A_NextGen_API_Ajax

Provides AJAX actions for JSON API interface.

Defined (1)

The class is defined in the following location(s).

/products/photocrati_nextgen/modules/nextgen_xmlrpc/package.module.nextgen_xmlrpc.php  
  1. class A_NextGen_API_Ajax extends Mixin 
  2. var $nextgen_api = NULL; 
  3. function get_nextgen_api() 
  4. if (is_null($this->nextgen_api)) { 
  5. $this->nextgen_api = C_NextGen_API::get_instance(); 
  6. return $this->nextgen_api; 
  7. function get_nextgen_api_path_list_action() 
  8. $api = $this->get_nextgen_api(); 
  9. $username = $this->object->param('q'); 
  10. $password = $this->object->param('z'); 
  11. $app_config = $this->object->param('app_config'); 
  12. $user_obj = wp_authenticate($username, $password); 
  13. $response = array(); 
  14. if ($user_obj != null && !is_a($user_obj, 'WP_Error')) { 
  15. wp_set_current_user($user_obj->ID); 
  16. $ftp_method = isset($app_config['ftp_method']) ? $app_config['ftp_method'] : 'ftp'; 
  17. $creds = array('connection_type' => $ftp_method == 'sftp' ? 'ssh' : 'ftp', 'hostname' => $app_config['ftp_host'], 'port' => $app_config['ftp_port'], 'username' => $app_config['ftp_user'], 'password' => $app_config['ftp_pass']); 
  18. require_once ABSPATH . 'wp-admin/includes/file.php'; 
  19. $wp_filesystem = $api->create_filesystem_access($creds); 
  20. $root_path = null; 
  21. $base_path = null; 
  22. $plugin_path = null; 
  23. if ($wp_filesystem) { 
  24. $root_path = $wp_filesystem->wp_content_dir(); 
  25. $base_path = $wp_filesystem->abspath(); 
  26. $plugin_path = $wp_filesystem->wp_plugins_dir(); 
  27. } else { 
  28. // fallbacks when unable to connect, try to see if we know the path already 
  29. $root_path = get_option('ngg_ftp_root_path'); 
  30. if (defined('FTP_BASE')) { 
  31. $base_path = FTP_BASE; 
  32. if ($root_path == null && defined('FTP_CONTENT_DIR')) { 
  33. $root_path = FTP_CONTENT_DIR; 
  34. if (defined('FTP_PLUGIN_DIR')) { 
  35. $plugin_path = FTP_PLUGIN_DIR; 
  36. if ($base_path == null && $root_path != null) { 
  37. $base_path = dirname($root_path); 
  38. if ($root_path == null && $base_path != null) { 
  39. $root_path = rtrim($base_path, '/\\') . '/wp-content/'; 
  40. if ($plugin_path == null && $base_path != null) { 
  41. $plugin_path = rtrim($base_path, '/\\') . '/wp-content/plugins/'; 
  42. if ($root_path != NULL) { 
  43. $response['result'] = 'ok'; 
  44. $response['result_object'] = array('root_path' => $root_path, 'wp_content_path' => $root_path, 'wp_base_path' => $base_path, 'wp_plugin_path' => $plugin_path); 
  45. } else { 
  46. if ($wp_filesystem != null) { 
  47. $response['result'] = 'error'; 
  48. $response['error'] = array('code' => C_NextGen_API::ERR_FTP_NO_PATH, 'message' => __('Could not determine FTP path.', 'nggallery')); 
  49. } else { 
  50. $response['result'] = 'error'; 
  51. $response['error'] = array('code' => C_NextGen_API::ERR_FTP_NOT_CONNECTED, 'message' => __('Could not connect to FTP to determine path.', 'nggallery')); 
  52. } else { 
  53. $response['result'] = 'error'; 
  54. $response['error'] = array('code' => C_NextGen_API::ERR_NOT_AUTHENTICATED, 'message' => __('Authentication Failed.', 'nggallery')); 
  55. return $response; 
  56. function enqueue_nextgen_api_task_list_action() 
  57. $api = $this->get_nextgen_api(); 
  58. $username = $this->object->param('q'); 
  59. $password = $this->object->param('z'); 
  60. $response = array(); 
  61. $user_obj = wp_authenticate($username, $password); 
  62. if ($user_obj != null && !is_a($user_obj, 'WP_Error')) { 
  63. wp_set_current_user($user_obj->ID); 
  64. $security = $this->get_registry()->get_utility('I_Security_Manager'); 
  65. $app_config = $this->object->param('app_config'); 
  66. $task_list = $this->object->param('task_list'); 
  67. if ($task_list != null) { 
  68. $task_count = count($task_list); 
  69. $auth_count = 0; 
  70. foreach ($task_list as &$task_item) { 
  71. $task_id = isset($task_item['id']) ? $task_item['id'] : null; 
  72. $task_name = isset($task_item['name']) ? $task_item['name'] : null; 
  73. $task_type = isset($task_item['type']) ? $task_item['type'] : null; 
  74. $task_query = isset($task_item['query']) ? $task_item['query'] : null; 
