function pictures($memID) { global $context, $modSettings, $smcFunc, $txt, $sourcedir; loadTemplate('ProfilePictures'); require_once $sourcedir . '/Profile-Modify.php'; loadThemeOptions($memID); if ((@$context['member']['options']['pictures_budd_only'] == 1 || @$context['member']['options']['customized_private'] == 1) && @$modSettings['enable_buddylist'] == 1) { if (is_buddy($memID, $context['user']['id']) || allowedTo('edit_Maximum_Maximum_any') || $context['user']['is_owner']) { $context['can_view_pics'] = true; } else { $context['can_view_pics'] = false; } } else { $context['can_view_pics'] = true; } if ($modSettings['Maximum_enable_pictures'] != 1 || !$context['can_view_pics']) { fatal_error($txt['Maximum_picture_not_allowed'], false); } // Permisions $allowed_edit = false; $allowed_add = false; $allowed_album_modify = false; if (allowedTo('edit_Maximum_Maximum_any')) { $allowed_edit = true; $allowed_add = true; $allowed_album_modify = true; } elseif ($context['user']['is_owner'] && allowedTo('edit_Maximum_Maximum_own')) { $allowed_add = true; $allowed_album_modify = true; // Are you editing picture that is on your own profile? $temp_id = isset($_GET['view']) ? $_GET['view'] : (isset($_GET['edit']) ? $_GET['edit'] : (isset($_GET['edit2']) ? $_GET['edit2'] : (isset($_GET['delete']) ? $_GET['delete'] : ''))); $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}Maximum_pictures WHERE id_picture = {int:id_picture}', array('id_picture' => (int) $temp_id)); list($user_id) = $smcFunc['db_fetch_row']($request); if ($context['user']['id'] == $user_id) { $allowed_edit = true; } // What about albums? $temp_id2 = isset($_GET['album']) ? $_GET['album'] : (isset($_GET['editalb']) ? $_GET['editalb'] : (isset($_GET['editalb2']) ? $_GET['editalb2'] : (isset($_GET['deletealb']) ? $_GET['deletealb'] : ''))); if ($temp_id2 !== '') { $request = $smcFunc['db_query']('', ' SELECT id_member FROM {db_prefix}Maximum_albums WHERE id_album = {int:id_album}', array('id_album' => (int) $temp_id2)); list($user_id) = $smcFunc['db_fetch_row']($request); if ($context['user']['id'] == $user_id) { $allowed_album_modify = true; } } } if (isset($_GET['add']) || isset($_GET['add2'])) { if ($modSettings['Maximum_pictures_number'] > 0) { // 0 means unlimited :D. $request = $smcFunc['db_query']('', ' SELECT COUNT(id_picture) FROM {db_prefix}Maximum_pictures WHERE id_member = {int:id_member}', array('id_member' => $memID)); list($pic_count) = $smcFunc['db_fetch_row']($request); if ($pic_count >= $modSettings['Maximum_pictures_number']) { fatal_error($txt['Maximum_pictures_over'], false); } } } $context['can_add'] = $allowed_add; // I can't use switch($_GET) here so I'm stuck with elseifs... It will work :) if (isset($_GET['add'])) { AddPicture($allowed_add); } elseif (isset($_GET['add2'])) { AddPicture2($allowed_add); } elseif (isset($_GET['edit'])) { EditPicture($allowed_edit); } elseif (isset($_GET['edit2'])) { EditPicture2($allowed_edit); } elseif (isset($_GET['delete'])) { DeletePicture($allowed_edit); } elseif (isset($_GET['addalb'])) { AddAlbum($allowed_album_modify); } elseif (isset($_GET['addalb2'])) { AddAlbum2($allowed_album_modify); } elseif (isset($_GET['editalb'])) { EditAlbum($allowed_album_modify); } elseif (isset($_GET['editalb2'])) { EditAlbum2($allowed_album_modify); } elseif (isset($_GET['deletealb'])) { DeleteAlbum($allowed_album_modify); } elseif (isset($_GET['comment'])) { AddPictureComment(); } elseif (isset($_GET['delcomment'])) { DeletePictureComment(); } elseif (isset($_GET['view'])) { ViewPicture($allowed_edit); } else { ShowAlbum($allowed_album_modify); } }
$src_h = 500.0 / $zoom; $src_x = ($width - $src_w) * 0.5; } else { $zoom = 400.0 / $width; $src_x = 0; $src_w = 400.0 / $zoom; $src_h = 500.0 / $zoom; $src_y = ($height - $src_h) * 0.5; } imagecopyresampled($dest, $img, 0, 0, $src_x, $src_y, 400, 500, $src_w, $src_h); imagejpeg($dest, "{$personPicsDir}/{$year}.jpg"); imagedestroy($img); imagedestroy($dest); $personImages->AppendChild("<Image Year='{$year}'>{$year}.jpg</Image>"); } VerifyPassword(); print_r($_POST); $year = $_POST["year"]; $personID = $_POST["PersonID"]; $submit = $_POST["submit"]; $family = LoadFamilyData(); $personImages = $family->Element("Person[@id = '{$personID}']/Images"); if ($submit == "Add Picture") { $uploadedFile = $_FILES["picFile"]["tmp_name"]; // temp name and location on our server AddPicture($year, $uploadedFile, $personID, $personImages); } elseif ($submit == "Delete") { $personImages->RemoveElements("Image[@Year='{$year}']"); } SaveFamilyData($family); Redirect("editPersonPics.php?PersonID={$personID}");