if ($info[0] > $set['user']['avatar_maxdim'] || $info[1] > $set['user']['avatar_maxdim'] || $info[0] == 0 || $info[1] == 0) {
$mm->deletefile('user/' . $newfile);
message($apx->lang->get('MSG_MAXDIM'), 'javascript:history.back()');
require 'lib/_end.php';
}
$db->query("UPDATE " . PRE . "_user SET avatar='" . addslashes($newfile) . "',avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
if ($user->info['avatar']) {
$mm->deletefile('user/' . $user->info['avatar']);
}
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
}
}
} elseif ($_POST['delav']) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$mm->deletefile('user/' . $user->info['avatar']);
$db->query("UPDATE " . PRE . "_user SET avatar='',avatar_title='' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
} else {
$db->query("UPDATE " . PRE . "_user SET avatar_title='" . addslashes($_POST['avatar_title']) . "' WHERE userid='" . $user->info['userid'] . "' LIMIT 1");
message($apx->lang->get('MSG_OK'), mklink('user.php?action=avatar', 'user,avatar.html'));
}
} else {
if ($user->info['avatar']) {
$apx->tmpl->assign('CURRENT_AVATAR', $user->mkavatar($user->info));
$apx->tmpl->assign('CURRENT_TITLE', $user->mkavtitle($user->info));
}
$apx->tmpl->assign('MAX_DIMENSIONS', $set['user']['avatar_maxdim']);
$apx->tmpl->assign('MAX_FILESIZE', user_getsize($set['user']['avatar_maxsize'], 0));
$postto = mklink('user.php?action=avatar', 'user,avatar.html');
$apx->tmpl->assign('POSTTO', $postto);
unset($picture, $thumbnail);
}
$db->query("INSERT INTO " . PRE . "_forum_attachments (hash,postid,file,thumbnail,name,size,mime,time) VALUES ('" . addslashes($_REQUEST['hash']) . "','" . $_REQUEST['postid'] . "','" . addslashes('forum/' . $newname) . "','" . addslashes($thumbnailPath) . "','" . addslashes($file['name']) . "','" . intval($file['size']) . "','" . addslashes($file['type']) . "','" . time() . "')");
if ($message) {
$message .= '<br />';
}
$message .= $apx->lang->get('MSG_OK', array('FILE' => $file['name']));
}
}
//Dateien löschen
if ($_POST['delete'] && is_array($_POST['delete'])) {
reset($_POST['delete']);
$delete = (int) key($_POST['delete']);
if ($delete) {
list($file, $filename) = $db->first("SELECT file,name FROM " . PRE . "_forum_attachments WHERE ( id='" . $delete . "' AND postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) LIMIT 1");
$mm->deletefile($file);
$db->query("DELETE FROM " . PRE . "_forum_attachments WHERE ( id='" . $delete . "' AND postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) LIMIT 1");
$message .= $apx->lang->get('MSG_DELETE', array('FILE' => $filename));
}
}
//Dateien auflisten
$attrefresh = '';
$data = $db->fetch("SELECT * FROM " . PRE . "_forum_attachments WHERE ( postid='" . $_REQUEST['postid'] . "' AND hash='" . addslashes($_REQUEST['hash']) . "' ) ORDER BY name ASC");
if (count($data)) {
foreach ($data as $res) {
++$i;
$ext = strtolower($mm->getext($res['name']));
$attdata[$i]['ID'] = $res['id'];
$attdata[$i]['FILENAME'] = $res['name'];
$attdata[$i]['ICON'] = $typeinfo[$ext][1];
$attdata[$i]['SIZE'] = forum_getsize($res['size']);
function gallery_pics_del()
{
global $set, $apx, $db, $html;
$_REQUEST['userid'] = (int) $_REQUEST['userid'];
$_REQUEST['galid'] = (int) $_REQUEST['galid'];
if (!$_REQUEST['galid']) {
die('missing GALID!');
}
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send']) {
if (!checkToken()) {
printInvalidToken();
} else {
list($galid) = $db->first("SELECT id FROM " . PRE . "_user_gallery WHERE id='" . $_REQUEST['galid'] . "' LIMIT 1");
if (!$galid) {
die('access denied!');
}
list($picture, $thumbnail) = $db->first("SELECT picture,thumbnail FROM " . PRE . "_user_pictures WHERE id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['galid'] . "' LIMIT 1");
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) {
$mm->deletefile($thumbnail);
}
$db->query("DELETE FROM " . PRE . "_user_pictures WHERE id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['galid'] . "' LIMIT 1");
logit('USER_GALLERYPIC_DEL', 'ID #' . $_REQUEST['id']);
printJSReload();
}
} else {
$input = array('ID' => $_REQUEST['id'], 'GALID' => $_REQUEST['galid'], 'USERID' => $_REQUEST['userid']);
tmessageOverlay('gallerypicdel', $input);
}
}
function del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} else {
list($image) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$mm->deletefile($image);
