po/src/include/admin.php

<?php

//  Copyright (C) 2002-2006 Balint Kis (balint@k-i-s.net)
//  Copyright (C) 2005-2013 Solomon Peachy (pizza@shaftnet.org)

//  This program is free software; you can redistribute it and/or modify
//  it under the terms of the GNU General Public License as published by
//  the Free Software Foundation; either version 3 of the License, or
//  (at your option) any later version.

//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU General Public License for more details.

//  You should have received a copy of the GNU General Public License
//  along with this program; if not, write to the Free Software
//  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

$admin_data = array();

function admin_i18n_data() {
  global $strings;
  global $admin_data;

  $admin_data = array("users_n_clients" => array("idx" => 1, 'link' => "admin.php?selector=1", "alt" => $strings['admin_users_clients']),
		      "repository"      => array("idx" => 2, 'link' => "admin.php?selector=2", "alt" => $strings['admin_image_repository']));
}

$generate_i18n_data[] = "admin_i18n_data";

function emit_enable_disable_text($value) {
  global $strings;

  if ($value == 't')
    return $strings['generic_enabled'];
  else
    return $strings['generic_disabled'];
}

function emit_user_quota($value, $type) {
  global $strings;

  if ($type == 1) {
    $value  = round($value/1048576, 2);
  }

  if ($value == 0)
    return $strings['generic_unlimited'];
  else 
    return "$value" . (($type == 1) ? " MB" : "");
}

function display_image_repository($database, $image_repository_path) {
  global $strings;
  global $po_options_default;

  print "<table class=\"admin\">\n";
  print "<tr>\n";
  print emit_th($strings['generic_volume'], 'width="25%"');
  print emit_th($strings['generic_current'], "width=\"10%\"");
  print emit_th($strings['generic_size'], "width=\"20%\"");
  print emit_th($strings['generic_files'], "width=\"10%\"");
  print emit_th($strings['generic_last_mod'], "width=\"20%\"");
  print emit_th("", "width=\"5%\"");
  print "</tr>\n";

  $files = array();
  $i = 0;

  $curr_volume = readlink($image_repository_path."/current");

  if ($handle = opendir($image_repository_path)) {
    while (false !== ($file_name = readdir($handle))) {
      $files[$i++] = $file_name;
    }
    closedir($handle);
    rsort($files);

    foreach($files as $file_name) {
      if ($file_name == "." || $file_name == "..")
        continue;
      if ($file_name == "current")
	continue;
      if ($file_name == "db.backup.gz")
	continue;

      $size = dirsize($database, $file_name);
      $size['size'] = round($size['size']/1048576, 2);
      $stat = stat($image_repository_path ."/". $file_name);
      $max_size = $po_options_default['volume_max_size'];
      $stat[9]  = strftime($strings['formats_date'], $stat[9]);

      print "<tr>\n";
      print emit_td($file_name);
      print emit_td("$file_name" == $curr_volume ? $strings['generic_yes'] : "");
      print emit_td("$size[size] / $max_size MB ". sprintf("(%02d%%)", $size['size']/$max_size*100));
      print emit_td($size['files']);
      print emit_td($stat[9]);
      print emit_td(emit_a("admin.volume.edit.php?volume=$file_name", $strings['generic_edit']));
      print "</tr>\n";
    }
  }
  print "</table>\n";

  $available = round(disk_free_space($image_repository_path)/1048576, 2);
  print "<div align=\"center\"><font class=\"header\">".$strings['admin_avail_disk_space'] . ": $available MB</font></div>";
}

function display_users_and_clients($database, $my_user_id, $auth_handle) {
  global $thm_elem;
  global $strings;
  global $po_options_default;

  $num_of_users  = pg_fetch_row(pg_query($database, "select count_users()"));
  $num_of_photos = pg_fetch_row(pg_query($database, "select count_photos()"));
  $num_of_photo_versions = pg_fetch_row(pg_query($database, "select count_photo_versions()"));
  $num_of_photo_versions[0] -= $num_of_photos[0];

