if (!empty($result)) { $album = mysql_fetch_array($result); if ($album['ownerId'] != $currentUser['id']) { if (!$phpunit['isTest']) { include dirname(__FILE__) . '/../common/error401.php'; exit; } $accessDenied = true; } } else { if (!$phpunit['isTest']) { include dirname(__FILE__) . '/../common/error401.php'; exit; } } $newAlbumId = copyAlbum($db, $albumId, $_POST["parentAlbumId"]); if (!$phpunit['isTest']) { header('Location: ./index.html?id=' . $newAlbumId); exit; } } else { http_response_code(500); $message = createMessage("Sorry, there was an error copying your album."); } } if ($albumId != '') { $select_sql_string = "SELECT id, parentAlbumId, name, description FROM albums WHERE id=" . mysql_real_escape_string($albumId); $result = $db->query($select_sql_string); if (!empty($result)) { $album = mysql_fetch_array($result); }
$track_id = get('track_id'); $album_id = get('album_id'); if ($action == 'downloadAlbum') { downloadAlbum($album_id); } elseif ($action == 'downloadTrack') { downloadTrack($track_id); } elseif ($action == 'batchValidateCache') { batchValidateCache(); } elseif ($action == 'batchTranscodeInit') { batchTranscodeInit(); } elseif ($action == 'batchTranscode') { batchTranscode(); } elseif ($action == 'shareAlbum') { shareAlbum($album_id); } elseif ($action == 'copyAlbum') { copyAlbum($album_id); } else { message(__FILE__, __LINE__, 'error', '[b]Unsupported input value for[/b][br]action'); } exit; // +------------------------------------------------------------------------+ // | Download album | // +------------------------------------------------------------------------+ function downloadAlbum($album_id) { global $cfg, $db; $sid = get('sid'); $download_id = (int) get('download_id'); if ($sid) { // Download shared file header('Expires: Mon, 9 Oct 2000 18:00:00 GMT');
function copyAlbum($db, $albumId, $newParentId) { $result = $db->query('SELECT name, ownerId, description FROM albums WHERE id="' . $albumId . '"'); if (!empty($result)) { $album = mysql_fetch_array($result); $ownerId = $album['ownerId']; $insert_sql_string = 'INSERT INTO albums (parentAlbumId, ownerId, name, created, modified, description) VALUES ("' . $newParentId . '",' . $ownerId . ',"' . $album["name"] . '", CURRENT_TIMESTAMP(), CURRENT_TIMESTAMP(), "' . $album["description"] . '" )'; $db->query($insert_sql_string); $newAlbumId = mysql_insert_id(); copyPhoto($db, $albumId, $newAlbumId); $childAlbums = $db->query('SELECT * FROM albums WHERE parentalbumid="' . $albumId . '"'); if (!empty($childAlbums)) { while ($childAlbum = mysql_fetch_array($childAlbums)) { copyAlbum($db, $childAlbum['id'], $newAlbumId); } } return $newAlbumId; } }