$image->loadFromId($_REQUEST['id']);
$isowner = $image->user_id == $USER->user_id ? 1 : 0;
$isadmin = $USER->hasPerm('ticketmod') ? 1 : 0;
if ($image->isValid()) {
if ($isowner || $isadmin) {
//ok, we'll let it lie...
} else {
header("Location: /photo/{$_REQUEST['id']}");
exit;
}
$smarty->assign_by_ref('image', $image);
if (isset($_POST['finalise'])) {
if ($uploadmanager->setUploadId($_POST['upload_id'])) {
$uploadmanager->setLargestSize($_POST['largestsize']);
$uploadmanager->setClearExif($_POST['clearexif']);
$uploadmanager->addOriginal($image);
$smarty->assign('step', 4);
} else {
$smarty->assign('step', -1);
}
} elseif (isset($_POST['abandon'])) {
if ($uploadmanager->setUploadId($_POST['upload_id'])) {
$uploadmanager->cleanUp();
}
$smarty->assign('step', -1);
} elseif (isset($_POST['next'])) {
if (!filesize($_FILES['jpeg']['tmp_name'])) {
$smarty->assign('error', 'Sorry, no file was received - please try again');
} elseif ($uploadmanager->processUpload($_FILES['jpeg']['tmp_name'])) {
$smarty->assign('upload_id', $uploadmanager->upload_id);
$smarty->assign('transfer_id', $uploadmanager->upload_id);
