home
/
plugin.image.photostation
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Play images and video from Synology PhotoStation server
27 Commit
1 Ramo (Branch)
Ramo (Branch): master
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da 'master'
${ noResults }
plugin.image.photostation/PhotoStation API/webapi/category.php

category.php 22KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670 
  1. <?php

  2. 

  3. require_once('category.inc.php');

  4. require_once('albumutil.php');

  5. 

  6. class CategoryAPI extends WebAPI {

  7.     function __construct() {

  8.         parent::__construct(SZ_WEBAPI_API_DESCRIPTION_PATH);

  9.     }

  10. 

  11.     protected function Process() {

  12.         if (!strcasecmp($this->method, "list")) {

  13. 			session_write_close();

  14.             $this->CategoryList();

  15.         } elseif (!strcasecmp($this->method, "getinfo")) {

  16. 			session_write_close();

  17.             $this->GetInfo();

  18.         } elseif (!strcasecmp($this->method, "listitem")) {

  19.             csSYNOPhotoDB::GetDBInstance()->SetSessionCache();

  20. 			session_write_close();

  21.             $this->ListItem();

  22.         } else {

  23.             csSYNOPhotoDB::GetDBInstance()->SetSessionCache(true);

  24.             csSYNOPhotoMisc::CheckSessionTimeOut();

  25. 

  26.             if (!strcasecmp($this->method, "create")) {

  27.                 $this->Create();

  28.             } elseif (!strcasecmp($this->method, "delete")) {

  29.                 $this->Delete();

  30.             } elseif (!strcasecmp($this->method, "edit")) {

  31.                 $this->Edit();

  32.             } elseif (!strcasecmp($this->method, "arrangecategory")) {

  33.                 $this->ArrangeCategory();

  34.             } elseif (!strcasecmp($this->method, "additem")) {

  35.                 $this->AddItem();

  36.             } elseif (!strcasecmp($this->method, "removeitem")) {

  37.                 $this->RemoveItem();

  38.             } elseif (!strcasecmp($this->method, "arrangeitem")) {

  39.                 $this->ArrangeItem();

  40.             }

  41.         }

  42.     }

  43. 

  44.     private function BooleanUniform($data) {

  45.         if (true === $data || 't' === $data) {

  46.             return true;

  47.         } elseif (false === $data || 'f' === $data) {

  48.             return false;

  49.         }

  50.         return false;

  51.     }

  52. 

  53.     private function GetCategoryDatabaseID($data) {

  54.         $arr = explode('category_', $data);

  55.         $id = $arr[1];

  56. 

  57.         if (empty($id)) {

  58.             return false;

  59.         }

  60.         if (!is_numeric($id)) {

  61.             return false;

  62.         }

  63.         return $id;

  64.     }

  65. 

  66.     private function CheckItemID($data) {

  67.         $items = explode(',', $data);

  68.         foreach ($items as $item) {

  69.             $arr = explode('_', $item);

  70.             if (!in_array($arr[0], array('album', 'tag', 'smart'))) {

  71.                 return false;

  72.             }

  73.         }

  74.         return $items;

  75.     }

  76. 

  77.     private function CheckOffsetLimit($offset, $limit) {

  78.         if (!is_numeric($offset) || !is_numeric($limit)) {

  79.             return false;

  80.         }

  81.         if (0 > (int)$offset || -1 > (int)$limit) {

  82.             return false;

  83.         }

  84.         return true;

  85.     }

  86. 

  87.     private function IsAccessible($id) {

  88.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  89.         $hidden = csSYNOPhotoDB::GetDBInstance()->IsCategoryAccessible($id);

  90.         if (false === $isAdmin && true === $hidden) {

  91.             return false;

  92.         }

  93.         return true;

  94.     }

  95. 

  96.     private function GetItemID($type, $id) {

  97.         switch ($type) {

  98.         case 'album':

  99.             $row = csSYNOPhotoDB::GetDBInstance()->GetFieldByKeyValue('sharename', 'photo_share', 'shareid', $id);

  100.             $albumID = bin2hex($row['sharename']);

  101.             $itemID = "album_{$albumID}";

  102.             break;

  103.         case 'tag':

  104.             $itemID = "tag_{$id}";

  105.             break;

  106.         case 'smart':

  107.             $itemID = "smart_{$id}";

  108.             break;

  109.         default:

  110.             return false;

  111.             break;

  112.         }

  113.         return $itemID;

  114.     }

  115. 

