[AppDB] Let Maintainers add/delete screenshots with notification
( improvement.)
tony_lambregts at telusplanet.net
tony_lambregts at telusplanet.net
Wed Nov 10 23:02:03 CST 2004
I found out that there is a possiblity that users could overwrite someone elses screenshot this
will at least limit to there own app..
Change log: Let Maintainers add and delete screenshots and send an email notification when they do
Files changed: screenshots.php
-------------- next part --------------
Index: screenshots.php
===================================================================
RCS file: /home/wine/appdb/screenshots.php,v
retrieving revision 1.1.1.1
diff -u -r1.1.1.1 screenshots.php
--- screenshots.php 15 Mar 2004 16:22:00 -0000 1.1.1.1
+++ screenshots.php 11 Nov 2004 04:52:19 -0000
@@ -2,6 +2,7 @@
include("path.php");
require(BASE."include/"."incl.php");
+require(BASE."include/"."application.php");
global $current;
@@ -17,24 +18,95 @@
if($cmd)
{
- if(havepriv("admin") || 1) //FIXME should check ownsApp() again
+ if(havepriv("admin") || isMaintainer($appId, $versionId))
+ {
+ //process screenshot upload
+ if($cmd == "screenshot_upload")
+ {
+ if(!copy($imagefile, "data/screenshots/".$appId."-".$versionId."-".basename($imagefile_name)))
+ {
+ // whoops, copy failed. do something
+ errorpage('debug: copy failed; $imagefile; $imagefile_name');
+ exit;
+ }
+
+ $query = "INSERT INTO appData VALUES (null, $appId, $versionId, 'image', ".
+ "'".addslashes($screenshot_desc)."', '".$appId."-".$versionId."-".basename($imagefile_name)."')";
+
+ if(debugging()) { addmsg("<p align=center><b>query:</b> $query </p>",green); }
+
+ if (mysql_query($query))
+ {
+ //success
+ $email = getNotifyEmailAddressList($appId, $versionId);
+ if($email)
+ {
+ $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
+ $ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n";
+ $ms .= "\n";
+ $ms .= ($current->username ? $current->username : "Anonymous")." added screenshot ".$screenshot_desc." to ".$fullAppName."\n";
+ $ms .= "\n";
+ $ms .= STANDARD_NOTIFY_FOOTER;
+
+ mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
+
+ } else
+ {
+ $email = "no one";
+ }
+ addmsg("mesage sent to: ".$email, green);
+
+ addmsg("The image was successfully added into the database", "green");
+ redirect(apidb_fullurl("screenshots.php?appId=$appId&versionId=$versionId"));
+ }
+ else
+ {
+ //error
+ $statusMessage = "<p><b>Database Error!<br>".mysql_error()."</b></p>\n";
+ addmsg($statusMessage, "red");
+ }
+
+ } else
{
if($cmd == "delete")
- {
- $result = mysql_query("DELETE FROM appData WHERE id = $imageId");
- if($result)
- addmsg("Image deleted", "green");
- else
- addmsg("Failed to delete image: ".mysql_error(), "red");
- redirectref();
- exit;
- }
+ {
+ $result = mysql_query("DELETE FROM appData WHERE id = $imageId");
+ if($result)
+ {
+ $email = getNotifyEmailAddressList($appId, $versionId);
+ if($email)
+ {
+ $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
+ $ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n";
+ $ms .= "\n";
+ $ms .= ($current->username ? $current->username : "Anonymous")." deleted screenshot from ".$fullAppName."\n";
+ $ms .= "\n";
+ $ms .= STANDARD_NOTIFY_FOOTER;
+
+ mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
+
+ } else
+ {
+ $email = "no one";
+ }
+ addmsg("mesage sent to: ".$email, green);
+
+ addmsg("Image deleted", "green");
+ redirect(apidb_fullurl("screenshots.php?appId=$appId&versionId=$versionId"));
+
+ } else
+ {
+ addmsg("Failed to delete image: ".mysql_error(), "red");
+ redirect(apidb_fullurl("screenshots.php?appId=$appId&versionId=$versionId"));
+ }
+ }
}
+ }
exit;
}
$result = mysql_query("SELECT * FROM appData WHERE type = 'image' AND appId = $appId AND versionId = $versionId");
-if(!$result || !mysql_num_rows($result))
+if((!$result || !mysql_num_rows($result)) && (!havepriv("admin") && !isMaintainer($appId, $versionId)))
{
errorpage("No Screenshots Found","There are no screenshots currently linked to this application.");
