diff --git a/admin/adminAppDataQueue.php b/admin/adminAppDataQueue.php index fcd2f9b..ec38f12 100644 --- a/admin/adminAppDataQueue.php +++ b/admin/adminAppDataQueue.php @@ -5,12 +5,10 @@ include("path.php"); require(BASE."include/incl.php"); +require(BASE."include/mail.php"); require(BASE."include/screenshot.php"); require(BASE."include/tableve.php"); -require(BASE."include/category.php"); -require(BASE."include/mail.php"); - -apidb_header("Admin Application Data Queue"); +require(BASE."include/application.php"); // deny access if not admin if(!$_SESSION['current']->hasPriv("admin")) @@ -23,19 +21,23 @@ if(!$_SESSION['current']->hasPriv("admin")) // shows the list of appdata in queue if (!$_REQUEST['queueId']) { - //get available appData - $sQuery = "SELECT * from appDataQueue;"; + + apidb_header("Admin Application Data Queue"); + + // get available appData + $sQuery = "SELECT appDataQueue.*, appVersion.appId AS appId + FROM appDataQueue, appVersion + WHERE appVersion.versionId = appDataQueue.versionID;"; $hResult = query_appdb($sQuery); if(!$hResult || !mysql_num_rows($hResult)) { - //no appData in queue + // no appData in queue echo html_frame_start("","90%"); echo '

The App Data Queue is empty.

',"\n"; echo '

There is nothing for you to do. Check back later.

',"\n"; echo html_frame_end(" "); - } - else + } else { //help echo "
\n"; - echo " \n"; - echo " \n"; - if($ob->userId) - { - $oUser = new User($ob->userId); - echo " \n"; - } - else - echo " \n"; - echo "\n"; - echo "\n"; - echo "\n"; - echo "\n\n"; - $c++; + if ($c % 2 == 1) { $bgcolor = 'color0'; } else { $bgcolor = 'color1'; } + echo "\n"; + echo " \n"; + echo " \n"; + if($ob->userId) + { + $oUser = new User($ob->userId); + echo " \n"; } + else + echo " \n"; + echo "\n"; + echo "\n"; + echo "\n"; + echo "\n\n"; + $c++; } echo "
\n\n"; @@ -59,49 +61,36 @@ if (!$_REQUEST['queueId']) $c = 1; while($ob = mysql_fetch_object($hResult)) { - if($_SESSION['current']->isMaintainer($ob->queueappId, - $ob->queueversionId) - || $_SESSION['current']->hasPriv("admin")) - { - if ($c % 2 == 1) { $bgcolor = 'color0'; } else { $bgcolor = 'color1'; } - echo "
".date("Y-n-t h:i:sa", $ob->submitTime)."  ".$ob->queueId."".$oUser->sRealname." (".$oUser->sEmail.")Anonymous".appIdToName($ob->appId)."".versionIdToName($ob->versionId)."".$ob->type."
".date("Y-n-t h:i:sa", $ob->submitTime)."  ".$ob->queueId."".$oUser->sRealname." (".$oUser->sEmail.")Anonymous".lookup_app_name($ob->appId)."".lookup_version_name($ob->versionId)."".$ob->type."
\n\n"; echo html_frame_end(" "); - } - + } } else // shows a particular appdata { - if(!($_SESSION['current']->hasPriv("admin") || - $_SESSION['current']->isMaintainer($obj_row->queueAppId, - $obj_row->queueVersionId))) - { - errorpage("You don't have sufficient privileges to use this page."); - exit; - } - - $sQuery="SELECT * FROM appDataQueue WHERE queueId='".$_REQUEST['queueId']."'"; - $hResult=query_appdb($sQuery); - $obj_row=mysql_fetch_object($hResult); + $sQuery = "SELECT * FROM appDataQueue WHERE queueId='".$_REQUEST['queueId']."'"; + $hResult = query_appdb($sQuery); + $obj_row = mysql_fetch_object($hResult); if(!$_REQUEST['sub']=="inside_form") { - + apidb_header("Admin Application Data Queue"); + echo '
',"\n"; // help echo "
',"\n"; - echo "\n"; + echo "\n"; // version echo '',"\n"; - echo "\n"; + echo "\n"; //dataDescription echo '',"\n"; @@ -170,85 +159,69 @@ if (!$_REQUEST['queueId']) } elseif ($_REQUEST['add']) // we accepted the request { $statusMessage = ""; - $goodtogo = 0; + $goodtogo = 0; if($obj_row->type == "image") { - $sQuery = "INSERT INTO appData VALUES (null, ".$obj_row->appId.", ".$obj_row->versionId.", 'image', ". - "'".addslashes($_REQUEST['description'])."', '')"; - query_appdb($sQuery); - $iId = mysql_insert_id(); - - // we move the content in the live directory - rename("../data/queued/screenshots/".$obj_row->queueId, "../data/screenshots/".$iId); - rename("../data/queued/screenshots/originals/".$obj_row->queueId, "../data/screenshots/originals/".$iId); - rename("../data/queued/screenshots/thumbnails/".$obj_row->queueId, "../data/screenshots/thumbnails/".$iId); - - // we have to update the entry now that we know its name - $sQuery = "UPDATE appData SET url = '".$iId."' WHERE id = '".$iId."'"; - + $oScreenshot = new Screenshot($obj_row->queueId,true); + $oScreenshot->unQueue(); } - elseif ($obj_row->type == "url") { - $query = "INSERT INTO appData VALUES (null, ".$obj_row->appId.", ".$obj_row->versionId.", 'url', ". + elseif ($obj_row->type == "url") + { // FIXME: use Link class + $query = "INSERT INTO appData VALUES (null, ".$obj_row->versionId.", 'url', ". "'".addslashes($_REQUEST['description'])."', '".$obj_row->url."')"; - } + if (query_appdb($sQuery)) + { + $statusMessage = "

