Snapr: comparison plugins/gallery/upload.php

equal deleted inserted replaced

-:0944c9354e9c
+:7c6e2e97aa08
 $plugins->attachHook('session_started', 'register_special_page("GalleryUpload", "Image gallery upload");');
 function page_Special_GalleryUpload()
 {
-global $db, $session, $paths, $template, $plugins; // Common objects
+	global $db, $session, $paths, $template, $plugins; // Common objects
-if ( $session->user_level < USER_LEVEL_ADMIN )
+	if ( $session->user_level < USER_LEVEL_ADMIN )
-{
+	{
-die_friendly('Access denied', '<p>You need to have administrative rights to use the gallery\'s upload features.</p>');
+		die_friendly('Access denied', '<p>You need to have administrative rights to use the gallery\'s upload features.</p>');
-}
+	}
-$zip_support = ( class_exists('ZipArchive') || ( file_exists('/usr/bin/unzip') && is_executable('/usr/bin/unzip') ) );
+	$zip_support = ( class_exists('ZipArchive') || ( file_exists('/usr/bin/unzip') && is_executable('/usr/bin/unzip') ) );
-$errors = array();
+	$errors = array();
-$template->add_header('<link rel="stylesheet" type="text/css" href="' . scriptPath . '/plugins/gallery/dropdown.css" />');
+	$template->add_header('<link rel="stylesheet" type="text/css" href="' . scriptPath . '/plugins/gallery/dropdown.css" />');
-$template->add_header('<script type="text/javascript" src="' . scriptPath . '/plugins/gallery/gallery-bits.js"></script>');
+	$template->add_header('<script type="text/javascript" src="' . scriptPath . '/plugins/gallery/gallery-bits.js"></script>');
-$max_size = @ini_get('upload_max_filesize');
+	$max_size_field = get_max_size_field();
-$max_size_field = '';
-if ( $max_size )
+	//
-{
+	// EDIT IMAGES
-if ( preg_match('/M$/i', $max_size) )
+	//
-{
+	if ( isset($_GET['edit_img']) )
-$max_size = intval($max_size) * 1048576;
+	{
-}
+		$edit_parms = $_GET['edit_img'];
-else if ( preg_match('/K$/i', $max_size) )
+		$regex = '/^((([0-9]+),)*)?([0-9]+?)$/';
-{
+		if ( !preg_match($regex, $edit_parms) )
-$max_size = intval($max_size) * 1024;
+		{
-}
+			die_friendly('Bad request', '<p>$_GET[\'edit_img\'] must be a comma-separated list of image IDs.</p>');
-else if ( preg_match('/G$/i', $max_size) )
+		}
-{
-$max_size = intval($max_size) * 1048576 * 1024;
+		// process any uploaded images
-}
+		// FIXME is this a bad place for this?
-$max_size = intval($max_size);
+		$limit = isset($_GET['ajax']) ? '' : "LIMIT 5";
-$max_size_field = "\n" . '<input type="hidden" name="MAX_FILE_SIZE" value="' . $max_size . '" />' . "\n";
+		$q = $db->sql_query('SELECT img_id FROM ' . table_prefix . "gallery WHERE is_folder = 0 AND processed = 0 $limit;");
-}
+		if ( !$q )
+			$db->_die();
-if ( isset($_GET['edit_img']) )
+		if ( $db->numrows() > 0 )
-{
+		{
-$edit_parms = $_GET['edit_img'];
+			while ( $row = $db->fetchrow($q) )
-$regex = '/^((([0-9]+),)*)?([0-9]+?)$/';
+			{
-if ( !preg_match($regex, $edit_parms) )
+				snapr_process_image($row['img_id']);
-{
+			}
-die_friendly('Bad request', '<p>$_GET[\'edit_img\'] must be a comma-separated list of image IDs.</p>');
+			$q = $db->sql_query('SELECT COUNT(img_id) FROM ' . table_prefix . "gallery WHERE is_folder = 0 AND processed = 0;");
-}
+			if ( !$q )
+				$db->_die();
-$idlist = explode(',', $edit_parms);
+			list($count) = $db->fetchrow_num();
-$num_edit = count($idlist);
+			$db->free_result();
-$idlist = "SELECT img_id,img_title,img_desc,img_filename,is_folder FROM ".table_prefix."gallery WHERE img_id=" . implode(' OR img_id=', $idlist) . ';';
+			if ( intval($count) > 0 )
+			redirect(makeUrlNS('Special', 'GalleryUpload', "edit_img={$_GET['edit_img']}"), "Processing images", "Processing images... $count remaining", 1);
-if ( !$e = $db->sql_query($idlist) )
+		}
-$db->_die();
+		if ( !isset($_GET['ajax']) )
-$template->header();
+			$template->header();
-if ( isset($_POST['edit_do_save']) )
+		snapr_editform($edit_parms);
-{
-@set_time_limit(0);
+		if ( !isset($_GET['ajax']) )
+			$template->footer();
-$arr_img_data = array();
-while ( $row = $db->fetchrow($e) )
+		return;
-$arr_img_data[$row['img_id']] = $row;
+	}
+	//
-// Allow breaking out
+	// REMOVE IMAGES
-switch(true):case true:
+	//
+	else if ( isset($_GET['rm']) )
-if ( !is_array($_POST['img']) )
+	{
-{
+		$warnings = array();
-$errors[] = 'No images passed to processor.';
-break;
+		if ( !preg_match('/^[0-9]+$/', $_GET['rm']) )
-}
+			die_friendly('Bad Request', '<p>$_GET[rm] needs to be an integer.</p>');
-// Main updater loop
+		$rm_id = intval($_GET['rm']);
-foreach ( $_POST['img'] as $img_id => $img_data )
-{
+		if ( isset($_POST['confirmed']) )
+		{
-if ( !preg_match('/^[0-9]+$/', $img_id) )
+			// The user confirmed the request. Start plowing through data to decide what to delete.
