#!/usr/bin/perl -- # $Id: album_admin.pm,v 1.5 2004/09/13 15:28:10 bobbitt Exp $ ######################## START OF POD ######################## =head1 NAME album_admin.pm - Admin functions for album.pl. =head1 INFORMATION Author: Mike Bobbitt (Mike@Bobbitt.ca), Cipher Logic Canada Inc. For updates, instructions and examples see http://perl.bobbitt.ca/forums on the web. =head1 LICENSE This program is © 1999-2004 Cipher Logic Canada Inc. All Rights Reserved. As long as you leave this POD section and my contact info above in tact, feel free to use this as you see fit. You can pretty much do anything with this script except resell it. :) If you come up with any good modifications to it, please let me know. I'd love to fold your mod into the public version (with credit, of course). Good luck! =head1 SUBROUTINES =cut ######################## END OF POD ######################## ######################## START OF SUBROUTINES ######################## ########################################################################## =head3 showAdminMenu() $admin_menu=showAdminMenu($style); $style - 0 = Long menu (titles, all options - used at the top of photo/album pages); 1 = Short menu (no title, some options - used under thumbnails) $admin_menu - Variable to return completed Administration menu into. Returns the Administration menu, so it can be substituted into the template. =cut sub showAdminMenu { my $admin_menu; my $isadmin; my $stuff=""; my $link_stuff=""; my $style=shift; debug("Entering subroutine: showAdminMenu($style)",4,__LINE__,$::admin_module); $admin_menu=""; debug("\$::owner = $::owner",2,__LINE__,$::admin_module); debug("\$::loggedin = $::loggedin",2,__LINE__,$::admin_module); debug("\$::default_admins = $::default_admins",2,__LINE__,$::admin_module); debug("\$::textmenu = $::textmenu",2,__LINE__,$::admin_module); $isadmin=isAdmin(); $stuff=$::relpath; $link_stuff=$::link_relpath; # This shouldn't be required. passVars should load an album tag in, but it doesn't... $stuff.=$::webdelim; $link_stuff.=$::webdelim; if (isAPhotoOrJp2($::relpath) || isAMovie($::relpath)) { $stuff.="photo"; } else { $stuff.="album"; } $link_stuff.="url"; $stuff.="=$::relpath"; $link_stuff.="=$::link_relpath"; $stuff.=passVars(0); $link_stuff.=passVars(0); $stuff.="\" class=\"adminlink\">"; $link_stuff.="\" class=\"adminlink\">"; # Only proceed if allowed... That means: If we're printing an "abridged" menu, and the guy logged in owns the current object, or is a default admin and is logged in, or the admin function is being used. if ($isadmin) { debug("We're authorized to display the admin menu (\$isadmin=$isadmin)...",2,__LINE__,$::admin_module); # Print the short menu. The one that goes under the thumbnails. if ($style) { $admin_menu.="
"; # Edit if (($::allow_edit && $isadmin eq 2) || ($isadmin eq 1)) { $admin_menu.=""; } $admin_menu.=" "; } if ($::textmenu && (($::allow_edit && $::allow_edit && $isadmin eq 2) || ($isadmin eq 1))) { $admin_menu.=" $::S{98} "; } # Delete if (($::allow_delete && $isadmin eq 2) || ($isadmin eq 1)) { $admin_menu.=""; } $admin_menu.=" "; } if ($::textmenu && $isadmin) { $admin_menu.=" $::S{98} "; } # Move if (($::allow_move && $isadmin eq 2) || ($isadmin eq 1)) { $admin_menu.=""; } $admin_menu.=" "; } if ($::textmenu && isAPhotoOrJp2($::relpath) && $isadmin) { $admin_menu.=" $::S{98} "; } # Link if (($::allow_link && $isadmin eq 2) || ($isadmin eq 1)) { $admin_menu.=""; } $admin_menu.=""; } $admin_menu.=""; } else # Print the extended menu. The one that goes at the top of a page. { $admin_menu.=""; if ($::photo) { $admin_menu.="$::S{46}"; } if ($::album) { $admin_menu.="$::S{47}"; } $admin_menu.=" $::S{48}
