method, "list")) { $force = "true" === $_REQUEST['force_update'] ? true : false; csSYNOPhotoDB::GetDBInstance()->SetSessionCache($force); session_write_close(); $this->AlbumList(); } elseif (!strcasecmp($this->method, "getinfo")) { csSYNOPhotoDB::GetDBInstance()->SetSessionCache(); session_write_close(); $this->GetInfo(); } else { csSYNOPhotoDB::GetDBInstance()->SetSessionCache(true); csSYNOPhotoMisc::CheckSessionTimeOut(true); if (!strcasecmp($this->method, "create")) { $this->Create(); } elseif (!strcasecmp($this->method, "edit")) { $this->Edit(); } elseif (!strcasecmp($this->method, "delete")) { csSYNOPhotoDB::GetDBInstance()->ExpireSessionCache(); session_write_close(); $this->Delete(); } elseif (!strcasecmp($this->method, "move")) { csSYNOPhotoDB::GetDBInstance()->ExpireSessionCache(); session_write_close(); $this->Move(); } elseif (!strcasecmp($this->method, "arrangeitem")) { $this->ArrangeItem(); } elseif (!strcasecmp($this->method, "cleararrangeitem")) { $this->ClearArrangeItem(); } elseif (!strcasecmp($this->method, "cancel")) { session_write_close(); $this->Cancel(); } } } private function GetParams_Info() { $params = array(); if (!isset($_REQUEST['id']) || '' === $_REQUEST['id']) { $params['id'] = null; // null means shared root folder } else { $split = explode(',', $_REQUEST['id']); $params['id'] = array(); foreach ($split as $albumID) { $id = $this->DecodeItemId($albumID, 'album_'); if (false === $id) { return false; } $params['id'][$albumID] = $id; } } $params['password'] = (isset($_REQUEST['password'])) ? $_REQUEST['password'] : null; $params['additional'] = explode(',', $_REQUEST['additional']); $params['ignore'] = explode(',', $_REQUEST['ignore']); return $params; } private function GetParams_Create_Edit() { $params = array(); $params['name'] = $_REQUEST['name']; $params['id'] = null; // null means shared root folder if (isset($_REQUEST['id']) && '' !== $_REQUEST['id']) { $id = $this->DecodeItemId($_REQUEST['id'], 'album_'); if (false === $id) { return false; } $params['id'] = $id; } $params['title'] = (isset($_REQUEST['title'])) ? $_REQUEST['title'] : null; $params['description'] = (isset($_REQUEST['description'])) ? $_REQUEST['description'] : null; $params['inheritParent'] = (isset($_REQUEST['inheritParent']) && 'true' === $_REQUEST['inheritParent']) ? true : false; $params['sort_by'] = (isset($_REQUEST['sort_by'])) ? $_REQUEST['sort_by'] : null; if ((null !== $params['sort_by']) && !in_array($params['sort_by'], array('filename', 'takendate', 'createdate', 'preference', 'default'))) { return false; } $params['sort_direction'] = (isset($_REQUEST['sort_direction'])) ? $_REQUEST['sort_direction'] : null; if ((null !== $params['sort_direction']) && !in_array($params['sort_direction'], array('asc', 'desc'))) { return false; } $params['allow_comment'] = (isset($_REQUEST['allow_comment'])) ? $_REQUEST['allow_comment'] : null; if ((null !== $params['allow_comment']) && !in_array($params['allow_comment'], array('true', 'false'))) { return false; } $params['type'] = (isset($_REQUEST['type'])) ? $_REQUEST['type'] : null; if ((null !== $params['type']) && !in_array($params['type'], array('public', 'private', 'password'))) { return false; } $params['password'] = (isset($_REQUEST['password'])) ? $_REQUEST['password'] : null; $params['conversion'] = (isset($_REQUEST['conversion'])) ? $_REQUEST['conversion'] : null; if ((null !== $params['conversion']) && !in_array($params['conversion'], array('true', 'false'))) { return false; } return $params; } private function GetTagIdString($tags) { $arr = explode(',', $tags); $idArr = array(); foreach ($arr as $tag) { $split = explode('tag_', $tag); if (2 !