tiki-list_file_gallery.php 38.5 KB
Newer Older
1
<?php
changi67's avatar
changi67 committed
2 3 4
/**
 * @package tikiwiki
 */
5
// (c) Copyright 2002-2016 by authors of the Tiki Wiki CMS Groupware Project
6
//
7 8
// All Rights Reserved. See copyright.txt for details and a complete list of authors.
// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
9
// $Id$
changi67's avatar
changi67 committed
10

11 12 13 14 15 16
$inputConfiguration = array(
	array( 'staticKeyFilters' => array(
		'wiki_syntax' => 'wikicontent',
	) ),
);

17
$section = 'file_galleries';
changi67's avatar
changi67 committed
18
require_once ('tiki-setup.php');
19
$access->check_feature(array('feature_file_galleries', 'feature_jquery_tooltips'));
20
$filegallib = TikiLib::lib('filegal');
21
$statslib = TikiLib::lib('stats');
22

changi67's avatar
changi67 committed
23
if ($prefs['feature_categories'] == 'y') {
24
	$categlib = TikiLib::lib('categ');
25
}
26

27
$templateslib = TikiLib::lib('template');
28

29
if ($prefs['feature_groupalert'] == 'y') {
30
	$groupalertlib = TikiLib::lib('groupalert');
31
}
32 33 34 35 36 37 38 39 40 41

$auto_query_args = array( 'galleryId'
												, 'offset'
												, 'find'
												, 'find_creator'
												, 'find_categId'
												, 'sort_mode'
												, 'edit_mode'
												, 'page'
												, 'filegals_manager'
42
												, 'insertion_syntax'
43 44 45 46 47 48
												, 'maxRecords'
												, 'show_fgalexplorer'
												, 'dup_mode'
												, 'show_details'
												, 'view'
												);
49 50 51 52 53 54 55 56
if (!empty($_REQUEST['find_other'])) {
	$info = $filegallib->get_file_info($_REQUEST['find_other']);
	if (!empty($info)) {
		$_REQUEST['galleryId'] = $info['galleryId'];
		$smarty->assign('find_other_val', $_REQUEST['find_other']);
	}
}

57
$gal_info = '';
58 59 60

if ( empty($_REQUEST['galleryId']) && isset($_REQUEST['parentId']) ) {

61 62 63 64
	// check perms on parent gallery
	$parent_gal_info = $filegallib->get_file_gallery($_REQUEST['parentId']);
	$tikilib->get_perm_object('', 'file gallery', $parent_gal_info);

65
	$_REQUEST['galleryId'] = 0;
66

changi67's avatar
changi67 committed
67
	// Initialize listing fields with default values (used for the main gallery listing)
68
	$gal_info = $filegallib->get_file_gallery();
69 70
	$gal_info['usedSize'] = 0;
	$gal_info['maxQuota'] = $filegallib->getQuota($_REQUEST['parentId'], true);
71

72 73 74 75 76 77 78 79 80
	if ($prefs['feature_use_fgal_for_user_files'] === 'y' &&
			$parent_gal_info['type'] === 'user' && $parent_gal_info['user'] === $user && $tiki_p_userfiles === 'y') {

		$gal_info['type'] = 'user';
		$gal_info['user'] = $user;
	}

	$old_gal_info = array();

81
} else {
82 83 84 85
	if ( ! isset($_REQUEST['galleryId']) ) {
		$_REQUEST['galleryId'] = $prefs['fgal_root_id'];
	}

86
	if ( $gal_info = $filegallib->get_file_gallery($_REQUEST['galleryId']) ) {
87 88 89 90 91 92 93 94 95 96
		$tikilib->get_perm_object($_REQUEST['galleryId'], 'file gallery', $gal_info);
		if ($userlib->object_has_one_permission($_REQUEST['galleryId'], 'file gallery')) {
			$smarty->assign('individual', 'y');
		}
		$podCastGallery = $filegallib->isPodCastGallery($_REQUEST['galleryId'], $gal_info);
	} else {
		$smarty->assign('msg', tra('Non-existent gallery'));
		$smarty->display('error.tpl');
		die;
	}
97 98
	$gal_info['usedSize'] = $filegallib->getUsedSize($_REQUEST['galleryId']);
	$gal_info['maxQuota'] = $filegallib->getQuota($gal_info['parentId']);
99
	$gal_info['minQuota'] = $filegallib->getMaxQuotaDescendants($_REQUEST['galleryId']);
100 101 102 103 104

	if ($_REQUEST['galleryId'] == $prefs['fgal_root_user_id'] && $tiki_p_admin_file_galleries !== 'y') {
		include_once('tiki-sefurl.php');
		header('Location: ' . filter_out_sefurl('tiki-list_file_gallery.php?galleryId=' . $filegallib->get_user_file_gallery()));
	}
105
}
106

107
$galleryId = $_REQUEST['galleryId'];
changi67's avatar
changi67 committed
108
if (($galleryId != 0 || $tiki_p_list_file_galleries != 'y') && ($galleryId == 0 || $tiki_p_view_file_gallery != 'y')) {
109
	$smarty->assign('errortype', 401);
110
	$smarty->assign('msg', tra('You do not have permission to view this section'));
111 112 113
	$smarty->display('error.tpl');
	die;
}
114 115 116 117 118 119 120 121
if ($prefs['feature_use_fgal_for_user_files'] === 'y' && $gal_info['type'] === 'user' &&
		$gal_info['visible'] !== 'y' && $gal_info['user'] !== $user && $tiki_p_admin_file_galleries !== 'y') {

	$smarty->assign('errortype', 401);
	$smarty->assign('msg', tra('You do not have permission to view this gallery'));
	$smarty->display('error.tpl');
	die;
}
122