-{
-$errors[] = 'SQL injection attempted!';
+			// Array of images and folder rows to delete
-break 2;
+			$del_imgs = array($rm_id);
-}
+			// Array of files to delete
+			$del_files = array();
-// Array of columns to update
+			// Array of comment entries to delete
-$to_update = array();
+			$del_comments = array();
-$key = 'reupload_' . $img_data['id'];
+			$all_children = gal_fetch_all_children($rm_id);
-if ( isset($_FILES[$key]) )
+			$del_imgs = array_merge($del_imgs, $all_children);
-{
-$file =& $_FILES[ $key ];
+			$imglist = 'img_id=' . implode(' OR img_id=', $del_imgs);
-if ( $file['tmp_name'] != '' )
+			$sql = "SELECT img_id, img_filename FROM ".table_prefix."gallery WHERE ( $imglist ) AND is_folder!=1;";
-{
-// Reupload
+			if ( !$db->sql_query($sql) )
-$filename = ENANO_ROOT . '/files/' . $arr_img_data[ $img_data['id'] ]['img_filename'];
+			{
-if ( !unlink($filename) )
+				$db->_die();
-{
+			}
-$errors[] = "Could not delete $filename";
-break 2;
+			while ( $row = $db->fetchrow() )
-}
+			{
-if ( !@move_uploaded_file($file['tmp_name'], $filename) )
+				$files = array(
-{
+						ENANO_ROOT . '/files/' . $row['img_filename'],
-$errors[] = "Could not move uploaded file to $filename";
+						ENANO_ROOT . '/cache/' . $row['img_filename'] . '-thumb.jpg',
-break 2;
+						ENANO_ROOT . '/cache/' . $row['img_filename'] . '-preview.jpg'
-}
+					);
+				$del_files = array_merge($del_files, $files);
-//
-// Create scaled images
+				$del_comments[] = intval($row['img_id']);
-//
+			}
-// Create thumbnail image
+			$commentlist = 'page_id=\'' . implode('\' OR page_id=\'', $del_imgs) . '\'';
-$thumb_filename = ENANO_ROOT . '/cache/' . $arr_img_data[ $img_data['id'] ]['img_filename'] . '-thumb.jpg';
-if ( !unlink($thumb_filename) )
+			// Main deletion cycle
-{
-$errors[] = "Could not delete $thumb_filename";
+			foreach ( $del_files as $file )
-break 2;
+			{
-}
+				@unlink($file) or $warnings[] = 'Could not delete file ' . $file;
+			}
-if ( !scale_image($filename, $thumb_filename, 80, 80) )
-{
+			if ( !$db->sql_query('DELETE FROM '.table_prefix.'gallery WHERE ' . $imglist . ';') )
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
+			{
-break 2;
+				$warnings[] = 'Main delete query failed: ' . $db->get_error();
-}
+			}
-// Create preview image
+			if ( !$db->sql_query('DELETE FROM '.table_prefix.'comments WHERE ( ' . $commentlist . ' ) AND namespace=\'Gallery\';') )
-$preview_filename = ENANO_ROOT . '/cache/' . $arr_img_data[ $img_data['id'] ]['img_filename'] . '-preview.jpg';
+			{
-if ( !unlink($preview_filename) )
+				$warnings[] = 'Comment delete query failed: ' . $db->get_error();
-{
+			}
-$errors[] = "Could not delete $preview_filename";
-break 2;
+			if ( count($warnings) > 0 )
-}
+			{
+				$template->header();
-if ( !scale_image($filename, $preview_filename, 640, 480) )
-{
+				echo '<h3>Error during deletion process</h3>';
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
+				echo '<p>The deletion process generated some warnings which are shown below.</p>';
-break 2;
+				echo '<ul><li>' . implode('</li><li>', $warnings) . '</li></ul>';
-}
+				$template->footer();
-$to_update['img_time_mod'] = strval(time());
+			}
-}
+			else
-}
+			{
+				redirect(makeUrlNS('Special', 'Gallery'), 'Deletion successful', 'The selected item has been deleted from the gallery. You will now be transferred to the gallery index.', 2);
-$vars = array(
+			}
-'year' => date('Y'),
-'month' => date('F'),
+		}
-'day' => date('d'),
+		else
-'time12' => date('g:i A'),
+		{
-'time24' => date('G:i')
+			// Removal form
-);
+			$template->header();
-// Image name/title
+			echo '<form action="' . makeUrlNS('Special', 'GalleryUpload', 'rm=' . $rm_id, true) . '" method="post" enctype="multipart/form-data">';
+			echo $max_size_field;
-$title = $template->makeParserText($img_data['title']);
-$title->assign_vars($vars);
+			echo '<h3>Are you sure you want to delete this item?</h3>';
-$executed = $title->run();
+			echo '<p>If you continue, this item will be permanently deleted from the gallery &ndash; no rollbacks.</p>';
-if ( $executed == '_id' )
+			echo '<p>If this is an image, the image files will be removed from the filesystem, and all comments associated with the image will be deleted, as well as the image\'s title, description, and location.</p>';
-{
+			echo '<p>If this is a folder, all of its contents will be removed. Any images will be removed from the filesystem and all comments and metadata associated with images in this folder or any folders in it will be permanently deleted.</p>';
-$errors[] = 'You cannot name an image or folder "_id", this name is reserved for internal functions.';
-break 2;
+			echo '<p><input type="submit" name="confirmed" value="Continue with delete" /></p>';
-}
-if ( $executed == '' )
+			echo '</form>';
-{
-$errors[] = 'Please enter a name for the item with unique ID ' . $img_data['id'] . '. <pre>' . print_r($_POST,true) . '</pre>';
+			$template->footer();
-break 2;
+		}
-}
+		return;
-$to_update['img_title'] = $executed;
+	}
+	else if ( isset($_GET['ajax_proc_status']) )
-// Image description
+	{
+		$q = $db->sql_query("SELECT COUNT(img_id) FROM " . table_prefix . "gallery WHERE processed = 0;");
-if ( isset($img_data['desc']) )
+		if ( !$q )
-{
+			$db->_die();
-$desc = $template->makeParserText($img_data['desc']);
+		list($count) = $db->fetchrow_num();
-$desc->assign_vars($vars);
+		echo $count;
-$executed = $desc->run();
+		return;
-$executed = RenderMan::preprocess_text($executed, false, false);
+	}
-$to_update['img_desc'] = $executed;
+	else
-}
+	{
+		if ( isset($_POST['do_upload']) )
-// Folder
+		{
-$target_folder = false;
+			$files =& $_FILES['files'];
+			$numfiles = count($files['name']);
-if ( !empty($_POST['override_folder']) )
+			$idlist = array();
-{
+			$destfolder = intval($_POST['targetfolder']);
-if ( $_POST['override_folder'] == 'NULL' || preg_match('/^[0-9]+$/', $_POST['override_folder']) )
+			if ( $destfolder < 1 )
-{
+				$destfolder = NULL;
-$target_folder = $_POST['override_folder'];
+			for ( $i = 0; $i < $numfiles; $i++ )
-}
+			{
-}
+				$ext = get_file_extension($files['name'][$i]);
+				if ( snapr_extension_allowed($ext) )
-if ( !empty($img_data['folder']) )
+				{
-{
+					// normal image
-if ( $img_data['folder'] == 'NULL' || preg_match('/^[0-9]+$/', $img_data['folder']) )
+					$result = snapr_insert_image($files['tmp_name'][$i], $destfolder);
-{
+					if ( $result !== false )
-$target_folder = $img_data['folder'];
+						$idlist[] = $result;
-}
+				}
-}
+				else if ( strtolower($ext) == 'zip' )
+				{
-if ( $target_folder )
+					// zip file
-{
+					$zipidlist = snapr_process_zip($files['tmp_name'][$i], $destfolder);
-// Make sure we're not trying to move a folder to itself or a subdirectory of itself
+					if ( $zipidlist )
+						$idlist = array_merge($idlist, $zipidlist);
-$children = gal_fetch_all_children(intval($img_data['id']));
+				}
-if ( $img_data['id'] == $target_folder || in_array($target_folder, $children) )
+				else
-{
+				{
-$errors[] = 'You are trying to move a folder to itself, or to a subdirectory of itself, which is not allowed. If done manually (i.e. via an SQL client) this will result in infinite loops in the folder sorting code.';
+					// FIXME handle unsupported files... maybe?
-break 2;
+				}
-}
+			}
+			$idlist = implode(',', $idlist);
-$to_update['folder_parent'] = $target_folder;
+			echo '<div class="idlist">[' . $idlist . ']</div>';
-}
+			//snapr_editform($idlist);
+			return;
-if ( count($to_update) > 0 )
+		}
-{
-$up_keys = array_keys($to_update);
+		// Oh yes, the image uploader!
