diff --git a/lib/Artwork.php b/lib/Artwork.php index 5074fc48..def90413 100644 --- a/lib/Artwork.php +++ b/lib/Artwork.php @@ -296,6 +296,16 @@ class Artwork extends PropertiesBase{ return true; } + // TODO: Remove this once all legacy artworks are cleaned up and approved. + // Editors can edit approved artwork that has the 'todo' tag. + if($user->Benefits->CanReviewArtwork){ + foreach($this->Tags as $tag){ + if($tag->Name == 'todo'){ + return true; + } + } + } + if(($user->Benefits->CanReviewArtwork || $user->UserId == $this->SubmitterUserId) && ($this->Status == ArtworkStatus::Unverified || $this->Status == ArtworkStatus::Declined)){ // Editors can edit an artwork, and submitters can edit their own artwork, if it's not yet approved. return true; @@ -395,8 +405,11 @@ class Artwork extends PropertiesBase{ } foreach($this->Tags as $tag){ - if(strlen($tag->Name) > ARTWORK_MAX_STRING_LENGTH){ - $error->Add(new Exceptions\StringTooLongException('Artwork Tag: '. $tag->Name)); + try{ + $tag->Validate(); + } + catch(Exceptions\ValidationException $ex){ + $error->Add($ex); } } diff --git a/lib/ArtworkTag.php b/lib/ArtworkTag.php index f636230e..5ef65b37 100644 --- a/lib/ArtworkTag.php +++ b/lib/ArtworkTag.php @@ -1,5 +1,15 @@ _Name = + // } + // ******* // GETTERS // ******* @@ -15,15 +25,29 @@ class ArtworkTag extends Tag{ // ******* // METHODS // ******* - protected function Validate(): void{ + public function Validate(): void{ $error = new Exceptions\ValidationException(); + $this->Name = mb_strtolower(trim($this->Name)); + // Collapse spaces into one + $this->Name = preg_replace('/[\s]+/ius', ' ', $this->Name); + if(strlen($this->Name) == 0){ - $error->Add(new Exceptions\InvalidArtworkTagException()); + $error->Add(new Exceptions\InvalidArtworkTagNameException()); } - if($this->Url === null || strlen($this->Url) == 0){ - $error->Add(new Exceptions\InvalidArtworkTagException()); + if(strlen($this->Name) > ARTWORK_MAX_STRING_LENGTH){ + $error->Add(new Exceptions\StringTooLongException('Artwork tag: '. $this->Name)); + } + + if(preg_match('/[^\sa-z0-9]/ius', $this->Name)){ + $error->Add(new Exceptions\InvalidArtworkTagNameException()); + } + + // TODO: Remove this once all legacy artworks are cleaned up and approved. + // 'todo' is a reserved tag for legacy artworks. + if($this->Name == 'todo'){ + $error->Add(new Exceptions\InvalidArtworkTagNameException()); } if($error->HasExceptions){ diff --git a/lib/Exceptions/InvalidArtworkTagNameException.php b/lib/Exceptions/InvalidArtworkTagNameException.php new file mode 100644 index 00000000..dba53335 --- /dev/null +++ b/lib/Exceptions/InvalidArtworkTagNameException.php @@ -0,0 +1,6 @@ + $default * @return array */ public static function GetArray(string $variable): ?array{ diff --git a/www/artworks/post.php b/www/artworks/post.php index 7bc91a32..a07b21f7 100644 --- a/www/artworks/post.php +++ b/www/artworks/post.php @@ -37,7 +37,7 @@ try{ } // Confirm that we have an image and that it came from POST - if(isset($_FILES['artwork-image']) && (!is_uploaded_file($_FILES['artwork-image']['tmp_name']) || $_FILES['artwork-image']['error'] > UPLOAD_ERR_OK)){ + if(isset($_FILES['artwork-image']) && (!is_uploaded_file($_FILES['artwork-image']['tmp_name']) || $_FILES['artwork-image']['error'] > UPLOAD_ERR_OK || $_FILES['artwork-image']['size'] > 0)){ throw new Exceptions\InvalidImageUploadException(); } @@ -76,17 +76,20 @@ try{ } // Confirm that we have an image and that it came from POST - if(isset($_FILES['artwork-image'])){ + $imagePath = null; + if(isset($_FILES['artwork-image']) && $_FILES['artwork-image']['size'] > 0){ if(!is_uploaded_file($_FILES['artwork-image']['tmp_name']) || $_FILES['artwork-image']['error'] > UPLOAD_ERR_OK){ throw new Exceptions\InvalidImageUploadException(); } + + $imagePath = $_FILES['artwork-image']['tmp_name'] ?? null; } else{ // No uploaded file as part of this edit, so retain the MimeType of the original submission. $artwork->MimeType = $originalArtwork->MimeType; } - $artwork->Save($_FILES['artwork-image']['tmp_name'] ?? null); + $artwork->Save($imagePath); $_SESSION['artwork'] = $artwork; $_SESSION['artwork-saved'] = true; diff --git a/www/bulk-downloads/collection.php b/www/bulk-downloads/collection.php index 772c97bc..9749a34d 100644 --- a/www/bulk-downloads/collection.php +++ b/www/bulk-downloads/collection.php @@ -5,7 +5,7 @@ use function Safe\preg_replace; $canDownload = false; $class = HttpInput::Str(GET, 'class'); -if($class != 'authors' && $class != 'collections' && $class != 'subjects' && $class != 'months'){ +if($class === null || ($class != 'authors' && $class != 'collections' && $class != 'subjects' && $class != 'months')){ Template::Emit404(); } diff --git a/www/css/artwork.css b/www/css/artwork.css index 6bd13b25..5a3ec29f 100644 --- a/www/css/artwork.css +++ b/www/css/artwork.css @@ -183,7 +183,7 @@ form div.footer{ main h1 ~ a[href^="/images/cover-uploads"], .artworks h1 ~ a[href^="/images/cover-uploads"], -main section.narrow h1 + picture{ +main section.narrow h1 ~ picture{ width: auto; line-height: 0; }