== count($split)) { return Error; } array_push($idArr, $split[1]); } $idString = implode(',', $idArr); Error: return $idString; } private function GetAlbumString($albums) { $params = array(); $idArr = array(); $idString = ''; $items = explode(',', $albums); foreach($items as $item) { $arr = explode('_', $item); if (2 !== count($arr) || 'album' !== $arr[0]) { return $idString; } $shareName = trim($arr[1]); if ('' !== $shareName) { $shareName = pack('H*', $arr[1]); array_push($params, $shareName); } } $albums = Album::GetBySharename($params); foreach ($albums as $album) { $id = $album['shareid']; array_push($idArr, $id); } $idString = implode(',', $idArr); return $idString; } private function GetExifString($values, $prefix) { $arr = explode(',', $values); $idString = ''; $idArr = array(); foreach($arr as $value) { $split = explode($prefix, $value); if (2 !== count($split)) { goto Error; } array_push($idArr, $split[1]); } $idString = implode(',', $idArr); Error: return $idString; } private function GetParams_list() { $params = array(); if (!isset($_REQUEST['offset']) || !isset($_REQUEST['limit']) || !isset($_REQUEST['type'])) { // FIXME - filter type return false; } $params['offset'] = $_REQUEST['offset']; $params['limit'] = $_REQUEST['limit']; $params['type'] = array(); $arr = explode(',', $_REQUEST['type']); foreach ($arr as $item) { if (!in_array($item, array('album', 'photo', 'video'))) { return false; } array_push($params['type'], $item); } $params['id'] = (isset($_REQUEST['id'])) ? $_REQUEST['id'] : null; // null means shared root folder $params['albumName'] = '/'; if (isset($_REQUEST['id'])) { $split = explode('_', $_REQUEST['id']); // ex: album_id $params['id'] = $split[1]; $params['albumName'] = @pack('H*', $split[1]); } $params['password'] = (isset($_REQUEST['password'])) ? $_REQUEST['password'] : null; $params['ignore'] = explode(',', $_REQUEST['ignore']); // additional operator $params['additional'] = array(); $params['additional'] = explode(',', $_REQUEST['additional']); // sort operator $params['sort_by'] = isset($_REQUEST['sort_by']) ? $_REQUEST['sort_by'] : 'preference'; if (!in_array($params['sort_by'], array('filename', 'takendate', 'createdate', 'preference', 'mtime'))) { return false; } if (!isset($_REQUEST['sort_direction'])) { $value = csSYNOPhotoMisc::GetConfigDB("album", "thumb_sort_order", "photo_config"); $params['sort_direction'] = AlbumAPIUtil::ConvertToSortDirection($value); } else { $params['sort_direction'] = $_REQUEST['sort_direction']; } if (!in_array($params['sort_direction'], array('asc', 'desc'))) { return false; } // filter operator $params['keyword'] = (isset($_REQUEST['keyword'])) ? $_REQUEST['keyword'] : null; if (isset($_REQUEST['keyword'])) { $default = 'all'; $params['keyword_op'] = (isset($_REQUEST['keyword_op'])) ? $_REQUEST['keyword_op'] : $default; if (isset($params['keyword_op']) && !in_array($params['keyword_op'], array('any', 'all', 'exact'))) { return false; } } $params['date'] = (isset($_REQUEST['date'])) ? $_REQUEST['date'] : null; if (isset($_REQUEST['date'])) { $default = 'taken'; $params['date_op'] = (isset($_REQUEST['date_op'])) ? $_REQUEST['date_op'] : $default; if (isset($params['date_op']) && !in_array($params['date_op'], array('taken', 'upload', 'recently_add', 'recently_comment'))) { return false; } } $params['people_tag'] = (isset($_REQUEST['people_tag'])) ? $_REQUEST['people_tag'] : null; if (isset($_REQUEST['people_tag'])) { $params['people_tag'] = $this->GetTagIdString($_REQUEST['people_tag']); $default = 'all'; $params['people_tag_op'] = (isset($_REQUEST['people_tag_op'])) ? $_REQUEST['people_tag_op'] : $default; if (isset($params['people_tag_op']) && !in_array($params['people_tag_op'], array('all', 'any'))) { return false; } } $params['geo_tag'] = (isset($_REQUEST['geo_tag'])) ? $_REQUEST['geo_tag'] : null; if (isset($_REQUEST['geo_tag'])) { $params['geo_tag'] = $this->GetTagIdString($_REQUEST['geo_tag']); $default = 'all'; $params['geo_tag_op'] = (isset($_REQUEST['geo_tag_op'])) ? $_REQUEST['geo_tag_op'] : $default; if (isset($params['geo_tag_op']) && !in_array($params['geo_tag_op'], array('all', 'any'))) { return false; } } $params['desc_tag'] = (isset($_REQUEST['desc_tag'])) ? $_REQUEST['desc_tag'] : null; if (isset($_REQUEST['desc_tag'])) { $params['desc_tag'] = $this->GetTagIdString($_REQUEST['desc_tag']); $default = 'all'; $params['desc_tag_op'] = (isset($_REQUEST['desc_tag_op'])) ? $_REQUEST['desc_tag_op'] : $default; if (isset($params['desc_tag_op']) && !in_array($params['desc_tag_op'], array('all', 'any'))) { return false; } } $params['albums'] = (isset($_REQUEST['albums'])) ? $_REQUEST['albums'] : null; if (isset($_REQUEST['albums'])) { $params['albums'] = $this->GetAlbumString($_REQUEST['albums']); } foreach(SmartAlbum::$exif2IdPrefix as $label => $value) { if (isset($_REQUEST[$label])) { $op = $label.'_op'; $params[$label] = $this->GetExifString($_REQUEST[$label], $value.'_'); $defaultOp = 'any'; $params[$op] = (isset($_REQUEST[$op])) ? $_REQUEST[$op] : $default; if (isset($params[$op]) && 'any' !== $params[$op]) { return false; } } } return $params; } private function GetParams_ArrangeItem() { if (!isset($_REQUEST['offset']) || !isset($_REQUEST['limit']) || !isset($_REQUEST['item_id'])) { return false; } $params = array(); $params['id'] = (isset($_REQUEST['id'])) ? $_REQUEST['id'] : null; // null means shared root folder if (null !== $params['id'] && '' !== $params['id']) { $split = explode('_', $params['id']); // ex: 'album_id' if (2 !== count($split)) { return false; } if ('album' !== $split[0]) { return false; } $params['albumName'] = @pack('H*', $split[1]); } else { $params['albumName'] = '/'; } $params['offset'] = $_REQUEST['offset']; $params['limit'] = $_REQUEST['limit']; $params['item_id'] = array(); $params['item_name'] = array(); $items = explode(',', $_REQUEST['item_id']); // item must be photo or video, and make sure album must be ahead of photo and video foreach ($items as $item) { $arr = explode('_', $item); if (!in_array($arr[0], array('album', 'photo', 'video'))) { return false; } if ('photo' === $arr[0] || 'video' === $arr[0]) { $filename = @pack('H*', $arr[2]); array_push($params['item_name'], $filename); } elseif ('album' === $arr[0]) { $foldername = @pack('H*', $arr[1]); array_push($params['item_name'], basename($foldername).SYNOPHOTO_USER_SORT_ALBUM_SYMBOL); } } $params['item_id'] = $items; return $params; } private function GetParams_ClearArrangeItem() { $params = array(); $params['id'] = (isset($_REQUEST['id'])) ? $_REQUEST['id'] : null; // null means shared root folder if (null !== $params['id'] && '' !== $params['id']) { $split = explode('_', $params['id']); // ex: 'album_id' if (2 !== count($split)) { return false; } if ('album' !== $split[0]) { return false; } $params['albumName'] = @pack('H*', $split[1]); } else { $params['albumName'] = '/'; } return $params; } private function ConvertSmartCondition($params) { $matchPattern = array('id', 'keyword', 'keyword_op', 'date', 'date_op', 'people_tag', 'people_tag_op', 'geo_tag', 'geo_tag_op', 'desc_tag', 'desc_tag_op', 'albums'); $formatPattern = array('dir', 'k', 'k_op', 'd', 'd_op', 'pt', 'pt_op', 'gt', 'gt_op', 'dt', 'dt_op', 'albums'); $condition = array(); foreach($matchPattern as $field) { if (isset($params[$field])) { $index = array_keys($matchPattern, $field); $condition[$formatPattern[$index[0]]] = $params[$field]; } } foreach(SmartAlbum::$exif2IdPrefix as $label => $value) { if (isset($params[$label])) { $condition[$label] = $params[$label]; $op = $label.'