Location: PHPKode > projects > LySite > lysite/albums.php
<?php
/*----------------------------------------------------------

       LySite
       Brad Landis (hide@address.com)

   Copyright (C) 2005 Brad Landis

   This program is free software; you can redistribute it
   and/or modify it under the terms of the GNU General
   Public License as published by the Free Software
   Foundation; either version 2 of the License, or (at your
   option) any later version.

   This program is distributed in the hope that it will be
   useful, but WITHOUT ANY WARRANTY; without even the
   implied warranty of MERCHANTABILITY or FITNESS FOR A
   PARTICULAR PURPOSE.  See the GNU General Public License
   for more details.
   
   You should have received a copy of the GNU General Public
   License along with this program; if not, write to the
   Free Software Foundation, Inc., 51 Franklin Street, Fifth
   Floor, Boston, MA  02110-1301, USA.

----------------------------------------------------------*/
require("includes.php");
if(can_post())
	$iconlist[] = "||<form action='albums.php'><button type='submit' name='new_album' title='New Album'><img src='icon/album_add.jpg'><span>Add Album</span></button></form>";

ob_start();

if(isset($_POST['album']) && can_post()) {
	$_POST['album_artist'] = htmlentities($_POST['album_artist']);
	$_POST['album_title'] = htmlentities($_POST['album_title']);
	if($_POST['album'] == 'NEW') {
		$query = "INSERT INTO albums SET album_title='$_POST[album_title]',album_artist='$_POST[album_artist]',user_id='".get_user_id()."'".(can_post_without_approval()?",approved='y'":"");
		if(mysql_query($query)) {
			$id = mysql_insert_id();
			if(!empty($_FILES['album_art'])) {
				$ext = explode('.', $_FILES['album_art']['name']);
				$filename = $id . '.' . $ext[count($ext)-1];
				clearstatcache();
				if(@move_uploaded_file($_FILES['album_art']['tmp_name'], "album_art/$filename")) {
					exec("mogrify -resize 60x80 album_art/$filename", $_GET['notice']);
					$query = "UPDATE albums SET album_art='$filename' WHERE aid='$id' LIMIT 1";
					if(!mysql_query($query)) {
						trigger_error(mysql_error());
						$e = true;
					}
				} else trigger_error("Could not move uploaded file. Destination: album_art/$filename");
			}
			log_event("Album Added",NULL,"albums.php?album=".mysql_insert_id());
			$_POST['album'] = $id;
		} else {
			trigger_error(mysql_error());
			$e = true;
		}
	}
	if(!$e) {
		$query = "INSERT INTO album_tracks SET lid='$_POST[song]',track_num='$_POST[track_num]',aid='$_POST[album]',user_id='".get_user_id()."'";
		if($results = mysql_query($query)) {
			header("Location: songs.php?song=$_POST[song]&notice="
			.urlencode("Album information submitted. It may need approval before publicly visible.<br>\n"));
			log_event("Track Added: ".get_song_title($_POST['song']),NULL,"songs.php?song=$_POST[song]");
		} else if(strpos(mysql_error(),"Duplicate") !== false) {
			header("Location: songs.php?song=$_POST[song]&notice=".urlencode("This track has already been entered"));
		} else trigger_error(mysql_error());
	} else {
		header("Location: index.php?notice=There+was+an+error.+Please+try+again+later.");
	}
} else if($_POST['approve_album'] && is_admin_user()) {
	$query = "UPDATE albums SET approved='y' WHERE aid='$_POST[album_id]' LIMIT 1";
	if(mysql_query($query)) {
		log_event("Album Approved",NULL,"songs.php?album=$_POST[album_id]");
		header("Location: albums.php?album=$_POST[album_id]&notice=Album+approved!");
	} else trigger_error(mysql_error());
} else if($_POST['delete_album_sure'] && is_admin_user()) {
	$query[] = "DELETE FROM albums WHERE aid='$_POST[album_id]' LIMIT 1";
	$query[] = "DELETE FROM album_tracks WHERE aid='$_POST[album_id]'";
	foreach($query as $q) {
		if(mysql_query($q)) {
			log_event("Album Deleted",NULL,NULL);
			header("Location: albums.php?notice=Successfully+deleted+album.");
		} else trigger_error(mysql_error());
	}
} else if($_POST['delete_track_sure'] && is_admin_user()) {
	$query = "SELECT lid FROM album_tracks WHERE tid='$_POST[track_id]' LIMIT 1";
	if($result = mysql_query($query)) {
		$line = mysql_fetch_assoc($result);
		$lyric_id = $line['lid'];
	} else trigger_error(mysql_error());
	$query = "DELETE FROM album_tracks WHERE tid='$_POST[track_id]' LIMIT 1";
	if(mysql_query($query)) {
		log_event("Track Deleted",NULL,NULL);
		header("Location: songs.php?notice=Track+deleted&song=$lyric_id");
	} else trigger_error(mysql_error());
} else if(($_POST['new_album'] && can_post()) || (isset($_POST['edit_album_submit']) && is_admin_user())) {
	$_POST['album_artist'] = htmlentities($_POST['album_artist']);
	$_POST['album_title'] = htmlentities($_POST['album_title']);
	if($_POST['new_album'])
		$query = "INSERT INTO albums SET album_title='$_POST[album_title]',album_artist='$_POST[album_artist]',user_id='".get_user_id()."'".(can_post_without_approval()?",approved='y'":"");
	else
		$query = "UPDATE albums SET album_title='$_POST[album_title]', album_artist='$_POST[album_artist]' WHERE aid='$_POST[album_id]' LIMIT 1";
	if(mysql_query($query)) {
		if($_POST['new_album'])
			$id = mysql_insert_id();
		else
			$id = $_POST['album_id'];
		if(!empty($_FILES['album_art'])) {
			$ext = explode('.', $_FILES['album_art']['name']);
			$filename = $id . '.' . $ext[1];
			clearstatcache();
			$upload_success = @move_uploaded_file($_FILES['album_art']['tmp_name'], "album_art/$filename");
			if(!$upload_success)
				$upload_success = @copy($_FILES['album_art']['tmp_name'], "album_art/$filename");
			if($upload_success) {
				exec("mogrify -resize 60x80 album_art/$filename", $_GET['notice']);
				$query = "UPDATE albums SET album_art='$filename' WHERE aid='$id' LIMIT 1";
				if(!mysql_query($query))
					$_GET['notice'] = mysql_error();
			} else trigger_error("Could not move uploaded file. Destination: album_art/$filename");
		}
		if(!$_GET['notice']) {
			log_event("Album Edited",NULL,"albums.php?album=$id");
			header("Location: albums.php?album=$_POST[album_id]");
		}
	} else trigger_error(mysql_error());
}

