diff options
Diffstat (limited to '')
-rw-r--r-- | plugins/AdminTools/include/MultiView.class.php | 310 | ||||
-rw-r--r-- | plugins/AdminTools/include/events.inc.php | 312 | ||||
-rw-r--r-- | plugins/AdminTools/include/index.php | 7 |
3 files changed, 629 insertions, 0 deletions
diff --git a/plugins/AdminTools/include/MultiView.class.php b/plugins/AdminTools/include/MultiView.class.php new file mode 100644 index 000000000..21c2560fa --- /dev/null +++ b/plugins/AdminTools/include/MultiView.class.php @@ -0,0 +1,310 @@ +<?php +defined('ADMINTOOLS_PATH') or die('Hacking attempt!'); + +/** + * Class managing multi views system + */ +class MultiView +{ + /** @var bool $is_admin */ + private $is_admin = false; + + /** @var array $data */ + private $data = array(); + private $data_url_params = array(); + + /** @var array $user */ + private $user = array(); + + /** + * Constructor, load $data from session + */ + function __construct() + { + global $conf; + + $this->data = array_merge( + array( + 'view_as' => 0, + 'theme' => '', + 'lang' => '', + 'show_queries' => $conf['show_queries'], + 'debug_l10n' => $conf['debug_l10n'], + 'debug_template' => $conf['debug_template'], + 'template_combine_files' => $conf['template_combine_files'], + 'no_history' => false, + ), + pwg_get_session_var('multiview', array()) + ); + + $this->data_url_params = array_keys($this->data); + $this->data_url_params = array_map(create_function('$d', 'return "ato_".$d;'), $this->data_url_params); + } + + /** + * @return bool + */ + public function is_admin() + { + return $this->is_admin; + } + + /** + * @return array + */ + public function get_data() + { + return $this->data; + } + + /** + * @return array + */ + public function get_user() + { + return $this->user; + } + + /** + * Save $data in session + */ + private function save() + { + pwg_set_session_var('multiview', $this->data); + } + + /** + * Returns the current url minus MultiView params + * + * @param bool $with_amp - adds ? or & at the end of the url + * @return string + */ + public function get_clean_url($with_amp=false) + { + if (script_basename() == 'picture') + { + $url = duplicate_picture_url(array(), $this->data_url_params); + } + else if (script_basename() == 'index') + { + $url = duplicate_index_url(array(), $this->data_url_params); + } + else + { + $url = get_query_string_diff($this->data_url_params); + } + + if ($with_amp) + { + $url.= strpos($url, '?')!==false ? '&' : '?'; + } + + return $url; + } + + /** + * Triggered on "user_init", change current view depending of URL params. + */ + public function user_init() + { + global $user, $conf; + + $this->is_admin = is_admin(); + + $this->user = array( + 'id' => $user['id'], + 'username' => $user['username'], + 'language' => $user['language'], + 'theme' => $user['theme'], + ); + + // inactive on ws.php to allow AJAX admin tasks + if ($this->is_admin && script_basename() != 'ws') + { + if ($this->data['view_as'] == 0) + { + $this->data['view_as'] = $user['id']; + } + if (empty($this->data['lang'])) + { + $this->data['lang'] = $user['language']; + } + if (empty($this->data['theme'])) + { + $this->data['theme'] = $user['theme']; + } + + // view_as + if (!defined('IN_ADMIN')) + { + if (isset($_GET['ato_view_as'])) + { + $this->data['view_as'] = (int)$_GET['ato_view_as']; + } + if ($this->data['view_as'] != $user['id']) + { + $user = build_user($this->data['view_as'], true); + if (isset($_GET['ato_view_as'])) + { + $this->data['theme'] = $user['theme']; + $this->data['lang'] = $user['language']; + } + } + } + + // theme + if (isset($_GET['ato_theme'])) + { + $this->data['theme'] = $_GET['ato_theme']; + } + $user['theme'] = $this->data['theme']; + + // lang + if (isset($_GET['ato_lang'])) + { + $this->data['lang'] = $_GET['ato_lang']; + } + $user['language'] = $this->data['lang']; + + // show_queries + if (isset($_GET['ato_show_queries'])) + { + $this->data['show_queries'] = (bool)$_GET['ato_show_queries']; + } + $conf['show_queries'] = $this->data['show_queries']; + + // debug_l10n + if (isset($_GET['ato_debug_l10n'])) + { + $this->data['debug_l10n'] = (bool)$_GET['ato_debug_l10n']; + } + $conf['debug_l10n'] = $this->data['debug_l10n']; + + // debug_template + if (isset($_GET['ato_debug_template'])) + { + $this->data['debug_template'] = (bool)$_GET['ato_debug_template']; + } + $conf['debug_template'] = $this->data['debug_template']; + + // template_combine_files + if (isset($_GET['ato_template_combine_files'])) + { + $this->data['template_combine_files'] = (bool)$_GET['ato_template_combine_files']; + } + $conf['template_combine_files'] = $this->data['template_combine_files']; + + // no_history + if (isset($_GET['ato_no_history'])) + { + $this->data['no_history'] = (bool)$_GET['ato_no_history']; + } + if ($this->data['no_history']) + { + add_event_handler('pwg_log_allowed', create_function('', 'return false;')); + } + + $this->save(); + } + } + + /** + * Returns the language of the current user if different from the current language + * false otherwise + */ + function get_user_language() + { + if (isset($this->user['language']) && isset($this->data['lang']) + && $this->user['language'] != $this->data['lang'] + ) + { + return $this->user['language']; + } + return false; + } + + /** + * Triggered on "init", in order to clean template files (not initialized on "user_init") + */ + public function init() + { + if ($this->is_admin) + { + if (isset($_GET['ato_purge_template'])) + { + global $template; + $template->delete_compiled_templates(); + FileCombiner::clear_combined_files(); + } + } + } + + /** + * Mark browser session cache for deletion + */ + public static function invalidate_cache() + { + global $conf; + conf_update_param('multiview_invalidate_cache', true, true); + } + + /** + * Register custom API methods + */ + public static function register_ws($arr) + { + $service = &$arr[0]; + + $service->addMethod( + 'multiView.getData', + array('MultiView', 'ws_get_data'), + array(), + 'AdminTools private method.', + null, + array('admin_only' => true, 'hidden' => true) + ); + } + + /** + * API method + * Return full list of users, themes and languages + */ + public static function ws_get_data($params) + { + global $conf; + + // get users + $query = ' +SELECT + '.$conf['user_fields']['id'].' AS id, + '.$conf['user_fields']['username'].' AS username +FROM '.USERS_TABLE.' + ORDER BY CONVERT('.$conf['user_fields']['username'].', CHAR) +;'; + $out['users'] = array_from_query($query); + + // get themes + include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php'); + $themes = new themes(); + foreach (array_keys($themes->db_themes_by_id) as $theme) + { + if (!empty($theme)) + { + $out['themes'][] = $theme; + } + } + + // get languages + foreach (get_languages() as $code => $name) + { + $out['languages'][] = array( + 'id' => $code, + 'name' => $name, + ); + } + + conf_delete_param('multiview_invalidate_cache'); + + return $out; + } +}
\ No newline at end of file diff --git a/plugins/AdminTools/include/events.inc.php b/plugins/AdminTools/include/events.inc.php new file mode 100644 index 000000000..77c6a8c67 --- /dev/null +++ b/plugins/AdminTools/include/events.inc.php @@ -0,0 +1,312 @@ +<?php +defined('ADMINTOOLS_PATH') or die('Hacking attempt!'); + +/** + * Add main toolbar to current page + * @trigger loc_after_page_header + */ +function admintools_add_public_controller() +{ + global $MultiView, $conf, $template, $page, $user, $picture; + + if (script_basename() == 'picture' and empty($picture['current'])) + { + return; + } + + $url_root = get_root_url(); + $tpl_vars = array(); + + if ($MultiView->is_admin()) + { // full options for admin + $tpl_vars['U_SITE_ADMIN'] = $url_root . 