arno
/
lychee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added get, getSmartInfo, getPublic and checkPassword to Album

Browse Source
pull/123/head
Tobias Reich 10 years ago
parent 7dcf062602
commit 0a922bd076
6 changed files with 260 additions and 479 deletions
Show Stats Download Patch File Download Diff File

5
php/access/admin.php
Unescape View File

@ -17,8 +17,9 @@ switch ($_POST['function']) {
echo json_encode($album->getAll(false));
break;
case 'getAlbum': if (isset($_POST['albumID']))
echo json_encode(getAlbum($_POST['albumID']));
case 'getAlbum': if (!isset($_POST['albumID'])) exit();
$album = new Album($database, $plugins, $settings, $_POST['albumID']);
echo json_encode($album->get());
break;
case 'addAlbum': if (!isset($_POST['title'])) exit();

68
php/access/guest.php
Unescape View File

@ -17,31 +17,27 @@ switch ($_POST['function']) {
echo json_encode($album->getAll(true));
break;
case 'getAlbum': if (isset($_POST['albumID'], $_POST['password'])) {
if (isAlbumPublic($_POST['albumID'])) {
// Album Public
if (checkAlbumPassword($_POST['albumID'], $_POST['password']))
echo json_encode(getAlbum($_POST['albumID']));
else
echo 'Warning: Wrong password!';
} else {
// Album Private
echo 'Warning: Album private!';
}
case 'getAlbum': if (!isset($_POST['albumID'], $_POST['password'])) exit();
$album = new Album($database, $plugins, $settings, $_POST['albumID']);
if ($album->getPublic()) {
// Album Public
if ($album->checkPassword($_POST['password'])) echo json_encode($album->get());
else echo 'Warning: Wrong password!';
} else {
// Album Private
echo 'Warning: Album private!';
}
break;
case 'checkAlbumAccess':if (isset($_POST['albumID'], $_POST['password'])) {
if (isAlbumPublic($_POST['albumID'])) {
// Album Public
if (checkAlbumPassword($_POST['albumID'], $_POST['password']))
echo true;
else
echo false;
} else {
// Album Private
echo false;
}
case 'checkAlbumAccess':if (!isset($_POST['albumID'], $_POST['password'])) exit();
$album = new Album($database, $plugins, $settings, $_POST['albumID']);
if ($album->getPublic()) {
// Album Public
if ($album->checkPassword($_POST['password'])) echo true;
else echo false;
} else {
// Album Private
echo false;
}
break;
@ -68,34 +64,14 @@ switch ($_POST['function']) {
default: switch ($_GET['function']) {
case 'getFeed': if (isset($_GET['albumID'], $_GET['password'])) {
// Album Feed
if (isAlbumPublic($_GET['albumID'])) {
// Album Public
if (checkAlbumPassword($_GET['albumID'], $_GET['password']))
echo getFeed($_GET['albumID']);
else
exit('Warning: Wrong password!');
} else {
// Album Private
exit('Warning: Album private!');
}
}
break;
case 'getAlbumArchive': if (!isset($_GET['albumID'], $_GET['password'])) exit();
$album = new Album($database, $plugins, $settings, $_GET['albumID']);
// Album Download
if (isAlbumPublic($_GET['albumID'])) {
if ($album->getPublic()) {
// Album Public
if (checkAlbumPassword($_GET['albumID'], $_GET['password'])) {
$album = new Album($database, $plugins, $settings, $_GET['albumID']);
$album->getArchive();
} else {
exit('Warning: Wrong password!');
}
if ($album->checkPassword($_GET['password'])) $album->getArchive();
else exit('Warning: Wrong password!');
} else {
// Album Private
exit('Warning: Album private or not downloadable!');

1
php/api.php
Unescape View File

@ -22,7 +22,6 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) {
require('autoload.php');
// Load modules
require('modules/_album.php');
require('modules/db.php');
require('modules/misc.php');
require('modules/photo.php');

