public static function prepareData($item, $mysqli) { include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; // determine data according the item request if (empty($item)) { // if no item selected = show list of all articles $data["entries"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT a.id AS aid, a.cat, a.posted, a.name AS article_name, a.dscr, g.id AS gid, g.name AS gallery_name, u.u_displayed_name AS author_name FROM elrh_articles a LEFT JOIN elrh_gallery_galleries g ON a.gallery=g.id JOIN elrh_users u ON a.author=u.u_name ORDER BY a.posted DESC"); // notify content renderer, there will be only list of articles $data["single"] = false; } else { // still have to determine between article-id and admin operations if (is_numeric($item)) { // notify content renderer, there will be only one article $data["single"] = true; // try to find particular article $data["entry"] = ELRHDataExtractor::retrieveRow($mysqli, "SELECT a.id AS aid, a.author, a.cat, a.posted, a.name AS article_name, a.dscr, a.content, g.id AS gid, g.name AS gallery_name, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery=g.id) AS images, u.u_displayed_name AS author_name FROM elrh_articles a LEFT JOIN elrh_gallery_galleries g ON a.gallery=g.id JOIN elrh_users u ON a.author=u.u_name WHERE a.id='" . mysqli_real_escape_string($mysqli, $item) . "'"); if (!empty($data["entry"])) { // page title adjustment $data["item_title"] = ": " . $data["entry"]["article_name"]; // notify content renderer, that article exists $data["exists"] = true; } else { // notify content renderer, that article not found $data["exists"] = false; } } else { // TODO admin operations } } // save prepared data for renderer return $data; }
/** * Delete selected gallery * Gallery must be empty, with no child galleries and no related articles */ public static function deleteGalleryAction($mysqli) { // get posted gallery ID if (!empty($_POST["gallery"])) { // check for given gallery in DB include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; $result = ELRHDataExtractor::retrieveRow($mysqli, "SELECT g.id, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery = g.id) AS images, (SELECT count(*) FROM elrh_gallery_galleries c WHERE c.parent = g.id) AS children, (SELECT count(*) FROM elrh_articles a WHERE a.gallery = g.id) AS articles FROM elrh_gallery_galleries g WHERE g.id='" . mysqli_real_escape_string($mysqli, $_POST["gallery"]) . "'"); if (!empty($result) && $result[0] != "db_error") { // gallery details loaded if ($result["images"] == 0 && $result["children"] == 0 && $result["articles"] == 0) { // perform delete include_once getcwd() . '/scripts/data-helpers/elrh_db_manipulator.php'; $query = ELRHDataManipulator::deleteRecord($mysqli, "DELETE FROM elrh_gallery_galleries WHERE id='" . mysqli_real_escape_string($mysqli, $_POST["gallery"]) . "'"); if ($query) { // gallery edited return "admin_delete_gallery_success"; } else { // delete query wasn't successful return "admin_delete_gallery_fail"; } } else { // cannot delete return "admin_delete_gallery_restricted"; } } else { // wrong gallery id return "admin_gallery_wrongid"; } } else { // input not set correctly return "admin_gallery_noid"; } }
/** * Validates login */ public static function loginAction($mysqli) { // get login data if (!empty($_POST["name"]) && !empty($_POST["pass"])) { // check for given user's password in db include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; $user = ELRHDataExtractor::retrieveRow($mysqli, "SELECT u_name, u_displayed_name, u_pass FROM elrh_users WHERE u_name='" . mysqli_real_escape_string($mysqli, $_POST["name"]) . "'"); if (!empty($user) && $user[0] != "db_error") { // check password match $hashpass = hash('sha512', $_POST["pass"]); if ($hashpass == $user["u_pass"]) { // set admin sessions $_SESSION["user"] = $user["u_name"]; $_SESSION["user_name"] = $user["u_displayed_name"]; // return "admin_login_success"; } else { // wrong pass return "admin_login_wrong"; } } else { // wrong user return "admin_login_wrong"; } } else { // input not set correctly return "admin_login_invalid"; } }
