Edit File - Inforamtion Edit File - Inforamtion
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Edit File - Inforamtion

Started by Silur3D, June 04, 2015, 02:27:17 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Silur3D

Where must i set the permission, for "Registered" user can edit the File -Information
?
Any ideas ?

Sili


allvip

#2
Users have the Edit File Information button only for the pictures they upload in their private gallery (My gallery).
To have the button even for files they upload in others albums go to Config - User settings - Allow users to retain control over their files in public galleries - ON.
Note but they do not have the Edit File Information button for files they did not upload (pictures uploaded by other users).

If you don't want them to have even the Delete file option then use  Delete Control for V 1.5x plugin http://forum.coppermine-gallery.net/index.php/topic,72695.0.html

For Album properties.
Visitors can upload files - YES  http://forum.coppermine-gallery.net/index.php/topic,68707.0.html
When "visitors can upload file" is set to YES, it is possible for them to upload files into albums.Note that only visitors who are members of a group for which the setting "Public albums upload allowed" (groups control panel) is set to YES can actually upload to albums where the option "Visitors can upload files" (album properties) is enabled.
Visitors who are not in the permitted group will not be able to upload files into such an album. Non-registered users are members of the "Anonymous" group.
Visitors can post comments Visitors can rate files http://forum.coppermine-gallery.net/index.php/topic,76650.msg370006.html#msg370006
Same here.

allvip

Do you want users to have the Edit File Information button even for pictures uploaded by other users?

Silur3D

Yes

"Do you want users to have the Edit File Information button even for pictures uploaded by other users?"

But not only pictures other users, "Registered" user can edit later the File -Information in public galleries.....

Silur3D

All "Registered" user can edit all pics  :-\

Αndré

That's not possible out of the box, but should be possible with some code modification. Such a feature was added during the development of cpg1.5.x, it was called "moderator mode". Unfortunately it hasn't been documented and as it wasn't clear how exactly it should work and it made trouble, it has been removed/disabled. Maybe you can use the left/commented out code and database preparations as base. Alternatively you need to edit editpics.php and/or edit_one_pic.php.

Regarding http://forum.coppermine-gallery.net/index.php/topic,67601.0.html - what exactly doesn't work?
Quote from: Αndré on October 20, 2010, 08:38:38 PM
1. Display the edit file/album button
2. Adjust the permission check for the edit form
3. Adjust the permission check while processing the form data

Silur3D

Hi, all...

the first step - i have in the index.php a little bit different code ->
therefore i can not replace him


Αndré pn in german ;-) ?

Silur3D

sry had too much } in the index.php ! 8) 8) ::)

but
step:
2. Adjust the permission check for the edit form
3. Adjust the permission check while processing the form data

can i only perform in the editpics.php not in the edit_one_pic.php

what is the code for this ?





Αndré

That mod is totally different from the mod in the other thread.

Silur3D


Silur3D

but back to topic

i need the possibility,  all "Registered" user can edit the "File Information" in public galleries.....
::) :-\

Αndré

It would really help if you'd explain exactly what you need. As the access to editpics.php seems already solved by the other thread, all you currently need is the access to edit_one_pic.php, right?

Silur3D

 :'( yes i need  the access to edit_one_pic.php,

Silur3D

i tried it without help, i do not get out there  :-\

Αndré

This works for me:
Index: displayimage.php
===================================================================
--- displayimage.php (revision 8793)
+++ displayimage.php (working copy)
@@ -94,6 +94,15 @@
</div>
EOT;

+    } elseif (USER_ID) {
+        $edit_icon   = cpg_fetch_icon('edit', 1);
+        $picmenu = <<< EOT
+    <div class="buttonlist align_right">
+ <ul>
+ <li><a href="edit_one_pic.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture"><span>{$edit_icon}{$lang_display_image_php['edit_pic']}</span></a></li>
+ </ul>
+ </div>
+EOT;
     } else {
         $picmenu = '';
     }
Index: edit_one_pic.php
===================================================================
--- edit_one_pic.php (revision 8793)
+++ edit_one_pic.php (working copy)
@@ -109,12 +109,7 @@
         }
     }

-    if (!USER_ID
-        || !(GALLERY_ADMIN_MODE
-                || ($pic['category'] == FIRST_USER_CAT + USER_ID)
-                || ($CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID)
-            )
-       ) {
+    if (!USER_ID) {
         cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
     }

@@ -334,7 +329,7 @@
$CURRENT_PIC = mysql_fetch_assoc($result);
mysql_free_result($result);

-if (!(GALLERY_ADMIN_MODE || $CURRENT_PIC['category'] == FIRST_USER_CAT + USER_ID || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC['owner_id'] == USER_ID)) || !USER_ID) {
+if (!USER_ID) {
     cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}

