aboutsummaryrefslogtreecommitdiffstats
path: root/admin/album_notification.php
diff options
context:
space:
mode:
Diffstat (limited to 'admin/album_notification.php')
-rw-r--r--admin/album_notification.php180
1 files changed, 154 insertions, 26 deletions
diff --git a/admin/album_notification.php b/admin/album_notification.php
index 4dd578b1a..977c7b43a 100644
--- a/admin/album_notification.php
+++ b/admin/album_notification.php
@@ -46,7 +46,7 @@ $page['cat'] = $category['id'];
// +-----------------------------------------------------------------------+
// info by email to an access granted group of category informations
-if (isset($_POST['submitEmail']) and !empty($_POST['group']))
+if (isset($_POST['submitEmail']))
{
set_make_full_url();
@@ -80,41 +80,111 @@ SELECT id, file, path, representative_ext
}
}
- pwg_mail_group(
- $_POST['group'],
- array(
- 'subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')),
- // TODO : change this language variable to 'Visit album %s'
- // TODO : 'language_selected' => ....
- ),
- array(
- 'filename' => 'cat_group_info',
- 'assign' => array(
- 'IMG' => $img,
- 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
- 'LINK' => make_index_url(array(
- 'category' => array(
- 'id' => $category['id'],
- 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
- 'permalink' => $category['permalink']
- )
- )),
- 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']),
- )
+ $args = array(
+ 'subject' => l10n('[%s] Visit album %s', $conf['gallery_title'], trigger_change('render_category_name', $category['name'], 'admin_cat_list')),
+ // TODO : change this language variable to 'Visit album %s'
+ // TODO : 'language_selected' => ....
+ );
+
+ $tpl = array(
+ 'filename' => 'cat_group_info',
+ 'assign' => array(
+ 'IMG' => $img,
+ 'CAT_NAME' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
+ 'LINK' => make_index_url(
+ array(
+ 'category' => array(
+ 'id' => $category['id'],
+ 'name' => trigger_change('render_category_name', $category['name'], 'admin_cat_list'),
+ 'permalink' => $category['permalink']
+ )
+ )
+ ),
+ 'CPL_CONTENT' => empty($_POST['mail_content']) ? '' : stripslashes($_POST['mail_content']),
)
);
- unset_make_full_url();
+ if ('users' == $_POST['who'] and isset($_POST['users']) and count($_POST['users']) > 0)
+ {
+ check_input_parameter('users', $_POST, true, PATTERN_ID);
- $query = '
+ // TODO code very similar to function pwg_mail_group. We'd better create
+ // a function pwg_mail_users that could be called from here and from
+ // pwg_mail_group
+
+ // TODO to make checks even better, we should check that theses users
+ // have access to this album. No real privacy issue here, even if we
+ // send the email to a user without permission.
+
+ $query = '
+SELECT
+ ui.user_id,
+ ui.status,
+ ui.language,
+ u.'.$conf['user_fields']['email'].' AS email,
+ u.'.$conf['user_fields']['username'].' AS username
+ FROM '.USER_INFOS_TABLE.' AS ui
+ JOIN '.USERS_TABLE.' AS u ON u.'.$conf['user_fields']['id'].' = ui.user_id
+ WHERE ui.user_id IN ('.implode(',', $_POST['users']).')
+;';
+ $users = query2array($query);
+ $usernames = array();
+
+ foreach ($users as $u)
+ {
+ $usernames[] = $u['username'];
+
+ $authkey = create_user_auth_key($u['user_id'], $u['status']);
+
+ $user_tpl = $tpl;
+
+ if ($authkey !== false)
+ {
+ $user_tpl['assign']['LINK'] = add_url_params($tpl['assign']['LINK'], array('auth' => $authkey['auth_key']));
+
+ if (isset($user_tpl['assign']['IMG']['link']))
+ {
+ $user_tpl['assign']['IMG']['link'] = add_url_params(
+ $user_tpl['assign']['IMG']['link'],
+ array('auth' => $authkey['auth_key'])
+ );
+ }
+ }
+
+ $user_args = $args;
+ if (isset($authkey))
+ {
+ $user_args['auth_key'] = $authkey['auth_key'];
+ }
+
+ switch_lang_to($u['language']);
+ pwg_mail($u['email'], $user_args, $user_tpl);
+ switch_lang_back();
+ }
+
+ $message = l10n_dec('%d mail was sent.', '%d mails were sent.', count($users));
+ $message.= ' ('.implode(', ', $usernames).')';
+
+ $page['infos'][] = $message;
+ }
+ elseif ('group' == $_POST['who'] and !empty($_POST['group']))
+ {
+ check_input_parameter('group', $_POST, false, PATTERN_ID);
+
+ pwg_mail_group($_POST['group'], $args, $tpl);
+
+ $query = '
SELECT
name
FROM '.GROUPS_TABLE.'
WHERE id = '.$_POST['group'].'
;';
- list($group_name) = pwg_db_fetch_row(pwg_query($query));
+ list($group_name) = pwg_db_fetch_row(pwg_query($query));
- $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
+ $page['infos'][] = l10n('An information email was sent to group "%s"', $group_name);
+ }
+
+ unset_make_full_url();
}
// +-----------------------------------------------------------------------+
@@ -189,6 +259,64 @@ SELECT
}
}
+// all users with status != guest and permitted to this this album (for a
+// perfect search, we should also check that album is not only filled with
+// private photos)
+$query = '
+SELECT
+ user_id
+ FROM '.USER_INFOS_TABLE.'
+ WHERE status != \'guest\'
+;';
+$all_user_ids = query2array($query, null, 'user_id');
+
+if ('private' == $category['status'])
+{
+ $user_ids_access_indirect = array();
+
+ if (isset($group_ids) and count($group_ids) > 0)
+ {
+ $query = '
+SELECT
+ user_id
+ FROM '.USER_GROUP_TABLE.'
+ WHERE group_id IN ('.implode(',', $group_ids).')
+';
+ $user_ids_access_indirect = query2array($query, null, 'user_id');
+ }
+
+ $query = '
+SELECT
+ user_id
+ FROM '.USER_ACCESS_TABLE.'
+ WHERE cat_id = '.$category['id'].'
+;';
+ $user_ids_access_direct = query2array($query, null, 'user_id');
+
+ $user_ids_access = array_unique(array_merge($user_ids_access_direct, $user_ids_access_indirect));
+
+ $user_ids = array_intersect($user_ids_access, $all_user_ids);
+}
+else
+{
+ $user_ids = $all_user_ids;
+}
+
+if (count($user_ids) > 0)
+{
+ $query = '
+SELECT
+ '.$conf['user_fields']['id'].' AS id,
+ '.$conf['user_fields']['username'].' AS username
+ FROM '.USERS_TABLE.'
+ WHERE id IN ('.implode(',', $user_ids).')
+;';
+
+ $users = query2array($query, 'id', 'username');
+
+ $template->assign('user_options', $users);
+}
+
// +-----------------------------------------------------------------------+
// | sending html code |
// +-----------------------------------------------------------------------+