aboutsummaryrefslogtreecommitdiffstats
path: root/plugins/AdminTools/include
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--plugins/AdminTools/include/MultiView.class.php310
-rw-r--r--plugins/AdminTools/include/events.inc.php312
-rw-r--r--plugins/AdminTools/include/index.php7
3 files changed, 629 insertions, 0 deletions
diff --git a/plugins/AdminTools/include/MultiView.class.php b/plugins/AdminTools/include/MultiView.class.php
new file mode 100644
index 000000000..21c2560fa
--- /dev/null
+++ b/plugins/AdminTools/include/MultiView.class.php
@@ -0,0 +1,310 @@
+<?php
+defined('ADMINTOOLS_PATH') or die('Hacking attempt!');
+
+/**
+ * Class managing multi views system
+ */
+class MultiView
+{
+ /** @var bool $is_admin */
+ private $is_admin = false;
+
+ /** @var array $data */
+ private $data = array();
+ private $data_url_params = array();
+
+ /** @var array $user */
+ private $user = array();
+
+ /**
+ * Constructor, load $data from session
+ */
+ function __construct()
+ {
+ global $conf;
+
+ $this->data = array_merge(
+ array(
+ 'view_as' => 0,
+ 'theme' => '',
+ 'lang' => '',
+ 'show_queries' => $conf['show_queries'],
+ 'debug_l10n' => $conf['debug_l10n'],
+ 'debug_template' => $conf['debug_template'],
+ 'template_combine_files' => $conf['template_combine_files'],
+ 'no_history' => false,
+ ),
+ pwg_get_session_var('multiview', array())
+ );
+
+ $this->data_url_params = array_keys($this->data);
+ $this->data_url_params = array_map(create_function('$d', 'return "ato_".$d;'), $this->data_url_params);
+ }
+
+ /**
+ * @return bool
+ */
+ public function is_admin()
+ {
+ return $this->is_admin;
+ }
+
+ /**
+ * @return array
+ */
+ public function get_data()
+ {
+ return $this->data;
+ }
+
+ /**
+ * @return array
+ */
+ public function get_user()
+ {
+ return $this->user;
+ }
+
+ /**
+ * Save $data in session
+ */
+ private function save()
+ {
+ pwg_set_session_var('multiview', $this->data);
+ }
+
+ /**
+ * Returns the current url minus MultiView params
+ *
+ * @param bool $with_amp - adds ? or & at the end of the url
+ * @return string
+ */
+ public function get_clean_url($with_amp=false)
+ {
+ if (script_basename() == 'picture')
+ {
+ $url = duplicate_picture_url(array(), $this->data_url_params);
+ }
+ else if (script_basename() == 'index')
+ {
+ $url = duplicate_index_url(array(), $this->data_url_params);
+ }
+ else
+ {
+ $url = get_query_string_diff($this->data_url_params);
+ }
+
+ if ($with_amp)
+ {
+ $url.= strpos($url, '?')!==false ? '&' : '?';
+ }
+
+ return $url;
+ }
+
+ /**
+ * Triggered on "user_init", change current view depending of URL params.
+ */
+ public function user_init()
+ {
+ global $user, $conf;
+
+ $this->is_admin = is_admin();
+
+ $this->user = array(
+ 'id' => $user['id'],
+ 'username' => $user['username'],
+ 'language' => $user['language'],
+ 'theme' => $user['theme'],
+ );
+
+ // inactive on ws.php to allow AJAX admin tasks
+ if ($this->is_admin && script_basename() != 'ws')
+ {
+ if ($this->data['view_as'] == 0)
+ {
+ $this->data['view_as'] = $user['id'];
+ }
+ if (empty($this->data['lang']))
+ {
+ $this->data['lang'] = $user['language'];
+ }
+ if (empty($this->data['theme']))
+ {
+ $this->data['theme'] = $user['theme'];
+ }
+
+ // view_as
+ if (!defined('IN_ADMIN'))
+ {
+ if (isset($_GET['ato_view_as']))
+ {
+ $this->data['view_as'] = (int)$_GET['ato_view_as'];
+ }
+ if ($this->data['view_as'] != $user['id'])
+ {
+ $user = build_user($this->data['view_as'], true);
+ if (isset($_GET['ato_view_as']))
+ {
+ $this->data['theme'] = $user['theme'];
+ $this->data['lang'] = $user['language'];
+ }
+ }
+ }
+
+ // theme
+ if (isset($_GET['ato_theme']))
+ {
+ $this->data['theme'] = $_GET['ato_theme'];
+ }
+ $user['theme'] = $this->data['theme'];
+
+ // lang
+ if (isset($_GET['ato_lang']))
+ {
+ $this->data['lang'] = $_GET['ato_lang'];
+ }
