Location: PHPKode > projects > PHPEcho CMS > modules/admin/modules/gallery.php
<?php
/*  +--------------------------------------------
*   |
*   |     Product:       PHPEchoCMS
*   |     Author:        Tigran Abrahamyan
*   |     License:       GPL
*   |     Last updated:  16.02.07
*   |     For version:   1.6  
*   |     Desc:          Module for working with gallery module
*   |        
*   +--------------------------------------------
*/

if( !ADMIN_LOAD )
{
    die( "Base not loaded!" );
}

$mlang = $core->getlang("admin_gallery");

echo "<Br /><center><a href='index.php?module=admin&act=gallery'>".$mlang['001']."</a> | <a href='index.php?module=admin&act=gallery&op=photos'>".$mlang['002']."</a></center><br />";

function show_gallery_admin ($lang)
{
    $mlang = $lang;

    switch ( @$_GET['op'] )
    {
        case "photos":
            return photo_list($mlang);
            break;
        default:
            return cats($mlang);
    }
}

function photo_list($lang)
{
    $mlang = $lang;

    $content = "<center><a href='index.php?module=admin&act=gallery&op=photos&act2=photolist'>".$mlang['002']."</a></center>";
    
    if ( @$_GET['act2'] == "addphoto" && $_GET['op'] == "photos" && $_GET['catid'])
    {
        if ( @$_POST['photoname'] && $_FILES['link']['tmp_name'] && $_POST['author'] )
	{
	  if ($_FILES['link']['type'] == "jpeg" || $_FILES['link']['type'] == "image/jpeg") 		// accept only jpeg images
	  {
             $hash = substr(md5(rand(1000000000,9999999999)),0,16);
	     copy ($_FILES['link']['tmp_name'], "uploads/img-".$hash);
	     query ("INSERT INTO `".PREFIX."gallery` VALUES (null, '".addslashes($_POST['photoname'])."', 'img-".$hash."', '".addslashes($_POST['author'])."', '".addslashes($_POST['catid'])."')", 1);
	   // Save a thumnail of the picture with maximum size (150px X 150px)
       	   // Check the safemode
	   if (!(@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on"))
	   {
		$imgfile = "uploads/img-".$hash;
	     	$tmpimg = "uploads/simg-".$hash.".tmp";
	     	$newfile = "uploads/simg-".$hash;
	     	system("djpeg ".$imgfile." >".$tmpimg);
	     	system("pnmscale -xy 150 150 ".$tmpimg." | cjpeg -smoo 10 -qual 50 >".$newfile);
	     	unlink ($tmpimg);
             	$content .= "<br>".$mlang['004'];
	   }
	   else
	   {
	     	$im = ImageCreateFromJPEG("uploads/img-".$hash);
		$xs = imagesx($im);
		$ys = imagesy($im);
		if ($xs >= $ys)
		{
			$xs2 = 150;
			$ys2 = intval($ys * 150 / $xs);
		}
		else
		{
			$xs2 = intval($xs * 150 / $ys);
			$ys2 = 150;
		}
		$thumb = ImageCreate($xs2, $ys2);
		@ImageCopyResized($thumb, $im, 0, 0, 0, 0, $xs2, $ys2, $xs, $ys);
		ImageJPEG($thumb, "uploads/simg-".$hash);
		ImageDestroy($im);
		ImageDestroy($thumb);
	   }
          }
	  else
		$content .= "<br>".$mlang['024'];
	}
       else
       {
          $content .= "
          <form enctype='multipart/form-data'  action='index.php?module=admin&act=gallery&op=photos&act2=addphoto&catid="
	   .$_GET['catid']."' method=post>
	  <h3><u>".$mlang['003']."</u></h3>
          <input type=hidden name='MAX_FILE_SIZE' value=1000000>
	  ".$mlang['005']."<input type='text' name='photoname' size=40><Br/>
          ".$mlang['006']."<input type='file' name='link' size=40><Br/>
          ".$mlang['007']."<input type='text' name='author' size=40><Br/>
	  <input type=hidden name='catid' value='".$_GET['catid']."'>
          <input type='submit' value='".$mlang['009']."'>
          </form>
          ";
	}    
    }
    elseif ( @$_GET['act2'] == "editphoto" && $_GET['id'])
    {
        if ($_POST['id'] && $_POST['title'] && $_POST['author'])
	{
		query ("update `".PREFIX."gallery` set `title`='".addslashes($_POST['title'])."', `author`='".addslashes($_POST['author'])
		."' where `id`=".addslashes($_POST['id']), 1);
		$content .= $mlang['010'];
	}
	else
	{
		$photo_exist = query ("select * from `".PREFIX."gallery` where `id`=".addslashes($_GET['id']), 4);
		if ($photo_exist['id'] == $_GET['id'])
		{
			$content .= "<form action=index.php?module=admin&act=gallery&op=photos&act2=editphoto&id=".$_GET['id']." method=post>";
			$content .= "<br><input type=hidden name=id value=".$_GET['id'].">";
			$content .= $mlang['005']."<input type=text size=40 name=title value='".$photo_exist['title']."'><br>";
			$content .= $mlang['007']."<input type=text size=40 name=author value='".$photo_exist['author']."'><br>";
			$content .= "<input type=submit value='".$mlang['015']."'></form>";
		}
	}
    }
    elseif ( @$_GET['act2'] == "deletephoto" && $_GET['id'])
    {
        $img_exists = query ("select * from `".PREFIX."gallery` where `id`=".addslashes($_GET['id']), 4);
	if ($img_exists['id'] == $_GET['id'])
	{
		unlink ("uploads/".$img_exists['link']);
		unlink ("uploads/s".$img_exists['link']);
		query ("DELETE FROM `".PREFIX."gallery` WHERE `id` = '".addslashes($_GET['id'])."'", 1);
        	$content .= "<br>".$mlang['011'];
	}
    }
    else
    {
        $list = query ("SELECT * FROM ".PREFIX."gallery order by `id` desc", 1);
        
