function delete_album($aid)
{
global $db, $CONFIG;
$result = $db->sql_query("SELECT title, category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid ='{$aid}'", false, __FILE__, __LINE__);
if (!$db->sql_numrows($result)) {
cpg_die(_CRITICAL_ERROR, NON_EXIST_AP, __FILE__, __LINE__);
}
$album_data = $db->sql_fetchrow($result);
if (!GALLERY_ADMIN_MODE) {
if ($album_data['category'] != FIRST_USER_CAT + USER_ID) {
cpg_die(_ERROR, PERM_DENIED, __FILE__, __LINE__);
}
}
$result = $db->sql_query("SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='{$aid}'", false, __FILE__, __LINE__);
// Delete all files
while ($pic = $db->sql_fetchrow($result)) {
delete_picture($pic['pid']);
}
speedup_pictures();
// Delete album
$result = $db->sql_query("DELETE from {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$aid}'", false, __FILE__, __LINE__);
if ($db->sql_affectedrows() > 0) {
echo "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf(ALB_DEL_SUCCESS, $album_data['title']) . "</td></tr>\n";
}
}
function process_post_data()
{
global $db, $CONFIG;
global $user_albums_list;
$user_album_set = array();
foreach ($user_albums_list as $album) {
$user_album_set[$album['aid']] = 1;
}
if (!is_array($_POST['pid'])) {
cpg_die(_CRITICAL_ERROR, PARAM_MISSING, __FILE__, __LINE__);
}
$pid_array =& $_POST['pid'];
foreach ($pid_array as $pid) {
//init.inc $pid = (int)$pid;
if (!is_numeric($aid . $pid)) {
cpg_die(_CRITICAL_ERROR, PARAM_MISSING, __FILE__, __LINE__);
}
$aid = get_post_var('aid', $pid);
$title = get_post_var('title', $pid);
$caption = get_post_var('caption', $pid, 1);
$keywords = get_post_var('keywords', $pid);
$user1 = get_post_var('user1', $pid);
$user2 = get_post_var('user2', $pid);
$user3 = get_post_var('user3', $pid);
$user4 = get_post_var('user4', $pid);
$delete = isset($_POST['delete' . $pid]);
$reset_vcount = isset($_POST['reset_vcount' . $pid]);
$reset_votes = isset($_POST['reset_votes' . $pid]);
$del_comments = isset($_POST['del_comments' . $pid]) || $delete;
$query = "SELECT category, filepath, filename FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'";
$result = $db->sql_query($query);
if (!$db->sql_numrows($result)) {
cpg_die(_CRITICAL_ERROR, NON_EXIST_AP, __FILE__, __LINE__);
}
$pic = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if (!GALLERY_ADMIN_MODE) {
if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
cpg_die(_ERROR, PERM_DENIED . "<br />(picture category = {$pic['category']}/ {$pid})", __FILE__, __LINE__);
}
if (!isset($user_album_set[$aid])) {
cpg_die(_ERROR, PERM_DENIED . "<br />(target album = {$aid})", __FILE__, __LINE__);
}
}
$update = "aid = '" . $aid . "' ";
$update .= ", title = '" . $title . " ' ";
$update .= ", caption = '" . $caption . "' ";
$update .= ", keywords = '" . $keywords . "' ";
$update .= ", user1 = '" . $user1 . "' ";
$update .= ", user2 = '" . $user2 . "' ";
$update .= ", user3 = '" . $user3 . "' ";
$update .= ", user4 = '" . $user4 . "' ";
if ($reset_vcount) {
$update .= ", hits = '0'";
}
if ($reset_votes) {
$update .= ", pic_rating = '0', votes = '0'";
}
if (UPLOAD_APPROVAL_MODE) {
$approved = get_post_var('approved', $pid);
if ($approved == '1') {
$update .= ", approved = '1'";
} elseif ($approved == 'DELETE') {
$del_comments = 1;
$delete = 1;
}
}
if ($del_comments) {
$result = $db->sql_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'");
}
if ($delete) {
$dir = $CONFIG['fullpath'];
$file = $pic['filename'];
if (!is_writable($dir)) {
cpg_die(_CRITICAL_ERROR, sprintf(DIRECTORY_RO, $dir), __FILE__, __LINE__);
}
$files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file);
foreach ($files as $currFile) {
if (is_file($currFile)) {
unlink($currFile);
}
}
$result = $db->sql_query("DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'");
} else {
$result = $db->sql_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}'");
}
}
speedup_pictures();
}