diff --git a/php/access/admin.php b/php/access/admin.php index 068850e..1d2c8b3 100644 --- a/php/access/admin.php +++ b/php/access/admin.php @@ -17,8 +17,9 @@ switch ($_POST['function']) { echo json_encode($album->getAll(false)); break; - case 'getAlbum': if (isset($_POST['albumID'])) - echo json_encode(getAlbum($_POST['albumID'])); + case 'getAlbum': if (!isset($_POST['albumID'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumID']); + echo json_encode($album->get()); break; case 'addAlbum': if (!isset($_POST['title'])) exit(); diff --git a/php/access/guest.php b/php/access/guest.php index 285b7ea..ab00b13 100644 --- a/php/access/guest.php +++ b/php/access/guest.php @@ -17,31 +17,27 @@ switch ($_POST['function']) { echo json_encode($album->getAll(true)); break; - case 'getAlbum': if (isset($_POST['albumID'], $_POST['password'])) { - if (isAlbumPublic($_POST['albumID'])) { - // Album Public - if (checkAlbumPassword($_POST['albumID'], $_POST['password'])) - echo json_encode(getAlbum($_POST['albumID'])); - else - echo 'Warning: Wrong password!'; - } else { - // Album Private - echo 'Warning: Album private!'; - } + case 'getAlbum': if (!isset($_POST['albumID'], $_POST['password'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumID']); + if ($album->getPublic()) { + // Album Public + if ($album->checkPassword($_POST['password'])) echo json_encode($album->get()); + else echo 'Warning: Wrong password!'; + } else { + // Album Private + echo 'Warning: Album private!'; } break; - case 'checkAlbumAccess':if (isset($_POST['albumID'], $_POST['password'])) { - if (isAlbumPublic($_POST['albumID'])) { - // Album Public - if (checkAlbumPassword($_POST['albumID'], $_POST['password'])) - echo true; - else - echo false; - } else { - // Album Private - echo false; - } + case 'checkAlbumAccess':if (!isset($_POST['albumID'], $_POST['password'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumID']); + if ($album->getPublic()) { + // Album Public + if ($album->checkPassword($_POST['password'])) echo true; + else echo false; + } else { + // Album Private + echo false; } break; @@ -68,34 +64,14 @@ switch ($_POST['function']) { default: switch ($_GET['function']) { - case 'getFeed': if (isset($_GET['albumID'], $_GET['password'])) { - - // Album Feed - if (isAlbumPublic($_GET['albumID'])) { - // Album Public - if (checkAlbumPassword($_GET['albumID'], $_GET['password'])) - echo getFeed($_GET['albumID']); - else - exit('Warning: Wrong password!'); - } else { - // Album Private - exit('Warning: Album private!'); - } - - } - break; - case 'getAlbumArchive': if (!isset($_GET['albumID'], $_GET['password'])) exit(); + $album = new Album($database, $plugins, $settings, $_GET['albumID']); // Album Download - if (isAlbumPublic($_GET['albumID'])) { + if ($album->getPublic()) { // Album Public - if (checkAlbumPassword($_GET['albumID'], $_GET['password'])) { - $album = new Album($database, $plugins, $settings, $_GET['albumID']); - $album->getArchive(); - } else { - exit('Warning: Wrong password!'); - } + if ($album->checkPassword($_GET['password'])) $album->getArchive(); + else exit('Warning: Wrong password!'); } else { // Album Private exit('Warning: Album private or not downloadable!'); diff --git a/php/api.php b/php/api.php index f1aa6bf..1fe582f 100755 --- a/php/api.php +++ b/php/api.php @@ -22,7 +22,6 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) { require('autoload.php'); // Load modules - require('modules/_album.php'); require('modules/db.php'); require('modules/misc.php'); require('modules/photo.php'); diff --git a/php/modules/Album.php b/php/modules/Album.php index b084cc3..105d719 100644 --- a/php/modules/Album.php +++ b/php/modules/Album.php @@ -60,6 +60,85 @@ class Album { } + public function get() { + + if (!isset($this->database, $this->settings, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('get:before', func_get_args()); + + # Get album information + switch($this->albumIDs) { + + case 'f': $return['public'] = false; + $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE star = 1 " . $this->settings['sorting']; + break; + + case 's': $return['public'] = false; + $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE public = 1 " . $this->settings['sorting']; + break; + + case '0': $return['public'] = false; + $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = 0 " . $this->settings['sorting']; + break; + + default: $albums = $this->database->query("SELECT * FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;"); + $return = $albums->fetch_assoc(); + $return['sysdate'] = date('d M. Y', strtotime($return['sysdate'])); + $return['password'] = ($return['password']=='' ? false : true); + $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = '$this->albumIDs' " . $this->settings['sorting']; + break; + + } + + # Get photos + $photos = $this->database->query($query); + $previousPhotoID = ''; + while($photo = $photos->fetch_assoc()) { + + # Parse + $photo['sysdate'] = date('d F Y', strtotime($photo['sysdate'])); + $photo['previousPhoto'] = $previousPhotoID; + $photo['nextPhoto'] = ''; + + if ($previousPhotoID!=='') $return['content'][$previousPhotoID]['nextPhoto'] = $photo['id']; + $previousPhotoID = $photo['id']; + + # Add to return + $return['content'][$photo['id']] = $photo; + + } + + if ($photos->num_rows===0) { + + # Album empty + $return['content'] = false; + + } else { + + # Enable next and previous for the first and last photo + $lastElement = end($return['content']); + $lastElementId = $lastElement['id']; + $firstElement = reset($return['content']); + $firstElementId = $firstElement['id']; + + if ($lastElementId!==$firstElementId) { + $return['content'][$lastElementId]['nextPhoto'] = $firstElementId; + $return['content'][$firstElementId]['previousPhoto'] = $lastElementId; + } + + } + + $return['id'] = $this->albumIDs; + $return['num'] = $photos->num_rows; + + # Call plugins + $this->plugins('get:after', func_get_args()); + + return $return; + + } + public function getAll($public) { if (!isset($this->database, $this->settings, $public)) return false; @@ -68,7 +147,7 @@ class Album { $this->plugins('getAll:before', func_get_args()); # Get SmartAlbums - if ($public===false) $return = getSmartInfo(); + if ($public===false) $return = $this->getSmartInfo(); # Albums query $query = 'SELECT id, title, public, sysdate, password FROM lychee_albums WHERE public = 1 AND visible <> 0'; @@ -114,6 +193,117 @@ class Album { } + private function getSmartInfo() { + + if (!isset($this->database, $this->settings)) return false; + + # Unsorted + $unsorted = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE album = 0 " . $this->settings['sorting']); + $i = 0; + while($row = $unsorted->fetch_object()) { + if ($i<3) { + $return["unsortedThumb$i"] = $row->thumbUrl; + $i++; + } else break; + } + $return['unsortedNum'] = $unsorted->num_rows; + + # Public + $public = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE public = 1 " . $this->settings['sorting']); + $i = 0; + while($row2 = $public->fetch_object()) { + if ($i<3) { + $return["publicThumb$i"] = $row2->thumbUrl; + $i++; + } else break; + } + $return['publicNum'] = $public->num_rows; + + # Starred + $starred = $this->database->query("SELECT thumbUrl FROM lychee_photos WHERE star = 1 " . $this->settings['sorting']); + $i = 0; + while($row3 = $starred->fetch_object()) { + if ($i<3) { + $return["starredThumb$i"] = $row3->thumbUrl; + $i++; + } else break; + } + $return['starredNum'] = $starred->num_rows; + + return $return; + + } + + public function getArchive() { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('getArchive:before', func_get_args()); + + # Photos query + switch($this->albumIDs) { + case 's': + $photos = "SELECT url FROM lychee_photos WHERE public = '1';"; + $zipTitle = 'Public'; + break; + case 'f': + $photos = "SELECT url FROM lychee_photos WHERE star = '1';"; + $zipTitle = 'Starred'; + break; + default: + $photos = "SELECT url FROM lychee_photos WHERE album = '$this->albumIDs';"; + $zipTitle = 'Unsorted'; + } + + # Execute query + $photos = $this->database->query($photos); + + # Init vars + $zip = new ZipArchive(); + $files = array(); + $i = 0; + + # Parse each url + while ($photo = $photos->fetch_object()) { + $files[$i] = '../uploads/big/' . $photo->url; + $i++; + } + + # Set title + $album = $this->database->query("SELECT title FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;"); + if ($this->albumIDs!