$db->query("DELETE FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('AFFILIATES_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('affiliates.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('del', array('ID' => $_REQUEST['id']));
}
}
function udel()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
//Bild löschen
list($picture) = $db->first("SELECT picture FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$poppic = str_replace('-thumb.', '.', $picture);
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) {
$mm->deletefile($poppic);
}
//DB-Eintrag löschen
$db->query("DELETE FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "'");
logit('PRODUCTS_UNITS_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('products.ushow'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_products_units WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/');
}
}
function misc_mailform()
{
global $set, $db, $apx, $user;
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
if (!isset($set['formmailer']['sendto'][$_POST['sendto']])) {
die('sendto is not a valid mail-ID!');
}
$apx->lang->drop('sendform', 'formmailer');
//Zusätzliche Felder prüfen ob ausgefüllt
$addnl_failed = false;
foreach ($_POST as $key => $value) {
if (in_array($key, array('subject', 'sendto', 'copytome'))) {
continue;
}
if (substr($key, -9) != '_required') {
continue;
}
if (!$value) {
$addnl_failed = true;
}
}
//Absenden
if ($addnl_failed) {
message('back');
} else {
//Text erstellen
$text = '';
foreach ($_POST as $key => $value) {
if (in_array($key, array('subject', 'sendto', 'copytome'))) {
continue;
}
//Bei required-Feldern Namen kürzen
if (substr($key, -9) == '_required') {
$key = substr($key, 0, strlen($key) - 9);
}
$text .= $key . ': ' . $value . "\n";
}
//Betreff
if ($_POST['subject']) {
$subject = $_POST['subject'];
} else {
$subject = 'apexx Formmailer';
}
//Mediamanger initialisieren
$attachments = array();
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$temphash = md5(microtime());
//Dateien hochladen
if (is_array($_FILES) && count($_FILES)) {
foreach ($_FILES as $fileinfo) {
if (!$fileinfo['tmp_name']) {
continue;
}
if (!is_uploaded_file($fileinfo['tmp_name'])) {
continue;
}
$tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp';
$mm->uploadfile($fileinfo, 'temp', $tempname);
$attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']);
}
}
//Normale eMail senden
if (!count($attachments)) {
if ($set['main']['mailbotname']) {
$from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>';
} else {
$from = 'From:' . $set['main']['mailbot'];
}
$sendtomail = $set['formmailer']['sendto'][$_POST['sendto']];
mail($sendtomail, $subject, $text, $from);
} else {
$boundary = md5(uniqid(time()));
if ($set['main']['mailbotname']) {
$from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>';
} else {
$from = 'From:' . $set['main']['mailbot'];
}
$header = "MIME-Version: 1.0\n";
$header .= $from . "\n";
$header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n";
$body = "--" . $boundary . "\n";
$body .= "Content-Type: text/plain\n";
$body .= "Content-Transfer-Encoding: 7bit\n\n";
$body .= $text . "\n\n";
//Dateianhänge codieren
$filedata = '';
foreach ($attachments as $source) {
$sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source'];
$filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath));
$body .= "--" . $boundary . "\n";
$body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n";
$body .= "Content-Transfer-Encoding: base64\n";
$body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n";
$body .= chunk_split(base64_encode($filedata));
$body .= "\n";
}
$body .= "--{$boundary}--\n";
//eMail abschicken
$sendtomail = $set['formmailer']['sendto'][$_POST['sendto']];
mail($sendtomail, $_POST['subject'], $body, $header);
//Anhänge vom Server löschen
foreach ($attachments as $tempfile) {
$mm->deletefile('temp/' . $tempfile['source']);
}
}
message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html'));
}
}
function del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$res = $db->first("SELECT newspic FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.del'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1");
$db->query("DELETE FROM " . PRE . "_news WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.del'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1");
if (!$db->affected_rows()) {
die('access denied!');
}
//Kommentare + Bewertungen löschen (nur wenn ein Eintrag gelöscht wurde -> User hat Recht dazu!)
