$vbulletin->input->clean_array_gpc('r', array('albumid' => TYPE_UINT, 'pictureid' => TYPE_UINT, 'userid' => TYPE_UINT));
$moderatedpictures = (($vbulletin->options['albums_pictures_moderation'] or !($vbulletin->userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['picturefollowforummoderation'])) and !can_moderate(0, 'canmoderatepictures'));
($hook = vBulletinHook::fetch_hook('album_start_precheck')) ? eval($hook) : false;
if (!$vbulletin->GPC['userid']) {
$vbulletin->GPC['userid'] = $vbulletin->userinfo['userid'];
}
// if we specify an album, make sure our user context is sane
if ($vbulletin->GPC['albumid']) {
$albuminfo = fetch_albuminfo($vbulletin->GPC['albumid']);
if (!$albuminfo) {
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
$vbulletin->GPC['userid'] = $albuminfo['userid'];
}
if ($vbulletin->GPC['pictureid']) {
$pictureinfo = fetch_pictureinfo($vbulletin->GPC['pictureid'], $albuminfo['albumid']);
if (!$pictureinfo) {
standard_error(fetch_error('invalidid', $vbphrase['picture'], $vbulletin->options['contactuslink']));
}
}
if (!$vbulletin->GPC['userid']) {
print_no_permission();
}
$userinfo = verify_id('user', $vbulletin->GPC['userid'], 1, 1, FETCH_USERINFO_USERCSS);
// don't show stuff for users awaiting moderation
if ($userinfo['usergroupid'] == 4 and !($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel'])) {
print_no_permission();
}
cache_permissions($userinfo, false);
if (!can_moderate(0, 'caneditalbumpicture') and !($userinfo['permissions']['albumpermissions'] & $vbulletin->bf_ugp_albumpermissions['canalbum'])) {
print_no_permission();
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
if (!can_view_profile_section($albuminfo['userid'], 'albums')) {
// private album that we can not see
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
if ($albuminfo['state'] == 'private' and !can_view_private_albums($albuminfo['userid'])) {
// private album that we can not see
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
} else {
if ($albuminfo['state'] == 'profile' and !can_view_profile_albums($albuminfo['userid'])) {
// profile album that we can not see
standard_error(fetch_error('invalidid', $vbphrase['album'], $vbulletin->options['contactuslink']));
}
}
$pictureinfo = fetch_pictureinfo($vbulletin->GPC['attachmentid'], $vbulletin->GPC['albumid']);
$navbits = array(fetch_seo_url('member', $albuminfo) => construct_phrase($vbphrase['xs_profile'], $albuminfo['username']), 'album.php?' . $vbulletin->session->vars['sessionurl'] . "u={$albuminfo['userid']}" => $vbphrase['albums'], 'album.php?' . $vbulletin->session->vars['sessionurl'] . "albumid={$albuminfo['albumid']}" => $albuminfo['title_html']);
} else {
if ($vbulletin->GPC['groupid']) {
$group = fetch_socialgroupinfo($vbulletin->GPC['groupid']);
if (!$group) {
standard_error(fetch_error('invalidid', $vbphrase['social_group'], $vbulletin->options['contactuslink']));
}
if (!($group['options'] & $vbulletin->bf_misc_socialgroupoptions['enable_group_albums'])) {
print_no_permission();
}
if ($group['membertype'] != 'member' and !can_moderate(0, 'caneditalbumpicture')) {
if ($vbulletin->userinfo['permissions']['socialgrouppermissions'] & $vbulletin->bf_ugp_socialgrouppermissions['canjoingroups']) {
standard_error(fetch_error('must_be_group_member_view_add_pictures_join_x', fetch_seo_url('group', $group)));
} else {
standard_error(fetch_error('must_be_group_member_view_add_pictures'));
