1 | <?php |
||
2 | /** |
||
3 | * XOOPS image manager |
||
4 | * |
||
5 | * You may not change or alter any portion of this comment or credits |
||
6 | * of supporting developers from this source code or any supporting source code |
||
7 | * which is considered copyrighted (c) material of the original comment or credit authors. |
||
8 | * This program is distributed in the hope that it will be useful, |
||
9 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
||
11 | * |
||
12 | * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
||
13 | * @license GNU GPL 2 (https://www.gnu.org/licenses/gpl-2.0.html) |
||
14 | * @package core |
||
15 | * @since 2.0.0 |
||
16 | */ |
||
17 | /** @var XoopsUser $xoopsUser */ |
||
18 | |||
19 | use Xmf\Request; |
||
20 | |||
21 | include __DIR__ . '/mainfile.php'; |
||
22 | |||
23 | // Get Action type |
||
24 | $op = Request::getCmd('op', 'list'); |
||
25 | |||
26 | switch ($op) { |
||
27 | case 'list': |
||
28 | default: |
||
29 | if (isset($_REQUEST['target'])) { |
||
30 | $target = Request::getWord('target', '', 'REQUEST'); |
||
31 | } else { |
||
32 | exit('Target not set'); |
||
33 | } |
||
34 | if (!is_object($xoopsUser)) { |
||
35 | $group = array(XOOPS_GROUP_ANONYMOUS); |
||
36 | } else { |
||
37 | $group = $xoopsUser->getGroups(); |
||
38 | } |
||
39 | require_once $GLOBALS['xoops']->path('class/template.php'); |
||
40 | $xoopsTpl = new XoopsTpl(); |
||
41 | $xoopsTpl->assign('lang_imgmanager', _IMGMANAGER); |
||
42 | $xoopsTpl->assign('sitename', htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES | ENT_HTML5)); |
||
43 | $target = htmlspecialchars($target, ENT_QUOTES | ENT_HTML5); |
||
44 | $xoopsTpl->assign('target', $target); |
||
45 | /** @var XoopsImageCategoryHandler $imgcat_handler */ |
||
46 | $imgcat_handler = xoops_getHandler('imagecategory'); |
||
47 | $catlist = $imgcat_handler->getList($group, 'imgcat_read', 1); |
||
48 | $catcount = count($catlist); |
||
49 | $xoopsTpl->assign('lang_align', _ALIGN); |
||
50 | $xoopsTpl->assign('lang_add', _ADD); |
||
51 | $xoopsTpl->assign('lang_close', _CLOSE); |
||
52 | if ($catcount > 0) { |
||
53 | $xoopsTpl->assign('lang_go', _GO); |
||
54 | $catshow = Request::getInt('cat_id', 0, 'GET') ; |
||
55 | // $catshow = (!empty($catshow) && in_array($catshow, array_keys($catlist))) ? $catshow : 0; |
||
56 | $catshow = (!empty($catshow) && array_key_exists($catshow, $catlist)) ? $catshow : 0; |
||
57 | $xoopsTpl->assign('show_cat', $catshow); |
||
58 | if ($catshow > 0) { |
||
59 | $xoopsTpl->assign('lang_addimage', _ADDIMAGE); |
||
60 | } |
||
61 | $catlist = array('0' => '--') + $catlist; |
||
62 | $cat_options = ''; |
||
63 | foreach ($catlist as $c_id => $c_name) { |
||
64 | $sel = ''; |
||
65 | if ($c_id == $catshow) { |
||
66 | $sel = ' selected'; |
||
67 | } |
||
68 | $cat_options .= '<option value="' . $c_id . '"' . $sel . '>' . $c_name . '</option>'; |
||
69 | } |
||
70 | $xoopsTpl->assign('cat_options', $cat_options); |
||
71 | if ($catshow > 0) { |
||
72 | /** @var \XoopsImageHandler $image_handler */ |
||
73 | $image_handler = xoops_getHandler('image'); |
||
74 | $criteria = new CriteriaCompo(new Criteria('imgcat_id', $catshow)); |
||