"; # Album Admin Menu if ($::album) { # Create album $admin_menu.=""; if ($::textmenu) { $admin_menu.=$::S{246}; } else { $admin_menu.="\"$::S{246}\""; } $admin_menu.=" "; # For regular admins only if ($isadmin eq 1) { if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Update titles and descriptions $admin_menu.=""; if ($::textmenu) { $admin_menu.=$::S{247}; } else { $admin_menu.="\"$::S{247}\""; } $admin_menu.=""; } if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Upload if ($::allow_uploads) { $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{248}; } else { $admin_menu.="\"$::S{248}\""; } $admin_menu.=""; } # For regular admins only if ($isadmin eq 1) { if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Configuration management $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{249}; } else { $admin_menu.="\"$::S{249}\""; } $admin_menu.=""; if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Check for updates $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{250}; } else { $admin_menu.="\"$::S{250}\""; } $admin_menu.=""; } # Set Album Thumbnail if ($::album ne $::album_dir) { if ($::textmenu) { $admin_menu.=" $::S{98} "; } $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{251}; } else { $admin_menu.="\"$::S{251}\""; } $admin_menu.=""; } } # Photo Admin Menu if ($::photo) { # Edit $admin_menu.=""; if ($::textmenu) { $admin_menu.=$::S{43}; } else { $admin_menu.="\"$::S{43}\""; } $admin_menu.=""; if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Delete $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{44}; } else { $admin_menu.="\"$::S{44}\""; } $admin_menu.=""; if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Move if (($::allow_move && $isadmin eq 2) || ($isadmin eq 1)) { # Move $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{45}; } else { $admin_menu.="\"$::S{45}\""; } $admin_menu.=""; } if ($::textmenu) { $admin_menu.=" $::S{98} "; } # Link if (($::allow_link && $isadmin eq 2) || $isadmin eq 1) { # Link $admin_menu.=" "; if ($::textmenu) { $admin_menu.=$::S{308}; } else { $admin_menu.="\"$::S{308}\""; } $admin_menu.=""; } } } } else { debug("NOT authorized to display admin menu.",2,__LINE__,$::admin_module); } debug("Leaving subroutine: showAdminMenu($style)",4,__LINE__,$::admin_module); return($admin_menu); } ########################################################################## =head3 deleteObject() $delete_form=deleteObject($some_object,$mode); $delete_form - The HTML of the confirmation form, returned if $mode=1. $some_object - Relative name (from album_dir on) of object to delete. $mode - 0 = do it; 1 = show confirmation Deletes the selected object. =cut sub deleteObject { my $some_object=shift; my $mode=shift; my $some_thumb=$some_object; my $fullpath; my $temp; my $imgext; my $alb_thumb_ext; my $movieext; my @myfile_list; my $newfile; my $tempshortdesc; my $templongdesc; my $tempowner; my $tempfunction; my $delete_form; debug("Entering subroutine: deleteObject($some_object,$mode)",4,__LINE__,$::admin_module); # Get thumbnail name... # Change all \'s to /'s $some_thumb=~s/\\/\//g; # Drop the preceeding path $some_thumb=~s/(.*\/)(.*)/$2/; $fullpath=$1; $some_thumb=~s/(.*)\..*/$1/; $some_thumb="$fullpath$::thumbprefix$some_thumb"; # Check for photo extensions foreach $imgext (@::imgexts) { # Check lower case extensions $imgext="\L$imgext"; if (-e "$::album_dir/$some_thumb.$imgext") { $alb_thumb_ext=$imgext; } # Check upper case extensions $imgext="\U$imgext"; if (-e "$::album_dir/$some_thumb.$imgext") { $alb_thumb_ext=$imgext; } } # Check for movie extensions foreach $movieext (@::movieexts) { # Check lower case extensions $movieext="\L$movieext"; if (-e "$::album_dir/$some_thumb.$movieext") { $alb_thumb_ext=$movieext; } # Check upper case extensions $movieext="\U$movieext"; if (-e "$::album_dir/$some_thumb.$movieext") { $alb_thumb_ext=$movieext; } } # If there wasn't an extension found, then wildcard it for deletion if (!$alb_thumb_ext) { $alb_thumb_ext="*"; } # Add extension $some_thumb.=".$alb_thumb_ext"; if ($mode) { # Print confirmation form # Set temp=1 if it's a photo $temp=isAPhotoOrJp2($some_object); # Set temp=2 if it's a movie if (!$temp) { $temp=isAMovie($some_object); if ($temp) { $temp++; } } $delete_form.="