=0&&is_numeric($this->albumIDs)) $zipTitle = $album->fetch_object()->title; + + # Create zip + $filename = "../data/$zipTitle.zip"; + if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) return false; + + # Add each photo + foreach ($files AS $file) { + $newFile = explode('/', $file); + $newFile = array_reverse($newFile); + $zip->addFile($file, $zipTitle . '/' . $newFile[0]); + } + + # Finish zip + $zip->close(); + + # Send zip + header("Content-Type: application/zip"); + header("Content-Disposition: attachment; filename=\"$zipTitle.zip\""); + header("Content-Length: ".filesize($filename)); + readfile($filename); + + # Delete zip + unlink($filename); + + # Call plugins + $this->plugins('getArchive:after', func_get_args()); + + return true; + + } + public function setTitle($title = 'Untitled') { if (!isset($this->database, $this->albumIDs)) return false; @@ -194,6 +384,27 @@ class Album { } + public function getPublic() { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('getPublic:before', func_get_args()); + + if ($this->albumIDs==='0'||$this->albumIDs==='s'||$this->albumIDs==='f') return false; + + # Execute query + $albums = $this->database->query("SELECT public FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;"); + $album = $albums->fetch_object(); + + # Call plugins + $this->plugins('getPublic:after', func_get_args()); + + if ($album->public==1) return true; + return false; + + } + public function setPassword($password) { if (!isset($this->database, $this->albumIDs)) return false; @@ -212,6 +423,26 @@ class Album { } + public function checkPassword($password) { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('checkPassword:before', func_get_args()); + + # Execute query + $albums = $this->database->query("SELECT password FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;"); + $album = $albums->fetch_object(); + + # Call plugins + $this->plugins('checkPassword:before', func_get_args()); + + if ($album->password=='') return true; + else if ($album->password===$password) return true; + return false; + + } + public function delete($albumIDs) { if (!isset($this->database, $this->albumIDs)) return false; @@ -240,74 +471,4 @@ class Album { } - public function getArchive() { - - if (!isset($this->database, $this->albumIDs)) return false; - - # Call plugins - $this->plugins('getArchive:before', func_get_args()); - - # Photos query - switch($this->albumIDs) { - case 's': - $photos = "SELECT url FROM lychee_photos WHERE public = '1';"; - $zipTitle = 'Public'; - break; - case 'f': - $photos = "SELECT url FROM lychee_photos WHERE star = '1';"; - $zipTitle = 'Starred'; - break; - default: - $photos = "SELECT url FROM lychee_photos WHERE album = '$this->albumIDs';"; - $zipTitle = 'Unsorted'; - } - - # Execute query - $photos = $this->database->query($photos); - - # Init vars - $zip = new ZipArchive(); - $files = array(); - $i = 0; - - # Parse each url - while ($photo = $photos->fetch_object()) { - $files[$i] = '../uploads/big/' . $photo->url; - $i++; - } - - # Set title - $album = $this->database->query("SELECT title FROM lychee_albums WHERE id = '$this->albumIDs' LIMIT 1;"); - if ($this->albumIDs!=0&&is_numeric($this->albumIDs)) $zipTitle = $album->fetch_object()->title; - - # Create zip - $filename = "../data/$zipTitle.zip"; - if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) return false; - - # Add each photo - foreach ($files AS $file) { - $newFile = explode('/', $file); - $newFile = array_reverse($newFile); - $zip->addFile($file, $zipTitle . '/' . $newFile[0]); - } - - # Finish zip - $zip->close(); - - # Send zip - header("Content-Type: application/zip"); - header("Content-Disposition: attachment; filename=\"$zipTitle.zip\""); - header("Content-Length: ".filesize($filename)); - readfile($filename); - - # Delete zip - unlink($filename); - - # Call plugins - $this->plugins('getArchive:after', func_get_args()); - - return true; - - } - } \ No newline at end of file diff --git a/php/modules/_album.php b/php/modules/_album.php deleted file mode 100755 index 691cc7a..0000000 --- a/php/modules/_album.php +++ /dev/null @@ -1,357 +0,0 @@ -50) $title = substr($title, 0, 50); - - $sysdate = date('d.m.Y'); - $result = $database->query("INSERT INTO lychee_albums (title, sysdate, public, visible) VALUES ('$title', '$sysdate', '$public', '$visible');"); - - if (!$result) return false; - return $database->insert_id; - -} - -function getAlbums($public) { - - global $database, $settings; - - // Smart Albums - if ($public===false) $return = getSmartInfo(); - - // Albums - $query = "SELECT id, title, public, sysdate, password FROM lychee_albums WHERE public = 1 AND visible <> 0"; - if ($public===false) $query = "SELECT id, title, public, sysdate, password FROM lychee_albums"; - - $result = $database->query($query) OR exit('Error: ' . $database->error); - - while ($row = $result->fetch_object()) { - - $album = array(); - - // Info - $album['id'] = $row->id; - $album['title'] = $row->title; - $album['public'] = $row->public; - $album['sysdate'] = date('F Y', strtotime($row->sysdate)); - - // Password - $album['password'] = ($row->password != ''); - - // Thumbs - if (($public&&$row->password=='')||(!