The application data was successfully added into the database

\n"; - if(debugging()) addmsg("

query: $query

","green"); - - if (query_appdb($sQuery)) - { - $statusMessage = "

The application data was successfully added into the database

\n"; - - //delete the item from the queue - query_appdb("DELETE from appDataQueue where queueId = ".$obj_row->queueId.";"); + //delete the item from the queue + query_appdb("DELETE from appDataQueue where queueId = ".$obj_row->queueId.";"); - //Send Status Email + //Send Status Email + $oUser = new User($obj_row->userId); + if ($oUser->sEmail) + { + $sSubject = "Application Data Request Report"; + $sMsg = "Your submission of an application data for ".lookup_app_name($obj_row->appId).lookup_version_name($obj_row->versionId)." has been accepted. "; + $sMsg .= $_REQUEST['replyText']; + $sMsg .= "We appreciate your help in making the Application Database better for all users.\r\n"; + + mail_appdb($oUser->sEmail, $sSubject ,$sMsg); + } + } + } + redirect(apidb_fullurl("admin/adminAppDataQueue.php")); + } elseif ($_REQUEST['reject']) + { + if($obj_row->type == "image") + { + $oScreenshot = new Screenshot($obj_row->queueId,true); + $oScreenshot->delete(); + } + elseif ($obj_row->type == "url") + { // FIXME: use Link class $oUser = new User($obj_row->userId); if ($oUser->sEmail) { $sSubject = "Application Data Request Report"; - $sMsg = "Your submission of an application data for ".appIdToName($obj_row->appId).versionIdToName($obj_row->versionId)." has been accepted. "; + $sMsg = "Your submission of an application data for ".lookup_app_name($obj_row->appId).lookup_version_name($obj_row->versionId)." was rejected. "; $sMsg .= $_REQUEST['replyText']; - $sMsg .= "We appreciate your help in making the Application Database better for all users.\r\n"; - - mail_appdb($oUser->sEmail, $sSubject ,$sMsg); + mail_appdb($oUser->sEmail, $sSubject ,$sMsg); + } + + //delete main item + $sQuery = "DELETE from appDataQueue where queueId = ".$obj_row->queueId.";"; + $hResult = query_appdb($sQuery); + if($hResult) + { + //success + echo "

Application data was successfully deleted from the Queue.

\n"; } - - //done - echo html_frame_start("Submit App Data","600"); - echo "

$statusMessage

\n"; } - } elseif ($_REQUEST['reject']) - { - $oUser = new User($obj_row->userId); - if ($oUser->sEmail) - { - $sSubject = "Application Data Request Report"; - $sMsg = "Your submission of an application data for ".appIdToName($obj_row->appId).versionIdToName($obj_row->versionId)." was rejected. "; - $sMsg .= $_REQUEST['replyText']; - - mail_appdb($oUser->sEmail, $sSubject ,$sMsg); - } - - //delete main item - $sQuery = "DELETE from appDataQueue where queueId = ".$obj_row->queueId.";"; - unlink("../data/queued/screenshots/".$obj_row->queueId); - unlink("../data/queued/screenshots/originals/".$obj_row->queueId); - unlink("../data/queued/screenshots/thumbnails/".$obj_row->queueId); - - $hResult = query_appdb($sQuery); - echo html_frame_start("Delete application data submission",400,"",0); - if($result) - { - //success - echo "

Application data was successfully deleted from the Queue.

\n"; - } + redirect(apidb_fullurl("admin/adminAppDataQueue.php")); } - } echo html_frame_end(" "); echo html_back_link(1,'adminAppDataQueue.php'); apidb_footer(); ?> - - diff --git a/admin/editAppFamily.php b/admin/editAppFamily.php index deaaffe..fcda8c0 100644 --- a/admin/editAppFamily.php +++ b/admin/editAppFamily.php @@ -125,93 +125,6 @@ if(isset($_REQUEST['submit'])) } } } - else if($_REQUEST['submit'] == "Update URL") - { - - $sWhatChanged = ""; - $bAppChanged = false; - - if (!empty($_REQUEST['url_desc']) && !empty($_REQUEST['url']) ) - { - // process added URL - if($_SESSION['current']->showDebuggingInfos()) { echo "

{$_REQUEST['url']}: {$_REQUEST['url_desc']}

"; } - - $aInsert = compile_insert_string( array( 'appId' => $_REQUEST['appId'], - 'type' => 'url', - 'description' => $_REQUEST['url_desc'], - 'url' => $_REQUEST['url'])); - - $sQuery = "INSERT INTO appData ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})"; - - if($_SESSION['current']->showDebuggingInfos()) { echo "

query: $sQuery

"; } - - if (query_appdb($sQuery)) - { - addmsg("The URL was successfully added into the database", "green"); - $sWhatChanged .= " Added Url: Description: ".stripslashes($_REQUEST['url_desc'])."\n"; - $sWhatChanged .= " Url: ".stripslashes($_REQUEST['url'])."\n"; - $bAppChanged = true; - } - } - - // Process changed URLs - - for($i = 0; $i < $_REQUEST['rows']; $i++) - { - if($_SESSION['current']->showDebuggingInfos()) { echo "

{$_REQUEST['adescription'][$i]}: {$_REQUEST['aURL'][$i]}: {$_REQUEST['adelete'][$i]} : {$_REQUEST['aId'][$i]} : .{$_REQUEST['aOldDesc'][$i]}. : {$_REQUEST['aOldURL'][$i]}

"; } - - if ($_REQUEST['adelete'][$i] == "on") - { - $hResult = query_appdb("DELETE FROM appData WHERE id = '{$_REQUEST['aId'][$i]}'"); - - if($hResult) - { - addmsg("

Successfully deleted URL ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].")

