<?php
function createalbum($title, $parent){
global $db, $dbprefix;
$parent = intval($parent);
if ($title == ""){ return "You did not enter a title"; }
// validate location
if ($parent > 0){
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($parent);
$par = $db->execute($sql);
if ($par->rows < 1){ return "Unable to locate parent album"; }
}
// check it doesn't exist
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . dbSecure($parent) . " AND title = '" . dbSecure($title) . "'";
$rec = $db->execute($sql);
if ($rec->rows > 0){ return "This album already exists"; }
// ok, insert it
$sql = "INSERT INTO ". $dbprefix . "albums (parent, title) VALUES (";
$sql .= dbSecure($parent) . ", ";
$sql .= "'" . dbSecure(str_replace("_", " ", $title)) . "')";
$db->execute($sql);
// and return
return "Album created successfully!";
}
function editalbum($albumid, $title, $parent, $visible, $status, $priority, $actasalbum, $description = ""){
global $db, $dbprefix;
$albumid = intval($albumid);
$parent = intval($parent);
$visible = intval($visible);
$status = intval($status);
$priority = intval($priority);
$actasalbum = intval ($actasalbum);
if ($title == ""){ return "No title entered"; }
$visible = ($visible > 0) ? 1 : 0;
$status = ($status > 0) ? 1 : 0;
$actasalbum = ($actasalbum > 0) ? 1 : 0;
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($albumid);
$rec = $db->execute($sql);
if ($rec->rows < 1){ return "Unable to locate the album"; }
if ($parent > 0){
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($parent);
$chk = $db->execute($sql);
if ($chk->rows < 1){ return "Parent album could not be found"; }
// make sure it isn't it's own parent
if ($topicid == $parent){ return "You cannot set the album as it's own parent!"; }
// make sure it isn't in it's own downline
function getdownline($parent){
global $db, $dbprefix;
$stack = Array();
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . dbSecure($parent);
$dwn = $db->execute($sql);
if ($dwn->rows > 0){ do {
if (!isset($stack)){ $stack = Array(); }
array_push($stack, $dwn->fields["albumid"]);
$stack = getdownline($dwn->fields["albumid"]);
} while ($dwn->loop()); }
return $stack;
}
$stack = getdownline($albumid);
// and search the downline array
if (!(array_search($parent, $stack) === FALSE)){
return "The parent album you selected is a child album of this album!";
}
}
// ok, update the topic
$sql = "UPDATE " . $dbprefix . "albums SET ";
$sql .= "title = '" . dbSecure(str_replace("_", " ", $title)) . "', ";
$sql .= "description = '" . dbSecure($description) . "', ";
$sql .= "parent = " . dbSecure($parent) . ", ";
$sql .= "visible = " . dbSecure($visible) . ", ";
$sql .= "status = " . dbSecure($status) . ", ";
$sql .= "priority = " . dbSecure($priority) . ", ";
$sql .= "actasalbum = " . dbSecure($actasalbum) . " ";
$sql .= "WHERE albumid = " . dbSecure($albumid);
$db->execute($sql);
// and return
return "The album has been updated successfully!";
}
function deletealbum($albumid, $confirm){
global $db, $dbprefix;
// standard validation
$albumid = intval($albumid);
if ($albumid < 1){ return "Album could not be found"; }
// check for confirmation
if ($confirm <> "delete"){ return "You did not confirm the deletion"; }
// set up the variables
$row = 0;
$cur = 1;
$scan = array();
array_push($scan, $albumid);
// begin the loop thing
while ($row < $cur){
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . $scan[$row];
$rec = $db->execute($sql);
if ($rec->rows > 0){ do {
array_push($scan, $rec->fields["albumid"]);
} while ($rec->loop()); }
$row++;
$cur = count($scan);
}
// have all IDs, post-processing
foreach($scan as $e){
$x .= "|" . $e;
} $x = substr($x, 1);
// clear the cache as it could involve a lot of images
clearcache();
// now we have all ID's, delete images
$sql = "SELECT imageid FROM " . $dbprefix . "images WHERE albumid REGEXP '^(" . $x . ")$'";
$img = $db->execute($sql);
if ($img->rows > 0){ do {
deleteimage($img->fields["imageid"], "delete");
} while ($img->loop()); }
// and delete all the albums
$sql = "DELETE FROM " . $dbprefix . "albums WHERE albumid REGEXP '^(" . $x . ")$'";
$db->execute($sql);
// and return
return "Album deleted sucessfully!";
}
function moderateimages($mode, $ids, $decision, $allids = ""){
global $db, $dbprefix;
// work out the IDs array
if ($decision == "Approve All" || $decision == "Reject All"){
// use the all IDs variable
if ($allids == ""){ return "There are no images to moderate"; }
$ids_t = split(",", $allids);
$ids = Array();
foreach($ids_t as $z){
if ($z <> ""){ array_push($ids, $z); }
}
} else {
// use the selected variables
if (!(is_array($ids))){ return "You did not select any images"; }
if (count($ids) < 1){ return "You did not select any images"; }
}
// work out the decision
if ($decision == "Approve Selected" || $decision == "Approve All"){
