$_pages[AT_PA_BASENAME . 'edit_photos.php?aid=' . $id . SEP . 'org=1']['title_var'] = 'pa_organize_photos';
$_pages[AT_PA_BASENAME . 'edit_photos.php?aid=' . $id . SEP . 'org=1']['parent'] = AT_PA_BASENAME . 'albums.php';
}
//TODO: handle add_photo
if (isset($_POST['upload'])) {
//check file size, filename, and extension
$_FILES['photo'] = checkPhoto($_FILES['photo']);
if ($_FILES['photo'] === false || !$action_permission && $info['type_id'] != AT_PA_TYPE_COURSE_ALBUM) {
//owner and course members can upload pictures. Not edit though.
header('Location: ../' . $_SESSION['redirect_to']['profile_pic']);
exit;
}
//computer album folder name and photo filename, if exist, shift bits
//goal: generate a random yet computable file structure to disallow
// users to browse through others' photos through URLs.
$album_file_path = getAlbumFilePath($id, $info['created_date']);
$album_file_path_tn = $album_file_path . '_tn' . DIRECTORY_SEPARATOR;
$album_file_path .= DIRECTORY_SEPARATOR;
if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path)) {
mkdir(AT_PA_CONTENT_DIR . $album_file_path);
}
if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path_tn)) {
mkdir(AT_PA_CONTENT_DIR . $album_file_path_tn);
}
//add the photo
$added_photo_id = $pa->addPhoto($_FILES['photo']['name'], $_POST['photo_comment'], $_SESSION['member_id']);
if ($added_photo_id <= 0) {
$msg->addError('PA_ADD_PHOTO_FAILED');
}
if (!$msg->containsErrors()) {
//get photo filepath
/**
* Delete an album and all associations
*/
function deleteAlbum()
{
//TODO Error checking on each step, if anyone fails, should report it to user
$id = $this->id;
//clean directory
$sql = "SELECT created_date FROM %spa_albums WHERE id=%d";
$row = queryDB($sql, array(TABLE_PREFIX, $id), TRUE);
$filepath = AT_PA_CONTENT_DIR . getAlbumFilePath($id, $row['created_date']);
//orig
$filepath_tn = $filepath . '_tn';
//thumbnails
//delete files
if (is_dir($filepath) && is_dir($filepath_tn)) {
clr_dir($filepath);
clr_dir($filepath_tn);
}
//delete all photo comments
$sql = "DELETE c.* FROM %spa_photo_comments c LEFT JOIN %spa_photos p ON c.photo_id=p.id WHERE p.album_id=%d";
queryDB($sql, array(TABLE_PREFIX, TABLE_PREFIX, $id));
//delete all photos within this album
$sql = "DELETE FROM %spa_photos WHERE album_id=%d";
queryDB($sql, array(TABLE_PREFIX, $id));
//delete all album comments
$sql = "DELETE FROM %spa_album_comments WHERE album_id=%d";
queryDB($sql, array(TABLE_PREFIX, $id));
//delete album
$sql = "DELETE FROM %spa_albums WHERE id=%d";
queryDB($sql, array(TABLE_PREFIX, $id));
}
/**
* Return the total personal data usage (in bytes)
*/
function memoryUsage($member_id)
{
global $db;
$member_id = intval($member_id);
if ($member_id < 1) {
return false;
}
$memory_usage = 0;
$sql = 'SELECT p.* FROM ' . TABLE_PREFIX . 'pa_photos p LEFT JOIN ' . TABLE_PREFIX . "pa_course_album ca ON p.album_id=ca.album_id WHERE member_id={$member_id} AND ca.course_id IS NULL";
$result = mysql_query($sql, $db);
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
$pa = new PhotoAlbum($row['album_id']);
$album_info = $pa->getAlbumInfo();
$photo_info = $pa->getPhotoInfo($row['id']);
$album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']);
$photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']);
$file = AT_PA_CONTENT_DIR . $album_file_path . DIRECTORY_SEPARATOR . $photo_file_path;
if (file_exists($file)) {
$memory_usage += filesize($file);
}
}
}
return $memory_usage;
}
/**
* Delete an album and all associations
*/
function deleteAlbum()
{
//TODO Error checking on each step, if anyone fails, should report it to user
global $db;
$id = $this->id;
//clean directory
$sql = 'SELECT created_date FROM ' . TABLE_PREFIX . "pa_albums WHERE id={$id}";
$result = mysql_query($sql, $db);
if ($result) {
$row = mysql_fetch_assoc($result);
}
$filepath = AT_PA_CONTENT_DIR . getAlbumFilePath($id, $row['created_date']);
//orig
$filepath_tn = $filepath . '_tn';
//thumbnails
//delete files
if (is_dir($filepath) && is_dir($filepath_tn)) {
clr_dir($filepath);
clr_dir($filepath_tn);
}
//delete all photo comments
$sql = 'DELETE c.* FROM ' . TABLE_PREFIX . 'pa_photo_comments c LEFT JOIN ' . TABLE_PREFIX . "pa_photos p ON c.photo_id=p.id WHERE p.album_id={$id}";