  $user_list = pg_query($database, "
   select users.identifier, last_name, first_name, member_since, 
          value, user_type.identifier, 
          get_user_pref(users.identifier, 'bulk_upload_enable'), 
          get_user_pref(users.identifier, 'last_updated'), 
          get_user_pref(users.identifier, 'quota_count'),
          get_user_pref(users.identifier, 'quota_size'), 
          username, hide,
          count_photos_by_user(users.identifier) as photos,
          count_photo_versions_by_user(users.identifier) as versions,
          get_user_pref(users.identifier, 'show_ads')
     from users, user_type
    where users.type=user_type.identifier
    order by users.member_since desc");

  print "<table class=\"admin\">\n";
  print "<tr>\n";
  print emit_th($strings['generic_name'], "width=\"13%\" align=\"left\"");
  print emit_th($strings['generic_photos'], "width=\"7%\"");
  print emit_th($strings['generic_space'], "width=\"7%\"");
  print emit_th($strings['generic_type'], "width=\"6%\"");
  print emit_th($strings['generic_hide'], "width=\"6%\"");
  print emit_th($strings['generic_bulk_upload'], "width=\"6%\"");
  print emit_th($strings['generic_quota_count'], "width=\"6%\"");
  print emit_th($strings['generic_quota_size'], "width=\"6%\"");
  print emit_th($strings['generic_member_since'], "width=\"7%\"");
  print emit_th($strings['generic_last_login'], "width=\"7%\"");
  print emit_th($strings['generic_show_ads'], "width=\"7%\"");
  if ($auth_handle->local_register === TRUE) {
    print emit_th(emit_a("register.php", $strings['generic_register']), 'width="8%" colspan="2"');
  } else {
    print emit_th("",'colspan="2"');
  }
  print "</tr>\n";

  $total_storage_space = 0;
  $user_count = pg_num_rows($user_list);
  for ($i=0; $i < $user_count; $i++) {
    $user = pg_fetch_row($user_list, $i);

    $used_storage_space     = count_storage_space_by_user($database, $user[0]);
    $total_storage_space += $used_storage_space;
    $used_storage_space     = round($used_storage_space/1048576, 2);

    $user[13] -= $user[12];

    if (!$user[6]) $user[6] = $po_options_default['bulk_upload_enable'];
    if ($user[8] == '') $user[8] = $po_options_default['quota_count'];
    if ($user[9] == '') $user[9] = $po_options_default['quota_size'];
    if (!$user[14]) $user[14] = $po_options_default['show_ads'];

    print "<tr>\n";
    print emit_td(emit_a(generate_link('user', $user[0]), "$user[1], $user[2]") . " ($user[10])", 'align="left"');
    print emit_td($user[12] . ($user[13] > 0 ? " + $user[13]" : ""));
    print emit_td("$used_storage_space MB");
    print emit_td($user[4]);
    print emit_td(emit_enable_disable_text($user[11]));
    print emit_td(emit_enable_disable_text($user[6]));
    print emit_td(emit_user_quota($user[8], 0));
    print emit_td(emit_user_quota($user[9], 1));
    print emit_td(emit_date_html($user[3], 'date'));
    if (($user[7] == null) || ($user[7] == ''))
      print emit_td("--");
    else
      print emit_td(emit_date_html(date("Y-m-d H:i", $user[7]), 'date'));
    print emit_td(emit_enable_disable_text($user[14]));
    print emit_td(emit_a("admin.user.edit.php?user=$user[0]",$strings['generic_edit']));
    /* Don't let the admin delete themselves */
    if ($my_user_id != $user[0]) {
      print emit_td(emit_a("admin.user.del.php?user=$user[0]",$strings['generic_delete']));
    } else {
      print emit_td("");
    }
    print "</tr>\n";
  }
  print "</table>\n";

