f2daz/web-development
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Backup der Webseiten

Browse Source 
- zoesch.de
- blitzkiste.net
- gruene-hassberge (norbert.zoesch.de)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Felix Zösch
2025-12-13 01:17:15 +01:00
commit 07c290a453
4607 changed files with 1202735 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
zoesch.de/galerie/include/ws_functions/index.php Normal file
View File

@@ -0,0 +1,30 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
// Recursive call
$url = '../';
header( 'Request-URI: '.$url );
header( 'Content-Location: '.$url );
header( 'Location: '.$url );
exit();
?>

972
zoesch.de/galerie/include/ws_functions/pwg.categories.php Normal file
View File

@@ -0,0 +1,972 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns images per category
* @param mixed[] $params
* @option int[] cat_id (optional)
* @option bool recursive
* @option int per_page
* @option int page
* @option string order (optional)
*/
function ws_categories_getImages($params, &$service)
{
global $user, $conf;
$images = array();
//------------------------------------------------- get the related categories
$where_clauses = array();
foreach ($params['cat_id'] as $cat_id)
{
if ($params['recursive'])
{
$where_clauses[] = 'uppercats '.DB_REGEX_OPERATOR.' \'(^|,)'.$cat_id.'(,|$)\'';
}
else
{
$where_clauses[] = 'id='.$cat_id;
}
}
if (!empty($where_clauses))
{
$where_clauses = array('('. implode("\n OR ", $where_clauses) . ')');
}
$where_clauses[] = get_sql_condition_FandF(
array('forbidden_categories' => 'id'),
null, true
);
$query = '
SELECT id, name, permalink, image_order
FROM '. CATEGORIES_TABLE .'
WHERE '. implode("\n AND ", $where_clauses) .'
;';
$result = pwg_query($query);
$cats = array();
while ($row = pwg_db_fetch_assoc($result))
{
$row['id'] = (int)$row['id'];
$cats[ $row['id'] ] = $row;
}
//-------------------------------------------------------- get the images
if (!empty($cats))
{
$where_clauses = ws_std_image_sql_filter($params, 'i.');
$where_clauses[] = 'category_id IN ('. implode(',', array_keys($cats)) .')';
$where_clauses[] = get_sql_condition_FandF(
array('visible_images' => 'i.id'),
null, true
);
$order_by = ws_std_image_sql_order($params, 'i.');
if ( empty($order_by)
and count($params['cat_id'])==1
and isset($cats[ $params['cat_id'][0] ]['image_order'])
)
{
$order_by = $cats[ $params['cat_id'][0] ]['image_order'];
}
$order_by = empty($order_by) ? $conf['order_by'] : 'ORDER BY '.$order_by;
$query = '
SELECT SQL_CALC_FOUND_ROWS i.*, GROUP_CONCAT(category_id) AS cat_ids
FROM '. IMAGES_TABLE .' i
INNER JOIN '. IMAGE_CATEGORY_TABLE .' ON i.id=image_id
WHERE '. implode("\n AND ", $where_clauses) .'
GROUP BY i.id
'. $order_by .'
LIMIT '. $params['per_page'] .'
OFFSET '. ($params['per_page']*$params['page']) .'
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$image = array();
foreach (array('id', 'width', 'height', 'hit') as $k)
{
if (isset($row[$k]))
{
$image[$k] = (int)$row[$k];
}
}
foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k)
{
$image[$k] = $row[$k];
}
$image = array_merge($image, ws_std_get_urls($row));
$image_cats = array();
foreach (explode(',', $row['cat_ids']) as $cat_id)
{
$url = make_index_url(
array(
'category' => $cats[$cat_id],
)
);
$page_url = make_picture_url(
array(
'category' => $cats[$cat_id],
'image_id' => $row['id'],
'image_file' => $row['file'],
)
);
$image_cats[] = array(
'id' => (int)$cat_id,
'url' => $url,
'page_url' => $page_url,
);
}
$image['categories'] = new PwgNamedArray(
$image_cats,
'category',
array('id', 'url', 'page_url')
);
$images[] = $image;
}
}
list($total_images) = pwg_db_fetch_row(pwg_query('SELECT FOUND_ROWS()'));
return array(
'paging' => new PwgNamedStruct(
array(
'page' => $params['page'],
'per_page' => $params['per_page'],
'count' => $total_images
)
),
'images' => new PwgNamedArray(
$images, 'image',
ws_std_get_image_xml_attributes()
)
);
}
/**
* API method
* Returns a list of categories
* @param mixed[] $params
* @option int cat_id (optional)
* @option bool recursive
* @option bool public
* @option bool tree_output
* @option bool fullname
*/
function ws_categories_getList($params, &$service)
{
global $user, $conf;
if (!in_array($params['thumbnail_size'], array_keys(ImageStdParams::get_defined_type_map())))
{
return new PwgError(WS_ERR_INVALID_PARAM, "Invalid thumbnail_size");
}
$where = array('1=1');
$join_type = 'INNER';
$join_user = $user['id'];
if (!$params['recursive'])
{
if ($params['cat_id']>0)
{
$where[] = '(
id_uppercat = '. (int)($params['cat_id']) .'
OR id='.(int)($params['cat_id']).'
)';
}
else
{
$where[] = 'id_uppercat IS NULL';
}
}
else if ($params['cat_id']>0)
{
$where[] = 'uppercats '. DB_REGEX_OPERATOR .' \'(^|,)'.
(int)($params['cat_id']) .'(,|$)\'';
}
if ($params['public'])
{
$where[] = 'status = "public"';
$where[] = 'visible = "true"';
$join_user = $conf['guest_id'];
}
else if (is_admin())
{
// in this very specific case, we don't want to hide empty
// categories. Function calculate_permissions will only return
// categories that are either locked or private and not permitted
//
// calculate_permissions does not consider empty categories as forbidden
$forbidden_categories = calculate_permissions($user['id'], $user['status']);
$where[]= 'id NOT IN ('.$forbidden_categories.')';
$join_type = 'LEFT';
}
$query = '
SELECT
id, name, comment, permalink, status,
uppercats, global_rank, id_uppercat,
nb_images, count_images AS total_nb_images,
representative_picture_id, user_representative_picture_id, count_images, count_categories,
date_last, max_date_last, count_categories AS nb_categories
FROM '. CATEGORIES_TABLE .'
'.$join_type.' JOIN '. USER_CACHE_CATEGORIES_TABLE .'
ON id=cat_id AND user_id='.$join_user.'
WHERE '. implode("\n AND ", $where) .'
;';
$result = pwg_query($query);
// management of the album thumbnail -- starts here
$image_ids = array();
$categories = array();
$user_representative_updates_for = array();
// management of the album thumbnail -- stops here
$cats = array();
while ($row = pwg_db_fetch_assoc($result))
{
$row['url'] = make_index_url(
array(
'category' => $row
)
);
foreach (array('id','nb_images','total_nb_images','nb_categories') as $key)
{
$row[$key] = (int)$row[$key];
}
if ($params['fullname'])
{
$row['name'] = strip_tags(get_cat_display_name_cache($row['uppercats'], null));
}
else
{
$row['name'] = strip_tags(
trigger_change(
'render_category_name',
$row['name'],
'ws_categories_getList'
)
);
}
$row['comment'] = strip_tags(
trigger_change(
'render_category_description',
$row['comment'],
'ws_categories_getList'
)
);
// management of the album thumbnail -- starts here
//
// on branch 2.3, the algorithm is duplicated from
// include/category_cats, but we should use a common code for Piwigo 2.4
//
// warning : if the API method is called with $params['public'], the
// album thumbnail may be not accurate. The thumbnail can be viewed by
// the connected user, but maybe not by the guest. Changing the
