diff --git a/php/access/admin.php b/php/access/admin.php index 61a6c1c..ac9b9ab 100644 --- a/php/access/admin.php +++ b/php/access/admin.php @@ -54,36 +54,44 @@ switch ($_POST['function']) { // Photo Functions - case 'getPhoto': if (isset($_POST['photoID'], $_POST['albumID'])) - echo json_encode(getPhoto($_POST['photoID'], $_POST['albumID'])); + case 'getPhoto': if (!isset($_POST['photoID'], $_POST['albumID'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoID']); + echo json_encode($photo->get($_POST['albumID'])); break; - case 'deletePhoto': if (isset($_POST['photoIDs'])) - echo deletePhoto($_POST['photoIDs']); + case 'setPhotoTitle': if (!isset($_POST['photoIDs'], $_POST['title'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoIDs']); + echo $photo->setTitle($_POST['title']); break; - case 'setPhotoAlbum': if (isset($_POST['photoIDs'], $_POST['albumID'])) - echo setPhotoAlbum($_POST['photoIDs'], $_POST['albumID']); + case 'setPhotoDescription': if (!isset($_POST['photoID'], $_POST['description'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoID']); + echo $photo->setDescription($_POST['description']); break; - case 'setPhotoTitle': if (isset($_POST['photoIDs'], $_POST['title'])) - echo setPhotoTitle($_POST['photoIDs'], $_POST['title']); + case 'setPhotoStar': if (!isset($_POST['photoIDs'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoIDs']); + echo $photo->setStar(); break; - case 'setPhotoStar': if (isset($_POST['photoIDs'])) - echo setPhotoStar($_POST['photoIDs']); + case 'setPhotoPublic': if (!isset($_POST['photoID'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoID']); + echo $photo->setPublic(); break; - case 'setPhotoPublic': if (isset($_POST['photoID'], $_POST['url'])) - echo setPhotoPublic($_POST['photoID'], $_POST['url']); + case 'setPhotoAlbum': if (!isset($_POST['photoIDs'], $_POST['albumID'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoIDs']); + echo $photo->setAlbum($_POST['albumID']); break; - case 'setPhotoDescription': if (isset($_POST['photoID'], $_POST['description'])) - echo setPhotoDescription($_POST['photoID'], $_POST['description']); + case 'setPhotoTags': if (!isset($_POST['photoIDs'], $_POST['tags'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoIDs']); + echo $photo->setTags($_POST['tags']); break; - case 'setPhotoTags': if (isset($_POST['photoIDs'], $_POST['tags'])) - echo setPhotoTags($_POST['photoIDs'], $_POST['tags']); + case 'deletePhoto': if (!isset($_POST['photoIDs'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoIDs']); + echo $photo->delete(); break; // Add Functions @@ -144,17 +152,14 @@ switch ($_POST['function']) { default: switch ($_GET['function']) { - case 'getFeed': if (isset($_GET['albumID'])) - echo getFeed($_GET['albumID']); - break; - case 'getAlbumArchive': if (!isset($_GET['albumID'])) exit(); $album = new Album($database, $plugins, $settings, $_GET['albumID']); $album->getArchive(); break; - case 'getPhotoArchive': if (isset($_GET['photoID'])) - getPhotoArchive($_GET['photoID']); + case 'getPhotoArchive': if (!isset($_GET['photoID'])) exit(); + $photo = new Photo($database, $plugins, $_GET['photoID']); + $photo->getArchive(); break; case 'update': echo update(); diff --git a/php/access/guest.php b/php/access/guest.php index 0725087..82c7764 100644 --- a/php/access/guest.php +++ b/php/access/guest.php @@ -43,12 +43,12 @@ switch ($_POST['function']) { // Photo Functions - case 'getPhoto': if (isset($_POST['photoID'], $_POST['albumID'], $_POST['password'])) { - if (isPhotoPublic($_POST['photoID'], $_POST['password'])) - echo json_encode(getPhoto($_POST['photoID'], $_POST['albumID'])); - else - echo 'Warning: Wrong password!'; - } + case 'getPhoto': if (!isset($_POST['photoID'], $_POST['albumID'], $_POST['password'])) exit(); + $photo = new Photo($database, $plugins, $_POST['photoID']); + if ($photo->getPublic($_POST['password'])) + echo