<?php defined("SYSPATH") or die("No direct script access.");/** * Gallery -

1. <?php defined("SYSPATH") or die("No direct script access.");
2. /**
3.  * Gallery - a web based photo album viewer and editor
4.  * Copyright (C) 2000-2013 Bharat Mediratta
5.  *
6.  * This program is free software; you can redistribute it and/or modify
7.  * it under the terms of the GNU General Public License as published by
8.  * the Free Software Foundation; either version 2 of the License, or (at
9.  * your option) any later version.
10.  *
11.  * This program is distributed in the hope that it will be useful, but
12.  * WITHOUT ANY WARRANTY; without even the implied warranty of
13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14.  * General Public License for more details.
15.  *
16.  * You should have received a copy of the GNU General Public License
17.  * along with this program; if not, write to the Free Software
18.  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
19.  */
20. class Uploader_Controller extends Controller {
21.   public function index($id) {
22.     $item = ORM::factory("item", $id);
23.     access::required("view", $item);
24.     access::required("add", $item);
25.     if (!$item->is_album()) {
26.       $item = $item->parent();
27.     }
28.  
29.     print $this->_get_add_form($item);
30.   }
31.  
32.   public function start() {
33.     access::verify_csrf();
34.     batch::start();
35.   }
36.  
37.   public function add_photo($id) {
38.     $album = ORM::factory("item", $id);
39.     access::required("view", $album);
40.     access::required("add", $album);
41.     access::verify_csrf();
42.  
43.     // The Flash uploader not call /start directly, so simulate it here for now.
44.     if (!batch::in_progress()) {
45.       batch::start();
46.     }
47.  
48.     $form = $this->_get_add_form($album);
49.  
50.     // Uploadify adds its own field to the form, so validate that separately.
51.     $file_validation = new Validation($_FILES);
52.     $file_validation->add_rules(
53.       "Filedata", "upload::valid",  "upload::required",
54.       "upload::type[" . implode(",", legal_file::get_extensions()) . "]");
55.  
56.     if ($form->validate() && $file_validation->validate()) {
57.       $temp_filename = upload::save("Filedata");
58.       system::delete_later($temp_filename);
59.       try {
60.         $item = ORM::factory("item");
61.         $item->name = substr(basename($temp_filename), 10);  // Skip unique identifier Kohana adds
62.         $item->title = item::convert_filename_to_title($item->name);
63.         $item->parent_id = $album->id;
64.         $item->set_data_file($temp_filename);
65.  
66.         $path_info = @pathinfo($temp_filename);
67.         if (array_key_exists("extension", $path_info) &&
68.             legal_file::get_movie_extensions($path_info["extension"])) {
69.           $item->type = "movie";
70.           $item->save();
71.           log::success("content", t("Added a movie"),
72.                        html::anchor("movies/$item->id", t("view movie")));
73.         } else {
74.           $item->type = "photo";
75.           $item->save();
76.           log::success("content", t("Added a photo"),
77.                        html::anchor("photos/$item->id", t("view photo")));
78.         }
79.  
80.         module::event("add_photos_form_completed", $item, $form);
81.       } catch (Exception $e) {
82.         // The Flash uploader has no good way of reporting complex errors, so just keep it simple.
83.         Kohana_Log::add("error", $e->getMessage() . "\n" . $e->getTraceAsString());
84.  
85.         // Ugh.  I hate to use instanceof, But this beats catching the exception separately since
86.         // we mostly want to treat it the same way as all other exceptions
87.         if ($e instanceof ORM_Validation_Exception) {
88.           Kohana_Log::add("error", "Validation errors: " . print_r($e->validation->errors(), 1));
89.         }
90.  
91.         header("HTTP/1.1 500 Internal Server Error");
92.         print "ERROR: " . $e->getMessage();
93.         return;
94.       }
95.       print "FILEID: $item->id";
96.     } else {
97.       header("HTTP/1.1 400 Bad Request");
98.       print "ERROR: " . t("Invalid upload");
99.     }
100.   }
101.  
102.   public function status($success_count, $error_count) {
103.     if ($error_count) {
104.       // The "errors" won't be properly pluralized :-/
105.       print t2("Uploaded %count photo (%error errors)",
106.                "Uploaded %count photos (%error errors)",
107.                (int)$success_count,
108.                array("error" => (int)$error_count));
109.     } else {
110.       print t2("Uploaded %count photo", "Uploaded %count photos", $success_count);}
111.   }
112.  
113.   public function finish() {
114.     access::verify_csrf();
115.  
116.     batch::stop();
117.     json::reply(array("result" => "success"));
118.   }
119.  
120.   private function _get_add_form($album)  {
121.     $form = new Forge("uploader/finish", "", "post", array("id" => "g-add-photos-form"));
122.     $group = $form->group("add_photos")
123.       ->label(t("Add photos to %album_title", array("album_title" => html::purify($album->title))));
124.     $group->uploadify("uploadify")->album($album);
125.  
126.     $group = $form->group("actions");
127.     $group->uploadify_buttons("");
128.  
129.     module::event("add_photos_form", $album, $form);
130.  
131.     return $form;
132.   }
133. }