Location: PHPKode > scripts > Particle Gallery > viewimage.php
<?php
define("IN_SCRIPT", true);

require("includes/global.php");

// work out image ID
$imageid = intval($_GET["imageid"]);

// check for authing
if ($_GET["act"] == "report"){
	$usr->Auth(1);
}

// check for actions
if ($usr->Access > 0){
	if ($_POST["do"] == "editimage"){
		$errormsg = editimage($imageid, $_POST["albumid"], $_POST["status"], $_POST["title"], $_FILES["newfile"]);
	} elseif ($_POST["do"] == "vote"){
		$errormsg = rateimage($imageid, $_POST["vote"]);
	} elseif ($_POST["do"] == "comment" && $_POST["commentid"] <> ""){
		$errormsg = editcomments($_POST["commentid"], $_POST["comments"]);
	} elseif ($_POST["do"] == "comment"){
		$errormsg = postcomments($imageid, $_POST["comments"]);
	} elseif ($_POST["do"] == "Delete Comment"){
		$errormsg = deletecomments($_POST["commentid"]);
	} elseif ($_POST["do"] == "massdeletecomments"){
		$errormsg = massdeletecomments($_POST["ids"]);
	} elseif ($_POST["do"] == "reportimage"){
		$errormsg = reportimage($imageid, $_POST["reason"], $_POST["reason2"]);
	}
}

if ($usr->Access > 1){
	if ($_POST["do"] == "moderatereport"){
		$errormsg = moderatereport($_POST["reportid"], $_POST["decision"], $_POST["uplink"]);
	}
}

// image recordset
$sql = "SELECT * FROM " . $dbprefix . "images WHERE imageid = " . dbSecure($imageid);
$rec = $db->execute($sql);
if ($rec->rows < 1){ notfound(); }

// album recordset
$sql = "SELECT * FROM " . $dbprefix . "albums WHERE albumid = " . $rec->fields["albumid"];
$alb = $db->execute($sql);
if ($alb->rows < 1){ notfound(); }

// update image views
$sql = "UPDATE " . $dbprefix . "images SET views = " . ($rec->fields["views"] + 1) . " WHERE imageid = " . $rec->fields["imageid"];
$db->execute($sql);
$rec->fields["views"]++; // correct recordset

// work out breadcrumbs
$bread = breadcrumbs("album", $rec->fields["albumid"]);

if ($rec->fields["title"] <> ""){
	$pagetitle = "Image: " . $rec->fields["title"];
} else {
	$pagetitle = "Image: #" . $rec->fields["imageid"];
}

include("includes/page_header.php");

$core = "viewimage.php?imageid=" . $rec->fields["imageid"];
$t->set_var("FORM_LINK", $core);
$t->set_var("FORM_LINK_UP", "viewalbum.php?albumid=" . $rec->fields["albumid"]);

// work out path
$previewsize = intval($config["previewsize"]);
if ($gd === FALSE || $previewsize == 0){
	$t->set_var("MAIN_IMAGE_PATH", "generators/original.php?imageid=" . $rec->fields["imageid"]);
} else {
	$ur1 = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"];
	$ur1 = str_replace("viewimage.php", "generators/original.php", $ur1);
	$ur1 .= "?imageid=" . $rec->fields["imageid"];
	$sizecheck = @getimagesize($ur1);
	
	if ($sizecheck[0] > $previewsize || $sizecheck[1] > $previewsize || !(is_array($sizecheck))){
		// this image needs a hyperlink
		$t->set_var("IMAGE_A_1", '<a href="generators/original.php?imageid=' . $rec->fields["imageid"] . '">');
		$t->set_var("IMAGE_A_2", '</a>');
	}
	
	$t->set_var("MAIN_IMAGE_PATH", "generators/preview.php?imageid=" . $rec->fields["imageid"]);
}

// image caption
$caption = ($rec->fields["title"] <> "") ? $rec->fields["title"] : "Untited";
$t->set_var("MAIN_IMAGE_CAPTION", $caption);

$t->set_var("MAIN_IMAGE_LINK", "generators/original.php?imageid=" . $rec->fields["imageid"]);
$t->set_var("IMAGE_POSTED", date($config["dateformat"], $rec->fields["postdate"]));
$t->set_var("IMAGE_VIEWS", number_format($rec->fields["views"]));
$t->set_var("IMAGE_UPLOADER", ucfirst(fetchusername($rec->fields["userid"])));
$t->set_var("IMAGE_UPLOADER_LINK", "search.php?order=date&amp;user=" . fetchusername($rec->fields["userid"]));