Index: include/functions.inc.php
===================================================================
--- include/functions.inc.php (revision 8793)
+++ include/functions.inc.php (working copy)
@@ -5931,7 +5931,7 @@
     if (GALLERY_ADMIN_MODE) {
         $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE 1 $only_empty_albums ORDER BY pos");
     } elseif (USER_ID) {
-        $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " $uploads_yes) $only_empty_albums ORDER BY pos");
+        $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " $uploads_yes) OR aid = '$selected' $only_empty_albums ORDER BY pos");
     } else {
         $result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (0 $uploads_yes) $only_empty_albums ORDER BY pos");
     }

Αndré

Open displayimage.php, find
    if ((USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID) || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC_DATA['owner_id'] == USER_ID && USER_ID != 0) || GALLERY_ADMIN_MODE) {

        $delete_icon = cpg_fetch_icon('delete', 1);
        $edit_icon   = cpg_fetch_icon('edit', 1);
        $rotate_icon = cpg_fetch_icon('rotate_ccw', 1);

        list($timestamp, $form_token) = getFormToken();
        $picmenu = <<< EOT
    <div class="buttonlist align_right">
<ul>
<li><a href="javascript:;" onclick="return MM_openBrWindow('pic_editor.php?id={$CURRENT_PIC_DATA['pid']}','Crop_Picture','scrollbars=yes,toolbar=no,status=yes,resizable=yes')"><span>{$rotate_icon}{$lang_display_image_php['crop_pic']}</span></a></li>
<li><a href="edit_one_pic.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture"><span>{$edit_icon}{$lang_display_image_php['edit_pic']}</span></a></li>
<li><a href="delete.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture&amp;form_token={$form_token}&amp;timestamp={$timestamp}" onclick="return confirm('{$lang_display_image_php['confirm_del']}'); return false; "><span class="last">{$delete_icon}{$lang_display_image_php['del_pic']}</span></a></li>
</ul>
</div>
EOT;

    } else {
        $picmenu = '';
    }

and replace with
    if ((USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID) || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC_DATA['owner_id'] == USER_ID && USER_ID != 0) || GALLERY_ADMIN_MODE) {

        $delete_icon = cpg_fetch_icon('delete', 1);
        $edit_icon   = cpg_fetch_icon('edit', 1);
        $rotate_icon = cpg_fetch_icon('rotate_ccw', 1);

        list($timestamp, $form_token) = getFormToken();
        $picmenu = <<< EOT
    <div class="buttonlist align_right">
<ul>
<li><a href="javascript:;" onclick="return MM_openBrWindow('pic_editor.php?id={$CURRENT_PIC_DATA['pid']}','Crop_Picture','scrollbars=yes,toolbar=no,status=yes,resizable=yes')"><span>{$rotate_icon}{$lang_display_image_php['crop_pic']}</span></a></li>
<li><a href="edit_one_pic.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture"><span>{$edit_icon}{$lang_display_image_php['edit_pic']}</span></a></li>
<li><a href="delete.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture&amp;form_token={$form_token}&amp;timestamp={$timestamp}" onclick="return confirm('{$lang_display_image_php['confirm_del']}'); return false; "><span class="last">{$delete_icon}{$lang_display_image_php['del_pic']}</span></a></li>
</ul>
</div>
EOT;

    } elseif (USER_ID) {
        $edit_icon   = cpg_fetch_icon('edit', 1);
        $picmenu = <<< EOT
    <div class="buttonlist align_right">
<ul>
<li><a href="edit_one_pic.php?id={$CURRENT_PIC_DATA['pid']}&amp;what=picture"><span>{$edit_icon}{$lang_display_image_php['edit_pic']}</span></a></li>
</ul>
</div>
EOT;
    } else {
        $picmenu = '';
    }



Open edit_one_pic.php, find
    if (!USER_ID
        || !(GALLERY_ADMIN_MODE
                || ($pic['category'] == FIRST_USER_CAT + USER_ID)
                || ($CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID)
            )
       ) {
        cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
    }

and replace with
    if (!USER_ID) {
        cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
    }


find
if (!(GALLERY_ADMIN_MODE || $CURRENT_PIC['category'] == FIRST_USER_CAT + USER_ID || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC['owner_id'] == USER_ID)) || !USER_ID) {
and replace with
if (!USER_ID) {


Open include/functions.inc.php, find
$result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " $uploads_yes) $only_empty_albums ORDER BY pos");
and replace with
$result = cpg_db_query("SELECT aid, title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE (category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " $uploads_yes) OR aid = '$selected' $only_empty_albums ORDER BY pos");

Silur3D

perfect ;-) it works , BIG THX  8) 8) ;D

Silur3D

The Edit button is now available to all users,
BUT

The album will not be read and that leads to an error message when i save



Αndré

Please check if you applied the mod in include/functions.inc.php correctly.