function delete()
 {
     global $db, $config_vars, $userdata;
     // remove from content table
     // check is user is allowed
     $content = new album_content();
     $content->generate_from_id($this->owner_id);
     if ($userdata['user_id'] == $this->user_id or check_content_action_allowed($content->get_contentgroup_id(), $userdata['user_id'], 'content_edit')) {
         // check wether the comment has child comments
         if (is_array($this->get_childs())) {
             // comment has childs
             $this->set_feedback('DELETED');
             $this->commit();
         } else {
             // comment has no childs
             $sql = "DELETE FROM " . $config_vars['table_prefix'] . "content_comments WHERE id = " . $this->id;
             if (!($result = $db->sql_query($sql))) {
                 error_report(SQL_ERROR, 'delete', __LINE__, __FILE__, $sql);
             }
             $content->dec_comments_amount();
             $content->commit();
             unset($this->id);
         }
     }
 }
function get_content_object_from_id($id)
{
    // returns an object for the content with id == $id
    global $db, $config_vars, $userdata, $filetypes;
    // get  content
    $uncontent = new album_content();
    if ($uncontent->generate_from_id($id) == OP_SUCCESSFUL) {
        // check if user has view perms to that content
        if (check_content_action_allowed($uncontent->get_contentgroup_id(), $userdata['user_id'], 'view')) {
            $objtyp = $filetypes[getext($uncontent->file)];
            if (isset($objtyp)) {
                $incontent = new $objtyp();
                //this sucks (additional sql query) but its ok for now
                $incontent->generate_from_id($id);
            } else {
                // unsupported filetype
            }
            return $incontent;
        } else {
            return OP_MISSING_VIEW;
        }
    } else {
        return OP_FAILED;
    }
}
Esempio n. 3
0
<?php

include_once ROOT_PATH . 'libs/pclzip/pclzip.lib.php';
if ($mode == 'download') {
    $cookie = $_COOKIE[$config_vars['cookie_name'] . 'basket'];
    $download_array = explode(':', $cookie);
    for ($i = 0; $i < sizeof($download_array) - 1; $i++) {
        $content_obj = new album_content();
        $content_obj->generate_from_id($download_array[$i]);
        $files[] = $content_obj->get_file();
    }
    $filename = $config_vars['content_path_prefix'] . "/content_{$userdata['username']}.zip";
    // create zip
    $zip = new PclZip($filename);
    $zip->create($files);
    //delete zip
    $HTTP_SESSION_VARS['delete_files'][] = $filename;
    // send zip to browser
    $header_location = @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ? "Refresh: 0; URL=" : "Location: ";
    header($header_location . append_sid($filename, true));
}
if (is_array($contents)) {
    //editing the contents
    if (isset($submit) and $HTTP_POST_VARS['mode'] == 'edited') {
        $add_to_cats_unparsed = get_cats_data_where_perm('id,name', 'content_add');
        $add_to_cats = get_cats_string($add_to_cats_unparsed);
        // loop through all content
        for ($i = 0; $i < sizeof($contents); $i++) {
            // set everything for edit
            if ($contents[$i]->check_perm('edit')) {
                $vals['name'] = $HTTP_POST_VARS['name'][$i];