123 124 125 126
// Init smarty variables to blank values
$smarty->assign('fname', '');
$smarty->assign('fdescription', '');
$smarty->assign('max_desc', 1024);
127
$smarty->assign('maxRows', $maxRecords);
128 129 130
$smarty->assign('edited', 'n');
$smarty->assign('edit_mode', 'n');
$smarty->assign('dup_mode', 'n');
131
$smarty->assign('parentId', isset($_REQUEST['parentId']) ? (int)$_REQUEST['parentId'] : (isset($gal_info['parentId']) ? $gal_info['parentId'] : -1));
132
$smarty->assign('creator', $user);
133 134
$smarty->assign('sortorder', 'name');
$smarty->assign('sortdirection', 'asc');
lindonb's avatar
lindonb committed
135 136 137 138
if ( $_REQUEST['galleryId'] === "1") {
	$traname = tra($gal_info['name']);
	$smarty->assign_by_ref('name', $traname); //get_strings tra('File Galleries')
} else {
changi67's avatar
changi67 committed
139
	$smarty->assign_by_ref('name', $gal_info['name']);
lindonb's avatar
lindonb committed
140
}
141
$smarty->assign_by_ref('galleryId', $_REQUEST['galleryId']);
142
$smarty->assign('reindex_file_id', -1);
143
$_REQUEST['view'] = isset($_REQUEST['view']) ? $_REQUEST['view'] : $gal_info['default_view'];
144

145
// Execute batch actions
146

147
if ($tiki_p_admin_file_galleries == 'y' || $tiki_p_remove_files === 'y') {
148
	if (!empty($_REQUEST['fgal_actions']) && $_REQUEST['fgal_actions'] === 'delsel_x') {
149
		check_ticket('fgal');
150
		$access->check_authenticity(tra('Are you sure you want to remove that file or gallery?'));
sylvieg's avatar
sylvieg committed
151
		if (isset($_REQUEST['file'])) {
152
			foreach (array_values($_REQUEST['file']) as $file) {
sylvieg's avatar
sylvieg committed
153
				if ($info = $filegallib->get_file_info($file)) {
nyloth's avatar
nyloth committed
154
					$filegallib->remove_file($info, $gal_info);
sylvieg's avatar
sylvieg committed
155
				}
156 157
			}
		}
158

159
		if (isset($_REQUEST['subgal']) && $tiki_p_admin_file_galleries == 'y') {
160
			foreach (array_values($_REQUEST['subgal']) as $subgal) {
161 162 163 164 165 166
				$subgalInfo = $filegallib->get_file_gallery_info($subgal);
				$subgalPerms = $tikilib->get_perm_object($subgal, 'file gallery', $subgalInfo, false);

				if ($subgalPerms['tiki_p_admin_file_galleries'] === 'y') {
					$filegallib->remove_file_gallery($subgal, $galleryId);
				}
sylvieg's avatar
sylvieg committed
167
			}
168 169
		}
	}
170

changi67's avatar
changi67 committed
171
	if (isset($_REQUEST['movesel'])) {
172
		check_ticket('fgal');
173 174 175 176 177 178 179 180
		$movegalInfo = $filegallib->get_file_gallery_info($_REQUEST['moveto']);
		$movegalPerms = $tikilib->get_perm_object($_REQUEST['moveto'], 'file gallery', $movegalInfo, false);

		if ($movegalPerms['tiki_p_upload_files'] === 'y') {
			if (isset($_REQUEST['file'])) {
				foreach (array_values($_REQUEST['file']) as $file) {
					$filegallib->set_file_gallery($file, $_REQUEST['moveto']);
				}
181
			}
182
		}
183 184 185 186 187
		if ($tiki_p_admin_file_galleries == 'y' || $movegalPerms['tiki_p_admin_file_galleries'] === 'y') {
			if (isset($_REQUEST['subgal'])) {
				foreach (array_values($_REQUEST['subgal']) as $subgal) {
					$filegallib->move_file_gallery($subgal, $_REQUEST['moveto']);
				}
188
			}
189 190
		}
	}
191
}
192

193
if ($tiki_p_admin_file_galleries == 'y') {
194
	if (!empty($_REQUEST['fgal_actions']) && $_REQUEST['fgal_actions'] === 'defaultsel_x') {
195
		check_ticket('fgal');
196
		$access->check_authenticity(tra('Are you sure you want to reset to the default gallery list view settings?'));
197 198
		if (!empty($_REQUEST['subgal'])) {
			$filegallib->setDefault(array_values($_REQUEST['subgal']));
199 200
		} else if (!empty($_REQUEST['galleryId'])) {
			$filegallib->setDefault(array((int)$_REQUEST['galleryId']));
201
		}
202
		unset($_REQUEST['view']);
203
	}
204

205
	if (!empty($_REQUEST['fgal_actions']) && $_REQUEST['fgal_actions'] === 'refresh_metadata_x') {
206 207 208 209
		foreach (array_values($_REQUEST['file']) as $file) {
			$filegallib->metadataAction($file, 'refresh');
		}
	}
210
}
211

212
if (!empty($_REQUEST['fgal_actions']) && $_REQUEST['fgal_actions'] === 'zipsel_x' && $tiki_p_upload_files == 'y') {
213 214
	check_ticket('fgal');
	$href = array();
215
	if (isset($_REQUEST['file'])) {
216
		foreach (array_values($_REQUEST['file']) as $file) {
217 218
			$href[] = "fileId[]=$file";
		}
219
	}
220
	if (isset($_REQUEST['subgal'])) {
221
		foreach (array_values($_REQUEST['subgal']) as $subgal) {
222 223
			$href[] = "galId[]=$subgal";
		}
224
	}
changi67's avatar
changi67 committed
225
	header("Location: tiki-download_file.php?" . implode('&', $href));
226 227
	die;
}
228

229 230 231
if (!empty($_REQUEST['fgal_actions']) && $_REQUEST['fgal_actions'] === 'permsel_x'
	&& $tiki_p_assign_perm_file_gallery == 'y')
{
232 233 234 235 236
	$perms = $userlib->get_permissions(0, -1, 'permName_asc', '', 'file galleries');
	$smarty->assign_by_ref('perms', $perms['data']);
	$groups = $userlib->get_groups(0, -1, 'groupName_asc', '', '', 'n');
	$smarty->assign_by_ref('groups', $groups['data']);
}
237

