/products/photocrati_nextgen/modules/ngglegacy/admin/manage.php

  1. <?php 
  2.  
  3. if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) { die('You are not allowed to call this page directly.'); } 
  4.  
  5. class nggManageGallery { 
  6.  
  7. var $mode = 'main'; 
  8. var $gid = false; 
  9. var $gallery = NULL; 
  10. var $pid = false; 
  11. var $base_page = 'admin.php?page=nggallery-manage-gallery'; 
  12. var $search_result = false; 
  13.  
  14. // initiate the manage page 
  15. function __construct() 
  16. // GET variables 
  17. if( isset($_GET['gid']) ) { 
  18. $this->gid = (int) $_GET['gid']; 
  19. $this->gallery = C_Gallery_Mapper::get_instance()->find($this->gid); 
  20. if( isset($_GET['pid']) ) 
  21. $this->pid = (int) $_GET['pid']; 
  22. if( isset($_GET['mode']) ) 
  23. $this->mode = trim ($_GET['mode']); 
  24. // Check for pagination request, avoid post process of other submit button, exclude search results 
  25. if ( isset($_POST['post_paged']) && !isset($_GET['s'] ) ) { 
  26. if ( $_GET['paged'] != $_POST['post_paged'] ) { 
  27. $_GET['paged'] = absint( $_POST['post_paged'] ); 
  28. return; 
  29. // Should be only called via manage galleries overview 
  30. if ( isset($_POST['page']) && $_POST['page'] == 'manage-galleries' ) 
  31. $this->post_processor_galleries(); 
  32. // Should be only called via a edit single gallery page 
  33. if ( isset($_POST['page']) && $_POST['page'] == 'manage-images' ) 
  34. $this->post_processor_images(); 
  35. // Should be called via a publish dialog 
  36. if ( isset($_POST['page']) && $_POST['page'] == 'publish-post' ) 
  37. $this->publish_post(); 
  38.  
  39. //Look for other POST process 
  40. if ( !empty($_POST) || !empty($_GET) ) 
  41. $this->processor(); 
  42.  
  43. M_NextGen_Admin::emit_do_notices_action(); 
  44.  
  45. function controller() { 
  46.  
  47. switch($this->mode) { 
  48. case 'sort': 
  49. include_once (dirname (__FILE__) . '/manage-sort.php'); 
  50. nggallery_sortorder($this->gid); 
  51. break; 
  52. case 'edit': 
  53. $this->setup_gallery_fields(); 
  54. $this->setup_image_rows(); 
  55. include_once (dirname (__FILE__) . '/manage-images.php'); 
  56. nggallery_picturelist($this); 
  57. break; 
  58. case 'main': 
  59. default: 
  60. include_once (dirname (__FILE__) . '/manage-galleries.php'); 
  61. nggallery_manage_gallery_main(); 
  62. break; 
  63.  
  64. function processor() { 
  65.  
  66. global $wpdb, $ngg, $nggdb; 
  67.  
  68. // Delete a picture 
  69. if ($this->mode == 'delpic') { 
  70.  
  71. //TODO:Remove also Tag reference 
  72. check_admin_referer('ngg_delpicture'); 
  73. $image = $nggdb->find_image( $this->pid ); 
  74. if ($image) { 
  75. do_action('ngg_delete_picture', $this->pid, $image); 
  76. if ($ngg->options['deleteImg']) { 
  77. $storage = $storage = C_Gallery_Storage::get_instance(); 
  78. $storage->delete_image($this->pid); 
  79. $mapper = C_Image_Mapper::get_instance(); 
  80. $result = $mapper->destroy($this->pid); 
  81.  
  82. if ($result) 
  83. nggGallery::show_message( __('Picture', 'nggallery').' \''.$this->pid.'\' '.__('deleted successfully', 'nggallery') ); 
  84.  
  85. $this->mode = 'edit'; // show pictures 
  86.  
  87.  
  88. // Recover picture from backup 
  89. if ($this->mode == 'recoverpic') { 
  90.  
  91. check_admin_referer('ngg_recoverpicture'); 
  92.  
  93. // bring back the old image 
  94. nggAdmin::recover_image($this->pid); 
  95.  
  96. nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); 
  97.  
  98. $this->mode = 'edit'; // show pictures 
  99.  
  100.  
  101. // will be called after a ajax operation 
  102. if (isset ($_POST['ajax_callback'])) { 
  103. if ($_POST['ajax_callback'] == 1) 
  104. nggGallery::show_message(__('Operation successful. Please clear your browser cache.', "nggallery")); 
  105.  
  106. // show sort order 
  107. if ( isset ($_POST['sortGallery']) ) 
  108. $this->mode = 'sort'; 
  109.  
  110. if ( isset ($_GET['s']) ) 
  111. $this->search_images(); 
  112.  
  113.  
  114. function setup_image_rows() 
  115. add_filter('ngg_manage_images_row', array(&$this, 'render_image_row'), 10, 2); 
  116. add_filter('ngg_manage_images_column_1_header', array(&$this, 'render_image_column_1_header')); 
  117. add_filter('ngg_manage_images_column_1_content', array(&$this, 'render_image_column_1'), 10, 2); 
  118.  
  119. add_filter('ngg_manage_images_column_2_header', array(&$this, 'render_image_column_2_header')); 
  120. add_filter('ngg_manage_images_column_2_content', array(&$this, 'render_image_column_2'), 10, 2); 
  121.  
  122. add_filter('ngg_manage_images_column_3_header', array(&$this, 'render_image_column_3_header')); 
  123. add_filter('ngg_manage_images_column_3_content', array(&$this, 'render_image_column_3'), 10, 2); 
  124.  
  125. add_filter('ngg_manage_images_column_4_header', array(&$this, 'render_image_column_4_header')); 
  126. add_filter('ngg_manage_images_column_4_content', array(&$this, 'render_image_column_4'), 10, 2); 
  127.  
  128. add_filter('ngg_manage_images_column_5_header', array(&$this, 'render_image_column_5_header')); 
  129. add_filter('ngg_manage_images_column_5_content', array(&$this, 'render_image_column_5'), 10, 2); 
  130.  