303
php/modules/Album.php
Unescape View File

@ -60,6 +60,85 @@ class Album {
}
public function get() {
if (!isset($this->database, $this->settings, $this->albumIDs)) return false;
# Call plugins
$this->plugins('get:before', func_get_args());
# Get album information
switch($this->albumIDs) {
case 'f': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE star = 1 " . $this->settings['sorting'];
break;
case 's': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE public = 1 " . $this->settings['sorting'];
break;
case '0': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = 0 " . $this->settings['sorting'];
break;
default: $albums = $this->database->query("SELECT * FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;");
$return = $albums->fetch_assoc();
$return['sysdate'] = date('d M. Y', strtotime($return['sysdate']));
$return['password'] = ($return['password']=='' ? false : true);
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = '$this->albumIDs' " . $this->settings['sorting'];
break;
}
# Get photos
$photos = $this->database->query($query);
$previousPhotoID = '';
while($photo = $photos->fetch_assoc()) {
# Parse
$photo['sysdate'] = date('d F Y', strtotime($photo['sysdate']));
$photo['previousPhoto'] = $previousPhotoID;
$photo['nextPhoto'] = '';
if ($previousPhotoID!=='') $return['content'][$previousPhotoID]['nextPhoto'] = $photo['id'];
$previousPhotoID = $photo['id'];
# Add to return
$return['content'][$photo['id']] = $photo;
}
if ($photos->num_rows===0) {
# Album empty
$return['content'] = false;
} else {
# Enable next and previous for the first and last photo
$lastElement = end($return['content']);
$lastElementId = $lastElement['id'];
$firstElement = reset($return['content']);
$firstElementId = $firstElement['id'];
if ($lastElementId!==$firstElementId) {
$return['content'][$lastElementId]['nextPhoto'] = $firstElementId;
$return['content'][$firstElementId]['previousPhoto'] = $lastElementId;
}
}
$return['id'] = $this->albumIDs;
$return['num'] = $photos->num_rows;
# Call plugins
$this->plugins('get:after', func_get_args());
return $return;
}
public function getAll($public) {
if (!isset($this->database, $this->settings, $public)) return false;
@ -68,7 +147,7 @@ class Album {
$this->plugins('getAll:before', func_get_args());
# Get SmartAlbums
if ($public===false) $return = getSmartInfo();
if ($public===false) $return = $this->getSmartInfo();
# Albums query
$query = 'SELECT id, title, public, sysdate, password FROM lychee_albums WHERE public = 1 AND visible <> 0';
@ -114,6 +193,117 @@ class Album {
}
private function getSmartInfo() {
if (!isset($this->database, $this->settings)) return false;
# Unsorted
$unsorted = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE album = 0 " . $this->settings['sorting']);
$i = 0;
while($row = $unsorted->fetch_object()) {
if ($i<3) {
$return["unsortedThumb$i"] = $row->thumbUrl;
$i++;
} else break;
}
$return['unsortedNum'] = $unsorted->num_rows;
# Public
$public = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE public = 1 " . $this->settings['sorting']);
$i = 0;
while($row2 = $public->fetch_object()) {
if ($i<3) {
$return["publicThumb$i"] = $row2->thumbUrl;
$i++;
} else break;
}
