array()); // Type 0 => input // 1 => album list // 2 => text_area // 3 => picture information $captionLabel = $lang_editpics_php['desc']; if ($CONFIG['show_bbcode_help']) {$captionLabel .= '

'.$lang_bbcode_help;} $data = array( array($lang_editpics_php['pic_info'], '', 3), array($lang_editpics_php['album'], 'aid', 1), array($lang_editpics_php['title'], 'title', 0, 255), array($captionLabel, 'caption', 2, $CONFIG['max_img_desc_length']), array($lang_editpics_php['keywords'], 'keywords', 0, 255), array($CONFIG['user_field1_name'], 'user1', 0, 255), array($CONFIG['user_field2_name'], 'user2', 0, 255), array($CONFIG['user_field3_name'], 'user3', 0, 255), array($CONFIG['user_field4_name'], 'user4', 0, 255), array('', '', 4) ); function get_post_var($var, $pid) { global $HTTP_POST_VARS, $lang_errors; $var_name = $var.$pid; if(!isset($HTTP_POST_VARS[$var_name])) cpg_die(CRITICAL_ERROR, $lang_errors['param_missing']." ($var_name)", __FILE__, __LINE__); return $HTTP_POST_VARS[$var_name]; } function process_post_data() { global $HTTP_POST_VARS, $CONFIG; global $user_albums_list, $lang_errors; $user_album_set = array(); foreach($user_albums_list as $album) $user_album_set[$album['aid']] = 1; if (!is_array($HTTP_POST_VARS['pid'])) cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__); $pid_array = &$HTTP_POST_VARS['pid']; foreach($pid_array as $pid){ $pid = (int)$pid; $aid = (int)get_post_var('aid', $pid); $title = get_post_var('title', $pid); $caption = get_post_var('caption', $pid); $keywords = get_post_var('keywords', $pid); $user1 = get_post_var('user1', $pid); $user2 = get_post_var('user2', $pid); $user3 = get_post_var('user3', $pid); $user4 = get_post_var('user4', $pid); $delete = isset($HTTP_POST_VARS['delete'.$pid]); $reset_vcount = isset($HTTP_POST_VARS['reset_vcount'.$pid]); $reset_votes = isset($HTTP_POST_VARS['reset_votes'.$pid]); $del_comments = isset($HTTP_POST_VARS['del_comments'.$pid]) || $delete; $query = "SELECT category, filepath, filename FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='$pid'"; $result = db_query($query); if (!mysql_num_rows($result)) cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); $pic = mysql_fetch_array($result); mysql_free_result($result); if (!GALLERY_ADMIN_MODE) { if ($pic['category'] != FIRST_USER_CAT + USER_ID) cpg_die(ERROR, $lang_errors['perm_denied']."
(picture category = {$pic['category']}/ $pid)", __FILE__, __LINE__); if (!isset($user_album_set[$aid])) cpg_die(ERROR, $lang_errors['perm_denied']."
