Location: PHPKode > projects > Pigalle > pigalle/private/actions.inc.php
<?php
/**
* PIGALLE
* Action handling
*
* @author       Philip Iezzi <hide@address.com>
* @copyright    Copyright (c) 2002-2007 PHPEE.COM
* @license      http://opensource.org/licenses/gpl-license.php GNU General Public License
* @version      $Id: actions.inc.php 3005 2007-12-08 11:18:31Z piezzi $
*
* ----------------------------------------------------------------------
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* ----------------------------------------------------------------------
*/

if (!defined('PIGA_IN')) die("Hacking attempt!");

$piga_action = (defined('PIGA_FORCE_ACTION')) ? PIGA_FORCE_ACTION : Sd_Query::get('action');
Sd_Query::unsetvar('action');

switch($USER->getAuthState()) {
	case Sd_User::STATE_ADM:
		// system maintainer actions here
		switch($piga_action) {
			case PIGA_ACTION_CREATETBLS: // deprecated (not used due to auto-install)
				$COMMON->loadTables();
				break;
			case PIGA_ACTION_IMPORTWIHSY:
				$wp_conf = array();
				$wp_conf['dsn'] = array(
					'driver'      => (Sd_Query::get('wp_db_prov'))   ? Sd_Query::get('wp_db_prov')   : $SOURD->getConf('dsn:driver'),
					'hostspec'    => (Sd_Query::get('wp_db_host'))   ? Sd_Query::get('wp_db_host')   : $SOURD->getConf('dsn:hostspec'),
					'port'        => (Sd_Query::get('wp_db_port'))   ? Sd_Query::get('wp_db_port')   : $SOURD->getConf('dsn:port'),
					'database'    => (Sd_Query::get('wp_db_name'))   ? Sd_Query::get('wp_db_name')   : $SOURD->getConf('dsn:database'),
					'username'    => (Sd_Query::get('wp_db_user'))   ? Sd_Query::get('wp_db_user')   : $SOURD->getConf('dsn:username'),
					'password'    => (Sd_Query::get('wp_db_pwd'))    ? Sd_Query::get('wp_db_pwd')    : $SOURD->getConf('dsn:password'),
				);
				$wp_conf['dboptions'] = array(
					'persistent'  => $SOURD->getConf('dboptions:persistent'),
					'prefix'      => ''
				);
				$wp_tbl_start     =  (Sd_Query::get('wp_tbl_start')) ? Sd_Query::get('wp_tbl_start') : 'wp_start';
				$wp_tbl_photo     =  (Sd_Query::get('wp_tbl_photo')) ? Sd_Query::get('wp_tbl_photo') : 'wp_photoinfo';
				
				// Get a new framework instance to connect to a second DB on the same 
				// or on a different DBMS where your Wihphoto data is located
				$WP_SOURD = new Sourdough($wp_conf);
				$WP_DB    = $WP_SOURD->Db();
				$WP_SQL   = $WP_SOURD->SqlHelper();
				
				// get all pictures of the current album from the DB
				$WP_SQL->create($wp_tbl_start);
				$WP_SQL->execute();
				
				$rs1 = $WP_SQL->db->getRecordset();
				while ($rs1->moveNext()) {
					$currAlb = $rs1->record['album'];
					$currAlbID = false;
					
					// get the ID of the current album
					$SQL->create(PIGA_TBL_ALBUM, "name='$currAlb'");
					$SQL->addField('id');
					$SQL->execute();
					while ($SQL->db->moveNext()) {
						$currAlbID = @$SQL->db->record['id'];
					}
					
					// album exists in the Pigalle environment
					if ($currAlbID) {
						// get the ID of the start photo
						$startPhoto = $COMMON->albumFilename(substr($rs1->record['photo'], strlen($currAlb)+1));
						$SQL->create(PIGA_TBL_PICTURE, "filename='$startPhoto' AND albumid=$currAlbID");
						$SQL->addField('id');
						$SQL->execute();
						$startPhotoID = 0;
						while ($SQL->db->moveNext()) {
							$startPhotoID = @$SQL->db->record['id'];
						}
						
						// filter unused tags
						$alb_description = $COMMON->filterHTMLtags($rs1->record['information'], TRUE);
						
						// import album description and frontpic
						$SQL->create(PIGA_TBL_ALBUM, "name='$currAlb'", Sd_SqlHelper::EXEC_UPDATE);
						$SQL->addFields(array('descr' => addslashes($alb_description), 'frontpic' => $startPhotoID));
						$SQL->execute();
						
