Location: PHPKode > projects > Yappa-ng > yappa-ng/admin_modules/admin_module_uploaduser.inc.php
<?php

/*
 * ***********************************************************************************************
 * Project:      yappa-ng (yet another php photo album - next generation)
 * Filename:     admin_module_uploaduser.inc.php
 * Type:         Include File, gets included into: admin_main.inc.php
 * Module:       Admin-Module
 * Subcategory:  Configure Uploaduser
 * Description:  Give access to different Admin Modules for the UploadUser
 *               Activate, Deactivate and set the password for the UploadUser
 * ***********************************************************************************************
 * Author:       Fritz Berger <hide@address.com>
 * Copyright:    2004 Fritz Berger
 * Homepage:     http://www.zirkon.at/zirkon/scripts/yappa-ng/yappa-ng_main_eng.html
 * ***********************************************************************************************
 * $Header: /cvsroot/yappa-ng/yappa-ng/admin_modules/admin_module_uploaduser.inc.php,v 1.6 2005/04/25 18:02:07 zirkon13 Exp $
 * ***********************************************************************************************
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 *
 */


?>
<?php


/*
 * Standard Security Check
 */

if (!defined('SecCheck')) {
	die("You Cannot Access This Script Directly - Have a Nice Day.");
}


function HandleForm () {
	global $config_album;
	global $config;
	global $selected_album;
	global $global_var;

	$returncode = array();
	$returncode['config'] = 0;
	$returncode['check'] = 0;

	$admin_form = $_POST['admin_form'];


	$config_album['up_user_conf1'] = 0;
	$l_bin = 1;
	for($i = 1; $i < 7; $i++) {

		if(isset($admin_form["conf1"][$l_bin])) {
			$config_album['up_user_conf1'] = (int) $config_album['up_user_conf1'] | (int) $l_bin;
		}
		$l_bin = $l_bin * 2;
	}
	$config_album['up_user_conf2'] = 0;
	$l_bin = 1;
	for($i = 1; $i < 8; $i++) {

		if(isset($admin_form["conf2"][$l_bin])) {
			$config_album['up_user_conf2'] = (int) $config_album['up_user_conf2'] | (int) $l_bin;
		}
		$l_bin = $l_bin * 2;
	}
	// safe the config
	/* write album config */
	$configfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]));
	$returncode['config'] = write_albumconf($configfilename, $config_album);

	return $returncode;



}

function HandleForm2 () {
	global $config_album;
	global $config;
	global $selected_album;

	$returncode = array();
	$returncode['config'] = 0;
	$returncode['check'] = 0;

	// check, if password is empty (not permitted!!)
	if (!isset($_POST['DeleteUserPwd'])) {
		if ($_POST['admin_form']['upload_user_pwd'] == "") {
			// empty password - not permitted
			$returncode['check'] = 4;
			return $returncode;
		} elseif ($_POST['admin_form']['upload_user_pwd'] == "nonono") {
			// standard password - not accepted!
			$returncode['check'] = 3;
			return $returncode;
		// check if no typo is in the password
		} elseif ($_POST['admin_form']['upload_user_pwd'] == $_POST['admin_form']['upload_user_pwd2']) {
			// check if the adminpassword == uploaduser password
			if($_POST['admin_form']['upload_user_pwd'] != $config_album['adminpwd']) {
				// if the upload user gets activated (has been disabled)
				// set the permissions to upload
				if($config_album["upload_user_pwd"] == "") {
					$config_album['up_user_conf2'] = "2";
				}
				// everything ok - set password!
				/* password encryption thanks to Gertjan Vinkesteijn
				* who sent me the code ready for cut&paste! THANKS!!
				*/
				if ($config['use_MD5'] != "yes") {
					$config_album["upload_user_pwd"] = $_POST['admin_form']['upload_user_pwd'];
				} else {
					$md5_adminpwd = md5($_POST['admin_form']['upload_user_pwd']);
					$config_album["upload_user_pwd"] = $md5_adminpwd;
				}
				/* write album config */
				$configfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]));
				$returncode['config'] = write_albumconf($configfilename, $config_album);
				if($returncode['config'] == 1) {
					$returncode['check'] = 1;
				}
				return $returncode;
			} else {
				// Admin pwd == UploadUser pwd -> reject
				$returncode['check'] = 6;
				return $returncode;
			}
		} else {
			// passwords dont match - no change!
			$returncode['check'] = 2;
			return $returncode;
		}
	} else {
		// delete Uploaduser password
		$config_album["upload_user_pwd"] = "";
		// set Uploaduser Options to zero
		$config_album['up_user_conf1'] = 0;
		$config_album['up_user_conf2'] = 0;
		/* write album config */
		$configfilename = singleslash($config["photo_root"] . "/" . rawurldecode($_GET["album"]));
		$returncode['config'] = write_albumconf($configfilename, $config_album);
		if($returncode['config'] == 1) {
			$returncode['check'] = 7;
		}
		return $returncode;
	}
}

