aboutsummaryrefslogtreecommitdiffstats
path: root/upload.php
diff options
context:
space:
mode:
authorrub <rub@piwigo.org>2008-05-02 21:56:21 +0000
committerrub <rub@piwigo.org>2008-05-02 21:56:21 +0000
commit5436a351ef6dd685483f022af6656bbf8b797cb6 (patch)
tree8d963ace1e57b404726500753111649d144527c6 /upload.php
parent7942dccf9b682d359a89636528e96af5b38327da (diff)
Resolved issue 0000823: Enhance upload functionalities
First commit, others will be follow. Not hesitate to change my translations. Add upload configuration tabsheet (move and add configuration) Change and add define for access level Can show upload link every time Can restrict access upload.class.php Can choice category on upload page Add upload class not use for the moment Review quickly and temporary style of upload.tpl git-svn-id: http://piwigo.org/svn/trunk@2325 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--upload.php86
1 files changed, 69 insertions, 17 deletions
diff --git a/upload.php b/upload.php
index 97b1f99af..83131c80d 100644
--- a/upload.php
+++ b/upload.php
@@ -20,17 +20,32 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
+
define('PHPWG_ROOT_PATH','./');
-include_once( PHPWG_ROOT_PATH.'include/common.inc.php' );
-check_status(ACCESS_GUEST);
+// +-----------------------------------------------------------------------+
+// | Includes |
+// +-----------------------------------------------------------------------+
+include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
+include_once(PHPWG_ROOT_PATH.'include/upload.class.php');
-$username = !empty($_POST['username'])?$_POST['username']:$user['username'];
-$mail_address = !empty($_POST['mail_address'])?$_POST['mail_address']:@$user['mail_address'];
-$name = !empty($_POST['name'])?$_POST['name']:'';
-$author = !empty($_POST['author'])?$_POST['author']:'';
-$date_creation = !empty($_POST['date_creation'])?$_POST['date_creation']:'';
-$comment = !empty($_POST['comment'])?$_POST['comment']:'';
+// +-----------------------------------------------------------------------+
+// | Check Access and exit when user status is not ok |
+// +-----------------------------------------------------------------------+
+check_status($conf['upload_user_access']);
+
+// +-----------------------------------------------------------------------+
+// | Create upload object |
+// +-----------------------------------------------------------------------+
+$upload = new Upload();
+
+
+$username = !empty($_POST['username']) ? $_POST['username']:(is_classic_user() ? $user['username'] : '');
+$mail_address = !empty($_POST['mail_address']) ? $_POST['mail_address'] : (is_classic_user() ? $user['email'] : '');
+$name = !empty($_POST['name']) ? $_POST['name'] : '';
+$author = !empty($_POST['author']) ? $_POST['author'] : (is_classic_user() ? $user['username'] : '');
+$date_creation = !empty($_POST['date_creation']) ? $_POST['date_creation'] : '';
+$comment = !empty($_POST['comment']) ? $_POST['comment'] : '';
//------------------------------------------------------------------- functions
// The validate_upload function checks if the image of the given path is valid.
@@ -121,24 +136,42 @@ function validate_upload( $temp_name, $my_max_file_size,
}
//-------------------------------------------------- access authorization check
+if (isset($_POST['category']) and is_numeric($_POST['category']))
+{
+ $page['category'] = $_POST['category'];
+}
+else
if (isset($_GET['cat']) and is_numeric($_GET['cat']))
{
$page['category'] = $_GET['cat'];
}
+else
+{
+ $page['category'] = null;
+}
-if (isset($page['category']))
+if (! empty($page['category']))
{
- check_restrictions( $page['category'] );
- $category = get_cat_info( $page['category'] );
- $category['cat_dir'] = get_complete_dir( $page['category'] );
+ check_restrictions($page['category']);
+ $category = get_cat_info($page['category']);
+ $category['cat_dir'] = get_complete_dir($page['category']);
if (url_is_remote($category['cat_dir']) or !$category['uploadable'])
{
page_forbidden('upload not allowed');
}
}
-else { // $page['category'] may be set by a futur plugin but without it
- bad_request('invalid parameters');
+else
+{
+ if (isset($_POST['submit']))
+ {
+ // $page['category'] may be set by a futur plugin but without it
+ bad_request('invalid parameters');
+ }
+ else
+ {
+ $category = null;
+ }
}
$error = array();
@@ -147,6 +180,7 @@ if ( isset( $_GET['waiting_id'] ) )
{
$page['waiting_id'] = $_GET['waiting_id'];
}
+
//-------------------------------------------------------------- picture upload
// verfying fields
if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
@@ -296,6 +330,25 @@ $page['body_id'] = 'theUploadPage';
include(PHPWG_ROOT_PATH.'include/page_header.php');
$template->set_filenames(array('upload'=>'upload.tpl'));
+// Load category list
+$query = '
+SELECT
+ id, name, uppercats, global_rank
+FROM '.CATEGORIES_TABLE.' INNER JOIN '.USER_CACHE_CATEGORIES_TABLE.'
+ ON id = cat_id and user_id = '.$user['id'].'
+WHERE
+ uploadable = \'true\'
+ '.get_sql_condition_FandF
+ (
+ array
+ (
+ 'visible_categories' => 'id',
+ ),
+ 'AND'
+ ).'
+;';
+display_select_cat_wrapper($query, array($page['category']), 'categories');
+
$u_form = PHPWG_ROOT_PATH.'upload.php?cat='.$page['category'];
if ( isset( $page['waiting_id'] ) )
{
@@ -304,12 +357,11 @@ $u_form.= '&amp;waiting_id='.$page['waiting_id'];
if ( isset( $page['waiting_id'] ) )
{
- $advise_title=l10n('upload_advise_thumbnail').$_FILES['picture']['name'];
+ $advise_title = l10n('upload_advise_thumbnail').$_FILES['picture']['name'];
}
else
{
- $advise_title = l10n('upload_advise');
- $advise_title.= get_cat_display_name($category['upper_names']);
+ $advise_title = l10n('Choose an image');
}
$template->assign(