  131. add_filter('ngg_manage_images_column_6_header', array(&$this, 'render_image_column_6_header')); 
  132. add_filter('ngg_manage_images_column_6_content', array(&$this, 'render_image_column_6'), 10, 2); 
  133.  
  134. function render_image_column_1_header() 
  135. return '<input type="checkbox" id="cb-select-all-1" onclick="checkAll(document.getElementById(\'updategallery\'));">'; 
  136.  
  137. function render_image_column_2_header() 
  138. return __('ID', 'nggallery'); 
  139.  
  140. function render_image_column_3_header() 
  141. return __('Thumbnail', 'nggallery'); 
  142.  
  143. function render_image_column_4_header() 
  144. return __('Filename', 'nggallery'); 
  145.  
  146. function render_image_column_5_header() 
  147. return __('Alt & Title Text / Description', 'nggallery'); 
  148.  
  149. function render_image_column_6_header() 
  150. return __('Tags', 'nggallery'); 
  151.  
  152. function render_image_column_1($output='', $picture=array()) 
  153. return "<input type='checkbox' name='doaction[]' value='{$picture->pid}'/>"; 
  154.  
  155. function render_image_column_2($output='', $picture=array()) 
  156. return $picture->pid; 
  157.  
  158. function render_image_column_3($output='', $picture=array()) 
  159. $image_url = add_query_arg('i', mt_rand(), $picture->imageURL); 
  160. $thumb_url = add_query_arg('i', mt_rand(), $picture->thumbURL); 
  161. $filename = esc_attr($picture->filename); 
  162.  
  163. $output = array(); 
  164.  
  165. $output[] = "<a href='{$image_url}' class='shutter' title='{$filename}'>"; 
  166. $output[] = "<img class='thumb' src='{$thumb_url}' id='thumb{$picture->pid}'/>"; 
  167. $output[] = "</a>"; 
  168.  
  169. return ($output = implode("\n", $output)); 
  170.  
  171. function render_image_column_4($output='', $picture=array()) 
  172. $image_url = nextgen_esc_url($picture->imageURL); 
  173. $filename = esc_attr($picture->filename); 
  174. $caption = esc_html((empty($picture->alttext) ? $picture->filename: $picture->alttext)); 
  175. $date = mysql2date(get_option('date_format'), $picture->imagedate); 
  176. $width = $picture->meta_data['width']; 
  177. $height = $picture->meta_data['height']; 
  178. $pixels = "{$width} x {$height} pixels"; 
  179. $excluded = checked($picture->exclude, 1, false); 
  180. $exclude_label = __("Exclude ?", 'nggallery'); 
  181.  
  182. $output = array(); 
  183.  
  184. $output[] = "<div><strong><a href='{$image_url}' class='thickbox' title='{$caption}'>{$filename}</a></strong></div>"; 
  185. $output[] = '<div class="meta">'. esc_html($date) . '</div>'; 
  186. $output[] = "<div class='meta'>{$pixels}</div>"; 
  187. $output[] = "<label for='exclude_{$picture->pid}'>"; 
  188. $output[] = "<input type='checkbox' id='exclude_{$picture->pid}' value='1' name='images[{$picture->pid}][exclude]' {$excluded}/> {$exclude_label}"; 
  189. $output[] = "</label>"; 
  190.  
  191. return ($output = implode("\n", $output)); 
  192.  
  193. function render_image_column_5($output='', $picture=array()) 
  194. $alttext = esc_attr(stripslashes($picture->alttext)); 
  195. $desc = esc_html(stripslashes($picture->description)); 
  196.  
  197. $output = array(); 
  198.  
  199. $output[] = "<input title='Alt/Title Text' type='text' name='images[{$picture->pid}][alttext]' value='{$alttext}'/>"; 
  200. $output[] = "<textarea title='Description' rows='3' name='images[$picture->pid][description]'>{$desc}</textarea>"; 
  201.  
  202. return ($output = implode("\n", $output)); 
  203.  
  204. function render_image_column_6($output='', $picture=array()) 
  205. global $wp_version; 
  206. $fields = version_compare($wp_version, '4.6', '<=') ? 'fields=names' : array('fields' => 'names'); 
  207. $tags = wp_get_object_terms($picture->pid, 'ngg_tag', $fields); 
  208. if (is_array($tags)) $tags = implode(', ', $tags); 
  209. $tags = esc_html($tags); 
  210.  
  211. return "<textarea rows='4' name='images[{$picture->pid}][tags]'>{$tags}</textarea>"; 
  212.  
  213. function render_image_row($picture, $counter) 
  214. // Get number of columns 
  215. $class = !($counter % 2 == 0) ? '' : 'alternate'; 
  216. $columns = apply_filters('ngg_manage_images_number_of_columns', 6); 
  217.  
  218. // Get the valid row actions 
  219. $actions = array(); 
  220. $row_actions = apply_filters('ngg_manage_images_row_actions', array( 
  221. 'view' => array(&$this, 'render_view_action_link'),  
  222. 'meta' => array(&$this, 'render_meta_action_link'),  
  223. 'custom_thumb' => array(&$this, 'render_custom_thumb_action_link'),  
  224. 'rotate' => array(&$this, 'render_rotate_action_link'),  
  225. 'publish' => array(&$this, 'render_publish_action_link'),  
  226. 'recover' => array(&$this, 'render_recover_action_link'),  
  227. 'delete' => array(&$this, 'render_delete_action_link') 
  228. )); 
  229. foreach ($row_actions as $id => $callback) { 
  230. if (is_callable($callback)) { 
  231. $result = call_user_func($callback, $id, $picture); 
  232. if ($result) $actions[] = $result; 
  233.  
  234. // Output row columns 
  235. echo "<tr class='{$class} iedit' valign='top'>"; 
  236. for ($i=1; $i <= $columns; $i++) { 
  237. $rowspan = $i > 4 ? "rowspan='2'" : ''; 
  238. echo "<td class='column column-{$i}' {$rowspan}>"; 
  239. echo apply_filters("ngg_manage_images_column_{$i}_content", '', $picture); 
  240. echo '</td>'; 
  241. echo '</tr>'; 
  242.  