/** * Get details for selected image */ public static function selectImageAction($mysqli, $iid) { // get selected gallery if (!empty($iid)) { // check for given image ID in gallery include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; $result = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, gallery, ord, name, dscr, image, prev, next FROM elrh_gallery_images WHERE id='" . mysqli_real_escape_string($mysqli, $iid) . "'"); if (!empty($result) && $result[0] != "db_error") { // gallery details loaded $result["exists"] = true; $result["result"] = "admin_select_image_success"; } else { // wrong gallery id $result["exists"] = false; $result["result"] = "admin_image_wrongid"; } } else { // input not set correctly $result["exists"] = false; $result["result"] = "admin_image_noid"; } // return $result; }
/** * Move selected image forwards in gallery (ord++) */ public static function moveImageForwardsAction($mysqli, $iid) { // check given id if (!empty($iid)) { // check for given image in DB include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; $result = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, prev, next FROM elrh_gallery_images WHERE id='" . mysqli_real_escape_string($mysqli, $iid) . "'"); if (!empty($result) && $result[0] != "db_error") { // image details loaded // check if image isn't last in gallery if ($result["next"] > 0) { // 1st - get info for next image $next = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, next FROM elrh_gallery_images WHERE id='" . $result["next"] . "'"); // 2nd - place original image one position "forward" include_once getcwd() . '/scripts/data-helpers/elrh_db_manipulator.php'; $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET ord=ord+1, prev='" . $result["next"] . "', next='" . $next["next"] . "' WHERE id='" . $result["id"] . "'"); // 3rd - place prev image one position "backward" if ($query) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET ord=ord-1, prev='" . $result["prev"] . "', next='" . $result["id"] . "' WHERE id='" . $result["next"] . "'"); } // 3rd - re-link next of next image if ($query) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET prev='" . $result["id"] . "' WHERE id='" . $next["next"] . "'"); } // 4th re-link prev of original image if ($query) { if ($result["prev"] > 0) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET next='" . $result["next"] . "' WHERE id='" . $result["prev"] . "'"); } } // inform about result if ($query) { // gallery edited return "admin_move_forwards_success"; } else { // delete query wasn't successful return "admin_move_forwards_fail"; } } else { // image is last return "admin_image_last"; } } else { // wrong image id return "admin_image_wrongid"; } } else { // input not set correctly return "admin_image_noid"; } }
public static function prepareData($item, $mysqli) { include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; // determine data according the item request if (empty($item)) { // notify content renderer, there will be index of galleries $data["display"] = "index"; // try to load galleries $data["galleries"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT id, name, dscr, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery=g.id) AS images FROM elrh_gallery_galleries g WHERE parent='0' ORDER BY name"); // for each gallery load further info if (!empty($data["galleries"])) { foreach ($data["galleries"] as $gallery) { // first 7 images to feature $data[$gallery["name"]]["images"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT id, name, image FROM elrh_gallery_images WHERE gallery='" . $gallery["id"] . "' ORDER BY ord LIMIT 7"); // related galleries $data[$gallery["name"]]["galleries"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT id, name, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery=g.id) AS images FROM elrh_gallery_galleries g WHERE parent='" . $gallery["id"] . "' ORDER BY name"); // related articles $data[$gallery["name"]]["articles"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT a.id, a.name, u.u_displayed_name AS author_name FROM elrh_articles a JOIN elrh_users u ON a.author=u.u_name WHERE gallery='" . $gallery["id"] . "' ORDER BY name"); } } } else { // TODO admin operations // still have to determine whether displaying particular gallery or particular image // split request by "/" $request = preg_split('~/~', $item); if ($request[0] == "g") { // notify content renderer, there will be detail of particular gallery $data["display"] = "gallery"; // try to load gallery details $data["entry"] = ELRHDataExtractor::retrieveRow($mysqli, "SELECT g.id AS gid, g.parent AS pid, g.created, g.name, g.dscr, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery=g.id) AS