// filtering method would be too complicated for now. We will simply
// avoid to persist the user_representative_picture_id in the database
// if $params['public']
if (!empty($row['user_representative_picture_id']))
{
$image_id = $row['user_representative_picture_id'];
}
else if (!empty($row['representative_picture_id']))
{ // if a representative picture is set, it has priority
$image_id = $row['representative_picture_id'];
}
else if ($conf['allow_random_representative'])
{
// searching a random representant among elements in sub-categories
$image_id = get_random_image_in_category($row);
}
else
{ // searching a random representant among representant of sub-categories
if ($row['count_categories']>0 and $row['count_images']>0)
{
$query = '
SELECT representative_picture_id
FROM '. CATEGORIES_TABLE .'
INNER JOIN '. USER_CACHE_CATEGORIES_TABLE .'
ON id=cat_id AND user_id='.$user['id'].'
WHERE uppercats LIKE \''.$row['uppercats'].',%\'
AND representative_picture_id IS NOT NULL
'.get_sql_condition_FandF(
array('visible_categories' => 'id'),
"\n AND"
).'
ORDER BY '. DB_RANDOM_FUNCTION .'()
LIMIT 1
;';
$subresult = pwg_query($query);
if (pwg_db_num_rows($subresult) > 0)
{
list($image_id) = pwg_db_fetch_row($subresult);
}
}
}
if (isset($image_id))
{
if ($conf['representative_cache_on_subcats'] and $row['user_representative_picture_id'] != $image_id)
{
$user_representative_updates_for[ $row['id'] ] = $image_id;
}
$row['representative_picture_id'] = $image_id;
$image_ids[] = $image_id;
$categories[] = $row;
}
unset($image_id);
// management of the album thumbnail -- stops here
$cats[] = $row;
}
usort($cats, 'global_rank_compare');
// management of the album thumbnail -- starts here
if (count($categories) > 0)
{
$thumbnail_src_of = array();
$new_image_ids = array();
$query = '
SELECT id, path, representative_ext, level
FROM '. IMAGES_TABLE .'
WHERE id IN ('. implode(',', $image_ids) .')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
if ($row['level'] <= $user['level'])
{
$thumbnail_src_of[$row['id']] = DerivativeImage::url($params['thumbnail_size'], $row);
}
else
{
// problem: we must not display the thumbnail of a photo which has a
// higher privacy level than user privacy level
//
// * what is the represented category?
// * find a random photo matching user permissions
// * register it at user_representative_picture_id
// * set it as the representative_picture_id for the category
foreach ($categories as &$category)
{
if ($row['id'] == $category['representative_picture_id'])
{
// searching a random representant among elements in sub-categories
$image_id = get_random_image_in_category($category);
if (isset($image_id) and !in_array($image_id, $image_ids))
{
$new_image_ids[] = $image_id;
}
if ($conf['representative_cache_on_level'])
{
$user_representative_updates_for[ $category['id'] ] = $image_id;
}
$category['representative_picture_id'] = $image_id;
}
}
unset($category);
}
}
if (count($new_image_ids) > 0)
{
$query = '
SELECT id, path, representative_ext
FROM '. IMAGES_TABLE .'
WHERE id IN ('. implode(',', $new_image_ids) .')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$thumbnail_src_of[ $row['id'] ] = DerivativeImage::url($params['thumbnail_size'], $row);
}
}
}
// compared to code in include/category_cats, we only persist the new
// user_representative if we have used $user['id'] and not the guest id,
// or else the real guest may see thumbnail that he should not
if (!$params['public'] and count($user_representative_updates_for))
{
$updates = array();
foreach ($user_representative_updates_for as $cat_id => $image_id)
{
$updates[] = array(
'user_id' => $user['id'],
'cat_id' => $cat_id,
'user_representative_picture_id' => $image_id,
);
}
mass_updates(
USER_CACHE_CATEGORIES_TABLE,
array(
'primary' => array('user_id', 'cat_id'),
'update' => array('user_representative_picture_id')
),
$updates
);
}
foreach ($cats as &$cat)
{
foreach ($categories as $category)
{
if ($category['id'] == $cat['id'] and isset($category['representative_picture_id']))
{
$cat['tn_url'] = $thumbnail_src_of[$category['representative_picture_id']];
}
}
// we don't want them in the output
unset($cat['user_representative_picture_id'], $cat['count_images'], $cat['count_categories']);
}
unset($cat);
// management of the album thumbnail -- stops here
if ($params['tree_output'])
{
return categories_flatlist_to_tree($cats);
}
return array(
'categories' => new PwgNamedArray(
$cats,
'category',
ws_std_get_category_xml_attributes()
)
);
}
/**
* API method
* Returns the list of categories as you can see them in administration
* @param mixed[] $params
*
* Only admin can run this method and permissions are not taken into
* account.
*/
function ws_categories_getAdminList($params, &$service)
{
$query = '
SELECT category_id, COUNT(*) AS counter
FROM '. IMAGE_CATEGORY_TABLE .'
GROUP BY category_id
;';
$nb_images_of = query2array($query, 'category_id', 'counter');
$query = '
SELECT id, name, comment, uppercats, global_rank, dir, status
FROM '. CATEGORIES_TABLE .'
;';
$result = pwg_query($query);
$cats = array();
while ($row = pwg_db_fetch_assoc($result))
{
$id = $row['id'];
$row['nb_images'] = isset($nb_images_of[$id]) ? $nb_images_of[$id] : 0;
$row['name'] = strip_tags(
trigger_change(
'render_category_name',
$row['name'],
'ws_categories_getAdminList'
)
);
$row['fullname'] = strip_tags(
get_cat_display_name_cache(
$row['uppercats'],
null
)
);
$row['comment'] = strip_tags(
trigger_change(
'render_category_description',
$row['comment'],
'ws_categories_getAdminList'
)
);
$cats[] = $row;
}
usort($cats, 'global_rank_compare');
return array(
'categories' => new PwgNamedArray(
$cats,
'category',
array('id', 'nb_images', 'name', 'uppercats', 'global_rank', 'status')
)
);
}
/**
* API method
* Adds a category
* @param mixed[] $params
* @option string name
* @option int parent (optional)
* @option string comment (optional)
* @option bool visible
* @option string status (optional)
* @option bool commentable
*/
function ws_categories_add($params, &$service)
{
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
$options = array();
if (!empty($params['status']) and in_array($params['status'], array('private','public')))
{
$options['status'] = $params['status'];
}
if (!empty($params['comment']))
{
$options['comment'] = $params['comment'];
}
$creation_output = create_virtual_category(
$params['name'],
$params['parent'],
$options
);
if (isset($creation_output['error']))
{
return new PwgError(500, $creation_output['error']);
}
invalidate_user_cache();
return $creation_output;
}
/**
* API method
* Sets details of a category
* @param mixed[] $params
* @option int cat_id
* @option string name (optional)
* @option string comment (optional)
*/
function ws_categories_setInfo($params, &$service)
{
// does the category really exist?
$query = '
SELECT *
FROM '.CATEGORIES_TABLE.'
WHERE id = '.$params['category_id'].'
;';
$categories = query2array($query);
if (count($categories) == 0)
{
return new PwgError(404, 'category_id not found');
}
$category = $categories[0];
