<?php
/**
* PIGALLE
* Action handling
*
* @author Philip Iezzi <hide@address.com>
* @copyright Copyright (c) 2002-2007 PHPEE.COM
* @license http://opensource.org/licenses/gpl-license.php GNU General Public License
* @version $Id: actions.inc.php 3005 2007-12-08 11:18:31Z piezzi $
*
* ----------------------------------------------------------------------
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* ----------------------------------------------------------------------
*/
if (!defined('PIGA_IN')) die("Hacking attempt!");
$piga_action = (defined('PIGA_FORCE_ACTION')) ? PIGA_FORCE_ACTION : Sd_Query::get('action');
Sd_Query::unsetvar('action');
switch($USER->getAuthState()) {
case Sd_User::STATE_ADM:
// system maintainer actions here
switch($piga_action) {
case PIGA_ACTION_CREATETBLS: // deprecated (not used due to auto-install)
$COMMON->loadTables();
break;
case PIGA_ACTION_IMPORTWIHSY:
$wp_conf = array();
$wp_conf['dsn'] = array(
'driver' => (Sd_Query::get('wp_db_prov')) ? Sd_Query::get('wp_db_prov') : $SOURD->getConf('dsn:driver'),
'hostspec' => (Sd_Query::get('wp_db_host')) ? Sd_Query::get('wp_db_host') : $SOURD->getConf('dsn:hostspec'),
'port' => (Sd_Query::get('wp_db_port')) ? Sd_Query::get('wp_db_port') : $SOURD->getConf('dsn:port'),
'database' => (Sd_Query::get('wp_db_name')) ? Sd_Query::get('wp_db_name') : $SOURD->getConf('dsn:database'),
'username' => (Sd_Query::get('wp_db_user')) ? Sd_Query::get('wp_db_user') : $SOURD->getConf('dsn:username'),
'password' => (Sd_Query::get('wp_db_pwd')) ? Sd_Query::get('wp_db_pwd') : $SOURD->getConf('dsn:password'),
);
$wp_conf['dboptions'] = array(
'persistent' => $SOURD->getConf('dboptions:persistent'),
'prefix' => ''
);
$wp_tbl_start = (Sd_Query::get('wp_tbl_start')) ? Sd_Query::get('wp_tbl_start') : 'wp_start';
$wp_tbl_photo = (Sd_Query::get('wp_tbl_photo')) ? Sd_Query::get('wp_tbl_photo') : 'wp_photoinfo';
// Get a new framework instance to connect to a second DB on the same
// or on a different DBMS where your Wihphoto data is located
$WP_SOURD = new Sourdough($wp_conf);
$WP_DB = $WP_SOURD->Db();
$WP_SQL = $WP_SOURD->SqlHelper();
// get all pictures of the current album from the DB
$WP_SQL->create($wp_tbl_start);
$WP_SQL->execute();
$rs1 = $WP_SQL->db->getRecordset();
while ($rs1->moveNext()) {
$currAlb = $rs1->record['album'];
$currAlbID = false;
// get the ID of the current album
$SQL->create(PIGA_TBL_ALBUM, "name='$currAlb'");
$SQL->addField('id');
$SQL->execute();
while ($SQL->db->moveNext()) {
$currAlbID = @$SQL->db->record['id'];
}
// album exists in the Pigalle environment
if ($currAlbID) {
// get the ID of the start photo
$startPhoto = $COMMON->albumFilename(substr($rs1->record['photo'], strlen($currAlb)+1));
$SQL->create(PIGA_TBL_PICTURE, "filename='$startPhoto' AND albumid=$currAlbID");
$SQL->addField('id');
$SQL->execute();
$startPhotoID = 0;
while ($SQL->db->moveNext()) {
$startPhotoID = @$SQL->db->record['id'];
}
// filter unused tags
$alb_description = $COMMON->filterHTMLtags($rs1->record['information'], TRUE);
// import album description and frontpic
$SQL->create(PIGA_TBL_ALBUM, "name='$currAlb'", Sd_SqlHelper::EXEC_UPDATE);
$SQL->addFields(array('descr' => addslashes($alb_description), 'frontpic' => $startPhotoID));
$SQL->execute();
// get the picture description of Wihsy
$WP_SQL->create($wp_tbl_photo, "album='$currAlb'");