-$up_vals = array_values($to_update);
+		$template->preload_js(array('jquery', 'jquery-ui', 'upload'));
+		$template->header();
-$bin_cols = array('folder_parent');
+		?>
-$sql = 'UPDATE ' . table_prefix.'gallery SET ';
+		<form action="" method="post" enctype="multipart/form-data" id="snaprupload">
-foreach ( $up_keys as $i => $key )
+		<script type="text/javascript">
-{
+		//<![CDATA[
-if ( in_array($key, $bin_cols) )
+		addOnloadHook(function()
-{
+			{
-$sql .= $key . '=' . $up_vals[$i] . ',';
+				attachHook('snaprupload_ajaxupload_init', 'snapr_upload_init(ajaxupload);');
-}
+			});
-else
+		function snapr_upload_init(au)
-{
+		{
-$sql .= $key . '=\'' . $db->escape($up_vals[$i]) . '\',';
+			au.upload_start = function()
-}
+			{
-}
+				$(this.form).hide();
+				$(this.statusbox).html('<h2 class="uploadgoing">Uploading pictures...</h2><div class="progress" style="margin: 15px 0;"></div><p class="uploadstatus">&nbsp;</p>');
-$sql = preg_replace('/,$/i', '', $sql) . ' WHERE img_id=' . $img_data['id'] . ';';
+				$('div.progress', this.statusbox).progressbar({value: 0});
+			};
-if ( !$db->sql_query($sql) )
-{
+			au.status = function(state)
-$db->_die();
+			{
-}
+				if ( !state.done && !state.cancel_upload )
+				{
-}
+					var rawpct = state.bytes_processed / state.content_length;
+					var pct = (Math.round((rawpct) * 1000)) / 10;
-}
+					var elapsed = state.current_time - state.start_time;
+					var rawbps = state.bytes_processed / elapsed;
-echo '<div class="info-box" style="margin-left: 0;">Your changes have been saved.</div>';
+					var kbps = Math.round((rawbps) / 1024);
+					var remain_bytes = state.content_length - state.bytes_processed;
-endswitch;
+					var remain_time = Math.round(remain_bytes / rawbps);
-// Rerun select query to make sure information in PHP memory is up-to-date
+					$('p.uploadstatus', this.statusbox).html(pct + '% complete / ' + kbps + ' KB/s / ' + humanize_time(elapsed) + ' elapsed / ' + humanize_time(remain_time) + ' remaining');
-if ( !$e = $db->sql_query($idlist) )
+					$('div.progress', this.statusbox).progressbar('value', pct);
-$db->_die();
+				}
+			};
-}
+			au.upload_success = function(childbody)
-if ( count($errors) > 0 )
+			{
-{
+				$(this.statusbox).html('<div class="info-box"></div>' + childbody.innerHTML);
-echo '<div class="error-box" style="margin-left: 0;">
+				var idlist = parseJSON($('div.idlist', this.statusbox).text());
-<b>The following errors were encountered while updating the image data:</b><br />
+				$('div.idlist', this.statusbox).remove();
-<ul>
+				var s = idlist.length == 1 ? '' : 's';
-<li>' . implode("</li>\n        <li>", $errors) . '</li>
+				$('div.info-box', this.statusbox).html(idlist.length + ' image'+s+' were uploaded successfully. Please wait while they are processed...');
-</ul>
+				$(this.statusbox).append('<div class="progress" style="margin: 15px 0;"></div><p class="uploadstatus">&nbsp;</p>');
-</div>';
+				$('div.progress', this.statusbox).progressbar({value: 0});
-}
+				var au = this;
+				ajaxGet(makeUrlNS('Special', 'GalleryUpload', 'edit_img=' + implode(',', idlist) + '&ajax=true'), function(ajax)
-?>
+					{
-<script type="text/javascript">
+						if ( ajax.readyState == 4 )
+						{
-function gal_unset_radios(name)
+							window.clearTimeout(snapr_refresh_timer);
-{
+							$(au.statusbox).html(ajax.responseText);
-var radios = document.getElementsByTagName('input');
+						}
-for ( var i = 0; i < radios.length; i++ )
+					});
-{
+				snapr_refresh_proc(au, idlist);
-var radio = radios[i];
+			};
-if ( radio.name == name )
+		}
-{
-radio.checked = false;
+		window.snapr_refresh_timer = false;
-}
-}
+		function snapr_refresh_proc(au, idlist)
-}
+		{
+			void(au);
-</script>
+			void(idlist);
-<?php
+			ajaxGet(makeUrlNS('Special', 'GalleryUpload', 'ajax_proc_status'), function(ajax)
+				{
-echo '<form action="' . makeUrlNS('Special', 'GalleryUpload', 'edit_img=' . $edit_parms, true) . '" method="post" enctype="multipart/form-data">';
+					if ( ajax.readyState == 4 )
+					{
-echo $max_size_field;
+						var n = idlist.length - Number(ajax.responseText);
+						var pct = (n / idlist.length) * 100;
-if ( $row = $db->fetchrow($e) )
+						$('div.progress', au.statusbox).progressbar('value', pct);
-{
+						$('p.uploadstatus', au.statusbox).html(n + " of " + idlist.length + " images processed");
+						if ( pct < 100 )
-echo '<div class="tblholder">
+							window.snapr_refresh_timer = setTimeout(function()
-<table border="0" cellspacing="1" cellpadding="4">';
+								{
-echo '    <tr><th class="subhead">Information</th></tr>';
+									snapr_refresh_proc(au, idlist);
-echo '    <tr><td class="row3">
+								}, 1000);
-As with the upload form, the following variables can be used. <b>Note that when editing images, the {id} and {autotitle} variables will be ignored.</b>';
+					}
-?>
+				});
-<ul>
+		}
-<li>{year}: The current year (<?php echo date('Y'); ?>)</li>
+		//]]>
-<li>{month}: The current month (<?php echo date('F'); ?>)</li>
+		</script>
-<li>{day}: The day of the month (<?php echo date('d'); ?>)</li>
+		<?php ajax_upload_js('snaprupload'); ?>
-<li>{time12}: 12-hour time (<?php echo date('g:i A'); ?>)</li>
-<li>{time24}: 24-hour time (<?php echo date('G:i'); ?>)</li>
+		<div class="tblholder">
-</ul>
+			<table border="0" cellspacing="1" cellpadding="4">
-<?php
+				<tr>
-echo '        </td></tr>';
+					<th colspan="2">Upload files to the gallery</th>
-echo '  </table>
+				</tr>
-</div>';
+				<tr>
+					<td class="row1">
-$i = 0;
+						Select files:
-do
+					</td>
-{
+					<td class="row1">
-$thumb_url = makeUrlNS('Special', 'GalleryFetcher/thumb/' . $row['img_id'], false, true);
+						<input type="hidden" name="do_upload" value="yes" />
+						<input type="file" size="50" name="files[]" />
-# Type: folder
+						<input type="button" class="addanother" value="+" />
-if ( $row['is_folder'] == 1 ):
+					</td>
+				</tr>
-// Image ID tracker
+				<tr>
-echo '<input type="hidden" name="img[' . $i . '][id]" value="' . $row['img_id'] . '" />';
+					<td class="row2">
+						Upload into folder:
-//
+					</td>
-// Editor table
+					<td class="row2">
-//
+					<?php echo gallery_hier_formfield('targetfolder', true); ?>
+					</td>
-$folders = gallery_imgid_to_folder(intval($row['img_id']));
+				</tr>
-foreach ( $folders as $j => $xxx )
+				<tr>
-{
+					<td class="row3" colspan="2" style="text-align: center; line-height: 24px;">
-$folder =& $folders[$j];
+						<strong>Supported formats:</strong>
-$folder = sanitize_page_id($folder);
+						<br />
-}
-$folders = array_reverse($folders);
+						<img alt="Checkmark" src="<?php echo cdnPath; ?>/images/check.png" style="vertical-align: middle;" /> JPEG images &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-$gal_href = implode('/', $folders) . ( count($folders) > 0 ? '/' : '' ) . sanitize_page_id($row['img_title']);