if ($apx->is_module('comments')) {
$db->query("DELETE FROM " . PRE . "_comments WHERE ( module='news' AND mid='" . $_REQUEST['id'] . "' )");
}
if ($apx->is_module('ratings')) {
$db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='news' AND mid='" . $_REQUEST['id'] . "' )");
}
//Bilder löschen
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$picture = $res['newspic'];
$poppic = str_replace('-thumb.', '.', $newspic);
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) {
$mm->deletefile($poppic);
}
//Tags löschen
$db->query("DELETE FROM " . PRE . "_news_tags WHERE id='" . $_REQUEST['id'] . "'");
logit('NEWS_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('news.show'));
}
} else {
list($title, $subtitle) = $db->first("SELECT title, subtitle FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title . ($subtitle ? ' - ' . $subtitle : '')))));
tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/');
}
}
function pictures()
{
global $set, $db, $apx;
//Notwendig weil 1.7.0 beim Kopieren ein Bild mit ID 0 erzeugt hatte :/
if (isset($_REQUEST['delpic'])) {
$_REQUEST['delpic'] = (int) $_REQUEST['delpic'];
} else {
$_REQUEST['delpic'] = null;
}
//Bilder auslesen
list($pictures, $nextid) = $db->first("SELECT pictures,pictures_nextid FROM " . PRE . "_articles WHERE id='" . $_REQUEST['id'] . "'");
$pictures = unserialize($pictures);
if (!is_array($pictures)) {
$pictures = array();
}
//Bild löschen
if (isset($_REQUEST['delpic']) && isset($pictures[$_REQUEST['delpic']])) {
if ($_POST['delpic']) {
if (!checkToken()) {
printInvalidToken();
} else {
$picinfo = $pictures[$_REQUEST['delpic']];
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
if ($picinfo['thumbnail'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['thumbnail'])) {
$mm->deletefile($picinfo['thumbnail']);
}
if ($picinfo['picture'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['picture'])) {
$mm->deletefile($picinfo['picture']);
}
unset($pictures[$_REQUEST['delpic']]);
$db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics');
}
} else {
tmessageOverlay('picdel', array('ID' => $_REQUEST['id'], 'DELPIC' => $_REQUEST['delpic']));
}
} elseif ($_POST['send']) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
require_once BASEDIR . 'lib/class.image.php';
$img = new image();
//Bilder abarbeiten
for ($i = 1; $i <= 5; $i++) {
if (!$_FILES['upload' . $i]['tmp_name']) {
continue;
}
$ext = strtolower($mm->getext($_FILES['upload' . $i]['name']));
if ($ext == 'gif') {
$ext = 'jpg';
}
$newname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '.' . $ext;
$newfile = 'articles/gallery/' . $newname;
$thumbname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '-thumb.' . $ext;
$thumbfile = 'articles/gallery/' . $thumbname;
//Erfolgreichen Upload prüfen
if (!$mm->uploadfile($_FILES['upload' . $i], 'articles/gallery', $newname)) {
continue;
}
//Bild einlesen
list($picture, $picturetype) = $img->getimage($newfile);
//////// THUMBNAIL
$thumbnail = $img->resize($picture, $set['articles']['thumbwidth'], $set['articles']['thumbheight'], $set['articles']['artpic_quality']);
$img->saveimage($thumbnail, $picturetype, $thumbfile);
//////// BILD
//Bild skalieren
if ($picture !== false && !$_POST['noresize' . $i] && $set['articles']['picwidth'] && $set['articles']['picheight']) {
$scaled = $img->resize($picture, $set['articles']['picwidth'], $set['articles']['picheight'], $set['articles']['artpic_quality'], 0);
if ($scaled != $picture) {
imagedestroy($picture);
}
$picture = $scaled;
}
//Wasserzeichen einfügen
if ($picture !== false && $set['articles']['watermark'] && $_POST['watermark' . $i]) {
$watermarked = $img->watermark($picture, $set['articles']['watermark'], $set['articles']['watermark_position'], $set['articles']['watermark_transp']);
if ($watermarked != $picture) {