$return['publicNum'] = $public->num_rows;
# Starred
$starred = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE star = 1 " . $this->settings['sorting']);
$i = 0;
while($row3 = $starred->fetch_object()) {
if ($i<3) {
$return["starredThumb$i"] = $row3->thumbUrl;
$i++;
} else break;
}
$return['starredNum'] = $starred->num_rows;
return $return;
}
public function getArchive() {
if (!isset($this->database, $this->albumIDs)) return false;
# Call plugins
$this->plugins('getArchive:before', func_get_args());
# Photos query
switch($this->albumIDs) {
case 's':
$photos = "SELECT url FROM lychee_photos WHERE public = '1';";
$zipTitle = 'Public';
break;
case 'f':
$photos = "SELECT url FROM lychee_photos WHERE star = '1';";
$zipTitle = 'Starred';
break;
default:
$photos = "SELECT url FROM lychee_photos WHERE album = '$this->albumIDs';";
$zipTitle = 'Unsorted';
}
# Execute query
$photos = $this->database->query($photos);
# Init vars
$zip = new ZipArchive();
$files = array();
$i = 0;
# Parse each url
while ($photo = $photos->fetch_object()) {
$files[$i] = '../uploads/big/' . $photo->url;
$i++;
}
# Set title
$album = $this->database->query("SELECT title FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;");
if ($this->albumIDs!=0&&is_numeric($this->albumIDs)) $zipTitle = $album->fetch_object()->title;
# Create zip
$filename = "../data/$zipTitle.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) return false;
# Add each photo
foreach ($files AS $file) {
$newFile = explode('/', $file);
$newFile = array_reverse($newFile);
$zip->addFile($file, $zipTitle . '/' . $newFile[0]);
}
# Finish zip
$zip->close();
# Send zip
header("Content-Type: application/zip");
header("Content-Disposition: attachment; filename=\"$zipTitle.zip\"");
header("Content-Length: ".filesize($filename));
readfile($filename);
# Delete zip
unlink($filename);
# Call plugins
$this->plugins('getArchive:after', func_get_args());
return true;
}
public function setTitle($title = 'Untitled') {
if (!isset($this->database, $this->albumIDs)) return false;
@ -194,118 +384,89 @@ class Album {
}
public function setPassword($password) {
public function getPublic() {
if (!isset($this->database, $this->albumIDs)) return false;
# Call plugins
$this->plugins('setPassword:before', func_get_args());
$this->plugins('getPublic:before', func_get_args());
if ($this->albumIDs==='0'||$this->albumIDs==='s'||$this->albumIDs==='f') return false;
# Execute query
$result = $this->database->query("UPDATE lychee_albums SET password = '$password' WHERE id IN ('$this->albumIDs');");
$albums = $this->database->query("SELECT public FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;");
$album = $albums->fetch_object();
# Call plugins
$this->plugins('setPassword:after', func_get_args());
$this->plugins('getPublic:after', func_get_args());
if (!$result) return false;
return true;
if ($album->public==1) return true;
return false;
}
public function delete($albumIDs) {
public function setPassword($password) {
if (!isset($this->database, $this->albumIDs)) return false;
# Call plugins
$this->plugins('delete:before', func_get_args());
# Init vars
$error = false;
$this->plugins('setPassword:before', func_get_args());
