-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathadmin.php
102 lines (92 loc) · 3.23 KB
/
admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
/*
* Copyright (C) 2016 Elliott Eggleston <ejegg@ejegg.com>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
// Check access and exit when user status is not ok
check_status(ACCESS_ADMINISTRATOR);
// FIXME: Duplicated boilerplate - could be avoided with a hook in the else
// clause at the bottom of admin/photo.php letting you set the right include file
if (!isset($_GET['image_id']) or !isset($_GET['section']))
{
die('Invalid data!');
}
global $template, $page, $prefixeTable;
load_language('plugin.lang', STEREO_PATH);
check_input_parameter('image_id', $_GET, false, PATTERN_ID);
$id = $_GET['image_id'];
$query = '
SELECT *
FROM '.$prefixeTable.'images i
LEFT JOIN '.$prefixeTable.'stereo s
ON i.id = s.media_id
WHERE i.id = ' . $id;
$picture = pwg_db_fetch_assoc(pwg_query($query));
if (isset($_POST['submit']))
{
check_pwg_token();
$offsetX = trim($_POST['offsetX']);
$offsetY = trim($_POST['offsetY']);
$rotation = trim($_POST['rotation']);
if (
strlen($offsetX) === 0 ||
strlen($offsetY) === 0 ||
strlen($rotation) === 0 ||
!is_numeric($offsetX) ||
!is_numeric($offsetY) ||
!is_numeric($rotation)
) {
$page['errors'][] = 'Invalid offset value';
}
$rotation = round($rotation, 1);
if (count($page['errors']) === 0 ) {
$stereoTable = $prefixeTable.'stereo';
if ( isset($picture['x']) ) {
$query =
"UPDATE $stereoTable
SET x=$offsetX, y=$offsetY, r=$rotation
WHERE media_id = $id;";
} else {
$picture['x'] = $offsetX;
$picture['y'] = $offsetY;
$query =
"INSERT INTO $stereoTable (media_id, x, y, r)
VALUES ($id, $offsetX, $offsetY, $rotation)";
}
pwg_query($query);
array_push( $page['infos'], l10n( 'STEREO_EDIT_SUCCESS' ) );
}
}
// needed for the photo tabsheet
$admin_photo_base_url = get_root_url().'admin.php?page=photo-'.$id;
$self_url = Stereo_get_admin_url( $id );
include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
$tabsheet = new tabsheet();
$tabsheet->set_id('photo');
$tabsheet->select('stereo');
$tabsheet->assign();
$template->assign(array(
'PWG_TOKEN' => get_pwg_token(),
'F_ACTION' => $self_url,
'TITLE' => render_element_name($picture),
'PICTURE' => Stereo_render_element_content('', $picture),
'OFFSET_X' => empty( $picture['x'] ) ? 0 : $picture['x'],
'OFFSET_Y' => empty( $picture['y'] ) ? 0 : $picture['y'],
'ROTATION' => empty( $picture['r'] ) ? 0 : $picture['r'],
));
$template->set_filename('plugin_admin_content', STEREO_PATH . 'admin.tpl');
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');