<?PHP
/* * * * * * * * * * * * * * * * * * * * * *
* Copyright 2003-2006 SiteX Project
* http://sitex.bjsintay.com
*
* Developed by: BJ Sintay
* Version: 0.7.3
*
* Page Notes:
* - register globals on/off compatible
* - magic quotes & SQL injection proof
* - sx variable prefixing (half finished)
*/
ob_start();
session_start();
include("includes/globals.php.inc");
include("includes/functions.php");
include("lang/English.php");
if(strtolower($sxSetup['Language']) != 'english') include("lang/".$sxSetup['Language'].".php");
include("themes/$THEME_FOLDER/config.php.inc");
protectComponentPage(2);
$albumid = intval($albumid);
if(userAdmin())
{
if($upid)
movePhotoUp(intval($upid), $albumid);
if($downid)
movePhotoDown(intval($downid), $albumid);
if($topid)
movePhotoTop(intval($topid), $albumid);
if($bottomid)
movePhotoBottom(intval($bottomid), $albumid);
if($delete)
{
deletePhoto(intval($delete));
$message = $sxLang['PhotoDeleted'];
}
}
if(intval($albumid) != 0)
{
$ID = sxSmartQuote($albumid);
$sxQuery = "SELECT * FROM $DB_Photos_Albums WHERE id='$ID'";
$sxResult = mysql_query($sxQuery, $Link) or queryError("16", mysql_error());
$sxROW = mysql_fetch_object($sxResult);
}
if(sxAlbumUserAccess($sxROW->id, $THIS_USER) == FALSE)
{
header("Location: pictures.php");
die();
}
$sxQuery = "SELECT * FROM $DB_Photos, $DB_Photos_Assoc WHERE $DB_Photos.id=$DB_Photos_Assoc.photoid AND $DB_Photos_Assoc.albumid='$ID'";
$sxResult = mysql_query($sxQuery, $Link) or queryError("19", mysql_error());
$sxTotalPhotos = mysql_num_rows($sxResult);
if($sxTotalPhotos < $sxSetup['AlbumNumColumns'])
$sxRealNumColumns = $sxTotalPhotos;
else
$sxRealNumColumns = $sxSetup['AlbumNumColumns'];
$sxQueryA = "SELECT * FROM $DB_Photos_Albums WHERE id='$ID'";
$sxResultA = mysql_query($sxQueryA, $Link) or queryError("20", mysql_error());
$sxAlbum = mysql_fetch_object($sxResultA);
$Created = fetchDate($sxAlbum->timestamp, 3, 1);
$sxQuery = "SELECT * FROM $DB_Photos, $DB_Photos_Assoc WHERE $DB_Photos.id=$DB_Photos_Assoc.photoid AND $DB_Photos_Assoc.albumid='$ID' ORDER BY $DB_Photos.id DESC";
$sxResult = mysql_query($sxQuery, $Link) or queryError("21", mysql_error());
$sxROW = mysql_fetch_object($sxResult);
if(intval($sxROW->timestamp) > 0)
$sxLastUpdated = fetchDate($sxROW->timestamp, 3, 1);
else
$sxLastUpdated = $sxLang['PhotoNone'];
if(intval($page) == 0)
$page = 1;
$start = ($page - 1)*$sxSetup['PicsPerPage'];
$sxTitleAddendum = getComponentName("2").' - '.$sxAlbum->name;
include("themes/$THEME_FOLDER/header.php");
?>
<?PHP if((userEditor())OR(userAdmin())) { ?>
<script language="JavaScript" type="text/JavaScript">
<!--
function confirmDelete(theID,theName)
{
if(confirm("<?PHP echo $sxLang['PhotoAlbumJSDeletePhoto']; ?> '"+theName+"' <?PHP echo $sxLang['GeneralJSDeleteEntry2']; ?>")){
window.location='<?PHP print $PHP_SELF."?albumid=$ID&page=$page&delete="; ?>'+theID;
}
}
//-->
</script>
<?PHP } ?>
<div class="bodyWrapper">
<h1><?PHP echo getComponentName("2"); ?></h1>
<?PHP echoMessage($message); ?>
<?php
if ($sxThemeConfig['GalleryAlbumHideData'] == 1)
echo '';
else {
echo '<div class="galleryData"><span class="sxLargeText">'. $sxAlbum->name .'</span><br />';
if($sxSetup['AlbumShowNumPhotos'] == 1)
echo $sxLang['PhotoTotal'] . ':<strong>'. $sxTotalPhotos .'</strong> ';