238 239
if (isset($_REQUEST['permsel']) && $tiki_p_assign_perm_file_gallery == 'y' && isset($_REQUEST['subgal'])) {
	check_ticket('fgal');
240 241
	foreach ($_REQUEST['subgal'] as $id) {
		foreach ($_REQUEST['perms'] as $perm) {
242 243 244 245
			if (empty($_REQUEST['groups']) && empty($perm)) {
				$userlib->assign_object_permission('', $id, 'file gallery', '');
				continue;
			}
246
			foreach ($_REQUEST['groups'] as $group) {
247 248 249 250 251
				$userlib->assign_object_permission($group, $id, 'file gallery', $perm);
			}
		}
	}
}
252

253
// Lock a file
changi67's avatar
changi67 committed
254
if (isset($_REQUEST['lock']) && isset($_REQUEST['fileId']) && $_REQUEST['fileId'] > 0) {
255 256 257 258 259 260
	if (!$fileInfo = $filegallib->get_file_info($_REQUEST['fileId'])) {
		$smarty->assign('msg', tra('Incorrect param'));
		$smarty->display("error.tpl");
		die;
	}
	$error_msg = '';
changi67's avatar
changi67 committed
261 262
	if ($_REQUEST['lock'] == 'n' && !empty($fileInfo['lockedby'])) {
		if ($fileInfo['lockedby'] != $user && $tiki_p_admin_file_galleries != 'y') {
263
			$smarty->assign('errortype', 401);
264
			$error_msg = sprintf(tra('The file is already locked by %s'), $fileInfo['lockedby']);
265
		} else {
266
			if ($fileInfo['lockedby'] != $user) {
267 268
				$access->check_authenticity(sprintf(tra('The file is already locked by %s'), $fileInfo['lockedby']));
				$filegallib->unlock_file($_REQUEST['fileId']);
changi67's avatar
changi67 committed
269
			} else {
270
				$filegallib->unlock_file($_REQUEST['fileId']);
271
			}
272
		}
changi67's avatar
changi67 committed
273 274
	} elseif ($_REQUEST['lock'] == 'y') {
		if (!empty($fileInfo['lockedby']) && $fileInfo['lockedby'] != $user) {
275
			$error_msg = sprintf(tra('The file is already locked by %s'), $fileInfo['lockedby']);
276
		} elseif ($gal_info['lockable'] != 'y') {
277
			$smarty->assign('errortype', 401);
278 279 280 281 282
			$error_msg = tra('You do not have permission to do that');
		} else {
			$filegallib->lock_file($_REQUEST['fileId'], $user);
		}
	}
changi67's avatar
changi67 committed
283
	if ($error_msg != '') {
284 285 286 287 288
		$smarty->assign('msg', $error_msg);
		$smarty->display('error.tpl');
		die;
	}
}
289

290 291 292 293 294 295 296 297 298 299 300
// Validate a draft
if (!empty($_REQUEST['validate']) && $prefs['feature_file_galleries_save_draft'] == 'y') {
	// To validate a draft the user must be the owner or the file or the gallery or admin
	if (!$info = $filegallib->get_file_info($_REQUEST['validate'])) {
		$smarty->assign('msg', tra('Incorrect param'));
		$smarty->display('error.tpl');
		die;
	}
	if ($tiki_p_admin_file_galleries != 'y' && (!$user || $user != $gal_info['user'])) {
		if ($user != $info['user']) {
			$smarty->assign('errortype', 401);
301
			$smarty->assign('msg', tra("You don't have permission to validate files from this gallery"));
302 303 304 305 306
			$smarty->display('error.tpl');
			die;
		}
	}

307
	$access->check_authenticity(tra('Validate draft: ') . (!empty($info['name']) ? $info['name'] . ' - ' : '') . $info['filename']);
308 309 310
	$filegallib->validate_draft($info['fileId']);
}

311 312
if ( ! empty($_REQUEST['remove']) ) {
	$filegallib->actionHandler(
313 314 315 316 317
		'removeFile',
		array(
			'fileId' => $_REQUEST['remove'],
			'draft' => ( ! empty($_REQUEST['draft']) )
		)
318
	);
319
}
320

321 322 323 324
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'refresh_metadata') {
	$filegallib->metadataAction($_REQUEST['fileId'], 'refresh');
}

325
$foo = parse_url($_SERVER['REQUEST_URI']);
changi67's avatar
changi67 committed
326
$smarty->assign('url', $tikilib->httpPrefix() . $foo['path']);
327
// Edit mode
changi67's avatar
changi67 committed
328
if (isset($_REQUEST['edit_mode']) and $_REQUEST['edit_mode']) {
329 330
	$smarty->assign('edit_mode', 'y');
	$smarty->assign('edited', 'y');
changi67's avatar
changi67 committed
331
	if ($prefs['feature_categories'] == 'y') {
332 333
		$cat_type = 'file gallery';
		$cat_objid = $galleryId;
changi67's avatar
changi67 committed
334
		include_once ('categorize_list.php');
335
	}
336