if(isset($_GET['delete_album']) && is_admin_user()) {
	echo "<p>Are you sure you want to delete this album?</p>\n";
	echo "<form action='albums.php' method='post'>\n<input type='hidden' name='album_id' value='$_GET[album_id]'>\n";
	echo "<input type='submit' name='delete_album_sure' value='Yes'>\n";
	echo "</form>\n";
} else if(isset($_GET['delete_track']) && is_admin_user()) {
	echo "<p>Are you sure you want to delete this track?</p>\n";
	echo "<form action='albums.php' method='post'>\n<input type='hidden' name='track_id' value='$_GET[track_id]'>\n";
	echo "<input type='submit' name='delete_track_sure' value='Yes'>\n";
	echo "</form>\n";
} else if((isset($_GET['new_album']) && can_post()) || (isset($_GET['edit_album']) && is_admin_user())) {
	if(isset($_GET['edit_album'])) {
		if(is_admin_user()) {
			$query = "SELECT * FROM albums WHERE aid='$_GET[album_id]' LIMIT 1";
			if($results = mysql_query($query)) {
				$album = mysql_fetch_assoc($results);
			} else {
				trigger_error(mysql_error());
			}
		} else unset($_GET['edit_album']);
	}
	echo "<form action='albums.php' method='post' enctype='multipart/form-data'>\n<fieldset>";
	if(isset($_GET['edit_album']))
		echo "<legend>Editing $album[album_title]</legend>\n<input type='hidden' name='album_id' value='$album[aid]'>\n";
	else
		echo "<legend>New Album</legend>\n";
	echo "<p><label for='album_artist'>Artist:</label><br>		<input type='text' name='album_artist' maxlength='40' size='20' value='$album[album_artist]'></p>\n";
	echo "<p><label for='album_title'>Album Title:</label><br>	<input name='album_title' type='text' maxlength='60' size='20' value='$album[album_title]'></p>\n";
	echo "<p><label for='album_art'>Album Art:</label><br>		<input type='file' name='album_art'></p>\n";
	if(isset($_GET['edit_album']))
		echo "<input type='submit' name='edit_album_submit' value='Save Changes'>\n";
	else
		echo "<input type='submit' name='new_album' value='Add Album'>\n";
	echo "</fieldset></form>\n";
} else if($_GET['song'] && can_post()) {
	$query = "SELECT * FROM albums ".(!is_admin_user()?"WHERE approved='y' ":"")."ORDER BY approved,album_artist,album_title";
	if($results = mysql_query($query)) {
		$result_size = mysql_num_rows($results);
		if($result_size > 0) {
			$num = 0;
			echo "<script language='JavaScript' type='text/javascript'>\n
album_titles = new Array($result_size+1);
album_artists = new Array($result_size+1);\n";
			while($line = mysql_fetch_assoc($results)) {
				echo "album_titles[$num] = '$line[album_title]';\n";
				echo "album_artists[$num] = '$line[album_artist]';\n";
				$num++;
			}
			echo "album_titles[$num] = '';\nalbum_artists[$num] = '';\n";
			echo 
"function new_album_show() {
	if(document.album_form.album.value==\"NEW\") {
		document.album_form.album_artist.disabled = false;
		document.album_form.album_title.disabled = false;
		document.album_form.album_art.disabled = false;
		document.album_form.album_title.value = '';
		document.album_form.album_artist.value = '';
	} else {
		var i = document.album_form.album.selectedIndex;
		document.album_form.album_title.disabled = true;
		document.album_form.album_artist.disabled = true;
		document.album_form.album_art.disabled = true;
		document.album_form.album_title.value = album_titles[i];
		document.album_form.album_artist.value = album_artists[i];
	}
}
</script>\n";
			mysql_data_seek($results, 0);
		}
		echo "<form name='album_form' action='albums.php' method='post' enctype='multipart/form-data'>\n<fieldset><legend>Adding New Album for ".(get_song_title($_GET['song']))."</legend>\n<input type='hidden' name='song' value='$_GET[song]'>\n";
		echo "<p><label for='album'>Album:</label><br><select name='album' onchange='new_album_show()' tabindex='1'>\n";
		while($line = mysql_fetch_assoc($results)) {
			echo "<option value='$line[aid]'>$line[album_artist] - $line[album_title]\n";
		}
		echo "<option>\n<option value='NEW' selected>New Album</a>";
		echo "</select></p>\n";
	} else {
		trigger_error(mysql_error());
	}
	echo "<div id='new_album'><p><label for='album_artist'>Artist:</label><br><input type='text' name='album_artist' maxlength='40' size='20' tabindex='1'></p>\n";
	echo "<p><label for='album_title'>Album Title:</label><br><input name='album_title' type='text' maxlength='60' size='20' tabindex='1'></p>\n";
	echo "<p><label for='album_art'>Album Art:</label><br><input type='file' name='album_art' tabindex='1'></p>\n</div>\n";
	echo "<p><label for='track_num'>Track Number:</label><br><input type='text' name='track_num' size='5' maxlength='3' tabindex='1'></p>\n";
	echo "<p><input type='submit' value='Submit' tabindex='1'></p>\n</form>\n";
} else if($_GET['album']) {
	$query = "SELECT albums.* FROM albums WHERE aid='$_GET[album]' LIMIT 1";
	if($results = mysql_query($query)) {
		if(mysql_num_rows($results) > 0) {
			echo "<table class='block'>\n";
			$album = mysql_fetch_assoc($results);
			