$::S{184} $some_object?
\n"; if ($temp) { $delete_form.="$some_thumb $::S{199}

\n"; } else { opendir(ENTRIES,"$::album_dir/$some_object") or error(__LINE__,"not_readable","$::album_dir/$some_object",$::admin_module); # Skip . and .. @myfile_list=grep !/^\.\.?$/,readdir ENTRIES; close(ENTRIES); $newfile=scalar(@myfile_list); debug("There are $newfile files in this directory.",2,__LINE__,$::admin_module); # Display list of files to be deleted, if there are any if ($newfile) { $delete_form.="
$::S{212}
\n"; foreach $newfile (@myfile_list) { $delete_form.="$newfile
\n"; } } } $delete_form.="

\n"; $delete_form.="\n"; $delete_form.="\n"; $fullpath=passVars(1); $delete_form.=$fullpath; $delete_form.=" \n"; $delete_form.="
\n"; # If it's a photo, show it. if ($temp eq 1) { $delete_form.="\"\"\n"; } return($delete_form); } else { $some_object="$::album_dir/$some_object"; $some_thumb="$::album_dir/$some_thumb"; # Pull out just the object $newfile=$some_object; $newfile=~s/(.*\/)(.*)/$2/; # No change? Then this must be a Win32 machine... if ($newfile eq $some_object) { $newfile=~s/(.*\\)(.*)/$2/; } # Pull off the path to the object $temp=$some_object; $temp=~s/(.*\/)(.*)/$1/; # No change? Then this must be a Win32 machine... if ($temp eq $some_object) { $temp=~s/(.*\\)(.*)/$1/; } # Get owner openDescfile($temp); # Save off old descriptions info $tempshortdesc=$::shortdesc; $templongdesc=$::longdesc; $tempowner=$::owner; $tempfunction=$::function; getDescription($newfile); debug("Deleting [$some_object] and it's thumbnail [$some_thumb]",2,__LINE__,$::admin_module); debug("Currently logged in user is $::loggedin",2,__LINE__,$::admin_module); debug("User who owns the object is $::owner",2,__LINE__,$::admin_module); debug("List of default admins: $::default_admins",2,__LINE__,$::admin_module); # Only do this if you're in admin mode, or if you're the owner of the thing, or if you're a default admin... if ($::function eq $::admin || (($::owner eq $::loggedin || $::default_admins=~/.*,$::loggedin,.*/) && $::loggedin)) { debug("Ok, we're going to delete this: $some_object",2,__LINE__,$::admin_module); if (-d $some_object) { opendir(ENTRIES,"$some_object") or error(__LINE__,"not_readable","$some_object",$::admin_module); # Skip . and .. @myfile_list=grep !/^\.\.?$/,readdir ENTRIES; close(ENTRIES); debug("$some_object is a directory.",2,__LINE__,$::admin_module); foreach $newfile (@myfile_list) { $newfile="$some_object/$newfile"; debug("Deleting $newfile",2,__LINE__,$::admin_module); if (!unlink("$newfile")) { print "$::S{150} $newfile $::S{185} -- $!
"; } } if (!rmdir($some_object)) { print "$::S{150} $some_object $::S{185} -- $!
