/halogy/application/modules/images/controllers/admin.php

https://bitbucket.org/haloweb/halogy-1.0/ · PHP · 547 lines · 368 code · 86 blank · 93 comment · 68 complexity · 0827c25bf7025e489c29532548e26bb3 MD5 · raw file

  1. <?php
  2. /**
  3. * Halogy
  4. *
  5. * A user friendly, modular content management system for PHP 5.0
  6. * Built on CodeIgniter - http://codeigniter.com
  7. *
  8. * @package Halogy
  9. * @author Haloweb Ltd.
  10. * @copyright Copyright (c) 2008-2011, Haloweb Ltd.
  11. * @license http://halogy.com/license
  12. * @link http://halogy.com/
  13. * @since Version 1.0
  14. * @filesource
  15. */
  16. // ------------------------------------------------------------------------
  17. class Admin extends Controller {
  18. // set defaults
  19. var $table = 'images'; // table to update
  20. var $includes_path = '/includes/admin'; // path to includes for header and footer
  21. var $redirect = '/admin/images/viewall'; // default redirect
  22. var $objectID = 'imageID'; // default unique ID
  23. var $permissions = array();
  24. var $sitePermissions = array();
  25. var $selections = array();
  26. function Admin()
  27. {
  28. parent::Controller();
  29. // check user is logged in, if not send them away from this controller
  30. if (!$this->session->userdata('session_admin'))
  31. {
  32. redirect('/admin/login/'.$this->core->encode($this->uri->uri_string()));
  33. }
  34. // get site permissions and redirect if it don't have access to this module
  35. $this->permission->sitePermissions = $this->permission->get_group_permissions($this->site->config['groupID']);
  36. // get permissions and redirect if they don't have access to this module
  37. if (!$this->permission->permissions)
  38. {
  39. if (@$this->core->is_ajax())
  40. {
  41. die('<p>Sorry, you do not have permissions to do what you just tried to do. <a class="halogycms_close" href="#">Close</a></p>');
  42. }
  43. else
  44. {
  45. redirect('/admin/dashboard/permissions');
  46. }
  47. }
  48. if (!in_array($this->uri->segment(2), $this->permission->permissions))
  49. {
  50. if (@$this->core->is_ajax())
  51. {
  52. die('<p>Sorry, you do not have permissions to do what you just tried to do. <a class="halogycms_close" href="#">Close</a></p>');
  53. }
  54. else
  55. {
  56. redirect('/admin/dashboard/permissions');
  57. }
  58. }
  59. // get preset selections for this module
  60. $selections = $this->session->userdata('selections');
  61. $this->selections = (is_array($selections)) ? @$selections[$this->uri->segment(2)] : '';
  62. // get siteID, if available
  63. if (defined('SITEID'))
  64. {
  65. $this->siteID = SITEID;
  66. }
  67. // load libs etc
  68. $this->load->model('images_model', 'images');
  69. }
  70. function index()
  71. {
  72. redirect($this->redirect);
  73. }
  74. function viewall($folderID = '')
  75. {
  76. if (count($_FILES))
  77. {
  78. // allowed ZIP mime types
  79. $allowedZips = array('application/x-zip', 'application/zip', 'application/x-zip-compressed');
  80. if ($this->input->post('upload_zip'))
  81. {
  82. if (substr($_FILES['zip']['name'],-3) == 'zip' && in_array($_FILES['zip']['type'], $allowedZips))
  83. {
  84. // get started
  85. $success = FALSE;
  86. $this->load->library('zip');
  87. $this->load->library('encrypt');
  88. $this->load->library('image_lib');
  89. // unzip files
  90. $uploadsPath = $this->uploads->uploadsPath;
  91. $zip = zip_open($_FILES['zip']['tmp_name']);
  92. if ($zip)
  93. {
  94. // cycle through the zip
  95. while ($zip_entry = zip_read($zip))
  96. {
  97. if (!preg_match('/(\_)+MACOSX/', zip_entry_name($zip_entry)) && preg_match('/\.(jpg|gif|png)$/i', zip_entry_name($zip_entry)))
  98. {
  99. if (zip_entry_filesize($zip_entry) > 300000)
  100. {
  101. $this->form_validation->set_error('<p>Some files were too big to upload. Please only use small gfx files under 300kb.</p>');
  102. }
  103. else
  104. {
  105. // format filename
  106. $filenames = explode('.', zip_entry_name($zip_entry));
  107. $filename = trim(basename($filenames[0]));
  108. $extension = end($filenames);
  109. // get file name
  110. $imageRef = url_title(trim(strtolower($filename)));