\n",'green'); - $sWhatChanged .= "Deleted Url: Description: ".stripslashes($_REQUEST['aOldDesc'][$i])."\n"; - $sWhatChanged .= " url: ".stripslashes($_REQUEST['aOldURL'][$i])."\n"; - $bAppChanged = true; - } - - - } - else if( $_REQUEST['aURL'][$i] != $_REQUEST['aOldURL'][$i] || $_REQUEST['adescription'][$i] != $_REQUEST['aOldDesc'][$i]) - { - if(empty($_REQUEST['aURL'][$i]) || empty($_REQUEST['adescription'][$i])) - addmsg("The URL or description was blank. URL not changed in the database", "red"); - else - { - $sUpdate = compile_update_string( array( 'description' => $_REQUEST['adescription'][$i], - 'url' => $_REQUEST['aURL'][$i])); - if (query_appdb("UPDATE appData SET $sUpdate WHERE id = '{$_REQUEST['aId'][$i]}'")) - { - addmsg("

Successfully updated ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].")

\n",'green'); - $sWhatChanged .= "Changed Url: Old Description: ".stripslashes($_REQUEST['aOldDesc'][$i])."\n"; - $sWhatChanged .= " Old Url: ".stripslashes($_REQUEST['aOldURL'][$i])."\n"; - $sWhatChanged .= " New Description: ".stripslashes($_REQUEST['adescription'][$i])."\n"; - $sWhatChanged .= " New url: ".stripslashes($_REQUEST['aURL'][$i])."\n"; - $bAppChanged = true; - } - } - } - } - if ($bAppChanged) - { - $sEmail = get_notify_email_address_list($_REQUEST['appId']); - if($sEmail) - { - $sFullAppName = "Links for ".lookupAppName($_REQUEST['appId'])." have been updated"; - $sMsg = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."\r\n"; - $sMsg .= "\n"; - $sMsg .= $_SESSION['current']->sRealname." updated links for ".$sFullAppName." \r\n"; - $sMsg .= "\n"; - $sMsg .= $sWhatChanged."\n"; - mail_appdb($sEmail, $sFullAppName ,$sMsg); - } - } - - redirect(apidb_fullurl("appview.php?appId={$_REQUEST['appId']}")); - exit; - } } else // Show the form for editing the Application Family @@ -262,50 +175,6 @@ else echo html_frame_end(); echo ""; - // url edit form - echo '',"\n"; - echo ''; - echo html_frame_start("Edit URL","90%","",0); - echo '
\n\n"; @@ -115,11 +104,11 @@ if (!$_REQUEST['queueId']) // app name echo '
App Name".appIdToName($obj_row->appId)."
".lookup_app_name($obj_row->appId)."
App Version".versionIdToName($obj_row->versionId)."
".lookup_version_name($obj_row->versionId)."
Description
',"\n"; - - $i = 0; - $result = query_appdb("SELECT * FROM appData WHERE appId = $ob->appId AND type = 'url' AND versionId = 0"); - if($result && mysql_num_rows($result) > 0) - { - echo '',"\n"; - while($ob = mysql_fetch_object($result)) - { - $temp0 = "adelete[".$i."]"; - $temp1 = "adescription[".$i."]"; - $temp2 = "aURL[".$i."]"; - $temp3 = "aId[".$i."]"; - $temp4 = "aOldDesc[".$i."]"; - $temp5 = "aOldURL[".$i."]"; - echo '',"\n"; - echo '',"\n"; - echo ''; - echo ''; - echo '',"\n"; - $i++; - } - } else - { - echo '',"\n"; - echo '',"\n"; - } - echo "\n"; - echo ""; - - echo '',"\n"; - echo '',"\n"; - - echo '',"\n"; - - echo '
Delete',"\n"; - echo 'DescriptionURL
',"\n"; - echo '
DescriptionURL
New
',"\n"; - echo html_frame_end(); - echo ""; echo html_back_link(1,BASE."appview.php?appId=$ob->appId"); } diff --git a/admin/editAppVersion.php b/admin/editAppVersion.php index 96ef8a3..08a6471 100644 --- a/admin/editAppVersion.php +++ b/admin/editAppVersion.php @@ -121,18 +121,13 @@ if(isset($_REQUEST['submit1'])) if (!empty($_REQUEST['url_desc']) && !empty($_REQUEST['url']) ) { // process added URL - if($_SESSION['current']->showDebuggingInfos()) { echo "

{$_REQUEST['url']}: {$_REQUEST['url_desc']}

"; } - - $aInsert = compile_insert_string( array( 'appId' => $_REQUEST['appId'], - 'versionId' => $_REQUEST['versionId'], + $aInsert = compile_insert_string( array('versionId' => $_REQUEST['versionId'], 'type' => 'url', 'description' => $_REQUEST['url_desc'], 'url' => $_REQUEST['url'])); $sQuery = "INSERT INTO appData ({$aInsert['FIELDS']}) VALUES ({$aInsert['VALUES']})"; - if($_SESSION['current']->showDebuggingInfos()) { echo "

query: $sQuery

"; } - if (query_appdb($sQuery)) { addmsg("The URL was successfully added into the database", "green"); @@ -145,15 +140,13 @@ if(isset($_REQUEST['submit1'])) // Process changed URLs for($i = 0; $i < $_REQUEST['rows']; $i++) { - if($_SESSION['current']->showDebuggingInfos()) { echo "

{$_REQUEST['adescription'][$i]}: {$_REQUEST['aURL'][$i]}: {$_REQUEST['adelete'][$i]} : {$_REQUEST['aId'][$i]} : .{$_REQUEST['aOldDesc'][$i]}. : {$_REQUEST['aOldURL'][$i]}

"; } - if ($_REQUEST['adelete'][$i] == "on") { $hResult = query_appdb("DELETE FROM appData WHERE id = '{$_REQUEST['aId'][$i]}'"); if($hResult) { - addmsg("

Successfully deleted URL ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].")