"; } } else { debug("$some_object is a file.",2,__LINE__,$::admin_module); if (!unlink($some_object)) { print "$::S{150} $some_object $::S{185}"; } } # Delete Description debug("Deleting object $newfile in location $temp.",2,__LINE__,$::admin_module); require $::ratings_module; deleteDesc($newfile,$temp); # Delete thumbnail if (!unlink($some_thumb)) { # We found a specific thumbnail, but it wasn't deleted. if ($alb_thumb_ext ne "*") { print "$::S{150} $some_thumb $::S{185}"; } } # Kill the static HTML, if it's there unlink("$some_object.html"); unlink("$some_object/$::static_html_filename"); } else { print "$::S{150} $some_object $::S{186}"; } # Restore descriptions info $::shortdesc=$tempshortdesc; $::longdesc=$templongdesc; $::owner=$tempowner; $::function=$tempfunction; } debug("Leaving subroutine: deleteObject($some_object,$mode)",4,__LINE__,$::admin_module); } ########################################################################## =head3 moveObject() $move_form=moveObject($some_object,$mode,$moveto,$new_object); $move_form - The HTML of the confirmation form, returned if $mode=1. $some_object - Relative name (from album_dir on) of object to move. $mode - 0 = do it; 1 = show confirmation $moveto - The location to move the object to. $new_object - The new filesystem name for the moved/renamed object. Moves the selected object. =cut sub moveObject { my $some_object=shift; my $mode=shift; my $moveto=shift; my $new_object=shift; my $some_thumb=$some_object; my $new_thumb=$new_object; my $fullpath; my $temp; my $imgext; my $alb_thumb_ext; my $movieext; my $newfile; my $thumb_moveto; my $short_thumb; my $short_object; my $short_new_thumb; my $short_new_object; my $movedir; my $fromdir; my $tempshortdesc; my $templongdesc; my $tempowner; my $tempfunction; my $templevel; my $move_form; my $view_moveto=$moveto; debug("Entering subroutine: moveObject($some_object,$mode,$moveto,$new_object)",4,__LINE__,$::admin_module); # Turn $moveto into a full path $moveto="$::album_dir/$moveto"; # Get thumbnail name... # Change all \'s to /'s $some_thumb=~s/\\/\//g; $new_thumb=~s/\\/\//g; # Drop the preceeding path $some_thumb=~s/(.*\/)(.*)/$2/; $fullpath=$1; # To start with, the new filename is the smae as the old filename if (!$new_object) { $new_object=$some_thumb; } $new_thumb=~s/(.*\/)(.*)/$2/; $some_thumb=~s/(.*)\..*/$1/; $new_thumb=~s/(.*)\..*/$1/; $some_thumb="$fullpath$::thumbprefix$some_thumb"; $new_thumb="$fullpath$::thumbprefix$new_thumb"; # Check for photo extensions foreach $imgext (@::imgexts) { # Check lower case extensions $imgext="\L$imgext"; if (-e "$::album_dir/$some_thumb.$imgext") { $alb_thumb_ext=$imgext; } # Check upper case extensions $imgext="\U$imgext"; if (-e "$::album_dir/$some_thumb.$imgext") { $alb_thumb_ext=$imgext; } } # Check for movie extensions foreach $movieext (@::movieexts) { # Check lower case extensions $movieext="\L$movieext"; if (-e "$::album_dir/$some_thumb.$movieext") { $alb_thumb_ext=$movieext; } # Check upper case extensions $movieext="\U$movieext"; if (-e "$::album_dir/$some_thumb.$movieext") { $alb_thumb_ext=$movieext; } } # If there wasn't an extension found, then wildcard it for moving if (!$alb_thumb_ext) { $alb_thumb_ext="*"; } # Add extension $some_thumb.=".$alb_thumb_ext"; $new_thumb.=".$alb_thumb_ext"; # Print confirmation form if ($mode) { # Set temp=1 if it's a photo $temp=isAPhotoOrJp2($some_object); # Set temp=2 if it's a movie if (!$temp) { $temp=isAMovie($some_object); if ($temp) { $temp++; } } $move_form.="