+						<img alt="Checkmark" src="<?php echo cdnPath; ?>/images/check.png" style="vertical-align: middle;" /> PNG images &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+						<img alt="Checkmark" src="<?php echo cdnPath; ?>/images/check.png" style="vertical-align: middle;" /> GIF images &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-echo '<div class="tblholder">
+						<?php if ( $zip_support ): ?>
-<table border="0" cellspacing="1" cellpadding="4">';
+						<img alt="Checkmark" src="<?php echo cdnPath; ?>/images/check.png" style="vertical-align: middle;" /> Zip archives
+						<?php else: ?>
-echo '<tr><th colspan="2">Folder: ' . htmlspecialchars($row['img_title']) . '</th></tr>';
+						<img alt="X mark" src="<?php echo cdnPath; ?>/images/checkbad.png" style="vertical-align: middle;" /> Zip archives
+						<?php endif; ?><br />
-// Primary key
+						<small>Maximum file size: <strong><?php echo ini_get('upload_max_filesize'); ?></strong></small>
-echo '<tr>
+						<?php echo $max_size_field; ?>
-<td class="row2">Unique ID:</td>
+					</td>
-<td class="row1">' . $row['img_id'] . ' (<a href="' . makeUrlNS('Special', 'Gallery/' . $gal_href) . '">view folder contents</a>)</td>
+				</tr>
-</tr>';
+				<tr>
+					<th colspan="2" class="subhead">
-// Path info
+						<input type="submit" value="Upload" />
-echo '<tr>
+					</th>
-<td class="row2">Parent folders:</td>
+				</tr>
-<td class="row1">' . /* Yeah it's dirty, but hey, it gets the job done ;-) */ ( ( $x = str_replace('&amp;raquo;', '&raquo;', htmlspecialchars(str_replace('_', ' ', implode(' &raquo; ', $folders)))) ) ? $x : '&lt;in root&gt;' ) . '</td>
+			</table>
-</tr>';
+		</div>
+		</form>
-// Image name
+		<script type="text/javascript">
+		// <![CDATA[
-echo '<tr>
+		addOnloadHook(function()
-<td class="row2">Folder name:</td>
+			{
-<td class="row1"><input type="text" style="width: 98%;" name="img[' . $i . '][title]" value="' . htmlspecialchars($row['img_title']) . '" size="43" /></td>
+				$('input.addanother').click(function()
-</tr>';
+					{
+						$(this).before('<br />');
-// Mover widget
+						var inp = document.createElement('input');
-?>
+						$(inp).attr('type', 'file').attr('size', '50').attr('name', 'files[]');
-<tr>
+						this.parentNode.insertBefore(inp, this);
-<td class="row2">Move to folder:</td>
+						$(this).before(' ');
-<td class="row1">
+						return false;
-<div class="toggle">
+					});
-<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
+			});
-<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
+		// ]]>
-Select folder
+		</script>
-</div>
+		<?php
-<div class="body">
+	}
-<?php
-echo gallery_hier_formfield('img[' . $i . '][folder]', false);
-?>
+	$template->footer();
-<br />
-<a href="#" onclick="gal_unset_radios('img[<?php echo $i; ?>][folder]'); return false;">Unselect field</a>
+}
-</div>
-</div>
+function snapr_editform($edit_parms)
-</td>
+{
-</tr>
+	global $db, $session, $paths, $template, $plugins; // Common objects
-<?php
+	$max_size_field = get_max_size_field();
-// Finish table
+	$errors = array();
-echo '</table>';
+	$idlist = explode(',', $edit_parms);
-echo '</div>';
+	$num_edit = count($idlist);
+	$idlist = "SELECT img_id,img_title,img_desc,img_filename,is_folder FROM ".table_prefix."gallery WHERE img_id=" . implode(' OR img_id=', $idlist) . ';';
-# Type: image
-else:
+	if ( !$e = $db->sql_query($idlist) )
+		$db->_die();
-// Image ID tracker
-echo '<input type="hidden" name="img[' . $i . '][id]" value="' . $row['img_id'] . '" />';
+	if ( isset($_POST['edit_do_save']) )
+	{
-//
+		@set_time_limit(0);
-// Editor table
-//
+		$arr_img_data = array();
+		while ( $row = $db->fetchrow($e) )
-echo '<div class="tblholder">
+			$arr_img_data[$row['img_id']] = $row;
-<table border="0" cellspacing="1" cellpadding="4">';
+		// Allow breaking out
-echo '<tr><th colspan="2">Image: ' . htmlspecialchars($row['img_title']) . '</th></tr>';
+		switch(true):case true:
-// Primary key
+			if ( !is_array($_POST['img']) )
-echo '<tr>
+			{
-<td class="row2">Unique ID:</td>
+				$errors[] = 'No images passed to processor.';
-<td class="row1">' . $row['img_id'] . ' (<a href="' . makeUrlNS('Gallery', $row['img_id']) . '">view image\'s page</a>)</td>
+				break;
-</tr>';
+			}
-// Thumbnail
+			// Main updater loop
+			foreach ( $_POST['img'] as $img_id => $img_data )
-echo '<tr>
+			{
-<td class="row2">Thumbnail:</td>
-<td class="row1"><img alt="Thumbnail image" src="' . $thumb_url . '" /></td>
+				if ( !preg_match('/^[0-9]+$/', $img_id) )
-</tr>';
+				{
+					$errors[] = 'SQL injection attempted!';
-// Image name
+					break 2;
+				}
-echo '<tr>
-<td class="row2">Image title:</td>
+				// Array of columns to update
-<td class="row1"><input type="text" style="width: 98%;" name="img[' . $i . '][title]" value="' . htmlspecialchars($row['img_title']) . '" size="43" /></td>
+				$to_update = array();
-</tr>';
+				$key = 'reupload_' . $img_data['id'];
-// Image description
+				if ( isset($_FILES[$key]) )
+				{
-echo '<tr>
+					$file =& $_FILES[ $key ];
-<td class="row2">Image description:</td>
+					if ( $file['tmp_name'] != '' )
-<td class="row1"><textarea rows="10" cols="40" style="width: 98%;" name="img[' . $i . '][desc]">' . htmlspecialchars($row['img_desc']) . '</textarea></td>
+					{
-</tr>';
+						// Reupload
+						$filename = ENANO_ROOT . '/files/' . $arr_img_data[ $img_data['id'] ]['img_filename'];
-// ACL editor trigger
+						if ( !unlink($filename) )
+						{
-echo '<tr>
+							$errors[] = "Could not delete $filename";
-<td class="row2">Permissions:</td>
+							break 2;
-<td class="row1"><input type="button" onclick="ajaxOpenACLManager(\'' . $row['img_id'] . '\', \'Gallery\');" value="Edit permissions" /><br /><small>Only works in Firefox 1.5 or later, Safari 3.x or later, or Opera 9.0 or later.</small></td>
+						}
-</tr>';
+						if ( !@move_uploaded_file($file['tmp_name'], $filename) )
+						{
-// Mover widget
+							$errors[] = "Could not move uploaded file to $filename";
-?>
+							break 2;
-<tr>
+						}
-<td class="row2">Move to folder:</td>
-<td class="row1">
+						//
-<div class="toggle">
+						// Create scaled images
-<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
+						//
-<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
-Select folder
+						// Create thumbnail image
-</div>
+						$thumb_filename = ENANO_ROOT . '/cache/' . $arr_img_data[ $img_data['id'] ]['img_filename'] . '-thumb.jpg';
-<div class="body">
+						if ( !unlink($thumb_filename) )
-<?php
+						{
-echo gallery_hier_formfield('img[' . $i . '][folder]', false);
+							$errors[] = "Could not delete $thumb_filename";
-?>
+							break 2;
-<br />
+						}
-<a href="#" onclick="gal_unset_radios('img[<?php echo $i; ?>][folder]'); return false;">Unselect field</a>
-</div>
+						if ( !scale_image($filename, $thumb_filename, 80, 80) )
-</div>
+						{
-</td>
+							$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
-</tr>
+							break 2;
-<?php
+						}
-// File replacer
+						// Create preview image
