} ?> </div> <?php if (!empty($this->photos)) { ?> <!-- loop through this --> <?php foreach ($this->photos as $key => $photo) { ?> <div class="photo_frame"> <a href="<?php echo AT_PA_BASENAME . 'photo.php?pid=' . $photo['id'] . SEP . 'aid=' . $this->album_info['id']; ?> "><img src="<?php echo AT_PA_BASENAME . 'get_photo.php?aid=' . $this->album_info['id'] . SEP . 'pid=' . $photo['id'] . SEP . 'ph=' . getPhotoFilePath($photo['id'], '', $photo['created_date']); ?> " title="<?php echo AT_print($photo['description'], 'photo_albums.description'); ?> " alt="<?php echo AT_print($photo['alt_text'], 'photo_albums.alt_text'); ?> " /></a> </div> <?php } ?> <!-- end loop --> <div class="album_description"> <p><?php
echo _AT('next'); ?> "/></a></li> <?php } ?> </ul> </div> <?php } ?> <div style="clear:both"></div> <img src="<?php echo AT_PA_BASENAME . 'get_photo.php?aid=' . $this->aid . SEP . 'pid=' . $this->photo_info['id'] . SEP . 'size=o' . SEP . 'ph=' . getPhotoFilePath($this->photo_info['id'], '', $this->photo_info['created_date']); ?> " title="<?php echo AT_print($this->photo_info['description'], 'input.text'); ?> " alt="<?php echo AT_print($this->photo_info['alt_text'], 'input.text'); ?> " /> <?php if ($this->action_permission) { ?> <div class="flc-inlineEditable"><span class="flc-inlineEdit-text"><?php echo AT_print($this->photo_info['description'], 'photos.description'); ?> </span></div>
/** * Delete photo * @param int photo id */ function deletePhoto($id) { $id = intval($id); //delete photo file $sql = "SELECT a.id AS aid, p.name AS name, p.ordering AS ordering, a.created_date AS album_date, p.created_date AS photo_date FROM %spa_photos p, %spa_albums a WHERE a.id=p.album_id AND p.id=%d"; $row = queryDB($sql, array(TABLE_PREFIX, TABLE_PREFIX, $id), TRUE); //if the aid don't match each other, there must be something wrong. if ($row['aid'] != $this->id) { return false; } $albumpath = AT_PA_CONTENT_DIR . getAlbumFilePath($row['aid'], $row['album_date']); $filepath = $albumpath . DIRECTORY_SEPARATOR . getPhotoFilePath($id, $row['name'], $row['photo_date']); //orig $filepath_tn = $albumpath . '_tn' . DIRECTORY_SEPARATOR . getPhotoFilePath($id, $row['name'], $row['photo_date']); //thumbnail if (is_file($filepath) && is_file($filepath_tn)) { unlink($filepath); unlink($filepath_tn); } //delete photo comments $sql = "DELETE FROM %spa_photo_comments WHERE photo_id=%d"; queryDB($sql, array(TABLE_PREFIX, $id)); //reorder images $sql = 'UPDATE %spa_photos SET `ordering`=`ordering`-1 WHERE album_id=%d AND `ordering` > %d'; queryDB($sql, array(TABLE_PREFIX, $row['aid'], $row['ordering'])); //delete the photo from db $sql = "DELETE FROM %spa_photos WHERE id=%d"; queryDB($sql, array(TABLE_PREFIX, $id)); //update album last_updated if (count($row) > 0) { $this->updateAlbumTimestamp(); } return true; }
/** * Return the total personal data usage (in bytes) */ function memoryUsage($member_id) { global $db; $member_id = intval($member_id); if ($member_id < 1) { return false; } $memory_usage = 0; $sql = 'SELECT p.* FROM ' . TABLE_PREFIX . 'pa_photos p LEFT JOIN ' . TABLE_PREFIX . "pa_course_album ca ON p.album_id=ca.album_id WHERE member_id={$member_id} AND ca.course_id IS NULL"; $result = mysql_query($sql, $db); if ($result) { while ($row = mysql_fetch_assoc($result)) { $pa = new PhotoAlbum($row['album_id']); $album_info = $pa->getAlbumInfo(); $photo_info = $pa->getPhotoInfo($row['id']); $album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']); $photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']); $file = AT_PA_CONTENT_DIR . $album_file_path . DIRECTORY_SEPARATOR . $photo_file_path; if (file_exists($file)) { $memory_usage += filesize($file); } } } return $memory_usage; }
