Location: PHPKode > scripts > Particle Gallery > includes/functions_moderate.php
<?php
function createalbum($title, $parent){
	global $db, $dbprefix;
	
	$parent = intval($parent);
	if ($title == ""){ return "You did not enter a title"; }
	
	// validate location
	if ($parent > 0){
		$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($parent);
		$par = $db->execute($sql);
		if ($par->rows < 1){ return "Unable to locate parent album"; }
	}
	
	// check it doesn't exist
	$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . dbSecure($parent) . " AND title = '" . dbSecure($title) . "'";
	$rec = $db->execute($sql);
	if ($rec->rows > 0){ return "This album already exists"; }
	
	// ok, insert it
	$sql  = "INSERT INTO ". $dbprefix . "albums (parent, title) VALUES (";
	$sql .= dbSecure($parent) . ", ";
	$sql .= "'" . dbSecure(str_replace("_", " ", $title)) . "')";
	$db->execute($sql);
	
	// and return
	return "Album created successfully!";
}

function editalbum($albumid, $title, $parent, $visible, $status, $priority, $actasalbum, $description = ""){
	global $db, $dbprefix;
	
	$albumid = intval($albumid);
	$parent  = intval($parent);
	$visible = intval($visible);
	$status  = intval($status);
	$priority   = intval($priority);
	$actasalbum = intval ($actasalbum);
	
	if ($title == ""){ return "No title entered"; }
	
	$visible = ($visible > 0) ? 1 : 0;
	$status  = ($status > 0) ? 1 : 0;
	$actasalbum = ($actasalbum > 0) ? 1 : 0;
	
	$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($albumid);
	$rec = $db->execute($sql);
	if ($rec->rows < 1){ return "Unable to locate the album"; }
	
	if ($parent > 0){
		$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure($parent);
		$chk = $db->execute($sql);
		if ($chk->rows < 1){ return "Parent album could not be found"; }
		
		// make sure it isn't it's own parent
		if ($topicid == $parent){ return "You cannot set the album as it's own parent!"; }
		
		// make sure it isn't in it's own downline
		function getdownline($parent){
			global $db, $dbprefix;
			$stack = Array();
			$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . dbSecure($parent);
			$dwn = $db->execute($sql);
			if ($dwn->rows > 0){ do {
				if (!isset($stack)){ $stack = Array(); }
				array_push($stack, $dwn->fields["albumid"]);
				$stack = getdownline($dwn->fields["albumid"]);
			} while ($dwn->loop()); }
			return $stack;
		}
		
		$stack = getdownline($albumid);
		
		// and search the downline array
		if (!(array_search($parent, $stack) === FALSE)){
			return "The parent album you selected is a child album of this album!";
		}
	}
	
	// ok, update the topic
	$sql  = "UPDATE " . $dbprefix . "albums SET ";
	$sql .= "title = '" . dbSecure(str_replace("_", " ", $title)) . "', ";
	$sql .= "description = '" . dbSecure($description) . "', ";
	$sql .= "parent = " . dbSecure($parent) . ", ";
	$sql .= "visible = " . dbSecure($visible) . ", ";
	$sql .= "status = " . dbSecure($status) . ", ";
	$sql .= "priority = " . dbSecure($priority) . ", ";
	$sql .= "actasalbum = " . dbSecure($actasalbum) . " ";
	$sql .= "WHERE albumid = " . dbSecure($albumid);
	$db->execute($sql);
	
	// and return
	return "The album has been updated successfully!";
}

function deletealbum($albumid, $confirm){
	global $db, $dbprefix;
	
	// standard validation
	$albumid = intval($albumid);
	if ($albumid < 1){ return "Album could not be found"; }
	
	// check for confirmation
	if ($confirm <> "delete"){ return "You did not confirm the deletion"; }
	
	// set up the variables
	$row  = 0;
	$cur  = 1;
	$scan = array();
	array_push($scan, $albumid);
	
	// begin the loop thing
	while ($row < $cur){
		$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . $scan[$row];
		$rec = $db->execute($sql);
		if ($rec->rows > 0){ do {
			
			array_push($scan, $rec->fields["albumid"]);
			
		} while ($rec->loop()); }
		
		$row++;
		$cur = count($scan);
	}
	
	// have all IDs, post-processing
	foreach($scan as $e){
		$x .= "|" . $e;
	} $x = substr($x, 1);
	
	// clear the cache as it could involve a lot of images
	clearcache();
	
	// now we have all ID's, delete images
	$sql = "SELECT imageid FROM " . $dbprefix . "images WHERE albumid REGEXP '^(" . $x . ")$'";
	$img = $db->execute($sql);
	if ($img->rows > 0){ do {
		deleteimage($img->fields["imageid"], "delete");
	} while ($img->loop()); }
	
	// and delete all the albums
	$sql = "DELETE FROM " . $dbprefix . "albums WHERE albumid REGEXP '^(" . $x . ")$'";
	$db->execute($sql);
	
	// and return
	return "Album deleted sucessfully!";
}

function moderateimages($mode, $ids, $decision, $allids = ""){
	global $db, $dbprefix;
	
	// work out the IDs array
	if ($decision == "Approve All" || $decision == "Reject All"){
		// use the all IDs variable
		if ($allids == ""){ return "There are no images to moderate"; }
		$ids_t = split(",", $allids);
		$ids = Array();
		foreach($ids_t as $z){
			if ($z <> ""){ array_push($ids, $z); }
		}
	
	} else {
		// use the selected variables
		if (!(is_array($ids))){ return "You did not select any images"; }
		if (count($ids) < 1){ return "You did not select any images"; }
	}
	