+						$preview_filename = ENANO_ROOT . '/cache/' . $arr_img_data[ $img_data['id'] ]['img_filename'] . '-preview.jpg';
-echo '<tr>
+						if ( !unlink($preview_filename) )
-<td class="row2">Upload new version:</td>
+						{
-<td class="row1"><input type="file" name="reupload_' . $row['img_id'] . '" size="30" style="width: 98%;" /></td>
+							$errors[] = "Could not delete $preview_filename";
-</tr>';
+							break 2;
+						}
-// Finish table
-echo '</table>';
+						if ( !scale_image($filename, $preview_filename, 640, 480) )
-echo '</div>';
+						{
+							$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
-endif;
+							break 2;
+						}
-$i++;
-}
+						$to_update['img_time_mod'] = strval(time());
-while ( $row = $db->fetchrow($e) );
+					}
-$db->free_result();
+				}
-echo '<div class="tblholder">
+				$vars = array(
-<table border="0" cellspacing="1" cellpadding="4">';
+					'year' => date('Y'),
-// Mover widget
+					'month' => date('F'),
-if ( $num_edit > 1 ):
+					'day' => date('d'),
-?>
+					'time12' => date('g:i A'),
-<tr>
+					'time24' => date('G:i')
-<td class="row2">Move all to folder:<br /><small>Other folder fields on this page can override this for individual images.</small></td>
+				);
-<td class="row1" style="width: 70%;">
-<div class="toggle">
+				// Image name/title
-<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
-<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
+				$title = $template->makeParserText($img_data['title']);
-Select folder
+				$title->assign_vars($vars);
-</div>
+				$executed = $title->run();
-<div class="body">
+				if ( $executed == '_id' )
-<?php
+				{
-echo gallery_hier_formfield('override_folder', false);
+					$errors[] = 'You cannot name an image or folder "_id", this name is reserved for internal functions.';
-?>
+					break 2;
-<br />
+				}
-<a href="#" onclick="gal_unset_radios('override_folder'); return false;">Unselect field</a>
+				if ( $executed == '' )
-</div>
+				{
-</div>
+					$errors[] = 'Please enter a name for the item with unique ID ' . $img_data['id'] . '. <pre>' . print_r($_POST,true) . '</pre>';
-</td>
+					break 2;
-</tr>
+				}
-<?php
+				$to_update['img_title'] = $executed;
-endif;
+				// Image description
-echo '    <tr><th class="subhead" colspan="2"><input type="submit" name="edit_do_save" value="Save changes" /></th></tr>';
-echo '  </table>
+				if ( isset($img_data['desc']) )
-</div>';
+				{
+					$desc = $template->makeParserText($img_data['desc']);
-}
+					$desc->assign_vars($vars);
-else
+					$executed = $desc->run();
-{
+					$executed = RenderMan::preprocess_text($executed, false, false);
-echo '<p>No images that matched the ID list could be found.</p>';
+					$to_update['img_desc'] = $executed;
-}
+				}
-echo '</form>';
+				// Folder
+				$target_folder = false;
-$template->footer();
-return;
+				if ( !empty($_POST['override_folder']) )
-}
+				{
+					if ( $_POST['override_folder'] == 'NULL' || preg_match('/^[0-9]+$/', $_POST['override_folder']) )
-if ( isset($_GET['rm']) )
+					{
-{
+						$target_folder = $_POST['override_folder'];
-$warnings = array();
+					}
+				}
-if ( !preg_match('/^[0-9]+$/', $_GET['rm']) )
-die_friendly('Bad Request', '<p>$_GET[rm] needs to be an integer.</p>');
+				if ( !empty($img_data['folder']) )
+				{
-$rm_id = intval($_GET['rm']);
+					if ( $img_data['folder'] == 'NULL' || preg_match('/^[0-9]+$/', $img_data['folder']) )
+					{
-if ( isset($_POST['confirmed']) )
+						$target_folder = $img_data['folder'];
-{
+					}
-// The user confirmed the request. Start plowing through data to decide what to delete.
+				}
-// Array of images and folder rows to delete
+				if ( $target_folder )
-$del_imgs = array($rm_id);
+				{
-// Array of files to delete
+					// Make sure we're not trying to move a folder to itself or a subdirectory of itself
-$del_files = array();
-// Array of comment entries to delete
+					$children = gal_fetch_all_children(intval($img_data['id']));
-$del_comments = array();
+					if ( $img_data['id'] == $target_folder || in_array($target_folder, $children) )
+					{
-$all_children = gal_fetch_all_children($rm_id);
+						$errors[] = 'You are trying to move a folder to itself, or to a subdirectory of itself, which is not allowed. If done manually (i.e. via an SQL client) this will result in infinite loops in the folder sorting code.';
-$del_imgs = array_merge($del_imgs, $all_children);
+						break 2;
+					}
-$imglist = 'img_id=' . implode(' OR img_id=', $del_imgs);
-$sql = "SELECT img_id, img_filename FROM ".table_prefix."gallery WHERE ( $imglist ) AND is_folder!=1;";
+					$to_update['folder_parent'] = $target_folder;
+				}
-if ( !$db->sql_query($sql) )
-{
+				if ( count($to_update) > 0 )
-$db->_die();
+				{
-}
+					$up_keys = array_keys($to_update);
+					$up_vals = array_values($to_update);
-while ( $row = $db->fetchrow() )
-{
+					$bin_cols = array('folder_parent');
-$files = array(
-ENANO_ROOT . '/files/' . $row['img_filename'],
+					$sql = 'UPDATE ' . table_prefix.'gallery SET ';
-ENANO_ROOT . '/cache/' . $row['img_filename'] . '-thumb.jpg',
-ENANO_ROOT . '/cache/' . $row['img_filename'] . '-preview.jpg'
+					foreach ( $up_keys as $i => $key )
-);
+					{
-$del_files = array_merge($del_files, $files);
+						if ( in_array($key, $bin_cols) )
+						{
-$del_comments[] = intval($row['img_id']);
+							$sql .= $key . '=' . $up_vals[$i] . ',';
-}
+						}
+						else
-$commentlist = 'page_id=\'' . implode('\' OR page_id=\'', $del_imgs) . '\'';
+						{
+							$sql .= $key . '=\'' . $db->escape($up_vals[$i]) . '\',';
-// Main deletion cycle
+						}
+					}
-foreach ( $del_files as $file )
-{
+					$sql = preg_replace('/,$/i', '', $sql) . ' WHERE img_id=' . $img_data['id'] . ';';
-@unlink($file) or $warnings[] = 'Could not delete file ' . $file;
-}
+					if ( !$db->sql_query($sql) )
+					{
-if ( !$db->sql_query('DELETE FROM '.table_prefix.'gallery WHERE ' . $imglist . ';') )
+						$db->_die();
-{
+					}
-$warnings[] = 'Main delete query failed: ' . $db->get_error();
-}
+				}
-if ( !$db->sql_query('DELETE FROM '.table_prefix.'comments WHERE ( ' . $commentlist . ' ) AND namespace=\'Gallery\';') )
+			}
-{
-$warnings[] = 'Comment delete query failed: ' . $db->get_error();
+			echo '<div class="info-box" style="margin-left: 0;">Your changes have been saved.</div>';
-}
+		endswitch;
-if ( count($warnings) > 0 )
-{
+		// Rerun select query to make sure information in PHP memory is up-to-date
-$template->header();
+		if ( !$e = $db->sql_query($idlist) )
+			$db->_die();
-echo '<h3>Error during deletion process</h3>';
-echo '<p>The deletion process generated some warnings which are shown below.</p>';
+	}
-echo '<ul><li>' . implode('</li><li>', $warnings) . '</li></ul>';
+	if ( count($errors) > 0 )
-$template->footer();
+	{
-}
+		echo '<div class="error-box" style="margin-left: 0;">
-else
+						<b>The following errors were encountered while updating the image data:</b><br />
-{
+						<ul>