'admin.php?page='; + $tpl_vars['MULTIVIEW'] = $MultiView->get_data(); + $tpl_vars['USER'] = $MultiView->get_user(); + $tpl_vars['CURRENT_USERNAME'] = $user['id']==$conf['guest_id'] ? l10n('guest') : $user['username']; + $tpl_vars['DELETE_CACHE'] = isset($conf['multiview_invalidate_cache']); + + if (($admin_lang = $MultiView->get_user_language()) !== false) + { + include_once(PHPWG_ROOT_PATH . 'include/functions_mail.inc.php'); + switch_lang_to($admin_lang); + } + } + else if ($conf['AdminTools']['public_quick_edit'] and + script_basename() == 'picture' and $picture['current']['added_by'] == $user['id'] + ) + { // only "edit" button for photo owner + } + else + { + return; + } + + $tpl_vars['POSITION'] = $conf['AdminTools']['closed_position']; + $tpl_vars['DEFAULT_OPEN'] = $conf['AdminTools']['default_open']; + $tpl_vars['U_SELF'] = $MultiView->get_clean_url(true); + + // photo page + if (script_basename() == 'picture') + { + $url_self = duplicate_picture_url(); + $tpl_vars['IS_PICTURE'] = true; + + // admin can add to caddie and set representattive + if ($MultiView->is_admin()) + { + $template->clear_assign(array( + 'U_SET_AS_REPRESENTATIVE', + 'U_PHOTO_ADMIN', + 'U_CADDIE', + )); + + $template->set_prefilter('picture', 'admintools_remove_privacy'); + + $tpl_vars['U_CADDIE'] = add_url_params( + $url_self, + array('action'=>'add_to_caddie') + ); + + $query = ' +SELECT element_id FROM ' . CADDIE_TABLE . ' + WHERE element_id = ' . $page['image_id'] .' +;'; + $tpl_vars['IS_IN_CADDIE'] = pwg_db_num_rows(pwg_query($query)) > 0; + + if (isset($page['category'])) + { + $tpl_vars['CATEGORY_ID'] = $page['category']['id']; + + $tpl_vars['U_SET_REPRESENTATIVE'] = add_url_params( + $url_self, + array('action'=>'set_as_representative') + ); + + $tpl_vars['IS_REPRESENTATIVE'] = $page['category']['representative_picture_id'] == $page['image_id']; + } + + $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=photo-' . $page['image_id'] + .(isset($page['category']) ? '&cat_id=' . $page['category']['id'] : ''); + } + + $tpl_vars['U_DELETE'] = add_url_params( + $url_self, array( + 'delete'=>'', + 'pwg_token'=>get_pwg_token() + ) + ); + + // gets tags (full available list is loaded in ajax) + include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php'); + + $query = ' +SELECT id, name + FROM '.IMAGE_TAG_TABLE.' AS it + JOIN '.TAGS_TABLE.' AS t ON t.id = it.tag_id + WHERE image_id = '.$page['image_id'].' +;'; + $tag_selection = get_taglist($query); + + $tpl_vars['QUICK_EDIT'] = array( + 'img' => $picture['current']['derivatives']['square']->get_url(), + 'name' => $picture['current']['name'], + 'comment' => $picture['current']['comment'], + 'author' => $picture['current']['author'], + 'level' => $picture['current']['level'], + 'date_creation' => substr($picture['current']['date_creation'], 0, 10), + 'date_creation_time' => substr($picture['current']['date_creation'], 11, 5), + 'tag_selection' => $tag_selection, + ); + } + // album page (admin only) + else if ($MultiView->is_admin() and @$page['section'] == 'categories' and isset($page['category'])) + { + $url_self = duplicate_index_url(); + + $tpl_vars['IS_CATEGORY'] = true; + $tpl_vars['CATEGORY_ID'] = $page['category']['id']; + + $template->clear_assign(array( + 'U_EDIT', + 'U_CADDIE', + )); + + $tpl_vars['U_ADMIN_EDIT'] = $url_root . 