<?php
/* +----------------------------------------------------------------------+
|SelectaPix Open Source Gallery |
+----------------------------------------------------------------------+
| Copyright (c) 2004 OutOfTheTrees |
| |
| http://www.outofthetrees.co.uk/index.php |
| |
+----------------------------------------------------------------------+
| This source file is subject to version 2.0 of the GPL license, |
| that is bundled with this package in the file LICENSE, and is |
| available through the world-wide-web at the following url: |
| http://www.outofthetrees.co.uk/license/2_0.txt. |
| If you did not receive a copy of the SelectaPix license and are |
| unable to obtain it through the world-wide-web, please send a note |
| to hide@address.com so we can mail you a copy immediately.|
+----------------------------------------------------------------------+ */
if (!defined("ACCESS")) {
die ("Direct request denied");
}
class image extends admin_page {
var $f;
function image($f) {
$this->f =& $f;
$this->admin_page($this->f);
}
function get_image_count($albumID) {
$albumID = $this->f->util->ForceInt($albumID, 0);
return $this->sql = "SELECT COUNT(i.imageID)
FROM $this->image_table AS i
LEFT JOIN $this->album_table AS a ON i.albumID = a.albumID
WHERE i.albumID = '$albumID'";
}
function get_subalbum_image_count($albumID) {
$albumID = $this->f->util->ForceInt($albumID, 0);
return $this->sql = "SELECT COUNT(i.imageID)
FROM $this->image_table AS i
LEFT JOIN $this->album_table AS a ON i.albumID = a.albumID
WHERE a.parent_albumID = '$albumID'";
}
function get_image_info($albumID) {
$albumID = $this->f->util->ForceInt($albumID, 0);
return $this->sql = "SELECT *
FROM $this->image_table
WHERE albumID = '$albumID'";
}
function get_image_info_by_id($imageID) {
$imageID = $this->f->util->ForceInt($imageID, 0);
return $this->sql = "SELECT *
FROM $this->image_table
WHERE imageID = '$imageID'";
}
function get_albumID_by_imageID($imageID) {
$imageID = $this->f->util->ForceInt($imageID, 0);
return $this->sql = "SELECT a.albumID, a.parent_albumID
FROM $this->album_table AS a
LEFT JOIN $this->image_table AS i ON a.albumID = i.albumID
WHERE i.imageID = '$imageID'";
}
function check_if_image_is_active($imageID) {
$imageID = $this->f->util->ForceInt($imageID, 0);
return $this->sql = "SELECT active
FROM $this->image_table
WHERE imageID = '$imageID'";
}
function update_image_status($action, $imageID) {
$imageID = $this->f->util->ForceInt($imageID, 0);
if($action=='enable_image') {
$this->sql = "UPDATE $this->image_table
SET active = 'yes'
WHERE imageID = '$imageID'";
}
if($action=='disable_image') {
$this->sql = "UPDATE $this->image_table
SET active = 'no'
WHERE imageID = '$imageID'";
}
$this->f->conn->query($this->sql, 'none');
if(!$this->f->conn->result) {
if($action=='enable_image') {
$news = '<p class="badnews">Image could not be set to active, please try again later.</p>';
}
if($action=='disable_image') {
$news = '<p class="badnews">Image could not be set to disabled, please try again later.</p>';
}
}
else {
if($action=='enable_image') {
$news = '<p class="goodnews">Image is now active.</p>';
}
if($action=='disable_image') {
$news = '<p class="goodnews">Image is now disabled.</p>';
}
}
return $news;
}
function update_image() {
$this->imageID = $this->f->util->ForceInt($_POST['imageID'], 0);
if($_POST['album_name'] != '') {
$this->albumID = $this->f->util->FormatStringForDatabaseInput($_POST['album_name'], 1);
}
else {
$a = explode('&', $this->f->util->FormatStringForDatabaseInput($_POST['parent_album_name'], 1));