\n",'green'); + addmsg("Successfully deleted URL ".$_REQUEST['aOldDesc'][$i]." (".$_REQUEST['aOldURL'][$i].").","green"); $sWhatChanged .= "Deleted Url: Description: ".stripslashes($_REQUEST['aOldDesc'][$i])."\n"; $sWhatChanged .= " url: ".stripslashes($_REQUEST['aOldURL'][$i])."\n"; $bAppChanged = true; @@ -198,7 +191,7 @@ if(isset($_REQUEST['submit1'])) mail_appdb($sEmail, $sSubject ,$sMsg); } } - exit; + redirect(apidb_fullurl("appview.php?versionId=".$_REQUEST['versionId'])); } else { ?> diff --git a/appview.php b/appview.php index ef505e7..04ceca1 100644 --- a/appview.php +++ b/appview.php @@ -170,7 +170,7 @@ function display_versions($appId, $versions) /** - * We want to see an application family (=no version) + * We want to see an application family (=no version). */ if(!is_numeric($_REQUEST['appId']) && !is_numeric($_REQUEST['versionId'])) { @@ -227,18 +227,6 @@ if($_REQUEST['appId']) // main URL echo " URL".$appLinkURL."\n"; - // optional links - $result = query_appdb("SELECT * FROM appData WHERE appId = ".$_REQUEST['appId']." AND versionID = 0 AND type = 'url'"); - if($result && mysql_num_rows($result) > 0) - { - echo " Links\n"; - while($ob = mysql_fetch_object($result)) - { - echo " ".substr(stripslashes($ob->description),0,30)."
\n"; - } - echo " \n"; - } - // image $img = get_screenshot_img($_REQUEST['appId']); echo "$img\n"; @@ -325,9 +313,10 @@ if($_REQUEST['appId']) //log_application_visit($_REQUEST['appId']); } -####################################### -# We want to see a particular version # -####################################### + +/* + * We want to see a particular version. + */ else if($_REQUEST['versionId']) { //FIXME: get rid of appId references everywhere, as version is enough. @@ -371,7 +360,7 @@ else if($_REQUEST['versionId']) echo " Version".stripslashes($ver->versionName)."\n"; // links - $result = query_appdb("SELECT * FROM appData WHERE appId = $appId AND versionID = ".$_REQUEST['versionId']." AND type = 'url'"); + $result = query_appdb("SELECT * FROM appData WHERE versionID = ".$_REQUEST['versionId']." AND type = 'url'"); if($result && mysql_num_rows($result) > 0) { echo " Links\n"; @@ -422,7 +411,7 @@ else if($_REQUEST['versionId']) } else { /* are we already a maintainer? */ - if($_SESSION['current']->isMaintainer($appId, $_REQUEST['versionId'])) /* yep */ + if($_SESSION['current']->isMaintainer($_REQUEST['versionId'])) /* yep */ { echo '
'; echo ""; diff --git a/include/screenshot.php b/include/screenshot.php index ae28599..fa9e258 100644 --- a/include/screenshot.php +++ b/include/screenshot.php @@ -3,7 +3,7 @@ /* screenshot class and related functions */ /******************************************/ -require(BASE."include/"."image.php"); +require(BASE."include/image.php"); // load the watermark $watermark = new image("/images/watermark.png"); @@ -23,20 +23,22 @@ class Screenshot { var $iAppId; var $sDirectory; var $sUrl; + var $iSubmitterId; /** * constructor, fetches the description and creates the Image objects and files if needed. */ - function Screenshot($iScreenshotId,$bQueued = false,$iUserId = null,$iAppId = null,$iVersionId = null,$sDescription = null,$hFile = null) + function Screenshot($iScreenshotId = null,$bQueued = false) { if($bQueued) { + $this->bQueued = true; $this->sTable = appDataQueue; $this->sTableId = queueId; - $this->iUserId = $userId; $this->sDirectory = "queued/screenshots"; } else { + $this->bQueued = false; $this->sTable = appData; $this->sTableId = id; $this->sDirectory = "screenshots"; @@ -46,11 +48,14 @@ class Screenshot { if($iScreenshotId) { $this->iScreenshotId = $iScreenshotId; - $sQuery = "SELECT * FROM ".$this->sTable." WHERE ".$this->sTableId." = ".$this->iScreenshotId." AND type = 'image'"; + $sQuery = "SELECT ".$this->sTable.".*, appVersion.appId AS appId + FROM ".$this->sTable.", appVersion + WHERE ".$this->sTable.".versionId = appVersion.versionId + AND ".$this->sTableId." = ".$this->iScreenshotId." + AND type = 'image'"; if($hResult = query_appdb($sQuery)) { $oRow = mysql_fetch_object($hResult); - $this->iScreenshotId = $oRow->id; $this->sDescription = $oRow->description; $this->oScreenshotImage = new Image("/data/".$this->sDirectory."/".$oRow->url); $this->oThumbnailImage = new Image("/data/".$this->sDirectory."/thumbnails/".$oRow->url); @@ -58,24 +63,47 @@ class Screenshot { $this->iAppId = $oRow->appId; $this->iVersionId = $oRow->versionId; $this->sUrl = $oRow->url; + if(!$this->iSubmitterId && $oRow->queueuserid) + $this->iSubmitterId = $oRow->queueuserid; } - } else // we are working on a non-existing screenshot + } + } + + + function create($iVersionId = null, $sDescription = null, $hFile = null) + { + + $aInsert = compile_insert_string(array( 'versionId' => $iVersionId, + 'type' => "image", + 'description' => $sDescription )); + + // Security, if we are not an administrator or a maintainer, the screenshot must be queued. + if(!