images, u.u_displayed_name AS author_name FROM elrh_gallery_galleries g JOIN elrh_users u ON g.author=u.u_name WHERE g.id='" . mysqli_real_escape_string($mysqli, $request[1]) . "'"); if (!empty($data["entry"])) { // images to display $data["images"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT id, name, image FROM elrh_gallery_images WHERE gallery='" . $data["entry"]["gid"] . "' ORDER BY ord"); // possible parent gallery $data["parent"] = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, name FROM elrh_gallery_galleries WHERE id='" . $data["entry"]["pid"] . "'"); // related galleries $data["galleries"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT id, name, (SELECT count(*) FROM elrh_gallery_images i WHERE i.gallery=g.id) AS images FROM elrh_gallery_galleries g WHERE parent='" . $data["entry"]["gid"] . "' ORDER BY name"); // related articles $data["articles"] = ELRHDataExtractor::retrieveArray($mysqli, "SELECT a.id, a.name, u.u_displayed_name AS author_name FROM elrh_articles a JOIN elrh_users u ON a.author=u.u_name WHERE gallery='" . $data["entry"]["gid"] . "' ORDER BY name"); // page title adjustment $data["item_title"] = ": " . $data["entry"]["name"]; // notify content renderer, that gallery exists $data["exists"] = true; } else { // notify content renderer, that gallery not found $data["exists"] = false; } } else { if ($request[0] == "i") { // notify content renderer, there will be detail of particular gallery $data["display"] = "image"; // try to load image details $data["entry"] = ELRHDataExtractor::retrieveRow($mysqli, "SELECT i.id AS iid, i.gallery AS gid, i.created, i.name, i.dscr, i.image, i.prev, i.next, u.u_displayed_name AS author_name FROM elrh_gallery_images i JOIN elrh_users u ON i.author=u.u_name WHERE i.id='" . mysqli_real_escape_string($mysqli, $request[1]) . "'"); if (!empty($data["entry"])) { // parent gallery info $data["parent"] = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, name FROM elrh_gallery_galleries WHERE id='" . $data["entry"]["gid"] . "'"); // page title adjustment $data["item_title"] = ": " . $data["entry"]["name"]; // notify content renderer, that gallery exists $data["exists"] = true; } else { // notify content renderer, that gallery not found $data["exists"] = false; } } else { // notify content renderer, there is an error $data["display"] = "error"; } } } // save prepared data for renderer return $data; }
/** * Delete selected image */ public static function deleteImageAction($mysqli) { // get posted image ID if (!empty($_POST["item"])) { // check for given image in DB include_once getcwd() . '/scripts/data-helpers/elrh_db_extractor.php'; $result = ELRHDataExtractor::retrieveRow($mysqli, "SELECT id, gallery, ord, image, prev, next FROM elrh_gallery_images WHERE id='" . mysqli_real_escape_string($mysqli, $_POST["item"]) . "'"); if (!empty($result) && $result[0] != "db_error") { // image details loaded include_once getcwd() . '/scripts/data-helpers/elrh_db_manipulator.php'; // 1st - perform delete itself $query = ELRHDataManipulator::deleteRecord($mysqli, "DELETE FROM elrh_gallery_images WHERE id='" . $result["id"] . "'"); // 2nd - delete related image files if ($query) { unlink(getcwd() . "/content/gallery/" . $result["image"]); unlink(getcwd() . "/content/gallery/thumbs/" . $result["image"]); } // 3rd - re-link prev and next images in gallery if ($query) { if ($result["prev"] > 0) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET next='" . $result["next"] . "' WHERE id='" . $result["prev"] . "'"); } } if ($query) { if ($result["next"] > 0) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET prev='" . $result["prev"] . "' WHERE id='" . $result["next"] . "'"); } } // 4th - adjust ord (ord--) for next and all other images if ($query) { if ($result["next"] > 0) { $query = ELRHDataManipulator::editRecord($mysqli, "UPDATE elrh_gallery_images SET ord=ord-1 WHERE ord>'" . $result["ord"] . "' AND gallery='" . $result["gallery"] . "'"); } } // h4x for keeping "current_gallery" info $_POST["item"] = $result["gallery"]; // inform about result if ($query) { // gallery edited return "admin_delete_image_success"; } else { // delete query wasn't successful return "admin_delete_image_fail"; } } else { // wrong image id return "admin_image_wrongid"; } } else { // input not set correctly return "admin_image_noid"; } }