$b = explode('=', $a[3]);
$this->albumID = $b[1];
}
$this->caption = $this->f->util->FormatStringForDatabaseInput($_POST['caption'], 1);
$this->uploadername = $this->f->util->FormatStringForDatabaseInput($_POST['uploadername'], 1);
$this->description = $this->f->util->FormatStringForDatabaseInput($_POST['description'], 0);
$this->description = str_replace('align="right"', 'style="text-align: right;"', $this->description);
$this->description = str_replace('align="justify"', 'style="text-align: justify;"', $this->description);
$this->description = str_replace('align="center"', 'style="text-align: center;"', $this->description);
$this->description = str_replace('align="left"', 'style="text-align: left;"', $this->description);
$this->description = str_replace('style="TEXT-ALIGN:', 'style="text-align:', $this->description);
$this->description = str_replace('<font face="', '<span style="font-family: ', $this->description);
$this->description = str_replace('</font>', '</span>', $this->description);
$this->description = str_replace(' & ', '&', $this->description);
$this->description = str_replace('£', '£', $this->description);
$this->description = str_replace('$', '$', $this->description);
$this->description = $this->f->util->FormatStringForDatabaseInput(str_replace('%', '%', $this->description), 0);
$this->image_url = $this->f->util->FormatStringForDatabaseInput($_POST['image_url'], 1);
// Check that all required fields filled in
$this->errors = array();
if(empty($this->imageID)) {
$this->errors[] = "There was no image ID";
}
if(empty($this->caption)) {
$this->errors[] = "The image has no name";
}
if(empty($this->uploadername)) {
$this->uploadername = "Unknown";
}
if(count($this->errors)) {
$this->errors = count($this->errors);
$this->badnews = "<p class=\"badnews\">The image was not updated because:<br />";
for($i = 0; $i < $this->errors; $i++) {
$this->badnews .= $this->errors[$i] . "<br />";
}
$this->badnews .= "</p>";
return $this->badnews;
}
$this->f->conn->query("UPDATE $this->image_table
SET uploadername = '$this->uploadername',
albumID = '$this->albumID',
caption = '$this->caption',
image_url = '$this->image_url',
description = '$this->description'
WHERE imageID = '$this->imageID'", 'none');
if(!$this->f->conn->result) {
$this->news = "<p class=\"badnews\">Could not update image, please try again later.</p>\n";
}
else {
$this->news = "<p class=\"goodnews\">Image details successfully updated.</p>";
}
return $this->news;
}
function delete_image() {
$this->imageID = $this->f->util->ForceInt($_POST['imageID'], 0);
$this->row = $this->f->conn->query("SELECT image_url, caption
FROM $this->image_table
WHERE imageID = '$this->imageID'");
//Delete the image from it's physical location
$this->news = "<p>Deleting image....</p>\n";
for ($i=0; $i<count($this->row); $i++) {
$this->image = $this->row[$i][image_url];
$this->caption = $this->row[$i][caption];
if(file_exists($this->site_path.$this->img_dir.$this->image)) {
if(@unlink($this->site_path.$this->img_dir.$this->image)) {
$this->news .= "<p class=\"goodnews\">".$this->image." — image deleted.</p>\n";
}
else {
$this->news .= "<p class=\"badnews\">".$this->image." — image could not be deleted!</p>\n";
}
}
else {
$this->news .= "<p class=\"badnews\">No image was found for ".$this->caption."</p>\n";
}
if(file_exists($this->site_path.$this->img_dir."tn_".$this->image)) {
if(@unlink($this->site_path.$this->img_dir."tn_".$this->image)) {