if (!empty($params['status']))
{
if (!in_array($params['status'], array('private','public')))
{
return new PwgError(WS_ERR_INVALID_PARAM, "Invalid status, only public/private");
}
if ($params['status'] != $category['status'])
{
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
set_cat_status(array($params['category_id']), $params['status']);
}
}
$update = array(
'id' => $params['category_id'],
);
$info_columns = array('name', 'comment',);
$perform_update = false;
foreach ($info_columns as $key)
{
if (isset($params[$key]))
{
$perform_update = true;
$update[$key] = $params[$key];
}
}
if ($perform_update)
{
single_update(
CATEGORIES_TABLE,
$update,
array('id' => $update['id'])
);
}
}
/**
* API method
* Sets representative image of a category
* @param mixed[] $params
* @option int category_id
* @option int image_id
*/
function ws_categories_setRepresentative($params, &$service)
{
// does the category really exist?
$query = '
SELECT COUNT(*)
FROM '. CATEGORIES_TABLE .'
WHERE id = '. $params['category_id'] .'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0)
{
return new PwgError(404, 'category_id not found');
}
// does the image really exist?
$query = '
SELECT COUNT(*)
FROM '. IMAGES_TABLE .'
WHERE id = '. $params['image_id'] .'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0)
{
return new PwgError(404, 'image_id not found');
}
// apply change
$query = '
UPDATE '. CATEGORIES_TABLE .'
SET representative_picture_id = '. $params['image_id'] .'
WHERE id = '. $params['category_id'] .'
;';
pwg_query($query);
$query = '
UPDATE '. USER_CACHE_CATEGORIES_TABLE .'
SET user_representative_picture_id = NULL
WHERE cat_id = '. $params['category_id'] .'
;';
pwg_query($query);
}
/**
* API method
*
* Deletes the album thumbnail. Only possible if
* $conf['allow_random_representative']
*
* @param mixed[] $params
* @option int category_id
*/
function ws_categories_deleteRepresentative($params, &$service)
{
global $conf;
// does the category really exist?
$query = '
SELECT id
FROM '. CATEGORIES_TABLE .'
WHERE id = '. $params['category_id'] .'
;';
$result = pwg_query($query);
if (pwg_db_num_rows($result) == 0)
{
return new PwgError(404, 'category_id not found');
}
if (!$conf['allow_random_representative'])
{
return new PwgError(401, 'not permitted');
}
$query = '
UPDATE '.CATEGORIES_TABLE.'
SET representative_picture_id = NULL
WHERE id = '.$params['category_id'].'
;';
pwg_query($query);
}
/**
* API method
*
* Find a new album thumbnail.
*
* @param mixed[] $params
* @option int category_id
*/
function ws_categories_refreshRepresentative($params, &$service)
{
global $conf;
// does the category really exist?
$query = '
SELECT id
FROM '. CATEGORIES_TABLE .'
WHERE id = '. $params['category_id'] .'
;';
$result = pwg_query($query);
if (pwg_db_num_rows($result) == 0)
{
return new PwgError(404, 'category_id not found');
}
$query = '
SELECT
DISTINCT category_id
FROM '.IMAGE_CATEGORY_TABLE.'
WHERE category_id = '.$params['category_id'].'
LIMIT 1
;';
$result = pwg_query($query);
$has_images = pwg_db_num_rows($result) > 0 ? true : false;
if (!$has_images)
{
return new PwgError(401, 'not permitted');
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
set_random_representant(array($params['category_id']));
// return url of the new representative
$query = '
SELECT *
FROM '.CATEGORIES_TABLE.'
WHERE id = '.$params['category_id'].'
;';
$category = pwg_db_fetch_assoc(pwg_query($query));
return get_category_representant_properties($category['representative_picture_id']);
}
/**
* API method
* Deletes a category
* @param mixed[] $params
* @option string|int[] category_id
* @option string photo_deletion_mode
* @option string pwg_token
*/
function ws_categories_delete($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
$modes = array('no_delete', 'delete_orphans', 'force_delete');
if (!in_array($params['photo_deletion_mode'], $modes))
{
return new PwgError(500,
'[ws_categories_delete]'
.' invalid parameter photo_deletion_mode "'.$params['photo_deletion_mode'].'"'
.', possible values are {'.implode(', ', $modes).'}.'
);
}
if (!is_array($params['category_id']))
{
$params['category_id'] = preg_split(
'/[\s,;\|]/',
$params['category_id'],
-1,
PREG_SPLIT_NO_EMPTY
);
}
$params['category_id'] = array_map('intval', $params['category_id']);
$category_ids = array();
foreach ($params['category_id'] as $category_id)
{
if ($category_id > 0)
{
$category_ids[] = $category_id;
}
}
if (count($category_ids) == 0)
{
return;
}
$query = '
SELECT id
FROM '. CATEGORIES_TABLE .'
WHERE id IN ('. implode(',', $category_ids) .')
;';
$category_ids = array_from_query($query, 'id');
if (count($category_ids) == 0)
{
return;
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
delete_categories($category_ids, $params['photo_deletion_mode']);
update_global_rank();
invalidate_user_cache();
}
/**
* API method
* Moves a category
* @param mixed[] $params
* @option string|int[] category_id
* @option int parent
* @option string pwg_token
*/
function ws_categories_move($params, &$service)
{
global $page;
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
if (!is_array($params['category_id']))
{
$params['category_id'] = preg_split(
'/[\s,;\|]/',
$params['category_id'],
-1,
PREG_SPLIT_NO_EMPTY
);
}
$params['category_id'] = array_map('intval', $params['category_id']);
$category_ids = array();
foreach ($params['category_id'] as $category_id)
{
if ($category_id > 0)
{
$category_ids[] = $category_id;
}
}
if (count($category_ids) == 0)
{
return new PwgError(403, 'Invalid category_id input parameter, no category to move');
}
// we can't move physical categories
$categories_in_db = array();
$query = '
SELECT id, name, dir
FROM '. CATEGORIES_TABLE .'
WHERE id IN ('. implode(',', $category_ids) .')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$categories_in_db[ $row['id'] ] = $row;
// we break on error at first physical category detected
if (!empty($row['dir']))
{
$row['name'] = strip_tags(
trigger_change(
'render_category_name',
$row['name'],
'ws_categories_move'
)
);
return new PwgError(403,
sprintf(
'Category %s (%u) is not a virtual category, you cannot move it',
$row['name'],
$row['id']
)
);
}
}
if (count($categories_in_db) != count($category_ids))
{
$unknown_category_ids = array_diff($category_ids, array_keys($categories_in_db));
return new PwgError(403,
sprintf(
'Category %u does not exist',
$unknown_category_ids[0]
)
);
}
// does this parent exists? This check should be made in the
// move_categories function, not here
// 0 as parent means "move categories at gallery root"
if (0 != $params['parent'])
{
$subcat_ids = get_subcat_ids(array($params['parent']));
if (count($subcat_ids) == 0)
{
return new PwgError(403, 'Unknown parent category id');
}
}
$page['infos'] = array();
$page['errors'] = array();
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
move_categories($category_ids, $params['parent']);
invalidate_user_cache();
if (count($page['errors']) != 0)
{
return new PwgError(403, implode('; ', $page['errors']));
}
}
?>