if($sxSetup['GalleryShowCreated'] == 1)
echo $sxLang['PhotoAlbumCreated']. ': <strong>' . $Created . '</strong> ';
echo $sxLang['PhotoLastUpdated'] .': <strong>'. $sxLastUpdated .'</strong>';
if($sxSetup['GalleryShowDescription'] == 1 && $sxAlbum->description)
echo '<div class="Description"><strong>'.$sxLang['GeneralItemDescription']. ': </strong>' . $sxAlbum->description . '</div>';
echo '</div>';
}
?>
<div class="pageTurns">
<?PHP pageTurns($PHP_SELF."?albumid=".$ID."&", $sxTotalPhotos, $page, $sxSetup['PicsPerPage']); ?>
</div>
<div class="sxGalleryLayout">
<?PHP
echo '<table border="0" cellpadding="0" cellspacing="0" width="' . ($sxThemeConfig['ContentWidth']-10) . '" align="center">'."\n";
$count = 0;
$query = "SELECT * FROM $DB_Photos, $DB_Photos_Assoc
WHERE $DB_Photos.id=$DB_Photos_Assoc.photoid AND
$DB_Photos_Assoc.albumid='$ID'
ORDER BY $DB_Photos_Assoc.position ASC
LIMIT $start, ".$sxSetup['PicsPerPage'];
$result = mysql_query($query, $Link) or queryError("22", mysql_error());
while($ROW = mysql_fetch_object($result))
{
if($count == 0) echo '<tr>';
echo '<td valign="top" align="'. $sxThemeConfig['GalleryAlbumThumbAlign'] .'" width="' . (($sxThemeConfig['ContentWidth']-10)/$sxRealNumColumns) . '">'."\n";
// Compute dimensions
list($width_original, $height_original) = getimagesize($sxContentDir['PhotoThumb'] . $ROW->filename);
$dimensions = resizeDimensions($width_original, $height_original, $sxSetup['GalleryMaxDimensionThumb']);
$thumbW = $dimensions[0]+1;
$thumbH = $dimensions[1]+1;
//list($thumbW, $thumbH) = getimagesize($sxContentDir['PhotoThumb'] . $ROW->filename);
echo '<table style="float: '. $sxThemeConfig['GalleryAlbumThumbPos'] .';" cellpadding="0" cellspacing="0" class="sxAlbumThumbnailContainer"><tr><td width="' . $sxSetup['GalleryMaxDimensionThumb'] . '" height="' . $sxSetup['GalleryMaxDimensionThumb'] . '" valign="'. $sxThemeConfig['GalleryAlbumThumbAlignVert'] .'" style="text-align: '. $sxThemeConfig['GalleryAlbumThumbPos'] .'" class="sxAlbumThumb"><a href="photo.php?photoid=' . $ROW->photoid . '&albumid=' . $ID . '&page=' . $page . '"><img src="' . $sxContentDir['PhotoThumb'] . $ROW->filename . '" height="' . $thumbH . '" width="' . $thumbW . '" alt="' . $ROW->name . '"/></a></td></tr></table>';
//echo '<div style="text-align: center; background: ' .$sxThemeConfig['ThumbnailBGColor'] . '; float: '. $galleryAlbumFloat .';" class="sxAlbumThumb"><table cellspacing="0" cellpadding="0" height="100%" align="center" width="1"><tr><td valign="middle" align="center"><a href="" ><img height="' . $thumbH . '" width="' . $thumbW . '" src="' . $sxContentDir['PhotoThumb'] . $ROW->filename . '" alt="' . $ROW->name . '"/></a></td></tr></table></div>'."\n";
echo '<div style="text-align: '. $sxThemeConfig['GalleryAlbumThumbPos'] .'" class="sxPhotoDescription">';
if($sxSetup['AlbumShowPhotoName'] == 1 && $ROW->name)
echo '<a href="photo.php?photoid=' . $ROW->photoid . '&albumid=' . $ID . '&page=' . $page . '"><strong>' . $ROW->name . '</strong></a><br />'."\n";
echo '<span class="sxSmallText">';
if(userAdmin())
{
echo '<a href="admin/photo_edit.php?editid=' . $ROW->photoid . '&sxPrevURL='.urlencode("http://{$HTTP_HOST}{$REQUEST_URI}").'"><img style="border: 0;" src="images/edit.gif" alt="' . $sxLang['ButtonEdit'] . '" /></a> '."\n";