  243. // Actions row 
  244. echo "<tr class='{$class} row_actions'>"; 
  245. echo '<td colspan="2"></td>'; 
  246. echo "<td colspan='".($columns-2)."'>"; 
  247. echo "<div class='row-actions'>"; 
  248. echo implode(" | ", $actions); 
  249. echo "</div>"; 
  250. echo "</td>"; 
  251. echo '</tr>'; 
  252.  
  253.  
  254. function render_view_action_link($id, $picture) 
  255. $image_url = nextgen_esc_url($picture->imageURL); 
  256. $label = esc_html__('View', 'nggallery'); 
  257. $alt_text = empty($picture->alttext) ? $picture->filename: $picture->alttext; 
  258. $title = esc_attr(__('View', 'nggallery'). " \"{$alt_text}\""); 
  259.  
  260. return "<a href='{$image_url}' class='shutter' title='{$title}'>{$label}</a>"; 
  261.  
  262. function render_meta_action_link($id, $picture) 
  263. $url = nextgen_esc_url(NGGALLERY_URLPATH.'admin/showmeta.php?id='.$picture->pid); 
  264. $title = esc_attr__('Show meta data', 'nggallery'); 
  265. $label = esc_html__('Meta', 'nggallery'); 
  266.  
  267. return "<a href='{$url}' class='ngg-dialog' title='{$title}'>{$label}</a>"; 
  268.  
  269. function render_custom_thumb_action_link($id, $picture) 
  270. $url = nextgen_esc_url(NGGALLERY_URLPATH.'admin/edit-thumbnail.php?id='.$picture->pid); 
  271. $title = esc_attr__('Customize thumbnail', 'nggallery'); 
  272. $label = esc_html__("Edit thumb", 'nggallery'); 
  273.  
  274. return "<a href='{$url}' class='ngg-dialog' title='{$title}'>{$label}</a>"; 
  275.  
  276. function render_rotate_action_link($id, $picture) 
  277. $url = nextgen_esc_url(NGGALLERY_URLPATH.'admin/rotate.php?id='.$picture->pid); 
  278. $title = esc_attr__('Rotate', 'nggallery'); 
  279. $label = esc_html__('Rotate', 'nggallery'); 
  280.  
  281. return "<a href='{$url}' class='ngg-dialog' title='{$title}'>{$label}</a>"; 
  282.  
  283. function render_publish_action_link($id, $picture) 
  284. if (!current_user_can('publish_posts')) return FALSE; 
  285.  
  286. $url = nextgen_esc_url(NGGALLERY_URLPATH.'admin/publish.php?h=230&id='.$picture->pid); 
  287. $title = esc_attr__('Publish this image', 'nggallery'); 
  288. $label = esc_html__('Publish', 'nggallery'); 
  289.  
  290. return "<a href='{$url}' class='ngg-dialog' title='{$title}'>{$label}</a>"; 
  291.  
  292. function render_recover_action_link($id, $picture) 
  293. if ( !file_exists( $picture->imagePath . '_backup' )) return FALSE; 
  294.  
  295. $url = wp_nonce_url("admin.php?page=nggallery-manage-gallery&mode=recoverpic&gid={$picture->galleryid}&pid={$picture->pid}", 'ngg_recoverpicture'); 
  296. $title = esc_attr__('Recover image from backup', 'nggallery'); 
  297. $label = esc_html__('Recover', 'nggallery'); 
  298. $alttext = empty($picture->alttext) ? $picture->filename : $picture->alttext; 
  299. $confirm = addslashes(__("Recover", 'nggallery'). " \"{$alttext}\"?"); 
  300. $onclick = "javascript:if(!confirm(\"{$confirm}\")) return false"; 
  301.  
  302. return "<a href='{$url}' onclick='{$onclick}' class='confirmrecover' title='{$title}'>{$label}</a>"; 
  303.  
  304. function render_delete_action_link($id, $picture) 
  305. $url = wp_nonce_url("admin.php?page=nggallery-manage-gallery&mode=delpic&gid={$picture->galleryid}&pid={$picture->pid}", 'ngg_delpicture'); 
  306. $title = esc_attr__('Delete image', 'nggallery'); 
  307. $label = esc_html__('Delete', 'nggallery'); 
  308. $alttext = empty($picture->alttext) ? $picture->filename : $picture->alttext; 
  309. $confirm = addslashes(__("Delete", 'nggallery'). " \"{$alttext}\"?"); 
  310. $onclick = "javascript:if(!confirm(\"{$confirm}\")) return false;"; 
  311.  
  312. return "<a href='{$url}' onclick='{$onclick}' class='submitdelete delete' title='{$title}'>{$label}</a>"; 
  313.  
  314. function render_image_row_header() 
  315. $columns = apply_filters('ngg_manage_images_number_of_columns', 6); 
  316. echo '<tr>'; 
  317. for($i=1; $i<=$columns; $i++) { 
  318. echo "<th class='column column-{$i}'>"; 
  319. echo apply_filters('ngg_manage_images_column_'.$i.'_header', "Column #{$i}"); 
  320. echo '</th>'; 
  321. echo '</tr>'; 
  322.  
  323. function setup_gallery_fields() 
  324. add_filter('ngg_manage_gallery_fields', array(&$this, 'default_gallery_fields'), 10, 2); 
  325.  
  326. function default_gallery_fields($fields=array(), $gallery=NULL) 
  327. $fields['left'] = array( 
  328. 'title' => array( 
  329. 'callback' => array(&$this, 'render_gallery_title_field'),  
  330. 'label' => __('Title:', 'nggallery'),  
  331. 'tooltip' => NULL,  
  332. 'id' => 'gallery_title' 
  333. ),  
  334. 'description' => array( 
  335. 'callback' => array(&$this, 'render_gallery_desc_field'),  
  336. 'label' => __('Description:', 'nggallery'),  
  337. 'tooltip' => NULL,  
  338. 'id' => 'gallery_desc' 
  339. ),  
  340. 'path' => array( 
  341. 'callback' => array(&$this, 'render_gallery_path_field'),  
  342. 'label' => __('Gallery path:', 'nggallery'),  
  343. 'tooltip' => NULL,  
  344. 'id' => 'gallery_path' 
  345. ),  
  346. 'gallery_author'=> array( 
  347. 'callback' => array(&$this, 'render_gallery_author_field'),  
  348. 'label' => __('Author', 'nggallery'),  
  349. 'tooltip' => NULL,  
  350. 'id' => 'gallery_author' 
  351. ); 
  352.  