move_uploaded_file($_FILES['photo']['tmp_name'], AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path); } $si->resizeToWidth(AT_PA_IMAGE_THUMB); $si->save(AT_PA_CONTENT_DIR . $album_file_path_tn . $photo_file_path); } else { if ($image_h > AT_PA_IMAGE) { $si->resizeToHeight(AT_PA_IMAGE); $si->save(AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path); } else { move_uploaded_file($_FILES['photo']['tmp_name'], AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path); } $si->resizeToHeight(AT_PA_IMAGE_THUMB); $si->save(AT_PA_CONTENT_DIR . $album_file_path_tn . $photo_file_path); } if ($_POST['upload'] == 'ajax') { $photo_file_hash = getPhotoFilePath($added_photo_id, '', $photo_info['created_date']); //return JSON, relying on jQuery to convert entries to html entities. echo json_encode(array('aid' => $id, 'pid' => $added_photo_id, 'ph' => $photo_file_hash, 'size' => number_format(filesize(AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path) / 1024, 2), 'title' => $photo_info['title'], 'alt' => $photo_info['alt'])); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); exit; } //if this is profile picture upload, sets it to the default profile if ($info['type_id'] == AT_PA_TYPE_PERSONAL) { header('Location: ../photos/set_profile_picture.php?pid=' . $added_photo_id . SEP . 'aid=' . $id); exit; } } //if msg contain error header('location: albums.php?id=' . $id); exit; }
/** * Delete photo * @param int photo id */ function deletePhoto($id) { global $db; $id = intval($id); //delete photo file $sql = 'SELECT a.id AS aid, p.name AS name, p.ordering AS ordering, a.created_date AS album_date, p.created_date AS photo_date FROM ' . TABLE_PREFIX . 'pa_photos p, ' . TABLE_PREFIX . "pa_albums a WHERE a.id=p.album_id AND p.id={$id}"; $result = mysql_query($sql, $db); if ($result) { $row = mysql_fetch_assoc($result); } //if the aid don't match each other, there must be something wrong. if ($row['aid'] != $this->id) { return false; } $albumpath = AT_PA_CONTENT_DIR . getAlbumFilePath($row['aid'], $row['album_date']); $filepath = $albumpath . DIRECTORY_SEPARATOR . getPhotoFilePath($id, $row['name'], $row['photo_date']); //orig $filepath_tn = $albumpath . '_tn' . DIRECTORY_SEPARATOR . getPhotoFilePath($id, $row['name'], $row['photo_date']); //thumbnail if (is_file($filepath) && is_file($filepath_tn)) { unlink($filepath); unlink($filepath_tn); } //delete photo comments $sql = 'DELETE FROM ' . TABLE_PREFIX . "pa_photo_comments WHERE photo_id={$id}"; mysql_query($sql, $db); //reorder images $sql = 'UPDATE ' . TABLE_PREFIX . 'pa_photos SET `ordering`=`ordering`-1 WHERE album_id=' . $row['aid'] . ' AND `ordering` > ' . $row['ordering']; mysql_query($sql, $db); //delete the photo from db $sql = "DELETE FROM " . TABLE_PREFIX . "pa_photos WHERE id={$id}"; mysql_query($sql, $db); //update album last_updated if ($result) { $this->updateAlbumTimestamp(); } return true; }
$album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']); $album_file_path_tn = $album_file_path . '_tn' . DIRECTORY_SEPARATOR; $album_file_path .= DIRECTORY_SEPARATOR; $photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']); $photo_location = AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path; $photo_tn_location = AT_PA_CONTENT_DIR . $album_file_path_tn . $photo_file_path; if ($aid != $profile_aid) { // now, get the new photo info, and path $pa_profile->addPhoto($photo_info['name'], $photo_info['description'], $_SESSION['member_id']); $album_info_new = $pa_profile->getAlbumInfo(); $album_file_path_new = getAlbumFilePath($album_info_new['id'], $album_info_new['created_date']); $album_file_path_tn_new = $album_file_path_new . '_tn' . DIRECTORY_SEPARATOR; $album_file_path_new .= DIRECTORY_SEPARATOR; $added_photo_id = mysql_insert_id(); $photo_info_new = $pa->getPhotoInfo($added_photo_id); $photo_file_path_new = getPhotoFilePath($added_photo_id, $photo_info_new['name'], $photo_info_new['created_date']); $photo_location_new = AT_PA_CONTENT_DIR . $album_file_path_new . $photo_file_path_new; $photo_tn_location_new = AT_PA_CONTENT_DIR . $album_file_path_tn_new . $photo_file_path_new; // if directory does not exist, create it. if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path_new)) { mkdir(AT_PA_CONTENT_DIR . $album_file_path_new); } if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path_tn_new)) { mkdir(AT_PA_CONTENT_DIR . $album_file_path_tn_new); } // copy both original and thumbnail over to the profile album copy($photo_location, $photo_location_new); copy($photo_tn_location, $photo_tn_location_new); } $filename = $photo_info['name']; $image_attributes = getimagesize($photo_location);