+ $user['language'] = $this->data['lang'];
+
+ // show_queries
+ if (isset($_GET['ato_show_queries']))
+ {
+ $this->data['show_queries'] = (bool)$_GET['ato_show_queries'];
+ }
+ $conf['show_queries'] = $this->data['show_queries'];
+
+ // debug_l10n
+ if (isset($_GET['ato_debug_l10n']))
+ {
+ $this->data['debug_l10n'] = (bool)$_GET['ato_debug_l10n'];
+ }
+ $conf['debug_l10n'] = $this->data['debug_l10n'];
+
+ // debug_template
+ if (isset($_GET['ato_debug_template']))
+ {
+ $this->data['debug_template'] = (bool)$_GET['ato_debug_template'];
+ }
+ $conf['debug_template'] = $this->data['debug_template'];
+
+ // template_combine_files
+ if (isset($_GET['ato_template_combine_files']))
+ {
+ $this->data['template_combine_files'] = (bool)$_GET['ato_template_combine_files'];
+ }
+ $conf['template_combine_files'] = $this->data['template_combine_files'];
+
+ // no_history
+ if (isset($_GET['ato_no_history']))
+ {
+ $this->data['no_history'] = (bool)$_GET['ato_no_history'];
+ }
+ if ($this->data['no_history'])
+ {
+ add_event_handler('pwg_log_allowed', create_function('', 'return false;'));
+ }
+
+ $this->save();
+ }
+ }
+
+ /**
+ * Returns the language of the current user if different from the current language
+ * false otherwise
+ */
+ function get_user_language()
+ {
+ if (isset($this->user['language']) && isset($this->data['lang'])
+ && $this->user['language'] != $this->data['lang']
+ )
+ {
+ return $this->user['language'];
+ }
+ return false;
+ }
+
+ /**
+ * Triggered on "init", in order to clean template files (not initialized on "user_init")
+ */
+ public function init()
+ {
+ if ($this->is_admin)
+ {
+ if (isset($_GET['ato_purge_template']))
+ {
+ global $template;
+ $template->delete_compiled_templates();
+ FileCombiner::clear_combined_files();
+ }
+ }
+ }
+
+ /**
+ * Mark browser session cache for deletion
+ */
+ public static function invalidate_cache()
+ {
+ global $conf;
+ conf_update_param('multiview_invalidate_cache', true, true);
+ }
+
+ /**
+ * Register custom API methods
+ */
+ public static function register_ws($arr)
+ {
+ $service = &$arr[0];
+
+ $service->addMethod(
+ 'multiView.getData',
+ array('MultiView', 'ws_get_data'),
+ array(),
+ 'AdminTools private method.',
+ null,
+ array('admin_only' => true, 'hidden' => true)
+ );
+ }
+
+ /**
+ * API method
+ * Return full list of users, themes and languages
+ */
+ public static function ws_get_data($params)
+ {
+ global $conf;
+
+ // get users
+ $query = '
+SELECT
+ '.$conf['user_fields']['id'].' AS id,
+ '.$conf['user_fields']['username'].' AS username
+FROM '.USERS_TABLE.'
+ ORDER BY CONVERT('.$conf['user_fields']['username'].', CHAR)
+;';
+ $out['users'] = array_from_query($query);
+
+ // get themes
+ include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
+ $themes = new themes();
+ foreach (array_keys($themes->db_themes_by_id) as $theme)
+ {
+ if (!empty($theme))
+ {
+ $out['themes'][] = $theme;
+ }
+ }
+
+ // get languages
+ foreach (get_languages() as $code => $name)
+ {
+ $out['languages'][] = array(
+ 'id' => $code,
+ 'name' => $name,
+ );
+ }
+
+ conf_delete_param('multiview_invalidate_cache');
+
+ return $out;
+ }
+} \ No newline at end of file
diff --git a/plugins/AdminTools/include/events.inc.php b/plugins/AdminTools/include/events.inc.php
new file mode 100644
index 000000000..77c6a8c67
--- /dev/null
+++ b/plugins/AdminTools/include/events.inc.php
@@ -0,0 +1,312 @@
+<?php
+defined('ADMINTOOLS_PATH') or die('Hacking attempt!');
+
+/**
+ * Add main toolbar to current page
+ * @trigger loc_after_page_header
+ */
+function admintools_add_public_controller()
+{
+ global $MultiView, $conf, $template, $page, $user, $picture;
+
+ if (script_basename() == 'picture' and empty($picture['current']))
+ {
+ return;
+ }
+
+ $url_root = get_root_url();
+ $tpl_vars = array();
+
+ if ($MultiView->is_admin())