  353. $fields['right'] = array( 
  354. 'page_link_to' => array( 
  355. 'callback' => array(&$this, 'render_gallery_link_to_page_field'),  
  356. 'label' => __('Link to page:', 'nggallery'),  
  357. 'tooltip' => __('Albums will link this gallery to the selected page', 'nggallery'),  
  358. 'id' => 'gallery_page_link_to' 
  359. ),  
  360. 'preview_image' => array( 
  361. 'callback' => array(&$this, 'render_gallery_preview_image_field'),  
  362. 'label' => __('Preview image:', 'nggallery'),  
  363. 'tooltip' => NULL,  
  364. 'id' => 'gallery_preview_image',  
  365. ),  
  366. 'create_page' => array( 
  367. 'callback' => array(&$this, 'render_gallery_create_page_field'),  
  368. 'label' => __('Create new page:', 'nggallery'),  
  369. 'tooltip' => NULL,  
  370. 'id' => 'gallery_create_new_page' 
  371. ); 
  372.  
  373. return $fields; 
  374.  
  375. function render_gallery_field_label_column($text, $for, $tooltip = NULL) 
  376. $for = esc_attr($for); 
  377.  
  378. if (!empty($tooltip)) 
  379. $tooltip = "title='{$tooltip}' class='tooltip'"; 
  380.  
  381. echo "<td><label {$tooltip} for='{$for}'>{$text}</label></td>"; 
  382.  
  383. function render_gallery_fields() 
  384. // Get the gallery entity 
  385. $gallery = C_Gallery_Mapper::get_instance()->find($this->gid); 
  386.  
  387. // Get fields 
  388. $fields = apply_filters('ngg_manage_gallery_fields', array(), $gallery); 
  389. $left = isset($fields['left']) ? $fields['left'] : array(); 
  390. $right = isset($fields['right'])? $fields['right']: array(); 
  391.  
  392. // Output table 
  393. echo '<table id="gallery_fields">'; 
  394. $number_of_fields = max(count($left), count($right)); 
  395. $left_keys = array_keys($left); 
  396. $right_keys = array_keys($right); 
  397. for($i=0; $i<$number_of_fields; $i++) { 
  398. // Start row 
  399. echo '<tr>'; 
  400.  
  401. // Left column 
  402. if (isset($left_keys[$i])) { 
  403. extract($left[$left_keys[$i]]); 
  404.  
  405. // Label 
  406. $this->render_gallery_field_label_column($label, $id, $tooltip); 
  407.  
  408. // Input field 
  409. if (is_callable($callback)) { 
  410. echo '<td>'; 
  411. call_user_func($callback, $gallery); 
  412. echo '</td>'; 
  413. elseif (WP_DEBUG) echo "<p>Could not render {$left_keys[$i]} field. No callback exists</p>"; 
  414. else $output[] = '<td colspan="2"></td>'; 
  415.  
  416. // Right column 
  417. if (isset($right_keys[$i])) { 
  418. extract($right[$right_keys[$i]]); 
  419. // Label 
  420. $this->render_gallery_field_label_column($label, $id, $tooltip); 
  421.  
  422. // Input field 
  423. if (is_callable($callback)) { 
  424. echo '<td>'; 
  425. call_user_func($callback, $gallery); 
  426. echo '</td>'; 
  427. elseif (WP_DEBUG) echo "<p>Could not render {$right_keys[$i]} field. No callback exists</p>"; 
  428.  
  429. else $output[] = '<td colspan="2"></td>'; 
  430.  
  431. // End row 
  432. echo '</tr>'; 
  433. echo '</table>'; 
  434.  
  435. function render_gallery_title_field($gallery) 
  436. include('templates/manage_gallery/gallery_title_field.php'); 
  437.  
  438. function render_gallery_desc_field($gallery) 
  439. include('templates/manage_gallery/gallery_desc_field.php'); 
  440.  
  441. function render_gallery_path_field($gallery) 
  442. include('templates/manage_gallery/gallery_path_field.php'); 
  443.  
  444. function render_gallery_author_field($gallery) 
  445. $user = get_userdata($gallery->author); 
  446. $author = isset($user->display_name) ? $user->display_name : $user->user_nicename; 
  447. include('templates/manage_gallery/gallery_author_field.php'); 
  448.  
  449. function render_gallery_link_to_page_field($gallery) 
  450. $pages = get_pages(); 
  451. include('templates/manage_gallery/gallery_link_to_page_field.php'); 
  452.  
  453. function render_gallery_preview_image_field($gallery) 
  454. $images = array(); 
  455. foreach (C_Image_Mapper::get_instance()->find_all(array("galleryid = %s", $gallery->{$gallery->id_field})) as $image) { 
  456. $images[$image->{$image->id_field}] = "[{$image->{$image->id_field}}] {$image->filename}"; 
  457. include('templates/manage_gallery/gallery_preview_image_field.php'); 
  458.  
  459. function render_gallery_create_page_field($gallery) 
  460. $pages = get_pages(); 
  461. include('templates/manage_gallery/gallery_create_page_field.php'); 
  462.  
  463. function post_processor_galleries() { 
  464. global $wpdb, $ngg, $nggdb; 
  465.  
  466. // bulk update in a single gallery 
  467. if (isset ($_POST['bulkaction']) && isset ($_POST['doaction'])) { 
  468.  
  469. check_admin_referer('ngg_bulkgallery'); 
  470.  
