2 /***********************************************************************/
4 /***********************************************************************/
5 /* Copyright (c) 2002-2010 */
6 /* Inclusive Design Institute */
9 /* This program is free software. You can redistribute it and/or */
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /***********************************************************************/
14 $_user_location = 'public';
15 define('AT_INCLUDE_PATH', '../../../include/');
16 require (AT_INCLUDE_PATH.'vitals.inc.php');
17 include (AT_PA_INCLUDE.'classes/PhotoAlbum.class.php');
18 include (AT_PA_INCLUDE.'classes/SimpleImage.class.php');
19 include (AT_PA_INCLUDE.'lib.inc.php');
20 include (AT_PA_INCLUDE.'classes/AjaxMessage.class.php');
21 //$_custom_css = $_base_path . AT_PA_BASENAME . 'module.css'; // use a custom stylesheet
22 $_custom_head .= '<script src="'.$_base_path . AT_PA_BASENAME . 'include/ajaxupload.js" type="text/javascript"></script>';
24 $id = intval($_REQUEST['id']);
25 $pa = new PhotoAlbum($id);
26 $info = $pa->getAlbumInfo();
27 $action_permission = $pa->checkAlbumPriv($_SESSION['member_id']);
29 //TODO: Validate users, using permission and course album control.
30 if ($info['member_id'] != $_SESSION['member_id'] && $info['type_id']!=AT_PA_TYPE_PERSONAL){
31 $visible_albums = $pa->getAlbums($_SESSION['member_id'], $info['type_id']);
32 if(!isset($visible_albums[$id]) && $info['permission']==AT_PA_PRIVATE_ALBUM){
34 $msg->addError("ACCESS_DENIED");
35 header('location: index.php');
41 $_pages[AT_PA_BASENAME.'index.php']['children'] = array(AT_PA_BASENAME.'albums.php');
43 $_pages[AT_PA_BASENAME.'albums.php']['title'] = _AT('pa_albums') .' - '.$info['name'];
44 if ($info['type_id']==AT_PA_TYPE_MY_ALBUM){
45 $_pages[AT_PA_BASENAME.'albums.php']['parent'] = AT_PA_BASENAME.'index.php';
46 } elseif ($info['type_id']==AT_PA_TYPE_COURSE_ALBUM){
47 $_pages[AT_PA_BASENAME.'albums.php']['parent'] = AT_PA_BASENAME.'course_albums.php';
49 if (admin_authenticate(AT_ADMIN_PRIV_PHOTO_ALBUM, true)) {
51 $_pages[AT_PA_BASENAME.'albums.php']['parent'] = AT_PA_BASENAME.'index_admin.php';
55 //if this member has the permission to edit the album, show the edit/organize menu
56 if ($action_permission){
57 $_pages[AT_PA_BASENAME.'albums.php']['children'] = array(
58 AT_PA_BASENAME.'edit_photos.php?aid='.$id,
59 AT_PA_BASENAME.'edit_photos.php?aid='.$id.SEP.'org=1',
61 $_pages[AT_PA_BASENAME.'edit_photos.php?aid='.$id]['title_var'] = 'pa_edit_photos';
62 $_pages[AT_PA_BASENAME.'edit_photos.php?aid='.$id]['parent'] = AT_PA_BASENAME.'albums.php';
63 $_pages[AT_PA_BASENAME.'edit_photos.php?aid='.$id.SEP.'org=1']['title_var'] = 'pa_organize_photos';
64 $_pages[AT_PA_BASENAME.'edit_photos.php?aid='.$id.SEP.'org=1']['parent'] = AT_PA_BASENAME.'albums.php';
67 //TODO: handle add_photo
68 if(isset($_POST['upload'])){
69 //check file size, filename, and extension
70 $_FILES['photo'] = checkPhoto($_FILES['photo']);
71 if ($_FILES['photo']===false || (!$action_permission && $info['type_id']!=AT_PA_TYPE_COURSE_ALBUM)){
72 //owner and course members can upload pictures. Not edit though.
73 echo json_encode(array(
76 'msg'=>htmlentities($msg->printErrors()),
81 //computer album folder name and photo filename, if exist, shift bits
82 //goal: generate a random yet computable file structure to disallow
83 // users to browse through others' photos through URLs.
