2014-04-30 08:56:04 +00:00
|
|
|
<?php
|
|
|
|
|
|
2016-01-26 14:31:53 +00:00
|
|
|
namespace Lychee\Access;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-26 14:31:53 +00:00
|
|
|
use Lychee\Modules\Album;
|
2016-02-14 13:49:51 +00:00
|
|
|
use Lychee\Modules\Albums;
|
2016-01-26 14:31:53 +00:00
|
|
|
use Lychee\Modules\Photo;
|
2016-02-07 13:32:46 +00:00
|
|
|
use Lychee\Modules\Response;
|
2016-01-26 14:31:53 +00:00
|
|
|
use Lychee\Modules\Session;
|
2016-01-30 20:33:31 +00:00
|
|
|
use Lychee\Modules\Validator;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
final class Guest extends Access {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
public static function init($fn) {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
switch ($fn) {
|
|
|
|
|
|
2016-02-14 13:49:51 +00:00
|
|
|
// Albums functions
|
|
|
|
|
case 'Albums::get': self::getAlbumsAction(); break;
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album functions
|
|
|
|
|
case 'Album::get': self::getAlbumAction(); break;
|
|
|
|
|
case 'Album::getPublic': self::checkAlbumAccessAction(); break;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Photo functions
|
|
|
|
|
case 'Photo::get': self::getPhotoAction(); break;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Session functions
|
|
|
|
|
case 'Session::init': self::initAction(); break;
|
|
|
|
|
case 'Session::login': self::loginAction(); break;
|
|
|
|
|
case 'Session::logout': self::logoutAction(); break;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// $_GET functions
|
|
|
|
|
case 'Album::getArchive': self::getAlbumArchiveAction(); break;
|
|
|
|
|
case 'Photo::getArchive': self::getPhotoArchiveAction(); break;
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-13 22:34:24 +00:00
|
|
|
self::fnNotFound();
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-14 13:49:51 +00:00
|
|
|
// Albums functions
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function getAlbumsAction() {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
Added basic subalbum support.
That is, albums can now contain other albums, which are shown at
the top of the album view. This required some changes to album.js
and the contextMenu.js, because this view contains now both
photos and albums.
The contextMenu on this view has been kept simple by requiring
the user to select either only albums or only photos, but not
a mixture of both.
This feature required a database change, so that the version
has been updated to 3.1.3.
At the moment, album and photo operations (make public, download,
delete, merge) are still "flat", i.e. don't respect the album
hierarchy.
2016-07-28 14:01:36 +00:00
|
|
|
Validator::required(isset($_POST['parent']), __METHOD__);
|
|
|
|
|
|
2016-02-14 13:49:51 +00:00
|
|
|
$albums = new Albums();
|
Added basic subalbum support.
That is, albums can now contain other albums, which are shown at
the top of the album view. This required some changes to album.js
and the contextMenu.js, because this view contains now both
photos and albums.
The contextMenu on this view has been kept simple by requiring
the user to select either only albums or only photos, but not
a mixture of both.
This feature required a database change, so that the version
has been updated to 3.1.3.
At the moment, album and photo operations (make public, download,
delete, merge) are still "flat", i.e. don't respect the album
hierarchy.
2016-07-28 14:01:36 +00:00
|
|
|
Response::json($albums->get(true, $_POST['parent']));
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-14 13:49:51 +00:00
|
|
|
// Album functions
|
|
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function getAlbumAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_POST['albumID'], $_POST['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$album = new Album($_POST['albumID']);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-02-13 22:33:39 +00:00
|
|
|
if ($album->getPublic()===true) {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album public
|
2016-02-13 22:38:04 +00:00
|
|
|
if ($album->checkPassword($_POST['password'])===true) Response::json($album->get());
|
|
|
|
|
else Response::warning('Wrong password!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album private
|
2016-02-07 13:32:46 +00:00
|
|
|
Response::warning('Album private!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function checkAlbumAccessAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_POST['albumID'], $_POST['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$album = new Album($_POST['albumID']);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-02-13 22:33:39 +00:00
|
|
|
if ($album->getPublic()===true) {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album public
|
2016-02-13 22:38:04 +00:00
|
|
|
if ($album->checkPassword($_POST['password'])===true) Response::json(true);
|
|
|
|
|
else Response::json(false);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album private
|
2016-02-13 22:38:04 +00:00
|
|
|
Response::json(false);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Photo functions
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function getPhotoAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_POST['photoID'], $_POST['albumID'], $_POST['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$photo = new Photo($_POST['photoID']);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2015-04-06 16:48:52 +00:00
|
|
|
$pgP = $photo->getPublic($_POST['password']);
|
|
|
|
|
|
2016-02-07 13:32:46 +00:00
|
|
|
if ($pgP===2) Response::json($photo->get($_POST['albumID']));
|
|
|
|
|
else if ($pgP===1) Response::warning('Wrong password!');
|
|
|
|
|
else if ($pgP===0) Response::warning('Photo private!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Session functions
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function initAction() {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$session = new Session();
|
2016-02-07 13:32:46 +00:00
|
|
|
Response::json($session->init(true));
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function loginAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_POST['user'], $_POST['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$session = new Session();
|
2016-02-13 22:38:04 +00:00
|
|
|
Response::json($session->login($_POST['user'], $_POST['password']));
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function logoutAction() {
|
2014-06-14 19:44:08 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$session = new Session();
|
2016-02-13 22:38:04 +00:00
|
|
|
Response::json($session->logout());
|
2014-06-14 19:44:08 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// $_GET functions
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function getAlbumArchiveAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_GET['albumID'], $_GET['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$album = new Album($_GET['albumID']);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2014-08-17 18:22:46 +00:00
|
|
|
if ($album->getPublic()&&$album->getDownloadable()) {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album Public
|
|
|
|
|
if ($album->checkPassword($_GET['password'])) $album->getArchive();
|
2016-02-07 13:32:46 +00:00
|
|
|
else Response::warning('Wrong password!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Album Private
|
2016-02-07 13:32:46 +00:00
|
|
|
Response::warning('Album private or not downloadable!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-30 20:33:31 +00:00
|
|
|
private static function getPhotoArchiveAction() {
|
|
|
|
|
|
|
|
|
|
Validator::required(isset($_GET['photoID'], $_GET['password']), __METHOD__);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-24 21:14:20 +00:00
|
|
|
$photo = new Photo($_GET['photoID']);
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2015-04-06 16:48:52 +00:00
|
|
|
$pgP = $photo->getPublic($_GET['password']);
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Photo Download
|
2015-04-06 16:48:52 +00:00
|
|
|
if ($pgP===2) {
|
2014-04-30 08:56:04 +00:00
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Photo Public
|
2014-04-30 08:56:04 +00:00
|
|
|
$photo->getArchive();
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
2016-01-30 20:43:57 +00:00
|
|
|
// Photo Private
|
2016-02-07 13:32:46 +00:00
|
|
|
Response::warning('Photo private or password incorrect!');
|
2014-04-30 08:56:04 +00:00
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-01-31 14:53:44 +00:00
|
|
|
?>
|