-redirect(makeUrlNS('Special', 'Gallery'), 'Deletion successful', 'The selected item has been deleted from the gallery. You will now be transferred to the gallery index.', 2);
+							<li>' . implode("</li>\n        <li>", $errors) . '</li>
-}
+						</ul>
+					</div>';
-}
+	}
-else
-{
+	echo '<form action="' . makeUrlNS('Special', 'GalleryUpload', 'edit_img=' . $edit_parms, true) . '" method="post" enctype="multipart/form-data">';
-// Removal form
-$template->header();
+	echo $max_size_field;
-echo '<form action="' . makeUrlNS('Special', 'GalleryUpload', 'rm=' . $rm_id, true) . '" method="post" enctype="multipart/form-data">';
+	if ( $row = $db->fetchrow($e) )
-echo $max_size_field;
+	{
-echo '<h3>Are you sure you want to delete this item?</h3>';
+		echo '<div class="tblholder">
-echo '<p>If you continue, this item will be permanently deleted from the gallery &ndash; no rollbacks.</p>';
+						<table border="0" cellspacing="1" cellpadding="4">';
-echo '<p>If this is an image, the image files will be removed from the filesystem, and all comments associated with the image will be deleted, as well as the image\'s title, description, and location.</p>';
+		echo '    <tr><th class="subhead">Information</th></tr>';
-echo '<p>If this is a folder, all of its contents will be removed. Any images will be removed from the filesystem and all comments and metadata associated with images in this folder or any folders in it will be permanently deleted.</p>';
+		echo '    <tr><td class="row3">
+								As with the upload form, the following variables can be used. <b>Note that when editing images, the {id} and {autotitle} variables will be ignored.</b>';
-echo '<p><input type="submit" name="confirmed" value="Continue with delete" /></p>';
+		?>
+				<ul>
-echo '</form>';
+					<li>{year}: The current year (<?php echo date('Y'); ?>)</li>
+					<li>{month}: The current month (<?php echo date('F'); ?>)</li>
-$template->footer();
+					<li>{day}: The day of the month (<?php echo date('d'); ?>)</li>
-}
+					<li>{time12}: 12-hour time (<?php echo date('g:i A'); ?>)</li>
-return;
+					<li>{time24}: 24-hour time (<?php echo date('G:i'); ?>)</li>
-}
+				</ul>
+		<?php
-if ( isset($_POST['do_stage2']) )
+		echo '        </td></tr>';
-{
+		echo '  </table>
-// Allow breaking out of the validation in the case of an error
+					</div>';
-switch(true):case true:
+		$i = 0;
-if ( empty($_POST['img_name']) )
+		do
-{
+		{
-$errors[] = 'Please enter an image name.';
+			$thumb_url = makeUrlNS('Special', 'GalleryFetcher/thumb/' . $row['img_id'], false, true);
-}
+			# Type: folder
-// Validate files
+			if ( $row['is_folder'] == 1 ):
-$n_files = intval($_POST['img_count']);
-if ( $n_files < 1 )
+			// Image ID tracker
-{
+			echo '<input type="hidden" name="img[' . $i . '][id]" value="' . $row['img_id'] . '" />';
-$errors[] = 'Cannot get image count';
-break;
+			//
-}
+			// Editor table
+			//
-$files = array();
+			$folders = gallery_imgid_to_folder(intval($row['img_id']));
-for ( $i = 0; $i < $n_files; $i++ )
+			foreach ( $folders as $j => $xxx )
-{
+			{
-$key = "img_$i";
+				$folder =& $folders[$j];
-if ( isset($_FILES[$key]) && !empty($_FILES[$key]['name']) )
+				$folder = sanitize_page_id($folder);
-{
+			}
-$files[] =& $_FILES[$key];
+			$folders = array_reverse($folders);
-}
+			$gal_href = implode('/', $folders) . ( count($folders) > 0 ? '/' : '' ) . sanitize_page_id($row['img_title']);
-}
+			echo '<div class="tblholder">
-if ( count($files) < 1 )
+							<table border="0" cellspacing="1" cellpadding="4">';
-{
-$errors[] = 'No files specified.';
+			echo '<tr><th colspan="2">Folder: ' . htmlspecialchars($row['img_title']) . '</th></tr>';
-break;
-}
+			// Primary key
+			echo '<tr>
-$allowed = array('png', 'jpg', 'jpeg', 'tiff', 'tif', 'bmp', 'gif');
+							<td class="row2">Unique ID:</td>
-$is_zip = false;
+							<td class="row1">' . $row['img_id'] . ' (<a href="' . makeUrlNS('Special', 'Gallery/' . $gal_href) . '">view folder contents</a>)</td>
-foreach ( $files as $i => $file )
+						</tr>';
-{
-$ext = substr($file['name'], ( strrpos($file['name'], '.') + 1 ));
+			// Path info
-$ext = strtolower($ext);
+			echo '<tr>
-if ( !in_array($ext, $allowed) && ( !$zip_support || ( $ext != 'zip' || $i > 0 ) ) )
+							<td class="row2">Parent folders:</td>
-{
+							<td class="row1">' . /* Yeah it's dirty, but hey, it gets the job done ;-) */ ( ( $x = str_replace('&amp;raquo;', '&raquo;', htmlspecialchars(str_replace('_', ' ', implode(' &raquo; ', $folders)))) ) ? $x : '&lt;in root&gt;' ) . '</td>
-$errors[] = htmlspecialchars($file['name']) . ' is an invalid extension (' . htmlspecialchars($ext) . ').';
+						</tr>';
-}
-else if ( $ext == 'zip' && $i == 0 && $zip_support )
+			// Image name
-{
-$is_zip = true;
+			echo '<tr>
-}
+							<td class="row2">Folder name:</td>
-}
+							<td class="row1"><input type="text" style="width: 98%;" name="img[' . $i . '][title]" value="' . htmlspecialchars($row['img_title']) . '" size="43" /></td>
+						</tr>';
-if ( count($errors) > 0 )
-{
+			// Mover widget
-// Send error messages
+			?>
-break;
+			<tr>
-}
+				<td class="row2">Move to folder:</td>
+				<td class="row1">
-// Parent folder
+					<div class="toggle">
-$folder = $_POST['folder_id'];
+						<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
-if ( $folder != 'NULL' && !preg_match('/^[0-9]+$/', $folder) )
+							<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
-{
+							Select folder
-$folder = 'NULL';
+						</div>
-}
+						<div class="body">
+							<?php
-// Format title and description fields
+								echo gallery_hier_formfield('img[' . $i . '][folder]', false);
-$title = $template->makeParserText($_POST['img_name']);
+							?>
-$desc  = $template->makeParserText($_POST['img_desc']);
+							<br />
+							<a href="#" onclick="gal_unset_radios('img[<?php echo $i; ?>][folder]'); return false;">Unselect field</a>
-$vars = array(
+						</div>
-'year' => date('Y'),
+					</div>
-'month' => date('F'),
+				</td>
-'day' => date('d'),
+			</tr>
-'time12' => date('g:i A'),
+			<?php
-'time24' => date('G:i')
-);
+			// Finish table
+			echo '</table>';
-$title->assign_vars($vars);
+			echo '</div>';
-$desc->assign_vars($vars);
+			# Type: image
-$idlist = array();
+			else:
-// Try to disable the time limit
+			// Image ID tracker
-@set_time_limit(0);
+			echo '<input type="hidden" name="img[' . $i . '][id]" value="' . $row['img_id'] . '" />';
-// Move uploaded files to the files/ directory
+			//
-foreach ( $files as $i => $__trash )
+			// Editor table
-{
+			//
-$file =& $files[$i];
-$ext = substr($file['name'], ( strrpos($file['name'], '.') + 1 ));
+			echo '<div class="tblholder">
-$ext = strtolower($ext);
+							<table border="0" cellspacing="1" cellpadding="4">';
-if ( $ext == 'zip' && $is_zip && $zip_support )
-{
+			echo '<tr><th colspan="2">Image: ' . htmlspecialchars($row['img_title']) . '</th></tr>';
-//
-// Time for some unzipping fun.