exit;
@@ -43,57 +115,77 @@
{
apidb_header("Screenshots");
-
- echo html_frame_start("Screenshot Gallery",500);
-
- // display thumbnails
- $c = 1;
- echo "<div align=center><table><tr>\n";
- while($ob = mysql_fetch_object($result))
+ if($result && mysql_num_rows($result))
{
- //set img tag
- $imgSRC = '<img src="appimage.php?imageId='.$ob->id.'&width=128&height=128" border=0 alt="'.$ob->description.'">';
-
- //get image size
- $size = getimagesize("data/screenshots/".$ob->url);
-
- //generate random tag for popup window
- $randName = generate_passwd(5);
-
- //set image link based on user pref
- $img = '<a href="javascript:openWin(\'appimage.php?imageId='.$ob->id.'\',\''.$randName.'\','.$size[0].','.$size[1].');">'.$imgSRC.'</a>';
- if (loggedin())
- {
- if ($current->getpref("window:screenshot") == "no")
+ echo html_frame_start("Screenshot Gallery",500);
+
+ // display thumbnails
+ $c = 1;
+ echo "<div align=center><table><tr>\n";
+ while($ob = mysql_fetch_object($result))
+ {
+ //set img tag
+ $imgSRC = '<img src="appimage.php?imageId='.$ob->id.'&width=128&height=128" border=0 alt="'.$ob->description.'">';
+
+ //get image size
+ $size = getimagesize("data/screenshots/".$ob->url);
+
+ //generate random tag for popup window
+ $randName = generate_passwd(5);
+
+ //set image link based on user pref
+ $img = '<a href="javascript:openWin(\'appimage.php?imageId='.$ob->id.'\',\''.$randName.'\','.$size[0].','.$size[1].');">'.$imgSRC.'</a>';
+ if (loggedin())
{
- $img = '<a href="appimage.php?imageId='.$ob->id.'">'.$imgSRC.'</a>';
+ if ($current->getpref("window:screenshot") == "no")
+ {
+ $img = '<a href="appimage.php?imageId='.$ob->id.'">'.$imgSRC.'</a>';
+ }
}
- }
- //display image
- echo "<td>\n";
- echo html_frame_start(substr(stripslashes($ob->description),0,20),128,"",0);
- echo $img;
+ //display image
+ echo "<td>\n";
+ echo html_frame_start(substr(stripslashes($ob->description),0,20),128,"",0);
+ echo $img;
- //show admin delete link
- if(loggedin() && (havepriv("admin") || $current->ownsApp($appId)))
- {
- echo "<div align=center>[<a href='screenshots.php?cmd=delete&imageId=$ob->id'>Delete Image</a>]</div>";
- }
+ //show admin delete link
+ if(loggedin() && (havepriv("admin") || isMaintainer($appId, $versionId)))
+ {
+ echo "<div align=center>[<a href='screenshots.php?cmd=delete&imageId=$ob->id&appId=$appId&versionId=$versionId'>Delete Image</a>]</div>";
+ }
- echo html_frame_end(" ");
- echo "</td>\n";
+ echo html_frame_end(" ");
+ echo "</td>\n";
- //end row if counter of 3
- if ($c % 3 == 0) { echo "</tr><tr>\n"; }
+ //end row if counter of 3
+ if ($c % 3 == 0) { echo "</tr><tr>\n"; }
- $c++;
- }
- echo "</tr></table></div><br>\n";
-
+ $c++;
+ }
+ echo "</tr></table></div><br>\n";
- echo html_frame_end("Click thumbnail to view image in new window.");
+ echo html_frame_end("Click thumbnail to view image in new window.");
+ }
+ if(havepriv("admin") || isMaintainer($appId, $versionId))
+ {
+ //image upload box
+ echo '<form enctype="multipart/form-data" action="screenshots.php" name=imageForm method="post">',"\n";
+ echo html_frame_start("Upload Screenshot","400","",0);
+ echo '<table border=0 cellpadding=6 cellspacing=0 width="100%">',"\n";
+
+ echo '<tr><td class=color1>Image</td><td class=color0><input name="imagefile" type="file"></td></tr>',"\n";
+ echo '<tr><td class=color1>Description</td><td class=color0><input type="text" name="screenshot_desc"></td></tr>',"\n";
+
+ echo '<tr><td colspan=2 align=center class=color3><input type="submit" value="Send File"></td></tr>',"\n";
+
+ echo '</table>',"\n";
+ echo html_frame_end();
+ echo '<input type="hidden" name="MAX_FILE_SIZE" value="10000000">',"\n";
+ echo '<input type="hidden" name="cmd" value="screenshot_upload">',"\n";
+ echo '<input type="hidden" name="appId" value="'.$appId.'">',"\n";
+ echo '<input type="hidden" name="versionId" value="'.$versionId.'"></form>',"\n";
+ }
echo html_back_link(1);
apidb_footer();
More information about the wine-patches
mailing list