  116.     private function GetItemName($itemID) {

  117.         $arr = explode('_', $itemID );

  118.         if (2 != count($arr)) {

  119.             return false;

  120.         }

  121.         if (!in_array($arr[0], array('album', 'smart', 'tag'))) {

  122.             return false;

  123.         }

  124.         switch ($arr[0]) {

  125.         case 'album':

  126.             $name = @pack('H*', $arr[1]);

  127.             break;

  128.         case 'smart':

  129.             $name = @pack('H*', $arr[1]);

  130.             break;

  131.         case 'tag':

  132.             $row = csSYNOPhotoDB::GetDBInstance()->GetFieldByKeyValue('name', 'photo_label', 'id', $arr[1]);

  133.             $name = $row['name'];

  134.             break;

  135.         default:

  136.             break;

  137.         }

  138.         return $name;

  139.     }

  140. 

  141.     private function CategoryList() {

  142.         if (!isset($_REQUEST['offset']) || !isset($_REQUEST['limit'])) {

  143.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  144.             goto End;

  145.         }

  146.         if (!$this->CheckOffsetLimit($_REQUEST['offset'], $_REQUEST['limit'])) {

  147.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  148.             goto End;

  149.         }

  150.             

  151.         // check if admin

  152.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  153. 

  154.         // database query, +0 => convert to int

  155. 		$dbCategories = Category::ListItem($_REQUEST['offset']+0, $_REQUEST['limit']+0, $isAdmin);

  156. 

  157.         // form to webapi format

  158.         $categories = array();

  159.         foreach ($dbCategories as $dbCategory) {

  160. 			$category = Decorator::CategoryFormula($dbCategory);

  161. 			$categories[] = $category;

  162.         }

  163. 

  164.         $resp['total'] = (int)csSYNOPhotoDB::GetDBInstance()->GetTotalCategory($isAdmin);

  165.         $offset = (0 > $_REQUEST['limit']) ? $resp['total'] : (int)($_REQUEST['offset'] + $_REQUEST['limit']);

  166.         $resp['offset'] = ($offset >  $resp['total']) ?  $resp['total'] : $offset;

  167.         $resp['categories'] = $categories;

  168.         $this->SetResponse($resp);

  169.     End:

  170.         return;

  171.     }

  172. 

  173.     private function GetInfo() {

  174.         if (!isset($_REQUEST['id'])) {

  175.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  176.             goto End;

  177.         }

  178. 

  179.         // get and check category id

  180.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  181.         if (false === $id) {

  182.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  183.             goto End;

  184.         }

  185. 

  186.         // check accessible

  187.         if (!$this->IsAccessible($id)) {

  188.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  189.             goto End;

  190.         }

  191. 

  192.         // datebase query

  193.         $objs = Category::GetByIds(array($id));

  194. 		$info = $objs[$id];

  195.         if (!$info) {

  196.             $this->SetError(PHOTOSTATION_CATEGORY_GETINFO_FAIL);

  197.             goto End;

  198.         }

  199.         

  200.         // form to webapi format

  201.         $categories = array();

  202.         $category['id'] = 'category_'.$info['id'];

  203.         $category['name'] = $info['name'];

  204.         $category['hidden'] = $info['hidden'];

  205.         $category['home'] = $category['id'] === csSYNOPhotoMisc::GetConfigDB("album", "home_category", "photo_config");

  206.         array_push($categories, $category);

  207. 

  208.         $resp['categories'] = $categories;

  209.         $this->SetResponse($resp);

  210.     End:

  211.         return;

  212.     }

  213. 

  214.     private function Create() {

  215.         // check if admin

  216.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  217.         if (!$isAdmin) {

  218.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  219.             goto End;

  220.         }

  221. 

  222. 		$name = trim($_REQUEST['name']);

  223.         if (!isset($_REQUEST['name']) || '' === $name) {

  224.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  225.             goto End;

  226.         }

  227. 

  228.         $hidden = 'true' === $_REQUEST['hidden'] ? true : false;

  229.         if (Category::CheckNameExists($name)) {

  230.             $this->SetError(PHOTOSTATION_CATEGORY_DUPLICATE);

  231.             goto End;

  232.         }

  233. 