$this->news .= "<p class=\"goodnews\">tn_".$this->image." — thumbnail deleted.</p>\n";
}
else {
$this->news .= "<p class=\"baddnews\">tn_".$this->image." — thumbnail could not be deleted!</p>\n";
}
}
else {
$this->news .= "<p class=\"badnews\">No thumbnail image was found for ".$this->caption."</p>\n";
}
}
$this->f->conn->query("DELETE FROM $this->image_table
WHERE imageID = '$this->imageID'");
if(!$this->f->conn->result) {
$this->news .= '<p class="badnews">Could not delete image from database, please try again later!</p>';
}
else {
$this->news .= '<p class="goodnews">Database updated.</p>';
}
return $this->news;
}
function edit_image($news='') {
$abm = $this->f->objectBuilder->NewFrameworkObject($this->f, "album");
$this->parentID = $this->f->util->ForceInt($_GET['parentID'], 0);
$this->albumID = $this->f->util->ForceInt($_GET['albumID'], 0);
$this->new_parentID = $this->f->util->ForceInt($_GET['new_parentID'], 0);
$this->imageID = $this->f->util->ForceInt($_REQUEST["imageID"], 0);
$row = $this->f->conn->query($this->get_image_info_by_id($this->imageID));
if(!is_array($row)) {
if($this->parentID != 0) {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->parentID."&parentID=0\">Edit an album</a> >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=".$this->parentID."\">Edit a sub-album</a>";
echo " >> Edit an image\n</div>\n\n";
}
else {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=0\">Edit an album</a> >> Edit an image\n</div>\n\n";
}
echo '<div id=\"margins\">\n<p class="badnews">Could not find any image information.</p>';
return;
}
if($this->parentID != 0) {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->parentID."&parentID=0\">Edit an album</a> >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=".$this->parentID."\">Edit a sub-album</a>";
echo " >> Edit an image</div>\n\n";
}
else {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=0\">Edit an album</a> >> Edit an image\n</div>\n\n";
}
echo "<div class=\"margins\">\n";
// If they're updating the info, submit_image function will return good or bad news
// which we want displayed beneath breadcrumb div
if(strstr($news, '#@# - MOVED - #@#')) {
echo str_replace('#@# - MOVED - #@#', '', $news);
return;
}
else {
echo $news;
}
for ($i=0; $i<count($row); $i++) {
echo "\n\n<h2 style=\"text-align: left;\">".stripslashes($row[$i]['caption'])."</h2>\n";
echo "<form action=\"edit_image.php?albumID=".$this->albumID."&parentID=".$this->parentID."&imageID=".$this->imageID."\" method=\"post\" class=\"editimage\">\n";
echo '<table cellspacing="0" id="editimage" summary="Contains edit image form">';
echo "\n\n<tr>\n\t<td><label for=\"caption\">Image Caption:</label></td>";
echo "\n\t<td title=\"Name of image\"><input type=\"text\" name=\"caption\" id=\"caption\" value=\"".(stripslashes($row[$i]['caption']))."\" size=\"35\" /></td>\n\n";
echo "\n\t<td>Date Uploaded:</td>\n<td>".$this->f->conn->formatdate($row[$i]['upload_date'])."</td>\n</tr>\n\n";
echo "<tr>\n\t<td><label for=\"parent_album_name\">Current album & Sub album:</label></td>\n\t<td><select name=\"parent_album_name\" id=\"parent_album_name\" onchange=\"goLocation(this.form.parent_album_name); return false;\">\n";
if((!isset($this->new_parentID)) || ($this->new_parentID == 0)) {
if($this->parentID == '0') {
$current_parent_album = $this->albumID;
}
else {
$current_parent_album = $this->parentID;
}
}
else {
$current_parent_album = $this->new_parentID;
}
$albumnames = $this->f->conn->query($abm->get_parent_albums());
for($n=0; $n<count($albumnames); $n++) {