337 338 339
	if ($prefs['feature_groupalert'] == 'y') {
		$smarty->assign('groupforAlert', isset($_REQUEST['groupforAlert']) ? $_REQUEST['groupforAlert'] : '');
		$all_groups = $userlib->list_all_groups();
changi67's avatar
changi67 committed
340 341
		$groupselected = $groupalertlib->GetGroup('file gallery', $_REQUEST['galleryId']);
		if (is_array($all_groups)) {
342
			foreach ($all_groups as $g) {
changi67's avatar
changi67 committed
343
				$groupforAlertList[$g] = ($g == $groupselected) ? 'selected' : '';
344
			}
345
		}
changi67's avatar
changi67 committed
346 347
		$smarty->assign_by_ref('groupforAlert', $groupselected);
		$showeachuser = $groupalertlib->GetShowEachUser('file gallery', $_REQUEST['galleryId'], $groupselected);
348 349 350
		$smarty->assign_by_ref('showeachuser', $showeachuser);
		$smarty->assign_by_ref('groupforAlertList', $groupforAlertList);
	}
351
	// Edit a file
changi67's avatar
changi67 committed
352
	if (isset($_REQUEST['fileId']) && $_REQUEST['fileId'] > 0) {
353 354 355 356 357 358
		if ($tiki_p_edit_gallery_file != 'y') {
			$smarty->assign('errortype', 401);
			$smarty->assign('msg', tra('Permission denied'));
			$smarty->display('error.tpl');
			die;
		}
359 360 361 362 363
		$info = $filegallib->get_file_info($_REQUEST['fileId']);
		$smarty->assign('fileId', $_REQUEST['fileId']);
		$smarty->assign_by_ref('filename', $info['filename']);
		$smarty->assign_by_ref('fname', $info['name']);
		$smarty->assign_by_ref('fdescription', $info['description']);
364 365
	} elseif ($galleryId > 0) {
		// Edit a gallery
366 367 368 369
		$smarty->assign_by_ref('maxRows', $gal_info['maxRows']);
		$smarty->assign_by_ref('parentId', $gal_info['parentId']);
		$smarty->assign_by_ref('creator', $gal_info['user']);
		$smarty->assign('max_desc', $gal_info['max_desc']);
370 371


changi67's avatar
changi67 committed
372
		if (isset($gal_info['sort_mode']) && preg_match('/(.*)_(asc|desc)/', $gal_info['sort_mode'], $matches)) {
373 374 375 376 377 378
			$smarty->assign('sortorder', $matches[1]);
			$smarty->assign('sortdirection', $matches[2]);
		} else {
			$smarty->assign('sortorder', 'created');
			$smarty->assign('sortdirection', 'desc');
		}
379 380 381 382 383
	} elseif ($tiki_p_create_file_galleries != 'y') {
		$smarty->assign('errortype', 401);
		$smarty->assign('msg', tra('Permission denied'));
		$smarty->display('error.tpl');
		die;
384
	}
changi67's avatar
changi67 committed
385 386
	// Duplicate mode
} elseif (!empty($_REQUEST['dup_mode'])) {
387 388
	$smarty->assign('dup_mode', 'y');
}
389

390
// Process the insertion or modification request
changi67's avatar
changi67 committed
391
if (isset($_REQUEST['edit'])) {
392 393 394
	check_ticket('fgal');
	// Saving information
	// Handle files
changi67's avatar
changi67 committed
395 396
	if (isset($_REQUEST['fileId'])) {
		if ($tiki_p_admin_file_galleries != 'y') {
397
			// Check file upload rights
changi67's avatar
changi67 committed
398
			if ($tiki_p_upload_files != 'y') {
399
				$smarty->assign('errortype', 401);
400
				$smarty->assign('msg', tra("You do not have permission to upload files so you cannot edit them"));
401 402 403 404
				$smarty->display('error.tpl');
				die;
			}
			// Check THIS file edit rights
changi67's avatar
changi67 committed
405
			if ($_REQUEST['fileId'] > 0) {
406 407
				$info = $filegallib->get_file_info($_REQUEST["fileId"]);
				if (!$user || $info['user'] != $user) {
408
					$smarty->assign('errortype', 401);
409
					$smarty->assign('msg', tra('You do not have permission to edit this file'));
410 411 412 413 414
					$smarty->display('error.tpl');
					die;
				}
			}
		}
415 416
	} else {
		// Handle galleries
changi67's avatar
changi67 committed
417
		if ($tiki_p_admin_file_galleries != 'y') {
418
			// Check gallery creation rights
changi67's avatar
changi67 committed
419
			if ($tiki_p_create_file_galleries != 'y') {
420
				$smarty->assign('errortype', 401);
421
				$smarty->assign('msg', tra('You do not have permission to create galleries and so you cannot edit them'));
422 423 424 425
				$smarty->display('error.tpl');
				die;
			}
			// Check THIS gallery modification rights
changi67's avatar
changi67 committed
426 427
			if ($galleryId > 0) {
				if (!$user || $gal_info['user'] != $user) {
428
					$smarty->assign('errortype', 401);
429
					$smarty->assign('msg', tra('You do not have permission to edit this gallery'));
430 431 432 433 434 435 436
					$smarty->display('error.tpl');
					die;
				}
			}
		}
	}
	// Everything is ok so we proceed to edit the file or gallery
437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454
	$request_vars = array(
		'name',
		'fname',
		'description',
		'fdescription',
		'max_desc',
		'fgal_type',
		'maxRows',
		'rowImages',
		'thumbSizeX',
		'thumbSizeY',
		'parentId', 'creator',
		'quota',
		'image_max_size_x',
		'image_max_size_y',
		'wiki_syntax',
		'icon_fileId',
	);
455
	foreach ($request_vars as $v) {
changi67's avatar
changi67 committed
456
		if (isset($_REQUEST[$v])) {
457 458 459 460
			$smarty->assign_by_ref($v, $_REQUEST[$v]);
		}
	}
	$request_toggles = array('visible', 'public', 'lockable');
461
	foreach ($request_toggles as $t) {
changi67's avatar
changi67 committed
462
		$$t = (isset($_REQUEST[$t]) && $_REQUEST[$t] == 'on') ? 'y' : 'n';
463 464
		$smarty->assign($t, $$t);
	}
465
	$_REQUEST['archives'] = isset($_REQUEST['archives']) ? $_REQUEST['archives'] : 0;
changi67's avatar
changi67 committed
466
	$_REQUEST['user'] = isset($_REQUEST['user']) ? $_REQUEST['user'] : (isset($gal_info['user']) ? $gal_info['user'] : $user);
467 468
	$_REQUEST['sortorder'] = isset($_REQUEST['sortorder']) ? $_REQUEST['sortorder'] : 'created';
	$_REQUEST['sortdirection'] = isset($_REQUEST['sortdirection']) && $_REQUEST['sortdirection'] == 'asc' ? 'asc' : 'desc';
changi67's avatar
changi67 committed
469
	if (isset($_REQUEST['fileId'])) {
470
		$infoOverride = $filegallib->get_file_info($_REQUEST['fileId']);
471