imagedestroy($picture);
}
$picture = $watermarked;
}
//Bild erstellen
$img->saveimage($picture, $picturetype, $newfile);
//Cleanup
imagedestroy($picture);
imagedestroy($thumbnail);
unset($picture, $thumbnail);
$pictures[$nextid] = array('picture' => $newfile, 'thumbnail' => $thumbfile);
++$nextid;
}
//Bilder eintragen
$db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "',pictures_nextid='" . intval($nextid) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
//Artikel beenden
if ($_POST['submit_finish']) {
$this->finish_article();
return;
} else {
printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics');
}
} else {
echo '<h2>' . $apx->lang->get(iif($this->type == 'normal', 'ARTICLE', strtoupper($this->type))) . ': ' . $this->title . '</h2>';
//Bilderserie auflisten
foreach ($pictures as $id => $res) {
++$i;
$picdata[$i]['ID'] = $id;
$picdata[$i]['IMAGE'] = HTTPDIR . getpath('uploads') . $res['thumbnail'];
$picdata[$i]['LINK'] = HTTPDIR . getpath('uploads') . $res['picture'];
$picdata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', $_REQUEST['action'], 'id=' . $_REQUEST['id'] . '&pageid=pics&delpic=' . $id . '&pubnow=' . $_REQUEST['pubnow'], $apx->lang->get('CORE_DEL'));
}
$apx->tmpl->assign('SET_WATERMARK', iif($set['articles']['watermark'], 1, 0));
$apx->tmpl->assign('SET_NORESIZE', iif($set['articles']['picwidth'] && $set['articles']['picheight'], 1, 0));
$apx->tmpl->assign('PIC', $picdata);
$apx->tmpl->assign('PUBNOW', (int) $_REQUEST['pubnow']);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('ACTION', iif($_REQUEST['action'] == 'articles.add', 'add', 'edit'));
$apx->tmpl->parse('pictures');
}
}
foreach ($attachments as $source) {
$sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source'];
$filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath));
$body .= "--" . $boundary . "\n";
$body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n";
$body .= "Content-Transfer-Encoding: base64\n";
$body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n";
$body .= chunk_split(base64_encode($filedata));
$body .= "\n";
}
$body .= "--{$boundary}--\n";
//eMail abschicken
mail($sendtomail, $_POST['subject'], $body, $header);
//Anhänge vom Server löschen
foreach ($attachments as $tempfile) {
$mm->deletefile('temp/' . $tempfile['source']);
}
}
//Kopie an mich
if ($_POST['copytome']) {
$copytext = '';
if ($apx->lang->get('COPY_INTRO')) {
$copytext .= $apx->lang->get('COPY_INTRO') . "\r\n\r\n-----\r\n\r\n";
}
$copytext .= $text;
if ($set['main']['mailbotname']) {
$from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>';
} else {
$from = 'From:' . $set['main']['mailbot'];
}
if (count($attachments)) {
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send']) {
$db->query("DELETE FROM " . PRE . "_user_gallery WHERE id='" . $_REQUEST['id'] . "' AND owner='" . $user->info['userid'] . "' LIMIT 1");
if ($db->affected_rows()) {
$data = $db->fetch("SELECT picture,thumbnail FROM " . PRE . "_user_pictures WHERE galid='" . $_REQUEST['id'] . "'");
$db->query("DELETE FROM " . PRE . "_user_pictures WHERE galid='" . $_REQUEST['id'] . "'");
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
if (count($data)) {
foreach ($data as $res) {
$picture = $res['picture'];
$thumbnail = $res['thumbnail'];
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($thumbnail && file_exists(BASEDIR . getpath('uploads') . $thumbnail)) {
$mm->deletefile($thumbnail);
}
}
}
$mm->deletedir('user/gallery-' . $_REQUEST['id']);
}
message($apx->lang->get('MSG_DEL_OK'), mklink('user.php?action=mygallery', 'user,mygallery.html'));
} else {
tmessage('delgallery', array('ID' => $_REQUEST['id']));
}
require 'lib/_end.php';
}
//GALERIEN AUFLISTEN
function del()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$res = $db->first("SELECT picture FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$db->query("DELETE FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