if($albumnames[$n]['albumID']==$current_parent_album) {
echo "\t<option value=\"edit_image.php?imageID=$this->imageID&parentID=$this->parentID&albumID=$this->albumID&new_parentID=".$albumnames[$n]['albumID']."\" selected=\"selected\">".$albumnames[$n]['album_name']."</option>\n";
}
else {
echo "\t<option value=\"edit_image.php?imageID=$this->imageID&parentID=$this->parentID&albumID=$this->albumID&new_parentID=".$albumnames[$n]['albumID']."\">".$albumnames[$n]['album_name']."</option>\n";
}
}
echo "</select>\n";
echo "<select name=\"album_name\" id=\"album_name\">\n";
if((!isset($this->new_parentID)) || ($this->new_parentID == 0)) {
if($this->parentID == '0') {
$subalbumnames = $this->f->conn->query($abm->get_sub_albums($this->albumID));
}
else {
$subalbumnames = $this->f->conn->query($abm->get_sub_albums($this->parentID));
}
$current_albumID = $this->albumID;
}
else {
$subalbumnames = $this->f->conn->query($abm->get_sub_albums($this->new_parentID));
}
echo "\t<option value=\"\" style=\"background-color: #fc0;\">SELECT A SUB ALBUM</option>\n";
for($n=0; $n<count($subalbumnames); $n++) {
if($subalbumnames[$n]['albumID']==$current_albumID) {
echo "\t<option value=\"".$subalbumnames[$n]['albumID']."\" selected=\"selected\">".$subalbumnames[$n]['album_name']."</option>\n";
}
else {
echo "\t<option value=\"".$subalbumnames[$n]['albumID']."\">".$subalbumnames[$n]['album_name']."</option>\n";
}
}
echo "</select>\n</td>\n\t";
echo '<td><label for="uploadername">Uploaded by:</label></td>';
echo "\n\t<td><input type=\"text\" name=\"uploadername\" id=\"uploadername\" value=\"".$row[$i]['uploadername']."\" size=\"15\" /></td>\n</tr>\n\n<tr>\n\t";
echo '<td><label for="image_url">Image Name:</label></td>';
echo "\n\t<td title=\"Do not rename unless image file with new name exists on server\"><input type=\"text\" name=\"image_url\" id=\"image_url\" value=\"";
if($row[$i]['image_url'] != '') {
echo $row[$i]['image_url'];
}
else {
echo 'None Found';
}
echo "\" size=\"30\" /></td>\n\t";
echo '<td>Thumbnail Name:</td><td title="To change thumbnail prefix see Site Config">';
if($row[$i]['image_url'] != '') {
echo "tn_".$row[$i]['image_url'];
}
else {
echo 'None Found';
}
echo "</td>\n</tr>\n\n";
echo "<tr>\n\t<td style=\"vertical-align: top;\"><label for=\"description\">Description of image:</label></td>\n";
echo "\n\t<td colspan=\"3\" style=\"text-align: center;\">\n<textarea name=\"description\" id=\"description\" style=\"width:100%;\" rows=\"15\" cols=\"80\">".$row[$i]['description']."</textarea></td>\n</tr>\n\n";
echo "<tr>\n\t<td> </td><td colspan=\"3\" title=\"Update image with above info\"><input type=\"submit\" class=\"button\" name=\"add_subalbum\" value=\"Save Changes\" onclick=\"return editimage();\" />";
echo "\n<input type=\"hidden\" name=\"imageID\" value=\"".$row[$i]['imageID']."\" />\n";
echo "<input type=\"hidden\" name=\"update_image\" value=\"true\" /></td>\n</tr>\n\n";
echo "<tr>\n\t<td style=\"border-top: none;\"> </td>\n\t<td colspan=\"3\" style=\"border-top: none;\" title=\"Go back without updating image details\">";
if(!isset($this->new_parentID)) {
echo "<a href=\"edit_album.php?albumID=".$row[$i]['albumID']."&parentID=$this->parentID\"><< Don't make any changes</a>";
}
echo "</td>\n</tr>\n\n";
echo "<tr>\n\t<td style=\"text-align: right; vertical-align: top;\">";
if(file_exists($this->site_path.$this->img_dir.'tn_'.$row[$i]['image_url'])) {
$thumb_size = GetImageSize($this->site_path.$this->img_dir.'tn_'.$row[$i]['image_url']);
$thumb_width = $thumb_size[0];