+			// Primary key
-//
+			echo '<tr>
+							<td class="row2">Unique ID:</td>
-error_reporting(E_ALL);
+							<td class="row1">' . $row['img_id'] . ' (<a href="' . makeUrlNS('Gallery', $row['img_id']) . '">view image\'s page</a>)</td>
+						</tr>';
-mkdir(ENANO_ROOT . '/cache/temp') or $errors[] = 'Could not create temporary directory for extraction.';
-if ( count($errors) > 0 )
+			// Thumbnail
-break 2;
-$temp_dir = tempnam(ENANO_ROOT . '/cache/temp', 'galunz');
+			echo '<tr>
-if ( file_exists($temp_dir) )
+							<td class="row2">Thumbnail:</td>
-unlink($temp_dir);
+							<td class="row1"><img alt="Thumbnail image" src="' . $thumb_url . '" /></td>
-@mkdir($temp_dir);
+						</tr>';
-// Extract the zip file
+			// Image name
-if ( class_exists('ZipArchive') )
-{
+			echo '<tr>
-$zip = new ZipArchive();
+							<td class="row2">Image title:</td>
-$op = $zip->open($file['tmp_name']);
+							<td class="row1"><input type="text" style="width: 98%;" name="img[' . $i . '][title]" value="' . htmlspecialchars($row['img_title']) . '" size="43" /></td>
-if ( !$op )
+						</tr>';
-{
-$errors[] = 'Could not open the zip file.';
+			// Image description
-break 2;
-}
+			echo '<tr>
-$op = $zip->extractTo($temp_dir);
+							<td class="row2">Image description:</td>
-if ( !$op )
+							<td class="row1"><textarea rows="10" cols="40" style="width: 98%;" name="img[' . $i . '][desc]">' . htmlspecialchars($row['img_desc']) . '</textarea></td>
-{
+						</tr>';
-$errors[] = 'Could not extract the zip file.';
-break 2;
+			// ACL editor trigger
-}
-}
+			echo '<tr>
-else if ( file_exists('/usr/bin/unzip') )
+							<td class="row2">Permissions:</td>
-{
+							<td class="row1"><input type="button" onclick="ajaxOpenACLManager(\'' . $row['img_id'] . '\', \'Gallery\');" value="Edit permissions" /><br /><small>Only works in Firefox 1.5 or later, Safari 3.x or later, or Opera 9.0 or later.</small></td>
-$cmd = "/usr/bin/unzip -qq -d $temp_dir {$file['tmp_name']}";
+						</tr>';
-system($cmd);
-}
+			// Mover widget
+			?>
-// Any files?
+			<tr>
-$file_list = gal_dir_recurse($temp_dir, $dirs);
+				<td class="row2">Move to folder:</td>
-if ( !$file_list )
+				<td class="row1">
-{
+					<div class="toggle">
-$errors[] = 'Could not get file list for temp directory.';
+						<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
-break 2;
+							<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
-}
+							Select folder
-if ( count($file_list) < 1 )
+						</div>
-{
+						<div class="body">
-$errors[] = 'There weren\'t any files in the uploaded zip file.';
+							<?php
-}
+								echo gallery_hier_formfield('img[' . $i . '][folder]', false);
+							?>
-$dirs = array_reverse($dirs);
+							<br />
-$img_files = array();
+							<a href="#" onclick="gal_unset_radios('img[<?php echo $i; ?>][folder]'); return false;">Unselect field</a>
+						</div>
-// Loop through and add files
+					</div>
-foreach ( $file_list as $file )
+				</td>
-{
+			</tr>
-$ext = get_file_extension($file);
+			<?php
-if ( in_array($ext, $allowed) )
+			// File replacer
-{
-$img_files[] = $file;
+			echo '<tr>
-}
+							<td class="row2">Upload new version:</td>
-else
+							<td class="row1"><input type="file" name="reupload_' . $row['img_id'] . '" size="30" style="width: 98%;" /></td>
-{
+						</tr>';
-unlink($file);
-}
+			// Finish table
-}
+			echo '</table>';
+			echo '</div>';
-// Main storage loop
-$j = 0;
+			endif;
-foreach ( $img_files as $file )
-{
+			$i++;
-$ext = get_file_extension($file);
+		}
-$stored_name = gallery_make_filename() . ".$ext";
+		while ( $row = $db->fetchrow($e) );
-$store = ENANO_ROOT . '/files/' . $stored_name;
+		$db->free_result();
-if ( !rename($file, $store) )
-{
+		echo '<div class="tblholder">
-$errors[] = 'Could not move file ' . $file . ' to permanent storage location ' . $store . '.';
+						<table border="0" cellspacing="1" cellpadding="4">';
-break 3;
+		// Mover widget
-}
+		if ( $num_edit > 1 ):
+		?>
-$autotitle = ucwords(basename($file));
+		<tr>
-$autotitle = substr($autotitle, 0, ( strrpos($autotitle, '.') ));
+			<td class="row2">Move all to folder:<br /><small>Other folder fields on this page can override this for individual images.</small></td>
-$autotitle = str_replace('_', ' ', $autotitle);
+			<td class="row1" style="width: 70%;">
+				<div class="toggle">
-$title->assign_vars(array('id' => ( $j + 1 ), 'autotitle' => $autotitle));
+					<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
-$desc->assign_vars(array('id' => ( $j + 1 ), 'autotitle' => $autotitle));
+						<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
+						Select folder
-$local_t = $title->run();
+					</div>
-$local_t = RenderMan::preprocess_text($local_t, true, false);
+					<div class="body">
+						<?php
-$local_d = $desc->run();
+							echo gallery_hier_formfield('override_folder', false);
-$local_d = RenderMan::preprocess_text($local_d, true, false);
+						?>
+						<br />
-$subq = '(\'' . $stored_name . '\', \'' . $db->escape($local_t) . '\', \'' . $db->escape($local_d) . '\',\'a:0:{}\', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), ' . $folder . ', \'[]\')';
+						<a href="#" onclick="gal_unset_radios('override_folder'); return false;">Unselect field</a>
-$sql = "INSERT INTO ".table_prefix."gallery(img_filename,img_title,img_desc,print_sizes,img_time_upload,img_time_mod,folder_parent,img_tags) VALUES{$subq};";
+					</div>
+				</div>
-if ( !$db->sql_query($sql) )
+			</td>
-$db->_die();
+		</tr>
+		<?php
-$idlist[] = $db->insert_id();
+		endif;
-//
+		echo '    <tr><th class="subhead" colspan="2"><input type="submit" name="edit_do_save" value="Save changes" /></th></tr>';
-// Create scaled images
+		echo '  </table>
-//
+					</div>';
-// Create thumbnail image
+	}
-$thumb_filename = ENANO_ROOT . '/cache/' . $stored_name . '-thumb.jpg';
+	else
-if ( file_exists($thumb_filename) )
+	{
-{
+		echo '<p>No images that matched the ID list could be found.</p>';
-if ( !unlink($thumb_filename) )
+	}
-{
-$errors[] = "Could not delete $thumb_filename";
+	echo '</form>';
-break 2;
+}
-}
-}
+function get_max_size_field()
+{
-if ( !scale_image($store, $thumb_filename, 80, 80) )
+	$max_size = @ini_get('upload_max_filesize');
-{
+	$max_size_field = '';
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
+	if ( $max_size )
-break 2;
+	{
-}
+		if ( preg_match('/M$/i', $max_size) )
+		{
-// Create preview image
+			$max_size = intval($max_size) * 1048576;
-$preview_filename = ENANO_ROOT . '/cache/' . $stored_name . '-preview.jpg';
+		}
-if ( file_exists($preview_filename) )
+		else if ( preg_match('/K$/i', $max_size) )
-{
+		{
-if ( !unlink($preview_filename) )
+			$max_size = intval($max_size) * 1024;
-{
+		}
-$errors[] = "Could not delete $preview_filename";
+		else if ( preg_match('/G$/i', $max_size) )
-break 2;
+		{
-}
+			$max_size = intval($max_size) * 1048576 * 1024;
-}
+		}
+		$max_size = intval($max_size);
-if ( !scale_image($store, $preview_filename, 640, 640) )
+		$max_size_field = "\n" . '<input type="hidden" name="MAX_FILE_SIZE" value="' . $max_size . '" />' . "\n";
-{
+	}
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
+	return $max_size_field;
-break 2;
-}
-$j++;
-}
-// clean up
-foreach ( $dirs as $dir )
-{
-rmdir($dir);
-}
-rmdir( $temp_dir ) or $errors[] = 'Couldn\'t delete the unzip directory.';