($_SESSION['current']->hasPriv("admin") || $_SESSION['current']->isMaintainer($_REQUEST['versionId']))) { - $this->sDescription = $sDescription; - if($bQueued) - $sQuery = "INSERT INTO $this->sTable VALUES (null, ".$iAppId.", ".$iVersionId.", 'image', '".addslashes($this->sDescription)."', '','".$_SESSION['current']->userid."', NOW())"; - else - $sQuery = "INSERT INTO $this->sTable VALUES (null, ".$iAppId.", ".$iVersionId.", 'image', '".addslashes($this->sDescription)."', '')"; - if (query_appdb($sQuery)) - { - $this->iScreenshotId = mysql_insert_id(); - } - else return false; + $this->bQueued = true; + $this->sTable = appDataQueue; + $this->sTableId = queueId; + $this->iUserId = $userId; + $this->sDirectory = "queued/screenshots"; + $sFields = "({$aInsert['FIELDS']}, userId)"; + $sValues = "({$aInsert['VALUES']}, '".$_SESSION['current']->iUserId."')"; + } else + { + $sFields = "({$aInsert['FIELDS']})"; + $sValues = "({$aInsert['VALUES']})"; + } + + if(query_appdb("INSERT INTO ".$this->sTable." $sFields VALUES $sValues", "Error while creating a new screenshot.")) + { + $this->iScreenshotId = mysql_insert_id(); if(!move_uploaded_file($hFile['tmp_name'], "data/".$this->sDirectory."/originals/".$this->iScreenshotId)) { + // whoops, moving failed, do something addmsg("Unable to move screenshot from ".$hFile['tmp_name']." to data/".$this->sDirectory."/originals/".$this->iScreenshotId, "red"); - $sQuery = "DELETE FROM ".$this->sTable." WHERE ".$this->sTableId." = '".$this->iScreenshotId."'"; + $sQuery = "DELETE + FROM ".$this->sTable." + WHERE ".$this->sTableId." = '".$this->iScreenshotId."'"; query_appdb($sQuery); return false; } else // we managed to copy the file, now we have to process the image @@ -83,38 +111,102 @@ class Screenshot { $this->sUrl = $this->iScreenshotId; $this->generate(); // we have to update the entry now that we know its name - $sQuery = "UPDATE ".$this->sTable." SET url = '".$this->iScreenshotId."' WHERE ".$this->sTableId." = '".$this->iScreenshotId."'"; + $sQuery = "UPDATE ".$this->sTable." + SET url = '".$this->iScreenshotId."' + WHERE ".$this->sTableId." = '".$this->iScreenshotId."'"; if (!query_appdb($sQuery)) return false; } + + $this->screenshot($this->iScreenshotId,$this->bQueued); + $this->mailMaintainers(); + return true; } + else + return false; } + /** - * delete the screenshot from the database - * and request it's deletion from the filesystem (including the thumbnail). + * Deletes the screenshot from the database. + * and request its deletion from the filesystem (including the thumbnail). */ - function delete() + function delete($bSilent=false) { - $sQuery = "DELETE FROM ".$this->sTable." WHERE ".$this->sTableId." = ".$this->iScreenshotId." AND type = 'image' LIMIT 1"; + $sQuery = "DELETE FROM ".$this->sTable." + WHERE ".$this->sTableId." = ".$this->iScreenshotId." + AND type = 'image' + LIMIT 1"; if($hResult = query_appdb($sQuery)) { $this->oScreenshotImage->delete(); $this->oThumbnailImage->delete(); unlink($_SERVER['DOCUMENT_ROOT']."/data/".$this->sDirectory."/originals/".$this->iScreenshotId); + if(!$bSilent) + $this->mailMaintainers(true); + } + if($this->iSubmitterId) + { + $this->mailSubmitter(true); } } + /** - * clean up the memory + * Move screenshot out of the queue. + */ + function unQueue() + { + // If we are not in the queue, we can't move the screenshot out of the queue. + if(!$this->bQueued) + return false; + + $aInsert = compile_insert_string(array( 'versionId' => $this->iVersionId, + 'type' => "image", + 'description' => $this->$sDescription )); + $sFields = "({$aInsert['FIELDS']})"; + $sValues = "({$aInsert['VALUES']})"; + if(query_appdb("INSERT INTO appData $sFields VALUES $sValues", "Error while unqueueing a screenshot.")) + { + $iId = mysql_insert_id(); + + // we move the content in the live directory + copy("../data/queued/screenshots/".$this->iScreenshotId, "../data/screenshots/".$iId); + copy("../data/queued/screenshots/originals/".$this->iScreenshotId, "../data/screenshots/originals/".$iId); + copy("../data/queued/screenshots/thumbnails/".$this->iScreenshotId, "../data/screenshots/thumbnails/".$iId); + + // now that we know the url of the screenshot we can update the database + $sQuery = "UPDATE appData + SET url = '".$iId."' + WHERE id = '".$iId."'"; + query_appdb($sQuery); + + // we have to delete the queued entry + $this->delete(true); + + // we fetch the new unqueued entry + $this->screenshot($iId); + + // we send an e-mail to intersted people + $this->mailSubmitter(); + $this->mailMaintainers(); + } + } + + + /** + * Cleans up the memory. */ function free() { - $this->oScreenshotImage->destroy(); - $this->oThumbnailImage->destroy(); + if($this->oScreenshotImage) + $this->oScreenshotImage->destroy(); + if($this->oThumbnailImage) + $this->oThumbnailImage->destroy(); } + /** - * sets the screenshot description. + * Sets the screenshot description. */ function setDescription($sDescription) { @@ -154,6 +246,66 @@ class Screenshot { $this->oScreenshotImage->output_to_file($_SERVER['DOCUMENT_ROOT']."