75 | $criteria->add(new Criteria('image_display', 1)); |
||
76 | $total = $image_handler->getCount($criteria); |
||
77 | if ($total > 0) { |
||
78 | $imgcat_handler = xoops_getHandler('imagecategory'); |
||
79 | $imgcat = $imgcat_handler->get($catshow); |
||
80 | $xoopsTpl->assign('image_total', $total); |
||
81 | $xoopsTpl->assign('lang_image', _IMAGE); |
||
82 | $xoopsTpl->assign('lang_imagename', _IMAGENAME); |
||
83 | $xoopsTpl->assign('lang_imagemime', _IMAGEMIME); |
||
84 | $start = Request::getInt('start', 0, 'GET'); |
||
85 | $criteria->setLimit(10); |
||
86 | $criteria->setStart($start); |
||
87 | $storetype = $imgcat->getVar('imgcat_storetype'); |
||
88 | if ($storetype === 'db') { |
||
89 | $criteria->setSort('i.image_weight ASC, i.image_id'); |
||
90 | $criteria->setOrder('DESC'); |
||
91 | $images = $image_handler->getObjects($criteria, false, true); |
||
92 | } else { |
||
93 | $criteria->setSort('image_weight ASC, image_id'); |
||
94 | $criteria->setOrder('DESC'); |
||
95 | $images = $image_handler->getObjects($criteria, false, false); |
||
96 | } |
||
97 | $imgcount = count($images); |
||
98 | $max = ($imgcount > 10) ? 10 : $imgcount; |
||
99 | |||
100 | for ($i = 0; $i < $max; ++$i) { |
||
101 | if ($storetype === 'db') { |
||
102 | $lcode = '[img align=left id=' . $images[$i]->getVar('image_id') . ']' . $images[$i]->getVar('image_nicename') . '[/img]'; |
||
103 | $code = '[img align=center id=' . $images[$i]->getVar('image_id') . ']' . $images[$i]->getVar('image_nicename') . '[/img]'; |
||
104 | $rcode = '[img align=right id=' . $images[$i]->getVar('image_id') . ']' . $images[$i]->getVar('image_nicename') . '[/img]'; |
||
105 | $src = XOOPS_URL . '/image.php?id=' . $images[$i]->getVar('image_id'); |
||
106 | } else { |
||
107 | $lcode = '[img align=left]' . XOOPS_UPLOAD_URL . '/' . $images[$i]->getVar('image_name') . '[/img]'; |
||
108 | $code = '[img align=center]' . XOOPS_UPLOAD_URL . '/' . $images[$i]->getVar('image_name') . '[/img]'; |
||
109 | $rcode = '[img align=right]' . XOOPS_UPLOAD_URL . '/' . $images[$i]->getVar('image_name') . '[/img]'; |
||
110 | $src = XOOPS_UPLOAD_URL . '/' . $images[$i]->getVar('image_name'); |
||
111 | } |
||
112 | $xoopsTpl->append('images', array( |
||
113 | 'id' => $images[$i]->getVar('image_id'), |
||
114 | 'nicename' => $images[$i]->getVar('image_nicename'), |
||
115 | 'mimetype' => $images[$i]->getVar('image_mimetype'), |
||
116 | 'src' => $src, |
||
117 | 'lxcode' => $lcode, |
||
118 | 'xcode' => $code, |
||
119 | 'rxcode' => $rcode)); |
||
120 | } |
||
121 | if ($total > 10) { |
||
122 | include_once $GLOBALS['xoops']->path('class/pagenav.php'); |
||
123 | $nav = new XoopsPageNav($total, 10, $start, 'start', 'target=' . $target . '&cat_id=' . $catshow); |
||
124 | $xoopsTpl->assign('pagenav', $nav->renderNav()); |
||
125 | } |
||
126 | } else { |
||
127 | $xoopsTpl->assign('image_total', 0); |
||
128 | } |
||
129 | } |
||
130 | $xoopsTpl->assign('xsize', 800); |
||
131 | $xoopsTpl->assign('ysize', 600); |
||
132 | } else { |
||
133 | $xoopsTpl->assign('xsize', 400); |
||
134 | $xoopsTpl->assign('ysize', 180); |
||
135 | } |
||
136 | $xoopsTpl->display('db:system_imagemanager.tpl'); |
||
137 | exit(); |
||
138 | break; |