json_encode($photo->get($_POST['albumID'])); + else + echo 'Warning: Wrong password!'; break; // Session Functions @@ -81,17 +81,17 @@ switch ($_POST['function']) { break; - case 'getPhotoArchive': if (isset($_GET['photoID'], $_GET['password'])) { + case 'getPhotoArchive': if (!isset($_GET['photoID'], $_GET['password'])) exit(); + $photo = new Photo($database, $plugins, $_GET['photoID']); - // Photo Download - if (isPhotoPublic($_GET['photoID'], $_GET['password'])) - // Photo Public - getPhotoArchive($_GET['photoID']); - else - // Photo Private - exit('Warning: Photo private or not downloadable!'); + // Photo Download + if ($photo->getPublic($_GET['password'])) + // Photo Public + $photo->getArchive(); + else + // Photo Private + exit('Warning: Photo private or not downloadable!'); - } break; default: exit('Error: Function not found! Please check the spelling of the called function.'); diff --git a/php/api.php b/php/api.php index 5364ed0..5875a9e 100755 --- a/php/api.php +++ b/php/api.php @@ -23,7 +23,7 @@ if (!empty($_POST['function'])||!empty($_GET['function'])) { // Load modules require('modules/misc.php'); - require('modules/photo.php'); + require('modules/_photo.php'); require('modules/upload.php'); if (file_exists('../data/config.php')) require('../data/config.php'); diff --git a/php/modules/_photo.php b/php/modules/_photo.php new file mode 100755 index 0000000..541b222 --- /dev/null +++ b/php/modules/_photo.php @@ -0,0 +1,246 @@ +database = $database; + $this->plugins = $plugins; + $this->photoIDs = $photoIDs; + + return true; + + } + + public function get($albumID) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Get photo + $photos = $this->database->query("SELECT * FROM lychee_photos WHERE id = '$this->photoIDs' LIMIT 1;"); + $photo = $photos->fetch_assoc(); + + # Parse photo + $photo['sysdate'] = date('d M. Y', strtotime($photo['sysdate'])); + if (strlen($photo['takedate'])>0) $photo['takedate'] = date('d M. Y', strtotime($photo['takedate'])); + + if ($albumID!='false') { + + if ($photo['album']!=0) { + + # Get album + $albums = $this->database->query("SELECT public FROM lychee_albums WHERE id = '" . $photo['album'] . " LIMIT 1';"); + $album = $albums->fetch_assoc(); + + # Parse album + $photo['public'] = ($album['public']=='1' ? '2' : $photo['public']); + + } + + $photo['original_album'] = $photo['album']; + $photo['album'] = $albumID; + + } + + return $photo; + + } + + public function getArchive() { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Get photo + $photos = $this->database->query("SELECT title, url FROM lychee_photos WHERE id = '$this->photoIDs' LIMIT 1;"); + $photo = $photos->fetch_object(); + + # Get extension + $extension = array_reverse(explode('.', $photo->url)); + + # Parse title + if ($photo->title=='') $photo->title = 'Untitled'; + + # Set headers + header("Content-Type: application/octet-stream"); + header("Content-Disposition: attachment; filename=\"$photo->title.$extension[0]\""); + header("Content-Length: " . filesize("../uploads/big/$photo->url")); + + # Send file + readfile("../uploads/big/$photo->url"); + + return true; + + } + + function setTitle($title) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Parse + if (strlen($title)>50) $title = substr($title, 0, 50); + + # Set title + $result = $this->database->query("UPDATE lychee_photos SET title = '$title' WHERE id IN ($this->photoIDs);"); + + if (!$result) return false; + return true; + + } + + function setDescription($description) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Parse + $description = htmlentities($description); + if (strlen($description)>1000) $description = substr($description, 0, 1000); + + # Set description + $result = $this->database->query("UPDATE lychee_photos SET description = '$description' WHERE id IN ('$this->photoIDs');"); + + if (!