'admin.php?page=album-' . $page['category']['id']; + + if (!empty($page['items'])) + { + $tpl_vars['U_CADDIE'] = add_url_params( + $url_self, + array('caddie'=>1) + ); + } + + $tpl_vars['QUICK_EDIT'] = array( + 'img' => null, + 'name' => $page['category']['name'], + 'comment' => $page['category']['comment'], + ); + + if (!empty($page['category']['representative_picture_id'])) + { + $query = ' +SELECT * FROM '.IMAGES_TABLE.' + WHERE id = '. $page['category']['representative_picture_id'] .' +;'; + $image_infos = pwg_db_fetch_assoc(pwg_query($query)); + + $tpl_vars['QUICK_EDIT']['img'] = DerivativeImage::get_one(IMG_SQUARE, $image_infos)->get_url(); + } + } + + + $template->assign(array( + 'ADMINTOOLS_PATH' => './plugins/' . ADMINTOOLS_ID .'/', + 'ato' => $tpl_vars, + )); + + $template->set_filename('ato_public_controller', realpath(ADMINTOOLS_PATH . 'template/public_controller.tpl')); + $template->parse('ato_public_controller'); + + if ($MultiView->is_admin() && @$admin_lang !== false) + { + switch_lang_back(); + } +} + +/** + * Disable privacy level switchbox + */ +function admintools_remove_privacy($content) +{ + $search = '{if $display_info.privacy_level and isset($available_permission_levels)}'; + $replace = '{if false}'; + return str_replace($search, $replace, $content); +} + +/** + * Save picture form + * @trigger loc_begin_picture + */ +function admintools_save_picture() +{ + global $page, $conf, $MultiView, $user, $picture; + + if (!isset($_GET['delete']) and !isset($_POST['action']) and @$_POST['action'] != 'quick_edit') + { + return; + } + + $query = 'SELECT added_by FROM '. IMAGES_TABLE .' WHERE id = '. $page['image_id'] .';'; + list($added_by) = pwg_db_fetch_row(pwg_query($query)); + + if (!$MultiView->is_admin() and $user['id'] != $added_by) + { + return; + } + + if (isset($_GET['delete']) and get_pwg_token()==@$_GET['pwg_token']) + { + include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php'); + + delete_elements(array($page['image_id']), true); + invalidate_user_cache(); + + if (isset($page['rank_of'][ $page['image_id'] ])) + { + redirect( + duplicate_index_url( + array( + 'start' => + floor($page['rank_of'][ $page['image_id'] ] / $page['nb_image_page']) + * $page['nb_image_page'] + ) + ) + ); + } + else + { + redirect(make_index_url()); + } + } + + if ($_POST['action'] == 'quick_edit') + { + include_once(PHPWG_ROOT_PATH . 'admin/include/functions.php'); + + $data = array( + 'name' => $_POST['name'], + 'author' => $_POST['author'], + ); + + if ($MultiView->is_admin()) + { + $data['level'] = $_POST['level']; + } + + if ($conf['allow_html_descriptions']) + { + $data['comment'] = @$_POST['comment']; + } + else + { + $data['comment'] = strip_tags(@$_POST['comment']); + } + + if (!empty($_POST['date_creation']) and strtotime($_POST['date_creation']) !== false) + { + $data['date_creation'] = $_POST['date_creation'] .' '. $_POST['date_creation_time']; + } + + single_update( + IMAGES_TABLE, + $data, + array('id' => $page['image_id']) + ); + + $tag_ids = array(); + if (!empty($_POST['tags'])) + { + $tag_ids = get_tag_ids($_POST['tags']); + } + set_tags($tag_ids, $page['image_id']); + } +} + +/** + * Save category form + * @trigger loc_begin_index + */ +function admintools_save_category() +{ + global $page, $conf, $MultiView; + + if (!$MultiView->is_admin()) + { + return; + } + + if (@$_POST['action'] == 'quick_edit') + { + $data = array( + 'name' => $_POST['name'], + ); + + if ($conf['allow_html_descriptions']) + { + $data['comment'] = @$_POST['comment']; + } + else + { + $data['comment'] = strip_tags(@$_POST['comment']); + } + + single_update( + CATEGORIES_TABLE, + $data, + array('id' => $page['category']['id']) + ); + + redirect(duplicate_index_url()); + } +}
\ No newline at end of file diff --git a/plugins/AdminTools/include/index.php b/plugins/AdminTools/include/index.php new file mode 100644 index 000000000..ec6605317 --- /dev/null +++ b/plugins/AdminTools/include/index.php @@ -0,0 +1,7 @@ +<?php +$url = '../'; +header( 'Request-URI: '.$url ); +header( 'Content-Location: '.$url ); +header( 'Location: '.$url ); +exit(); +?> |