mysql_query($sql, $db);
//delete all photos within this album
$sql = "DELETE FROM " . TABLE_PREFIX . "pa_photos WHERE album_id={$id}";
mysql_query($sql, $db);
//delete all album comments
$sql = 'DELETE FROM ' . TABLE_PREFIX . "pa_album_comments WHERE album_id={$id}";
mysql_query($sql, $db);
//delete album
$sql = "DELETE FROM " . TABLE_PREFIX . "pa_albums WHERE id={$id}";
mysql_query($sql, $db);
}
$msg->addError("ACCESS_DENIED");
header('location: index.php');
exit;
}
// get the current photo info, and paths
$album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']);
$album_file_path_tn = $album_file_path . '_tn' . DIRECTORY_SEPARATOR;
$album_file_path .= DIRECTORY_SEPARATOR;
$photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']);
$photo_location = AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path;
$photo_tn_location = AT_PA_CONTENT_DIR . $album_file_path_tn . $photo_file_path;
if ($aid != $profile_aid) {
// now, get the new photo info, and path
$pa_profile->addPhoto($photo_info['name'], $photo_info['description'], $_SESSION['member_id']);
$album_info_new = $pa_profile->getAlbumInfo();
$album_file_path_new = getAlbumFilePath($album_info_new['id'], $album_info_new['created_date']);
$album_file_path_tn_new = $album_file_path_new . '_tn' . DIRECTORY_SEPARATOR;
$album_file_path_new .= DIRECTORY_SEPARATOR;
$added_photo_id = mysql_insert_id();
$photo_info_new = $pa->getPhotoInfo($added_photo_id);
$photo_file_path_new = getPhotoFilePath($added_photo_id, $photo_info_new['name'], $photo_info_new['created_date']);
$photo_location_new = AT_PA_CONTENT_DIR . $album_file_path_new . $photo_file_path_new;
$photo_tn_location_new = AT_PA_CONTENT_DIR . $album_file_path_tn_new . $photo_file_path_new;
// if directory does not exist, create it.
if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path_new)) {
mkdir(AT_PA_CONTENT_DIR . $album_file_path_new);
}
if (!is_dir(AT_PA_CONTENT_DIR . $album_file_path_tn_new)) {
mkdir(AT_PA_CONTENT_DIR . $album_file_path_tn_new);
}
// copy both original and thumbnail over to the profile album
include AT_PA_INCLUDE . 'lib.inc.php';
$aid = intval($_GET['aid']);
//album id
$pid = intval($_GET['pid']);
//photo id
$ph = $_GET['ph'];
//pid hash
//To increase security so users can't freely browse thru the album,
//add a block here to take in an extra $_GET variable that reads the pid_path
//check it against the PhotoFilePath here and see if it matches.
//if not, return a "File not found" image.
//TODO
$pa = new PhotoAlbum($aid);
$album_info = $pa->getAlbumInfo();
$photo_info = $pa->getPhotoInfo($pid);
$album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']);
if (isset($_GET['size']) && $_GET['size'] == 'o') {
//if original
$album_file_path .= DIRECTORY_SEPARATOR;
} else {
//if thumbnail
$album_file_path .= '_tn' . DIRECTORY_SEPARATOR;
}
$photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']);
$photo_file_hash = getPhotoFilePath($photo_info['id'], '', $photo_info['created_date']);
$file = AT_PA_CONTENT_DIR . $album_file_path . $photo_file_path;
//if file does not exist, quit.
if (!file_exists($file)) {
//TODO: Clean files silently, cleaned but garbaged link remains on page.
//Remove node from the DOM tree?
$pa->deletePhoto($pid);
/**
* Return the total personal data usage (in bytes)
*/
function memoryUsage($member_id)
{
global $db;
$member_id = intval($member_id);
if ($member_id < 1) {
return false;
}
$memory_usage = 0;
$sql = "SELECT p.* FROM %spa_photos p LEFT JOIN %spa_course_album ca ON p.album_id=ca.album_id WHERE member_id=%d AND ca.course_id IS NULL";
$rows_photos = queryDB($sql, array(TABLE_PREFIX, TABLE_PREFIX, $member_id));
if (count($rows_photos) > 0) {
foreach ($rows_photos as $row) {
$pa = new PhotoAlbum($row['album_id']);
$album_info = $pa->getAlbumInfo();
$photo_info = $pa->getPhotoInfo($row['id']);
$album_file_path = getAlbumFilePath($album_info['id'], $album_info['created_date']);
$photo_file_path = getPhotoFilePath($photo_info['id'], $photo_info['name'], $photo_info['created_date']);
$file = AT_PA_CONTENT_DIR . $album_file_path . DIRECTORY_SEPARATOR . $photo_file_path;
if (file_exists($file)) {
$memory_usage += filesize($file);
}
}
}
return $memory_usage;
}
