function phphoto_admin($db, $settings, $admin)
{
switch ($admin) {
case GET_VALUE_ADMIN_GALLERY:
$gallery_id = isset($_GET[GET_KEY_GALLERY_ID]) ? $_GET[GET_KEY_GALLERY_ID] : INVALID_ID;
if (is_numeric($gallery_id) && $gallery_id != INVALID_ID) {
phphoto_echo_admin_gallery($db, $gallery_id);
} else {
phphoto_echo_admin_galleries($db);
}
break;
case GET_VALUE_ADMIN_TAG:
$tag_id = isset($_GET[GET_KEY_TAG_ID]) ? $_GET[GET_KEY_TAG_ID] : INVALID_ID;
if (is_numeric($tag_id) && $tag_id != INVALID_ID) {
phphoto_echo_admin_tag($db, $tag_id);
} else {
phphoto_echo_admin_tags($db);
}
break;
case GET_VALUE_ADMIN_IMAGE:
$image_id = isset($_GET[GET_KEY_IMAGE_ID]) ? $_GET[GET_KEY_IMAGE_ID] : INVALID_ID;
if (is_numeric($image_id) && $image_id != INVALID_ID) {
phphoto_echo_admin_image($db, $image_id);
} else {
phphoto_echo_admin_images($db);
}
break;
case GET_VALUE_ADMIN_CAMERA:
phphoto_echo_admin_cameras($db);
break;
default:
phphoto_echo_admin_default($db, $settings);
break;
}
}
function phphoto_echo_admin_tag($db, $tag_id)
{
assert(is_numeric($tag_id));
// prevent SQL injections
// OPERATIONS
if (isset($_GET[GET_KEY_OPERATION])) {
if (isset($_REQUEST[GET_KEY_IMAGE_ID]) && is_numeric($_REQUEST[GET_KEY_IMAGE_ID])) {
// operate on image in tag
$image_id = $_REQUEST[GET_KEY_IMAGE_ID];
assert(is_numeric($image_id));
// prevent SQL injections
if ($_GET[GET_KEY_OPERATION] == GET_VALUE_CREATE) {
// add image to tag
$sql = "INSERT INTO image_to_tag (tag_id, image_id, created) VALUES ({$tag_id}, {$image_id}, NOW())";
if (phphoto_db_query($db, $sql) == 1) {
phphoto_popup_message(phphoto_text($db, 'tag', 'image_added'), 'info');
}
}
if ($_GET[GET_KEY_OPERATION] == GET_VALUE_DELETE) {
// remove image from tag
$sql = "DELETE FROM image_to_tag WHERE tag_id = {$tag_id} AND image_id = {$image_id}";
if (phphoto_db_query($db, $sql) == 1) {
phphoto_popup_message(phphoto_text($db, 'tag', 'image_removed'), 'info');
}
}
} else {
if ($_GET[GET_KEY_OPERATION] == GET_VALUE_UPDATE && isset($_POST['name']) && isset($_POST['description'])) {
// update tag
$name = $_POST['name'];
$description = $_POST['description'];
$active = isset($_POST['active']) ? 'TRUE' : 'FALSE';
$sql = sprintf("UPDATE tags SET name = '%s', description = '%s', active = %s WHERE id = %s", mysql_real_escape_string($name, $db), mysql_real_escape_string($description, $db), $active, $tag_id);
if (phphoto_db_query($db, $sql) == 1) {
phphoto_popup_message(phphoto_text($db, 'tag', 'updated'), 'info');
}
}
if ($_GET[GET_KEY_OPERATION] == GET_VALUE_DELETE) {
// delete tag
$sql = "DELETE FROM tags WHERE id = {$tag_id}";
if (phphoto_db_query($db, $sql) == 1) {
phphoto_popup_message(phphoto_text($db, 'tag', 'deleted'), 'info');
phphoto_echo_admin_tags($db);
return;
} else {
phphoto_popup_message(phphoto_text($db, 'tag', 'delete_error'), 'error');
}
}
}
}
$sql = "\n SELECT\n id,\n name,\n description,\n (SELECT COUNT(*) FROM image_to_tag WHERE tag_id = id) AS images,\n active,\n changed,\n created\n FROM\n tags\n WHERE\n id = {$tag_id}\n ";
$tag_data = phphoto_db_query($db, $sql);
if (count($tag_data) != 1) {
phphoto_popup_message(phphoto_text($db, 'tag', 'unknown'), 'error');
echo "\n</div>";
return;
}