  234.         // database query

  235. 		$createId = Category::Add($name, $hidden);

  236.         if (!$createId) {

  237.             $this->SetError(PHOTOSTATION_CATEGORY_CREATE_FAIL);

  238.             goto End;

  239.         }

  240. 

  241.         $resp['id'] = 'category_'.$createId;

  242.         $this->SetResponse($resp);

  243.     End:

  244.         return;

  245.     }

  246. 

  247.     private function Delete() {

  248.         // check if admin

  249.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  250.         if (!$isAdmin) {

  251.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  252.             goto End;

  253.         }

  254. 

  255.         if (!isset($_REQUEST['id'])) {

  256.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  257.             goto End;

  258.         }

  259. 

  260.         // get and check category id

  261.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  262.         if (!$id) {

  263.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  264.             goto End;

  265.         }

  266. 

  267.         // database query

  268.         if (!Category::DeleteByIds(array($id))) {

  269.             $this->SetError(PHOTOSTATION_CATEGORY_DELETE_FAIL);

  270.             goto End;

  271.         }

  272. 

  273.         $homeVal = csSYNOPhotoMisc::GetConfigDB("album", "home_category", "photo_config");

  274.         if ($homeVal === $_REQUEST['id']) {

  275.             csSYNOPhotoMisc::UpdateConfigDB("album", "home_category", '', "photo_config");

  276.         }

  277.         $this->SetResponse($resp);

  278.     End:

  279.         return;

  280.     }

  281. 

  282.     private function Edit() {

  283.         // check if admin

  284.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  285.         if (!$isAdmin) {

  286.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  287.             goto End;

  288.         }

  289. 

  290.         if (!isset($_REQUEST['id'])) {

  291.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  292.             goto End;

  293.         }

  294. 

  295.         // get and check category id

  296.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  297.         if (!$id) {

  298.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  299.             goto End;

  300.         }

  301. 

  302.         $name = isset($_REQUEST['name']) ? trim($_REQUEST['name']) : NULL;

  303. 		$hidden = isset($_REQUEST['hidden']) ?

  304. 			('true' === $_REQUEST['hidden'] ? true : false) : NULL;

  305. 

  306. 		if (NULL === $hidden && ('' === $name || NULL === $name)) {

  307.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  308.             goto End;

  309.         }

  310. 

  311.         if (Category::isDuplicated($id, $name)) {

  312.             $this->SetError(PHOTOSTATION_CATEGORY_DUPLICATE);

  313.             goto End;

  314.         }

  315.         // database query

  316. 		if (!Category::EditById($id, $name, $hidden)) {

  317.             $this->SetError(PHOTOSTATION_CATEGORY_EDIT_FAIL);

  318.             goto End;

  319.         }

  320. 

  321.         $setHome = isset($_REQUEST['home']) ? 'true' === $_REQUEST['home'] : false;

  322.         $homeVal = csSYNOPhotoMisc::GetConfigDB("album", "home_category", "photo_config");

  323.         if ($setHome) {

  324.             csSYNOPhotoMisc::UpdateConfigDB("album", "home_category", $_REQUEST['id'], "photo_config");

  325.         } elseif ($homeVal === $_REQUEST['id']) {

  326.             csSYNOPhotoMisc::UpdateConfigDB("album", "home_category", '', "photo_config");

  327.         }

  328.         $this->SetResponse($resp);

  329.     End:

  330.         return;

  331.     }

  332. 

  333.     private function ArrangeCategory() {

  334.         // check if admin

  335.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  336.         if (!$isAdmin) {

  337.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  338.             goto End;

  339.         }

  340. 

  341.         if (!isset($_REQUEST['offset']) || !isset($_REQUEST['limit']) || !isset($_REQUEST['category_id'])) {

  342.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  343.             goto End;

  344.         }

  345. 

  346.         if (!$this->CheckOffsetLimit($_REQUEST['offset'], $_REQUEST['limit'])) {

  347.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  348.             goto End;

  349.         }

  350. 

  351.         // get and check category id

  352.         $ids = array();

  353.         $categoryIDs = array();

  354.         $categoryIDs = explode(',', $_REQUEST['category_id']);

  355.         foreach ($categoryIDs as $categoryID) {

  356.             if (false === ($id = $this->GetCategoryDatabaseID($categoryID))) {

  357.                 $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  358.                 goto End;

  359.             }

  360.             array_push($ids, $id);

  361.         }

  362. 

