2020-06-07 19:04:43 +03:00
|
|
|
|
<?php declare(strict_types=1);
|
|
|
|
|
|
namespace openvk\Web\Presenters;
|
2023-08-21 12:47:51 +03:00
|
|
|
|
use openvk\Web\Models\Entities\{Club, Photo, Album, User};
|
2022-08-09 08:58:47 +03:00
|
|
|
|
use openvk\Web\Models\Repositories\{Photos, Albums, Users, Clubs};
|
2020-06-07 19:04:43 +03:00
|
|
|
|
use Nette\InvalidStateException as ISE;
|
|
|
|
|
|
|
|
|
|
|
|
final class PhotosPresenter extends OpenVKPresenter
|
|
|
|
|
|
{
|
|
|
|
|
|
private $users;
|
|
|
|
|
|
private $photos;
|
|
|
|
|
|
private $albums;
|
2022-09-17 00:19:46 +03:00
|
|
|
|
protected $presenterName = "photos";
|
|
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
function __construct(Photos $photos, Albums $albums, Users $users)
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->users = $users;
|
|
|
|
|
|
$this->photos = $photos;
|
|
|
|
|
|
$this->albums = $albums;
|
|
|
|
|
|
|
|
|
|
|
|
parent::__construct();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderAlbumList(int $owner): void
|
|
|
|
|
|
{
|
|
|
|
|
|
if($owner > 0) {
|
|
|
|
|
|
$user = $this->users->get($owner);
|
|
|
|
|
|
if(!$user) $this->notFound();
|
2021-12-14 16:00:12 +03:00
|
|
|
|
if (!$user->getPrivacyPermission('photos.read', $this->user->identity ?? NULL))
|
|
|
|
|
|
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$this->template->albums = $this->albums->getUserAlbums($user, (int)($this->queryParam("p") ?? 1));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->template->count = $this->albums->getUserAlbumsCount($user);
|
|
|
|
|
|
$this->template->owner = $user;
|
|
|
|
|
|
$this->template->canEdit = false;
|
|
|
|
|
|
if(!is_null($this->user))
|
|
|
|
|
|
$this->template->canEdit = $this->user->id === $user->getId();
|
|
|
|
|
|
} else {
|
|
|
|
|
|
$club = (new Clubs)->get(abs($owner));
|
|
|
|
|
|
if(!$club) $this->notFound();
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$this->template->albums = $this->albums->getClubAlbums($club, (int)($this->queryParam("p") ?? 1));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->template->count = $this->albums->getClubAlbumsCount($club);
|
|
|
|
|
|
$this->template->owner = $club;
|
|
|
|
|
|
$this->template->canEdit = false;
|
|
|
|
|
|
if(!is_null($this->user))
|
|
|
|
|
|
$this->template->canEdit = $club->canBeModifiedBy($this->user->identity);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$this->template->paginatorConf = (object) [
|
|
|
|
|
|
"count" => $this->template->count,
|
2023-09-14 20:36:29 +03:00
|
|
|
|
"page" => (int)($this->queryParam("p") ?? 1),
|
2020-06-07 19:04:43 +03:00
|
|
|
|
"amount" => NULL,
|
|
|
|
|
|
"perPage" => OPENVK_DEFAULT_PER_PAGE,
|
|
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderCreateAlbum(): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2021-01-01 00:18:53 +03:00
|
|
|
|
$this->willExecuteWriteAction();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
if(!is_null($gpid = $this->queryParam("gpid"))) {
|
|
|
|
|
|
$club = (new Clubs)->get((int) $gpid);
|
|
|
|
|
|
if(!$club->canBeModifiedBy($this->user->identity))
|
|
|
|
|
|
$this->notFound();
|
|
|
|
|
|
|
|
|
|
|
|
$this->template->club = $club;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST") {
|
2023-08-09 15:50:04 +03:00
|
|
|
|
if(empty($this->postParam("name")) || mb_strlen(trim($this->postParam("name"))) === 0)
|
2021-01-17 01:45:49 +03:00
|
|
|
|
$this->flashFail("err", tr("error"), tr("error_segmentation"));