$::S{218} $some_object?
\n"; if ($temp) { $move_form.="$some_thumb $::S{222}

\n"; } $move_form.="

\n"; $move_form.="$::S{223}
\n"; $move_form.="\n"; $move_form.="$::S{347}

\n"; $move_form.="\n"; $fullpath=passVars(1); $move_form.=$fullpath; $move_form.=" \n"; $move_form.=" \n"; $move_form.="

\n"; # If it's a photo, show it. if ($temp eq 1) { $move_form.="\"\"\n"; } return($move_form); } else # Actually move the object { $movedir="$moveto"; $short_thumb=$some_thumb; $short_new_thumb=$new_thumb; # Change all \'s to /'s $some_thumb=~s/\\/\//g; $new_thumb=~s/\\/\//g; # Drop the proceeding path $short_thumb=~s/(.*\/)(.*)/$2/; $short_new_thumb=~s/(.*\/)(.*)/$2/; $thumb_moveto="$moveto/$short_new_thumb"; $short_object=$some_object; $short_new_object=$new_object; # Change all \'s to /'s $short_object=~s/\\/\//g; $short_new_object=~s/\\/\//g; # Drop the proceeding path $short_object=~s/(.*\/)(.*)/$2/; $fromdir=$1; $short_new_object=~s/(.*\/)(.*)/$2/; # Still no change? Then there was no path at all... if ($short_object eq $some_object) { $fromdir=""; } $moveto.="/$short_new_object"; # Read the description for the file about to be moved openDescfile("$::album_dir/$fromdir"); # Save off old descriptions info $tempshortdesc=$::shortdesc; $templongdesc=$::longdesc; $tempowner=$::owner; $tempfunction=$::function; $templevel=$::this_level; getDescription($short_object); $some_object="$::album_dir/$some_object"; $new_object="$::album_dir/$new_object"; $some_thumb="$::album_dir/$some_thumb"; $new_thumb="$::album_dir/$new_thumb"; debug("Moving [$some_object] and it's thumbnail [$some_thumb] to [$moveto]",2,__LINE__,$::admin_module); debug("Currently logged in user is $::loggedin",2,__LINE__,$::admin_module); debug("User who owns the object is $::owner",2,__LINE__,$::admin_module); debug("List of default admins: $::default_admins",2,__LINE__,$::admin_module); # Only do this if you're in admin mode, or if you're the owner of the thing, or if you're a default admin... if ($::function eq $::admin || (($::owner eq $::loggedin || $::default_admins=~/.*,$::loggedin,.*/) && $::loggedin)) { debug("Ok, we're going to move this: $some_object here: $moveto",2,__LINE__,$::admin_module); if (!rename($some_object,$moveto)) { print "$::S{150} $some_object $::S{219}"; } # Delete description # Pull out just the object $newfile=$some_object; $newfile=~s/(.*\/)(.*)/$2/; # No change? Then this must be a Win32 machine... if ($newfile eq $some_object) { $newfile=~s/(.*\\)(.*)/$2/; } # Pull off the path to the object $temp=$some_object; $temp=~s/(.*\/)(.*)/$1/; # No change? Then this must be a Win32 machine... if ($temp eq $some_object) { $temp=~s/(.*\\)(.*)/$1/; } # Update description in new location require $::ratings_module; updateDesc($short_new_object,"$movedir/",$::shortdesc,$::longdesc,$::owner,$::this_level); # Delete Description debug("Deleting object $newfile in location $temp.",2,__LINE__,$::admin_module); require $::ratings_module; deleteDesc($newfile,$temp); # Move thumbnail if (!rename($some_thumb,$thumb_moveto)) { # We found a specific thumbnail, but it wasn't moved. if ($alb_thumb_ext ne "*") { print "$::S{150} $some_thumb $::S{219}"; } } # Kill the static HTML, if it's there unlink("$some_object.html"); unlink("$some_object/$::static_html_filename"); # *** Move the image views too! my $tempview; my $tempgoback; $tempgoback=$::goback; $::goback=$fromdir; $tempview=trackView($short_object,1); $::goback=$view_moveto; $tempview=trackView($short_new_object,3,$tempview); $::goback=$fromdir; $tempview=trackView($short_object,2); $::goback=$tempgoback; } else { print "$::S{150} $some_object $::S{220}"; } # Restore descriptions info $::shortdesc=$tempshortdesc; $::longdesc=$templongdesc; $::owner=$tempowner; $::function=$tempfunction; $::this_level=$templevel; } debug("Leaving subroutine: moveObject($some_object,$mode,$moveto,$new_object)",4,__LINE__,$::admin_module); } ########################################################################## =head3 linkObject() $link_form=linkObject($some_object,$mode,$linkto); $link_form - The HTML of the confirmation form, returned if $mode=1. $some_object - Relative name (from album_dir on) of object to link. $mode - 0 = do it; 1 = show confirmation $linkto - The location to link the object to, relative to album_dir. links the selected object. =cut sub linkObject { my $some_object=shift; my $mode=shift; my $linkto=shift; my $temp; my $newfile; my $short_object; my $linkdir; my $fromdir; my $tempshortdesc; my $templongdesc; my $tempowner; my $tempfunction; my $link_form; debug("Entering subroutine: linkObject($some_object,$mode,$linkto)",4,__LINE__,$::admin_module); # Turn $linkto into a full path $linkto="$::album_dir/$linkto"; # Print confirmation form if ($mode) { # Set temp=1 if it's a photo $temp=isAPhotoOrJp2($some_object); # Set temp=2 if it's a movie if (!$temp) { $temp=isAMovie($some_object); if ($temp) { $temp++; } } $link_form.="