  471. switch ($_POST['bulkaction']) { 
  472. case 'no_action'; 
  473. // No action 
  474. break; 
  475. case 'recover_images': 
  476. // Recover images from backup 
  477. // A prefix 'gallery_' will first fetch all ids from the selected galleries 
  478. nggAdmin::do_ajax_operation( 'gallery_recover_image' , $_POST['doaction'], __('Recover from backup', 'nggallery') ); 
  479. break; 
  480. case 'set_watermark': 
  481. // Set watermark 
  482. // A prefix 'gallery_' will first fetch all ids from the selected galleries 
  483. nggAdmin::do_ajax_operation( 'gallery_set_watermark' , $_POST['doaction'], __('Set watermark', 'nggallery') ); 
  484. break; 
  485. case 'import_meta': 
  486. // Import Metadata 
  487. // A prefix 'gallery_' will first fetch all ids from the selected galleries 
  488. nggAdmin::do_ajax_operation( 'gallery_import_metadata' , $_POST['doaction'], __('Import metadata', 'nggallery') ); 
  489. break; 
  490. case 'delete_gallery': 
  491. // Delete gallery 
  492. if (is_array($_POST['doaction'])) 
  493. $deleted = FALSE; 
  494. $mapper = C_Gallery_Mapper::get_instance(); 
  495. foreach ($_POST['doaction'] as $id) { 
  496.  
  497. $gallery = $mapper->find($id); 
  498. if ($gallery->path == '../' || FALSE !== strpos($gallery->path, '/../')) 
  499. nggGallery::show_message(sprintf(__('One or more "../" in Gallery paths could be unsafe and NextGen Gallery will not delete gallery %s automatically', 'nggallery'), $gallery->{$gallery->id_field})); 
  500. else { 
  501. if ($mapper->destroy($id, TRUE)) 
  502. $deleted = TRUE; 
  503.  
  504. if ($deleted) 
  505. nggGallery::show_message(__('Gallery deleted successfully ', 'nggallery')); 
  506. break; 
  507.  
  508. if (isset ($_POST['addgallery']) && isset ($_POST['galleryname'])) { 
  509.  
  510. check_admin_referer('ngg_addgallery'); 
  511.  
  512. if ( !nggGallery::current_user_can( 'NextGEN Add new gallery' )) 
  513. wp_die(__('Cheatin’ uh?', 'nggallery')); 
  514.  
  515. // get the default path for a new gallery 
  516. $defaultpath = $ngg->options['gallerypath']; 
  517. $newgallery = $_POST['galleryname']; 
  518. if ( !empty($newgallery) ) 
  519. nggAdmin::create_gallery($newgallery, $defaultpath); 
  520.  
  521. do_action( 'ngg_update_addgallery_page' ); 
  522.  
  523. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_ResizeImages'])) { 
  524.  
  525. check_admin_referer('ngg_thickbox_form'); 
  526.  
  527. //save the new values for the next operation 
  528. $ngg->options['imgWidth'] = (int) $_POST['imgWidth']; 
  529. $ngg->options['imgHeight'] = (int) $_POST['imgHeight']; 
  530. // What is in the case the user has no if cap 'NextGEN Change options' ? Check feedback 
  531. update_option('ngg_options', $ngg->options); 
  532.  
  533. $gallery_ids = explode(', ', $_POST['TB_imagelist']); 
  534. // A prefix 'gallery_' will first fetch all ids from the selected galleries 
  535. nggAdmin::do_ajax_operation( 'gallery_resize_image' , $gallery_ids, __('Resize images', 'nggallery') ); 
  536.  
  537. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_NewThumbnail'])) { 
  538.  
  539. check_admin_referer('ngg_thickbox_form'); 
  540.  
  541. // save the new values for the next operation 
  542. $settings = C_NextGen_Settings::get_instance(); 
  543. $settings->thumbwidth = (int)$_POST['thumbwidth']; 
  544. $settings->thumbheight = (int)$_POST['thumbheight']; 
  545. $settings->thumbfix = isset($_POST['thumbfix']) ? TRUE : FALSE; 
  546. $settings->save(); 
  547. ngg_refreshSavedSettings(); 
  548.  
  549. // What is in the case the user has no if cap 'NextGEN Change options' ? Check feedback 
  550. $gallery_ids = explode(', ', $_POST['TB_imagelist']); 
  551.  
  552. // A prefix 'gallery_' will first fetch all ids from the selected galleries 
  553. nggAdmin::do_ajax_operation( 'gallery_create_thumbnail' , $gallery_ids, __('Create new thumbnails', 'nggallery') ); 
  554.  
  555.  
  556. function post_processor_images() { 
  557. global $wpdb, $ngg, $nggdb; 
  558.  
  559. // bulk update in a single gallery 
  560. if (isset ($_POST['bulkaction']) && isset ($_POST['doaction'])) { 
  561.  
  562. check_admin_referer('ngg_updategallery'); 
  563.  
  564. switch ($_POST['bulkaction']) { 
  565. case 'no_action'; 
  566. break; 
  567. case 'rotate_cw': 
  568. nggAdmin::do_ajax_operation( 'rotate_cw' , $_POST['doaction'], __('Rotate images', 'nggallery') ); 
  569. break; 
  570. case 'rotate_ccw': 
  571. nggAdmin::do_ajax_operation( 'rotate_ccw' , $_POST['doaction'], __('Rotate images', 'nggallery') ); 
  572. break; 
  573. case 'recover_images': 
  574. nggAdmin::do_ajax_operation( 'recover_image' , $_POST['doaction'], __('Recover from backup', 'nggallery') ); 
  575. break; 
  576. case 'set_watermark': 
  577. nggAdmin::do_ajax_operation( 'set_watermark' , $_POST['doaction'], __('Set watermark', 'nggallery') ); 
  578. break; 
  579. case 'delete_images': 
  580. if ( is_array($_POST['doaction']) ) { 
  581. foreach ( $_POST['doaction'] as $imageID ) { 
  582. $image = $nggdb->find_image( $imageID ); 
  583. if ($image) { 
  584. do_action('ngg_delete_picture', $image->pid, $image); 
  585. if ($ngg->options['deleteImg']) { 
  586. $storage = C_Gallery_Storage::get_instance(); 
  587. $storage->delete_image($image->pid); 
  588. $delete_pic = C_Image_Mapper::get_instance()->destroy($image->pid); 
  589. if($delete_pic) 
  590. nggGallery::show_message(__('Pictures deleted successfully ', 'nggallery')); 
  591. break; 
  592. case 'import_meta': 
  593. nggAdmin::do_ajax_operation( 'import_metadata' , $_POST['doaction'], __('Import metadata', 'nggallery') ); 
  594. break; 
  595.  