// report image link?
if ($config["enablereporting"] == "true"){
	$t->set_var("REPORT_LINK", '<a href="' . $core . '&amp;act=report#report">Report this image</a>');
}

// work out album page number
if ($rec->fields["visible"] == 1){
	$sql = "SELECT imageid FROM " . $dbprefix . "images WHERE visible = 1 AND albumid = " . $alb->fields["albumid"] . " AND postdate >= " . $rec->fields["postdate"] . " ORDER BY postdate DESC, imageid ASC";
	$pag = $db->execute($sql);
	if ($pag->rows < 1){
		$pagenum = 1;
	} else {
		$prior = 0; $loop = 1;
		do {
			$prior++; // actually includes image itself too
			if ($pag->fields["imageid"] == $rec->fields["imageid"]){ $loop = 0; }
		} while ($pag->loop() && $loop == 1);
		
		$pagenum = ceil($prior / intval($config["imagesperpage"]));
	}
} else {
	$pagenum = 1;
}

// other gallery images
$sql = "SELECT * FROM " . $dbprefix . "images WHERE albumid = " . $rec->fields["albumid"] . " AND visible = 1 ORDER BY postdate DESC, imageid ASC";
$oth = $db->execute($sql);
if ($oth->rows > 1){
	// work out the position
	$lower = 1; $upper = $oth->rows; $row = 1;
	do {
		if ($oth->fields["imageid"] == $imageid){
			$position = $row;
		}
		
		$imgids["id" . $row] = $oth->fields["imageid"];
		$row++;
	} while ($oth->loop());
	$oth->start(); // reset it
	
	// work out links here
	$prething = "viewimage.php?imageid=";
	if ($position > $lower && $position < $upper){
		$t->set_var("LINK_PREVIOUS", $prething . $imgids["id" . ($position - 1)]);
		$t->set_var("LINK_NEXT", $prething . $imgids["id" . ($position + 1)]);
	} elseif ($position == $lower){
		$t->set_var("LINK_PREVIOUS", $prething . $imgids["id" . $upper]);
		$t->set_var("LINK_NEXT", $prething . $imgids["id" . ($position + 1)]);
	} else { // $position == $upper
		$t->set_var("LINK_PREVIOUS", $prething . $imgids["id" . ($position - 1)]);
		$t->set_var("LINK_NEXT", $prething . $imgids["id" . $lower]);
	}
	
	// work out thumbnails to display
	$pid1 = ($imgids["id" . ($position - 2)]) ? $imgids["id" . ($position - 2)] : 0;
	$pid2 = ($imgids["id" . ($position - 1)]) ? $imgids["id" . ($position - 1)] : 0;
	$pid3 = ($imgids["id" . ($position + 0)]) ? $imgids["id" . ($position + 0)] : 0;
	$pid4 = ($imgids["id" . ($position + 1)]) ? $imgids["id" . ($position + 1)] : 0;
	$pid5 = ($imgids["id" . ($position + 2)]) ? $imgids["id" . ($position + 2)] : 0;
	$pids = $pid1 . "|" . $pid2 . "|" . $pid3 . "|" . $pid4 . "|" . $pid5;
	
	// get recordset of images
	$sql = "SELECT * FROM " . $dbprefix . "images WHERE albumid = " . $rec->fields["albumid"] . " AND visible = 1 AND imageid REGEXP '^(" . $pids . ")$' ORDER BY postdate DESC, imageid ASC";
	$oth = $db->execute($sql);
	
	$t->set_var("IMAGE_SIZE", $config["thumbnailsize"]);
	$t->set_file("imgbit_container", "imagebit_container");
	
	if ($config["thumbnailswithoutgd"] == "true"){
		$t->set_file("imgbit", "imagebit_size");
	} else {
		$t->set_file("imgbit", "imagebit");
	}
	
	if ($oth->rows > 0){ do {
		
		if ($config["thumbnailswithoutgd"] == "true"){
			$t->set_var("IMAGE_WIDTH", $config["thumbnailsize"]);
			$t->set_var("IMAGE_HEIGHT", $config["thumbnailsize"]);
			$t->set_var("IMAGE_PATH", "generators/original.php?imageid=" . $oth->fields["imageid"]);
		} else {
			$t->set_var("IMAGE_PATH", "generators/thumbnail.php?imageid=" . $oth->fields["imageid"]);
		}
		