472 473 474
		$_REQUEST['fname'] = (isset($_REQUEST['fname']) ? $_REQUEST['fname'] : $infoOverride['name']);
		$_REQUEST['fdescription'] = (isset($_REQUEST['fdescription']) ? $_REQUEST['fdescription'] : $infoOverride['description']);
		$info['data'] = (isset($_REQUEST['data']) ? $_REQUEST['data'] : $info['data']);
475

476
		$fid = $filegallib->replace_file(
477 478 479 480 481 482 483 484 485 486
			$_REQUEST['fileId'],
			$_REQUEST['fname'],
			$_REQUEST['fdescription'],
			$info['filename'],
			$info['data'],
			$info['filesize'],
			$info['filetype'],
			$info['user'],
			$info['path'],
			$info['galleryId']
487
		);
488 489
		$smarty->assign('edit_mode', 'n');
	} else {
490 491 492
		if ($prefs['fgal_quota_per_fgal'] != 'y') {
			$_REQUEST['quota'] = 0;
		}
493

494 495 496 497 498
		if ($test = $filegallib->checkQuotaSetting($_REQUEST['quota'], $galleryId, $_REQUEST['parentId'])) {
			$smarty->assign('msg', ($test > 0)?tra('Quota too big'):tra('Quota too small'));
			$smarty->display('error.tpl');
			die;
		}
499
		$old_gal_info = $filegallib->get_file_gallery_info($galleryId);
500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543
		$gal_info = array(
			'galleryId'		=> $galleryId,
			'name'			=> $_REQUEST['name'],
			'description'	=> $_REQUEST['description'],
			'user'			=> $_REQUEST['user'],
			'maxRows'		=> $_REQUEST['maxRows'],
			'public'		=> $public,
			'visible'		=> $visible,
			'show_id'		=> $_REQUEST['fgal_list_id'],
			'show_icon'		=> $_REQUEST['fgal_list_type'],
			'show_name'		=> $_REQUEST['fgal_list_name'],
			'show_size'		=> $_REQUEST['fgal_list_size'],
			'show_description'	=> $_REQUEST['fgal_list_description'],
			'show_created'	=> $_REQUEST['fgal_list_created'],
			'show_hits'		=> $_REQUEST['fgal_list_hits'],
			'show_lastDownload' => $_REQUEST['fgal_list_lastDownload'],
			'max_desc'		=> $_REQUEST['max_desc'],
			'type'			=> $_REQUEST['fgal_type'],
			'parentId'		=> empty($_REQUEST['parentId']) ? $old_gal_info['parentId'] : $_REQUEST['parentId'],
			'lockable'		=> $lockable,
			'show_lockedby'	=> $_REQUEST['fgal_list_lockedby'],
			'archives'		=> $_REQUEST['archives'],
			'sort_mode'		=> $_REQUEST['sortorder'] . '_' . $_REQUEST['sortdirection'],
			'show_modified'	=> $_REQUEST['fgal_list_lastModif'],
			'show_creator'	=> $_REQUEST['fgal_list_creator'],
			'show_deleteAfter'	=> $_REQUEST['fgal_list_deleteAfter'],
			'show_checked'	=> $_REQUEST['fgal_show_checked'],
			'show_share'	=> $_REQUEST['fgal_list_share'],
			'show_author'	=> $_REQUEST['fgal_list_author'],
			'subgal_conf'	=> $_REQUEST['subgal_conf'],
			'show_last_user'=> $_REQUEST['fgal_list_last_user'],
			'show_comment'	=> $_REQUEST['fgal_list_comment'],
			'show_files'	=> $_REQUEST['fgal_list_files'],
			'show_explorer'	=> (isset($_REQUEST['fgal_show_explorer']) ? 'y' : 'n'),
			'show_path'		=> (isset($_REQUEST['fgal_show_path']) ? 'y' : 'n'),
			'show_slideshow'=> (isset($_REQUEST['fgal_show_slideshow']) ? 'y' : 'n'),
			'default_view'	=> $_REQUEST['fgal_default_view'],
			'quota'			=> $_REQUEST['quota'],
			'image_max_size_x'	=> $_REQUEST['image_max_size_x'],
			'image_max_size_y'	=> $_REQUEST['image_max_size_y'],
			'backlinkPerms'	=> isset($_REQUEST['backlinkPerms'])? 'y': 'n',
			'show_backlinks'=> $_REQUEST['fgal_list_backlinks'],
			'wiki_syntax'	=> $_REQUEST['wiki_syntax'],
			'show_source'	=> $_REQUEST['fgal_list_source'],
544
			'icon_fileId'	=> !empty($_REQUEST['fgal_icon_fileId']) ? $_REQUEST['fgal_icon_fileId'] : null,
545
		);
546 547 548

		if ($prefs['feature_file_galleries_templates'] == 'y' && isset($_REQUEST['fgal_template']) && !empty($_REQUEST['fgal_template'])) {
			// Override with template parameters
549
			$template = $templateslib->get_parsed_template($_REQUEST['fgal_template']);
550 551

			if ($template) {
552
				$gal_info = array_merge($gal_info, $template['content']);
553 554 555 556
				$gal_info['template'] = $_REQUEST['fgal_template'];
			}
		}

557 558 559
		if ($prefs['fgal_show_slideshow'] != 'y') {
			$gal_info['show_slideshow'] = $old_gal_info['show_slideshow'];
		}
560

561
		if ($prefs['fgal_show_explorer'] != 'y') {
nyloth's avatar
nyloth committed
562
			$gal_info['show_explorer'] = $old_gal_info['show_explorer'];
563
		}
564

565 566 567
		if ($prefs['fgal_show_path'] != 'y') {
			$gal_info['show_path'] = $old_gal_info['show_path'];
		}
568