						// get the picture description of Wihsy
						$WP_SQL->create($wp_tbl_photo, "album='$currAlb'");
						$WP_SQL->addFields(array('picture', 'description'));
						$WP_SQL->execute();
						$rs2 = $WP_SQL->db->getRecordset();
						while ($rs2->moveNext()) {
							// import all picture descritions to Pigalle
							$SQL->create(PIGA_TBL_PICTURE, "albumid=$currAlbID AND filename='".$rs2->record['picture']."'", Sd_SqlHelper::EXEC_UPDATE);
							$SQL->addFields(array('descr' => $rs2->record['description']));
							$SQL->execute();
						}
					}
				}
				break;
			case PIGA_ACTION_CLEANUPHTML:
				$SQL->create(PIGA_TBL_ALBUM);
				$SQL->addFields(array('id', 'descr'));
				$SQL->execute();
				
				$rs1 = $SQL->db->getRecordset();
				while ($rs1->moveNext()) {
					$alb_description = $COMMON->filterHTMLtags($rs1->record['descr']);
					
					$SQL->create(PIGA_TBL_ALBUM, "id=".$rs1->record['id'], Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addField('descr', $alb_description);
					$SQL->execute();
				}
				break;
			case PIGA_ACTION_MOVEUP:
			case PIGA_ACTION_MOVEDOWN:
				$alb_custord  = (int) Sd_Query::get('custord');
				$curr_albumId = Sd_Query::get('albid');
				$new_custorder = ($piga_action == PIGA_ACTION_MOVEUP) ? $alb_custord - 1 : $alb_custord + 1;
				if($piga_action == PIGA_ACTION_MOVEDOWN)
					$total_albums = $COMMON->getTotalAlbums();
				// only move down album if not first and only move album up if not last
				if(($piga_action == PIGA_ACTION_MOVEUP && $new_custorder > 0) ||
				   ($piga_action == PIGA_ACTION_MOVEDOWN && $new_custorder <= $total_albums)) {
					$SQL->create(PIGA_TBL_ALBUM, "custorder = ".$new_custorder, Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addField('custorder', $alb_custord);
					$SQL->execute();
					$SQL->create(PIGA_TBL_ALBUM, "id = $curr_albumId", Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addField('custorder', $new_custorder);
					$SQL->execute();
				}
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_ADMIN_SETTINGS:
				$piga_settings      = Sd_Query::get('piga', Sd_Query::VT_POST);
				$piga_settings_orig = Sd_Query::get('piga_orig', Sd_Query::VT_POST);
				
				$piga_settings_changed = Sd_Array::diffKeys($piga_settings, $piga_settings_orig);
				while(list($key,$value) = each($piga_settings_changed)) {
					$SETTINGS->set($key, $value);
					$SETTINGS->store($key);
				}
				Sd_Util::redirect(PIGA_PAGE_FRONT);
				break;
			case PIGA_ACTION_ADMIN_USEREDIT:
				$piga_useredit      = Sd_Query::get('piga', Sd_Query::VT_POST);
				$piga_useredit_orig = Sd_Query::get('piga_orig', Sd_Query::VT_POST);
				
				$piga_useredit_changed = Sd_Array::diffKeys($piga_useredit, $piga_useredit_orig);
				if(@$piga_useredit_changed['password']) {
					if($piga_useredit_changed['password'] != @$piga_useredit_changed['pwconfirm']) {
						unset($piga_useredit_changed['password']);
					} else {
						$piga_useredit_changed['password'] = md5($piga_useredit_changed['password']);
					}
					unset($piga_useredit_changed['pwconfirm']);
				}
				// update all changed values in user table
				if(!empty($piga_useredit_changed)) {
					$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_POST), Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addFields($piga_useredit_changed);
					$SQL->execute();
				}
				// reload language file if changed
				if(@$piga_useredit_changed['lang']) {
					include_once($SOURD->getConf('path:lang').$piga_useredit_changed['lang'].'/'.PIGA_INC_LANG_MAIN);
				}
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
			case PIGA_ACTION_ADMIN_NEWUSER:
				$piga_useredit      = Sd_Query::get('piga', Sd_Query::VT_POST);
				