_op'; $condition[$op] = $params[$op]; } } return $condition; } private function CheckRootSharedFolder($sharePath) { if ('' === $sharePath) { return true; } return false; } private function CheckAlbumAccessRight($sharePath, $password) { $ret = WEBAPI_ERR_NONE; // admin if (isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user'])) { return WEBAPI_ERR_NONE; } // not root share folder if (!$this->CheckRootSharedFolder($sharePath)) { $albumInfo = csSYNOPhotoDB::GetDBInstance()->GetAlbum($sharePath); if (empty($albumInfo['password'])) { // Check accessible if (!csSYNOPhotoMisc::CheckAlbumAccessible($sharePath)) { $ret = PHOTOSTATION_ALBUM_NO_ACCESS_RIGHT; } } else { if (!isset($_SESSION[SYNOPHOTO_ADMIN_USER]['password_pass_album'][$sharePath])) { if ((md5($password) !== $albumInfo['password'])) { $ret = PHOTOSTATION_ALBUM_PASSWORD_ERROR; } else { csSYNOPhotoMisc::PhotoSessionStart(); $_SESSION[SYNOPHOTO_ADMIN_USER]['password_pass_album'][$sharePath] = md5($password); session_write_close(); } } } } return $ret; } private function FormItems($itemList, $params) { $items = array(); $allowComment = AlbumAPIUtil::IsAlbumCommentalbGlobal(); $showAlbumHit = AlbumAPIUtil::IsShowAlbumHit(); $needThumbSize = in_array('thumb_size', $params['additional']); $types = array(0 => 'album', 1 => 'photo', 2 => 'video'); $conversionDirs = array(); $decorator = array( 'album' => 'Decorator::AlbumFormula', 'photo' => 'Decorator::PhotoFormula', 'video' => 'Decorator::VideoFormula' ); foreach($itemList['items'] as $item_node) { $type = $types[$item_node['itemType']]; $func = $decorator[$type]; $item = array(); if ($func) { $item = call_user_func($func, $item_node, array( 'allowComment' => $allowComment, 'showAlbumHit' => $showAlbumHit, 'param' => $params, 'needThumbSize' => $needThumbSize )); } $items[] = $item; } return $items; } private function GetAlbumShareName($value) { if (empty($value)) { return false; } $shareNameList = array(); $albumIDs = explode(',', $value); foreach ($albumIDs as $albumID) { $arr = explode('album_', $albumID); if (2 !== count($arr)) { return false; } $albumName = trim(@pack('H*', $arr[1])); if (!$albumName || '/' === $albumName) { return false; } array_push($shareNameList, $albumName); } return $shareNameList; } private function GetInfo() { // Get and check params $params = array(); $params = $this->GetParams_Info(); if (!$params) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } $needThumbSize = in_array('thumb_size', $params['additional']); $items = array(); if (null === $params['id']) { $item = AlbumAPIUtil::GetRootAlbumInfo($params); array_push($items, $item); } else { $allowComment = AlbumAPIUtil::IsAlbumCommentalbGlobal(); $showHits = AlbumAPIUtil::IsShowAlbumHit(); $albums = Album::GetBySharename(array_values($params['id'])); foreach ($params['id'] as $id => $shareName) { $item = Decorator::AlbumFormula($albums[$shareName], array( 'allowComment' => $allowComment, 'showAlbumHit' => $showHits, 'needThumbSize' => $needThumbSize, 'param' => $params )); array_push($items, $item); } } $resp['items'] = $items; $this->SetResponse($resp); End: return; } private function AlbumList() { // Get and check params $params = array(); $params = $this->GetParams_list(); if (!$params) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } $sharePath = @pack('H*', $params['id']); // Check access right if (WEBAPI_ERR_NONE != ($error_code = $this->CheckAlbumAccessRight($sharePath, $params['password']))) { $this->SetError($error_code); goto End; } $hasExifCond = false; foreach(SmartAlbum::$exif2IdPrefix as $label => $value) { if (isset($params[$label])) { $hasExifCond = true; break; } } // search operator $itemsSort = array(); if (isset($params['keyword']) || isset($params['date']) || isset($params['people_tag']) || isset($params['geo_tag']) || isset($params['desc_tag']) || isset($params['albums']) || $hasExifCond) { $smart_condition = $this->ConvertSmartCondition($params); $itemList = csSYNOPhotoBrowse::GetBrowseInstance()->GetSearchThumbList_new($smart_condition, $params['offset'], $params['limit']); // filter type $filterItems = AlbumAPIUtil::FilterByType($itemList['items'], $params['type']); $total = $itemList['itemCount']; // FIXME - sorting for search operator $itemsSort['items'] = $filterItems; } else { // album operator csSYNOPhotoMisc::PhotoSessionStart(); $_SESSION[SYNOPHOTO_ADMIN_USER]['album_thumb_sort_by'] = $params['sort_by']; $_SESSION[SYNOPHOTO_ADMIN_USER]['album_thumb_sort_order'] = $params['sort_direction']; if (isset($params['id'])) { csSYNOPhotoAlbum::GetAlbumInstance()->AddHitTimes($sharePath); } session_write_close(); $itemsSort = array(); $itemsSort = csSYNOPhotoBrowse::GetBrowseInstance()->GetThumbList_New(isset($params['id']) ? $sharePath : '/', (int)$params['offset'], (int)$params['limit'], $params['sort_by'], $params['sort_direction'], !in_array('album', $params['type']), !in_array('video', $params['type']), !in_array('photo', $params['type'])); $total = $itemsSort['itemCount']; } $resp = array(); $resp['total'] = $total; $offset = (0 > (int)$params['limit']) ? $resp['total'] : $params['offset'] + $params['limit']; $resp['offset'] = ($offset > $resp['total']) ? $resp['total'] : $offset; $resp['items'] = $this->FormItems($itemsSort, $params); $this->SetResponse($resp); End: return; } private function Create() { if (!isset($_REQUEST['name'])) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // name can't include [.] start or [\/:*?<>|] if (preg_match('/[\\\\\/:\*\?<>\|]/', $_REQUEST['name'], $matches) || preg_match('/^\./', $_REQUEST['name'], $matches)) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // Get and check params $params = array(); $params = $this->GetParams_Create_Edit(); if (!$params) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // get parent share name $parentShareName = null === $params['id'] ? '' : $params['id']; $ret = AlbumAPIUtil::SYNOPHOTO_ADMIN_AddAlbum($parentShareName, $params); $username = GetLoginUsername(); $parentShareName = $parentShareName === '' ? '/' : $parentShareName; if (is_numeric($ret) && $ret < 0) { PhotoLog::Add("Failed to create album [".$_REQUEST['name']."] in [".$parentShareName."].", false, strtolower($username)); } else { PhotoLog::Add("Album [".$_REQUEST['name']."] was created in [".$parentShareName."].", true, strtolower($username)); } if (-1 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_CREATE_FAIL); goto End; } elseif (-2 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_NO_UPLOAD_RIGHT); goto End; } elseif (-3 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_NOT_ADMIN); goto End; } elseif (-4 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_HAS_EXIST); goto End; } $row = csSYNOPhotoDB::GetDBInstance()->GetFieldByKeyValue('sharename', 'photo_share', 'shareid', $ret); $resp['id'] = $this->EncodeItemId($row['sharename'], "album_"); $this->SetResponse($resp); End: return; } private function Delete() { if (!isset($_REQUEST['id'])) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } if (false === ($shareNameList = $this->GetAlbumShareName($_REQUEST['id']))) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } $cancelPath = PHOTO_ACTION_TMP.md5(PHOTO_ACTION_ALBUM_DEL_KEY.$_REQUEST['id']); $failCount = 0; foreach ($shareNameList as $shareName) { self::OutputSingleSpace(); if (file_exists($cancelPath)) { @unlink($cancelPath); break; } $dirName = dirname($shareName); $dirName = ('.' === $dirName) ? '/' : $dirName; if (!csSynoPhotoMisc::CheckAlbumManageable($dirName)) { $failCount++; continue; } $result = Album::DeleteOneBySharename($shareName); if (!$result[0]) { continue; } PhotoLog::Add("Album [".