$thumb_height = $thumb_size[1];
echo "\n<img src=\"".$this->site_url.$this->img_dir."tn_".$row[$i]['image_url']."\" width=\"".$thumb_width."\" height=\"".$thumb_height."\" alt=\"tn_".$row[$i]['image_url']."\" /></td>\n";
}
else {
echo "\n<img src=\"".$this->site_url.$this->img_dir."nophoto.gif\" alt=\"Photo unavailable\" /></td>\n\t";
}
echo '<td colspan="3">';
if(file_exists($this->site_path.$this->img_dir.$row[$i]['image_url'])) {
$size = GetImageSize($this->site_path.$this->img_dir.$row[$i]['image_url']);
$width = $size[0];
$height = $size[1];
echo "\n<img src=\"".$this->site_url.$this->img_dir.$row[$i]['image_url']."\" height=\"".$height."\" width=\"".$width."\" alt=\"".$row[$i]['image_url']."\" />\n</td>\n</tr>\n\n";
}
else {
echo "\n </td>\n</tr>\n\n";
}
echo "</table>\n</form>\n\n</div>\n";
}
}
function confirm_delete_image() {
$this->imageID = $this->f->util->ForceInt($_GET["imageID"], 0);
$this->albumID = $this->f->util->ForceInt($_GET['albumID'], 0);
$this->parentID = $this->f->util->ForceInt($_GET['parentID'], 0);
$row = $this->f->conn->query($this->get_image_info_by_id($this->imageID));
if(!is_array($row)) {
do_html_heading("<span>".$config['sitename']."</span> Delete image");
echo '<div id="breadcrumbtrail"><a href="member.php">';
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a></div>';
echo '<p class="badnews">Whoops! Could not find that image</p>';
return;
}
for ($i=0; $i<count($row); $i++) {
echo "<h1>Delete image: ".$row[$i]['caption']."</h1>\n</div>\n";
if($this->parentID != 0) {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->parentID."&parentID=0\">Edit an album</a> >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=".$this->parentID."\">Edit a sub-album</a>";
echo " >> Delete an image</div>\n\n";
}
else {
echo "<div id=\"breadcrumbtrail\">\n<a href=\"member.php\">";
echo 'Main Admin Area</a> >> <a href="gallery.php">Albums</a>';
echo " >> <a href=\"edit_album.php?albumID=".$this->albumID."&parentID=0\">Edit an album</a> >> Delete an image</div>\n\n";
}
echo '<div class="margins">';
echo "\n<div class=\"thumb\">\n";
if(file_exists($this->site_path.$this->img_dir.'tn_'.$row[$i]['image_url'])) {
$size = GetImageSize($this->site_path.$this->img_dir.'tn_'.$row[$i]['image_url']);
$thumb_width = $size[0];
$thumb_height = $size[1];
echo "\n<img src=\"".$this->site_url.$this->img_dir."tn_".stripslashes($row[$i]['image_url']);
echo "\" width=\"".$thumb_width."\" height=\"";
echo $thumb_height."\" alt=\"".$row[$i]['caption']."\" />\n</div>\n";
}
else {
echo "\n<img src=\"".$this->site_url.$this->img_dir."nophoto.gif\" alt=\"Photo unavailable\" /></div>\n";
}
echo "\n<div class=\"iecentrehack\" style=\"clear: left;\">\n";
echo "<form action=\"edit_album.php?albumID=".$row[$i]['albumID']."&parentID=".$this->parentID."&imageID=".$this->imageID."\" method=\"post\" class=\"centreform\">\n";
echo "<div class=\"formrow\"><input type=\"hidden\" name=\"imageID\" value=\"".$row[$i]['imageID']."\" />\n";
echo "<input type=\"hidden\" name=\"albumID\" value=\"".$row[$i]['albumID']."\" />\n";
echo "Are you sure you want to delete this image?</div>\n";
echo "<div class=\"formrow\"><input type=\"submit\" class=\"warning\" name=\"delete_image\" value=\"Delete\" />\n";
echo "<input type=\"hidden\" name=\"delete_image\" value=\"true\" /></div>\n";
echo "\n</form>\n";
echo "<p class=\"centreform\"><a href=\"edit_album.php?albumID=".$row[$i]['albumID']."&parentID=".$this->parentID."\">Don't make any changes</a></p>\n</div>\n</div>\n";
}
}
}
?>