/data/".$this->sDirectory."/".$this->sUrl); } + + function mailSubmitter($bRejected=false) + { + if($this->iSubmitterId) + { + $oSubmitter = new User($this->iSubmitterId); + if(!$bRejected) + { + $sSubject = "Submitted screenshot accepted"; + $sMsg = "The screenshot you submitted for ".lookup_app_name($this->appId)." ".lookup_version_name($this->versionId)." has been accepted."; + } else + { + $sSubject = "Submitted screenshot rejected"; + $sMsg = "The screenshot you submitted for ".lookup_app_name($this->appId)." ".lookup_version_name($this->versionId)." has been accepted."; + } + $sMsg .= $_REQUEST['replyText']."\n"; + $sMsg .= "We appreciate your help in making the Application Database better for all users."; + + mail_appdb($oSubmitter->sEmail, $sSubject ,$sMsg); + } + + // the screenshot has been unqueued + addmsg("The screenshot has been unqueued.", "green"); + } + + + function mailMaintainers($bDeleted=false) + { + if(!$bDeleted) + { + if(!$this->bQueued) + { + $sSubject = "Screenshot for ".lookup_app_name($this->iAppId)." ".lookup_version_name($this->iVersionId)." added by ".$_SESSION['current']->sRealname; + $sMsg = APPDB_ROOT."appview.php?versionId=".$this->iVersionId."\n"; + if($this->iSubmitterId) + { + $oSubmitter = new User($this->iSubmitterId); + $sMsg .= "This screenshot has been submitted by ".$oSubmitter->sRealname."."; + $sMsg .= "\n"; + } + addmsg("The screenshot was successfully added into the database.", "green"); + } else // Screenshot queued. + { + $sSubject = "Screenshot for ".lookup_app_name($this->iAppId)." ".lookup_version_name($this->iVersionId)." submitted by ".$_SESSION['current']->sRealname; + $sMsg = APPDB_ROOT."appview.php?versionId=".$this->iVersionId."\n"; + $sMsg .= "This screenshot has been queued."; + $sMsg .= "\n"; + addmsg("The screenshot you submitted will be added to the database database after being reviewed.", "green"); + } + } else // Screenshot deleted. + { + $sSubject = "Screenshot for ".lookup_app_name($this->iAppId)." ".lookup_version_name($this->iVersionId)." deleted by ".$_SESSION['current']->sRealname; + $sMsg = APPDB_ROOT."appview.php?versionId=".$this->iVersionId."\n"; + addmsg("Screenshot deleted.", "green"); + } + + $sEmail = get_notify_email_address_list(null, $this->iVersionId); + if($sEmail) + mail_appdb($sEmail, $sSubject ,$sMsg); + } } @@ -165,34 +317,73 @@ class Screenshot { * Get a random image for a particular version of an app. * If the version is not set, get a random app image */ -function get_screenshot_img($appId, $versionId="") +function get_screenshot_img($iAppId = null, $iVersionId = null) { - if($versionId) + // we want a random screenshots for this app + if($iAppId) { - $result = query_appdb("SELECT *, RAND() AS rand FROM appData WHERE appId = $appId AND versionId = $versionId AND type = 'image' ORDER BY rand"); + $hResult = query_appdb("SELECT appData.*, RAND() AS rand + FROM appData, appVersion + WHERE appData.versionId = appVersion.versionId + AND appVersion.appId = $iAppId + AND type = 'image' + ORDER BY rand"); + } else if ($iVersionId) // we want a random screenshot for this version + { + $hResult = query_appdb("SELECT *, RAND() AS rand + FROM appData + WHERE versionId = $iVersionId + AND type = 'image' + ORDER BY rand"); } - else { - $result = query_appdb("SELECT *, RAND() AS rand FROM appData WHERE appId = $appId AND type = 'image' ORDER BY rand"); + if(!$hResult || !mysql_num_rows($hResult)) + { + $sImgFile = 'No Screenshot'; + } else + { + $oRow = mysql_fetch_object($hResult); + $sImgFile = ''.$oRow->description.''; } - if(!$result || !mysql_num_rows($result)) - { - $imgFile = "No Screenshot"; - } - else - { - $ob = mysql_fetch_object($result); - $imgFile = "id."\" ". - "alt=\"".$ob->description."\" />"; - } - - $img = html_frame_start("",'128','',2); - if($versionId || mysql_num_rows($result)) - $img .= "$imgFile"; + $sImg = html_frame_start("",'128','',2); + if($iVersionId || mysql_num_rows($hResult)) + $sImg .= "$sImgFile"; else // no link for adding app screenshot as screenshots are linked to versions - $img .= $imgFile; - $img .= html_frame_end()."
"; + $sImg .= $sImgFile; + $sImg .= html_frame_end()."