+ { // full options for admin
+ $tpl_vars['U_SITE_ADMIN'] = $url_root . 'admin.php?page=';
+ $tpl_vars['MULTIVIEW'] = $MultiView->get_data();
+ $tpl_vars['USER'] = $MultiView->get_user();
+ $tpl_vars['CURRENT_USERNAME'] = $user['id']==$conf['guest_id'] ? l10n('guest') : $user['username'];
+ $tpl_vars['DELETE_CACHE'] = isset($conf['multiview_invalidate_cache']);
+
+ if (($admin_lang = $MultiView->get_user_language()) !== false)
+ {
+ include_once(PHPWG_ROOT_PATH . 'include/functions_mail.inc.php');
+ switch_lang_to($admin_lang);
+ }
+ }
+ else if ($conf['AdminTools']['public_quick_edit'] and
+ script_basename() == 'picture' and $picture['current']['added_by'] == $user['id']
+ )
+ { // only "edit" button for photo owner
+ }
+ else
+ {
+ return;
+ }
+
+ $tpl_vars['POSITION'] = $conf['AdminTools']['closed_position'];
+ $tpl_vars['DEFAULT_OPEN'] = $conf['AdminTools']['default_open'];
+ $tpl_vars['U_SELF'] = $MultiView->get_clean_url(true);
+
+ // photo page
+ if (script_basename() == 'picture')
+ {
+ $url_self = duplicate_picture_url();
+ $tpl_vars['IS_PICTURE'] = true;
+
+ // admin can add to caddie and set representattive
+ if ($MultiView->is_admin())
+ {
+ $template->clear_assign(array(
+ 'U_SET_AS_REPRESENTATIVE',
+ 'U_PHOTO_ADMIN',
+ 'U_CADDIE',
+ ));
+
+ $template->set_prefilter('picture', 'admintools_remove_privacy');
+
+ $tpl_vars['U_CADDIE'] = add_url_params(
+ $url_self,
+ array('action'=>'add_to_caddie')
+ );
+
+ $query = '
+SELECT element_id FROM ' . CADDIE_TABLE . '
+ WHERE element_id = ' . $page['image_id'] .'
+;';
+ $tpl_vars['IS_IN_CADDIE'] = pwg_db_num_rows(pwg_query($query)) > 0;
+
+ if (isset($page['category']))
+ {
+ $tpl_vars['CATEGORY_ID'] = $page['category']['id'];
+
+ $tpl_vars['U_SET_REPRESENTATIVE'] = add_url_params(
+ $url_self,
+ array('action'=>'set_as_representative')
+ );
+
+ $tpl_vars['IS_REPRESENTATIVE'] = $page['category']['representative_picture_id'] == $page['image_id'];
+ }
+
+ $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=photo-' . $page['image_id']
+ .(isset($page['category']) ? '&amp;cat_id=' . $page['category']['id'] : '');
+ }
+
+ $tpl_vars['U_DELETE'] = add_url_params(
+ $url_self, array(
+ 'delete'=>'',
+ 'pwg_token'=>get_pwg_token()
+ )
+ );
+
+ // gets tags (full available list is loaded in ajax)
+ include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
+
+ $query = '
+SELECT id, name
+ FROM '.IMAGE_TAG_TABLE.' AS it
+ JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id
+ WHERE image_id = '.$page['image_id'].'
+;';
+ $tag_selection = get_taglist($query);
+
+ $tpl_vars['QUICK_EDIT'] = array(
+ 'img' => $picture['current']['derivatives']['square']->get_url(),
+ 'name' => $picture['current']['name'],
+ 'comment' => $picture['current']['comment'],
+ 'author' => $picture['current']['author'],
+ 'level' => $picture['current']['level'],
+ 'date_creation' => substr($picture['current']['date_creation'], 0, 10),
+ 'date_creation_time' => substr($picture['current']['date_creation'], 11, 5),
+ 'tag_selection' => $tag_selection,
+ );
+ }
+ // album page (admin only)
+ else if ($MultiView->is_admin() and @$page['section'] == 'categories' and isset($page['category']))
+ {
+ $url_self = duplicate_index_url();
+
+ $tpl_vars['IS_CATEGORY'] = true;
+ $tpl_vars['CATEGORY_ID'] = $page['category']['id'];
+
+ $template->clear_assign(array(
+ 'U_EDIT',
+ 'U_CADDIE',
+ ));
+
+ $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=album-' . $page['category']['id'];
+
+ if (!empty($page['items']))
+ {
+ $tpl_vars['U_CADDIE'] = add_url_params(
+ $url_self,
+ array('caddie'=>1)
+ );
+ }
+
+ $tpl_vars['QUICK_EDIT'] = array(
+ 'img' => null,
+ 'name' => $page['category']['name'],
+ 'comment' => $page['category']['comment'],
+ );
+
+ if (!empty($page['category']['representative_picture_id']))
+ {
+ $query = '
+SELECT * FROM '.IMAGES_TABLE.'