  111. // check ref is unique and upload
  112. if ($this->form_validation->unique($imageRef, 'images.imageRef'))
  113. {
  114. // set stuff
  115. $this->core->set['dateCreated'] = date("Y-m-d H:i:s");
  116. $this->core->set['imageName'] = 'Graphic';
  117. $this->core->set['filename'] = md5($filename).'.'.$extension;
  118. $this->core->set['imageRef'] = $imageRef;
  119. $this->core->set['filesize'] = floor(zip_entry_filesize($zip_entry) / 1024);
  120. $this->core->set['groupID'] = 1;
  121. $this->core->set['userID'] = $this->session->userdata('userID');
  122. // update and then unset easy
  123. if ($this->core->update('images'));
  124. // upload file
  125. $fp = fopen('.'.$uploadsPath.'/'.md5($filename).'.'.$extension, "w+");
  126. if (zip_entry_open($zip, $zip_entry, "r"))
  127. {
  128. $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry));
  129. zip_entry_close($zip_entry);
  130. }
  131. fwrite($fp, $buf);
  132. fclose($fp);
  133. // get image size
  134. $imageSize = @getimagesize('.'.$uploadsPath.'/'.md5($filename).'.'.$extension);
  135. // make a thumbnail
  136. if ($imageSize[0] > $this->uploads->thumbSize || $imageSize[1] > $this->uploads->thumbSize)
  137. {
  138. $config['image_library'] = 'gd2';
  139. $config['source_image'] = '.'.$uploadsPath.'/'.md5($filename).'.'.$extension;
  140. $config['create_thumb'] = true;
  141. $config['maintain_ratio'] = true;
  142. $config['width'] = $this->uploads->thumbSize;
  143. $config['height'] = $this->uploads->thumbSize;
  144. $this->image_lib->initialize($config);
  145. $this->image_lib->resize();
  146. }
  147. $success = TRUE;
  148. }
  149. }
  150. }
  151. }
  152. zip_close($zip);
  153. }
  154. // redirect
  155. if ($success === TRUE)
  156. {
  157. redirect('/admin/images/viewall/'.(($this->input->post('folderID')) ? $this->input->post('folderID') : ''));
  158. }
  159. }
  160. else
  161. {
  162. $this->form_validation->set_error('<p>There was a problem opening the zip file, sorry.</p>');
  163. }
  164. }
  165. // upload image
  166. elseif ($oldFileName = @$_FILES['image']['name'])
  167. {
  168. $this->uploads->allowedTypes = 'jpg|gif|png';
  169. // get image name
  170. $imageName = ($this->input->post('imageName')) ? $this->input->post('imageName') : preg_replace('/.([a-z]+)$/i', '', $oldFileName);
  171. // set image reference and only add to db if its unique
  172. $imageRef = url_title(trim(substr(strtolower($imageName),0,30)));
  173. if ($this->form_validation->unique($imageRef, 'images.imageRef'))
  174. {
  175. if ($imageData = $this->uploads->upload_image())
  176. {
  177. $this->core->set['filename'] = $imageData['file_name'];
  178. $this->core->set['filesize'] = $imageData['file_size'];
  179. }
  180. // get image errors if there are any
  181. if ($this->uploads->errors)
  182. {
  183. $this->form_validation->set_error($this->uploads->errors);
  184. }
  185. else
  186. {
  187. // set image ref
  188. $this->core->set['class'] = 'default';
  189. $this->core->set['imageRef'] = $imageRef;
  190. $this->core->set['imageName'] = ($this->input->post('imageName')) ? $this->input->post('imageName') : 'Image';
  191. $this->core->set['dateCreated'] = date("Y-m-d H:i:s");
  192. $this->core->set['userID'] = $this->session->userdata('userID');
  193. // update
  194. if ($this->core->update('images'))
  195. {
  196. // where to redirect to
  197. redirect('/admin/images/viewall/'.(($this->input->post('folderID')) ? $this->input->post('folderID') : ''));
  198. }
  199. }
  200. }
  201. else
  202. {
  203. $this->form_validation->set_error('<p>The image reference you entered has already been used, please try another.</p>');
  204. }
  205. }
  206. }
  207. // search
  208. if ($this->input->post('searchbox'))
  209. {
  210. $output['images'] = $this->images->search_images($this->input->post('searchbox'));
  211. }
  212. // get images
  213. else
  214. {
  215. // set default wheres
  216. $where = array('siteID' => $this->siteID, 'deleted' => 0);
  217. // get preset selections for this dropdown
  218. if ($folderID == '' && @array_key_exists('folderID', $this->selections))
  219. {
  220. $folderID = $this->selections['folderID'];