|
2022-04-18 19:02:23 +03:00
|
|
|
|
else if(strlen($this->postParam("name")) > 36)
|
|
|
|
|
|
$this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes"));
|
2022-01-02 18:15:49 +03:00
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$album = new Album;
|
|
|
|
|
|
$album->setOwner(isset($club) ? $club->getId() * -1 : $this->user->id);
|
|
|
|
|
|
$album->setName($this->postParam("name"));
|
|
|
|
|
|
$album->setDescription($this->postParam("desc"));
|
|
|
|
|
|
$album->setCreated(time());
|
|
|
|
|
|
$album->save();
|
|
|
|
|
|
|
2022-01-02 18:15:49 +03:00
|
|
|
|
if(isset($club))
|
2022-08-09 08:52:36 +03:00
|
|
|
|
$this->redirect("/album-" . $album->getOwner()->getId() . "_" . $album->getId());
|
2022-01-02 18:15:49 +03:00
|
|
|
|
else
|
2022-08-09 08:52:36 +03:00
|
|
|
|
$this->redirect("/album" . $album->getOwner()->getId() . "_" . $album->getId());
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderEditAlbum(int $owner, int $id): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2021-01-01 00:18:53 +03:00
|
|
|
|
$this->willExecuteWriteAction();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
$album = $this->albums->get($id);
|
|
|
|
|
|
if(!$album) $this->notFound();
|
|
|
|
|
|
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) $this->notFound();
|
|
|
|
|
|
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity) || $album->isDeleted())
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->template->album = $album;
|
|
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST") {
|
2022-04-18 19:02:23 +03:00
|
|
|
|
if(strlen($this->postParam("name")) > 36)
|
|
|
|
|
|
$this->flashFail("err", tr("error"), tr("error_data_too_big", "name", 36, "bytes"));
|
|
|
|
|
|
|
2023-08-09 15:50:04 +03:00
|
|
|
|
$album->setName((empty($this->postParam("name")) || mb_strlen(trim($this->postParam("name"))) === 0) ? $album->getName() : $this->postParam("name"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$album->setDescription(empty($this->postParam("desc")) ? NULL : $this->postParam("desc"));
|
|
|
|
|
|
$album->setEdited(time());
|
|
|
|
|
|
$album->save();
|
|
|
|
|
|
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flash("succ", tr("changes_saved"), tr("new_data_accepted"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderDeleteAlbum(int $owner, int $id): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2021-01-01 00:18:53 +03:00
|
|
|
|
$this->willExecuteWriteAction();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->assertNoCSRF();
|
|
|
|
|
|
|
|
|
|
|
|
$album = $this->albums->get($id);
|
|
|
|
|
|
if(!$album) $this->notFound();
|
|
|
|
|
|
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted()) $this->notFound();
|
|
|
|
|
|
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity))
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
2022-01-02 18:15:49 +03:00
|
|
|
|
$name = $album->getName();
|
|
|
|
|
|
$owner = $album->getOwner();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$album->delete();
|
2022-07-29 12:41:43 +03:00
|
|
|
|
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flash("succ", tr("album_is_deleted"), tr("album_x_is_deleted", $name));
|
2022-01-02 18:15:49 +03:00
|
|
|
|
$this->redirect("/albums" . ($owner instanceof Club ? "-" : "") . $owner->getId());
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderAlbum(int $owner, int $id): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$album = $this->albums->get($id);