84 $album_file_path = getAlbumFilePath($id, $info['created_date']);
85 $album_file_path_tn = $album_file_path.'_tn'.DIRECTORY_SEPARATOR;
86 $album_file_path .= DIRECTORY_SEPARATOR;
88 if (!is_dir(AT_PA_CONTENT_DIR.$album_file_path)){
89 mkdir(AT_PA_CONTENT_DIR.$album_file_path);
91 if (!is_dir(AT_PA_CONTENT_DIR.$album_file_path_tn)){
92 mkdir(AT_PA_CONTENT_DIR.$album_file_path_tn);
96 $added_photo_id = $pa->addPhoto($_FILES['photo']['name'], $_POST['photo_comment'], $_SESSION['member_id']);
97 if ($added_photo_id <= 0){
98 $msg->addError('PA_ADD_PHOTO_FAILED');
101 if (!$msg->containsErrors()){
103 $photo_info = $pa->getPhotoInfo($added_photo_id);
104 $photo_file_path = getPhotoFilePath($added_photo_id, $_FILES['photo']['name'], $photo_info['created_date']);
106 //resize images to a specific size, and its thumbnail
107 $si = new SimpleImage();
108 $si->load($_FILES['photo']['tmp_name']);
109 $image_w = $si->getWidth();
110 $image_h = $si->getHeight();
112 //picture is horizontal
113 if($image_w > $image_h){
114 //don't stretch images
115 if ($image_w > AT_PA_IMAGE){
116 $si->resizeToWidth(AT_PA_IMAGE);
117 $si->save(AT_PA_CONTENT_DIR.$album_file_path.$photo_file_path);
119 move_uploaded_file($_FILES['photo']['tmp_name'], AT_PA_CONTENT_DIR.$album_file_path.$photo_file_path);
121 $si->resizeToWidth(AT_PA_IMAGE_THUMB);
122 $si->save(AT_PA_CONTENT_DIR.$album_file_path_tn.$photo_file_path);
124 if ($image_h > AT_PA_IMAGE){
125 $si->resizeToHeight(AT_PA_IMAGE);
126 $si->save(AT_PA_CONTENT_DIR.$album_file_path.$photo_file_path);
128 move_uploaded_file($_FILES['photo']['tmp_name'], AT_PA_CONTENT_DIR.$album_file_path.$photo_file_path);
130 $si->resizeToHeight(AT_PA_IMAGE_THUMB);
131 $si->save(AT_PA_CONTENT_DIR.$album_file_path_tn.$photo_file_path);
133 if ($_POST['upload'] == 'ajax'){
134 $photo_file_hash = getPhotoFilePath($added_photo_id, '', $photo_info['created_date']);
135 //return JSON, relying on jQuery to convert entries to html entities.
136 echo json_encode(array(
138 'pid'=>$added_photo_id,
139 'ph'=>$photo_file_hash,
140 'size'=>number_format(filesize(AT_PA_CONTENT_DIR.$album_file_path.$photo_file_path)/1024, 2),
141 'title'=>$photo_info['title'],
142 'alt'=>$photo_info['alt']));
143 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
146 //if this is profile picture upload, sets it to the default profile
147 if ($info['type_id']==AT_PA_TYPE_PERSONAL){
148 header('Location: ../profile_pictures/profile_picture.php?pid='.$added_photo_id.SEP.'aid='.$id);
151 } //if msg contain error
152 header('location: albums.php?id='.$id);
156 //If this is a profile album, redirect it to the profile album page
157 if ($info['type_id'] == AT_PA_TYPE_PERSONAL && $info['member_id']==$_SESSION['member_id']){
158 header('Location: profile_album.php');
163 $page = intval($_GET['p']);
164 $photos_count = sizeof($pa->getAlbumPhotos());
165 $last_page = ceil($photos_count/AT_PA_PHOTOS_PER_PAGE);
167 if (!$page || $page < 0) {
169 } elseif ($page > $last_page){
173 $count = (($page-1) * AT_PA_PHOTOS_PER_PAGE) + 1;
174 $offset = ($page-1) * AT_PA_PHOTOS_PER_PAGE;
177 $photos = $pa->getAlbumPhotos($offset);
178 $comments = $pa->getComments($id, false);
179 //TODO: Can improve performance by adding this to a session variable
180 $memory_usage = memoryUsage($_SESSION['member_id']);
182 include (AT_INCLUDE_PATH.'header.inc.php');
183 $savant->assign('album_info', $info);
184 $savant->assign('photos', $photos);
185 $savant->assign('comments', $comments);
186 $savant->assign('page', $page);
187 $savant->assign('num_rows', $photos_count);
188 $savant->assign('memory_usage', $memory_usage/(1024*1024)); //mb
189 $savant->assign('allowable_memory_usage', $_config['pa_max_memory_per_member']); //mb
190 $savant->assign('action_permission', $action_permission);
191 $savant->display('photos/pa_albums.tmpl.php');
192 include (AT_INCLUDE_PATH.'footer.inc.php');