$shareName."] was deleted.", true, strtolower(GetLoginUsername())); } if ($failCount === count($shareNameList)) { $this->SetError(PHOTOSTATION_ALBUM_NO_MANAGE_RIGHT); goto End; } SYNOPHOTO_LABEL_UTIL_Check_Photo_Label(); End: return; } private function Edit() { // Get and check params $params = array(); $params = $this->GetParams_Create_Edit(); if (!$params || null === $params['id']) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } $shareName = $params['id']; $ret = AlbumAPIUtil::SYNOPHOTO_ADMIN_UpdateAlbum($shareName, $params); if (-1 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_EDIT_FAIL); goto End; } elseif (-2 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_NO_MANAGE_RIGHT); goto End; } elseif (-3 === $ret) { $this->SetError(PHOTOSTATION_ALBUM_NOT_ADMIN); goto End; } End: return; } private function GetParams_Move() { $param = array(); /* return when lack of params */ if (!isset($_REQUEST['id']) || !isset($_REQUEST['sharepath']) || !isset($_REQUEST['duplicate'])) { return array(false, WEBAPI_ERR_BAD_REQUEST); } /* set params */ if (preg_match('/^album_/', $_REQUEST['sharepath'])) { $sharepath = trim($this->DecodeItemId($_REQUEST['sharepath'], "album_")); } else { $sharepath = trim(@pack('H*', $_REQUEST['sharepath'])); } // $sharepath could be empty $dirpath = pathinfo($sharepath, PATHINFO_DIRNAME); if (!$dirpath || '.' === $dirpath) { $dirpath = ''; } $destDirs = array(); $checkDestDir = $sharepath; while('.' !== $checkDestDir && '' !== $checkDestDir) { $destDirs[] = $checkDestDir; $checkDestDir = pathinfo($checkDestDir, PATHINFO_DIRNAME); } $requestIds = explode(',', $_REQUEST['id']); $ids = array(); foreach($requestIds as $idStr) { $id_arr = explode('_', $idStr); $albumName = trim(@pack('H*', $id_arr[1])); if (!$albumName || '/' === $albumName) { return array(false, WEBAPI_ERR_BAD_REQUEST); } $sourceDir = pathinfo($albumName, PATHINFO_DIRNAME); if ('.' === $sourceDir) { $sourceDir = ''; } // dir(source) === dest if ($sharepath === $sourceDir) { return array(false, PHOTOSTATION_ALBUM_SELECT_CONFLICT); } // dest's parent !== dest if (in_array($albumName, $destDirs)) { return array(false, PHOTOSTATION_ALBUM_SELECT_CONFLICT); } $ids[] = $albumName; } $param['destShareName'] = $sharepath; $param['isOverwrite'] = 'overwrite' === $_REQUEST['duplicate'] ? true : false; $param['id'] = $ids; return array(true, $param); } private function Move() { $ret = false; $param_res = $this->GetParams_Move(); if (!$param_res[0]) { $this->SetError($param_res[1]); goto End; } $param = $param_res[1]; if ('' !== $param['destShareName']) { $destPath = SYNOPHOTO_SERVICE_REAL_DIR . "/" . $param['destShareName']; } else { $destPath = SYNOPHOTO_SERVICE_REAL_DIR . "/"; } if (!csSynoPhotoMisc::CheckPathValid($destPath)) { $this->SetError(PHOTOSTATION_PHOTO_BAD_PARAMS); goto End; } if (!csSynoPhotoMisc::CheckAlbumUploadable('' == $param['destShareName'] ? '/' : $param['destShareName'])) { $this->SetError(PHOTOSTATION_ALBUM_NO_MANAGE_RIGHT); goto End; } $destShareData = array(); $destShareData['shareid'] = -1; if ($_REQUEST['sharepath'] == '') { $destShareData['sharename'] = ''; $albums = Album::GetBySharename(array('/'), true); $row = $albums['/']; } else { $destShareData['sharename'] = $param['destShareName']; $albums = Album::GetBySharename(array($destShareData['sharename']), true); $row = $albums[$destShareData['sharename']]; } if($row) { $destShareData['shareid'] = $row['shareid']; $destShareData['public'] = $row['public']; $destShareData['password'] = $row['password']; $destShareData['comment'] = $row['comment']; } $cancelPath = PHOTO_ACTION_TMP.md5(PHOTO_ACTION_ALBUM_MOVE_KEY.