$WP_SQL->addFields(array('picture', 'description'));
$WP_SQL->execute();
$rs2 = $WP_SQL->db->getRecordset();
while ($rs2->moveNext()) {
// import all picture descritions to Pigalle
$SQL->create(PIGA_TBL_PICTURE, "albumid=$currAlbID AND filename='".$rs2->record['picture']."'", Sd_SqlHelper::EXEC_UPDATE);
$SQL->addFields(array('descr' => $rs2->record['description']));
$SQL->execute();
}
}
}
break;
case PIGA_ACTION_CLEANUPHTML:
$SQL->create(PIGA_TBL_ALBUM);
$SQL->addFields(array('id', 'descr'));
$SQL->execute();
$rs1 = $SQL->db->getRecordset();
while ($rs1->moveNext()) {
$alb_description = $COMMON->filterHTMLtags($rs1->record['descr']);
$SQL->create(PIGA_TBL_ALBUM, "id=".$rs1->record['id'], Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('descr', $alb_description);
$SQL->execute();
}
break;
case PIGA_ACTION_MOVEUP:
case PIGA_ACTION_MOVEDOWN:
$alb_custord = (int) Sd_Query::get('custord');
$curr_albumId = Sd_Query::get('albid');
$new_custorder = ($piga_action == PIGA_ACTION_MOVEUP) ? $alb_custord - 1 : $alb_custord + 1;
if($piga_action == PIGA_ACTION_MOVEDOWN)
$total_albums = $COMMON->getTotalAlbums();
// only move down album if not first and only move album up if not last
if(($piga_action == PIGA_ACTION_MOVEUP && $new_custorder > 0) ||
($piga_action == PIGA_ACTION_MOVEDOWN && $new_custorder <= $total_albums)) {
$SQL->create(PIGA_TBL_ALBUM, "custorder = ".$new_custorder, Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('custorder', $alb_custord);
$SQL->execute();
$SQL->create(PIGA_TBL_ALBUM, "id = $curr_albumId", Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('custorder', $new_custorder);
$SQL->execute();
}
Sd_Util::redirect();
break;
case PIGA_ACTION_ADMIN_SETTINGS:
$piga_settings = Sd_Query::get('piga', Sd_Query::VT_POST);
$piga_settings_orig = Sd_Query::get('piga_orig', Sd_Query::VT_POST);
$piga_settings_changed = Sd_Array::diffKeys($piga_settings, $piga_settings_orig);
while(list($key,$value) = each($piga_settings_changed)) {
$SETTINGS->set($key, $value);
$SETTINGS->store($key);
}
Sd_Util::redirect(PIGA_PAGE_FRONT);
break;
case PIGA_ACTION_ADMIN_USEREDIT:
$piga_useredit = Sd_Query::get('piga', Sd_Query::VT_POST);
$piga_useredit_orig = Sd_Query::get('piga_orig', Sd_Query::VT_POST);
$piga_useredit_changed = Sd_Array::diffKeys($piga_useredit, $piga_useredit_orig);
if(@$piga_useredit_changed['password']) {
if($piga_useredit_changed['password'] != @$piga_useredit_changed['pwconfirm']) {
unset($piga_useredit_changed['password']);
} else {
$piga_useredit_changed['password'] = md5($piga_useredit_changed['password']);
}
unset($piga_useredit_changed['pwconfirm']);
}
// update all changed values in user table
if(!empty($piga_useredit_changed)) {
$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_POST), Sd_SqlHelper::EXEC_UPDATE);
$SQL->addFields($piga_useredit_changed);
$SQL->execute();
}
// reload language file if changed
if(@$piga_useredit_changed['lang']) {
include_once($SOURD->getConf('path:lang').$piga_useredit_changed['lang'].'/'.PIGA_INC_LANG_MAIN);
}
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
case PIGA_ACTION_ADMIN_NEWUSER:
$piga_useredit = Sd_Query::get('piga', Sd_Query::VT_POST);
if(@$piga_useredit['password'] != @$piga_useredit['pwconfirm']) {
unset($piga_useredit['password']);
} else {
$piga_useredit['password'] = md5(@$piga_useredit['password']);
