function album_build_auth_list($user_id, $cat_id = ALBUM_ROOT_CATEGORY, $auth_data = 0)
{
global $user, $lang, $album_config;
$auth_list = '';
if (!is_array($auth_data)) {
if ($cat_id == ALBUM_ROOT_CATEGORY) {
message_die(GENERAL_ERROR, "Invalid combination of category id and authentication data");
}
$auth_data = album_get_auth_data($cat_id);
}
$auth_key = array_keys($auth_data);
for ($i = 0; $i < sizeof($auth_data) - 1; $i++) {
// we should skip a loop if RATE and COMMENT is disabled
if ($album_config['rate'] == 0 && $auth_key[$i] == 'rate' || $album_config['comment'] == 0 && $auth_key[$i] == 'comment') {
continue;
}
$auth_list .= $auth_data[$auth_key[$i]] == 1 ? $lang['Album_' . $auth_key[$i] . '_can'] : $lang['Album_' . $auth_key[$i] . '_cannot'];
$auth_list .= '<br />';
}
// ------------------------------------------------------------------------
// add Moderator Control Panel here
// ------------------------------------------------------------------------
if ($user->data['user_level'] == ADMIN || $auth_data['moderator'] == 1) {
$auth_list .= sprintf($lang['Album_moderate_can'], '<a href="' . append_sid(album_append_uid('album_modcp.' . PHP_EXT . '?cat_id=' . $cat_id)) . '">', '</a>');
$auth_list .= '<br />';
}
// ------------------------------------------------------------------------
// if admin has allowed user to manage his sub categories AND also have
// allowed for more then one category then enable the personal gallery
// category admin
// ------------------------------------------------------------------------
if ($user_id != ALBUM_PUBLIC_GALLERY && $auth_data['manage'] == 1) {
/*
if ( ($user->data['user_level'] == ADMIN) ||
(($album_config['personal_allow_gallery_mod'] == 1) &&
($album_config['personal_allow_sub_categories'] == 1) &&
($album_config['personal_sub_category_limit'] != 0)) )
*/
if ($user->data['user_level'] == ADMIN || $album_config['personal_allow_sub_categories'] == 1 && $album_config['personal_sub_category_limit'] != 0) {
$auth_list .= sprintf($lang['Album_Can_Manage_Categories'], '<a href="' . append_sid(album_append_uid('album_personal_cat_admin.' . PHP_EXT . '?cat_id=' . $cat_id)) . '">', '</a>');
$auth_list .= '<br />';
}
}
return $auth_list;
}
$catrows = array();
// all categories for jumpbox
$auth_data = array();
// the authothentication data for current category for current user
if ($album_user_id != ALBUM_PUBLIC_GALLERY && !album_check_user_exists($album_user_id)) {
redirect(append_sid(album_append_uid('album.' . PHP_EXT)));
}
$read_options = $album_view_mode == ALBUM_VIEW_LIST ? ALBUM_READ_ALL_CATEGORIES | ALBUM_AUTH_VIEW : ALBUM_AUTH_VIEW;
$catrows = album_read_tree($album_user_id, $read_options);
// check if the category exists in the album_tree data
if (@(!array_key_exists($cat_id, $album_data['keys']))) {
message_die(GENERAL_MESSAGE, $lang['Category_not_exist']);
}
$thiscat = $album_data['data'][$album_data['keys'][$cat_id]];
$total_pics = $thiscat['count'];
$auth_data = album_get_auth_data($cat_id);
//$auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_ALL, $thiscat);
// ------------------------------------
// Check permissions
// ------------------------------------
if (!$auth_data['view']) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(album_append_uid(CMS_PAGE_LOGIN . '?redirect=album_cat.' . PHP_EXT . '&cat_id=' . $cat_id)));
} else {
message_die(GENERAL_ERROR, $lang['Not_Authorized']);
}
}
// END check permissions
if (empty($thiscat)) {
message_die(GENERAL_MESSAGE, $lang['Category_not_exist']);
}
message_die(GENERAL_MESSAGE, 'NO_USER');
}
$username = $album_user['username'];
$moderators_list = empty($moderators_list) ? $username : '******' . $username;
// check if personal gallery root category exists
if (ALBUM_ROOT_CATEGORY == ($check_cat_id = album_get_personal_root_id($album_user_id))) {
// if it doesn't then create the 'fake' category so we can authenticate it
$thiscat = init_personal_gallery_cat($album_user_id);
$cat_id = $check_cat_id;
$auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_ALL, $thiscat);
} else {
if (empty($cat_id) || $cat_id == 0) {
$cat_id = $check_cat_id;
}
$thiscat = $album_data['data'][$album_data['keys'][$cat_id]];
$auth_data = album_get_auth_data(album_get_personal_root_id($album_user_id));
}
// ------------------------------------------------------------------------
// Check view permissions
// ------------------------------------------------------------------------
// Old AUTH Check for PG
//$auth_data = album_permissions($album_user_id, $cat_id, ALBUM_AUTH_ALL, $thiscat);
// Used in album_cat.php
//$auth_data = album_get_auth_data($cat_id);
// New AUTH check for PG
//$auth_data = album_get_auth_data(album_get_personal_root_id($album_user_id));
if (!album_check_permission($auth_data, ALBUM_AUTH_VIEW)) {
if (!$user->data['session_logged_in']) {
redirect(append_sid(CMS_PAGE_LOGIN . '?redirect=album.' . PHP_EXT . '&user_id=' . $album_user_id));
} else {
message_die(GENERAL_MESSAGE, $lang['Not_Authorized']);