# Execute query
$result = $this->database->query("SELECT id FROM lychee_photos WHERE album IN ($albumIDs);");
# For each album delete photo
while ($row = $result->fetch_object())
if (!deletePhoto($row->id)) $error = true;
# Delete albums
$result = $this->database->query("DELETE FROM lychee_albums WHERE id IN ($albumIDs);");
$result = $this->database->query("UPDATE lychee_albums SET password = '$password' WHERE id IN ('$this->albumIDs');");
# Call plugins
$this->plugins('delete:after', func_get_args());
$this->plugins('setPassword:after', func_get_args());
if ($error||!$result) return false;
if (!$result) return false;
return true;
}
public function getArchive() {
public function checkPassword($password) {
if (!isset($this->database, $this->albumIDs)) return false;
# Call plugins
$this->plugins('getArchive:before', func_get_args());
# Photos query
switch($this->albumIDs) {
case 's':
$photos = "SELECT url FROM lychee_photos WHERE public = '1';";
$zipTitle = 'Public';
break;
case 'f':
$photos = "SELECT url FROM lychee_photos WHERE star = '1';";
$zipTitle = 'Starred';
break;
default:
$photos = "SELECT url FROM lychee_photos WHERE album = '$this->albumIDs';";
$zipTitle = 'Unsorted';
}
$this->plugins('checkPassword:before', func_get_args());
# Execute query
$photos = $this->database->query($photos);
$albums = $this->database->query("SELECT password FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;");
$album = $albums->fetch_object();
# Init vars
$zip = new ZipArchive();
$files = array();
$i = 0;
# Call plugins
$this->plugins('checkPassword:before', func_get_args());
# Parse each url
while ($photo = $photos->fetch_object()) {
$files[$i] = '../uploads/big/' . $photo->url;
$i++;
}
if ($album->password=='') return true;
else if ($album->password===$password) return true;
return false;
# Set title
$album = $this->database->query("SELECT title FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;");
if ($this->albumIDs!=0&&is_numeric($this->albumIDs)) $zipTitle = $album->fetch_object()->title;
}
# Create zip
$filename = "../data/$zipTitle.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) return false;
public function delete($albumIDs) {
# Add each photo
foreach ($files AS $file) {
$newFile = explode('/', $file);
$newFile = array_reverse($newFile);
$zip->addFile($file, $zipTitle . '/' . $newFile[0]);
}
if (!isset($this->database, $this->albumIDs)) return false;
# Finish zip
$zip->close();
# Call plugins
$this->plugins('delete:before', func_get_args());
# Send zip
header("Content-Type: application/zip");
header("Content-Disposition: attachment; filename=\"$zipTitle.zip\"");
header("Content-Length: ".filesize($filename));
readfile($filename);
# Init vars
$error = false;
# Delete zip
unlink($filename);
# Execute query
$result = $this->database->query("SELECT id FROM lychee_photos WHERE album IN ($albumIDs);");
# For each album delete photo
while ($row = $result->fetch_object())
if (!deletePhoto($row->id)) $error = true;
# Delete albums
$result = $this->database->query("DELETE FROM lychee_albums WHERE id IN ($albumIDs);");
# Call plugins
$this->plugins('getArchive:after', func_get_args());
$this->plugins('delete:after', func_get_args());
if ($error||!$result) return false;
return true;
}