  363.         // database query

  364.         if (!csSYNOPhotoDB::GetDBInstance()->ArrangeCategory($ids, $_REQUEST['offset'], $_REQUEST['limit'])) {

  365.             $this->SetError(PHOTOSTATION_CATEGORY_ARRANGE_FAIL);

  366.             goto End;

  367.         }

  368. 

  369.         $this->SetResponse($resp);

  370.     End:

  371.         return;

  372. 

  373.     }

  374. 

  375.     private function AddItem() {

  376.         // check if admin

  377.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  378.         if (!$isAdmin) {

  379.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  380.             goto End;

  381.         }

  382. 

  383.         if (!isset($_REQUEST['id']) || !isset($_REQUEST['item_id'])) {

  384.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  385.             goto End;

  386.         }

  387. 

  388.         // get and check category id

  389.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  390.         if (!$id) {

  391.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  392.             goto End;

  393.         }

  394.         // check item id

  395.         $itemIDs = $this->CheckItemID($_REQUEST['item_id']);

  396.         if (!$itemIDs) {

  397.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  398.             goto End;

  399.         }

  400. 

  401.         if (!csSYNOPhotoDB::GetDBInstance()->AddCategoryItem($id, $itemIDs)) {

  402.             $this->SetError(PHOTOSTATION_CATEGORY_ADD_ITEM_FAIL);

  403.             goto End;

  404.         }

  405. 

  406.         $this->SetResponse($resp);

  407.     End:

  408.         return;

  409.     }

  410. 

  411.     private function FormAlbumInfo($itemID)

  412.     {

  413.         $query = "select * from photo_share where shareid=?";

  414.         $sqlParam = array($itemID);

  415.         $db_result = PHOTO_DB_Query($query, $sqlParam);

  416.         if (false === ($db_result = PHOTO_DB_Query($query, $sqlParam))) {

  417.             return false;

  418.         }

  419.         if (false === ($row = PHOTO_DB_FetchRow($db_result))) {

  420.             return false;

  421.         }

  422.         $info['sharepath'] = $row['sharename'];

  423.         $info['name'] = basename($row['sharename']);

  424.         $info['title'] = empty($row['title']) ? $info['name'] : $row['title'];

  425.         $info['description'] = $row['description'];

  426.         $info['hits'] = $row['hits'];

  427.         if (PHOTO_DB_IsTrue($row['public'])) {

  428.             $albumPermission = 'public';

  429.         } else {

  430.             $albumPermission = empty($row['password']) ? 'private' : 'password';

  431.         }

  432.         $info['type'] = $albumPermission;

  433.         return $info;

  434.     }

  435. 

  436.     private function FormAdditional($type, $additional, $itemID)

  437.     {

  438.         if ('album' === $type && in_array('album_permission', $additional)) {

  439.             $arr = explode('album_', $itemID);

  440.             if (2 === count($arr)) {

  441.                 $albumName = @pack('H*', $arr[1]);

  442.                 $data['album_permission'] = AlbumAPIUtil::GetAlbumPermission($albumName);

  443.             }

  444.         }

  445.         return $data;

  446.     }

  447. 

  448.     private function IsAlbumPassword($albumName)

  449.     {

  450.         $query = 'SELECT * FROM photo_share WHERE sharename=?';

  451.         $sqlParam = array($albumName);

  452.         if (false === ($db_result = PHOTO_DB_Query($query, $sqlParam))) {

  453.             return false;

  454.         }

  455.         if (false === ($row = PHOTO_DB_FetchRow($db_result))) {

  456.             return false;

  457.         }

  458.         if (false == PHOTO_DB_IsTrue($row['public']) && !empty($row['password'])) {

  459.             return true;

  460.         }

  461.         return false;

  462.     }

  463. 

  464.     private function ListItem() {

  465.         if (!isset($_REQUEST['id']) || !isset($_REQUEST['offset']) || !isset($_REQUEST['limit'])) {

  466.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  467.             goto End;

  468.         }

  469.         $additionalParams = explode(',', $_REQUEST['additional']);

  470.         $needThumbSize = in_array('thumb_size', $additionalParams);

  471. 

  472.         if (!$this->CheckOffsetLimit($_REQUEST['offset'], $_REQUEST['limit'])) {

  473.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  474.             goto End;

  475.         }

  476. 

