diff -r 0944c9354e9c -r 7c6e2e97aa08 plugins/gallery/viewimage.php
--- a/plugins/gallery/viewimage.php Sat Aug 21 23:25:41 2010 -0400
+++ b/plugins/gallery/viewimage.php Sat Aug 21 23:32:06 2010 -0400
@@ -21,351 +21,354 @@
function gallery_namespace_handler(&$page)
{
- global $db, $session, $paths, $template, $plugins; // Common objects
-
- if ( $page->namespace != 'Gallery' )
- return false;
-
- if ( $page->page_id == 'Root' )
- {
- page_Special_Gallery();
- return true;
- }
-
- $row =& $page->image_info;
-
- $db->free_result();
-
- $img_id = $row['img_id'];
-
- if ( !$row['folder_parent'] )
- $row['folder_parent'] = ' IS NULL';
- else
- $row['folder_parent'] = '=' . $row['folder_parent'];
-
- // Fetch image parent properties
- $q = $db->sql_query('SELECT img_id, img_title FROM '.table_prefix.'gallery WHERE folder_parent' . $row['folder_parent'] . ' AND is_folder!=1 ORDER BY img_title ASC;');
- if ( !$q )
- $db->_die();
-
- $folder_total = $db->numrows();
- $folder_this = 0;
- $prev = false;
- $next = false;
- $next_title = '';
- $prev_title = '';
-
- $i = 0;
-
- while ( $r = $db->fetchrow() )
- {
- $i++;
- if ( $i == $folder_total && $r['img_id'] == $img_id )
- {
- $folder_this = $i;
- $next = false;
- }
- else if ( $i < $folder_total && $r['img_id'] == $img_id )
- {
- $folder_this = $i;
- $next = true;
- }
- else
- {
- if ( $next )
- {
- $next = $r['img_id'];
- $next_title = $r['img_title'];
- break;
- }
- $prev = $r['img_id'];
- $prev_title = $r['img_title'];
- }
- }
-
- if ( $next )
- {
- $next_sanitized = sanitize_page_id($next_title);
- $next_url = ( isset($hier) ) ? makeUrlNS('Gallery', $hier . $next_sanitized ) : makeUrlNS('Gallery', $next);
- }
- if ( $prev )
- {
- $prev_sanitized = sanitize_page_id($prev_title);
- $prev_url = ( isset($hier) ) ? makeUrlNS('Gallery', $hier . $prev_sanitized ) : makeUrlNS('Gallery', $prev);
- }
-
- $db->free_result();
-
- $perms = $session->fetch_page_acl(strval($img_id), 'Gallery');
-
- if ( isset($_POST['ajax']) && @$_POST['ajax'] === 'true' && isset($_POST['act']) )
- {
- $mode =& $_POST['act'];
- $response = array();
- switch($mode)
- {
- case 'add_tag':
- if ( !$perms->get_permissions('snapr_add_tag') )
- {
- die(snapr_json_encode(array(
- 'mode' => 'error',
- 'error' => 'You don\'t have permission to add tags.'
- )));
- }
- if ( empty($row['img_tags']) )
- {
- $row['img_tags'] = '[]';
- }
- $row['img_tags'] = snapr_json_decode($row['img_tags']);
-
- $canvas_data = snapr_json_decode($_POST['canvas_params']);
- $tag_data = array(
- 'tag' => sanitize_html($_POST['tag']),
- 'canvas_data' => $canvas_data
- );
- $row['img_tags'][] = $tag_data;
- $tag_data['note_id'] = count($row['img_tags']) - 1;
- $tag_data['mode'] = 'add';
- $tag_data['initial_hide'] = false;
- $tag_data['auth_delete'] = true;
-
- $row['img_tags'] = snapr_json_encode($row['img_tags']);
- $row['img_tags'] = $db->escape($row['img_tags']);
- $q = $db->sql_query('UPDATE ' . table_prefix . "gallery SET img_tags = '{$row['img_tags']}' WHERE img_id = $img_id;");
- if ( !$q )
- $db->die_json();
-
- $response[] = $tag_data;
- break;
- case 'del_tag':
- if ( !$perms->get_permissions('snapr_add_tag') )
- {
- die(snapr_json_encode(array(
- 'mode' => 'error',
- 'error' => 'You don\'t have permission to add tags.'