  596. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_ResizeImages'])) { 
  597.  
  598. check_admin_referer('ngg_thickbox_form'); 
  599.  
  600. //save the new values for the next operation 
  601. $ngg->options['imgWidth'] = (int) $_POST['imgWidth']; 
  602. $ngg->options['imgHeight'] = (int) $_POST['imgHeight']; 
  603.  
  604. update_option('ngg_options', $ngg->options); 
  605.  
  606. $pic_ids = explode(', ', $_POST['TB_imagelist']); 
  607. nggAdmin::do_ajax_operation( 'resize_image' , $pic_ids, __('Resize images', 'nggallery') ); 
  608.  
  609. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_NewThumbnail'])) { 
  610.  
  611. check_admin_referer('ngg_thickbox_form'); 
  612.  
  613. // save the new values for the next operation 
  614. $settings = C_NextGen_Settings::get_instance(); 
  615. $settings->thumbwidth = (int)$_POST['thumbwidth']; 
  616. $settings->thumbheight = (int)$_POST['thumbheight']; 
  617. $settings->thumbfix = isset($_POST['thumbfix']) ? TRUE : FALSE; 
  618. $settings->save(); 
  619. ngg_refreshSavedSettings(); 
  620.  
  621. $pic_ids = explode(', ', $_POST['TB_imagelist']); 
  622. nggAdmin::do_ajax_operation( 'create_thumbnail' , $pic_ids, __('Create new thumbnails', 'nggallery') ); 
  623.  
  624. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_SelectGallery'])) { 
  625.  
  626. check_admin_referer('ngg_thickbox_form'); 
  627.  
  628. $pic_ids = explode(', ', $_POST['TB_imagelist']); 
  629. $dest_gid = (int) $_POST['dest_gid']; 
  630.  
  631. switch ($_POST['TB_bulkaction']) { 
  632. case 'copy_to': 
  633. C_Gallery_Storage::get_instance()->copy_images($pic_ids, $dest_gid); 
  634. break; 
  635. case 'move_to': 
  636. C_Gallery_Storage::get_instance()->move_images($pic_ids, $dest_gid); 
  637. break; 
  638.  
  639. if (isset ($_POST['TB_bulkaction']) && isset ($_POST['TB_EditTags'])) { 
  640. // do tags update 
  641.  
  642. check_admin_referer('ngg_thickbox_form'); 
  643.  
  644. // get the images list 
  645. $pic_ids = explode(', ', $_POST['TB_imagelist']); 
  646. $taglist = explode(', ', $_POST['taglist']); 
  647. $taglist = array_map('trim', $taglist); 
  648.  
  649. if (is_array($pic_ids)) { 
  650.  
  651. foreach($pic_ids as $pic_id) { 
  652.  
  653. // which action should be performed ? 
  654. switch ($_POST['TB_bulkaction']) { 
  655. case 'no_action'; 
  656. // No action 
  657. break; 
  658. case 'overwrite_tags': 
  659. // Overwrite tags 
  660. wp_set_object_terms($pic_id, $taglist, 'ngg_tag'); 
  661. break; 
  662. case 'add_tags': 
  663. // Add / append tags 
  664. wp_set_object_terms($pic_id, $taglist, 'ngg_tag', TRUE); 
  665. break; 
  666. case 'delete_tags': 
  667. // Delete tags 
  668. $oldtags = wp_get_object_terms($pic_id, 'ngg_tag', 'fields=names'); 
  669. // get the slugs, to vaoid case sensitive problems 
  670. $slugarray = array_map('sanitize_title', $taglist); 
  671. $oldtags = array_map('sanitize_title', $oldtags); 
  672. // compare them and return the diff 
  673. $newtags = array_diff($oldtags, $slugarray); 
  674. wp_set_object_terms($pic_id, $newtags, 'ngg_tag'); 
  675. break; 
  676.  
  677. nggGallery::show_message( __('Tags changed', 'nggallery') ); 
  678.  
  679. if (isset ($_POST['updatepictures']) ) { 
  680. // Update pictures 
  681.  
  682. check_admin_referer('ngg_updategallery'); 
  683.  
  684. if ( nggGallery::current_user_can( 'NextGEN Edit gallery options' ) && !isset ($_GET['s']) ) { 
  685. $tags = array('<a>', '<abbr>', '<acronym>', '<address>', '<b>', '<base>', '<basefont>', '<big>', '<blockquote>', '<br>', '<br/>', '<caption>', '<center>', '<cite>', '<code>', '<col>', '<colgroup>', '<dd>', '<del>', '<dfn>', '<dir>', '<div>', '<dl>', '<dt>', '<em>', '<fieldset>', '<font>', '<h1>', '<h2>', '<h3>', '<h4>', '<h5>', '<h6>', '<hr>', '<i>', '<img>', '<ins>', '<label>', '<legend>', '<li>', '<menu>', '<noframes>', '<noscript>', '<ol>', '<optgroup>', '<option>', '<p>', '<pre>', '<q>', '<s>', '<samp>', '<select>', '<small>', '<span>', '<strike>', '<strong>', '<sub>', '<sup>', '<table>', '<tbody>', '<td>', '<tfoot>', '<th>', '<thead>', '<tr>', '<tt>', '<u>', '<ul>'); 
  686. $fields = array('title', 'galdesc'); 
  687.  
  688. // Sanitize fields 
  689. foreach ($fields as $field) { 
  690. $html = stripslashes($_POST[$field]); 
  691. $html = preg_replace('/\\s+on\\w+=(["\']).*?\\1/i', '', $html); 
  692. $html = preg_replace('/(<\/[^>]+?>)(<[^>\/][^>]*?>)/', '$1 $2', $html); 
  693. $html = strip_tags($html, implode('', $tags)); 
  694. $_POST[$field] = $html; 
  695.  
  696. // Update the gallery 
  697. $mapper = C_Gallery_Mapper::get_instance(); 
  698. if ($entity = $mapper->find($this->gid)) { 
  699. foreach ($_POST as $key => $value) { 
  700. $entity->$key = $value; 
  701. $mapper->save($entity); 
  702.  