569
		if ($prefs['fgal_checked'] != 'y') {
570 571
			$gal_info['show_checked'] = $old_gal_info['show_checked'];
		}
572

changi67's avatar
changi67 committed
573
		$fgal_diff = array_diff_assoc($gal_info, $old_gal_info);
574 575 576 577 578
		unset($fgal_diff['created']);
		unset($fgal_diff['lastModif']);
		unset($fgal_diff['votes']);
		unset($fgal_diff['points']);
		unset($fgal_diff['hits']);
changi67's avatar
changi67 committed
579
		$smarty->assign('fgal_diff', $fgal_diff);
580

581
		$fgid = $filegallib->replace_file_gallery($gal_info);
582
		if ($prefs['feature_groupalert'] == 'y') {
changi67's avatar
changi67 committed
583
			$groupalertlib->AddGroup('file gallery', $galleryId, $_REQUEST['groupforAlert'], $_REQUEST['showeachuser']);
584
		}
585

changi67's avatar
changi67 committed
586
		if ($prefs['feature_categories'] == 'y') {
587 588 589 590
			$cat_type = 'file gallery';
			$cat_objid = $fgid;
			$cat_desc = substr($_REQUEST['description'], 0, $_REQUEST['max_desc']);
			$cat_name = $_REQUEST['name'];
changi67's avatar
changi67 committed
591 592
			$cat_href = 'tiki-list_file_gallery.php?galleryId=' . $cat_objid;
			include_once ('categorize.php');
593
		}
594

changi67's avatar
changi67 committed
595
		if (isset($_REQUEST['viewitem'])) {
596
			header(
597 598 599
				'Location: tiki-list_file_gallery.php?galleryId='. $fgid
				. (!empty($_REQUEST['filegals_manager'])?'&filegals_manager='.$_REQUEST['filegals_manager']:'')
				. (!empty($_REQUEST['insertion_syntax'])?'&insertion_syntax='.$_REQUEST['insertion_syntax']:'')
600
			);
601 602
			die;
		}
603
	$smarty->assign('edit_mode', 'y');
604 605
	}
}
606

607
// Process duplication of a gallery
changi67's avatar
changi67 committed
608
if (!empty($_REQUEST['duplicate']) && !empty($_REQUEST['name']) && !empty($_REQUEST['galleryId'])) {
609 610 611 612 613 614
	if ($tiki_p_create_file_galleries != 'y' || $gal_info['type'] == 'user') {
		$smarty->assign('errortype', 401);
		$smarty->assign('msg', tra('You do not have permission to duplicate this gallery'));
		$smarty->display('error.tpl');
		die;
	}
615
	check_ticket('fgal');
616
	$newGalleryId = $filegallib->duplicate_file_gallery(
617 618 619
		$galleryId,
		$_REQUEST['name'],
		isset($_REQUEST['description']) ? $_REQUEST['description'] : ''
620
	);
621

changi67's avatar
changi67 committed
622
	if (isset($_REQUEST['dupCateg']) && $_REQUEST['dupCateg'] == 'on' && $prefs['feature_categories'] == 'y') {
623
		$categlib = TikiLib::lib('categ');
624
		$cats = $categlib->get_object_categories('file gallery', $galleryId);
625
		$catObjectId = $categlib->add_categorized_object(
626 627 628 629 630
			'file gallery',
			$newGalleryId,
			(isset($_REQUEST['description']) ? $_REQUEST['description'] : ''),
			$_REQUEST['name'],
			'tiki-list_file_gallery.php?galleryId=' . $newGalleryId
631
		);
632
		foreach ($cats as $cat) {
633 634 635
			$categlib->categorize($catObjectId, $cat);
		}
	}
changi67's avatar
changi67 committed
636
	if (isset($_REQUEST['dupPerms']) && $_REQUEST['dupPerms'] == 'on') {
637 638
		$userlib->copy_object_permissions($galleryId, $newGalleryId, 'file gallery');
	}
639 640
	header('Location: tiki-list_file_gallery.php?galleryId='.$newGalleryId);
	die;
641
}
642

643
// Process removal of a gallery
changi67's avatar
changi67 committed
644
if (!empty($_REQUEST['removegal'])) {
645
	check_ticket('fgal');
changi67's avatar
changi67 committed
646
	if (!($gal_info = $filegallib->get_file_gallery_info($_REQUEST['removegal']))) {
647 648 649 650
		$smarty->assign('msg', tra('Incorrect param'));
		$smarty->display('error.tpl');
		die;
	}
651

652 653 654
	$mygal_to_delete = !empty($user) && $gal_info['type'] === 'user' && $gal_info['user'] !== $user && $tiki_p_userfiles === 'y' && $gal_info['parentId'] !== $prefs['fgal_root_user_id'];

	if ($tiki_p_admin_file_galleries != 'y' && ! $mygal_to_delete) {
655
		$smarty->assign('errortype', 401);
656
		$smarty->assign('msg', tra('You do not have permission to remove this gallery'));
657 658 659
		$smarty->display('error.tpl');
		die;
	}
660
	$access->check_authenticity(tra('Remove file gallery: ') . $gal_info['name']);
661
	$filegallib->remove_file_gallery($_REQUEST['removegal'], $_REQUEST['removegal']);
662
}
663

664
// Process upload of a file version
changi67's avatar
changi67 committed
665
if (!empty($_FILES)) {
666
	check_ticket('fgal');
changi67's avatar
changi67 committed
667
	if ($tiki_p_upload_files != 'y' && $tiki_p_admin_file_galleries != 'y') {
668
		$smarty->assign('errortype', 401);
669
		$smarty->assign('msg', tra('You have permission to upload files but not to this file gallery'));
670 671 672
		$smarty->display('error.tpl');
		die;
	}
673

674
	foreach ($_FILES as $k => $v) {
675
		$result = $filegallib->handle_file_upload($k, $v);
676