	// work out the decision
	if ($decision == "Approve Selected" || $decision == "Approve All"){
		$action = 1;
	} elseif ($decision == "Reject Selected" || $decision == "Reject All"){
		$action = 2;
	} else {
		return "Unknown action";
	}
	
	// now loop through each one
	foreach($ids as $id){
		$sql = "SELECT * FROM " . $dbprefix . "images WHERE imageid = " . dbSecure($id);
		$img = $db->execute($sql);
		if ($img->rows > 0){
		
			if ($action == 1){
				$sql = "UPDATE " . $dbprefix . "images SET visible = 1 WHERE imageid = " . dbSecure($id);
				$db->execute($sql);
				$action_text = "approved";
			} else {
				deleteimage($id, "delete");
				$action_text = "rejected";
			}
			
			// send message to user
			$msg_title = "Image " . $action_text;
			$msg_from  = intval($_SESSION["userid"]);
			$msg_body  = "Your image, #" . $id . ", has been " . $action_text . ".\r\n\r\n";
			$msg_body .= "If accepted your image will now be visible at:<br />\n";
			$msg_body .= "[url]viewimage.php?imageid=" . $id . "[/url]";
			sendmessage($img->fields["userid"], $msg_from, $msg_title, $msg_body);
		
		}
	}
	
	// and return
	return "Images moderated successfully!";
}

// accepting or rejecting an image report
function moderatereport($reportid, $decision, $uplink = ""){
	global $db, $dbprefix;
	
	// standard validation
	$reportid = intval($reportid);
	if ($decision == ""){ return "You did not make a decision"; }
	
	// find the report
	$sql = "SELECT * FROM " . $dbprefix . "reported WHERE reportid = " . dbSecure($reportid);
	$rep = $db->execute($sql);
	if ($rep->rows < 1){ return "The image report could not be found"; }
	
	// now find the image
	$sql = "SELECT * FROM " . $dbprefix . "images WHERE imageid = " . intval($rep->fields["imageid"]);
	$img = $db->execute($sql);
	if ($img->rows < 1){ return "The image could not be found"; }
	
	// work out the decision
	if ($decision == "Disagree (delete report)"){
		$sql = "DELETE FROM " . $dbprefix . "reported WHERE reportid = " . intval($rep->fields["reportid"]);
		$db->execute($sql);
		
		$result = "not been deleted as it was found acceptable";
	} elseif ($decision == "Agree (delete image)"){
		deleteimage($img->fields["imageid"], "delete");
		
		$result = "been deleted";
	} else {
		return "Unknown decision";
	}
	
	// send a message to the user
	$msg_title = "Reported image #" . $img->fields["imageid"];
	$msg_body  = "The image you reported for:\r\n\r\n";
	$msg_body .= $rep->fields["reason"] . "\r\n\r\n";
	$msg_body .= "has " . $result . ".";
	sendmessage($rep->fields["userid"], $_SESSION["userid"], $msg_title, $msg_body);
	
	// maybe redirect
	if ($decision == "Agree (delete image)" && $uplink <> ""){
		redirect($uplink);
	}
	
	// and return
	return "Report dealt with successfully!";
}

function reorderalbums($albumid, $move){
	global $db, $dbprefix;
	
	// standard validation
	$albumid = intval($albumid);
	if ($move == ""){ return "No direction specified"; }
	
	// validate the album
	$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure(intval($albumid));
	$alb = $db->execute($sql);
	if ($alb->rows < 1){ return "The album could not be found"; }
	
	// now get all of the albums
	$sql = "SELECT * FROM " . $dbprefix . "albums WHERE parent = " . $alb->fields["parent"] . " ORDER BY priority DESC, title ASC";
	$rec = $db->execute($sql);
	if ($rec->rows < 1){ return "Problem locating the collective group of albums"; }
	
	// build an array
	$row = 3;
	do {
		$ids[$row] = $rec->fields["albumid"];
		$row = ($row + 2);
	} while ($rec->loop());
	
	// we have the aray, now sort it and find the album we are moving
	krsort($ids);
	foreach($ids as $y => $x){
		if ($x == $albumid){ $cloud = $y; }
	}
	
	// create new array with the new position of the album
	if ($move == "up"){
		$ids[($cloud - 3)] = $ids[$cloud];
	} else {
		$ids[($cloud + 3)] = $ids[$cloud];
	}
	
	// remove the old entry for the album
	unset($ids[$cloud]);
	
	// resort all of the albums with the new position in place
	krsort($ids);
	
	// now let's re-create the priorities
	$row = 0;
	foreach($ids as $x){
		$pri[$row] = $x;
		$row++;
	}
	
	// and run the SQL
	foreach($pri as $y => $x){
		$sql = "UPDATE " . $dbprefix . "albums SET priority = " . $y . " WHERE albumid = " . $x;
		$db->execute($sql);
	}
	
	return false; // no error message
}

function massdeleteimages($ids){
	global $db, $dbprefix;
	
	if ($ids == ""){ return "No images selected"; }
	if (!(is_array($ids))){ return "No images selected"; }
	
	foreach($ids as $x){
		deleteimage($x, "delete");
	}
	
	return "Images deleted successfully";
}

function massmoveimages($target, $ids){
	global $db, $dbprefix;
	
	if ($ids == ""){ return "No images selected"; }
	if (!(is_array($ids))){ return "No images selected"; }
	
	// validate target
	$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . dbSecure(intval($target));
	$alb = $db->execute($sql);
	if ($alb->rows < 1){ return "The target could not be found"; }
	
	// update the images
	foreach ($ids as $x){
		$sql = "UPDATE " . $dbprefix . "images SET albumid = " . $alb->fields["albumid"] . " WHERE imageid = " . dbSecure($x);
		$db->execute($sql);
	}
	
	return "Images moved successfully";
}
?>
Return current item: Particle Gallery