342
zoesch.de/galerie/include/ws_functions/pwg.extensions.php Normal file
View File

@@ -0,0 +1,342 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns the list of all plugins
* @param mixed[] $params
*/
function ws_plugins_getList($params, $service)
{
include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
$plugins = new plugins();
$plugins->sort_fs_plugins('name');
$plugin_list = array();
foreach ($plugins->fs_plugins as $plugin_id => $fs_plugin)
{
if (isset($plugins->db_plugins_by_id[$plugin_id]))
{
$state = $plugins->db_plugins_by_id[$plugin_id]['state'];
}
else
{
$state = 'uninstalled';
}
$plugin_list[] = array(
'id' => $plugin_id,
'name' => $fs_plugin['name'],
'version' => $fs_plugin['version'],
'state' => $state,
'description' => $fs_plugin['description'],
);
}
return $plugin_list;
}
/**
* API method
* Performs an action on a plugin
* @param mixed[] $params
* @option string action
* @option string plugin
* @option string pwg_token
*/
function ws_plugins_performAction($params, $service)
{
global $template;
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
define('IN_ADMIN', true);
include_once(PHPWG_ROOT_PATH.'admin/include/plugins.class.php');
$plugins = new plugins();
$errors = $plugins->perform_action($params['action'], $params['plugin']);
if (!empty($errors))
{
return new PwgError(500, $errors);
}
else
{
if (in_array($params['action'], array('activate', 'deactivate')))
{
$template->delete_compiled_templates();
}
return true;
}
}
/**
* API method
* Performs an action on a theme
* @param mixed[] $params
* @option string action
* @option string theme
* @option string pwg_token
*/
function ws_themes_performAction($params, $service)
{
global $template;
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
define('IN_ADMIN', true);
include_once(PHPWG_ROOT_PATH.'admin/include/themes.class.php');
$themes = new themes();
$errors = $themes->perform_action($params['action'], $params['theme']);
if (!empty($errors))
{
return new PwgError(500, $errors);
}
else
{
if (in_array($params['action'], array('activate', 'deactivate')))
{
$template->delete_compiled_templates();
}
return true;
}
}
/**
* API method
* Updates an extension
* @param mixed[] $params
* @option string type
* @option string id
* @option string revision
* @option string pwg_token
* @option bool reactivate (optional - undocumented)
*/
function ws_extensions_update($params, $service)
{
if (!is_webmaster())
{
return new PwgError(401, l10n('Webmaster status is required.'));
}
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
if (!in_array($params['type'], array('plugins', 'themes', 'languages')))
{
return new PwgError(403, "invalid extension type");
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
include_once(PHPWG_ROOT_PATH.'admin/include/'.$params['type'].'.class.php');
$type = $params['type'];
$extension_id = $params['id'];
$revision = $params['revision'];
$extension = new $type();
if ($type == 'plugins')
{
if (
isset($extension->db_plugins_by_id[$extension_id])
and $extension->db_plugins_by_id[$extension_id]['state'] == 'active'
)
{
$extension->perform_action('deactivate', $extension_id);
redirect(PHPWG_ROOT_PATH
. 'ws.php'
. '?method=pwg.extensions.update'
. '&type=plugins'
. '&id=' . $extension_id
. '&revision=' . $revision
. '&reactivate=true'
. '&pwg_token=' . get_pwg_token()
. '&format=json'
);
}
list($upgrade_status) = $extension->perform_action('update', $extension_id, array('revision'=>$revision));
$extension_name = $extension->fs_plugins[$extension_id]['name'];
if (isset($params['reactivate']))
{
$extension->perform_action('activate', $extension_id);
}
}
else if ($type == 'themes')
{
$upgrade_status = $extension->extract_theme_files('upgrade', $revision, $extension_id);
$extension_name = $extension->fs_themes[$extension_id]['name'];
}
else if ($type == 'languages')
{
$upgrade_status = $extension->extract_language_files('upgrade', $revision, $extension_id);
$extension_name = $extension->fs_languages[$extension_id]['name'];
}
global $template;
$template->delete_compiled_templates();
switch ($upgrade_status)
{
case 'ok':
return l10n('%s has been successfully updated.', $extension_name);
case 'temp_path_error':
return new PwgError(null, l10n('Can\'t create temporary file.'));
case 'dl_archive_error':
return new PwgError(null, l10n('Can\'t download archive.'));
case 'archive_error':
return new PwgError(null, l10n('Can\'t read or extract archive.'));
default:
return new PwgError(null, l10n('An error occured during extraction (%s).', $upgrade_status));
}
}
/**
* API method
* Ignore an update
* @param mixed[] $params
* @option string type (optional)
* @option string id (optional)
* @option bool reset
* @option string pwg_token
*/
function ws_extensions_ignoreupdate($params, $service)
{
global $conf;
define('IN_ADMIN', true);
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
if (!is_webmaster())
{
return new PwgError(401, 'Access denied');
}
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
// Reset ignored extension
if ($params['reset'])
{
if (!empty($params['type']) and isset($conf['updates_ignored'][ $params['type'] ]))
{
$conf['updates_ignored'][$params['type']] = array();
}
else
{
$conf['updates_ignored'] = array(
'plugins'=>array(),
'themes'=>array(),
'languages'=>array()
);
}
conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
unset($_SESSION['extensions_need_update']);
return true;
}
if (empty($params['id']) or empty($params['type']) or !in_array($params['type'], array('plugins', 'themes', 'languages')))
{
return new PwgError(403, 'Invalid parameters');
}
// Add or remove extension from ignore list
if (!in_array($params['id'], $conf['updates_ignored'][ $params['type'] ]))
{
$conf['updates_ignored'][ $params['type'] ][] = $params['id'];
}
conf_update_param('updates_ignored', pwg_db_real_escape_string(serialize($conf['updates_ignored'])));
unset($_SESSION['extensions_need_update']);
return true;
}
/**
* API method
* Checks for updates (core and extensions)
* @param mixed[] $params
*/
function ws_extensions_checkupdates($params, $service)
{
global $conf;
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
include_once(PHPWG_ROOT_PATH.'admin/include/updates.class.php');
$update = new updates();
$result = array();
if (!isset($_SESSION['need_update'.PHPWG_VERSION]))
{
$update->check_piwigo_upgrade();
}
$result['piwigo_need_update'] = $_SESSION['need_update'.PHPWG_VERSION];
$conf['updates_ignored'] = unserialize($conf['updates_ignored']);
if (!isset($_SESSION['extensions_need_update']))
{
$update->check_extensions();
}
else
{
$update->check_updated_extensions();
}
if (!is_array($_SESSION['extensions_need_update']))
{
$result['ext_need_update'] = null;
}
else
{
$result['ext_need_update'] = !empty($_SESSION['extensions_need_update']);
}
return $result;
}
?>

308
zoesch.de/galerie/include/ws_functions/pwg.groups.php Normal file
View File

@@ -0,0 +1,308 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns the list of groups
* @param mixed[] $params
* @option int[] group_id (optional)
* @option string name (optional)
*/
function ws_groups_getList($params, &$service)
{
$where_clauses = array('1=1');
if (!empty($params['name']))
{
$where_clauses[] = 'LOWER(name) LIKE \''. pwg_db_real_escape_string($params['name']) .'\'';
}
if (!empty($params['group_id']))
{
$where_clauses[] = 'id IN('. implode(',', $params['group_id']) .')';
}
$query = '
SELECT
g.*, COUNT(user_id) AS nb_users
FROM '. GROUPS_TABLE .' AS g
LEFT JOIN '. USER_GROUP_TABLE .' AS ug
ON ug.group_id = g.id
WHERE '. implode(' AND ', $where_clauses) .'
GROUP BY id
ORDER BY '. $params['order'] .'
LIMIT '. $params['per_page'] .'
OFFSET '. ($params['per_page']*$params['page']) .'
;';
$groups = array_from_query($query);
return array(
'paging' => new PwgNamedStruct(array(
'page' => $params['page'],
'per_page' => $params['per_page'],
'count' => count($groups)
)),
'groups' => new PwgNamedArray($groups, 'group')
);
}
/**
* API method
* Adds a group
* @param mixed[] $params
* @option string name
* @option bool is_default
*/
function ws_groups_add($params, &$service)
{
$params['name'] = pwg_db_real_escape_string($params['name']);
// is the name not already used ?
$query = '
SELECT COUNT(*)
FROM '.GROUPS_TABLE.'
WHERE name = \''.$params['name'].'\'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count != 0)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This name is already used by another group.');
}
// creating the group
single_insert(
GROUPS_TABLE,
array(
'name' => $params['name'],
'is_default' => boolean_to_string($params['is_default']),
)
);
return $service->invoke('pwg.groups.getList', array('group_id' => pwg_db_insert_id()));
}
/**
* API method
* Deletes a group
* @param mixed[] $params
* @option int[] group_id
* @option string pwg_token
*/
function ws_groups_delete($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
$group_id_string = implode(',', $params['group_id']);
// destruction of the access linked to the group
$query = '
DELETE
FROM '. GROUP_ACCESS_TABLE .'
WHERE group_id IN('. $group_id_string .')
;';
pwg_query($query);
// destruction of the users links for this group
$query = '
DELETE
FROM '. USER_GROUP_TABLE .'
WHERE group_id IN('. $group_id_string .')
;';
pwg_query($query);
$query = '
SELECT name
FROM '. GROUPS_TABLE .'
WHERE id IN('. $group_id_string .')
;';
$groupnames = array_from_query($query, 'name');
// destruction of the group
$query = '
DELETE
FROM '. GROUPS_TABLE .'
WHERE id IN('. $group_id_string .')
;';
pwg_query($query);
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
invalidate_user_cache();
return new PwgNamedArray($groupnames, 'group_deleted');
}
/**
* API method
* Updates a group
* @param mixed[] $params
* @option int group_id
* @option string name (optional)
* @option bool is_default (optional)
*/
function ws_groups_setInfo($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
$updates = array();
// does the group exist ?
$query = '
SELECT COUNT(*)
FROM '. GROUPS_TABLE .'
WHERE id = '. $params['group_id'] .'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.');
}
if (!empty($params['name']))
{
$params['name'] = pwg_db_real_escape_string($params['name']);
// is the name not already used ?
$query = '
SELECT COUNT(*)
FROM '. GROUPS_TABLE .'
WHERE name = \''. $params['name'] .'\'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count != 0)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This name is already used by another group.');
}
$updates['name'] = $params['name'];
}
if (!empty($params['is_default']) or @$params['is_default']===false)
{
$updates['is_default'] = boolean_to_string($params['is_default']);
}
single_update(
GROUPS_TABLE,
$updates,
array('id' => $params['group_id'])
);
return $service->invoke('pwg.groups.getList', array('group_id' => $params['group_id']));
}
/**
* API method
* Adds user(s) to a group
* @param mixed[] $params
* @option int group_id
* @option int[] user_id
*/
function ws_groups_addUser($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
// does the group exist ?
$query = '
SELECT COUNT(*)
FROM '. GROUPS_TABLE .'
WHERE id = '. $params['group_id'] .'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.');
}
$inserts = array();
foreach ($params['user_id'] as $user_id)
{
$inserts[] = array(
'group_id' => $params['group_id'],
'user_id' => $user_id,
);
}
mass_inserts(
USER_GROUP_TABLE,
array('group_id', 'user_id'),
$inserts,
array('ignore'=>true)
);
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
invalidate_user_cache();
return $service->invoke('pwg.groups.getList', array('group_id' => $params['group_id']));
}
/**
* API method
* Removes user(s) from a group
* @param mixed[] $params
* @option int group_id
* @option int[] user_id
*/
function ws_groups_deleteUser($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
// does the group exist ?
$query = '
SELECT COUNT(*)
FROM '. GROUPS_TABLE .'
WHERE id = '. $params['group_id'] .'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count == 0)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This group does not exist.');
}
$query = '
DELETE FROM '. USER_GROUP_TABLE .'
WHERE
group_id = '. $params['group_id'] .'
AND user_id IN('. implode(',', $params['user_id']) .')
;';
pwg_query($query);
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
invalidate_user_cache();
return $service->invoke('pwg.groups.getList', array('group_id' => $params['group_id']));
}
?>