echo '<a href="#" onclick="confirmDelete(' . $ROW->photoid . ',\'' . addslashes($ROW->name) . '\')"><img src="images/delete.gif" style="border: 0;" alt="' . $sxLang['ButtonDelete'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&upid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/up.gif" style="border: 0;" alt="' . $sxLang['ButtonUp'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&downid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/down.gif" style="border: 0;" alt="' . $sxLang['ButtonDown'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&topid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/top.gif" style="border: 0;" alt="' . $sxLang['ButtonTop'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&bottomid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/bottom.gif" style="border: 0;" alt="' . $sxLang['ButtonBottom'] . '" /></a>'."\n";
}
if(userEditor())
{
if($sxSetup['EditorRightsPhotoEdit'])
{
echo '<a href="admin/photo_edit.php?editid=' . $ROW->photoid . '&sxPrevURL='.urlencode("http://{$HTTP_HOST}{$REQUEST_URI}").'"><img style="border: 0;" src="images/edit.gif" alt="' . $sxLang['ButtonEdit'] . '" /></a> '."\n";
echo '<a href="#" onclick="confirmDelete(' . $ROW->photoid . ',\'' . addslashes($ROW->name) . '\')"><img src="images/delete.gif" style="border: 0;" alt="' . $sxLang['ButtonDelete'] . '" /></a> '."\n";
}
if($sxSetup['EditorRightsAlbumsManage'])
{
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&upid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/up.gif" style="border: 0;" alt="' . $sxLang['ButtonUp'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&downid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/down.gif" style="border: 0;" alt="' . $sxLang['ButtonDown'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&topid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/top.gif" style="border: 0;" alt="' . $sxLang['ButtonTop'] . '" /></a> '."\n";
echo '<a href="' . $PHP_SELF . '?albumid=' . $ID . '&bottomid=' . $ROW->photoid . '&page=' . $page . '"><img src="images/bottom.gif" style="border: 0;" alt="' . $sxLang['ButtonBottom'] . '" /></a>'."\n";
}
}
if($sxSetup['AlbumShowPhotoDescription'] == 1 && $ROW->description)
{
echo '<br />';
if($sxSetup['AlbumPhotoDescriptionTrunc'] > 0)
echo nl2br(limitString($ROW->description, $sxSetup['AlbumPhotoDescriptionTrunc']))."\n";
else
echo nl2br($ROW->description)."\n";
}
if($sxSetup['AlbumShowPhotoCreated'] == 1)
echo '<br /><span class="shadowText">' . $sxLang['GeneralItemDate'] . ': ' . fetchDate($ROW->timestamp, 2, 1) . '</span>';
if($sxSetup['GalleryShowPhotoCount'] == 1)
echo '<br /><span class="shadowText">' . $sxLang['PhotoViews'] . ' ' . number_format($ROW->views) . '</span>';
echo '</span>'."\n";
echo '</div></td>'."\n";
if($count == ($sxRealNumColumns-1))
{
echo '</tr>'."\n";
$count = 0;
}
else $count = $count + 1;
}
if(mysql_num_rows($result) == 0) echo '<tr><td><em>' . $sxLang['NoPhotos'] . '</em></td></tr>';
echo '</table>'."\n";
?>
<div class="pageTurns">
<?PHP pageTurns($PHP_SELF."?albumid=".$ID."&", $sxTotalPhotos, $page, $sxSetup['PicsPerPage']); ?></div>
</div>
</div>
<?PHP
include("themes/$THEME_FOLDER/footer.php");
ob_end_flush();
?>