$::S{310} $some_object?
\n"; $link_form.="

\n"; $link_form.="$::S{313}

\n"; $link_form.="\n"; $link_form.="\n"; $link_form.=passVars(1); $link_form.=" \n"; $link_form.=" \n"; $link_form.="

\n"; # If it's a photo, show it. if ($temp eq 1) { $link_form.="\"\"\n"; } return($link_form); } else # Actually link the object { $linkdir="$linkto"; $short_object=$some_object; # Change all \'s to /'s $short_object=~s/\\/\//g; # Drop the proceeding path $short_object=~s/(.*\/)(.*)/$2/; $fromdir=$1; # Still no change? Then there was no path at all... if ($short_object eq $some_object) { $fromdir=""; } $linkto.="/$short_object"; debug("Linking [$some_object] to [$linkto]",2,__LINE__,$::admin_module); debug("Currently logged in user is $::loggedin",2,__LINE__,$::admin_module); debug("List of default admins: $::default_admins",2,__LINE__,$::admin_module); # Only do this if you're in admin mode, or if you're a default admin... if ($::function eq $::admin || ($::default_admins=~/.*,$::loggedin,.*/ && $::loggedin)) { debug("Ok, we're going to link this: $some_object here: $linkto",2,__LINE__,$::admin_module); $linkto=~s/(.*)\..*/$1.$::linkext/; open(LINK,">$linkto") || print "$::S{150} $some_object $::S{311}"; print LINK "URL=$some_object"; close(LINK); } else { print "$::S{150} $some_object $::S{312}"; } } debug("Leaving subroutine: linkObject($some_object,$mode,$linkto)",4,__LINE__,$::admin_module); } ########################################################################## =head3 createAlbumForm() $create_form=createAlbumForm($createalbum); $create_form - The HTML for the Create Album form. $createalbum - The filesystem directory to create the album in. Displays the "create album" form. =cut sub createAlbumForm { my $data; my $create_form; my $createalbum=shift; if ($createalbum eq $::rootalbumname) { $createalbum="/"; } $data=passVars(1); $create_form=< $::S{187} $createalbum.