- )));
- }
- if ( empty($row['img_tags']) )
- {
- $row['img_tags'] = '[]';
- }
- $row['img_tags'] = snapr_json_decode($row['img_tags']);
-
- $tag_id = intval(@$_POST['tag_id']);
- if ( isset($row['img_tags'][$tag_id]) )
- unset($row['img_tags'][$tag_id]);
-
- $row['img_tags'] = snapr_json_encode($row['img_tags']);
- $row['img_tags'] = $db->escape($row['img_tags']);
- $q = $db->sql_query('UPDATE ' . table_prefix . "gallery SET img_tags = '{$row['img_tags']}' WHERE img_id = $img_id;");
- if ( !$q )
- $db->die_json();
-
- $response[] = array(
- 'mode' => 'remove',
- 'note_id' => $tag_id
- );
- break;
- case 'edit_tag':
- if ( !$perms->get_permissions('snapr_add_tag') )
- {
- die(snapr_json_encode(array(
- 'mode' => 'error',
- 'error' => 'You don\'t have permission to edit tags.'
- )));
- }
- if ( empty($row['img_tags']) )
- {
- $row['img_tags'] = '[]';
- }
- $row['img_tags'] = snapr_json_decode($row['img_tags']);
-
- $tag_id = intval(@$_POST['tag_id']);
- if ( isset($row['img_tags'][$tag_id]) )
- {
- $row['img_tags'][$tag_id]['tag'] = sanitize_html($_POST['tag']);
- // copy it
- $tag_return = $row['img_tags'][$tag_id];
- unset($tag);
- }
- else
- {
- die(snapr_json_encode(array(
- 'mode' => 'error',
- 'error' => 'That tag doesn\'t exist.'
- )));
- }
-
- $row['img_tags'] = snapr_json_encode($row['img_tags']);
- $row['img_tags'] = $db->escape($row['img_tags']);
- $q = $db->sql_query('UPDATE ' . table_prefix . "gallery SET img_tags = '{$row['img_tags']}' WHERE img_id = $img_id;");
- if ( !$q )
- $db->die_json();
-
- $tag_return['mode'] = 'add';
- $tag_return['canvas_data'] = snapr_json_decode($_POST['canvas_params']);
- $tag_return['auth_delete'] = $perms->get_permissions('snapr_add_tag');
- $tag_return['initial_hide'] = false;
- $tag_return['note_id'] = $tag_id;
- $response = array($tag_return);
-
- break;
- case 'get_tags':
- if ( empty($row['img_tags']) )
- {
- $row['img_tags'] = '[]';
- }
- $response = snapr_json_decode($row['img_tags']);
- foreach ( $response as $key => $_ )
- {
- unset($_);
- $tag = $response[$key];
- unset($response[$key]);
- $tag['note_id'] = intval($key);
- $tag['mode'] = 'add';
- $tag['initial_hide'] = true;
- $tag['auth_delete'] = $perms->get_permissions('snapr_add_tag');
- $response[intval($key)] = $tag;
- }
- $response = array_values($response);
- unset($tag);
- break;
- }
- $encoded = snapr_json_encode($response);
- header('Content-type: text/plain');
- echo $encoded;
- return true;
- }
-
- $have_notes = ( empty($row['img_tags']) ) ? false : ( count(snapr_json_decode($row['img_tags'])) > 0 );
-
- $template->add_header('');