|
|
|
|
|
|
if(!$album) $this->notFound();
|
|
|
|
|
|
if($album->getPrettyId() !== $owner . "_" . $id || $album->isDeleted())
|
|
|
|
|
|
$this->notFound();
|
|
|
|
|
|
|
2021-12-15 20:18:43 +03:00
|
|
|
|
if($owner > 0 /* bc we currently don't have perms for clubs */) {
|
|
|
|
|
|
$ownerObject = (new Users)->get($owner);
|
|
|
|
|
|
if(!$ownerObject->getPrivacyPermission('photos.read', $this->user->identity ?? NULL))
|
|
|
|
|
|
$this->flashFail("err", tr("forbidden"), tr("forbidden_comment"));
|
|
|
|
|
|
}
|
2021-12-14 16:00:12 +03:00
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->template->album = $album;
|
2021-12-20 23:51:50 +03:00
|
|
|
|
$this->template->photos = iterator_to_array( $album->getPhotos( (int) ($this->queryParam("p") ?? 1), 20) );
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->template->paginatorConf = (object) [
|
|
|
|
|
|
"count" => $album->getPhotosCount(),
|
2023-09-14 20:36:29 +03:00
|
|
|
|
"page" => (int)($this->queryParam("p") ?? 1),
|
2020-06-07 19:04:43 +03:00
|
|
|
|
"amount" => sizeof($this->template->photos),
|
2021-12-20 23:51:50 +03:00
|
|
|
|
"perPage" => 20,
|
|
|
|
|
|
"atBottom" => true
|
2020-06-07 19:04:43 +03:00
|
|
|
|
];
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderPhoto(int $ownerId, int $photoId): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
|
|
|
|
|
|
if(!$photo || $photo->isDeleted()) $this->notFound();
|
|
|
|
|
|
|
|
|
|
|
|
if(!is_null($this->queryParam("from"))) {
|
|
|
|
|
|
if(preg_match("%^album([0-9]++)$%", $this->queryParam("from"), $matches) === 1) {
|
|
|
|
|
|
$album = $this->albums->get((int) $matches[1]);
|
|
|
|
|
|
if($album)
|
|
|
|
|
|
if($album->hasPhoto($photo) && !$album->isDeleted())
|
|
|
|
|
|
$this->template->album = $album;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$this->template->photo = $photo;
|
|
|
|
|
|
$this->template->cCount = $photo->getCommentsCount();
|
|
|
|
|
|
$this->template->cPage = (int) ($this->queryParam("p") ?? 1);
|
|
|
|
|
|
$this->template->comments = iterator_to_array($photo->getComments($this->template->cPage));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-11-16 12:56:27 +03:00
|
|
|
|
function renderAbsolutePhoto($id): void
|
2021-11-15 22:45:48 +03:00
|
|
|
|
{
|
2021-11-16 12:56:27 +03:00
|
|
|
|
$id = (int) base_convert((string) $id, 32, 10);
|
2021-11-15 22:45:48 +03:00
|
|
|
|
$photo = $this->photos->get($id);
|
|
|
|
|
|
if(!$photo || $photo->isDeleted())
|
|
|
|
|
|
$this->notFound();
|
|
|
|
|
|
|
|
|
|
|
|
$this->template->_template = "Photos/Photo.xml";
|
|
|
|
|
|
$this->renderPhoto($photo->getOwner(true)->getId(), $photo->getVirtualId());
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-12-14 23:15:29 +03:00
|
|
|
|
function renderThumbnail($id, $size): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$photo = $this->photos->get($id);
|
|
|
|
|
|
if(!$photo || $photo->isDeleted())
|
|
|
|
|
|
$this->notFound();
|
|
|
|
|
|
|
|
|
|
|
|
if(!$photo->forceSize($size))
|
|
|
|
|
|
chandler_http_panic(588, "Gone", "This thumbnail cannot be generated due to server misconfiguration");
|
|
|
|
|
|
|
|
|
|
|
|
$this->redirect($photo->getURLBySizeId($size), 8);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
function renderEditPhoto(int $ownerId, int $photoId): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2021-01-01 00:18:53 +03:00
|
|
|
|