$tag_data = $tag_data[0];
$table_data = array();
array_push($table_data, array(phphoto_text($db, 'header', 'name'), "<input type='input' name='name' maxlength='255' value='{$tag_data['name']}'>"));
array_push($table_data, array(phphoto_text($db, 'header', 'description'), "<textarea name='description'>{$tag_data['description']}</textarea>"));
array_push($table_data, array(phphoto_text($db, 'header', 'active'), "<input type='checkbox' name='active'" . ($tag_data['active'] ? ' checked' : '') . ">"));
array_push($table_data, array(phphoto_text($db, 'header', 'changed'), format_date_time($tag_data['changed'])));
array_push($table_data, array(phphoto_text($db, 'header', 'created'), format_date_time($tag_data['created'])));
array_push($table_data, array(' ', "<input type='submit' value='" . phphoto_text($db, 'button', 'update') . "'>"));
echo "\n<div class='admin'>";
echo "\n <h1>" . phphoto_text($db, 'tag', 'edit') . "</h1>";
echo "\n <form method='post' action='" . CURRENT_PAGE . '?' . GET_KEY_ADMIN_QUERY . '=' . GET_VALUE_ADMIN_TAG . '&' . GET_KEY_OPERATION . '=' . GET_VALUE_UPDATE . '&' . GET_KEY_TAG_ID . "={$tag_id}'>";
phphoto_to_html_table($table_data);
echo "\n </form>";
echo "\n</div>";
// images not tagged with this tag
echo "\n<div class='admin'>";
echo "\n <h1>" . phphoto_text($db, 'tag', 'not_tagged_images') . "</h1>";
$sql = "\n SELECT\n id,\n IF (LENGTH(title) > 0, title, filename) AS name\n FROM\n images\n WHERE\n id NOT IN (SELECT image_id FROM image_to_tag WHERE tag_id = {$tag_id})\n ";
$images = phphoto_db_query($db, $sql);
if (count($images) > 0) {
echo "\n <form method='post' action='" . CURRENT_PAGE . '?' . GET_KEY_ADMIN_QUERY . '=' . GET_VALUE_ADMIN_TAG . '&' . GET_KEY_OPERATION . '=' . GET_VALUE_CREATE . '&' . GET_KEY_TAG_ID . "={$tag_id}'>";
echo "\n <select name='" . GET_KEY_IMAGE_ID . "'>";
foreach ($images as $row) {
echo "\n <option value='{$row['id']}'>{$row['name']}</option>";
}
echo "\n </select>";
echo "\n <input type='submit' value='" . phphoto_text($db, 'button', 'add') . "'>";
echo "\n </form>";
}
echo "\n</div>";
// images tagged
$sql = "\n SELECT\n id,\n IF (LENGTH(title) > 0, title, filename) AS name,\n active\n FROM\n images\n WHERE\n id IN (SELECT image_id FROM image_to_tag WHERE tag_id = {$tag_id})\n ";
$header = array(phphoto_text($db, 'header', 'thumbnail'), phphoto_text($db, 'header', 'name'), phphoto_text($db, 'header', 'active'), ' ');
$images = array();
foreach (phphoto_db_query($db, $sql) as $row) {
array_push($images, array("<a href='" . CURRENT_PAGE . '?' . GET_KEY_ADMIN_QUERY . '=' . GET_VALUE_ADMIN_IMAGE . '&' . GET_KEY_IMAGE_ID . "={$row['id']}'>\n <img src='image.php?" . GET_KEY_IMAGE_ID . "={$row['id']}t' class='thumbnail' /></a>", $row['name'], format_bool($row['active']), "<a href='" . CURRENT_PAGE . '?' . GET_KEY_ADMIN_QUERY . '=' . GET_VALUE_ADMIN_TAG . '&' . GET_KEY_OPERATION . '=' . GET_VALUE_DELETE . '&' . GET_KEY_TAG_ID . '=' . $tag_id . '&' . GET_KEY_IMAGE_ID . "={$row['id']}'><img src='./icons/process-stop.png' /></a>"));
}
echo "\n<div class='admin'>";
echo "\n <h1>" . phphoto_text($db, 'tag', 'tagged_images') . "</h1>";
phphoto_to_html_table($images, $header);
echo "\n</div>";
}