  703. if ($entity->path == '../' || FALSE !== strpos($entity->path, '/../')) 
  704. nggGallery::show_message(sprintf(__('One or more "../" in Gallery paths could be unsafe and NextGen Gallery will not delete this gallery automatically', 'nggallery'), $entity->{$entity->id_field})); 
  705.  
  706. wp_cache_delete($this->gid, 'ngg_gallery'); 
  707.  
  708.  
  709. $this->update_pictures(); 
  710.  
  711. //hook for other plugin to update the fields 
  712. do_action('ngg_update_gallery', $this->gid, $_POST); 
  713.  
  714. nggGallery::show_message(__('Update successful', 'nggallery')); 
  715.  
  716. if (isset ($_POST['scanfolder'])) { 
  717. // Rescan folder 
  718. check_admin_referer('ngg_updategallery'); 
  719.  
  720. $gallerypath = $wpdb->get_var("SELECT path FROM $wpdb->nggallery WHERE gid = '$this->gid' "); 
  721. nggAdmin::import_gallery($gallerypath, $this->gid); 
  722.  
  723. // Add a new page 
  724. if (isset ($_POST['addnewpage'])) 
  725. check_admin_referer('ngg_updategallery'); 
  726.  
  727. $parent_id = esc_attr($_POST['parent_id']); 
  728. $gallery_title = esc_attr($_POST['title']); 
  729. $mapper = C_Gallery_Mapper::get_instance(); 
  730. $gallery = $mapper->find($this->gid); 
  731. $gallery_name = $gallery->name; 
  732.  
  733. // Create a WP page 
  734. global $user_ID; 
  735.  
  736. $page['post_type'] = 'page'; 
  737. $page['post_content'] = apply_filters('ngg_add_page_shortcode', '[nggallery id="' . $this->gid . '"]' ); 
  738. $page['post_parent'] = $parent_id; 
  739. $page['post_author'] = $user_ID; 
  740. $page['post_status'] = 'publish'; 
  741. $page['post_title'] = $gallery_title == '' ? $gallery_name : $gallery_title; 
  742. $page = apply_filters('ngg_add_new_page', $page, $this->gid); 
  743.  
  744. $gallery_pageid = wp_insert_post ($page); 
  745. if ($gallery_pageid != 0) 
  746. $gallery->pageid = $gallery_pageid; 
  747. $mapper->save($gallery); 
  748. nggGallery::show_message(__('New gallery page ID', 'nggallery') . ' ' . $gallery_pageid . ' -> <strong>' . $gallery_title . '</strong> ' . __('created', 'nggallery')); 
  749.  
  750. do_action('ngg_gallery_addnewpage', $this->gid); 
  751.  
  752. /** 
  753. * Publish a new post with the shortcode from the selected image 
  754. * 
  755. * @since 1.7.0 
  756. * @return void 
  757. */ 
  758. function publish_post() { 
  759.  
  760. check_admin_referer('publish-post'); 
  761.  
  762. // Create a WP page 
  763. global $user_ID, $ngg; 
  764.  
  765. $ngg->options['publish_width'] = (int) $_POST['width']; 
  766. $ngg->options['publish_height'] = (int) $_POST['height']; 
  767. $ngg->options['publish_align'] = $_POST['align']; 
  768. $align = ( $ngg->options['publish_align'] == 'none') ? '' : 'float='.$ngg->options['publish_align']; 
  769.  
  770. //save the new values for the next operation 
  771. update_option('ngg_options', $ngg->options); 
  772.  
  773. $post['post_type'] = 'post'; 
  774. $post['post_content'] = '[singlepic id=' . intval($_POST['pid']) . ' w=' . $ngg->options['publish_width'] . ' h=' . $ngg->options['publish_height'] . ' ' . $align . ']'; 
  775. $post['post_author'] = $user_ID; 
  776. $post['post_status'] = isset ( $_POST['publish'] ) ? 'publish' : 'draft'; 
  777. $post['post_title'] = $_POST['post_title']; 
  778. $post = apply_filters('ngg_add_new_post', $post, $_POST['pid']); 
  779.  
  780. $post_id = wp_insert_post ($post); 
  781.  
  782. if ($post_id != 0) 
  783. nggGallery::show_message( __('Published a new post', 'nggallery') ); 
  784.  
  785. function can_user_manage_gallery() 
  786. $retval = FALSE; 
  787. $registry = C_Component_Registry::get_instance(); 
  788. $security = $registry->get_utility('I_Security_Manager'); 
  789. $actor = $security->get_current_actor(); 
  790.  
  791. if ($this->gallery && $actor->get_entity_id()== $this->gallery->author) { 
  792. $retval = TRUE; 
  793. elseif($actor->is_allowed('nextgen_edit_gallery_unowned')) { 
  794. $retval = TRUE; 
  795.  
  796. return $retval; 
  797.  
  798. function update_pictures() 
  799. $updated = 0; 
  800.  
  801. if (!$this->can_user_manage_gallery()) return $updated; 
  802.  
  803. if (isset($_POST['images']) && is_array($_POST['images'])) { 
  804. $image_mapper = C_Image_Mapper::get_instance(); 
  805.  
  806. foreach ($_POST['images'] as $pid => $data) { 
  807. if (!isset($data['exclude'])) $data['exclude'] = 0; 
  808. if (($image = $image_mapper->find($pid))) { 
  809. // Strip slashes from title/description/alttext fields 
  810. if (isset($data['description'])) { 
  811. $data['description'] = stripslashes($data['description']); 
  812. if (isset($data['alttext'])) { 
  813. $data['alttext'] = stripslashes($data['alttext']); 
  814. if (isset($data['title'])) { 
  815. $data['title'] = stripslashes($data['title']); 
  816.  
  817. // Generate new slug if the alttext has changed 
  818. if (isset($data['alttext']) && $image->alttext != $data['alttext']) { 
  819. $data['slug'] = NULL; // will cause a new slug to be generated 
  820.  
  821. // Update all fields 
  822. foreach ($data as $key => $value) { 
  823. $image->$key = $value; 
  824. if ($image_mapper->save($image)) { 
  825. $updated += 1; 
  826.  