$action = 1;
} elseif ($decision == "Reject Selected" || $decision == "Reject All"){
$action = 2;
} else {
return "Unknown action";
}
// now loop through each one
foreach($ids as $id){
$sql = "SELECT * FROM " . $dbprefix . "images WHERE imageid = " . dbSecure($id);
$img = $db->execute($sql);
if ($img->rows > 0){
if ($action == 1){
$sql = "UPDATE " . $dbprefix . "images SET visible = 1 WHERE imageid = " . dbSecure($id);
$db->execute($sql);
$action_text = "approved";
} else {
deleteimage($id, "delete");
$action_text = "rejected";
}
// send message to user
$msg_title = "Image " . $action_text;
$msg_from = intval($_SESSION["userid"]);
$msg_body = "Your image, #" . $id . ", has been " . $action_text . ".\r\n\r\n";
$msg_body .= "If accepted your image will now be visible at:<br />\n";
$msg_body .= "[url]viewimage.php?imageid=" . $id . "[/url]";
sendmessage($img->fields["userid"], $msg_from, $msg_title, $msg_body);
}
}
// and return
return "Images moderated successfully!";
}
// accepting or rejecting an image report
function moderatereport($reportid, $decision, $uplink = ""){
global $db, $dbprefix;
// standard validation
$reportid = intval($reportid);
if ($decision == ""){ return "You did not make a decision"; }
// find the report
$sql = "SELECT * FROM " . $dbprefix . "reported WHERE reportid = " . dbSecure($reportid);
$rep = $db->execute($sql);
if ($rep->rows < 1){ return "The image report could not be found"; }
// now find the image
$sql = "SELECT * FROM " . $dbprefix . "images WHERE imageid = " . intval($rep->fields["imageid"]);
$img = $db->execute($sql);
if ($img->rows < 1){ return "The image could not be found"; }
// work out the decision
if ($decision == "Disagree (delete report)"){
$sql = "DELETE FROM " . $dbprefix . "reported WHERE reportid = " . intval($rep->fields["reportid"]);
$db->execute($sql);
$result = "not been deleted as it was found acceptable";
} elseif ($decision == "Agree (delete image)"){
deleteimage($img->fields["imageid"], "delete");
$result = "been deleted";
} else {
return "Unknown decision";
}
// send a message to the user
$msg_title = "Reported image #" . $img->fields["imageid"];
$msg_body = "The image you reported for:\r\n\r\n";
$msg_body .= $rep->fields["reason"] . "\r\n\r\n";
$msg_body .= "has " . $result . ".";
sendmessage($rep->fields["userid"], $_SESSION["userid"], $msg_title, $msg_body);
// maybe redirect
if ($decision == "Agree (delete image)" && $uplink <> ""){
redirect($uplink);
}
// and return
return "Report dealt with successfully!";
}
function reorderalbums($albumid, $move){
global $db, $dbprefix;
// standard validation
$albumid = intval($albumid);
if ($move == ""){ return "No direction specified"; }
// validate the album
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure(intval($albumid));
$alb = $db->execute($sql);
if ($alb->rows < 1){ return "The album could not be found"; }
// now get all of the albums
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . $alb->fields["parent"] . " ORDER BY priority DESC, title ASC";
$rec = $db->execute($sql);
if ($rec->rows < 1){ return "Problem locating the collective group of albums"; }
// build an array
$row = 3;
do {
$ids[$row] = $rec->fields["albumid"];
$row = ($row + 2);
} while ($rec->loop());
// we have the aray, now sort it and find the album we are moving
krsort($ids);
foreach($ids as $y => $x){
if ($x == $albumid){ $cloud = $y; }
}
// create new array with the new position of the album
if ($move == "up"){
$ids[($cloud - 3)] = $ids[$cloud];
} else {
$ids[($cloud + 3)] = $ids[$cloud];
}
// remove the old entry for the album
unset($ids[$cloud]);
// resort all of the albums with the new position in place
krsort($ids);
// now let's re-create the priorities
$row = 0;
foreach($ids as $x){
$pri[$row] = $x;
$row++;
}
// and run the SQL
foreach($pri as $y => $x){
$sql = "UPDATE " . $dbprefix . "albums SET priority = " . $y . " WHERE albumid = " . $x;
$db->execute($sql);
}
return false; // no error message
}
function massdeleteimages($ids){
global $db, $dbprefix;
if ($ids == ""){ return "No images selected"; }
if (!(is_array($ids))){ return "No images selected"; }
foreach($ids as $x){
deleteimage($x, "delete");
}
return "Images deleted successfully";
}
function massmoveimages($target, $ids){
global $db, $dbprefix;
if ($ids == ""){ return "No images selected"; }
if (!(is_array($ids))){ return "No images selected"; }
// validate target
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure(intval($target));
$alb = $db->execute($sql);
if ($alb->rows < 1){ return "The target could not be found"; }
// update the images
foreach ($ids as $x){
$sql = "UPDATE " . $dbprefix . "images SET albumid = " . $alb->fields["albumid"] . " WHERE imageid = " . dbSecure($x);
$db->execute($sql);
}
return "Images moved successfully";
}
?>