			echo "<tr".($album['approved'] != 'y'?" class='unapproved'":"")."><td style='text-align:right;'><img src='album_art/$album[album_art]' class='album_art'><td>$album[album_title]<br>$album[album_artist]\n".submitted_by($album['user_id']);
		}
		if(is_admin_user()) {
			$iconlist[] = "<form action='albums.php'>\n<input type='hidden' name='album_id' value='$album[aid]'>\n"
			.($album['approved'] != 'y'?"<button type='submit' name='approve_album' title='Approve Album'><img src='icon/album_approve.jpg'><span>Approve Album</span></button>\n":"")
			."<button type='submit' name='edit_album' title='Edit This Album'><img src='icon/album_edit.jpg'><span>Edit Album</span></button>\n"
			."<button type='submit' name='delete_album' title='Delete This Album'><img src='icon/album_delete.jpg'><span>Delete Album</span></button>\n"
			."</form>\n";
		}
	} else {
		trigger_error(mysql_error());
	}
	$query = "SELECT lyrics.*,track_num,tid FROM album_tracks,lyrics WHERE ".(!is_admin_user()?"(approved='y' OR lyrics.user_id='".get_user_id()."') AND ":"")."aid='$_GET[album]' AND album_tracks.lid=lyrics.lid ORDER BY track_num";
	if($results = mysql_query($query)) {
		if(mysql_num_rows($results) > 0) {
			echo "<div id='list'><h2>Tracks with Lyrics</h2>\n";
			while($line = mysql_fetch_assoc($results)) {
				echo "<span>#$line[track_num]</span> <a href='songs.php?song=$line[lid]' title='$line[title]".($line['author'] != ""?" ($line[author])":"")."'".($line['approved'] != 'y'?" class='unapproved'":"").">$line[title]</a>".(is_admin_user()?"<a href='albums.php?delete_track=&track_id=$line[tid]' title='Delete Track'><img src='icon/small_delete.jpg'></a>":"")."<br>\n";
			}
			echo "</div>\n";
		} else {
			notice("No songs found.");
		}
	} else {
		trigger_error(mysql_error());
	}
} else {
	$query = "SELECT * FROM albums ".(!is_admin_user()?"WHERE (approved='y' OR user_id='".get_user_id()."') ":'')."ORDER BY ".($_GET['order_by'] == "artist"?"album_artist,album_title":"album_title,album_artist");
	if($results = mysql_query($query)) {
		echo "<h2>Album List</h2>\n";
		while($line = mysql_fetch_assoc($results)) {
			echo "<p".($line['approved'] != 'y'?" class='unapproved'":"")." style='clear:both;'><img src='album_art/$line[album_art]' style='display:block; float:left; padding:1px 8px 4px 0px; clear:both;'><a href='albums.php?album=$line[aid]'>$line[album_title]</a><br>\n$line[album_artist]\n";
		}
	} else {
		trigger_error(mysql_error());
	}
}

$content = ob_get_contents();
ob_end_clean();
include('header.php');
echo $content;
include('footer.php');
?>
Return current item: LySite