677 678 679 680 681 682
		if (isset($result['error'])) {
			$smarty->assign('msg', $result['error']);
			$smarty->display('error.tpl');
			exit;
		}

683
		if (empty($fileInfo) && !empty($_REQUEST['fileId'])) {
684
			$fileInfo = $filegallib->get_file_info($_REQUEST['fileId']);
685 686 687
		}

		$fileId = $filegallib->replace_file(
688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704
			$fileInfo['fileId'],
			$fileInfo['name'],
			$fileInfo['description'],
			$result['filename'],
			$result['data'],
			$result['size'],
			$result['type'],
			$user,
			$result['fhash'],
			$fileInfo['comment'],
			$gal_info,
			true, //replace file
			$fileInfo['author'],
			$fileInfo['lastModif'],
			$fileInfo['lockedby'],
			null,
			$result['metadata']
705
		);
706 707 708 709 710

		if (!$fileId) {
			// If insert failed and stored on disk
			if ($result['fhash']) {
				@unlink($savedir . $result['fhash']);
711
			}
712
			$smarty->assign('msg', tra('The upload was not successful due to duplicate file content') . ': ' . $v['name']);
713 714 715
			$smarty->display('error.tpl');
			die;
		}
716
		$smarty->assign('metarray', json_decode($result['metadata']));
717 718 719 720 721
		$smarty->assign('fileId', $fileId);
		$smarty->assign('fileChangedMessage', tra('File update was successful') . ': ' . $v['name']);
		if (isset($_REQUEST['fast']) && $prefs['fgal_asynchronous_indexing'] == 'y') {
			$smarty->assign('reindex_file_id', $fileId);
		}
722 723
	}
}
724

725
// Update a file comment
changi67's avatar
changi67 committed
726
if (isset($_REQUEST['comment']) && $_REQUEST['comment'] != '' && isset($_REQUEST['fileId']) && $_REQUEST['fileId'] > 0) {
727
	$msg = '';
changi67's avatar
changi67 committed
728
	if (!$fileInfo = $filegallib->get_file_info($_REQUEST['fileId'])) {
729
		$msg = tra('Incorrect param');
changi67's avatar
changi67 committed
730
	} elseif ($_REQUEST['galleryId'] != $fileInfo['galleryId']) {
731
		$msg = tra('Could not find the file requested');
changi67's avatar
changi67 committed
732
	} elseif ((!empty($fileInfo['lockedby']) && $fileInfo['lockedby'] != $user && $tiki_p_admin_file_galleries != 'y') || $tiki_p_edit_gallery_file != 'y') {
733
		$smarty->assign('errortype', 401);
734 735
		$msg = tra('You do not have permission to do that');
	} else {
changi67's avatar
changi67 committed
736 737 738
		$filegallib->update_file($fileInfo['fileId'], $fileInfo['name'], $fileInfo['description'], $user, $_REQUEST['comment'], false);
	}
	if ($msg != '') {
739 740 741 742 743
		$smarty->assign('msg', $error_msg);
		$smarty->display('error.tpl');
		die;
	}
}
744

745
// Set display config
changi67's avatar
changi67 committed
746
if (!isset($_REQUEST['maxRecords']) || $_REQUEST['maxRecords'] <= 0) {
747
	if (isset($_REQUEST['view']) && $_REQUEST['view'] == 'page' && empty($_REQUEST['fileId'])) {
748 749
		$_REQUEST['maxRecords'] = 1;
	} elseif (isset($gal_info['maxRows']) && $gal_info['maxRows'] > 0) {
750 751 752 753 754
		$_REQUEST['maxRecords'] = $gal_info['maxRows'];
	} else {
		$_REQUEST['maxRecords'] = $prefs['maxRecords'];
	}
}
755

756
$smarty->assign_by_ref('maxRecords', $_REQUEST['maxRecords']);
757 758
if (!isset($_REQUEST['offset']))
	$_REQUEST['offset'] = 0;
759
$smarty->assign_by_ref('offset', $_REQUEST['offset']);
760

changi67's avatar
changi67 committed
761
if (empty($_REQUEST['sort_mode'])) {
762 763 764 765 766
	if ($gal_info['sort_mode'] == 'name_asc' && $gal_info['show_name'] == 'f') {
		$_REQUEST['sort_mode'] = 'filename_asc';
	} else {
		$_REQUEST['sort_mode'] = $gal_info['sort_mode'];
	}
767
}
768

769
$smarty->assign_by_ref('sort_mode', $_REQUEST['sort_mode']);
770

771
$find = array();
772
if (!isset($_REQUEST['find_creator'])) {
773
	$smarty->assign('find_creator', '');
774
} else {
775 776
	$find['creator'] = $_REQUEST['find_creator'];
	$smarty->assign('find_creator', $_REQUEST['find_creator']);
777
}
778 779 780 781 782 783
if (!empty($_REQUEST['find_lastModif']) && !empty($_REQUEST['find_lastModif_unit'])) {
	$find['lastModif'] = $tikilib->now - ($_REQUEST['find_lastModif'] * $_REQUEST['find_lastModif_unit']);
}
if (!empty($_REQUEST['find_lastDownload']) && !empty($_REQUEST['find_lastDownload_unit']) ) {
	$find['lastDownload'] = $tikilib->now - ($_REQUEST['find_lastDownload'] * $_REQUEST['find_lastDownload_unit']);
}
784 785
if (!empty($_REQUEST['find_fileType']) && !empty($_REQUEST['find_fileType']) ) {
	include_once ('lib/mime/mimetypes.php');
786
	global $mimetypes;
787 788
	$find['fileType'] = $mimetypes[$_REQUEST['find_fileType']];
}
789