		$t->set_var("IMAGE_LINK", "viewimage.php?imageid=" . $oth->fields["imageid"]);
		$t->set_var("IMAGE_CAPTION", $oth->fields["title"]);
		$t->parse("IMAGEBIT", "imgbit");
		$t->parse("IMAGES", "imgbit_container", true);
		
	} while ($oth->loop()); }
	
	// parse other images in
	$t->set_file("imagesholder", "viewalbum_images");
	$t->parse("OTHER_IMAGES_MAIN", "imagesholder", true);
	
	$t->set_file("navigationmeu", "viewimage_navigation");
	$t->set_var("LINK_ALBUM", "viewalbum.php?albumid=" . $rec->fields["albumid"] . "&amp;page=" . $pagenum);
	$t->parse("NAVIGATION", "navigationmeu");
	
	$t->set_file("otherimages", "viewimage_others");
	$t->parse("OTHER_IMAGES", "otherimages");
}

// is voting enabled?
if ($config["enablevoting"] == "true"){
	$sql = "SELECT * FROM " . $dbprefix . "votes WHERE imageid = " . dbSecure($imageid);
	$vot = $db->execute($sql);
	if ($vot->rows < 1){
		$vote_text = "Rating: This image has not yet been rated";
	} else {
		$score = 0; do {
			$score = ($score + $vot->fields["vote"]);
		} while ($vot->loop());
		
		$average_score = ($score / $vot->rows);
		$vote_text = "Rating: Average rating of " . $average_score . " from " . $vot->rows . " vote(s)";
	}
	
	// parse in information
	$t->set_var("IMAGE_RATING", $vote_text);
	
	// user voting form
	if ($usr->Access > 0 && $rec->fields["status"] == 1 && $alb->fields["status"] == 1){
		$t->set_file("voting", "viewimage_voting");
		$t->parse("IMAGE_VOTING", "voting");
	}
}

// are comments enabled?
if ($config["enablecomments"] == "true"){
	if (($usr->Access < 1 || $rec->fields["status"] == 0 || $alb->fields["status"] == 0) && $usr->Access < 2){
		$t->set_var("COMMENTS_STATUS", "disabled");
		
		if ($usr->Access < 1){
			$t->set_var("COMMENTS_TEXT", "You must be signed in to post comments");
		} else {
			$t->set_var("COMMENTS_TEXT", "The image or album is locked");
		}
	}
	
	// get all comments for this page
	$sql = "SELECT * FROM " . $dbprefix . "comments WHERE imageid = " . dbSecure($imageid) . " ORDER BY postdate ASC";
	$mex = $db->execute($sql);
	
	// work out what page it is
	if(!isset($_GET["commentspage"])){
	    $page = 1;
	} else {
	    $page = intval($_GET["commentspage"]);
	    $page = ($page < 1) ? 1 : $page;
	}

	$maxitems = intval($config["commentsperpage"]);
	$maxitems = ($maxitems < 1) ? 1 : $maxitems;
	$from = (($page * $maxitems) - $maxitems);
	$total_pages = ceil($mex->rows / $maxitems);
	
	// get previous comments
	$sql .= " LIMIT " . $from . ", " . $maxitems;
	$com = $db->execute($sql);
	if ($mex->rows > 0){
		// comments exist!
		$t->set_file("commentedit", "commentbit_edit");
		$t->set_file("comment", "commentbit");
		
		if ($usr->Access < 2){
			$t->set_var("CHECKBOX_1", "<!--");
			$t->set_var("CHECKBOX_2", "-->");
		}
		
		if ($com->rows > 0){ do {
			// work out the comment info (username, date, ip)
			$commentinfo = date($config["dateformat"], $com->fields["postdate"]);
			if ($usr->Access > 1){
				$commentinfo .= ", from " . $com->fields["ipaddress"];
			}
			
			// standard variables
			$t->set_var("COMMENT_ID", $com->fields["commentid"]);
			$t->set_var("COMMENT_INFO", $commentinfo);
			$t->set_var("COMMENT_USER", ucfirst(fetchusername($com->fields["userid"])));
			$t->set_var("COMMENT_BODY", bbcode($com->fields["comments"]));
			$t->set_var("COMMENT_EDIT", $core . "&amp;commentspage=" . $page . "&amp;editcomment=" . $com->fields["commentid"] . "#comments_post");
			
			// editing panel
			if ($usr->Access > 1 || $_SESSION["userid"] == $com->fields["userid"]){
				$t->parse("COMMENT_EDIT", "commentedit");
			} else {
				$t->set_var("COMMENT_EDIT", "");
			}
			