$public)) { - - $albumID = $row->id; - $result2 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE album = '$albumID' ORDER BY star DESC, " . substr($settings['sorting'], 9) . " LIMIT 0, 3"); - $k = 0; - while ($row2 = $result2->fetch_object()) { - $album["thumb$k"] = $row2->thumbUrl; - $k++; - } - - } - - $return['content'][$row->id] = $album; - - } - - $return['num'] = $result->num_rows; - - return $return; - -} - -function getSmartInfo() { - - global $database, $settings; - - // Unsorted - $result = $database->query("SELECT thumbUrl FROM lychee_photos WHERE album = 0 " . $settings['sorting']); - $i = 0; - while($row = $result->fetch_object()) { - if ($i<3) { - $return["unsortedThumb$i"] = $row->thumbUrl; - $i++; - } else break; - } - $return['unsortedNum'] = $result->num_rows; - - // Public - $result2 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE public = 1 " . $settings['sorting']); - $i = 0; - while($row2 = $result2->fetch_object()) { - if ($i<3) { - $return["publicThumb$i"] = $row2->thumbUrl; - $i++; - } else break; - } - $return['publicNum'] = $result2->num_rows; - - // Starred - $result3 = $database->query("SELECT thumbUrl FROM lychee_photos WHERE star = 1 " . $settings['sorting']); - $i = 0; - while($row3 = $result3->fetch_object()) { - if ($i<3) { - $return["starredThumb$i"] = $row3->thumbUrl; - $i++; - } else break; - } - $return['starredNum'] = $result3->num_rows; - - return $return; - -} - -function getAlbum($albumID) { - - global $database, $settings; - - // Get album information - switch($albumID) { - - case 'f': $return['public'] = false; - $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE star = 1 " . $settings['sorting']; - break; - - case 's': $return['public'] = false; - $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE public = 1 " . $settings['sorting']; - break; - - case '0': $return['public'] = false; - $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = 0 " . $settings['sorting']; - break; - - default: $result = $database->query("SELECT * FROM lychee_albums WHERE id = '$albumID';"); - $row = $result->fetch_object(); - $return['title'] = $row->title; - $return['description'] = $row->description; - $return['sysdate'] = date('d M. Y', strtotime($row->sysdate)); - $return['public'] = $row->public; - $return['password'] = ($row->password=='' ? false : true); - $query = "SELECT id, title, tags, sysdate, public, star, album, thumbUrl FROM lychee_photos WHERE album = '$albumID' " . $settings['sorting']; - break; - - } - - // Get photos - $result = $database->query($query); - $previousPhotoID = ''; - while($row = $result->fetch_assoc()) { - - $return['content'][$row['id']]['id'] = $row['id']; - $return['content'][$row['id']]['title'] = $row['title']; - $return['content'][$row['id']]['sysdate'] = date('d F Y', strtotime($row['sysdate'])); - $return['content'][$row['id']]['public'] = $row['public']; - $return['content'][$row['id']]['star'] = $row['star']; - $return['content'][$row['id']]['tags'] = $row['tags']; - $return['content'][$row['id']]['album'] = $row['album']; - $return['content'][$row['id']]['thumbUrl'] = $row['thumbUrl']; - - $return['content'][$row['id']]['previousPhoto'] = $previousPhotoID; - $return['content'][$row['id']]['nextPhoto'] = ''; - if ($previousPhotoID!="") $return['content'][$previousPhotoID]['nextPhoto'] = $row['id']; - - $previousPhotoID = $row['id']; - - } - - if ($result->num_rows===0) { - - // Empty album - $return['content'] = false; - - } else { - - // Enable next and previous for the first and last photo - $lastElement = end($return['content']); - $lastElementId = $lastElement['id']; - $firstElement = reset($return['content']); - $firstElementId = $firstElement['id']; - - if ($lastElementId!==$firstElementId) { - $return['content'][$lastElementId]['nextPhoto'] = $firstElementId; - $return['content'][$firstElementId]['previousPhoto'] = $lastElementId; - } - - } - - $return['id'] = $albumID; - $return['num'] = $result->num_rows; - - return $return; - -} - -function setAlbumTitle($albumIDs, $title) { - - global $database; - - if (strlen($title)>50) $title = substr($title, 0, 50); - - $result = $database->query("UPDATE lychee_albums SET title = '$title' WHERE id IN ($albumIDs);"); - - if (!