  $total_storage_space = round($total_storage_space/1048576, 2);

  print "<div align=\"center\">\n";
  print "$num_of_users[0] ".$strings['generic_members_storing']." $num_of_photos[0] ".$strings['generic_photos'];  
  if ($num_of_photo_versions[0] > 0) {
    print " + $num_of_photo_versions[0] ".$strings['generic_add_versions'];
  }
  print " ".$strings['generic_in']." $total_storage_space MB";

  print "</div>\n";
  print "<br/>\n";
}

function register_user($database, $username, $user_type, $password, $fn, $ln, $email, $auth_handle) {
  global $po_user;
  global $po_options_default;
  global $po_options;

  /* Required fields */
  $first_name                   = pg_escape_string($database, $fn);
  $last_name                    = pg_escape_string($database, $ln);
  $email                        = pg_escape_string($database, $email);
  $lang = isset($_REQUEST['lang']) ? $_REQUEST['lang'] : $po_options['lang'];

  /* Optional fields .. */
  $url                          = pg_escape_string($database, $_REQUEST['url']);
  $phone                        = pg_escape_string($database, $_REQUEST['phone']);
  $company                      = pg_escape_string($database, $_REQUEST['company']);
  $address1                     = pg_escape_string($database, $_REQUEST['address1']);
  $address2                     = pg_escape_string($database, $_REQUEST['address2']);
  $city                         = pg_escape_string($database, $_REQUEST['city']);
  $zipcode                      = pg_escape_string($database, $_REQUEST['zipcode']);
  $state                        = pg_escape_string($database, $_REQUEST['state']);
  $country                      = pg_escape_string($database, $_REQUEST['country']);
      
  pg_query($database, "begin");
  $new_user_id = pg_fetch_row(pg_query($database, "select nextval('users_id_sequence')"));
  
  $user_id = $new_user_id[0];
  
  if (strlen($url) && (substr($url, 0, 7) != "http://"))
    $url = "http://".$url;
  
  $password = pg_escape_string($database, $auth_handle->passwd_transform($password, $username));
  $username = pg_escape_string($database, $username);
  $result = pg_query($database, "insert into users (identifier, first_name, last_name, company, username, password, member_since, type, address1, address2, city, zipcode, state, country, phone, email, url)
                                   values ('$user_id', '$first_name', '$last_name', '$company', '$username', '$password', now(), $user_type, '$address1', '$address2', '$city', '$zipcode', $state, $country, '$phone', '$email', '$url')");

  if ($result) { 
    $result = pg_query($database, "insert into folder (identifier, parent_folder, users, caption, access_rights)
                                    values (nextval('folder_id_sequence'), null, '$user_id', 'Trash', 3)");
  }
  if ($result) {
    $result = pg_query($database, "insert into album (identifier, parent_album, users, caption, access_rights, description)
             values (nextval('album_id_sequence'), null, $user_id,
         'Spool', 3, null)");
  }
  
  if ($result)
    $result = store_user_pref($database, $user_id, 'lang', $lang);
  if ($result)
    $result = store_user_pref($database, $user_id, 'quota_size', $po_options_default['quota_size']);
  if ($result)
    $result = store_user_pref($database, $user_id, 'quota_count', $po_options_default['quota_count']);
  if ($result)
    $result = store_user_pref($database, $user_id, 'bulk_upload_enable', $po_options_default['bulk_upload_enable']);
  
  /* Create the client association */
  if ($result && $po_user['type'] == PO_USER_TYPE_USER) {
    $result = pg_query($database, "insert into client (identifier, users, client, status, trusted)
                               values (nextval('client_id_sequence'), '$po_user[id]', '$user_id', 2, 't')");
  }
  
  if ($result) {
    pg_query($database, "commit");
    return $user_id;
  } else {
    pg_query($database, "rollback");
    return FALSE;
  }
}

?>