(target album = $aid)", __FILE__, __LINE__); } $update = "aid = '".$aid."'"; $update .= ", title = '".addslashes($title)."'"; $update .= ", caption = '".addslashes($caption)."'"; $update .= ", keywords = '".addslashes($keywords)."'"; $update .= ", user1 = '".addslashes($user1)."'"; $update .= ", user2 = '".addslashes($user2)."'"; $update .= ", user3 = '".addslashes($user3)."'"; $update .= ", user4 = '".addslashes($user4)."'"; if (is_movie($pic['filename'])) { $pwidth = get_post_var('pwidth', $pid); $pheight = get_post_var('pheight', $pid); $update .= ", pwidth = " . (int) $pwidth; $update .= ", pheight = " . (int) $pheight; } if ($reset_vcount) $update .= ", hits = '0'"; if ($reset_votes) $update .= ", pic_rating = '0', votes = '0'"; if (UPLOAD_APPROVAL_MODE) { $approved = get_post_var('approved', $pid); if ($approved == 'YES') { $update .= ", approved = 'YES'"; } elseif ($approved == 'DELETE') { $del_comments = 1; $delete = 1; } } if ($del_comments) { $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid'"; $result =db_query($query); } if ($delete) { $dir=$CONFIG['fullpath'].$pic['filepath']; $file=$pic['filename']; if (!is_writable($dir)) cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], $dir), __FILE__, __LINE__); $files=array($dir.$file, $dir.$CONFIG['normal_pfx'].$file, $dir.$CONFIG['thumb_pfx'].$file); foreach ($files as $currFile){ if (is_file($currFile)) @unlink($currFile); } $query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='$pid' LIMIT 1"; $result = db_query($query); } else { $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET $update WHERE pid='$pid' LIMIT 1"; $result = db_query($query); } } } function form_label($text) { global $CURENT_PIC; echo << $text EOT; } function form_pic_info($text) { global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG, $lang_byte_units, $lang_editpics_php; if (!is_movie($CURRENT_PIC['filename'])) { $pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], ($CURRENT_PIC['filesize'] >> 10), $CURRENT_PIC['hits'], $CURRENT_PIC['votes']); } else { $pic_info = sprintf($lang_editpics_php['pic_info_str'], '', '', ($CURRENT_PIC['filesize'] >> 10), $CURRENT_PIC['hits'], $CURRENT_PIC['votes']); } if (UPLOAD_APPROVAL_MODE) { // Commented out by Omni; Duplicate of above //$pic_info = $CURRENT_PIC['pwidth'].' × '.$CURRENT_PIC['pheight'].' - '.($CURRENT_PIC['filesize'] >> 10).$lang_byte_units[1]; if($CURRENT_PIC['owner_name']){ $pic_info .= ' - '.$CURRENT_PIC['owner_name'].''; } } $thumb_url = get_pic_url($CURRENT_PIC, 'thumb'); $thumb_link = 'displayimage.php?&pos='.(-$CURRENT_PIC['pid']); $filename = htmlspecialchars($CURRENT_PIC['filename']); echo << $filename $text $pic_info

EOT; } function form_options() { global $CURRENT_PIC, $lang_editpics_php; if (UPLOAD_APPROVAL_MODE) { echo << {$lang_editpics_php['approve']} {$lang_editpics_php['postpone_app']} {$lang_editpics_php['del_pic']} EOT; } else { echo << {$lang_editpics_php['del_pic']} {$lang_editpics_php['reset_view_count']} {$lang_editpics_php['reset_votes']} {$lang_editpics_php['del_comm']} EOT; } } function form_input($text, $name, $max_length,$field_width=100) { global $CURRENT_PIC; $value = $CURRENT_PIC[$name]; $name .= $CURRENT_PIC['pid']; if ($text == '') { echo " \n"; return; } echo << $text EOT; } function form_alb_list_box($text, $name) { global $CONFIG, $CURRENT_PIC; global $user_albums_list, $public_albums_list; $sel_album = $CURRENT_PIC['aid']; $name .= $CURRENT_PIC['pid']; echo << $text EOT; } function create_form(&$data) { foreach($data as $element){ if ((is_array($element))) { switch($element[2]){ case 0 : form_input($element[0], $element[1], $element[3]); break; case 1 : form_alb_list_box($element[0], $element[1]); break; case 2 : form_textarea($element[0], $element[1], $element[3]); break; case 3 : form_pic_info($element[0]); break; case 4 : form_options(); break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation', __FILE__, __LINE__); } // switch } else { form_label($element); } } } function get_user_albums($user_id) { global $CONFIG, $USER_ALBUMS_ARRAY, $user_albums_list; if (!isset($USER_ALBUMS_ARRAY[$user_id])) { $user_albums = db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='".