1830
zoesch.de/galerie/include/ws_functions/pwg.images.php Normal file
View File

File diff suppressed because it is too large Load Diff

245
zoesch.de/galerie/include/ws_functions/pwg.permissions.php Normal file
View File

@@ -0,0 +1,245 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns permissions
* @param mixed[] $params
* @option int[] cat_id (optional)
* @option int[] group_id (optional)
* @option int[] user_id (optional)
*/
function ws_permissions_getList($params, &$service)
{
$my_params = array_intersect(array_keys($params), array('cat_id','group_id','user_id'));
if (count($my_params) > 1)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Too many parameters, provide cat_id OR user_id OR group_id');
}
$cat_filter = '';
if (!empty($params['cat_id']))
{
$cat_filter = 'WHERE cat_id IN('. implode(',', $params['cat_id']) .')';
}
$perms = array();
// direct users
$query = '
SELECT user_id, cat_id
FROM '. USER_ACCESS_TABLE .'
'. $cat_filter .'
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
if (!isset($perms[ $row['cat_id'] ]))
{
$perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
}
$perms[ $row['cat_id'] ]['users'][] = intval($row['user_id']);
}
// indirect users
$query = '
SELECT ug.user_id, ga.cat_id
FROM '. USER_GROUP_TABLE .' AS ug
INNER JOIN '. GROUP_ACCESS_TABLE .' AS ga
ON ug.group_id = ga.group_id
'. $cat_filter .'
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
if (!isset($perms[ $row['cat_id'] ]))
{
$perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
}
$perms[ $row['cat_id'] ]['users_indirect'][] = intval($row['user_id']);
}
// groups
$query = '
SELECT group_id, cat_id
FROM '. GROUP_ACCESS_TABLE .'
'. $cat_filter .'
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
if (!isset($perms[ $row['cat_id'] ]))
{
$perms[ $row['cat_id'] ]['id'] = intval($row['cat_id']);
}
$perms[ $row['cat_id'] ]['groups'][] = intval($row['group_id']);
}
// filter by group and user
foreach ($perms as $cat_id => &$cat)
{
if (isset($filters['group_id']))
{
if (empty($cat['groups']) or count(array_intersect($cat['groups'], $params['group_id'])) == 0)
{
unset($perms[$cat_id]);
continue;
}
}
if (isset($filters['user_id']))
{
if (
(empty($cat['users_indirect']) or count(array_intersect($cat['users_indirect'], $params['user_id'])) == 0)
and (empty($cat['users']) or count(array_intersect($cat['users'], $params['user_id'])) == 0)
) {
unset($perms[$cat_id]);
continue;
}
}
$cat['groups'] = !empty($cat['groups']) ? array_values(array_unique($cat['groups'])) : array();
$cat['users'] = !empty($cat['users']) ? array_values(array_unique($cat['users'])) : array();
$cat['users_indirect'] = !empty($cat['users_indirect']) ? array_values(array_unique($cat['users_indirect'])) : array();
}
unset($cat);
return array(
'categories' => new PwgNamedArray(
array_values($perms),
'category',
array('id')
)
);
}
/**
* API method
* Add permissions
* @param mixed[] $params
* @option int[] cat_id
* @option int[] group_id (optional)
* @option int[] user_id (optional)
* @option bool recursive
*/
function ws_permissions_add($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
if (!empty($params['group_id']))
{
$cat_ids = get_uppercat_ids($params['cat_id']);
if ($params['recursive'])
{
$cat_ids = array_merge($cat_ids, get_subcat_ids($params['cat_id']));
}
$query = '
SELECT id
FROM '. CATEGORIES_TABLE .'
WHERE id IN ('. implode(',', $cat_ids) .')
AND status = \'private\'
;';
$private_cats = array_from_query($query, 'id');
$inserts = array();
foreach ($private_cats as $cat_id)
{
foreach ($params['group_id'] as $group_id)
{
$inserts[] = array(
'group_id' => $group_id,
'cat_id' => $cat_id
);
}
}
mass_inserts(
GROUP_ACCESS_TABLE,
array('group_id','cat_id'),
$inserts,
array('ignore'=>true)
);
}
if (!empty($params['user_id']))
{
if ($params['recursive']) $_POST['apply_on_sub'] = true;
add_permission_on_category($params['cat_id'], $params['user_id']);
}
return $service->invoke('pwg.permissions.getList', array('cat_id'=>$params['cat_id']));
}
/**
* API method
* Removes permissions
* @param mixed[] $params
* @option int[] cat_id
* @option int[] group_id (optional)
* @option int[] user_id (optional)
*/
function ws_permissions_remove($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
$cat_ids = get_subcat_ids($params['cat_id']);
if (!empty($params['group_id']))
{
$query = '
DELETE
FROM '. GROUP_ACCESS_TABLE .'
WHERE group_id IN ('. implode(',', $params['group_id']).')
AND cat_id IN ('. implode(',', $cat_ids).')
;';
pwg_query($query);
}
if (!empty($params['user_id']))
{
$query = '
DELETE
FROM '. USER_ACCESS_TABLE .'
WHERE user_id IN ('. implode(',', $params['user_id']) .')
AND cat_id IN ('. implode(',', $cat_ids) .')
;';
pwg_query($query);
}
return $service->invoke('pwg.permissions.getList', array('cat_id'=>$params['cat_id']));
}
?>