- $template->add_header('');
-
- $template->tpl_strings['PAGE_NAME'] = 'Gallery image: ' . htmlspecialchars($row['img_title']);
- if ( is_object(@$GLOBALS['output']) )
- {
- global $output;
- $output->set_title('Gallery image: ' . $row['img_title']);
- }
- else if ( method_exists($template, 'assign_vars') )
- {
- $template->assign_vars(array(
- 'PAGE_NAME' => 'Gallery image: ' . htmlspecialchars($row['img_title'])
- ));
- }
- $title_spacey = strtolower(htmlspecialchars($row['img_title']));
-
- $template->header();
-
- $img_id = intval($img_id);
- $bc_folders = gallery_imgid_to_folder($img_id);
- $bc_folders = array_reverse($bc_folders);
- $bc_url = '';
- $breadcrumbs = array();
- $breadcrumbs[] = 'Gallery index';
-
- foreach ( $bc_folders as $folder )
- {
- $bc_url .= '/' . dirtify_page_id($folder);
- $breadcrumbs[] = '' . htmlspecialchars($folder) . '';
- }
-
- $breadcrumbs[] = htmlspecialchars($row['img_title']);
-
- // From here, this breadcrumb stuff is a piece of... sourdough French bread :-) *smacks lips*
- echo '';
- // The actual breadcrumbs
- echo '' . implode(' » ', $breadcrumbs) . '';
- echo '
';
-
- echo '';
- $img_url = makeUrlNS('Special', 'GalleryFetcher/preview/' . $img_id);
- $img_href = makeUrlNS('Special', 'GalleryFetcher/full/' . $img_id);
-
- // The actual image
- $iehack = ( strstr(@$_SERVER['HTTP_USER_AGENT'], 'MSIE') ) ? ' style="width: 1px;"' : '';
- echo '
';
-
- echo '
';
-
- // Prev button
- if ( $prev )
- echo ' ';
- //echo ' | ';
- // if ( $prev )
- // echo 'previous image';
-
- echo ' | ';
-
- // Image title
- echo $title_spacey;
-
- echo ' | ';
-
- // Next button
- if ( $next )
- // echo 'next image';
- //echo ' | ';
- if ( $next )
- echo ' ';
-
- echo ' |
';
- echo '| ' . "image $folder_this of $folder_total" . ' |
';
- if ( $perms->get_permissions('gal_full_res') || $have_notes )
- {
- echo '| ';
-
- if ( $perms->get_permissions('gal_full_res') )
- echo "View in original resolution";
-
- if ( $perms->get_permissions('gal_full_res') && $have_notes )
- echo ' :: ';
-
- if ( $have_notes )
- echo 'Mouse over photo to view tags';
-
- echo ' |
';
- }
- echo '
';
- echo '
';
- if ( $session->user_level >= USER_LEVEL_ADMIN )
- echo '[
edit image ] ';
- if ( $perms->get_permissions('snapr_add_tag') )
- echo '[
add a tag ] ';
- echo '
Image description
';
-
- $desc = RenderMan::render($row['img_desc']);
- echo $desc;
- }
-
- echo '
-
';
-
- // By the time I got to this point, it was 1:32AM (I was on vacation) and my 5-hour playlist on my iPod had been around about 3 times today.
- // So I'm glad this is like the last thing on the list tonight.