790 791
if (!isset($_REQUEST['find']))
	$_REQUEST['find'] = '';
792
$smarty->assign_by_ref('find', $_REQUEST['find']);
793

changi67's avatar
changi67 committed
794
if (isset($_REQUEST['fileId'])) {
795 796
	$smarty->assign('fileId', $_REQUEST['fileId']);
}
797 798 799 800 801 802 803
if ($prefs['feature_categories'] == 'y') {
	if (!empty($_REQUEST['cat_categories'])) {
		if (count($_REQUEST['cat_categories']) > 1) {
			unset($_REQUEST['categId']);
		} else {
			$_REQUEST['categId'] = $_REQUEST['cat_categories'][0];
		}
804 805
	} else {
		$_REQUEST['cat_categories'] = array();
806
	}
807 808
	$selectedCategories = $_REQUEST['cat_categories'];
	$find['categId'] = $_REQUEST['cat_categories'];
809 810 811
	$smarty->assign('findSelectedCategoriesNumber', count($_REQUEST['cat_categories']));
	if (!empty($_REQUEST['categId'])) {
		$find['categId'] = $_REQUEST['categId'];
812 813 814 815 816
		$selectedCategories = array((int) $find['categId']);
		$smarty->assign('find_categId', $find['categId']);
	} else {
		$smarty->assign('find_categId', '');
	}
817

818 819
	// load categories for find
	if ($prefs['feature_categories'] == 'y' && !isset($_REQUEST['edit_mode'])) {
820
		$categlib = TikiLib::lib('categ');
821 822 823
		$categories = $categlib->getCategories();
		$smarty->assign_by_ref('categories', $categories);
		$smarty->assign('cat_tree', $categlib->generate_cat_tree($categories, true, $selectedCategories));
824
	}
825
}
826

sylvieg's avatar
sylvieg committed
827 828 829 830
if (!empty($_REQUEST['find_orphans']) && ($_REQUEST['find_orphans'] == 'on' || $_REQUEST['find_orphans'] == 'y')) {
	$find['orphan'] = 'y';
	$smarty->assign('find_orphans', 'y');
}
831 832 833 834 835 836
if (!empty($_REQUEST['find_sub']) && ($_REQUEST['find_sub'] == 'on' || $_REQUEST['find_sub'] == 'y')) {
	$find_sub = true;
	$smarty->assign('find_sub', 'y');
} else {
	$find_sub = false;
}
837

838
if (isset($_GET['slideshow'])) {
839 840
	$_REQUEST['maxRecords'] = $maxRecords = - 1;
	$offset = 0;
841
	$files = $filegallib->get_files(
842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859
		0,
		-1,
		$_REQUEST['sort_mode'],
		$_REQUEST['find'],
		$_REQUEST['galleryId'],
		false,
		false,
		false,
		true,
		false,
		false,
		false,
		true,
		'',
		false,
		false,
		false,
		$find
860
	);
861 862
	$smarty->assign('cant', $files['cant']);
	$smarty->assign_by_ref('file', $files['data']);
863

864 865
	$smarty->assign('show_find', 'n');
	$smarty->assign('direct_pagination', 'y');
866 867 868
	if (isset($_REQUEST['slideshow_noclose'])) {
		$smarty->assign('slideshow_noclose', 'y');
	}
869 870 871 872 873 874
	if (isset($_REQUEST['caption'])) {
		$smarty->assign('caption', $_REQUEST['caption']);
	}
	if (isset($_REQUEST['windowtitle'])) {
		$smarty->assign('sswindowtitle', $_REQUEST['windowtitle']);
	}
875 876
	$smarty->display('file_gallery_slideshow.tpl');
	die();
changi67's avatar
changi67 committed
877 878
} else {
	if (!isset($_REQUEST["edit_mode"]) && !isset($_REQUEST["edit"])) {
879
		$recursive = (isset($_REQUEST['view']) && $_REQUEST['view'] == 'admin') || $find_sub;
880
		$with_subgals = !((isset($_REQUEST['view']) && ($_REQUEST['view'] == 'admin' || $_REQUEST['view'] == 'page')) || $find_sub);
881 882 883 884 885
		if (!empty($_REQUEST['filegals_manager'])) {	// get wiki syntax if needed
			$syntax = $filegallib->getWikiSyntax($_REQUEST['galleryId']);
		} else {
			$syntax = '';
		}
sylvieg's avatar
sylvieg committed
886
		$with_archive = ( isset($gal_info['archives']) && $gal_info['archives'] == '-1') ? false : true;
changi67's avatar
changi67 committed
887
		// Get list of files in the gallery
888
		$files = $filegallib->get_files(
889 890 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 906 907
			$_REQUEST['offset'],
			$_REQUEST['maxRecords'],
			$_REQUEST['sort_mode'],
			$_REQUEST['find'],
			$_REQUEST['galleryId'],
			$with_archive,
			$with_subgals,
			true,
			true,
			false,
			false,
			true,
			$recursive,
			'',
			true,
			false,
			($gal_info['show_backlinks']!='n'),
			$find,
			$syntax
908
		);
909 910 911 912 913
		if (isset($_REQUEST['view']) and $_REQUEST['view'] == 'page') {
			$smarty->assign('maxWidth', isset($_REQUEST['maxWidth']) ? $_REQUEST['maxWidth'] : '300px');
			//need to convert fileId to an offset to bring up a specific file for page view
			if (isset($_REQUEST['fileId'])) {
				$filesrecords = array_values($files['data']);
914
				foreach ($filesrecords as $key => $file) {
915 916 917 918 919 920 921 922
					if ($file['fileId'] == $_REQUEST['fileId']) {
						$files['data'] = array($file);
						$smarty->assign('metarray', json_decode($files['data'][0]['metadata'], true));
						break;
					}
				}
			}
			$smarty->assign('maxRecords', 1);
923 924 925 926 927
			$smarty->assign(
				'metarray',
				isset($files['data'][0]['metadata']) ?
				json_decode($files['data'][0]['metadata'], true) : ''
			);
928
		}
changi67's avatar
changi67 committed
929 930
		$smarty->assign_by_ref('files', $files['data']);
		$smarty->assign('cant', $files['cant']);
931 932
		$subs = 0;
		if ($with_subgals) {
933
			foreach ($files['data'] as $f) {
934 935 936 937
				$subs = $s