  477.         // get and check category id

  478.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  479.         if (!$id) {

  480.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  481.             goto End;

  482.         }

  483. 

  484.         // check accessible

  485.         if (!$this->IsAccessible($id)) {

  486.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  487.             goto End;

  488.         }

  489. 

  490.         // database query

  491.         $dbItems = csSYNOPhotoDB::GetDBInstance()->ListCategoryItem($id, $_REQUEST['offset'], $_REQUEST['limit']);

  492.         if (false === $dbItems) {

  493.             $this->SetError(PHOTOSTATION_CATEGORY_LIST_ITEM_FAIL);

  494.             goto End;

  495.         }

  496.         $allow_comment = AlbumAPIUtil::IsAlbumCommentalbGlobal();

  497. 

  498.         // form to webapi format

  499.         $items = array();

  500.         $denyCount = 0;

  501.         foreach ($dbItems as $dbItem) {

  502.             unset($item);

  503.             if ('album' === $dbItem['type']) {

  504.                 $typeID = $dbItem['album_id'];

  505.             } elseif ('tag' === $dbItem['type']) {

  506.                 $typeID = $dbItem['tag_id'];

  507.             } elseif ('smart' === $dbItem['type']) {

  508.                 $typeID = $dbItem['smart_id'];

  509.             }

  510.             if (false === ($itemID = $this->GetItemID($dbItem['type'], $typeID))) {

  511.                 continue;

  512.             }

  513. 

  514.             // private can't show

  515.             if ('album' === $dbItem['type']) {

  516.                 $arr = explode('album_', $itemID);

  517.                 $albumName = @pack('H*', $arr[1]);

  518.                 if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName) && !$this->IsAlbumPassword($albumName)) {

  519.                     $denyCount++;

  520.                     continue;

  521.                 }

  522.             }

  523.             $item['id'] = $itemID;

  524.             $item['type'] = $dbItem['type'];

  525.             $item['name'] = $this->GetItemName($itemID);

  526.             $additional = $this->FormAdditional($dbItem['type'], $additionalParams, $itemID);

  527. 

  528. 			$coverPath = '';

  529.             if ('album' === $dbItem['type']) {

  530.                 $arr = explode('album_', $itemID);

  531.                 if (2 === count($arr)) {

  532.                     $albumName = @pack('H*', $arr[1]);

  533.                     $result = csSYNOPhotoAlbum::GetAlbumInstance()->GetAlbumCover($albumName);

  534. 

  535. 					$coverPath = $result['coverPath'];

  536. 					$relativePath = substr($coverPath, strlen(SYNOPHOTO_SERVICE_REAL_DIR_PATH));

  537. 					$dirname = dirname($relativePath);

  538. 					$sharename = in_array($dirname, array('.', ''), true) ? '/' : $dirname;

  539.                 }

  540.                 $item['info'] = $this->FormAlbumInfo($typeID);

  541.                 $item['info']['allow_comment'] = $allow_comment;

  542.                 if (null !== $additional) {

  543.                     $item['additional']['album_permission'] = $additional['album_permission'];

  544.                 }

  545.             } elseif ('tag' === $dbItem['type']) {

  546.                 $arr = explode('tag_', $itemID);

  547.                 if (2 === count($arr)) {

  548.                     $result = csSYNOPhotoAlbum::GetAlbumInstance()->GetLabelAlbumCover($arr[1]);

  549. 

  550. 					$coverPath = $result['coverPath'];

  551. 					$relativePath = substr($coverPath, strlen(SYNOPHOTO_SERVICE_REAL_DIR_PATH));

  552. 					$dirname = dirname($relativePath);

  553. 					$sharename = in_array($dirname, array('.', ''), true) ? '/' : $dirname;

  554.                 }

  555.             } elseif ('smart' === $dbItem['type']) {

  556.                 $arr = explode('smart_', $itemID);

  557.                 if (2 === count($arr)) {

  558.                     $smartName = @pack('H*', $arr[1]);

  559.                     $album = SmartAlbum::GetSmartAlbumInstance()->GetCoverOfSmartAlbumByName($smartName);

  560. 