$this->willExecuteWriteAction();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
|
|
|
|
|
|
if(!$photo) $this->notFound();
|
|
|
|
|
|
if(is_null($this->user) || $this->user->id != $ownerId)
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST") {
|
|
|
|
|
|
$photo->setDescription(empty($this->postParam("desc")) ? NULL : $this->postParam("desc"));
|
|
|
|
|
|
$photo->save();
|
|
|
|
|
|
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flash("succ", tr("changes_saved"), tr("new_description_will_appear"));
|
2022-08-09 08:52:36 +03:00
|
|
|
|
$this->redirect("/photo" . $photo->getPrettyId());
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$this->template->photo = $photo;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderUploadPhoto(): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$this->willExecuteWriteAction(true);
|
2023-10-03 19:40:13 +03:00
|
|
|
|
|
|
|
|
|
|
if(is_null($this->queryParam("album"))) {
|
|
|
|
|
|
$album = $this->albums->getUserWallAlbum($this->user->identity);
|
|
|
|
|
|
} else {
|
|
|
|
|
|
[$owner, $id] = explode("_", $this->queryParam("album"));
|
|
|
|
|
|
$album = $this->albums->get((int) $id);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
if(!$album)
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error"), tr("error_adding_to_deleted"), 500, true);
|
2023-10-03 19:40:13 +03:00
|
|
|
|
|
|
|
|
|
|
# Для быстрой загрузки фоток из пикера фотографий нужен альбом, но юзер не может загружать фото
|
|
|
|
|
|
# в системные альбомы, так что так.
|
|
|
|
|
|
if(is_null($this->user) || !is_null($this->queryParam("album")) && !$album->canBeModifiedBy($this->user->identity))
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"), 500, true);
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST") {
|
2023-09-14 20:36:29 +03:00
|
|
|
|
if($this->queryParam("act") == "finish") {
|
|
|
|
|
|
$result = json_decode($this->postParam("photos"), true);
|
|
|
|
|
|
|
|
|
|
|
|
foreach($result as $photoId => $description) {
|
|
|
|
|
|
$phot = $this->photos->get($photoId);
|
|
|
|
|
|
|
|
|
|
|
|
if(!$phot || $phot->isDeleted() || $phot->getOwner()->getId() != $this->user->id)
|
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
|
|
if(iconv_strlen($description) > 255)
|
|
|
|
|
|
$this->flashFail("err", tr("error"), tr("description_too_long"), 500, true);
|
|
|
|
|
|
|
|
|
|
|
|
$phot->setDescription($description);
|
|
|
|
|
|
$phot->save();
|
|
|
|
|
|
|
|
|
|
|
|
$album = $phot->getAlbum();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$this->returnJson(["success" => true,
|
|
|
|
|
|
"album" => $album->getId(),
|
|
|
|
|
|
"owner" => $album->getOwner() instanceof User ? $album->getOwner()->getId() : $album->getOwner()->getId() * -1]);
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
2023-09-14 20:36:29 +03:00
|
|
|
|
|
|
|
|
|
|
if(!isset($_FILES))
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("no_photo"), tr("select_file"), 500, true);
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$photos = [];
|
2023-10-03 19:40:13 +03:00
|
|
|
|
if((int)$this->postParam("count") > 10)
|
|
|
|
|
|
$this->flashFail("err", tr("no_photo"), "ты еблан", 500, true);
|
|
|
|
|
|
|
2023-09-14 20:36:29 +03:00
|
|
|
|
for($i = 0; $i < $this->postParam("count"); $i++) {
|
|
|
|
|
|
try {
|
|
|
|
|
|
$photo = new Photo;
|
|
|
|
|
|
$photo->setOwner($this->user->id);
|
|
|
|
|
|
$photo->setDescription("");
|
|
|
|
|
|
$photo->setFile($_FILES["photo_".$i]);
|
|
|
|
|
|