-rmdir( ENANO_ROOT . '/cache/temp' ) or $errors[] = 'Couldn\'t delete the temp directory.';
-if ( count($errors) > 0 )
-break 2;
-$idlist = implode(',', $idlist);
-$url = makeUrlNS('Special', 'GalleryUpload', "edit_img=$idlist");
-redirect($url, 'Upload successful', 'Your images have been uploaded successfully. Please wait while you are transferred...', 2);
-break 2;
-}
-$file['stored_name'] = gallery_make_filename() . '.' . $ext;
-$store = ENANO_ROOT . '/files/' . $file['stored_name'];
-if ( !@move_uploaded_file($file['tmp_name'], $store) )
-{
-$errors[] = "[Internal] Couldn't move temporary file {$file['tmp_name']} to permanently stored file $store";
-break 2;
-}
-$autotitle = ucwords(basename($file['name']));
-$autotitle = substr($autotitle, 0, ( strrpos($autotitle, '.') ));
-$autotitle = str_replace('_', ' ', $autotitle);
-$title->assign_vars(array('id' => ( $i + 1 ), 'autotitle' => $autotitle));
-$desc->assign_vars (array('id' => ( $i + 1 ), 'autotitle' => $autotitle));
-$local_t = $title->run();
-$local_t = RenderMan::preprocess_text($local_t, true, false);
-$local_d = $desc->run();
-$local_d = RenderMan::preprocess_text($local_d, true, false);
-$subq = '(\'' . $file['stored_name'] . '\', \'' . $db->escape($local_t) . '\', \'' . $db->escape($local_d) . '\',\'a:0:{}\', UNIX_TIMESTAMP(), UNIX_TIMESTAMP(), ' . $folder . ', \'[]\')';
-$sql = "INSERT INTO ".table_prefix."gallery(img_filename,img_title,img_desc,print_sizes,img_time_upload,img_time_mod,folder_parent,img_tags) VALUES{$subq};";
-if ( !$db->sql_query($sql) )
-$db->_die();
-$idlist[] = $db->insert_id();
-// Create thumbnail image
-$thumb_filename = ENANO_ROOT . '/cache/' . $file['stored_name'] . '-thumb.jpg';
-$magick = getConfig('imagemagick_path');
-$command = "$magick '{$store}' -resize ".'"'."80x80>".'"'." -quality 85 $thumb_filename";
-@system($command, $stat);
-if ( !file_exists($thumb_filename) )
-{
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
-break 2;
-}
-// Create preview image
-$preview_filename = ENANO_ROOT . '/cache/' . $file['stored_name'] . '-preview.jpg';
-$magick = getConfig('imagemagick_path');
-$command = "$magick '{$store}' -resize ".'"'."640x640>".'"'." -quality 85 $preview_filename";
-@system($command, $stat);
-if ( !file_exists($preview_filename) )
-{
-$errors[] = 'Couldn\'t scale image '.$i.': ImageMagick failed us';
-break 2;
-}
-}
-$idlist = implode(',', $idlist);
-$url = makeUrlNS('Special', 'GalleryUpload', "edit_img=$idlist");
-redirect($url, 'Upload successful', 'Your images have been uploaded successfully. Please wait while you are transferred...', 2);
-return;
-endswitch;
-}
-// Smart batch-upload interface
-$template->header();
-?>
-<!-- Some Javascript magic :-) -->
-<script type="text/javascript">
-function gal_upload_addimg()
-{
-var id = 0;
-var td = document.getElementById('gal_upload_td');
-for ( var i = 0; i < td.childNodes.length; i++ )
-{
-var child = td.childNodes[i];
-if ( child.tagName == 'INPUT' && child.type == 'hidden' )
-{
-var file = document.createElement('input');
-file.type = 'file';
-file.size = '43';
-file.name = 'img_' + id;
-file.style.marginBottom = '3px';
-td.insertBefore(file, child);
-td.insertBefore(document.createElement('br'), child);
-child.value = String(id);
-return;
-}
-else if ( child.tagName == 'INPUT' && child.type == 'file' )
-{
-id++;
-}
-}
-}
-</script>
-<?php
-echo '<form action="' . makeUrlNS('Special', 'GalleryUpload') . '" enctype="multipart/form-data" method="post" onsubmit="if ( window.whiteOutForm ) window.whiteOutForm(this);">';
-echo $max_size_field;
-if ( count($errors) > 0 )
-{
-echo '<div class="error-box">
-<b>The following errors were encountered during the upload:</b><br />
-<ul>
-<li>' . implode("</li>\n        <li>", $errors) . '</li>
-</ul>
-</div>';
-}
-?>
-<div class="tblholder">
-<table border="0" cellspacing="1" cellpadding="4">
-<tr>
-<th colspan="2">Upload images to gallery</th>
-</tr>
-<tr>
-<td class="row2">Image name template:</td>
-<td class="row1"><input type="text" name="img_name" size="43" style="width: 98%;" /></td>
-</tr>
-<tr>
-<td class="row2">Image description template:</td>
-<td class="row1"><textarea rows="10" cols="40" name="img_desc" style="width: 98%;"></textarea></td>
-</tr>
-<tr>
-<td colspan="2" class="row3" style="font-size: smaller;">
-<p>The name and description templates can contain the following variables:</p>
-<ul>
-<li>{id}: The number of the image (different for each image)</li>
-<li>{autotitle}: Let the uploader automatically generate a title, based on the filename (david_in_the_barn.jpg will become "David in the barn"). Sometimes this process can be very dumb (mtrooper2k5.jpg will become "Mtrooper2k5").</li>
-<li>{year}: The current year (<?php echo date('Y'); ?>)</li>
-<li>{month}: The current month (<?php echo date('F'); ?>)</li>
-<li>{day}: The day of the month (<?php echo date('d'); ?>)</li>
-<li>{time12}: 12-hour time (<?php echo date('g:i A'); ?>)</li>
-<li>{time24}: 24-hour time (<?php echo date('G:i'); ?>)</li>
-</ul>
-<p>Example: <input type="text" readonly="readonly" value="Photo #{id} - uploaded {month} {day}, {year} {time12}" size="50" /></p>
-</td>
-</tr>
-<tr>
-<td class="row2">
-Image files:
-<?php
-if ( $zip_support )
-{
-?>
-<br />
-<small><b>Your server has support for zip files.</b>
-Instead of uploading many image files, you can upload a single zip file here. Note that if you send a zip file through,
-it must be the first and only file or it will be ignored. Any files in the zip archive that are not supported image
-files will be ignored.
-<?php
-if ( $sz = ini_get('upload_max_filesize') )
-{
-echo "<b>The maximum file size is <u>{$sz}B</u>.</b>";
-}
-?>
-</small>
-<?php
-}
-?>
-</td>
-<td class="row1" id="gal_upload_td">
-<input type="file" name="img_0" size="43" style="margin-bottom: 3px" /><br />
-<input type="file" name="img_1" size="43" style="margin-bottom: 3px" /><br />
-<input type="file" name="img_2" size="43" style="margin-bottom: 3px" /><br />
-<input type="file" name="img_3" size="43" style="margin-bottom: 3px" /><br />
-<input type="file" name="img_4" size="43" style="margin-bottom: 3px" /><br />
-<input type="hidden" name="img_count" value="4" />
-<input type="button" value="+  Add image" onclick="gal_upload_addimg();" title="Add another image field" />
-</td>
-</tr>
-<tr>
-<td class="row2">Upload to folder:</td>
-<td class="row1">
-<div class="toggle">
-<div class="head" onclick="gal_toggle( ( IE ? this.nextSibling : this.nextSibling.nextSibling ), this.childNodes[1]);">
-<img alt="&gt;&gt;" src="<?php echo scriptPath; ?>/plugins/gallery/toggle-closed.png" class="toggler" />
-Select folder
-</div>
-<div class="body">
-<?php
-echo gallery_hier_formfield();
-?>
-</div>
-</div>
-</td>
-</tr>
-</table>
-<table border="0" cellspacing="1" cellpadding="4" style="padding-top: 0;">
-<tr>
-<th class="subhead" style="text-align: left;">
-<small>Please press the Upload button only once! Depending on the size of your image files and the speed of your connection, the upload may take several minutes.</small>
-</th>
-<th class="subhead" style="text-align: right;">
-<input type="submit" name="do_stage2" value="Upload images" /><br />
-</th>
-</tr>
-</table>
-</div>
-<?php
-echo '</form>';
-$template->footer();
 }
 ?>

changeset 42	7c6e2e97aa08
parent 40	2607b83e986d
child 43	7df4993be0b0