				if(@$piga_useredit['password'] != @$piga_useredit['pwconfirm']) {
					unset($piga_useredit['password']);
				} else {
					$piga_useredit['password'] = md5(@$piga_useredit['password']);
				}
				unset($piga_useredit['pwconfirm']);
				if(!empty($piga_useredit)) {
					$SQL->create(PIGA_TBL_USER, '', Sd_SqlHelper::EXEC_INSERT);
					$SQL->addFields($piga_useredit);
					//echo $SQL->getCommand();
					$SQL->execute();
				}
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
			case PIGA_ACTION_CHANGE_BOOLACT:
				$boolState = (Sd_Query::get('state', Sd_Query::VT_GET)) ? '{TRUE}' : '{FALSE}';
				$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
				$SQL->addField('boolactive', $boolState);
				$SQL->execute();
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
			case PIGA_ACTION_CHANGE_BOOLMOD:
				$boolMod = Sd_Query::get('state', Sd_Query::VT_GET);
				$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
				$SQL->addField('level', ($boolMod) ? 2 : 1);
				$SQL->execute();
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
			case PIGA_ACTION_CHANGE_BOOLADM:
				$boolAdm = Sd_Query::get('state', Sd_Query::VT_GET);
				$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_UPDATE);
				$SQL->addField('level', ($boolAdm) ? 3 : 2);
				$SQL->execute();
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
			case PIGA_ACTION_ADMIN_DELUSER:
				$SQL->create(PIGA_TBL_USER, "id=".Sd_Query::get('userid', Sd_Query::VT_GET), Sd_SqlHelper::EXEC_DELETE);
				$SQL->execute();
				$piga_mode = PIGA_MODE_ADMIN_USERADMIN;
				break;
		}
		// no break statement! -> fall through
	case Sd_User::STATE_MOD:
		// moderator actions here
		switch($piga_action) {
			case PIGA_ACTION_DELALBUM:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				//TODO: delete confirmation (removal of dirs currently disabled)
				//Sd_File::rmr_dir(PIGA_ALBUMS_PATH.$curr_album);
				//Sd_File::rmr_dir(PIGA_CACHE_PATH.$curr_album);
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_DELIMAGE:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				$curr_img = Sd_Query::get('pic', Sd_Query::VT_GET);
				@unlink(PIGA_ALBUMS_PATH.$curr_album.PATHDELIM.$curr_img);
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_CLEANALBUMCACHE:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				$ALBUM = new Album($curr_album);
				$ALBUM->scanDirs();
				$COMMON->refreshCache($ALBUM);
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_CLEANALLCACHE:
				$SQL->create(PIGA_TBL_ALBUM);
				$SQL->addField('name');
				$SQL->execute();
				$rs = $SQL->db->getRecordset();
				while ($rs->moveNext()){
					$ALBUM = new Album($rs->record['name']);
					$ALBUM->scanDirs();
					$COMMON->refreshCache($ALBUM);
					unset($ALBUM);
				}
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_MAINPIC:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				$curr_pic   = Sd_Query::get('pic', Sd_Query::VT_GET);
				$COMMON->setMainPic($curr_album, $curr_pic);
				break;
			case PIGA_ACTION_MAINPICSUPER:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				$curr_pic   = Sd_Query::get('pic', Sd_Query::VT_GET);
				$COMMON->setMainPic($curr_album, $curr_pic, true);
				break;
			case PIGA_ACTION_ROTATE:
				$curr_album = Sd_Query::get('alb', Sd_Query::VT_GET);
				$curr_pic   = Sd_Query::get('pic', Sd_Query::VT_GET);
				$rotate_deg = Sd_Query::get('rot', Sd_Query::VT_GET);
				
				$ALBUM = new Album($curr_album);
				$ALBUM->scanDirs();
				$picture_info = $ALBUM->getPictureInfo($curr_pic);
				
				if($rotate_deg == 'exif') {
					$new_angle = Sd_Exif::getExifRotateDegree($picture_info['exif_orientation']);
				} else {
					$new_angle = (int) $rotate_deg + $picture_info['rotatedegree'];
					if($new_angle < 0) $new_angle += 360;
					$new_angle = (int) ($new_angle % 360);
				}
				
				if($new_angle === 90 || $new_angle === 180 || $new_angle === 270 || $new_angle === 0) {
					$SQL->create(PIGA_TBL_PICTURE, 'id='.((int) $picture_info['id']), Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addField('rotatedegree', $new_angle);
					$SQL->execute();
					$ALBUM->deleteCacheImages($curr_pic);
				}
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_ALBUMEDIT:
				// break here if user pressed the cancel button
				if(!Sd_Query::get('pigaform-change', Sd_Query::VT_POST)) break;
				