-
- $ext = get_file_extension($row['img_filename']);
- $ext = strtoupper($ext);
-
- echo '| Image details |
|---|
';
- echo '| Uploaded: | ' . date('F d, Y h:i a', $row['img_time_upload']) . ' |
';
- echo '| Last modified: | ' . date('F d, Y h:i a', $row['img_time_mod']) . ' |
';
- echo '| Original format: | ' . $ext . ' |
';
- echo '| Download image |
';
-
- echo '
';
+ // The actual breadcrumbs
+ echo '' . implode(' » ', $breadcrumbs) . '';
+ echo '
';
+
+ echo '';
+ $img_url = makeUrlNS('Special', 'GalleryFetcher/preview/' . $img_id);
+ $img_href = makeUrlNS('Special', 'GalleryFetcher/full/' . $img_id);
+
+ // The actual image
+ $iehack = ( strstr(@$_SERVER['HTTP_USER_AGENT'], 'MSIE') ) ? ' style="width: 1px;"' : '';
+ echo '
';
+
+ echo '
| ';
+
+ // Prev button
+ if ( $prev )
+ echo '';
+ //echo ' | ';
+ // if ( $prev )
+ // echo 'previous image';
+
+ echo ' | ';
+
+ // Image title
+ echo $title_spacey;
+
+ echo ' | ';
+
+ // Next button
+ if ( $next )
+ // echo 'next image';
+ //echo ' | ';
+ if ( $next )
+ echo '';
+
+ echo ' |
';
+ echo '| ' . "image $folder_this of $folder_total" . ' |
';
+ if ( $perms->get_permissions('gal_full_res') || $have_notes )
+ {
+ echo '| ';
+
+ if ( $perms->get_permissions('gal_full_res') )
+ echo "View in original resolution";
+
+ if ( $perms->get_permissions('gal_full_res') && $have_notes )
+ echo ' :: ';
+
+ if ( $have_notes )
+ echo 'Mouse over photo to view tags';
+
+ echo ' |
';
+ }
+ echo '
';
+ echo '
';
+ if ( $session->user_level >= USER_LEVEL_ADMIN )
+ echo '[
edit image ] ';
+ if ( $perms->get_permissions('snapr_add_tag') )
+ echo '[
add a tag ] ';
+ echo '
Image description
';
+
+ $desc = RenderMan::render($row['img_desc']);
+ echo $desc;
+ }
+
+ echo '
+
';
+
+ // By the time I got to this point, it was 1:32AM (I was on vacation) and my 5-hour playlist on my iPod had been around about 3 times today.
+ // So I'm glad this is like the last thing on the list tonight.
+
+ $ext = get_file_extension($row['img_filename']);
+ $ext = strtoupper($ext);
+
+ $user_link = '';
+
+ echo '| Image details |
|---|
';
+ echo '| Uploaded: | ' . date('F d, Y h:i a', $row['img_time_upload']) . ' |
';
+ echo '| Last modified: | ' . date('F d, Y h:i a', $row['img_time_mod']) . ' |
';
+ echo '| Original format: | ' . $ext . ' |
';
+ echo '| Author: | ' . $user_link . ' |
';
+ echo '| Download image |
';
+
+ echo '
There is no image in the gallery with this ID.
';
- echo 'You have requested an image that couldn\'t be looked up. Please check the URL and try again, or visit the Gallery index.
';
- }
+ public $image_info;
+
+ function __construct($page_id, $namespace, $revision_id = 0)
+ {
+ global $db, $session, $paths, $template, $plugins; // Common objects
+
+ $this->page_id = sanitize_page_id($page_id);
+ $this->namespace = $namespace;
+ $this->revision_id = intval($revision_id);
+
+ // only do this if calling from the (very heavily feature filled) abstract
+ // this will still be called if you're using your own handler but not replacing the constructor
+ if ( __CLASS__ == 'Namespace_Gallery' )
+ {
+ $this->exists = false;
+ // NOTE! These should already be WELL sanitized before we reach this stage.