"; - return $img; + return $sImg; +} + +function get_screenshots($iAppId = null, $iVersionId = null) +{ + /* + * We want all screenshots for this app. + */ + if($iAppId) + { + $sQuery = "SELECT appData.*, appVersion.appId as appId + FROM appData, appVersion + WHERE appVersion.versionId = appData.versionId + AND type = 'image' + AND appId = ".$iAppId; + } + /* + * We want all screenshots for this version. + */ + else if ($iVersionId) + { + $sQuery = "SELECT appData.*, appVersion.appId as appId + FROM appData, appVersion + WHERE appVersion.versionId = appData.versionId + AND type = 'image' + AND appData.versionId = ".$iVersionId; + } + if($sQuery) + { + $hResult = query_appdb($sQuery); + return $hResult; + } + return false; } ?> diff --git a/include/user.php b/include/user.php index 07d3cf8..eeee064 100644 --- a/include/user.php +++ b/include/user.php @@ -317,39 +317,60 @@ function generate_passwd($pass_len = 10) /** * Get the email address of people to notify for this appId and versionId. */ -function get_notify_email_address_list($appId, $versionId = 0) +function get_notify_email_address_list($iAppId = null, $iVersionId = null) { $aUserId = array(); $c = 0; $retval = ""; - if ($versionId == 0) - $sWhere = "appId = ".$appId; - else - $sWhere = "appId = ".$appId." AND versionId = ".$versionId; - $query = "SELECT userId FROM appMaintainers WHERE ".$sWhere.";"; - $result = query_appdb($query); - if(mysql_num_rows($result) > 0) + /* + * Retrieve version maintainers. + */ + /* + * If versionId was supplied we fetch supermaintainers of application and maintainer of version. + */ + if($iVersionId) { - while($row = mysql_fetch_object($result)) + $sQuery = "SELECT appMaintainers.userId + FROM appMaintainers, appVersion + WHERE appVersion.appId = appMaintainers.appId + AND appVersion.versionId = '".$iVersionId."'"; + } + /* + * If versionId was not supplied we fetch supermaintainers of application and maintainer of all versions. + */ + elseif($iAppId) + { + $sQuery = "SELECT userId + FROM appMaintainers + WHERE appId = '".$iAppId."'"; + } + $hResult = query_appdb($sQuery); + if(mysql_num_rows($hResult) > 0) + { + while($oRow = mysql_fetch_object($hResult)) { - $aUserId[$c] = array($row->userId); + $aUserId[$c] = array($oRow->userId); $c++; } } - $result = query_appdb("SELECT * FROM user_privs WHERE priv = 'admin'"); - if(mysql_num_rows($result) > 0) + + + /* + * Retrieve administrators. + */ + $hResult = query_appdb("SELECT * FROM user_privs WHERE priv = 'admin'"); + if(mysql_num_rows($hResult) > 0) { - while($row = mysql_fetch_object($result)) + while($oRow = mysql_fetch_object($hResult)) { - $i = array_search($row->userid, $aUserId); - if ($aUserId[$i] != array($row->userid)) + $i = array_search($oRow->userid, $aUserId); + if ($aUserId[$i] != array($oRow->userid)) { - $aUserId[$c] = array($row->userid); + $aUserId[$c] = array($oRow->userid); $c++; } } - } if ($c > 0) { diff --git a/screenshots.php b/screenshots.php index 5008c51..0e37805 100644 --- a/screenshots.php +++ b/screenshots.php @@ -15,101 +15,42 @@ require(BASE."include/application.php"); require(BASE."include/mail.php"); +/* + * We issued a command. + */ if($_REQUEST['cmd']) { - //process screenshot upload + // process screenshot upload if($_REQUEST['cmd'] == "screenshot_upload") { - if($_SESSION['current']->hasPriv("admin") || - ($_SESSION['current']->isLoggedIn() && $_SESSION['current']->isMaintainer($_REQUEST['appId'], - $_REQUEST['versionId']))) - { - $oScreenshot = new Screenshot(null,false,$_SESSION['current']->iUserId,$_REQUEST['appId'],$_REQUEST['versionId'],$_REQUEST['screenshot_desc'],$_FILES['imagefile']); - if($oScreenshot) - { - //success - $sEmail = get_notify_email_address_list($_REQUEST['appId'], $_REQUEST['versionId']); - if($sEmail) - { - $sFullAppName = "Screenshot added to ".lookupAppName($_REQUEST['appId'])." ".lookupVersionName($_REQUEST['versionId']); - $sMsg = APPDB_ROOT."screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n"; - $sMsg .= "\n"; - $sMsg .= $_SESSION['current']->sRealname." added screenshot ".$_REQUEST['screenshot_desc']." to ".$sFullAppName."\n"; - mail_appdb($sEmail, $sFullAppName ,$sMsg); - } - addmsg("The image was successfully added into the database", "green"); - redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); - } - } else // we are a normal user or an anonymous and submitted a screenshot - { - $oScreenshot = new Screenshot(null,true,$_SESSION['current']->userid,$_REQUEST['appId'],$_REQUEST['versionId'],$_REQUEST['screenshot_desc'],$_FILES['imagefile']); - if($oScreenshot) - { - //success - $sEmail = get_notify_email_address_list($_REQUEST['appId'], $_REQUEST['versionId']); - if($sEmail) - { - $sFullAppName = "Screenshot queued for ".lookupAppName($_REQUEST['appId'])." ".lookupVersionName($_REQUEST['versionId']); - $sMsg = APPDB_ROOT."admin/adminAppDataQueue.php?queueId=".mysql_insert_id()."\n"; - $sMsg .= "\n"; - $sMsg .= ($_SESSION['current']->sRealname ? $_SESSION['current']->sRealname : "an anonymous user")." submitted a screenshot ".$_REQUEST['screenshot_desc']." for ".$sFullAppName."