//check it against the PhotoFilePath here and see if it matches. //if not, return a "File not found" image. //TODO $pa = new PhotoAlbum($aid); $album_info = $pa->getAlbumInfo(); $photo_info = $pa->getPhotoInfo($pid); $album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']); if (isset($_GET['size']) && $_GET['size'] == 'o') { //if original $album_file_path .= DIRECTORY_SEPARATOR; } else { //if thumbnail $album_file_path .= '_tn' . DIRECTORY_SEPARATOR; } $photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']); $photo_file_hash = getPhotoFilePath($photo_info['id'], '', $photo_info['created_date']); $file = AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path; //if file does not exist, quit. if (!file_exists($file)) { //TODO: Clean files silently, cleaned but garbaged link remains on page. //Remove node from the DOM tree? $pa->deletePhoto($pid); header('HTTP/1.1 404 Not Found', TRUE); exit; } //if hash doesn't match, then don't load the picture. //to prevent trial and error on URL for photos if ($ph !== $photo_file_hash) { header('HTTP/1.1 404 Not Found', TRUE); exit; }
/** * Return the total personal data usage (in bytes) */ function memoryUsage($member_id) { global $db; $member_id = intval($member_id); if ($member_id < 1) { return false; } $memory_usage = 0; $sql = "SELECT p.* FROM %spa_photos p LEFT JOIN %spa_course_album ca ON p.album_id=ca.album_id WHERE member_id=%d AND ca.course_id IS NULL"; $rows_photos = queryDB($sql, array(TABLE_PREFIX, TABLE_PREFIX, $member_id)); if (count($rows_photos) > 0) { foreach ($rows_photos as $row) { $pa = new PhotoAlbum($row['album_id']); $album_info = $pa->getAlbumInfo(); $photo_info = $pa->getPhotoInfo($row['id']); $album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']); $photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']); $file = AT_PA_CONTENT_DIR . $album_file_path . DIRECTORY_SEPARATOR . $photo_file_path; if (file_exists($file)) { $memory_usage += filesize($file); } } } return $memory_usage; }
</div> <?php endif; //action permission?> <div class="album_panel"> <div class="topbar"> <?php if($this->num_rows > AT_PA_PHOTOS_PER_PAGE): ?> <div class="paginator"> <?php print_paginator($this->page, $this->num_rows, 'id='.$this->album_info['id'], AT_PA_PHOTOS_PER_PAGE, AT_PA_PAGE_WINDOW); ?> </div> <?php endif; ?> </div> <?php if(!empty($this->photos)): ?> <!-- loop through this --> <?php foreach($this->photos as $key=>$photo): ?> <div class="photo_frame"> <a href="<?php echo AT_PA_BASENAME.'photo.php?pid='.$photo['id'].SEP.'aid='.$this->album_info['id'];?>"><img src="<?php echo AT_PA_BASENAME.'get_photo.php?aid='.$this->album_info['id'].SEP.'pid='.$photo['id'].SEP.'ph='.getPhotoFilePath($photo['id'], '', $photo['created_date']);?>" title="<?php echo AT_print($photo['description'], 'photo_albums.description'); ?>" alt="<?php echo AT_print($photo['alt_text'], 'photo_albums.alt_text');?>" /></a> </div> <?php endforeach; ?> <!-- end loop --> <div class="album_description"> <p><?php if($this->album_info['location']!='') echo _AT('location').': '.AT_print($this->album_info['location'], 'albums.location') .'<br/>';?> <?php echo AT_print($this->album_info['description'], 'albums.description');?></p> </div> <?php else: ?> <div class="edit_photo_box"> <p><?php echo _AT('pa_no_photos'); ?></p> </div> <?php endif; ?> <!-- page numbers --> <div class="topbar"> <?php if($this->num_rows > AT_PA_PHOTOS_PER_PAGE): ?>