+
+ if ( preg_match('/^[0-9]+$/', $this->page_id) )
+ {
+ $img_id = intval($this->page_id);
+ if ( !$img_id )
+ {
+ $this->exists = false;
+ return;
+ }
+ $q = $db->sql_query('SELECT img_id, img_title, img_desc, print_sizes, img_time_upload, img_time_mod, img_filename, folder_parent, img_tags FROM '.table_prefix.'gallery WHERE img_id=' . $img_id . ';');
+ if ( !$q )
+ $db->_die();
+ }
+ else
+ {
+ // Ech... he sent us a string... parse it and see what we get
+ if ( strstr($this->page_id, '/') )
+ {
+ $folders = explode('/', $this->page_id);
+ }
+ else
+ {
+ $folders = array($this->page_id);
+ }
+ foreach ( $folders as $i => $_crap )
+ {
+ $folder =& $folders[$i];
+ $folder = dirtify_page_id($folder);
+ $folder = str_replace('_', ' ', $folder);
+ }
+ unset($folder);
+
+ $folders = array_reverse($folders);
+ // This is one of the best MySQL tricks on the market. We're going to reverse-travel a folder path using LEFT JOIN and the incredible power of metacoded SQL
+ $sql = 'SELECT g0.img_id, g0.img_title, g0.img_desc, g0.print_sizes, g0.img_time_upload, g0.img_time_mod, g0.img_filename, g0.folder_parent, g0.img_tags FROM '.table_prefix.'gallery AS g0';
+ $where = "\n " . 'WHERE g0.img_title=\'' . $db->escape($folders[0]) . '\'';
+ foreach ( $folders as $i => $folder )
+ {
+ if ( $i == 0 )
+ continue;
+ $i_dec = $i - 1;
+ $folder = $db->escape($folder);
+ $sql .= "\n LEFT JOIN ".table_prefix."gallery AS g{$i}\n ON ( g{$i}.img_id=g{$i_dec}.folder_parent AND g{$i}.img_title='$folder' )";
+ $where .= "\n ".'AND g'.$i.'.img_id IS NOT NULL';
+ }
+ $where .= "\n AND g{$i}.folder_parent IS NULL";
+ $sql .= $where . ';';
+
+ if ( !$db->sql_query($sql) )
+ {
+ $db->_die('The image metadata could not be loaded.');
+ }
+
+ // Now that the folder data is no longer needed, we can fool around with it a little
+ $folders = $this->page_id;
+ if ( !strstr($folders, '/') )
+ {
+ $hier = '/';
+ }
+ else
+ {
+ $hier = preg_replace('/\/([^\/]+)$/', '/', $folders);
+ $hier = sanitize_page_id($hier);
+ }
+
+ }
+ if ( $db->numrows() < 1 )
+ {
+ // Image not found
+ $this->exists = false;
+ $this->cdata = array(
+ 'urlname' => $this->page_id,
+ 'namespace' => $this->namespace,
+ 'name' => 'Image not found',
+ 'special' => 0,
+ 'visible' => 0,
+ 'comments_on' => 0,
+ 'protected' => 0,
+ 'delvotes' => 0,
+ 'delvote_ips' => '',
+ 'wiki_mode' => 0,
+ 'page_exists' => false,
+ 'page_format' => getConfig('default_page_format', 'wikitext')
+ );
+ }
+ else
+ {
+ $this->image_info = $db->fetchrow();
+ $this->exists = true;
+ $this->cdata = array(
+ 'urlname' => $this->page_id,
+ 'namespace' => $this->namespace,
+ 'name' => $this->image_info['img_title'],
+ 'special' => 1,
+ 'visible' => 1,
+ 'comments_on' => 1,
+ 'protected' => 0,
+ 'delvotes' => 0,
+ 'delvote_ips' => '',
+ 'wiki_mode' => 0,
+ 'page_exists' => true,
+ 'page_format' => getConfig('default_page_format', 'wikitext')
+ );
+ }
+ $this->title =& $this->cdata['name'];
+ $this->cdata = Namespace_Default::bake_cdata($this->cdata);
+
+ $db->free_result();
+ }
+ }
+
+ function send()
+ {
+ if ( $this->exists )
+ {
+ gallery_namespace_handler($this);
+ }
+ else
+ {
+ global $output;
+ $output->header();
+ $this->error_404();
+ $output->footer();
+ }
+ }
+
+ function error_404()
+ {
+ echo 'There is no image in the gallery with this ID.
';
+ echo 'You have requested an image that couldn\'t be looked up. Please check the URL and try again, or visit the Gallery index.
';
+ }
}
?>