$result) return false; - return true; - -} - -function setAlbumDescription($albumID, $description) { - - global $database; - - $description = htmlentities($description); - if (strlen($description)>1000) return false; - - $result = $database->query("UPDATE lychee_albums SET description = '$description' WHERE id = '$albumID';"); - - if (!$result) return false; - return true; - -} - -function deleteAlbum($albumIDs) { - - global $database; - - $error = false; - $result = $database->query("SELECT id FROM lychee_photos WHERE album IN ($albumIDs);"); - - // Delete photos - while ($row = $result->fetch_object()) - if (!deletePhoto($row->id)) $error = true; - - // Delete album - $result = $database->query("DELETE FROM lychee_albums WHERE id IN ($albumIDs);"); - - if ($error||!$result) return false; - return true; - -} - -function getAlbumArchive($albumID) { - - global $database; - - switch($albumID) { - case 's': - $query = "SELECT url FROM lychee_photos WHERE public = '1';"; - $zipTitle = 'Public'; - break; - case 'f': - $query = "SELECT url FROM lychee_photos WHERE star = '1';"; - $zipTitle = 'Starred'; - break; - default: - $query = "SELECT url FROM lychee_photos WHERE album = '$albumID';"; - $zipTitle = 'Unsorted'; - } - - $zip = new ZipArchive(); - $result = $database->query($query); - $files = array(); - $i = 0; - - while($row = $result->fetch_object()) { - $files[$i] = '../uploads/big/' . $row->url; - $i++; - } - - $result = $database->query("SELECT title FROM lychee_albums WHERE id = '$albumID' LIMIT 1;"); - $row = $result->fetch_object(); - - if ($albumID!=0&&is_numeric($albumID)) $zipTitle = $row->title; - $filename = "../data/$zipTitle.zip"; - - if ($zip->open($filename, ZIPARCHIVE::CREATE)!==TRUE) { - return false; - } - - foreach($files AS $zipFile) { - $newFile = explode('/',$zipFile); - $newFile = array_reverse($newFile); - $zip->addFile($zipFile, $zipTitle . '/' . $newFile[0]); - } - - $zip->close(); - - header("Content-Type: application/zip"); - header("Content-Disposition: attachment; filename=\"$zipTitle.zip\""); - header("Content-Length: ".filesize($filename)); - readfile($filename); - unlink($filename); - - return true; - -} - -function setAlbumPublic($albumID, $password) { - - global $database; - - $result = $database->query("SELECT public FROM lychee_albums WHERE id = '$albumID' LIMIT 1;"); - $row = $result->fetch_object(); - $public = ($row->public=='0' ? 1 : 0); - - $result = $database->query("UPDATE lychee_albums SET public = '$public', password = NULL WHERE id = '$albumID';"); - if (!$result) return false; - - if ($public==1) { - $result = $database->query("UPDATE lychee_photos SET public = 0 WHERE album = '$albumID';"); - if (!$result) return false; - } - - if (strlen($password)>0) return setAlbumPassword($albumID, $password); - return true; - -} - -function setAlbumPassword($albumID, $password) { - - global $database; - - $result = $database->query("UPDATE lychee_albums SET password = '$password' WHERE id = '$albumID';"); - - if (!$result) return false; - return true; - -} - -function checkAlbumPassword($albumID, $password) { - - global $database; - - $result = $database->query("SELECT password FROM lychee_albums WHERE id = '$albumID';"); - $row = $result->fetch_object(); - - if ($row->password=='') return true; - else if ($row->password==$password) return true; - return false; - -} - -function isAlbumPublic($albumID) { - - global $database; - - if ($albumID==='0'||$albumID==='s'||$albumID==='f') return false; - - $result = $database->query("SELECT public FROM lychee_albums WHERE id = '$albumID';"); - $row = $result->fetch_object(); - - if ($row->public==1) return true; - return false; - -} - -?> \ No newline at end of file diff --git a/php/modules/photo.php b/php/modules/photo.php index f000c53..033d1b5 100755 --- a/php/modules/photo.php +++ b/php/modules/photo.php @@ -167,8 +167,9 @@ function isPhotoPublic($photoID, $password) { if ($row->public==1) return true; else { - $cAP = checkAlbumPassword($row->album, $password); - $iAP = isAlbumPublic($row->album); + $album = new Album($database, null, null, $row->album); + $cAP = $album->checkPassword($password); + $iAP = $album->getPublic(); if ($iAP&&$cAP) return true; return false; }