function delete_picture($pid) { global $CONFIG, $header_printed, $lang_errors; if (!$header_printed) { output_table_header(); } $green = "<img src=\"images/green.gif\" border=\"0\" width=\"12\" height=\"12\"><br />"; $red = "<img src=\"images/red.gif\" border=\"0\" width=\"12\" height=\"12\"><br />"; if (GALLERY_ADMIN_MODE) { $query = "SELECT aid, filepath, filename FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_array($result); } else { $query = "SELECT {$CONFIG['TABLE_PICTURES']}.aid as aid, category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'"; $result = cpg_db_query($query); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_array($result); if (!($pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } } $aid = $pic['aid']; $dir = $CONFIG['fullpath'] . $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], htmlspecialchars($dir)), __FILE__, __LINE__); } echo "<td class=\"tableb\">" . htmlspecialchars($file) . "</td>"; $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); foreach ($files as $currFile) { echo "<td class=\"tableb\" align=\"center\">"; if (is_file($currFile)) { if (@unlink($currFile)) { echo $green; } else { echo $red; } } else { echo " "; } echo "</td>"; } $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); echo "<td class=\"tableb\" align=\"center\">"; if (mysql_affected_rows() > 0) { echo $green; } else { echo " "; } echo "</td>"; $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE filename='" . addslashes($dir . $file) . "' LIMIT 1"; $result = cpg_db_query($query); $query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}' LIMIT 1"; $result = cpg_db_query($query); echo "<td class=\"tableb\" align=\"center\">"; if (mysql_affected_rows() > 0) { echo $green; } else { echo $red; } echo "</td>"; echo "</tr>\n"; return $aid; }
function delete_picture($pid, $tablecellstyle = 'tableb') { global $CONFIG, $header_printed, $lang_errors, $lang_delete_php, $LINEBREAK; if (!$header_printed) { output_table_header(); } $green = cpg_fetch_icon('ok', 0, $lang_delete_php['del_success']); $red = cpg_fetch_icon('stop', 0, $lang_delete_php['err_del']); // We will be selecting pid in the query as we need it in $pic array for the plugin filter if (GALLERY_ADMIN_MODE) { $query = "SELECT pid, aid, filepath, filename FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = $result->fetchAssoc(true); } else { $query = "SELECT pid, p.aid, category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid='{$pid}'"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = $result->fetchAssoc(true); if (!($pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } } $aid = $pic['aid']; $dir = $CONFIG['fullpath'] . $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], htmlspecialchars($dir)), __FILE__, __LINE__); } // Plugin filter to be called before deleting a file CPGPluginAPI::action('before_delete_file', $pic); echo '<tr>'; echo "<td class=\"" . $tablecellstyle . "\">" . htmlspecialchars($file) . "</td>"; $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); // Check for custom thumbnails for non-images if (!is_image($file)) { $mime_content = cpg_get_type($file); $file_base_name = str_replace('.' . $mime_content['extension'], '', basename($file)); foreach (array('.gif', '.png', '.jpg') as $thumb_extension) { if (file_exists($dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension)) { // Thumbnail found, check if it's the only file using that thumbnail $count = cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name}.%'")->result(0); if ($count == 1) { unset($files[count($files) - 1]); $files[] = $dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension; break; } } } } foreach ($files as $currFile) { echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (is_file($currFile)) { if (@unlink($currFile)) { echo $green; } else { echo $red; } } else { echo " "; } echo "</td>"; } $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'"; cpg_db_query($query); echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (cpg_db_affected_rows() > 0) { echo $green; } else { echo " "; } echo "</td>"; $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = {$pid}"; cpg_db_query($query); $query = "DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}' LIMIT 1"; cpg_db_query($query); echo "<td class=\"" . $tablecellstyle . "\" align=\"center\">"; if (cpg_db_affected_rows() > 0) { echo $green; } else { echo $red; } $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET thumb = '0' WHERE thumb = '{$pid}'"; cpg_db_query($query); echo '</td>'; echo '</tr>' . $LINEBREAK; // Plugin filter to be called after a file is deleted CPGPluginAPI::action('after_delete_file', $pic); return $aid; }