$uri_base = str_replace("&admintask=UploadUser","",$global_var['self_url']);

if(isset($_POST['BeenSubmitted'])) {
	if ($config["demo_gallery"] != "yes") {
		$answer = HandleForm();
	} else {
		$answer = array();
		$answer['config'] = 0;
		$answer['check'] = 5;
	}
}
if(isset($_POST['BeenSubmitted2'])) {
	if ($config["demo_gallery"] != "yes") {
		$answer = HandleForm2();
	} else {
		$answer = array();
		$answer['config'] = 0;
		$answer['check'] = 5;
	}
}
?>

<table cellspacing="0" cellpadding="5" border="0" width="100%">
<tr valign="top">
<td class="thumbnailCell">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
	<tr>
	<td colspan=2 align="center" class="adminHeading"><?php print $lang_akt["admin_uploaduser_hmain"]; ?></td></tr>
	<tr><td colspan="2" class="passwdAdminCancel" align="center" >
	[ <b><a href="<?php echo $uri_base ?>"><?php echo $lang_akt["passwd_admin_cancel"]; ?></b></a> ]</td></tr>
	<tr><td width="10%">&nbsp;</td><td>&nbsp;</td></tr>
	<?php if ($config["demo_gallery"] == "yes") { ?>
		<tr><td colspan=2 align="center" class="adminDemo"><?php print $lang_akt["admin_info_demo1"]; ?></td></tr>
		<tr><td colspan=2 align="center" class="adminDemo"><?php print $lang_akt["admin_uploaduser_demo"] . $lang_akt["admin_uploaduser_hmain"]; ?></td></tr>
		<tr><td colspan="2">&nbsp;</td></tr>
	<?php } ?>
	<?php if((isset($_POST['BeenSubmitted'])) || (isset($_POST['BeenSubmitted2']))) { ?>
		<tr><td colspan="2" align="center" class="adminStatus"><?php
		// status of upload
		switch($answer['check']) {
			case 1:
				// everything ok - password set successfully
				print $lang_akt["admin_cpwduser_status1"];
				break;
			case 2:
				// the two pwds do not match -> again
				print $lang_akt["admin_cpwduser_status2"];
				break;
			case 3:
				// nonono not permitted
				print $lang_akt["admin_cpwdadmin_status3"];
				break;
			case 4:
				// Empty pwd -> no change
				print $lang_akt["admin_uploaduser_status4"];
				break;
			case 5:
				// Demo Mode -> no change
				print $lang_akt["admin_all_statusDEMO"];
				break;
			case 6:
				// adminpwd = uploaduserpwd -> reject
				print $lang_akt["admin_cpwdadmin_status6"];
				break;
			case 7:
				// PowerUser deactivated successfully
				print $lang_akt["admin_uploaduser_status7"];
				break;
			default:
				print "";
				break;
		} ?>
		</td>
		</tr>
		<tr><td colspan="2" align="center" class="adminStatus"><?php
		// status of config-file
		switch($answer['config']) {
			case 1:
				// everything ok - configfile written successfully
				print $lang_akt["admin_main_status1"];
				break;
			case 2:
				// Error: - could not write configfile
				print $lang_akt["admin_main_status2"];
				break;
			default:
				print "";
				break;
		}
	} ?>
	</td>
	</tr>
</table>
<?php
// check if the uploaduser is enabled in the global config
// if not - exit!
// This is only "second line of defence"  because this module should never get loaded if uploaduser is disabled!!!
if($config['permit_uploaduser'] != "yes") {
	exit;
}?>
<table width="100%" border="0" cellspacing="0" cellpadding="3">
	<tr>
	<form action="<?php print $global_var['self_url']; ?>" method="post">
	<td colspan="2">&nbsp;</td></tr>
	<?php 
	// If the uploaduser is active within this album or not is determined by the uploaduser password
	// If the password is set --> UploadUser active 
	// If the password is not set --> UploadUser not activated for this Album
	if($config_album['upload_user_pwd'] != "" ) { ?>
		<tr><td colspan=2 class="adminDescription"><?php print $lang_akt["admin_uploaduser_isactivated"] . "&nbsp;" . $config_album['upload_user_pwd']; ?></td></tr>
		<tr><td colspan="2">&nbsp;</td></tr>
		<tr><td colspan=2 class="adminDescription"><?php print $lang_akt["admin_uploaduser_deactivate"]; ?></td></tr>
		<tr><td colspan=2 class="adminComments"><?php print $lang_akt["admin_uploaduser_deactivatefull"]; ?></td></tr>
		<tr><td class="adminSelection" align="right"><input type="checkbox" name="DeleteUserPwd" value="no"></td>
		<td class="adminComments" align="left" nowrap><?php print $lang_akt["admin_cpwdadmin_deluploaduser"]; ?></td>