350
zoesch.de/galerie/include/ws_functions/pwg.php Normal file
View File

@@ -0,0 +1,350 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns a list of missing derivatives (not generated yet)
* @param mixed[] $params
* @option string types (optional)
* @option int[] ids
* @option int max_urls
* @option int prev_page (optional)
*/
function ws_getMissingDerivatives($params, &$service)
{
global $conf;
if (empty($params['types']))
{
$types = array_keys(ImageStdParams::get_defined_type_map());
}
else
{
$types = array_intersect(array_keys(ImageStdParams::get_defined_type_map()), $params['types']);
if (count($types)==0)
{
return new PwgError(WS_ERR_INVALID_PARAM, "Invalid types");
}
}
$max_urls = $params['max_urls'];
$query = 'SELECT MAX(id)+1, COUNT(*) FROM '. IMAGES_TABLE .';';
list($max_id, $image_count) = pwg_db_fetch_row(pwg_query($query));
if (0 == $image_count)
{
return array();
}
$start_id = $params['prev_page'];
if ($start_id<=0)
{
$start_id = $max_id;
}
$uid = '&b='.time();
$conf['question_mark_in_urls'] = $conf['php_extension_in_urls'] = true;
$conf['derivative_url_style'] = 2; //script
$qlimit = min(5000, ceil(max($image_count/500, $max_urls/count($types))));
$where_clauses = ws_std_image_sql_filter( $params, '' );
$where_clauses[] = 'id<start_id';
if (!empty($params['ids']))
{
$where_clauses[] = 'id IN ('.implode(',',$params['ids']).')';
}
$query_model = '
SELECT id, path, representative_ext, width, height, rotation
FROM '. IMAGES_TABLE .'
WHERE '. implode(' AND ', $where_clauses) .'
ORDER BY id DESC
LIMIT '. $qlimit .'
;';
$urls = array();
do
{
$result = pwg_query(str_replace('start_id', $start_id, $query_model));
$is_last = pwg_db_num_rows($result) < $qlimit;
while ($row=pwg_db_fetch_assoc($result))
{
$start_id = $row['id'];
$src_image = new SrcImage($row);
if ($src_image->is_mimetype())
{
continue;
}
foreach($types as $type)
{
$derivative = new DerivativeImage($type, $src_image);
if ($type != $derivative->get_type())
{
continue;
}
if (@filemtime($derivative->get_path())===false)
{
$urls[] = $derivative->get_url().$uid;
}
}
if (count($urls)>=$max_urls and !$is_last)
{
break;
}
}
if ($is_last)
{
$start_id = 0;
}
} while (count($urls)<$max_urls and $start_id);
$ret = array();
if ($start_id)
{
$ret['next_page'] = $start_id;
}
$ret['urls'] = $urls;
return $ret;
}
/**
* API method
* Returns Piwigo version
* @param mixed[] $params
*/
function ws_getVersion($params, &$service)
{
return PHPWG_VERSION;
}
/**
* API method
* Returns general informations about the installation
* @param mixed[] $params
*/
function ws_getInfos($params, &$service)
{
$infos['version'] = PHPWG_VERSION;
$query = 'SELECT COUNT(*) FROM '.IMAGES_TABLE.';';
list($infos['nb_elements']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.';';
list($infos['nb_categories']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NULL;';
list($infos['nb_virtual']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.CATEGORIES_TABLE.' WHERE dir IS NOT NULL;';
list($infos['nb_physical']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.IMAGE_CATEGORY_TABLE.';';
list($infos['nb_image_category']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.TAGS_TABLE.';';
list($infos['nb_tags']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.IMAGE_TAG_TABLE.';';
list($infos['nb_image_tag']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.USERS_TABLE.';';
list($infos['nb_users']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.GROUPS_TABLE.';';
list($infos['nb_groups']) = pwg_db_fetch_row(pwg_query($query));
$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.';';
list($infos['nb_comments']) = pwg_db_fetch_row(pwg_query($query));
// first element
if ($infos['nb_elements'] > 0)
{
$query = 'SELECT MIN(date_available) FROM '.IMAGES_TABLE.';';
list($infos['first_date']) = pwg_db_fetch_row(pwg_query($query));
}
// unvalidated comments
if ($infos['nb_comments'] > 0)
{
$query = 'SELECT COUNT(*) FROM '.COMMENTS_TABLE.' WHERE validated=\'false\';';
list($infos['nb_unvalidated_comments']) = pwg_db_fetch_row(pwg_query($query));
}
foreach ($infos as $name => $value)
{
$output[] = array(
'name' => $name,
'value' => $value,
);
}
return array('infos' => new PwgNamedArray($output, 'item'));
}
/**
* API method
* Adds images to the caddie
* @param mixed[] $params
* @option int[] image_id
*/
function ws_caddie_add($params, &$service)
{
global $user;
$query = '
SELECT id
FROM '. IMAGES_TABLE .'
LEFT JOIN '. CADDIE_TABLE .'
ON id=element_id AND user_id='. $user['id'] .'
WHERE id IN ('. implode(',',$params['image_id']) .')
AND element_id IS NULL
;';
$result = array_from_query($query, 'id');
$datas = array();
foreach ($result as $id)
{
$datas[] = array(
'element_id' => $id,
'user_id' => $user['id'],
);
}
if (count($datas))
{
mass_inserts(
CADDIE_TABLE,
array('element_id','user_id'),
$datas
);
}
return count($datas);
}
/**
* API method
* Deletes rates of an user
* @param mixed[] $params
* @option int user_id
* @option string anonymous_id (optional)
*/
function ws_rates_delete($params, &$service)
{
$query = '
DELETE FROM '. RATE_TABLE .'
WHERE user_id='. $params['user_id'];
if (!empty($params['anonymous_id']))
{
$query .= ' AND anonymous_id=\''.$params['anonymous_id'].'\'';
}
if (!empty($params['image_id']))
{
$query .= ' AND element_id='.$params['image_id'];
}
$changes = pwg_db_changes(pwg_query($query));
if ($changes)
{
include_once(PHPWG_ROOT_PATH.'include/functions_rate.inc.php');
update_rating_score();
}
return $changes;
}
/**
* API method
* Performs a login
* @param mixed[] $params
* @option string username
* @option string password
*/
function ws_session_login($params, &$service)
{
if (try_log_user($params['username'], $params['password'], false))
{
return true;
}
return new PwgError(999, 'Invalid username/password');
}
/**
* API method
* Performs a logout
* @param mixed[] $params
*/
function ws_session_logout($params, &$service)
{
if (!is_a_guest())
{
logout_user();
}
return true;
}
/**
* API method
* Returns info about the current user
* @param mixed[] $params
*/
function ws_session_getStatus($params, &$service)
{
global $user, $conf;
$res['username'] = is_a_guest() ? 'guest' : stripslashes($user['username']);
foreach ( array('status', 'theme', 'language') as $k )
{
$res[$k] = $user[$k];
}
$res['pwg_token'] = get_pwg_token();
$res['charset'] = get_pwg_charset();
list($dbnow) = pwg_db_fetch_row(pwg_query('SELECT NOW();'));
$res['current_datetime'] = $dbnow;
$res['version'] = PHPWG_VERSION;
$res['available_sizes'] = array_keys(ImageStdParams::get_defined_type_map());
if (is_admin())
{
$res['upload_file_types'] = implode(
',',
array_unique(
array_map(
'strtolower',
$conf['upload_form_all_types'] ? $conf['file_ext'] : $conf['picture_ext']
)
)
);
$res['upload_form_chunk_size'] = $conf['upload_form_chunk_size'];
}
return $res;
}
?>

248
zoesch.de/galerie/include/ws_functions/pwg.tags.php Normal file
View File

@@ -0,0 +1,248 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns a list of tags
* @param mixed[] $params
* @option bool sort_by_counter
*/
function ws_tags_getList($params, &$service)
{
$tags = get_available_tags();
if ($params['sort_by_counter'])
{
usort($tags, create_function('$a,$b', 'return -$a["counter"]+$b["counter"];') );
}
else
{
usort($tags, 'tag_alpha_compare');
}
for ($i=0; $i<count($tags); $i++)
{
$tags[$i]['id'] = (int)$tags[$i]['id'];
$tags[$i]['counter'] = (int)$tags[$i]['counter'];
$tags[$i]['url'] = make_index_url(
array(
'section'=>'tags',
'tags'=>array($tags[$i])
)
);
}
return array(
'tags' => new PwgNamedArray(
$tags,
'tag',
ws_std_get_tag_xml_attributes()
)
);
}
/**
* API method
* Returns the list of tags as you can see them in administration
* @param mixed[] $params
*
* Only admin can run this method and permissions are not taken into
* account.
*/
function ws_tags_getAdminList($params, &$service)
{
return array(
'tags' => new PwgNamedArray(
get_all_tags(),
'tag',
ws_std_get_tag_xml_attributes()
)
);
}
/**
* API method
* Returns a list of images for tags
* @param mixed[] $params
* @option int[] tag_id (optional)
* @option string[] tag_url_name (optional)
* @option string[] tag_name (optional)
* @option bool tag_mode_and
* @option int per_page
* @option int page
* @option string order
*/
function ws_tags_getImages($params, &$service)
{
// first build all the tag_ids we are interested in
$tags = find_tags($params['tag_id'], $params['tag_url_name'], $params['tag_name']);
$tags_by_id = array();
foreach ($tags as $tag)
{
$tags['id'] = (int)$tag['id'];
$tags_by_id[ $tag['id'] ] = $tag;
}
unset($tags);
$tag_ids = array_keys($tags_by_id);
$where_clauses = ws_std_image_sql_filter($params);
if (!empty($where_clauses))
{
$where_clauses = implode(' AND ', $where_clauses);
}
$order_by = ws_std_image_sql_order($params, 'i.');
if (!empty($order_by))
{
$order_by = 'ORDER BY '.$order_by;
}
$image_ids = get_image_ids_for_tags(
$tag_ids,
$params['tag_mode_and'] ? 'AND' : 'OR',
$where_clauses,
$order_by
);
$count_set = count($image_ids);
$image_ids = array_slice($image_ids, $params['per_page']*$params['page'], $params['per_page'] );
$image_tag_map = array();
// build list of image ids with associated tags per image
if (!empty($image_ids) and !$params['tag_mode_and'])
{
$query = '
SELECT image_id, GROUP_CONCAT(tag_id) AS tag_ids
FROM '. IMAGE_TAG_TABLE .'
WHERE tag_id IN ('. implode(',', $tag_ids) .')
AND image_id IN ('. implode(',', $image_ids) .')
GROUP BY image_id
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$row['image_id'] = (int)$row['image_id'];
$image_tag_map[ $row['image_id'] ] = explode(',', $row['tag_ids']);
}
}
$images = array();
if (!empty($image_ids))
{
$rank_of = array_flip($image_ids);
$query = '
SELECT *
FROM '. IMAGES_TABLE .'
WHERE id IN ('. implode(',',$image_ids) .')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$image = array();
$image['rank'] = $rank_of[ $row['id'] ];
foreach (array('id', 'width', 'height', 'hit') as $k)
{
if (isset($row[$k]))
{
$image[$k] = (int)$row[$k];
}
}
foreach (array('file', 'name', 'comment', 'date_creation', 'date_available') as $k)
{
$image[$k] = $row[$k];
}
$image = array_merge( $image, ws_std_get_urls($row) );
$image_tag_ids = ($params['tag_mode_and']) ? $tag_ids : $image_tag_map[$image['id']];
$image_tags = array();
foreach ($image_tag_ids as $tag_id)
{
$url = make_index_url(
array(
'section'=>'tags',
'tags'=> array($tags_by_id[$tag_id])
)
);
$page_url = make_picture_url(
array(
'section'=>'tags',
'tags'=> array($tags_by_id[$tag_id]),
'image_id' => $row['id'],
'image_file' => $row['file'],
)
);
$image_tags[] = array(
'id' => (int)$tag_id,
'url' => $url,
'page_url' => $page_url,
);
}
$image['tags'] = new PwgNamedArray($image_tags, 'tag', ws_std_get_tag_xml_attributes() );
$images[] = $image;
}
usort($images, 'rank_compare');
unset($rank_of);
}
return array(
'paging' => new PwgNamedStruct(
array(
'page' => $params['page'],
'per_page' => $params['per_page'],
'count' => count($images),
'total_count' => $count_set,
)
),
'images' => new PwgNamedArray(
$images,
'image',
ws_std_get_image_xml_attributes()
)
);
}
/**
* API method
* Adds a tag
* @param mixed[] $params
* @option string name
*/
function ws_tags_add($params, &$service)
{
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
$creation_output = create_tag($params['name']);
if (isset($creation_output['error']))
{
return new PwgError(500, $creation_output['error']);
}
return $creation_output;
}
?>