$result) return false; + return true; + + } + + public function setStar() { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Init vars + $error = false; + + # Get photos + $photos = $this->database->query("SELECT id, star FROM lychee_photos WHERE id IN ($this->photoIDs);"); + + # For each photo + while ($photo = $photos->fetch_object()) { + + # Invert star + $star = ($photo->star==0 ? 1 : 0); + + # Set star + $star = $this->database->query("UPDATE lychee_photos SET star = '$star' WHERE id = '$photo->id';"); + if (!$star) $error = true; + + } + + if ($error) return false; + return true; + + } + + function getPublic($password) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Get photo + $photos = $this->database->query("SELECT public, album FROM lychee_photos WHERE id = '$this->photoIDs' LIMIT 1;"); + $photo = $photos->fetch_object(); + + # Check if public + if ($photo->public==1) return true; + else { + $album = new Album($this->database, null, null, $photo->album); + $acP = $album->checkPassword($password); + $agP = $album->getPublic(); + if ($acP===true&&$agP===true) return true; + } + + return false; + + } + + public function setPublic() { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Get public + $photos = $this->database->query("SELECT public FROM lychee_photos WHERE id = '$this->photoIDs' LIMIT 1;"); + $photo = $photos->fetch_object(); + + # Invert public + $public = ($photo->public==0 ? 1 : 0); + + # Set public + $result = $this->database->query("UPDATE lychee_photos SET public = '$public' WHERE id = '$this->photoIDs';"); + + if (!$result) return false; + return true; + + } + + function setAlbum($albumID) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Set album + $result = $this->database->query("UPDATE lychee_photos SET album = '$albumID' WHERE id IN ($this->photoIDs);"); + + if (!$result) return false; + return true; + + } + + public function setTags($tags) { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Parse tags + $tags = preg_replace('/(\ ,\ )|(\ ,)|(,\ )|(,{1,}\ {0,})|(,$|^,)/', ',', $tags); + $tags = preg_replace('/,$|^,/', ',', $tags); + if (strlen($tags)>1000) return false; + + # Set tags + $result = $this->database->query("UPDATE lychee_photos SET tags = '$tags' WHERE id IN ($this->photoIDs);"); + + if (!$result) return false; + return true; + + } + + public function delete() { + + if (!isset($this->database, $this->photoIDs)) return false; + + # Get photos + $photos = $this->database->query("SELECT id, url, thumbUrl FROM lychee_photos WHERE id IN ($this->photoIDs);"); + + # For each photo + while ($photo = $photos->fetch_object()) { + + # Get retina thumb url + $thumbUrl2x = explode(".", $photo->thumbUrl); + $thumbUrl2x = $thumbUrl2x[0] . '@2x.' . $thumbUrl2x[1]; + + # Delete files + if (!unlink('../uploads/big/' . $photo->url)) return false; + if (!unlink('../uploads/thumb/' . $photo->thumbUrl)) return false; + if (!unlink('../uploads/thumb/' . $thumbUrl2x)) return false; + + # Delete db entry + $delete = $this->database->query("DELETE FROM lychee_photos WHERE id = '$photo->id';"); + if (!$delete) return false; + + } + + if (!$photos) return false; + return true; + + } + +} + +?> \ No newline at end of file diff --git a/php/modules/photo.php b/php/modules/photo.php deleted file mode 100755 index 033d1b5..0000000 --- a/php/modules/photo.php +++ /dev/null @@ -1,200 +0,0 @@ -query($query); - $return = $result->fetch_assoc(); - - if ($albumID!='false') { - - if ($return['album']!=0) { - - $result = $database->query("SELECT public FROM lychee_albums WHERE id = '" . $return['album'] . "';"); - $return_album = $result->fetch_assoc(); - if ($return_album['public']=="1") $return['public'] = "2"; - - } - - $return['original_album'] = $return['album']; - $return['album'] = $albumID; - $return['sysdate'] = date('d M. Y', strtotime($return['sysdate'])); - if (strlen($return['takedate'])>0) $return['takedate'] = date('d M. Y', strtotime($return['takedate'])); - - } - - unset($return['album_public']); - - return $return; - -} - -function setPhotoPublic($photoID, $url) { - - global $database; - - $result = $database->query("SELECT public FROM lychee_photos WHERE id = '$photoID';"); - $row = $result->fetch_object(); - $public = ($row->public==0 ? 