        $content .= "<br>
        <table width='100%'>
        <tr>
            <td width='5%'>
            <b>#</b>
            </td>
            <td width='40%'>
            <b>".$mlang['012']."</b>
            </td>
            <td width='20%'>
            <center><b>".$mlang['013']."</b></center>
            </td>
            <td width='15%'>
            <center><b>".$mlang['014']."</b></center>
            </td>
            <td width='10%'>
            <center><b>".$mlang['015']."</b></center>
            </td>
            <td width='10%'>
            <center><b>".$mlang['016']."</b></center>
            </td>
        </tr>
        ";
        
        while ( $photo = mysql_fetch_array ( $list ) )
        {
            $content .= "
            <table width='100%'>
            <tr>
                <td width='5%'>
                ".$photo['id']."
                </td>
                <td width='40%'>
                ".$photo['title']."
                </td>
                <td width='20%'>
                <center>".$photo['author']."</center>
                </td>
                <td width='15%'>
                <center>".$photo['cat']."</center>
                </td>
                <td width='10%'>
                <center><a href='index.php?module=admin&act=gallery&op=photos&act2=editphoto&id=".$photo['id']."'>".$mlang['015']."</a></center>
                </td>
                <td width='10%'>
                <center><a href='index.php?module=admin&act=gallery&op=photos&act2=deletephoto&id=".$photo['id']."'>".$mlang['016']."</a></center>
                </td>
            </tr>
            ";
        }
                
        $content .= "</table>";   
    }
    
    return $content;
}
function cats($lang)
{
    $mlang = $lang;

    $content = "<center><a href='index.php?module=admin&act=gallery&op=addcat'>".$mlang['017']."</a></center>";
    
    $catlist = query ("SELECT * FROM ".PREFIX."gallery_cats", 1);
      
    if ( @$_GET['op'] == "editcat" && $_GET['id'] )
    {
        $cat = query ("SELECT * FROM `".PREFIX."gallery_cats` WHERE `id` = '".addslashes($_GET['id'])."'", 4);
        
        if ($cat['id'])
        {
            if ($_POST['catname'])
            {
                query ("UPDATE `".PREFIX."gallery_cats` SET `name` = '".addslashes($_POST['catname'])."' WHERE `id` = '".$cat['id']."'", 1);    
                $catlist = query ("SELECT * FROM ".PREFIX."gallery_cats", 1);
		$content .= "<br>".$mlang['022']."<br><br>";
            }
            else
	    {
            	$content .= "
            	<form action='index.php?module=admin&act=gallery&op=editcat&id=".$cat['id']."' method='post'>
            	".$mlang['018'].":&nbsp;<input type='text' name='catname' value='".$cat['name']."'> <br />
            	<input type='submit' value='".$mlang['015']."'>
            	</form><br>
            	";
	    }
        }
    }
    elseif ( @$_GET['op'] == "deletecat" && $_GET['id'] )
    {
        query ("DELETE FROM `".PREFIX."gallery_cats` WHERE `id` = '".addslashes($_GET['id'])."'", 1);
        $catlist = query ("SELECT * FROM ".PREFIX."gallery_cats", 1);
	$content .= "<br>".$mlang['023']."<br><br>";
    }
    elseif ( @$_GET['op'] == "addcat" )
    {
        if ( $_POST ['catname'] )
        {
            query ("INSERT INTO `".PREFIX."gallery_cats` VALUES (null, '".addslashes($_POST ['catname'])."')", 1);
            $catlist = query ("SELECT * FROM ".PREFIX."gallery_cats", 1);
	    $content .= "<br>".$mlang['021']."<br><br>";
        }
	else
	{
        	$content .= "
        	<form action='index.php?module=admin&act=gallery&op=addcat' method='post'>
        	".$mlang['018'].":&nbsp;<input type='text' name='catname'>
        	<input type='submit' value='".$mlang['009']."'>
        	</form><br>
        	";
	}
    }
else
{    
    $content .= "<br>".$mlang['025']."<br><br>
    <center><table width='100%'>
    <tr>
        <td width='5%'>
        <b>#</b>
        </td>
        <td width='50%'>
        <b>".$mlang['018']."</b>
        </td>
        <td width='20%'>
        <center><b>".$mlang['019']."</b></center>
        </td>
        <td width='20%'>
        <center><b>".$mlang['020']."</b></center>
        </td>
    </tr>
    ";
    
    while ($cat = mysql_fetch_array ($catlist) )
    {
        $content .= "
        <tr>
            <td width='5%'>
            ".$cat['id']."
            </td>
            <td width='50%'>
            <a href='index.php?module=admin&act=gallery&op=photos&act2=addphoto&catid=".$cat['id']."'>".$cat['name']."</a>
            </td>
            <td width='20%'>
            <center><a href='index.php?module=admin&act=gallery&op=editcat&id=".$cat['id']."'>".$mlang['015']."</a></center>
            </td>
            <td width='20%'>
            <center><a href='index.php?module=admin&act=gallery&op=deletecat&id=".$cat['id']."'>".$mlang['016']."</a></center>
            </td>
        </tr>
        ";
    }
    
    $content .= "</table></center>";
}   
    return $content;
}

echo show_gallery_admin ($mlang);
?>
Return current item: PHPEcho CMS