357
php/modules/_album.php
Unescape View File

@ -1,357 +0,0 @@
<?php
/**
* @name Album Module
* @author Philipp Maurer
* @author Tobias Reich
* @copyright 2014 by Philipp Maurer, Tobias Reich
*/
if (!defined('LYCHEE')) exit('Error: Direct access is not allowed!');
function addAlbum($title = '', $public = 0, $visible = 1) {
global $database;
if (strlen($title)>50) $title = substr($title, 0, 50);
$sysdate = date('d.m.Y');
$result = $database->query("INSERT INTO lychee_albums (title, sysdate, public, visible) VALUES ('$title', '$sysdate', '$public', '$visible');");
if (!$result) return false;
return $database->insert_id;
}
function getAlbums($public) {
global $database, $settings;
// Smart Albums
if ($public===false) $return = getSmartInfo();
// Albums
$query = "SELECT id, title, public, sysdate, password FROM lychee_albums WHERE public = 1 AND visible <> 0";
if ($public===false) $query = "SELECT id, title, public, sysdate, password FROM lychee_albums";
$result = $database->query($query) OR exit('Error: ' . $database->error);
while ($row = $result->fetch_object()) {
$album = array();
// Info
$album['id'] = $row->id;
$album['title'] = $row->title;
$album['public'] = $row->public;
$album['sysdate'] = date('F Y', strtotime($row->sysdate));
// Password
$album['password'] = ($row->password != '');
// Thumbs
if (($public&&$row->password=='')||(!$public)) {
$albumID = $row->id;
$result2 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE album = '$albumID' ORDER BY star DESC, " . substr($settings['sorting'], 9) . " LIMIT 0, 3");
$k = 0;
while ($row2 = $result2->fetch_object()) {
$album["thumb$k"] = $row2->thumbUrl;
$k++;
}
}
$return['content'][$row->id] = $album;
}
$return['num'] = $result->num_rows;
return $return;
}
function getSmartInfo() {
global $database, $settings;
// Unsorted
$result = $database->query("SELECT thumbUrl FROM lychee_photos WHERE album = 0 " . $settings['sorting']);
$i = 0;
while($row = $result->fetch_object()) {
if ($i<3) {
$return["unsortedThumb$i"] = $row->thumbUrl;
$i++;
} else break;
}
$return['unsortedNum'] = $result->num_rows;
// Public
$result2 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE public = 1 " . $settings['sorting']);
$i = 0;
while($row2 = $result2->fetch_object()) {
if ($i<3) {
$return["publicThumb$i"] = $row2->thumbUrl;
$i++;
} else break;
}
$return['publicNum'] = $result2->num_rows;
// Starred
$result3 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE star = 1 " . $settings['sorting']);
$i = 0;
while($row3 = $result3->fetch_object()) {
if ($i<3) {
$return["starredThumb$i"] = $row3->thumbUrl;
$i++;
} else break;
}
$return['starredNum'] = $result3->num_rows;
return $return;
}
function getAlbum($albumID) {
global $database, $settings;
// Get album information
switch($albumID) {
case 'f': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE star = 1 " . $settings['sorting'];
break;
case 's': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE public = 1 " . $settings['sorting'];
break;
case '0': $return['public'] = false;
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = 0 " . $settings['sorting'];
break;
default: $result = $database->query("SELECT * FROM lychee_albums WHERE id = '$albumID';");
$row = $result->fetch_object();
$return['title'] = $row->title;
$return['description'] = $row->description;
$return['sysdate'] = date('d M. Y', strtotime($row->sysdate));
$return['public'] = $row->public;
$return['password'] = ($row->password=='' ? false : true);
$query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = '$albumID' " . $settings['sorting'];
break;
}
// Get photos
$result = $database->query($query);
$previousPhotoID = '';
while($row = $result->fetch_assoc()) {
$return['content'][$row['id']]['id'] = $row['id'];
$return['content'][$row['id']]['title'] = $row['title'];
$return['content'][$row['id']]['sysdate'] = date('d F Y', strtotime($row['sysdate']));
$return['content'][$row['id']]['public'] = $row['public'];
$return['content'][$row['id']]['star'] = $row['star'];
$return['content'][$row['id']]['tags'] = $row['tags'];
$return['content'][$row['id']]['album'] = $row['album'];
$return['content'][$row['id']]['thumbUrl'] = $row['thumbUrl'];
$return['content'][$row['id']]['previousPhoto'] = $previousPhotoID;
$return['content'][$row['id']]['nextPhoto'] = '';
if ($previousPhotoID!="") $return['content'][$previousPhotoID]['nextPhoto'] = $row['id'];
$previousPhotoID = $row['id'];
}
if ($result->num_rows===0) {
// Empty album
$return['content'] = false;
} else {