		</tr>
		<tr><td colspan="2">&nbsp;</td></tr>
		<tr><td colspan="2">&nbsp;</td></tr>
		<tr><td colspan=2 class="adminDescription"><?php print $lang_akt["admin_uploaduser_changepwd"]; ?></td></tr>
		<tr><td colspan=2 class="adminComments"><?php print $lang_akt["admin_uploaduser_changepwdfull"]; ?></td></tr>
	<?php } else { ?>
		<tr><td colspan=2 class="adminDescription"><?php print $lang_akt["admin_uploaduser_setuploaduser"]; ?></td></tr>
		<tr><td colspan=2 class="adminComments"><?php print $lang_akt["admin_uploaduser_setuploaduserfull"]; ?></td></tr>
	<?php } ?>
	<tr>
	<td width="10%">&nbsp;</td>
	<td class="adminSelection"><input type="password" name="admin_form[upload_user_pwd]" value=""> <?php print $lang_akt["admin_pwduploaduser_text1"]; ?></td>
	</tr>
	<tr>
	<td width="10%">&nbsp;</td>
	<td class="adminSelection"><input type="password" name="admin_form[upload_user_pwd2]" value=""> <?php print $lang_akt["admin_pwduploaduser_text2"]; ?></td>
	</tr>
	<tr><td colspan="2">&nbsp;</td></tr>
	<tr><td colspan="2" align="center">
		<input type="hidden" name="BeenSubmitted2" value="true">
		<input type="submit" name="submit2" value="<?php print $lang_akt['submit']; ?>">
	</td>
	</form>
	</tr>
	<tr><td colspan="2">&nbsp;</td></tr>
	<tr><td colspan="2">&nbsp;</td></tr>
</table>
<?php
// if the Uploaduser is activated (=password is set)
if($config_album["upload_user_pwd"] != "") { ?>
<table width="100%" border="0" cellspacing="0" cellpadding="3">
	<tr>
	<form action="<?php print $global_var['self_url']; ?>" method="post">
	<tr><td width="10%">&nbsp;</td><td width="90%">&nbsp;</td></tr>
	<tr><td colspan=2 class="adminDescription"><?php print $lang_akt["admin_uploaduser_configure"]; ?></td></tr>
	<tr><td colspan=2 class="adminComments"><?php print $lang_akt["admin_uploaduser_configurefull"]; ?></td></tr>
	<tr><td colspan="2">&nbsp;</td></tr>
	<tr><td colspan="2" align="left"><?php print $lang_akt["general_t"]; ?></td></tr>
	<?php
	//$text1['1'] = $lang_akt["admin_ainfo_hmain"];
	$text1['1'] = $lang_akt["admin_main_hmain"];
	$text1['2'] = $lang_akt["admin_main_hthumb"];
	$text1['3'] = $lang_akt["admin_main_himage_b"];
	$text1['4'] = $lang_akt["admin_main_hrating"];
	$text1['5'] = $lang_akt["admin_info_hmain"];
	$text1['6'] = $lang_akt["admin_capt_hmain"];
	//$text1['8'] = $lang_akt["admin_main_hmain"];
	$l_bin = 1;
	for($i = 1; $i < 7; $i++) {
		if($i == 5) { ?>
			<tr><td colspan="2" align="left"><?php print $lang_akt["lang_spec"]; ?></td></tr>
		<?php } ?>
		<tr><td width="5%">&nbsp;</td><td  align="left"><input type="checkbox" name="admin_form[conf1][<?php print $l_bin; ?>]" value="<?php print $l_bin; ?>"
		<?php if((int)$l_bin & (int)$config_album['up_user_conf1']) { print "checked='checked' "; } ?> > <?php print $text1[$i]; ?> </td></tr>
		<?php
		$l_bin = $l_bin * 2;
	} ?>
	<tr><td colspan="2" align="left"><?php print $lang_akt["album_handling"]; ?></td></tr>
	<?php
	$text2['1'] = $lang_akt["admin_new_hmain"];
	$text2['2'] = $lang_akt["admin_upload_hmain"];
	$text2['3'] = $lang_akt["admin_init_hmain"];
	$text2['4'] = $lang_akt["admin_rotimage_hmain"];
	$text2['5'] = $lang_akt["admin_delimage_hmain"];
	$text2['6'] = $lang_akt["admin_cpwduser_hmain"];
	$text2['7'] = $lang_akt["admin_deldir_hmain"];
	//$text2['8'] = $lang_akt["admin_main_hmain"];
	$l_bin = 1;
	for($i = 1; $i < 8; $i++) { ?>
		<tr><td width="5%">&nbsp;</td><td  align="left"><input type="checkbox" name="admin_form[conf2][<?php print $l_bin; ?>]" value="<?php print $l_bin; ?>"
		<?php if((int)$l_bin & (int)$config_album['up_user_conf2']) { print "checked='checked' "; } ?> > <?php print $text2[$i]; ?> </td></tr>
		<?php
		$l_bin = $l_bin * 2;
	} ?>
	<tr><td colspan="2">&nbsp;</td></tr>
	<tr><td colspan="2" align="center">
		<input type="hidden" name="BeenSubmitted" value="true">
		<input type="submit" name="submit" value="<?php print $lang_akt['submit']; ?>">
	</td>
	</form>
	</tr>
</table>

<?php } 

 /* end of UploadUser Configuration */
?>

</td>
</tr>
</table>


<?php



?>
Return current item: Yappa-ng