			$t->parse("COMMENTS", "comment", true);
		} while ($com->loop()); }
		
		// set up some variables prior to editing check
		$t->set_var("COMMENTS_TYPE", "Post");
		
		// work out comments page for a new comments (ie, spill-over?)
		if (($mex->rows / $maxitems) == $total_pages){
			// yes, page full, send user to next page
			$t->set_var("COMMENTS_FORM", $core . "&amp;commentspage=" . ($total_pages + 1));
		} else {
			// no, space on this page, post to current page
			$t->set_var("COMMENTS_FORM", $core . "&amp;commentspage=" . $total_pages);
		}
		
		// user is editing a comment?
		$t->set_var("COMMENT_ID", "");
		if ($_GET["editcomment"] <> ""){
			$sql = "SELECT * FROM " . $dbprefix . "comments WHERE commentid = " . dbSecure($_GET["editcomment"]);
			$cme = $db->execute($sql);
			if ($usr->Access > 1 || ($_SESSION["userid"] == $cme->fields["userid"])){
				// allow user to edit the comment
				$t->set_var("COMMENTS_TYPE", "Edit");
				$t->set_var("COMMENT_ID", $cme->fields["commentid"]);
				$t->set_var("COMMENTS_FORM", $core . "&amp;commentspage=" . $page);
				if ($_POST["comments"] <> ""){
					$t->set_var("COMMENTS_TEXT", un($_POST["comments"]));
				} else {
					$t->set_var("COMMENTS_TEXT", $cme->fields["comments"]);
				}
			}
		}
		
		// comments moderation panel
		if ($usr->Access > 1){
			$t->set_file("moderate_comments", "viewimage_comments_moderate");
			$t->parse("COMMENTS_MODERATE", "moderate_comments");
		}
	}
	
	// parse in comments
	$t->set_var("COMMENTS_PAGING", dopaging($total_pages, $page, "viewimage.php?imageid=" . $imageid, "commentspage"));
	$t->set_file("comments", "viewimage_comments");
	$t->parse("IMAGE_COMMENTS", "comments");
}

// is reporting enabled and wanted?
if ($config["enablereporting"] == "true" && $_GET["act"] == "report"){
	// parse in content
	$t->set_file("reportbox", "viewimage_report");
	$t->parse("REPORT_IMAGE", "reportbox");
}

// parse in editor tools?
if (($usr->Access > 1) || ($usr->Access > 0 && ($_SESSION["userid"] == $rec->fields["userid"]))){
	// image status
	$vis1 = ($rec->fields["status"] == 1) ? " selected" : "";
	$vis2 = ($rec->fields["status"] == 0) ? " selected" : "";
	$t->set_var("ADMIN_STATUS_1", $vis1);
	$t->set_var("ADMIN_STATUS_2", $vis2);
	
	$t->set_file("uploadtools", "viewimage_edit");
	$t->set_var("ADMIN_TITLE", $rec->fields["title"]);
	$t->set_var("ADMIN_PARENT_OPTIONS", fetchoptions($rec->fields["albumid"], 0));
	$t->set_var("ALBUMID", $rec->fields["albumid"]);
	$t->set_var("IMAGEID", $imageid);
	$t->parse("EDITOR_TOOLS", "uploadtools");
}

// parse in moderator tools?
if ($usr->Access > 1){
	// now lets do the image reports stuff
		$sql = "SELECT * FROM " . $dbprefix . "reported WHERE imageid = " . $rec->fields["imageid"];
		$rep = $db->execute($sql);
		if ($rep->rows > 0){
			$t->set_file("imagereports", "viewimage_reports");
			$t->set_var("REPORT_USER", fetchusername($rep->fields["userid"]));
			$t->set_var("REPORT_REASON", $rep->fields["reason"]);
			$t->set_var("REPORT_ID", $rep->fields["reportid"]);
			$t->set_var("REPORT_UPLINK", "viewalbum.php?albumid=" . $rec->fields["albumid"]);
			$t->parse("IMAGE_REPORTS", "imagereports");
		}
}

// parse in error message?
if ($errormsg <> ""){
	$t->set_file("noticebox", "errorbox");
	$t->set_var("MESSAGE", $errormsg);
	$t->parse("ERRORMSG", "noticebox");
}

$t->set_file("page_content", "viewimage");
$t->parse("page_all", "page_content", true);

include("includes/page_footer.php");
?>
Return current item: Particle Gallery