||
139 | |||
140 | case 'upload': |
||
141 | if (isset($_REQUEST['target'])) { |
||
142 | $target = $target = Request::getWord('target', '', 'REQUEST'); |
||
143 | } else { |
||
144 | exit('Target not set'); |
||
145 | } |
||
146 | $imgcat_handler = xoops_getHandler('imagecategory'); |
||
147 | $imgcat_id = Request::getInt('imgcat_id', 0, 'GET'); |
||
148 | $imgcat = $imgcat_handler->get($imgcat_id); |
||
149 | $error = false; |
||
150 | if (!is_object($imgcat)) { |
||
151 | $error = true; |
||
152 | } else { |
||
153 | /** @var XoopsGroupPermHandler $imgcatperm_handler */ |
||
154 | $imgcatperm_handler = xoops_getHandler('groupperm'); |
||
155 | if (is_object($xoopsUser)) { |
||
156 | if (!$imgcatperm_handler->checkRight('imgcat_write', $imgcat_id, $xoopsUser->getGroups())) { |
||
157 | $error = true; |
||
158 | } |
||
159 | } else { |
||
160 | if (!$imgcatperm_handler->checkRight('imgcat_write', $imgcat_id, XOOPS_GROUP_ANONYMOUS)) { |
||
161 | $error = true; |
||
162 | } |
||
163 | } |
||
164 | } |
||
165 | if ($error != false) { |
||
0 ignored issues
–
show
|
|||
166 | xoops_header(false); |
||
167 | echo '</head><body><div style="text-align:center;"><input value="' . _BACK . '" type="button" onclick="history.go(-1);" /></div>'; |
||
168 | xoops_footer(); |
||
169 | exit(); |
||
170 | } |
||
171 | require_once $GLOBALS['xoops']->path('class/template.php'); |
||
172 | $xoopsTpl = new XoopsTpl(); |
||
173 | $xoopsTpl->assign('show_cat', $imgcat_id); |
||
174 | $xoopsTpl->assign('lang_imgmanager', _IMGMANAGER); |
||
175 | $xoopsTpl->assign('sitename', htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES | ENT_HTML5)); |
||
176 | $xoopsTpl->assign('target', htmlspecialchars($target, ENT_QUOTES | ENT_HTML5)); |
||
177 | $xoopsTpl->assign('imgcat_maxsize', $imgcat->getVar('imgcat_maxsize')); |
||
178 | $xoopsTpl->assign('imgcat_maxwidth', $imgcat->getVar('imgcat_maxwidth')); |
||
179 | $xoopsTpl->assign('imgcat_maxheight', $imgcat->getVar('imgcat_maxheight')); |
||
180 | $xoopsTpl->assign('imgcat_name', $imgcat->getVar('imgcat_name')); |
||
181 | $xoopsTpl->assign('lang_close', _CLOSE); |
||
182 | |||
183 | $xoopsTpl->assign('imgcat_itemlimit', ($xoopsUser instanceof \XoopsUser && $xoopsUser->isAdmin()) ? 0 : 2); |
||
184 | |||
185 | $payload = array( |
||
186 | 'aud' => 'ajaxfineupload.php', |
||
187 | 'cat' => $imgcat_id, |
||
188 | 'uid' => $xoopsUser instanceof \XoopsUser ? $xoopsUser->id() : 0, |
||
189 | 'handler' => 'fineimuploadhandler', |
||
190 | 'moddir' => 'system', |
||
191 | ); |
||
192 | $jwt = \Xmf\Jwt\TokenFactory::build('fineuploader', $payload, 60*30); // token good for 30 minutes |
||
193 | $xoopsTpl->assign('jwt', $jwt); |
||
194 | $fineup_debug = 'false'; |
||
195 | if (($xoopsUser instanceof \XoopsUser ? $xoopsUser->isAdmin() : false) |
||
196 | && isset($_REQUEST['FINEUPLOADER_DEBUG'])) |
||
197 | { |
||
198 | $fineup_debug = 'true'; |
||
199 | } |
||
200 | $xoopsTpl->assign('fineup_debug', $fineup_debug); |
||
201 | |||
202 | $xoopsTpl->display('db:system_imagemanager2.tpl'); |
||
203 | exit(); |
||
204 | break; |
||
205 | } |
||
206 |
When comparing two booleans, it is generally considered safer to use the strict comparison operator.