechange = this.onStateChange.pwgBind(this); - var url = this.urlRoot; - url += "ws.php?format=json&method="+method; + var url = this.urlRoot+"ws.php?format=json"; + + var body = "method="+method; if (parameters) { for (var property in parameters) @@ -120,14 +121,25 @@ PwgWS.prototype = { if ( typeof parameters[property] == 'object' && parameters[property]) { for (var i=0; i<parameters[property].length; i++) - url += "&"+property+"[]="+encodeURIComponent(parameters[property][i]); + body += "&"+property+"[]="+encodeURIComponent(parameters[property][i]); } else - url += "&"+property+"="+encodeURIComponent(parameters[property]); + body += "&"+property+"="+encodeURIComponent(parameters[property]); } } - this.transport.open(this.options.method, url, this.options.async); - this.transport.send(null); + + if (this.options.method == "POST" ) + { + this.transport.open(this.options.method, url, this.options.async); + this.transport.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); + this.transport.send(body); + } + else + { + url += "&"+body; + this.transport.open(this.options.method, url, this.options.async); + this.transport.send(null); + } }, onStateChange: function() { diff --git a/template/yoga/picture.tpl b/template/yoga/picture.tpl index e8c7d9609..0572c8e07 100644 --- a/template/yoga/picture.tpl +++ b/template/yoga/picture.tpl @@ -214,6 +214,7 @@ var y = new PwgWS(rootUrl); y.callService( "pwg.images.setPrivacyLevel", {image_id: id, level:level} , { + method: "POST", onFailure: function(num, text) { selectElement.disabled = false; alert(num + " " + text); }, onSuccess: function(result) { selectElement.disabled = false; } } @@ -136,7 +136,7 @@ function ws_addDefaultMethods( $arr ) 'image_id' => array('flags'=>WS_PARAM_FORCE_ARRAY), 'level' => array('maxValue'=>$conf['available_permission_levels']), ), - 'sets the privacy levels for the images' + 'sets the privacy levels for the images (POST method only)' ); $service->addMethod('pwg.session.getStatus', 'ws_session_getStatus', null, '' ); @@ -278,7 +278,7 @@ function ws_addDefaultMethods( $arr ) 'ws_images_setInfo', array( 'image_id' => array(), - + 'name' => array('default' => null), 'author' => array('default' => null), 'date_creation' => array('default' => null), @@ -297,13 +297,13 @@ function ws_addDefaultMethods( $arr ) <br><b>single_value_mode</b> can be "fill_if_empty" (only use the input value if the corresponding values is currently empty) or "replace" (overwrite any existing value) and applies to single values properties like name/author/date_creation/comment <br><b>multiple_value_mode</b> can be "append" (no change on existing values, add the new values) or "replace" and applies to multiple values properties like tag_ids/categories' ); - + $service->addMethod( 'pwg.categories.setInfo', 'ws_categories_setInfo', array( 'category_id' => array(), - + 'name' => array('default' => null), 'comment' => array('default' => null), ), |