624
zoesch.de/galerie/include/ws_functions/pwg.users.php Normal file
View File

@@ -0,0 +1,624 @@
<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based photo gallery |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2016 Piwigo Team http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify |
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation |
// | |
// | This program is distributed in the hope that it will be useful, but |
// | WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
// | General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
/**
* API method
* Returns a list of users
* @param mixed[] $params
* @option int[] user_id (optional)
* @option string username (optional)
* @option string[] status (optional)
* @option int min_level (optional)
* @option int[] group_id (optional)
* @option int per_page
* @option int page
* @option string order
* @option string display
*/
function ws_users_getList($params, &$service)
{
global $conf;
$where_clauses = array('1=1');
if (!empty($params['user_id']))
{
$where_clauses[] = 'u.'.$conf['user_fields']['id'].' IN('. implode(',', $params['user_id']) .')';
}
if (!empty($params['username']))
{
$where_clauses[] = 'u.'.$conf['user_fields']['username'].' LIKE \''.pwg_db_real_escape_string($params['username']).'\'';
}
if (!empty($params['status']))
{
$params['status'] = array_intersect($params['status'], get_enums(USER_INFOS_TABLE, 'status'));
if (count($params['status']) > 0)
{
$where_clauses[] = 'ui.status IN("'. implode('","', $params['status']) .'")';
}
}
if (!empty($params['min_level']))
{
if ( !in_array($params['min_level'], $conf['available_permission_levels']) )
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level');
}
$where_clauses[] = 'ui.level >= '.$params['min_level'];
}
if (!empty($params['group_id']))
{
$where_clauses[] = 'ug.group_id IN('. implode(',', $params['group_id']) .')';
}
$display = array('u.'.$conf['user_fields']['id'] => 'id');
if ($params['display'] != 'none')
{
$params['display'] = array_map('trim', explode(',', $params['display']));
if (in_array('all', $params['display']))
{
$params['display'] = array(
'username','email','status','level','groups','language','theme',
'nb_image_page','recent_period','expand','show_nb_comments','show_nb_hits',
'enabled_high','registration_date','registration_date_string',
'registration_date_since', 'last_visit', 'last_visit_string',
'last_visit_since'
);
}
else if (in_array('basics', $params['display']))
{
$params['display'] = array_merge($params['display'], array(
'username','email','status','level','groups',
));
}
$params['display'] = array_flip($params['display']);
// if registration_date_string or registration_date_since is requested,
// then registration_date is automatically added
if (isset($params['display']['registration_date_string']) or isset($params['display']['registration_date_since']))
{
$params['display']['registration_date'] = true;
}
// if last_visit_string or last_visit_since is requested, then
// last_visit is automatically added
if (isset($params['display']['last_visit_string']) or isset($params['display']['last_visit_since']))
{
$params['display']['last_visit'] = true;
}
if (isset($params['display']['username']))
{
$display['u.'.$conf['user_fields']['username']] = 'username';
}
if (isset($params['display']['email']))
{
$display['u.'.$conf['user_fields']['email']] = 'email';
}
$ui_fields = array(
'status','level','language','theme','nb_image_page','recent_period','expand',
'show_nb_comments','show_nb_hits','enabled_high','registration_date',
'last_visit'
);
foreach ($ui_fields as $field)
{
if (isset($params['display'][$field]))
{
$display['ui.'.$field] = $field;
}
}
}
else
{
$params['display'] = array();
}
$query = '
SELECT DISTINCT ';
$first = true;
foreach ($display as $field => $name)
{
if (!$first) $query.= ', ';
else $first = false;
$query.= $field .' AS '. $name;
}
if (isset($display['ui.last_visit']))
{
if (!$first) $query.= ', ';
$query.= 'ui.last_visit_from_history AS last_visit_from_history';
}
$query.= '
FROM '. USERS_TABLE .' AS u
INNER JOIN '. USER_INFOS_TABLE .' AS ui
ON u.'. $conf['user_fields']['id'] .' = ui.user_id
LEFT JOIN '. USER_GROUP_TABLE .' AS ug
ON u.'. $conf['user_fields']['id'] .' = ug.user_id
WHERE
'. implode(' AND ', $where_clauses) .'
ORDER BY '. $params['order'] .'
LIMIT '. $params['per_page'] .'
OFFSET '. ($params['per_page']*$params['page']) .'
;';
$users = array();
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$row['id'] = intval($row['id']);
if (isset($params['display']['groups']))
{
$row['groups'] = array(); // will be filled later
}
$users[ $row['id'] ] = $row;
}
if (count($users) > 0)
{
if (isset($params['display']['groups']))
{
$query = '
SELECT user_id, group_id
FROM '. USER_GROUP_TABLE .'
WHERE user_id IN ('. implode(',', array_keys($users)) .')
;';
$result = pwg_query($query);
while ($row = pwg_db_fetch_assoc($result))
{
$users[ $row['user_id'] ]['groups'][] = intval($row['group_id']);
}
}
if (isset($params['display']['registration_date_string']))
{
foreach ($users as $cur_user)
{
$users[$cur_user['id']]['registration_date_string'] = format_date($cur_user['registration_date'], array('day', 'month', 'year'));
}
}
if (isset($params['display']['registration_date_since']))
{
foreach ($users as $cur_user)
{
$users[ $cur_user['id'] ]['registration_date_since'] = time_since($cur_user['registration_date'], 'month');
}
}
if (isset($params['display']['last_visit']))
{
foreach ($users as $cur_user)
{
$last_visit = $cur_user['last_visit'];
$users[ $cur_user['id'] ]['last_visit'] = $last_visit;
if (!get_boolean($cur_user['last_visit_from_history']) and empty($last_visit))
{
$last_visit = get_user_last_visit_from_history($cur_user['id'], true);
$users[ $cur_user['id'] ]['last_visit'] = $last_visit;
}
if (isset($params['display']['last_visit_string']))
{
$users[ $cur_user['id'] ]['last_visit_string'] = format_date($last_visit, array('day', 'month', 'year'));
}
if (isset($params['display']['last_visit_since']))
{
$users[ $cur_user['id'] ]['last_visit_since'] = time_since($last_visit, 'day');
}
}
}
}
$users = trigger_change('ws_users_getList', $users);
return array(
'paging' => new PwgNamedStruct(
array(
'page' => $params['page'],
'per_page' => $params['per_page'],
'count' => count($users)
)
),
'users' => new PwgNamedArray(array_values($users), 'user')
);
}
/**
* API method
* Adds a user
* @param mixed[] $params
* @option string username
* @option string password (optional)
* @option string email (optional)
*/
function ws_users_add($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
global $conf;
if ($conf['double_password_type_in_admin'])
{
if ($params['password'] != $params['password_confirm'])
{
return new PwgError(WS_ERR_INVALID_PARAM, l10n('The passwords do not match'));
}
}
$user_id = register_user(
$params['username'],
$params['password'],
$params['email'],
false, // notify admin
$errors,
$params['send_password_by_mail']
);
if (!$user_id)
{
return new PwgError(WS_ERR_INVALID_PARAM, $errors[0]);
}
return $service->invoke('pwg.users.getList', array('user_id'=>$user_id));
}
/**
* API method
* Deletes users
* @param mixed[] $params
* @option int[] user_id
* @option string pwg_token
*/
function ws_users_delete($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
global $conf, $user;