//Kommentare löschen
if ($apx->is_module('comments')) {
$db->query("DELETE FROM " . PRE . "_comments WHERE ( module='anzeigenmarkt' AND mid='" . $_REQUEST['id'] . "' )");
}
//Bilder löschen
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$picture = $res['picture'];
$poppic = str_replace('-thumb.', '.', $picture);
if ($picture && file_exists(BASEDIR . getpath('uploads') . $picture)) {
$mm->deletefile($picture);
}
if ($poppic && file_exists(BASEDIR . getpath('uploads') . $poppic)) {
$mm->deletefile($poppic);
}
//Tags löschen
$db->query("DELETE FROM " . PRE . "_calendar_tags WHERE id='" . $_REQUEST['id'] . "'");
logit('CALENDAR_DEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('calendar.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('deltitle', array('ID' => $_REQUEST['id']), '/');
}
}
function pdel()
{
global $set, $db, $apx;
//Mehrere
if (is_array($_REQUEST['multiid'])) {
if (!checkToken()) {
printInvalidToken();
} else {
$cache = array_map('intval', $_REQUEST['multiid']);
if (!count($cache)) {
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('gallery.pshow'));
return;
}
if (count($cache)) {
$data = $db->fetch("SELECT galid,thumbnail,picture FROM " . PRE . "_gallery_pics WHERE ( id IN ( " . implode(',', $cache) . ") )");
$db->query("DELETE FROM " . PRE . "_gallery_pics WHERE ( id IN ( " . implode(',', $cache) . ") )");
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$galid = null;
//Bilder löschen
if (count($data)) {
foreach ($data as $res) {
$galid = $res['galid'];
$mm->deletefile($res['thumbnail']);
$mm->deletefile($res['picture']);
}
}
//Kommentare und Bewertungen löschen
if ($apx->is_module('comments')) {
$db->query("DELETE FROM " . PRE . "_comments WHERE ( module='gallery' AND mid IN ( " . implode(',', $cache) . " ) )");
}
if ($apx->is_module('ratings')) {
$db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='gallery' AND mid IN ( " . implode(',', $cache) . " ) )");
}
foreach ($cache as $id) {
logit('GALLERY_PDEL', 'ID #' . $id);
}
//Galerie-Updatetime
if ($galid) {
$this->setGalleryUpdatetime($galid);
}
}
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('gallery.pshow'));
}
} else {
$_REQUEST['id'] = (int) $_REQUEST['id'];
$_REQUEST['gid'] = (int) $_REQUEST['gid'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if (!$_REQUEST['gid']) {
die('missing gallery ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$res = $db->first("SELECT galid,thumbnail,picture FROM " . PRE . "_gallery_pics WHERE ( id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['gid'] . "' ) LIMIT 1");
$db->query("DELETE FROM " . PRE . "_gallery_pics WHERE ( id='" . $_REQUEST['id'] . "' AND galid='" . $_REQUEST['gid'] . "' ) LIMIT 1");
//Nur löschen, wenn der Muttereintrag wirklich gelöscht wurde!
if ($db->affected_rows()) {
//Bilder löschen
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$mm->deletefile($res['thumbnail']);
$mm->deletefile($res['picture']);
//Kommentare und Bewertungen löschen
if ($apx->is_module('comments')) {
$db->query("DELETE FROM " . PRE . "_comments WHERE ( module='gallery' AND mid='" . $_REQUEST['id'] . "' )");
}
if ($apx->is_module('ratings')) {
$db->query("DELETE FROM " . PRE . "_ratings WHERE ( module='gallery' AND mid='" . $_REQUEST['id'] . "' )");
}
//Preview-Bild-Zuweisung löschen (falls vorhanden)
$db->query("UPDATE " . PRE . "_gallery SET preview='' WHERE preview='" . addslashes($res['thumbnail']) . "'");
//Galerie-Updatetime
$this->setGalleryUpdatetime($_REQUEST['gid']);
}
logit('GALLERY_PDEL', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('gallery.pshow'));
}
} else {
$input['ID'] = $_REQUEST['id'];
$input['GID'] = $_REQUEST['gid'];
tmessageOverlay('pdel', $input);
}
}
}