}
unset($piga_useredit['pwconfirm']);
if(!empty($piga_useredit)) {
$SQL->create(PIGA_TBL_USER, '', Sd_SqlHelper::EXEC_INSERT);
$SQL->addFields($piga_useredit);
//echo $SQL->getCommand();
$SQL->execute();
}
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
case PIGA_ACTION_CHANGE_BOOLACT:
$boolState = (Sd_Query::get('state', Sd_Query::VT_GET)) ? '{TRUE}' : '{FALSE}';
$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('boolactive', $boolState);
$SQL->execute();
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
case PIGA_ACTION_CHANGE_BOOLMOD:
$boolMod = Sd_Query::get('state', Sd_Query::VT_GET);
$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('level', ($boolMod) ? 2 : 1);
$SQL->execute();
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
case PIGA_ACTION_CHANGE_BOOLADM:
$boolAdm = Sd_Query::get('state', Sd_Query::VT_GET);
$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('level', ($boolAdm) ? 3 : 2);
$SQL->execute();
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
case PIGA_ACTION_ADMIN_DELUSER:
$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_DELETE);
$SQL->execute();
$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
break;
}
// no break statement! -> fall through
case Sd_User::STATE_MOD:
// moderator actions here
switch($piga_action) {
case PIGA_ACTION_DELALBUM:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
//TODO: delete confirmation (removal of dirs currently disabled)
//Sd_File::rmr_dir(PIGA_ALBUMS_PATH.$curr_album);
//Sd_File::rmr_dir(PIGA_CACHE_PATH.$curr_album);
Sd_Util::redirect();
break;
case PIGA_ACTION_DELIMAGE:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
$curr_img = Sd_Query::get('pic', Sd_Query::VT_GET);
@unlink(PIGA_ALBUMS_PATH.$curr_album.PATHDELIM.$curr_img);
Sd_Util::redirect();
break;
case PIGA_ACTION_CLEANALBUMCACHE:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
$ALBUM = new Album($curr_album);
$ALBUM->scanDirs();
$COMMON->refreshCache($ALBUM);
Sd_Util::redirect();
break;
case PIGA_ACTION_CLEANALLCACHE:
$SQL->create(PIGA_TBL_ALBUM);
$SQL->addField('name');
$SQL->execute();
$rs = $SQL->db->getRecordset();
while ($rs->moveNext()){
$ALBUM = new Album($rs->record['name']);
$ALBUM->scanDirs();
$COMMON->refreshCache($ALBUM);
unset($ALBUM);
}
Sd_Util::redirect();
break;
case PIGA_ACTION_MAINPIC:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
$curr_pic = Sd_Query::get('pic', Sd_Query::VT_GET);
$COMMON->setMainPic($curr_album, $curr_pic);
break;
case PIGA_ACTION_MAINPICSUPER:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
$curr_pic = Sd_Query::get('pic', Sd_Query::VT_GET);
$COMMON->setMainPic($curr_album, $curr_pic, true);
break;
case PIGA_ACTION_ROTATE:
$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
$curr_pic = Sd_Query::get('pic', Sd_Query::VT_GET);
$rotate_deg = Sd_Query::get('rot', Sd_Query::VT_GET);
$ALBUM = new Album($curr_album);
$ALBUM->scanDirs();
$picture_info = $ALBUM->getPictureInfo($curr_pic);
if($rotate_deg == 'exif') {
$new_angle = Sd_Exif::getExifRotateDegree($picture_info['exif_orientation']);
} else {
$new_angle = (int) $rotate_deg + $picture_info['rotatedegree'];
if($new_angle < 0) $new_angle += 360;
$new_angle = (int) ($new_angle % 360);
}
if($new_angle === 90 || $new_angle === 180 || $new_angle === 270 || $new_angle === 0) {