$::S{188} $data

HTML $create_form.=buildDescFooter(1); $create_form.=<

HTML return($create_form); } ########################################################################## =head3 createAlbum() $return_code=createAlbum($basedir,$directory,$newshortdesc,$newlongdesc,$newowner,$new_view_level,$mode); $return_code - Non-zero only if directory could not be created. $basedir - The location to create the new album, as an absolute filesystem path. $directory - The actual directory name for the album. $newshortdesc - Short description for new album. $newlongdesc - Long description for new album. $newowner - The owner of the album. $new_view_level - The membership level required to view this object $mode - 0 = No change; 1 = Force album creation, even if not an admin (for uploads) Creates $directory in $basedir, and updates the description with $newshortdesc and $newlongdesc. =cut sub createAlbum { my $basedir=shift; my $directory=shift; my $newshortdesc=shift; my $newlongdesc=shift; my $newowner=shift; my $new_view_level=shift; my $new_view_level; my $mode=shift; my $dirtomk; my $status; debug("Entering subroutine: createAlbum($basedir,$directory,$newshortdesc,$newlongdesc,$newowner,$new_view_level,$mode)",4,__LINE__,$::admin_module); # Check for tampering if ($basedir=~/^\\*\./ || $basedir=~/^\/*\./ || $directory=~/^\\*\./ || $directory=~/^\/*\./) { error(__LINE__,"sanity","$::S{84} $::S{14}.",$::admin_module); } # Prepend $::album_dir to $basedir for security reasons $basedir="$::album_dir/$basedir"; # Strip things down $dirtomk=$basedir; # Drop the preceeding path $dirtomk=~s/(.*\/)(.*)/$2/; # Get owner info openDescfile("$1/"); getDescription($2); # Force an authentication Authenticate(); if (!isAdmin() && !$mode) { debug("Not authorized (mode: $mode)!",4,__LINE__,$::admin_module); display(javaAlert($::S{296})); return(1); } # Set owner if not already set if (!$newowner) { $newowner=$::loggedin; } chomp($directory); $dirtomk="$basedir/$directory"; # If dir doesn't already exist, create it. if (!(-d $dirtomk)) { if (!mkdir($dirtomk,777)) { $status=1; } if (!chmod(0777,$dirtomk)) { $status=2; } # Update the description for this new album if ($newshortdesc || $newowner) { require $::ratings_module; updateDesc($directory,"$basedir/",$newshortdesc,$newlongdesc,$newowner,$new_view_level); } } else { print "$::S{150} $dirtomk $::S{189}"; } debug("Leaving subroutine: createAlbum($basedir,$directory,$newshortdesc,$newlongdesc,$newowner,$new_view_level,$mode)",4,__LINE__,$::admin_module); return($status); } ########################################################################## =head3 checkUpdate() checkUpdate(); Checks to see if there is a newer version of album.pl available. =cut sub checkUpdate { use IO::Socket; my $Sock; my $buf; my $query; my $remotever; my $remotedate; my $stripver; my @allinfo; my $revdate; my $quit; my $reghost="perl.Bobbitt.ca"; debug("Entering subroutine: checkUpdate()",4,__LINE__,$::admin_module); $Sock=IO::Socket::INET->new(PeerAddr=>$reghost,PeerPort=>80,Proto=>'tcp'); if (!$Sock) { display(javaAlert($::S{264})); return(); } $query="GET /cgi-bin/album_update.pl HTTP/1.0"; debug("Registration query: $query",3,__LINE__,$::admin_module); print $Sock "$query\n"; print $Sock "Accept-Language: en-us\n"; print $Sock "Content-Length: 0\n"; print $Sock "Accept: */*\n"; print $Sock "User-Agent: Mozilla/4.0 (compatible; Win32; WinHttp.WinHttpRequest.5)\n"; print $Sock "Host: $reghost\n"; print $Sock "Connection: Keep-Alive\n"; print $Sock "\n"; sleep(2); recv($Sock, $buf, 50000, 0); $buf=~s/\r//g; my @recs=split(/\n/, $buf); my $response; foreach (@recs) { $response=$_; } ($remotever,$remotedate)=split("\t",$response); debug("Update response: $response",3,__LINE__,$::admin_module); debug("Remote Version: [$remotever]",3,__LINE__,$::admin_module); debug("Remote Date: [$remotedate] {@recs}",3,__LINE__,$::admin_module); $stripver=$::ver; $stripver=~s/\D//g; @allinfo=stat($0); $revdate=$allinfo[9]; debug("Album Version: [$stripver] Available: [$remotever]",3,__LINE__,$::admin_module); debug("Album Date: [$revdate] Available: [$remotedate]",3,__LINE__,$::admin_module); $response=""; # Version check if ($remotever <= $stripver) { debug("Version is up to date.",3,__LINE__,$::admin_module); $response="$::S{253}"; } else { debug("Version is out of date.",3,__LINE__,$::admin_module); } # Date check if ($remotedate <= $revdate) { debug("Date is up to date.",3,__LINE__,$::admin_module); $response="$::S{253}"; } else { debug("Date is out of date.",3,__LINE__,$::admin_module); $response=""; } if (!$response) { $remotever=substr($remotever,0,1).".".substr($remotever,1,10); $stripver=substr($stripver,0,1).".".substr($stripver,1,10); $response="$::S{254}\\n\\n$::S{255} $stripver, $::S{256} ".localtime($revdate).".\\n$::S{257} $remotever, $::S{256} ".localtime($remotedate)."\\n\\n$::S{258} http://perl.Bobbitt.ca/album"; } debug("To display: $response",3,__LINE__,$::admin_module); display(javaAlert($response)); debug("Leaving subroutine: checkUpdate()",4,__LINE__,$::admin_module); } ########################################################################## =head3 showUserEdit() $html=showUserEdit(); $html - HTML for displaying the "edit users" box Returns the HTML used to display the "Edit Users" box =cut sub showUserEdit { my $html; my $vars=passVars(1); my $userlist; my $num=5; my $last; my $data; if ($::authentication_type ne 1) { return(); } # If auth_db doesn't already exist, create it. if (!(-e $::auth_db)) { open(AUTH_DB,">$::auth_db") || error(__LINE__,"open_db","$::auth_db",$::admin_module); close(AUTH_DB); } # Open auth_db open(AUTH_DB,$::auth_db) || error(__LINE__,"open_db","$::auth_db",$::admin_module); # First check if user exists while ($data=) { chomp($data); if ($data) { if ($last) { $userlist.="$last\n"; } $last=$data; $num++; } } if ($last) { $userlist.="$last"; } close(AUTH_DB); $html.=<$::S{300} $::S{302}

$::S{300} $vars

HTML return($html); } ########################################################################## =head3 updateUserList() updateUserList($userlist); $userlist - The list of users|passwords (in flatfile format) to update with Updates the auth_db with the provided list of users. =cut sub updateUserList { my $userlist=shift; # Open auth_db open(AUTH_DB,">$::auth_db") || error(__LINE__,"open_db","$::auth_db",$::admin_module); print AUTH_DB "$userlist"; close(AUTH_DB); } ########################################################################## =head3 getUserList() getUserList(); Reads the entire userlist as defined in the config, and returns it in an "HTML drop list" format =cut sub getUserList { use strict; my $html; my $myusername; my $mydisplayname; my $data; my $storedpass; my $dbi_fail; my $memberslist; my @userlist; # No auth type used if (!$::authentication_type) { return(); } $html=< HTML # Flatfile authentication if ($::authentication_type eq 1) { # Open the text database open(AUTH_DB,$::auth_db) || error(__LINE__,"open_db","$::auth_db",$::admin_module); # First check if user exists while () { chomp; ($mydisplayname,$storedpass)=split('\|',$_); chomp($mydisplayname); chomp($storedpass); if ($mydisplayname) { $html.="