  75. $type_parts = explode('_', $task_name); 
  76. $type_context = array_pop($type_parts); 
  77. $type_action = array_pop($type_parts); 
  78. $task_auth = false; 
  79. switch ($task_type) { 
  80. case 'gallery_add': 
  81. $task_auth = $security->is_allowed('nextgen_edit_gallery'); 
  82. break; 
  83. case 'gallery_remove': 
  84. case 'gallery_edit': 
  85. $query_id = $api->get_query_id($task_query['id']); 
  86. $gallery = null; 
  87. // The old NextGEN XMLRPC API had this logic so replicating it here for safety 
  88. if ($query_id) { 
  89. $gallery_mapper = C_Gallery_Mapper::get_instance(); 
  90. $gallery = $gallery_mapper->find($query_id); 
  91. if ($gallery != null) { 
  92. $actor = $security->get_current_actor(); 
  93. $task_auth = $actor->get_entity_id() == $gallery->author || $actor->is_allowed('nextgen_edit_gallery_unowned'); 
  94. } else { 
  95. $task_auth = $security->is_allowed('nextgen_edit_gallery'); 
  96. break; 
  97. case 'album_add': 
  98. $task_auth = $security->is_allowed('nextgen_edit_album'); 
  99. break; 
  100. case 'album_remove': 
  101. $task_auth = $security->is_allowed('nextgen_edit_album'); 
  102. break; 
  103. case 'album_edit': 
  104. $task_auth = $security->is_allowed('nextgen_edit_album'); 
  105. break; 
  106. case 'image_list_move': 
  107. break; 
  108. if ($task_auth) { 
  109. $auth_count++; 
  110. $task_item['auth'] = $task_auth ? 'allow' : 'forbid'; 
  111. if ($task_count == $auth_count) { 
  112. $job_id = $api->add_job(array('user' => $user_obj->ID), $app_config, $task_list); 
  113. if ($job_id != null) { 
  114. $handler_delay = defined('NGG_API_JOB_HANDLER_DELAY') ? intval(NGG_API_JOB_HANDLER_DELAY) : 0; 
  115. $handler_delay = $handler_delay > 0 ? $handler_delay : 30; 
  116. /** in seconds */ 
  117. $response['result'] = 'ok'; 
  118. $response['result_object'] = array('job_id' => $job_id, 'job_handler_url' => home_url('/photocrati_ajax?action=execute_nextgen_api_task_list'), 'job_handler_delay' => $handler_delay); 
  119. } else { 
  120. $response['result'] = 'error'; 
  121. $response['error'] = array('code' => C_NextGen_API::ERR_JOB_NOT_ADDED, 'message' => __('Job could not be added.', 'nggallery')); 
  122. } else { 
  123. $response['result'] = 'error'; 
  124. $response['error'] = array('code' => C_NextGen_API::ERR_NOT_AUTHORIZED, 'message' => __('Authorization Failed.', 'nggallery')); 
  125. } else { 
  126. $response['result'] = 'error'; 
  127. $response['error'] = array('code' => C_NextGen_API::ERR_NO_TASK_LIST, 'message' => __('No task list was specified.', 'nggallery')); 
  128. } else { 
  129. $response['result'] = 'error'; 
  130. $response['error'] = array('code' => C_NextGen_API::ERR_NOT_AUTHENTICATED, 'message' => __('Authentication Failed.', 'nggallery')); 
  131. return $response; 
  132. function execute_nextgen_api_task_list_action() 
  133. $api = $this->get_nextgen_api(); 
  134. $job_list = $api->get_job_list(); 
  135. $response = array(); 
  136. if ($api->is_execution_locked()) { 
  137. $response['result'] = 'ok'; 
  138. $response['info'] = array('code' => C_NextGen_API::INFO_EXECUTION_LOCKED, 'message' => __('Job execution is locked.', 'nggallery')); 
  139. } else { 
  140. if ($job_list != null) { 
  141. $api->set_execution_locked(true); 
  142. $job_count = count($job_list); 
  143. $done_count = 0; 
  144. foreach ($job_list as $job) { 
  145. $result = $api->handle_job($job['id'], $job['data'], $job['app_config'], $job['task_list']); 
  146. if ($result) { 
  147. $done_count++; 
  148. if ($api->should_stop_execution()) { 
  149. break; 
  150. $api->set_execution_locked(false); 
  151. if ($done_count == $job_count) { 
  152. $response['result'] = 'ok'; 
  153. $response['info'] = array('code' => C_NextGen_API::INFO_JOB_LIST_FINISHED, 'message' => __('Job list is finished.', 'nggallery')); 
  154. } else { 
  155. $response['result'] = 'ok'; 
  156. $response['info'] = array('code' => C_NextGen_API::INFO_JOB_LIST_UNFINISHED, 'message' => __('Job list is unfinished.', 'nggallery')); 
  157. } else { 
  158. $response['result'] = 'ok'; 
  159. $response['info'] = array('code' => C_NextGen_API::INFO_NO_JOB_LIST, 'message' => __('Job list is empty.', 'nggallery')); 
  160. return $response;