$SQL->create(PIGA_TBL_PICTURE, 'id='.((int) $picture_info['id']), Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('rotatedegree', $new_angle);
$SQL->execute();
$ALBUM->deleteCacheImages($curr_pic);
}
Sd_Util::redirect();
break;
case PIGA_ACTION_ALBUMEDIT:
// break here if user pressed the cancel button
if(!Sd_Query::get('pigaform-change', Sd_Query::VT_POST)) break;
$curr_album = Sd_Query::get('alb');
$pigaform = Sd_Query::get('pigaform', Sd_Query::VT_POST);
$description = Sd_Query::get('description', Sd_Query::VT_POST);
$ALBUM = new Album($curr_album);
$album_tsfrom = Sd_Time::gmMakeTimestamp($pigaform['date_from_y'], $pigaform['date_from_m'], $pigaform['date_from_d']);
$album_tsto = Sd_Time::gmMakeTimestamp($pigaform['date_to_y'], $pigaform['date_to_m'], $pigaform['date_to_d']);
if(!Sd_Time::equalDay($ALBUM->getInfo('date'), $album_tsfrom)) {
$ALBUM->setInfo('date', $album_tsfrom);
}
if(!Sd_Time::equalDay($ALBUM->getInfo('dateto'), $album_tsto)) {
$ALBUM->setInfo('dateto', $album_tsto);
}
$ALBUM->setInfo('title', $pigaform['alb_title']);
$ALBUM->setInfo('descr', $description);
$ALBUM->setInfo('boolppcode', @$pigaform['bbcode_on']);
$ALBUM->setInfo('picsorderby', $pigaform['pics_order_by']);
$ALBUM->setInfo('picsorderdesc', $pigaform['pics_order_desc']);
if($ALBUM->getInfo('name') != $pigaform['dirname']) {
// move album to new directory
$ALBUM->moveTo($pigaform['dirname']);
}
$ALBUM->storeInfo();
Sd_Query::unsetvar('alb');
break;
}
// no break statement! -> fall through
case Sd_User::STATE_USR:
// user actions here
// no break statement! -> fall through
default:
// all other actions that should be available to everybody
switch($piga_action) {
case PIGA_ACTION_LOGIN:
break;
case PIGA_ACTION_WRONGPW:
// hack delay to prevent a brute-force attack
sleep($SETTINGS->get('hack_delay'));
break;
case PIGA_ACTION_LOGOUT:
$AUTH->logout();
Sd_Util::redirect();
break;
case PIGA_ACTION_DUMMY:
$piga_message = __('I18N_MSG_NOT_IMPLEMENT');
break;
case PIGA_ACTION_UPDATEDB:
// Check current version and run updates if required
$piga_dbversion = $SETTINGS->get('current_version');
// break here if no update required
if($piga_dbversion == PIGA_CURRVER) break;
// Pigalle 0.71-alpha is the first public release.
// Update actions prior to version 0.71-alpha have been removed.
// You may still access them through CVS, v 1.83 2004/05/06 of this document.
// incremental updates
if(version_compare($piga_dbversion, '0.72-alpha', '<')) {
// fix broken album_order_col setting if required
if (!ereg('name|title|date|dateto|timestamp|custorder', $SETTINGS->get('album_order_col'))) {
$SQL->create(PIGA_TBL_SETTING, "setting='album_order_col'", Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('value', 'date');
$SQL->execute();
}
}
if(version_compare($piga_dbversion, '0.74-alpha', '<')) {
// delete deprecated setting 'image_library', moved to config.inc.php
$SQL->create(PIGA_TBL_SETTING, "setting='image_library'", Sd_SqlHelper::EXEC_DELETE);
$SQL->execute();
}
// update current_version setting to current version
if(version_compare($piga_dbversion, PIGA_CURRVER, '<')) {
$SQL->create(PIGA_TBL_SETTING, "setting='current_version'", Sd_SqlHelper::EXEC_UPDATE);
$SQL->addField('value', PIGA_CURRVER);
$SQL->execute();
}
// display update message
$piga_message = sprintf(__('I18N_MSG_UPDATE_AUTO'), PIGA_CURRVER, $piga_dbversion);
break;
}
}
?>