function delete_picture($pid) { global $xoopsModuleConfig, $header_printed, $xoopsDB; global $del_pic, $xoopsModule; if (!$header_printed) { output_table_header(); } $myts =& MyTextSanitizer::getInstance(); // MyTextSanitizer object $green = "<img src=\"images/green.gif\" border=\"0\" width=\"12\" height=\"12\" alt=\"\" /><br />"; $red = "<img src=\"images/red.gif\" border=\"0\" width=\"12\" height=\"12\" alt=\"\" /><br />"; if (USER_IS_ADMIN) { $query = "SELECT aid, filepath, filename FROM " . $xoopsDB->prefix("xcgal_pictures") . " WHERE pid='{$pid}'"; $result = $xoopsDB->query($query); if (!$xoopsDB->getRowsNum($result)) { redirect_header('index.php', 2, _MD_NON_EXIST_AP); } $pic = $xoopsDB->fetchArray($result); } else { $query = "SELECT " . $xoopsDB->prefix("xcgal_pictures") . ".aid as aid, category, filepath, filename FROM " . $xoopsDB->prefix("xcgal_pictures") . ", " . $xoopsDB->prefix("xcgal_albums") . " WHERE " . $xoopsDB->prefix("xcgal_pictures") . ".aid = " . $xoopsDB->prefix("xcgal_albums") . ".aid AND pid='{$pid}'"; $result = $xoopsDB->query($query); if (!$xoopsDB->getRowsNum($result)) { redirect_header('index.php', 2, _MD_NON_EXIST_AP); } $pic = $xoopsDB->fetchArray($result); if ($pic['category'] != FIRST_USER_CAT + USER_ID) { redirect_header('index.php', 2, _MD_PERM_DENIED); } } $aid = $pic['aid']; $dir = $xoopsModuleConfig['fullpath'] . $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { redirect_header('index.php', 2, sprintf(_MD_DIRECTORY_RO, htmlspecialchars($dir))); } $del_pic = "<tr><td class=\"even\">" . $myts->makeTboxData4Show($file) . "</td>"; $files = array($dir . $file, $dir . $xoopsModuleConfig['normal_pfx'] . $file, $dir . $xoopsModuleConfig['thumb_pfx'] . $file); foreach ($files as $currFile) { $del_pic .= "<td class=\"even\" align=\"center\">"; if (is_file($currFile)) { if (@unlink($currFile)) { $del_pic .= $green; } else { $del_pic .= $red; } } else { $del_pic .= " "; } $del_pic .= "</td>"; } $deleted = xoops_comment_delete($xoopsModule->getVar('mid'), $pid); $del_pic .= "<td class=\"even\" align=\"center\">"; if ($deleted) { $del_pic .= $green; } else { $del_pic .= " "; } $del_pic .= "</td>"; $query = "DELETE FROM " . $xoopsDB->prefix("xcgal_pictures") . " WHERE pid='{$pid}' LIMIT 1"; $result = $xoopsDB->queryf($query); $del_pic .= "<td class=\"even\" align=\"center\">"; if ($xoopsDB->getAffectedRows() > 0) { $del_pic .= $green; } else { $del_pic .= $red; } $del_pic .= "</td>"; $del_pic .= "</tr>\n"; return $aid; }
function delete_picture($pid) { global $db, $CONFIG, $header_printed, $CPG_M_DIR, $CLASS; if (!$header_printed) { output_table_header(); } $green = "<img src=\"" . $CPG_M_DIR . "/images/green.gif\" border=\"0\" width=\"12\" height=\"12\"><br />"; $red = "<img src=\"" . $CPG_M_DIR . "/images/red.gif\" border=\"0\" width=\"12\" height=\"12\"><br />"; if ($CLASS['member']->demo) { cpg_die(_ERROR, PERM_DENIED, __FILE__, __LINE__); } if (GALLERY_ADMIN_MODE) { $query = "SELECT aid, filepath, filename FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'"; $result = $db->sql_query($query, false, __FILE__, __LINE__); if (!$db->sql_numrows($result)) { cpg_die(_CRITICAL_ERROR, NON_EXIST_AP, __FILE__, __LINE__); } $pic = $db->sql_fetchrow($result); } else { $query = "SELECT {$CONFIG['TABLE_PICTURES']}.aid as aid, category, filepath, filename FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'"; $result = $db->sql_query($query, false, __FILE__, __LINE__); if (!$db->sql_numrows($result)) { cpg_die(_CRITICAL_ERROR, NON_EXIST_AP, __FILE__, __LINE__); } $pic = $db->sql_fetchrow($result); if ($pic['category'] != FIRST_USER_CAT + USER_ID) { cpg_die(_ERROR, PERM_DENIED, __FILE__, __LINE__); } } $aid = $pic['aid']; $dir = $pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(_CRITICAL_ERROR, sprintf(DIRECTORY_RO, htmlprepare($dir)), __FILE__, __LINE__); } echo "<td class=\"tableb\">" . htmlprepare($file) . "</td>"; $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); foreach ($files as $currFile) { echo "<td class=\"tableb\" align=\"center\">"; if (is_file($currFile)) { if (unlink($currFile)) { echo $green; } else { echo $red; } } else { echo " "; } echo "</td>"; } $result = $db->sql_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'", false, __FILE__, __LINE__); echo "<td class=\"tableb\" align=\"center\">"; if ($db->sql_affectedrows() > 0) { echo $green; } else { echo " "; } echo "</td>"; $result = $db->sql_query("DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid='{$pid}'", false, __FILE__, __LINE__); echo "<td class=\"tableb\" align=\"center\">"; if ($db->sql_affectedrows() > 0) { echo $green; } else { echo $red; } echo "</td>"; echo "</tr>\n"; return $aid; }