  221. }
  222. // folderID
  223. if ($folderID != '')
  224. {
  225. // get ones uploaded by this user
  226. if ($folderID == 'me')
  227. {
  228. $where['userID'] = $this->session->userdata('userID');
  229. }
  230. // make sure that all is not selected
  231. elseif ($folderID != 'all' && $folderID != 'page' && $folderID != 'me')
  232. {
  233. $where['folderID'] = $folderID;
  234. }
  235. // set preset selections for this dropdown
  236. $this->session->set_userdata('selections', array($this->uri->segment(2) => array('folderID' => $folderID)));
  237. }
  238. // check they have permissions to see all images
  239. if (!@in_array('images_all', $this->permission->permissions))
  240. {
  241. $where['userID'] = $this->session->userdata('userID');
  242. }
  243. // grab data and display
  244. $output = $this->core->viewall($this->table, $where, NULL, 15);
  245. }
  246. // get folderID if set
  247. $output['folderID'] = $folderID;
  248. // get quota
  249. $output['quota'] = $this->site->get_quota();
  250. // get categories
  251. $output['folders'] = $this->images->get_folders();
  252. $this->load->view($this->includes_path.'/header');
  253. $this->load->view('admin/viewall',$output);
  254. $this->load->view($this->includes_path.'/footer');
  255. }
  256. function edit($imageID, $redirect = '', $popup = FALSE)
  257. {
  258. // required
  259. $this->core->required = array(
  260. 'imageRef' => array('label' => 'Image name', 'rules' => 'required|unique[images.imageRef]')
  261. );
  262. // set object ID
  263. $objectID = array($this->objectID => $imageID);
  264. // get values
  265. $output['data'] = $this->core->get_values($this->table, $objectID);
  266. // handle post
  267. if (count($_POST))
  268. {
  269. // set image reference and only add to db if its unique
  270. $imageRef = url_title(trim(substr(strtolower($this->input->post('imageRef')),0,30)));
  271. if ($oldFileName = @$_FILES['image']['name'])
  272. {
  273. $this->uploads->allowedTypes = 'jpg|gif|png';
  274. if (!$this->form_validation->unique($imageRef, 'images.imageRef') && $this->input->post('imageRef') != $output['data']['imageRef'])
  275. {
  276. $this->uploads->errors = '<p>The image reference you entered has already been used, please try another.</p>';
  277. }
  278. else
  279. {
  280. if ($imageData = $this->uploads->upload_image())
  281. {
  282. $this->core->set['filename'] = $imageData['file_name'];
  283. $this->core->set['filesize'] = $imageData['file_size'];
  284. }
  285. }
  286. }
  287. // get image errors if there are any
  288. if ($this->uploads->errors)
  289. {
  290. $this->form_validation->set_error($this->uploads->errors);
  291. }
  292. else
  293. {
  294. // set image ref
  295. $this->core->set['imageRef'] = $imageRef;
  296. $this->core->set['dateModified'] = date("Y-m-d H:i:s");
  297. // update
  298. if ($this->core->update('images', $objectID))
  299. {
  300. // if its not coming from ajax then just go to admin
  301. if ($redirect && !$popup)
  302. {
  303. $redirect = $this->core->decode($redirect);
  304. }
  305. elseif (!$redirect && !$popup)
  306. {
  307. $redirect = '/admin/images/viewall';
  308. }
  309. // where to redirect to
  310. redirect($redirect);
  311. }
  312. }
  313. }
  314. // define view (based on popup)
  315. $view = ($popup) ? 'admin/popup' : 'admin/edit';
  316. // get categories
  317. $output['folders'] = $this->images->get_folders();
  318. // templates
  319. if (!@$this->core->is_ajax()) $this->load->view($this->includes_path.'/header');
  320. $this->load->view($view, $output);
  321. if (!@$this->core->is_ajax()) $this->load->view($this->includes_path.'/footer');
  322. }
  323. function delete($objectID, $redirect = '')
  324. {
  325. // delete image
  326. $query = $this->db->get_where($this->table, array($this->objectID => $objectID));
  327. if ($row = $query->row_array())
  328. {
  329. $this->uploads->delete_file($row['filename']);
  330. }
  331. if ($this->core->delete($this->table, array($this->objectID => $objectID)));
  332. {
  333. $redirect = ($redirect) ? $this->core->decode($redirect) : $this->redirect;
  334. // where to redirect to
  335. redirect($redirect);