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
$protected_users = array(
$user['id'],
$conf['guest_id'],
$conf['default_user_id'],
$conf['webmaster_id'],
);
// an admin can't delete other admin/webmaster
if ('admin' == $user['status'])
{
$query = '
SELECT
user_id
FROM '.USER_INFOS_TABLE.'
WHERE status IN (\'webmaster\', \'admin\')
;';
$protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
}
// protect some users
$params['user_id'] = array_diff($params['user_id'], $protected_users);
$counter = 0;
foreach ($params['user_id'] as $user_id)
{
delete_user($user_id);
$counter++;
}
return l10n_dec(
'%d user deleted', '%d users deleted',
$counter
);
}
/**
* API method
* Updates users
* @param mixed[] $params
* @option int[] user_id
* @option string username (optional)
* @option string password (optional)
* @option string email (optional)
* @option string status (optional)
* @option int level (optional)
* @option string language (optional)
* @option string theme (optional)
* @option int nb_image_page (optional)
* @option int recent_period (optional)
* @option bool expand (optional)
* @option bool show_nb_comments (optional)
* @option bool show_nb_hits (optional)
* @option bool enabled_high (optional)
*/
function ws_users_setInfo($params, &$service)
{
if (get_pwg_token() != $params['pwg_token'])
{
return new PwgError(403, 'Invalid security token');
}
global $conf, $user;
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
$updates = $updates_infos = array();
$update_status = null;
if (count($params['user_id']) == 1)
{
if (get_username($params['user_id'][0]) === false)
{
return new PwgError(WS_ERR_INVALID_PARAM, 'This user does not exist.');
}
if (!empty($params['username']))
{
$user_id = get_userid($params['username']);
if ($user_id and $user_id != $params['user_id'][0])
{
return new PwgError(WS_ERR_INVALID_PARAM, l10n('this login is already used'));
}
if ($params['username'] != strip_tags($params['username']))
{
return new PwgError(WS_ERR_INVALID_PARAM, l10n('html tags are not allowed in login'));
}
$updates[ $conf['user_fields']['username'] ] = $params['username'];
}
if (!empty($params['email']))
{
if ( ($error = validate_mail_address($params['user_id'][0], $params['email'])) != '')
{
return new PwgError(WS_ERR_INVALID_PARAM, $error);
}
$updates[ $conf['user_fields']['email'] ] = $params['email'];
}
if (!empty($params['password']))
{
if (!is_webmaster())
{
$password_protected_users = array($conf['guest_id']);
$query = '
SELECT
user_id
FROM '.USER_INFOS_TABLE.'
WHERE status IN (\'webmaster\', \'admin\')
;';
$admin_ids = query2array($query, null, 'user_id');
// we add all admin+webmaster users BUT the user herself
$password_protected_users = array_merge($password_protected_users, array_diff($admin_ids, array($user['id'])));
if (in_array($params['user_id'][0], $password_protected_users))
{
return new PwgError(403, 'Only webmasters can change password of other "webmaster/admin" users');
}
}
$updates[ $conf['user_fields']['password'] ] = $conf['password_hash']($params['password']);
}
}
if (!empty($params['status']))
{
if (in_array($params['status'], array('webmaster', 'admin')) and !is_webmaster() )
{
return new PwgError(403, 'Only webmasters can grant "webmaster/admin" status');
}
if ( !in_array($params['status'], array('guest','generic','normal','admin','webmaster')) )
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid status');
}
$protected_users = array(
$user['id'],
$conf['guest_id'],
$conf['webmaster_id'],
);
// an admin can't change status of other admin/webmaster
if ('admin' == $user['status'])
{
$query = '
SELECT
user_id
FROM '.USER_INFOS_TABLE.'
WHERE status IN (\'webmaster\', \'admin\')
;';
$protected_users = array_merge($protected_users, query2array($query, null, 'user_id'));
}
// status update query is separated from the rest as not applying to the same
// set of users (current, guest and webmaster can't be changed)
$params['user_id_for_status'] = array_diff($params['user_id'], $protected_users);
$update_status = $params['status'];
}
if (!empty($params['level']) or @$params['level']===0)
{
if ( !in_array($params['level'], $conf['available_permission_levels']) )
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid level');
}
$updates_infos['level'] = $params['level'];
}
if (!empty($params['language']))
{
if ( !in_array($params['language'], array_keys(get_languages())) )
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid language');
}
$updates_infos['language'] = $params['language'];
}
if (!empty($params['theme']))
{
if ( !in_array($params['theme'], array_keys(get_pwg_themes())) )
{
return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid theme');
}
$updates_infos['theme'] = $params['theme'];
}
if (!empty($params['nb_image_page']))
{
$updates_infos['nb_image_page'] = $params['nb_image_page'];
}
if (!empty($params['recent_period']) or @$params['recent_period']===0)
{
$updates_infos['recent_period'] = $params['recent_period'];
}
if (!empty($params['expand']) or @$params['expand']===false)
{
$updates_infos['expand'] = boolean_to_string($params['expand']);
}
if (!empty($params['show_nb_comments']) or @$params['show_nb_comments']===false)
{
$updates_infos['show_nb_comments'] = boolean_to_string($params['show_nb_comments']);
}
if (!empty($params['show_nb_hits']) or @$params['show_nb_hits']===false)
{
$updates_infos['show_nb_hits'] = boolean_to_string($params['show_nb_hits']);
}
if (!empty($params['enabled_high']) or @$params['enabled_high']===false)
{
$updates_infos['enabled_high'] = boolean_to_string($params['enabled_high']);
}
// perform updates
single_update(
USERS_TABLE,
$updates,
array($conf['user_fields']['id'] => $params['user_id'][0])
);
if (isset($updates[ $conf['user_fields']['password'] ]))
{
deactivate_user_auth_keys($params['user_id'][0]);
}
if (isset($update_status) and count($params['user_id_for_status']) > 0)
{
$query = '
UPDATE '. USER_INFOS_TABLE .' SET
status = "'. $update_status .'"
WHERE user_id IN('. implode(',', $params['user_id_for_status']) .')
;';
pwg_query($query);
}
if (count($updates_infos) > 0)
{
$query = '
UPDATE '. USER_INFOS_TABLE .' SET ';
$first = true;
foreach ($updates_infos as $field => $value)
{
if (!$first) $query.= ', ';
else $first = false;
$query.= $field .' = "'. $value .'"';
}
$query.= '
WHERE user_id IN('. implode(',', $params['user_id']) .')
;';
pwg_query($query);
}
// manage association to groups
if (!empty($params['group_id']))
{
$query = '
DELETE
FROM '.USER_GROUP_TABLE.'
WHERE user_id IN ('.implode(',', $params['user_id']).')
;';
pwg_query($query);
// we remove all provided groups that do not really exist
$query = '
SELECT
id
FROM '.GROUPS_TABLE.'
WHERE id IN ('.implode(',', $params['group_id']).')
;';
$group_ids = array_from_query($query, 'id');
// if only -1 (a group id that can't exist) is in the list, then no
// group is associated
if (count($group_ids) > 0)
{
$inserts = array();
foreach ($group_ids as $group_id)
{
foreach ($params['user_id'] as $user_id)
{
$inserts[] = array('user_id' => $user_id, 'group_id' => $group_id);
}
}
mass_inserts(USER_GROUP_TABLE, array_keys($inserts[0]), $inserts);
}
}
invalidate_user_cache();
return $service->invoke('pwg.users.getList', array(
'user_id' => $params['user_id'],
'display' => 'basics,'.implode(',', array_keys($updates_infos)),
));
}
?>