$photo->setCreated(time());
|
|
|
|
|
|
$photo->save();
|
2022-07-29 12:41:43 +03:00
|
|
|
|
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$photos[] = [
|
|
|
|
|
|
"url" => $photo->getURLBySizeId("tiny"),
|
|
|
|
|
|
"id" => $photo->getId(),
|
|
|
|
|
|
"vid" => $photo->getVirtualId(),
|
|
|
|
|
|
"owner" => $photo->getOwner()->getId(),
|
|
|
|
|
|
"link" => $photo->getURL()
|
|
|
|
|
|
];
|
|
|
|
|
|
} catch(ISE $ex) {
|
|
|
|
|
|
$name = $album->getName();
|
|
|
|
|
|
$this->flashFail("err", "Неизвестная ошибка", "Не удалось сохранить фотографию в $name.", 500, true);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$album->addPhoto($photo);
|
|
|
|
|
|
$album->setEdited(time());
|
|
|
|
|
|
$album->save();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$this->returnJson(["success" => true,
|
|
|
|
|
|
"photos" => $photos]);
|
2020-06-07 19:04:43 +03:00
|
|
|
|
} else {
|
|
|
|
|
|
$this->template->album = $album;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderUnlinkPhoto(int $owner, int $albumId, int $photoId): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2021-01-01 00:18:53 +03:00
|
|
|
|
$this->willExecuteWriteAction();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
$album = $this->albums->get($albumId);
|
|
|
|
|
|
$photo = $this->photos->get($photoId);
|
|
|
|
|
|
if(!$album || !$photo) $this->notFound();
|
|
|
|
|
|
if(!$album->hasPhoto($photo)) $this->notFound();
|
|
|
|
|
|
if(is_null($this->user) || !$album->canBeModifiedBy($this->user->identity))
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST") {
|
|
|
|
|
|
$this->assertNoCSRF();
|
|
|
|
|
|
$album->removePhoto($photo);
|
2022-07-29 12:41:43 +03:00
|
|
|
|
$album->setEdited(time());
|
|
|
|
|
|
$album->save();
|
2020-06-07 19:04:43 +03:00
|
|
|
|
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flash("succ", tr("photo_is_deleted"), tr("photo_is_deleted_desc"));
|
2022-08-09 08:52:36 +03:00
|
|
|
|
$this->redirect("/album" . $album->getPrettyId());
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
function renderDeletePhoto(int $ownerId, int $photoId): void
|
|
|
|
|
|
{
|
|
|
|
|
|
$this->assertUserLoggedIn();
|
2023-09-14 20:36:29 +03:00
|
|
|
|
$this->willExecuteWriteAction($_SERVER["REQUEST_METHOD"] === "POST");
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$this->assertNoCSRF();
|
|
|
|
|
|
|
|
|
|
|
|
$photo = $this->photos->getByOwnerAndVID($ownerId, $photoId);
|
|
|
|
|
|
if(!$photo) $this->notFound();
|
|
|
|
|
|
if(is_null($this->user) || $this->user->id != $ownerId)
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flashFail("err", tr("error_access_denied_short"), tr("error_access_denied"));
|
2023-08-21 12:47:51 +03:00
|
|
|
|
|
2023-10-19 08:18:59 +03:00
|
|
|
|
if(!is_null($album = $photo->getAlbum()))
|
|
|
|
|
|
$redirect = $album->getOwner() instanceof User ? "/id0" : "/club" . $ownerId;
|
|
|
|
|
|
else
|
|
|
|
|
|
$redirect = "/id0";
|
2023-08-21 12:47:51 +03:00
|
|
|
|
|
2020-06-07 19:04:43 +03:00
|
|
|
|
$photo->isolate();
|
|
|
|
|
|
$photo->delete();
|
2022-03-27 17:09:24 +03:00
|
|
|
|
|
2023-09-14 20:36:29 +03:00
|
|
|
|
if($_SERVER["REQUEST_METHOD"] === "POST")
|
|
|
|
|
|
$this->returnJson(["success" => true]);
|
|
|
|
|
|
|
2023-09-17 16:22:59 +03:00
|
|
|
|
$this->flash("succ", tr("photo_is_deleted"), tr("photo_is_deleted_desc"));
|
2023-08-21 12:47:51 +03:00
|
|
|
|
$this->redirect($redirect);
|
2020-06-07 19:04:43 +03:00
|
|
|
|
}
|
|
|
|
|
|
}
|