  827. // Update the tags for the image 
  828. if (isset($data['tags'])) { 
  829. $tags = $data['tags']; 
  830. if (!is_array($tags)) $tags = explode(', ', $tags); 
  831. foreach ($tags as &$tag) $tag = trim($tag); 
  832. wp_set_object_terms($image->{$image->id_field}, $tags, 'ngg_tag'); 
  833.  
  834. // remove from cache 
  835. wp_cache_delete($image->pid, 'ngg_image'); 
  836.  
  837. // hook for other plugins after image is updated 
  838. do_action('ngg_image_updated', $image); 
  839. return $updated; 
  840.  
  841. // Check if user can select a author 
  842. function get_editable_user_ids( $user_id, $exclude_zeros = true ) { 
  843. global $wpdb; 
  844.  
  845. $user = new WP_User( $user_id ); 
  846.  
  847. if ( ! $user->has_cap('NextGEN Manage others gallery') ) { 
  848. if ( $user->has_cap('NextGEN Manage gallery') || $exclude_zeros == false ) 
  849. return array($user->id); 
  850. else 
  851. return false; 
  852.  
  853. $level_key = $wpdb->prefix . 'user_level'; 
  854. $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'"; 
  855. if ( $exclude_zeros ) 
  856. $query .= " AND meta_value != '0'"; 
  857.  
  858. return $wpdb->get_col( $query ); 
  859.  
  860. function search_images() { 
  861. global $nggdb; 
  862.  
  863. if ( empty($_GET['s']) ) 
  864. return; 
  865. //on what ever reason I need to set again the query var 
  866. set_query_var('s', $_GET['s']); 
  867. $request = get_search_query(); 
  868.  
  869. // look now for the images 
  870. $search_for_images = (array) $nggdb->search_for_images( $request ); 
  871. $search_for_tags = (array) nggTags::find_images_for_tags( $request , 'ASC' ); 
  872.  
  873. // finally merge the two results together 
  874. $this->search_result = array_merge( $search_for_images , $search_for_tags ); 
  875.  
  876. // TODO: Currently we didn't support a proper pagination 
  877. $nggdb->paged['total_objects'] = $nggdb->paged['objects_per_page'] = count ($this->search_result) ; 
  878. $nggdb->paged['max_objects_per_page'] = 1; 
  879.  
  880. // show pictures page 
  881. $this->mode = 'edit'; 
  882.  
  883. /** 
  884. * Display the pagination. 
  885. * 
  886. * @since 1.8.0 
  887. * @author taken from WP core (see includes/class-wp-list-table.php) 
  888. * @return string echo the html pagination bar 
  889. */ 
  890. function pagination( $which, $current, $total_items, $per_page ) { 
  891.  
  892. $total_pages = ($per_page > 0) ? ceil( $total_items / $per_page ) : 1; 
  893.  
  894. $output = '<span class="displaying-num">' . sprintf( _n( '1 item', '%s items', $total_items ), number_format_i18n( $total_items ) ) . '</span>'; 
  895.  
  896. $current_url = ( is_ssl() ? 'https://' : 'http://' ) . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 
  897.  
  898. $current_url = remove_query_arg( array( 'hotkeys_highlight_last', 'hotkeys_highlight_first' ), $current_url ); 
  899.  
  900. $page_links = array(); 
  901.  
  902. $disable_first = $disable_last = ''; 
  903. if ( $current == 1 ) 
  904. $disable_first = ' disabled'; 
  905. if ( $current == $total_pages ) 
  906. $disable_last = ' disabled'; 
  907.  
  908. $page_links[] = sprintf( "<a class='%s' title='%s' href='%s'>%s</a>",  
  909. 'first-page' . $disable_first,  
  910. esc_attr__( 'Go to the first page' ),  
  911. nextgen_esc_url( remove_query_arg( 'paged', $current_url ) ),  
  912. '«' 
  913. ); 
  914.  
  915. $page_links[] = sprintf( "<a class='%s' title='%s' href='%s'>%s</a>",  
  916. 'prev-page' . $disable_first,  
  917. esc_attr__( 'Go to the previous page' ),  
  918. nextgen_esc_url( add_query_arg( 'paged', max( 1, $current-1 ), $current_url ) ),  
  919. '‹' 
  920. ); 
  921.  
  922. if ( 'bottom' == $which ) 
  923. $html_current_page = $current; 
  924. else 
  925. $html_current_page = sprintf( "<input class='current-page' title='%s' type='text' name='%s' value='%s' size='%d' />",  
  926. esc_attr__( 'Current page' ),  
  927. esc_attr( 'post_paged' ),  
  928. $current,  
  929. strlen( $total_pages ) 
  930. ); 
  931.  
  932. $html_total_pages = sprintf( "<span class='total-pages'>%s</span>", number_format_i18n( $total_pages ) ); 
  933. $page_links[] = '<span class="paging-input">' . sprintf( _x( '%1$s of %2$s', 'paging' ), $html_current_page, $html_total_pages ) . '</span>'; 
  934.  
  935. $page_links[] = sprintf( "<a class='%s' title='%s' href='%s'>%s</a>",  
  936. 'next-page' . $disable_last,  
  937. esc_attr__( 'Go to the next page' ),  
  938. nextgen_esc_url( add_query_arg( 'paged', min( $total_pages, $current+1 ), $current_url ) ),  
  939. '›' 
  940. ); 
  941.  
  942. $page_links[] = sprintf( "<a class='%s' title='%s' href='%s'>%s</a>",  
  943. 'last-page' . $disable_last,  
  944. esc_attr__( 'Go to the last page' ),  
  945. nextgen_esc_url( add_query_arg( 'paged', $total_pages, $current_url ) ),  
  946. '»' 
  947. ); 
  948.  
  949. $output .= "\n<span class='pagination-links'>" . join( "\n", $page_links ) . '</span>'; 
  950.  
  951. if ( $total_pages ) 
  952. $page_class = $total_pages < 2 ? ' one-page' : ''; 
  953. else 
  954. $page_class = ' no-pages'; 
  955.  
  956. $pagination = "<div class='tablenav-pages{$page_class}'>$output</div>"; 
  957.  
  958. echo $pagination; 
  959.  
.