  336. }
  337. }
  338. function popup($encodedID)
  339. {
  340. // decodes the image ID and splits it in to the URI and image ID
  341. $decode = explode('|', $this->core->decode($encodedID));
  342. $uri = $decode[0];
  343. $imageID = $decode[1];
  344. $this->edit($imageID, $uri, TRUE);
  345. }
  346. function browser()
  347. {
  348. // set default wheres
  349. $where = array('siteID' => $this->siteID, 'deleted' => 0);
  350. // check they have permissions to see all images
  351. if (!@in_array('images_all', $this->permission->permissions))
  352. {
  353. $where['userID'] = $this->session->userdata('userID');
  354. }
  355. // grab data and display
  356. $output = $this->core->viewall($this->table, array('folderID' => 0), 'imageRef', 999);
  357. // get folders
  358. if ($folders = $this->images->get_folders())
  359. {
  360. foreach($folders as $folder)
  361. {
  362. // grab data and display
  363. $data = $this->core->viewall($this->table, array('folderID' => $folder['folderID']), 'imageRef', 999);
  364. $output['folders'][$folder['folderID']]['folderName'] = $folder['folderName'];
  365. $output['folders'][$folder['folderID']]['images'] = $data['images'];
  366. }
  367. }
  368. $this->load->view('admin/browser',$output);
  369. }
  370. function folders()
  371. {
  372. // check permissions for this page
  373. if (!in_array('images', $this->permission->permissions))
  374. {
  375. redirect('/admin/dashboard/permissions');
  376. }
  377. // required fields
  378. $this->core->required = array('folderName' => 'Folder Name');
  379. // set date
  380. $this->core->set['dateCreated'] = date("Y-m-d H:i:s");
  381. $this->core->set['folderSafe'] = strtolower(url_title($this->input->post('folderName')));
  382. // get values
  383. $output = $this->core->get_values('image_folders');
  384. // update
  385. if ($this->core->update('image_folders') && count($_POST))
  386. {
  387. // where to redirect to
  388. redirect('/admin/images/folders');
  389. }
  390. $output['folders'] = $this->images->get_folders();
  391. $this->load->view($this->includes_path.'/header');
  392. $this->load->view('admin/folders',$output);
  393. $this->load->view($this->includes_path.'/footer');
  394. }
  395. function edit_folder()
  396. {
  397. // check permissions for this page
  398. if (!in_array('images', $this->permission->permissions))
  399. {
  400. redirect('/admin/dashboard/permissions');
  401. }
  402. // go through post and edit each list item
  403. $listArray = $this->core->get_post();
  404. if (count($listArray))
  405. {
  406. foreach($listArray as $ID => $value)
  407. {
  408. if ($ID != '' && sizeof($value) > 0)
  409. {
  410. // set object ID
  411. $objectID = array('folderID' => $ID);
  412. $this->core->set['folderName'] = $value['folderName'];
  413. $this->core->set['folderSafe'] = strtolower(url_title($value['folderName']));
  414. $this->core->update('image_folders', $objectID);
  415. }
  416. }
  417. }
  418. // where to redirect to
  419. redirect('/admin/images/folders');
  420. }
  421. function delete_folder($folderID)
  422. {
  423. // check permissions for this page
  424. if (!in_array('images', $this->permission->permissions))
  425. {
  426. redirect('/admin/dashboard/permissions');
  427. }
  428. // where
  429. $objectID = array('folderID' => $folderID);
  430. if ($this->core->soft_delete('image_folders', $objectID))
  431. {
  432. // set children to no parent
  433. $this->images->update_children($folderID);
  434. // where to redirect to
  435. redirect('/admin/images/folders');
  436. }
  437. }
  438. function order($field = '')
  439. {
  440. $this->core->order(key($_POST), $field);
  441. }
  442. function ac_images()
  443. {
  444. $q = strtolower($_POST["q"]);
  445. if (!$q) return;
  446. // form dropdown
  447. $results = $this->images->search_images($q);
  448. // go foreach
  449. foreach((array)$results as $row)
  450. {
  451. $items[$row['imageRef']] = $row['imageName'];
  452. }
  453. // output
  454. $output = '';
  455. foreach ($items as $key=>$value)
  456. {
  457. $output .= "$key|$value\n";
  458. }
  459. $this->output->set_output($output);
  460. }
  461. }