function delete() { global $db, $config_vars, $userdata; // remove from content table // check is user is allowed $content = new album_content(); $content->generate_from_id($this->owner_id); if ($userdata['user_id'] == $this->user_id or check_content_action_allowed($content->get_contentgroup_id(), $userdata['user_id'], 'content_edit')) { // check wether the comment has child comments if (is_array($this->get_childs())) { // comment has childs $this->set_feedback('DELETED'); $this->commit(); } else { // comment has no childs $sql = "DELETE FROM " . $config_vars['table_prefix'] . "content_comments WHERE id = " . $this->id; if (!($result = $db->sql_query($sql))) { error_report(SQL_ERROR, 'delete', __LINE__, __FILE__, $sql); } $content->dec_comments_amount(); $content->commit(); unset($this->id); } } }
function get_content_object_from_id($id) { // returns an object for the content with id == $id global $db, $config_vars, $userdata, $filetypes; // get content $uncontent = new album_content(); if ($uncontent->generate_from_id($id) == OP_SUCCESSFUL) { // check if user has view perms to that content if (check_content_action_allowed($uncontent->get_contentgroup_id(), $userdata['user_id'], 'view')) { $objtyp = $filetypes[getext($uncontent->file)]; if (isset($objtyp)) { $incontent = new $objtyp(); //this sucks (additional sql query) but its ok for now $incontent->generate_from_id($id); } else { // unsupported filetype } return $incontent; } else { return OP_MISSING_VIEW; } } else { return OP_FAILED; } }
<?php include_once ROOT_PATH . 'libs/pclzip/pclzip.lib.php'; if ($mode == 'download') { $cookie = $_COOKIE[$config_vars['cookie_name'] . 'basket']; $download_array = explode(':', $cookie); for ($i = 0; $i < sizeof($download_array) - 1; $i++) { $content_obj = new album_content(); $content_obj->generate_from_id($download_array[$i]); $files[] = $content_obj->get_file(); } $filename = $config_vars['content_path_prefix'] . "/content_{$userdata['username']}.zip"; // create zip $zip = new PclZip($filename); $zip->create($files); //delete zip $HTTP_SESSION_VARS['delete_files'][] = $filename; // send zip to browser $header_location = @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ? "Refresh: 0; URL=" : "Location: "; header($header_location . append_sid($filename, true)); } if (is_array($contents)) { //editing the contents if (isset($submit) and $HTTP_POST_VARS['mode'] == 'edited') { $add_to_cats_unparsed = get_cats_data_where_perm('id,name', 'content_add'); $add_to_cats = get_cats_string($add_to_cats_unparsed); // loop through all content for ($i = 0; $i < sizeof($contents); $i++) { // set everything for edit if ($contents[$i]->check_perm('edit')) { $vals['name'] = $HTTP_POST_VARS['name'][$i];