				$curr_album  = Sd_Query::get('alb');
				$pigaform    = Sd_Query::get('pigaform', Sd_Query::VT_POST);
				$description = Sd_Query::get('description', Sd_Query::VT_POST);
				
				$ALBUM = new Album($curr_album);
				
				$album_tsfrom = Sd_Time::gmMakeTimestamp($pigaform['date_from_y'], $pigaform['date_from_m'], $pigaform['date_from_d']);
				$album_tsto   = Sd_Time::gmMakeTimestamp($pigaform['date_to_y'], $pigaform['date_to_m'], $pigaform['date_to_d']);
				if(!Sd_Time::equalDay($ALBUM->getInfo('date'), $album_tsfrom)) {
					$ALBUM->setInfo('date', $album_tsfrom);
				}
				if(!Sd_Time::equalDay($ALBUM->getInfo('dateto'), $album_tsto)) {
					$ALBUM->setInfo('dateto', $album_tsto);
				}
				$ALBUM->setInfo('title', $pigaform['alb_title']);
				$ALBUM->setInfo('descr', $description);
				$ALBUM->setInfo('boolppcode', @$pigaform['bbcode_on']);
				$ALBUM->setInfo('picsorderby', $pigaform['pics_order_by']);
				$ALBUM->setInfo('picsorderdesc', $pigaform['pics_order_desc']);
				if($ALBUM->getInfo('name') != $pigaform['dirname']) {
					// move album to new directory
					$ALBUM->moveTo($pigaform['dirname']);
				}
				$ALBUM->storeInfo();
				
				Sd_Query::unsetvar('alb');
				break;
		}
		// no break statement! -> fall through
	case Sd_User::STATE_USR:
		// user actions here
		// no break statement! -> fall through
	default:
		// all other actions that should be available to everybody
		switch($piga_action) {
			case PIGA_ACTION_LOGIN:
				break;
			case PIGA_ACTION_WRONGPW:
				// hack delay to prevent a brute-force attack
				sleep($SETTINGS->get('hack_delay'));
				break;
			case PIGA_ACTION_LOGOUT:
				$AUTH->logout();
				Sd_Util::redirect();
				break;
			case PIGA_ACTION_DUMMY:
				$piga_message = __('I18N_MSG_NOT_IMPLEMENT');
				break;
			case PIGA_ACTION_UPDATEDB:
				// Check current version and run updates if required
				$piga_dbversion = $SETTINGS->get('current_version');
				
				// break here if no update required
				if($piga_dbversion == PIGA_CURRVER) break;
				
				// Pigalle 0.71-alpha is the first public release.
				// Update actions prior to version 0.71-alpha have been removed.
				// You may still access them through CVS, v 1.83 2004/05/06 of this document.
				
				// incremental updates
				if(version_compare($piga_dbversion, '0.72-alpha', '<')) {
					// fix broken album_order_col setting if required
					if (!ereg('name|title|date|dateto|timestamp|custorder', $SETTINGS->get('album_order_col'))) {
	                    $SQL->create(PIGA_TBL_SETTING, "setting='album_order_col'", Sd_SqlHelper::EXEC_UPDATE);
	                    $SQL->addField('value', 'date');
	                    $SQL->execute();
					}
				}
				if(version_compare($piga_dbversion, '0.74-alpha', '<')) {
					// delete deprecated setting 'image_library', moved to config.inc.php
					$SQL->create(PIGA_TBL_SETTING, "setting='image_library'", Sd_SqlHelper::EXEC_DELETE);
					$SQL->execute();
				}
				// update current_version setting to current version
				if(version_compare($piga_dbversion, PIGA_CURRVER, '<')) {
					$SQL->create(PIGA_TBL_SETTING, "setting='current_version'", Sd_SqlHelper::EXEC_UPDATE);
					$SQL->addField('value', PIGA_CURRVER);
					$SQL->execute();
				}
				
				// display update message
				$piga_message = sprintf(__('I18N_MSG_UPDATE_AUTO'), PIGA_CURRVER, $piga_dbversion);
				break;
		}
}
?>
Return current item: Pigalle