1 : 0); - $result = $database->query("UPDATE lychee_photos SET public = '$public' WHERE id = '$photoID';"); - - if (!$result) return false; - return true; - -} - -function setPhotoStar($photoIDs) { - - global $database; - - $error = false; - $result = $database->query("SELECT id, star FROM lychee_photos WHERE id IN ($photoIDs);"); - - while ($row = $result->fetch_object()) { - - $star = ($row->star==0 ? 1 : 0); - $star = $database->query("UPDATE lychee_photos SET star = '$star' WHERE id = '$row->id';"); - if (!$star) $error = true; - - } - - if ($error) return false; - return true; - -} - -function setPhotoAlbum($photoIDs, $albumID) { - - global $database; - - $result = $database->query("UPDATE lychee_photos SET album = '$albumID' WHERE id IN ($photoIDs);"); - - if (!$result) return false; - return true; - -} - -function setPhotoTitle($photoIDs, $title) { - - global $database; - - if (strlen($title)>50) return false; - $result = $database->query("UPDATE lychee_photos SET title = '$title' WHERE id IN ($photoIDs);"); - - if (!$result) return false; - return true; - -} - -function setPhotoDescription($photoID, $description) { - - global $database; - - $description = htmlentities($description); - if (strlen($description)>1000) return false; - - $result = $database->query("UPDATE lychee_photos SET description = '$description' WHERE id = '$photoID';"); - - if (!$result) return false; - return true; - -} - -function setPhotoTags($photoIDs, $tags) { - - global $database; - - // Parse tags - $tags = preg_replace('/(\ ,\ )|(\ ,)|(,\ )|(,{1,}\ {0,})|(,$|^,)/', ',', $tags); - $tags = preg_replace('/,$|^,/', ',', $tags); - - if (strlen($tags)>1000) return false; - - $result = $database->query("UPDATE lychee_photos SET tags = '$tags' WHERE id IN ($photoIDs);"); - - if (!$result) return false; - return true; - -} - -function deletePhoto($photoIDs) { - - global $database; - - $result = $database->query("SELECT id, url, thumbUrl FROM lychee_photos WHERE id IN ($photoIDs);"); - - while ($row = $result->fetch_object()) { - - // Get retina thumb url - $thumbUrl2x = explode(".", $row->thumbUrl); - $thumbUrl2x = $thumbUrl2x[0] . '@2x.' . $thumbUrl2x[1]; - - // Delete files - if (!unlink('../uploads/big/' . $row->url)) return false; - if (!unlink('../uploads/thumb/' . $row->thumbUrl)) return false; - if (!unlink('../uploads/thumb/' . $thumbUrl2x)) return false; - - // Delete db entry - $delete = $database->query("DELETE FROM lychee_photos WHERE id = $row->id;"); - if (!$delete) return false; - - } - - if (!$result) return false; - return true; - -} - -function isPhotoPublic($photoID, $password) { - - global $database; - - $query = "SELECT public, album FROM lychee_photos WHERE id = '$photoID';"; - - $result = $database->query($query); - $row = $result->fetch_object(); - - if ($row->public==1) return true; - else { - $album = new Album($database, null, null, $row->album); - $cAP = $album->checkPassword($password); - $iAP = $album->getPublic(); - if ($iAP&&$cAP) return true; - return false; - } - -} - -function getPhotoArchive($photoID) { - - global $database; - - $result = $database->query("SELECT title, url FROM lychee_photos WHERE id = '$photoID';"); - $row = $result->fetch_object(); - - $extension = array_reverse(explode('.', $row->url)); - - if ($row->title=='') $row->title = 'Untitled'; - - header("Content-Type: application/octet-stream"); - header("Content-Disposition: attachment; filename=\"$row->title.$extension[0]\""); - header("Content-Length: " . filesize("../uploads/big/$row->url")); - - readfile("../uploads/big/$row->url"); - - return true; - -} - -?> \ No newline at end of file