$_REQUEST['id']); $skip = array(); foreach ($param['id'] as $albumName) { self::OutputSingleSpace(); if (file_exists($cancelPath)) { @unlink($cancelPath); break; } $path = SYNOPHOTO_SERVICE_REAL_DIR . "/" . $albumName; if (!csSynoPhotoMisc::CheckPathValid($path)) { continue; } $ret = SYNOPHOTO_ADMIN_MoveOneAlbum($destShareData, $albumName, $param['isOverwrite']); // skip this album if (1 === $ret) { $skip[] = $this->EncodeItemId($albumName, "album_"); } } $ret = true; $resp = array( 'skip' => $skip ); $this->SetResponse($resp); End: return $ret; } private function ArrangeItem() { if (false === ($params = $this->GetParams_ArrangeItem())) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // chack permission if (!csSynoPhotoMisc::CheckAlbumManageable($params['albumName'])) { $this->SetError(PHOTOSTATION_ALBUM_NO_MANAGE_RIGHT); goto End; } // get sort_by and sort_direction $sort_by = $_SESSION[SYNOPHOTO_ADMIN_USER]['album_thumb_sort_by']; if (empty($sort_by)) { $value = csSYNOPhotoMisc::GetConfigDB("album", "thumb_sort_type", "photo_config"); $sort_by = AlbumAPIUtil::ConvertToSortName($value); } $sort_direction = $_SESSION[SYNOPHOTO_ADMIN_USER]['album_thumb_sort_order']; if (empty($sort_direction)) { $value = csSYNOPhotoMisc::GetConfigDB("album", "thumb_sort_order", "photo_config"); $sort_direction = AlbumAPIUtil::ConvertToSortDirection($value); } // get original path list $pathList = csSYNOPhotoBrowse::GetBrowseInstance()->GetList_new($params['albumName'], 0, -1, $sort_by, $sort_direction, false, false, false); $totalCount = $pathList['totalCount']; // adjust offset and limit $offset = $params['offset']; $limit = (-1 === (int)$params['limit']) ? (int)$totalCount : (int)$params['limit']; if ($offset >= $totalCount || $limit != count($params['item_name'])) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // get original name list $nameList = array(); foreach ($pathList['list'] as $path => $itemType) { $name = (SYNOPHOTO_ITEM_TYPE_ALBUM === $itemType) ? basename($path).SYNOPHOTO_USER_SORT_ALBUM_SYMBOL : basename($path); $nameList[] = $name; } // get sort name list array_splice($nameList, $offset, $limit, $params['item_name']); $sortNameList = $nameList; // make sure album must be ahead of photo and video $blHavePhotoVideoItem = false; $blPhotoVideoAheadAlbum = false; foreach ($sortNameList as $name) { if ('/' === $name[strlen($name)-1]) { if ($blHavePhotoVideoItem) { $blPhotoVideoAheadAlbum = true; break; } } else { $blHavePhotoVideoItem = true; } } if ($blPhotoVideoAheadAlbum) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } // seve to conf $data['type'] = AlbumAPIUtil::ConvertToSortCode('preference'); $data['list'] = $sortNameList; csSYNOPhotoAlbum::GetAlbumInstance()->SaveAlbumThumbSortType($params['albumName'], $data); End: return; } private function ClearArrangeItem() { if (false === ($params = $this->GetParams_ClearArrangeItem())) { $this->SetError(WEBAPI_ERR_BAD_REQUEST); goto End; } $albumName = $params['albumName']; // chack permission if (!csSynoPhotoMisc::CheckAlbumManageable($albumName)) { $this->SetError(PHOTOSTATION_ALBUM_NO_MANAGE_RIGHT); goto End; } //remove sort file directly in PS6 if ('/' === $albumName) { $fullDirPath = SYNOPHOTO_SERVICE_REAL_DIR; $sortFile = $fullDirPath . '/' . SYNOPhotoEA::SYNO_EA_DIR . '/' . SYNOPhotoEA::getFilename(SYNOPhotoEA::FILE_ALBUM_SORT); } else { $fullDirPath = sprintf("%s/%s", SYNOPHOTO_SERVICE_REAL_DIR, $albumName); if (false === SYNOPhotoEA::checkFilePath($fullDirPath, SYNOPhotoEA::FILE_ALBUM_SORT, $sortFile)) { goto End; } } @unlink($sortFile); End: return; } private function Cancel() { $ret = false; $resp = array(); /* return when lack of params */ if (!isset($_REQUEST['id']) || !isset($_REQUEST['action'])) { $this->SetError(PHOTOSTATION_PHOTO_BAD_PARAMS); goto End; } if ('mvcp' === $_REQUEST['action']) { $key = PHOTO_ACTION_ALBUM_MOVE_KEY; } else if ('delete' === $_REQUEST['action']) { $key = PHOTO_ACTION_ALBUM_DEL_KEY; } $filePath = PHOTO_ACTION_TMP.md5($key.$_REQUEST['id']); @file_put_contents($filePath, ""); $ret = true; End: return $ret; } } $api = new AlbumAPI(); $api->Run(); ?>