  561. 					$coverPath = '';

  562. 					if ($album['success'] && $album['cover']) {

  563. 						$coverPath = $album['cover']['dbPath'];

  564. 					}

  565. 					$relativePath = substr($coverPath, strlen(SYNOPHOTO_SERVICE_REAL_DIR_PATH));

  566. 					$dirname = dirname($relativePath);

  567. 					$sharename = in_array($dirname, array('.', ''), true) ? '/' : $dirname;

  568.                 }

  569.             }

  570. 			$blConversion = csSYNOPhotoMisc::IsAlbumAllowConversion($sharename);

  571. 			list($orig_resolutionx, $orig_resolutiony, $blThumbRotated) = AlbumAPIUtil::GetCoverResolutionRotation($coverPath);

  572. 			AlbumAPIUtil::FillThumbStatus($item, $coverPath, $needThumbSize, $orig_resolutionx, $orig_resolutiony, $blThumbRotated, $blConversion);

  573.             array_push($items, $item);

  574.         }

  575. 

  576.         // fixme

  577.         $resp['total'] = (int)csSYNOPhotoDB::GetDBInstance()->GetTotalCategoryItem($id) - $denyCount;

  578.         $offset = (0 > (int)$_REQUEST['limit']) ? $resp['total'] : (int)($_REQUEST['offset'] + $_REQUEST['limit']);

  579.         $resp['offset'] = ($offset >  $resp['total']) ?  $resp['total'] : $offset;

  580.         $resp['items'] = $items;

  581.         $this->SetResponse($resp);

  582.     End:

  583.         return;

  584.     }

  585. 

  586.     private function RemoveItem() {

  587.         // check if admin

  588.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  589.         if (!$isAdmin) {

  590.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  591.             goto End;

  592.         }

  593. 

  594.         if (!isset($_REQUEST['id']) || !isset($_REQUEST['item_id'])) {

  595.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  596.             goto End;

  597.         }

  598. 

  599.         // get and check category id

  600.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  601.         if (!$id) {

  602.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  603.             goto End;

  604.         }

  605.         // check item id

  606.         $itemIDs = $this->CheckItemID($_REQUEST['item_id']);

  607.         if (!$itemIDs) {

  608.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  609.             goto End;

  610.         }

  611. 

  612.         // database query

  613.         if (!csSYNOPhotoDB::GetDBInstance()->RemoveCategoryItem($id, $itemIDs)) {

  614.             $this->SetError(PHOTOSTATION_CATEGORY_REMOVE_ITEM_FAIL);

  615.             goto End;

  616.         }

  617. 

  618. 

  619.         $this->SetResponse($resp);

  620.     End:

  621.         return;

  622.     }

  623. 

  624.     private function ArrangeItem() {

  625.         // check if admin

  626.         $isAdmin = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['admin_syno_user']);

  627.         if (!$isAdmin) {

  628.             $this->SetError(PHOTOSTATION_CATEGORY_ACCESS_DENY);

  629.             goto End;

  630.         }

  631. 

  632.         if (!isset($_REQUEST['id']) || !isset($_REQUEST['offset']) || !isset($_REQUEST['limit'])) {

  633.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  634.             goto End;

  635.         }

  636. 

  637.         if (!$this->CheckOffsetLimit($_REQUEST['offset'], $_REQUEST['limit'])) {

  638.             $this->SetError(WEBAPI_ERR_BAD_REQUEST);

  639.             goto End;

  640.         }

  641. 

  642.         // get and check category id

  643.         $id = $this->GetCategoryDatabaseID($_REQUEST['id']);

  644.         if (!$id) {

  645.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  646.             goto End;

  647.         }

  648.         // check item id

  649.         $itemIDs = $this->CheckItemID($_REQUEST['item_id']);

  650.         if (!$itemIDs) {

  651.             $this->SetError(PHOTOSTATION_CATEGORY_WRONG_ID_FORMAT);

  652.             goto End;

  653.         }

  654. 

  655.         // database query

  656.         if (!csSYNOPhotoDB::GetDBInstance()->ArrangeCategoryItem($id, $itemIDs, $_REQUEST['offset'], $_REQUEST['limit'])) {

  657.             $this->SetError(PHOTOSTATION_CATEGORY_ARRANGE_ITEM_FAIL);

  658.             goto End;

  659.         }

  660. 

  661.         $this->SetResponse($resp);

  662.     End:

  663.         return;

  664.     }

  665. }

  666. 

  667. $api = new CategoryAPI();

  668. $api->Run();

  669. 

  670. ?>