(FIRST_USER_CAT + $user_id)."' ORDER BY title"); if (mysql_num_rows($user_albums)) { $user_albums_list=db_fetch_rowset($user_albums); } else { $user_albums_list = array(); } mysql_free_result($user_albums); $USER_ALBUMS_ARRAY[$user_id] = $user_albums_list; } else { $user_albums_list = &$USER_ALBUMS_ARRAY[$user_id]; } } if (GALLERY_ADMIN_MODE) { $public_albums = db_query("SELECT DISTINCT aid, title, IF(category = 0, CONCAT('> ', title), CONCAT(name,' < ',title)) AS cat_title FROM {$CONFIG['TABLE_ALBUMS']}, {$CONFIG['TABLE_CATEGORIES']} WHERE category < '" . FIRST_USER_CAT . "' AND (category = 0 OR category = cid) ORDER BY cat_title"); if (mysql_num_rows($public_albums)) { $public_albums_list=db_fetch_rowset($public_albums); } else { $public_albums_list = array(); } mysql_free_result($public_albums); } else { $public_albums_list = array(); } get_user_albums(USER_ID); if (count($HTTP_POST_VARS)) process_post_data(); $start = isset($HTTP_GET_VARS['start']) ? (int)$HTTP_GET_VARS['start'] : 0; $count = isset($HTTP_GET_VARS['count']) ? (int)$HTTP_GET_VARS['count'] : 25; $next_target = $PHP_SELF.'?album='.$album_id.'&start='.($start+$count).'&count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&mode=upload_approval":""); $prev_target = $PHP_SELF.'?album='.$album_id.'&start='.max(0,$start-$count).'&count='.$count.((UPLOAD_APPROVAL_MODE==1)?"&mode=upload_approval":""); $s50 = $count == 50 ? 'selected' : ''; $s75 = $count == 75 ? 'selected' : ''; $s100 = $count == 100 ? 'selected' : ''; if (UPLOAD_APPROVAL_MODE) { $result=db_query("SELECT count(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'NO'"); $nbEnr = mysql_fetch_array($result); $pic_count = $nbEnr[0]; // Update user names for pictures $sql = "SELECT pid, owner_id FROM {$CONFIG['TABLE_PICTURES']} WHERE owner_id != 0 AND owner_name = ''"; $result = db_query($sql); while($row = mysql_fetch_array($result)){ if(defined('UDB_INTEGRATION')){ $owner_name = udb_get_user_name($row['owner_id']); } else { $result2 = db_query("SELECT user_name FROM {$CONFIG['TABLE_USERS']} WHERE user_id = '".$row['owner_id']."'"); if (mysql_num_rows($result2)){ $row2 = mysql_fetch_array($result2); mysql_free_result($result2); $owner_name = $row2['user_name']; } else { $owner_name = ''; } } if($owner_name){ db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET owner_name = '$owner_name' WHERE pid = {$row['pid']} LIMIT 1"); } else { db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET owner_id = 0 WHERE pid = {$row['pid']} LIMIT 1"); } } mysql_free_result($result); $sql = "SELECT * ". "FROM {$CONFIG['TABLE_PICTURES']} ". "WHERE approved = 'NO' ". "ORDER BY pid ". "LIMIT $start, $count"; $result = db_query($sql); $form_target = $PHP_SELF.'?mode=upload_approval&start='.$start.'&count='.$count; $title = $lang_editpics_php['upl_approval']; } else { $result=db_query("SELECT count(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '$album_id'"); $nbEnr = mysql_fetch_array($result); $pic_count = $nbEnr[0]; mysql_free_result($result); $result = db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '$album_id' ORDER BY filename LIMIT $start, $count"); $form_target = $PHP_SELF.'?album='.$album_id.'&start='.$start.'&count='.$count; $title = $lang_editpics_php['edit_pics']; } if (!mysql_num_rows($result)) cpg_die(INFORMATION, $lang_errors['no_img_to_display'], __FILE__, __LINE__); if ($start + $count < $pic_count) { $next_link = "{$lang_editpics_php['see_next']} - "; } else { $next_link = ''; } if ($start > 0) { $prev_link = "{$lang_editpics_php['see_prev']} - "; } else { $prev_link = ''; } $pic_count_text = sprintf($lang_editpics_php['n_pic'], $pic_count); pageheader($title); starttable("100%", $title, 3); echo << function textCounter(field, maxlimit) { if (field.value.length > maxlimit) // if too long...trim it! field.value = field.value.substring(0, maxlimit); } EOT; $mode= (UPLOAD_APPROVAL_MODE==1) ? "&mode=upload_approval":""; echo <<