EditMultiplePage.php at Kwalbum

<?php
/**
 * @package kwalbum
 * @version 2.1.1
 * @since 2.0
 */
require_once 'include/IPage.php';

class EditMultiplePage implements IPage
{
	private $title;
	// rows & cols are stored locally because cols is always 1 here but not in $URLP
	private $numRows, $numColumns;

	function GetHead(&$title)
	{
		if (!USER_CAN_ADD)
			return;

		global $URLP, $DB, $P;

		if (isset($P['act']) and isset($P['id']))
		{
			require_once 'include/funcChangeDate.php';
			require_once 'include/funcChangeTime.php';
			require_once 'include/funcChangeContributor.php';
			require_once 'include/funcChangeDescription.php';
			require_once 'include/funcChangeVisibility.php';

			$allLoc = $DB->FilterString($P['loc']);
			$allTags = $DB->FilterString($P['tags']);
			$allPeople = $DB->FilterString($P['people']);
			$allDate = $P['allDate']; // filtered in ChangeDate()
			$allTime = $P['allTime']; // filtered in ChangeTime()
			$allVis = (int)$P['allVis'];

			foreach($P['id'] as $id)
			{
				$id = (int)$id;
				if (1 > $id)
					continue;

				if (false == USER_IS_ADMIN)
				{
					$query = 'SELECT ItemUserIdFk FROM '.ITEM_TABLE.
						" WHERE ItemId='$id' AND ItemUserIdFk='".USER_ID."'";
					if (0 == $DB->Query($query)->num_rows)
						continue;
				}

				$date = $P['date'][$id]; // filtered in ChangeDate()
				$time = $P['time'][$id]; // filtered in ChangeTime()
				$orderby = $DB->FilterString($P['orderby'][$id]);
				$desc = $DB->FilterString($P['desc'][$id], true);
				$vis = (int)$P['vis'][$id];
				$cont = (int)@$P['cont'][$id];

				if (isset($P['del'][$id]))
				{
					require_once 'include/funcDeleteItem.php';
					DeleteItem($id, false);
				}
				elseif (isset($P['all'][$id]))
				{
					if ($allLoc)
					{
						require_once 'include/funcChangeLocation.php';
						ChangeLocation($id, $allLoc, false);
					}
					if ($allTags)
					{
						require_once 'include/funcAppendTags.php';
						AppendTags($id, $allTags);
					}
					if ($allPeople)
					{
						require_once 'include/funcAppendPeople.php';
						AppendPeople($id, $allPeople);
					}
					if ($allDate)
						ChangeDate($id, $allDate, false);
					if ($allTime)
						ChangeTime($id, $allTime, false);
					if (-1 < $allVis)
					{
						ChangeVisibility($id, $allVis, false);
					}
				}
				else
				{
					// change OrderBy if the date and time haven't changed
					// (user permission checking has already been taken care of)
					$query = 'SELECT ItemDate, ItemTime, ItemOrderBy FROM ' . ITEM_TABLE .
					" WHERE ItemId='$id'" .
					" LIMIT 1";
					$result = $DB->Query($query);
					if ($row = @$result->fetch_array())
					{
						if (0 == strcmp($row[0], $date) and 0 == strcmp($row[1], $time) and 0 != strcmp($row[2], $orderby))
						{
							if ('' == $orderby)
								echo $orderby = $date.' '.$time;
							$orderby = explode(' ', $orderby);
							$dt = explode('-', @$orderby[0]);
							$tm = explode(':', @$orderby[1]);
							$orderby = @((int)$dt[0].'-'.(int)$dt[1].'-'.(int)$dt[2].' '.(int)$tm[0].':'.(int)$tm[1].':'.(int)$tm[2]);
							$DB->UpdateSingle(ITEM_TABLE, 'ItemOrderBy', "'$orderby'", "ItemId='$id'");
						}
					}
					ChangeDate($id, $date, false);
					ChangeTime($id, $time, false);
					ChangeVisibility($id, $vis, false);
				}
				ChangeDescription($id, $desc, false);
				if (USER_IS_ADMIN)
					ChangeContributor($id, $cont, false);
			}
		}

		$this->numRows = $URLP->numRows*$URLP->numColumns;
		$this->numColumns = 1;
		$this->title = $title = $URLP->GetTitle().': Edit Multiple Items';
		return '<script type="text/javascript" language="javascript" SRC="ajax/scriptaculous/prototype.js"></script>' .
			'<script type="text/javascript" language="javascript" src="ajax/scriptaculous/scriptaculous.js"></script>'.
			'<script type="text/javascript" language="javascript" SRC="ajax/addFavorite.js"></script>'.
			'<link href="styles/edit.css" rel="stylesheet" type="text/css" />';
	}

	function ShowBody()
	{
		if (!USER_CAN_ADD)
		{
			if (TEST_MODE)
				echo '<p class="error">Invalid Permissions.</p>';
			return;
		}

		global $DB, $URLP, $G;
		$numRows = $this->numRows;
		$numColumns = $this->numColumns;

		// get contributor info
		$contributors = array();
		$contributors[0] = 'unknown';
		$query = 'SELECT UserId, UserTitle FROM '.USER_TABLE.' WHERE UserCanAdd=1 OR UserIsAdmin=1' .
			' ORDER BY UserTitle ASC';
		$result = $DB->Query($query);
		while ($row = $result->fetch_array())
		{
			$contributors[$row['UserId']] = $row['UserTitle'];
		}

		// get item info
		$query = 'SELECT ItemId, ItemUserIdFk, ItemPath, ItemFilename, ItemDate, ItemTime, ItemOrderBy, ItemTypeId, ItemDescription, ItemIsHidden, Location' .
			' FROM ' . ITEM_TABLE.','.LOCATION_TABLE . $URLP->GetWhereQuery() .
			($URLP->GetWhereQuery() ? ' AND ' : ' WHERE ').
			' LocationId=ItemLocationIdFk'.
			' ORDER BY ItemOrderBy, ItemId' .
			' LIMIT '.($numColumns*$numRows).
			' OFFSET '.($numColumns*$numRows*($URLP->GetPageNumber()-1));
		$result = $DB->query($query);
		$numPics = $result->num_rows;

		$title = $this->title;
		$prevLinks = strtr($URLP->GetPrevPageLink(), array('n=' => 'p=EditMultiple&amp;n='));
		$pageNumberLinks = strtr($URLP->GetPageNumberLinks(), array('n=' => 'p=EditMultiple&amp;n='));
		$nextPageLinks = strtr($URLP->GetNextPageLink(), array('n=' => 'p=EditMultiple&amp;n='));
		$extendedURL = $URLP->GetExtendedURL();

		require 'EditMultiplePage.html.php';
	}
}