+ WHERE id = '. $page['category']['representative_picture_id'] .'
+;';
+ $image_infos = pwg_db_fetch_assoc(pwg_query($query));
+
+ $tpl_vars['QUICK_EDIT']['img'] = DerivativeImage::get_one(IMG_SQUARE, $image_infos)->get_url();
+ }
+ }
+
+
+ $template->assign(array(
+ 'ADMINTOOLS_PATH' => './plugins/' . ADMINTOOLS_ID .'/',
+ 'ato' => $tpl_vars,
+ ));
+
+ $template->set_filename('ato_public_controller', realpath(ADMINTOOLS_PATH . 'template/public_controller.tpl'));
+ $template->parse('ato_public_controller');
+
+ if ($MultiView->is_admin() && @$admin_lang !== false)
+ {
+ switch_lang_back();
+ }
+}
+
+/**
+ * Disable privacy level switchbox
+ */
+function admintools_remove_privacy($content)
+{
+ $search = '{if $display_info.privacy_level and isset($available_permission_levels)}';
+ $replace = '{if false}';
+ return str_replace($search, $replace, $content);
+}
+
+/**
+ * Save picture form
+ * @trigger loc_begin_picture
+ */
+function admintools_save_picture()
+{
+ global $page, $conf, $MultiView, $user, $picture;
+
+ if (!isset($_GET['delete']) and !isset($_POST['action']) and @$_POST['action'] != 'quick_edit')
+ {
+ return;
+ }
+
+ $query = 'SELECT added_by FROM '. IMAGES_TABLE .' WHERE id = '. $page['image_id'] .';';
+ list($added_by) = pwg_db_fetch_row(pwg_query($query));
+
+ if (!$MultiView->is_admin() and $user['id'] != $added_by)
+ {
+ return;
+ }
+
+ if (isset($_GET['delete']) and get_pwg_token()==@$_GET['pwg_token'])
+ {
+ include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
+
+ delete_elements(array($page['image_id']), true);
+ invalidate_user_cache();
+
+ if (isset($page['rank_of'][ $page['image_id'] ]))
+ {
+ redirect(
+ duplicate_index_url(
+ array(
+ 'start' =>
+ floor($page['rank_of'][ $page['image_id'] ] / $page['nb_image_page'])
+ * $page['nb_image_page']
+ )
+ )
+ );
+ }
+ else
+ {
+ redirect(make_index_url());
+ }
+ }
+
+ if ($_POST['action'] == 'quick_edit')
+ {
+ include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php');
+
+ $data = array(
+ 'name' => $_POST['name'],
+ 'author' => $_POST['author'],
+ );
+
+ if ($MultiView->is_admin())
+ {
+ $data['level'] = $_POST['level'];
+ }
+
+ if ($conf['allow_html_descriptions'])
+ {
+ $data['comment'] = @$_POST['comment'];
+ }
+ else
+ {
+ $data['comment'] = strip_tags(@$_POST['comment']);
+ }
+
+ if (!empty($_POST['date_creation']) and strtotime($_POST['date_creation']) !== false)
+ {
+ $data['date_creation'] = $_POST['date_creation'] .' '. $_POST['date_creation_time'];
+ }
+
+ single_update(
+ IMAGES_TABLE,
+ $data,
+ array('id' => $page['image_id'])
+ );
+
+ $tag_ids = array();
+ if (!empty($_POST['tags']))
+ {
+ $tag_ids = get_tag_ids($_POST['tags']);
+ }
+ set_tags($tag_ids, $page['image_id']);
+ }
+}
+
+/**
+ * Save category form
+ * @trigger loc_begin_index
+ */
+function admintools_save_category()
+{
+ global $page, $conf, $MultiView;
+
+ if (!$MultiView->is_admin())
+ {
+ return;
+ }
+
+ if (@$_POST['action'] == 'quick_edit')
+ {
+ $data = array(
+ 'name' => $_POST['name'],
+ );
+
+ if ($conf['allow_html_descriptions'])
+ {
+ $data['comment'] = @$_POST['comment'];
+ }
+ else
+ {
+ $data['comment'] = strip_tags(@$_POST['comment']);
+ }
+
+ single_update(
+ CATEGORIES_TABLE,
+ $data,
+ array('id' => $page['category']['id'])
+ );
+
+ redirect(duplicate_index_url());
+ }
+} \ No newline at end of file
diff --git a/plugins/AdminTools/include/index.php b/plugins/AdminTools/include/index.php
new file mode 100644
index 000000000..ec6605317
--- /dev/null
+++ b/plugins/AdminTools/include/index.php
@@ -0,0 +1,7 @@
+<?php
+$url = '../';
+header( 'Request-URI: '.$url );
+header( 'Content-Location: '.$url );
+header( 'Location: '.$url );
+exit();
+?>