// Enable next and previous for the first and last photo
$lastElement = end($return['content']);
$lastElementId = $lastElement['id'];
$firstElement = reset($return['content']);
$firstElementId = $firstElement['id'];
if ($lastElementId!==$firstElementId) {
$return['content'][$lastElementId]['nextPhoto'] = $firstElementId;
$return['content'][$firstElementId]['previousPhoto'] = $lastElementId;
}
}
$return['id'] = $albumID;
$return['num'] = $result->num_rows;
return $return;
}
function setAlbumTitle($albumIDs, $title) {
global $database;
if (strlen($title)>50) $title = substr($title, 0, 50);
$result = $database->query("UPDATE lychee_albums SET title = '$title' WHERE id IN ($albumIDs);");
if (!$result) return false;
return true;
}
function setAlbumDescription($albumID, $description) {
global $database;
$description = htmlentities($description);
if (strlen($description)>1000) return false;
$result = $database->query("UPDATE lychee_albums SET description = '$description' WHERE id = '$albumID';");
if (!$result) return false;
return true;
}
function deleteAlbum($albumIDs) {
global $database;
$error = false;
$result = $database->query("SELECT id FROM lychee_photos WHERE album IN ($albumIDs);");
// Delete photos
while ($row = $result->fetch_object())
if (!deletePhoto($row->id)) $error = true;
// Delete album
$result = $database->query("DELETE FROM lychee_albums WHERE id IN ($albumIDs);");
if ($error||!$result) return false;
return true;
}
function getAlbumArchive($albumID) {
global $database;
switch($albumID) {
case 's':
$query = "SELECT url FROM lychee_photos WHERE public = '1';";
$zipTitle = 'Public';
break;
case 'f':
$query = "SELECT url FROM lychee_photos WHERE star = '1';";
$zipTitle = 'Starred';
break;
default:
$query = "SELECT url FROM lychee_photos WHERE album = '$albumID';";
$zipTitle = 'Unsorted';
}
$zip = new ZipArchive();
$result = $database->query($query);
$files = array();
$i = 0;
while($row = $result->fetch_object()) {
$files[$i] = '../uploads/big/' . $row->url;
$i++;
}
$result = $database->query("SELECT title FROM lychee_albums WHERE id = '$albumID' LIMIT 1;");
$row = $result->fetch_object();
if ($albumID!=0&&is_numeric($albumID)) $zipTitle = $row->title;
$filename = "../data/$zipTitle.zip";
if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) {
return false;
}
foreach($files AS $zipFile) {
$newFile = explode('/',$zipFile);
$newFile = array_reverse($newFile);
$zip->addFile($zipFile, $zipTitle . '/' . $newFile[0]);
}
$zip->close();
header("Content-Type: application/zip");
header("Content-Disposition: attachment; filename=\"$zipTitle.zip\"");
header("Content-Length: ".filesize($filename));
readfile($filename);
unlink($filename);
return true;
}
function setAlbumPublic($albumID, $password) {
global $database;
$result = $database->query("SELECT public FROM lychee_albums WHERE id = '$albumID' LIMIT 1;");
$row = $result->fetch_object();
$public = ($row->public=='0' ? 1 : 0);
$result = $database->query("UPDATE lychee_albums SET public = '$public', password = NULL WHERE id = '$albumID';");
if (!$result) return false;
if ($public==1) {
$result = $database->query("UPDATE lychee_photos SET public = 0 WHERE album = '$albumID';");
if (!$result) return false;
}
if (strlen($password)>0) return setAlbumPassword($albumID, $password);
return true;
}
function setAlbumPassword($albumID, $password) {
global $database;
$result = $database->query("UPDATE lychee_albums SET password = '$password' WHERE id = '$albumID';");
if (!$result) return false;
return true;
}
function checkAlbumPassword($albumID, $password) {
global $database;
$result = $database->query("SELECT password FROM lychee_albums WHERE id = '$albumID';");
$row = $result->fetch_object();
if ($row->password=='') return true;
else if ($row->password==$password) return true;
return false;
}
function isAlbumPublic($albumID) {
global $database;
if ($albumID==='0'||$albumID==='s'||$albumID==='f') return false;
$result = $database->query("SELECT public FROM lychee_albums WHERE id = '$albumID';");
$row = $result->fetch_object();
if ($row->public==1) return true;
return false;
}
?>

5
php/modules/photo.php
Unescape View File

@ -167,8 +167,9 @@ function isPhotoPublic($photoID, $password) {
if ($row->public==1) return true;
else {
$cAP = checkAlbumPassword($row->album, $password);
$iAP = isAlbumPublic($row->album);
$album = new Album($database, null, null, $row->album);
$cAP = $album->checkPassword($password);
$iAP = $album->getPublic();
if ($iAP&&$cAP) return true;
return false;
}

Write Preview
Loading…
Cancel
Save