\n"; - - mail_appdb($sEmail, $sFullAppName ,$sMsg); - } - addmsg("The image you submitted will be added to the database database after being reviewed", "green"); - redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); - } - } + $oScreenshot = new Screenshot(); + $oScreenshot->create($_REQUEST['versionId'], $_REQUEST['screenshot_desc'], $_FILES['imagefile']); $oScreenshot->free(); - } elseif($_REQUEST['cmd'] == "delete" && is_numeric($_REQUEST['imageId'])) + } elseif($_REQUEST['cmd'] == "delete" && is_numeric($_REQUEST['imageId'])) // process screenshot deletion { - if($_SESSION['current']->hasPriv("admin") || - $_SESSION['current']->isMaintainer($_REQUEST['appId'], - $_REQUEST['versionId'])) - { - $oScreenshot = new Screenshot($_REQUEST['imageId']); - if($oScreenshot && $oScreenshot->delete()) - { - $sEmail = get_notify_email_address_list($_REQUEST['appId'], $_REQUEST['versionId']); - if($sEmail) - { - $sFullAppName = "Screenshot deleted from ".lookupAppName($_REQUEST['appId'])." ".lookupVersionName($_REQUEST['versionId']); - $sMsg = APPDB_ROOT."screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n"; - $sMsg .= "\n"; - $sMsg .= ($_SESSION['current']->sRealname ? $_SESSION['current']->sRealname : "Anonymous")." deleted screenshot from ".$sFullAppName."\r\n"; - - mail_appdb($sEmail, $sFullAppName ,$sMsg); - } - addmsg("Image deleted", "green"); - redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); - } else - { - redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); - } - } + $oScreenshot = new Screenshot($_REQUEST['imageId']); + $oScreenshot->delete(); + $oScreenshot->free(); } - $oScreenshot->free(); - exit; + redirect(apidb_fullurl("screenshots.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); } -// we didn't issue any command -if($_REQUEST['versionId']) - $result = query_appdb("SELECT * FROM appData WHERE type = 'image' AND appId = ".$_REQUEST['appId']." AND versionId = ".$_REQUEST['versionId']); -else - $result = query_appdb("SELECT * FROM appData WHERE type = 'image' AND appId = ".$_REQUEST['appId']." ORDER BY versionId"); - -$app=new Application($_REQUEST['appId']); + +/* + * We didn't issued any command. + */ +$hResult = get_screenshots($_REQUEST['appId'], $_REQUEST['versionId']); apidb_header("Screenshots"); -if($result && mysql_num_rows($result)) +if($hResult && mysql_num_rows($hResult)) { - echo html_frame_start("Screenshot Gallery for ".$app->data->appName,500); + echo html_frame_start("Screenshot Gallery for ".lookup_app_name($_REQUEST['appId'])." ".lookup_version_name($_REQUEST['versionId']),500); // display thumbnails $c = 1; echo "
\n"; - while($ob = mysql_fetch_object($result)) + while($oRow = mysql_fetch_object($hResult)) { - if(!$_REQUEST['versionId'] && $ob->versionId!=$currentVersionId) + if(!$_REQUEST['versionId'] && $oRow->versionId != $currentVersionId) { if($currentVersionId) { @@ -117,37 +58,36 @@ if($result && mysql_num_rows($result)) echo html_frame_end(); $c=1; } - $currentVersionId=$ob->versionId; - echo html_frame_start("Version ".lookupVersionName($currentVersionId)); + $currentVersionId=$oRow->versionId; + echo html_frame_start("Version ".lookup_version_name($currentVersionId)); echo "
\n"; } - $oScreenshot = new Screenshot($ob->id); + $oScreenshot = new Screenshot($oRow->id); // generate random tag for popup window $randName = generate_passwd(5); // set img tag - $imgSRC = ''.$oScreenshot->description.''; + $imgSRC = ''.$oScreenshot->description.''; // set image link based on user pref - $img = ''.$imgSRC.''; + $img = ''.$imgSRC.''; if ($_SESSION['current']->isLoggedIn()) { if ($_SESSION['current']->getpref("window:screenshot") == "no") { - $img = ''.$imgSRC.''; + $img = ''.$imgSRC.''; } } // display image echo "\n"; @@ -168,7 +108,7 @@ if($result && mysql_num_rows($result)) if($_REQUEST['versionId']) { //image upload box - echo '',"\n"; + echo '',"\n"; echo html_frame_start("Upload Screenshot","400","",0); echo '
\n"; echo $img; - echo "
". substr(stripslashes($ob->description),0,20). "\n"; + echo "
". substr($oRow->description,0,20). "\n"; //show admin delete link if($_SESSION['current']->isLoggedIn() && ($_SESSION['current']->hasPriv("admin") || - $_SESSION['current']->isMaintainer($_REQUEST['appId'], - $_REQUEST['versionId']))) + $_SESSION['current']->isMaintainer($_REQUEST['versionId']))) { - echo "
[Delete Image]"; + echo "
[Delete Image]"; } echo "
',"\n"; @@ -181,7 +121,6 @@ if($_REQUEST['versionId']) echo html_frame_end(); echo '',"\n"; echo '',"\n"; - echo '',"\n"; echo '',"\n"; } echo html_back_link(1); diff --git a/tables/appdb_tables.sql b/tables/appdb_tables.sql index b3562de..1b7082b 100644 --- a/tables/appdb_tables.sql +++ b/tables/appdb_tables.sql @@ -154,7 +154,6 @@ create table appComments ( */ create table appData ( id int not null auto_increment, - appId int not null, versionId int default 0, type enum('image', 'url', 'bug'), description text, @@ -170,7 +169,6 @@ create table appData ( */ create table appDataQueue ( queueId int not null auto_increment, - appId int not null, versionId int default 0, type enum('image', 'url'), description text,