function get_content_object_from_id($id)
{
// returns an object for the content with id == $id
global $db, $config_vars, $userdata, $filetypes;
// get content
$uncontent = new album_content();
if ($uncontent->generate_from_id($id) == OP_SUCCESSFUL) {
// check if user has view perms to that content
if (check_content_action_allowed($uncontent->get_contentgroup_id(), $userdata['user_id'], 'view')) {
$objtyp = $filetypes[getext($uncontent->file)];
if (isset($objtyp)) {
$incontent = new $objtyp();
//this sucks (additional sql query) but its ok for now
$incontent->generate_from_id($id);
} else {
// unsupported filetype
}
return $incontent;
} else {
return OP_MISSING_VIEW;
}
} else {
return OP_FAILED;
}
}
function delete()
{
global $db, $config_vars, $userdata;
// remove from content table
// check is user is allowed
$content = new album_content();
$content->generate_from_id($this->owner_id);
if ($userdata['user_id'] == $this->user_id or check_content_action_allowed($content->get_contentgroup_id(), $userdata['user_id'], 'content_edit')) {
// check wether the comment has child comments
if (is_array($this->get_childs())) {
// comment has childs
$this->set_feedback('DELETED');
$this->commit();
} else {
// comment has no childs
$sql = "DELETE FROM " . $config_vars['table_prefix'] . "content_comments WHERE id = " . $this->id;
if (!($result = $db->sql_query($sql))) {
error_report(SQL_ERROR, 'delete', __LINE__, __FILE__, $sql);
}
$content->dec_comments_amount();
$content->commit();
unset($this->id);
}
}
}
function set_contentgroup_id($contentgroup_id)
{
global $userdata;
// $result = new phreak_error();
// $result->set_object_id($this->id);
// $result->set_is_value($this->contentgroup_id);
// $result->set_should_value($contentgroup_id);
//
// $result->set_operation('set_contentgroup_id');
//set the contentgroup_id of the actual object. checks if actual user is allwoed to.
if ($this->id == 0 or check_content_action_allowed($this->contentgroup_id, $userdata['user_id'], "edit")) {
$this->contentgroup_id = $contentgroup_id;
// $result->set_type(NO_ERROR);
return OP_SUCCESSFUL;
} else {
// $result->set_why(OP_NP_MISSING_EDIT);
// $result->set_type(AUTH_ERROR);
$error = new phreak_error(E_WARNING, AUTH_ERROR, __LINE__, __FILE__, 'set_contentgroup_id', $this->id, $this->contentgroup_id, $contentgroup_id);
$error->commit();
return $result;
}
}
$cat_obj = new categorie();
$cat_obj->generate_from_id($HTTP_GET_VARS['cat_id']);
if (check_cat_action_allowed($cat_obj->get_catgroup_id(), $userdata['user_id'], 'content_remove')) {
$smarty->assign('allow_content_remove', 1);
}
if ($redirect_to_cat) {
$header_location = @preg_match("/Microsoft|WebSTAR|Xitami/", getenv("SERVER_SOFTWARE")) ? "Refresh: 0; URL=" : "Location: ";
header($header_location . append_sid("view_cat.php?cat_id={$HTTP_GET_VARS['cat_id']}", true));
}
//Show comments
$root_comments = get_comments_of_content($HTTP_GET_VARS['content_id']);
for ($i = 0; $i < sizeof($root_comments); $i++) {
make_comments($root_comments[$i], 0, $content->check_perm('comment_edit'));
}
$smarty->assign('comments', $comments);
if (check_content_action_allowed($content->get_contentgroup_id(), $userdata['user_id'], 'comment_edit')) {
$smarty->assign('allow_comment_edit', true);
}
// show content
$nav_string = build_nav_string($HTTP_GET_VARS['cat_id']);
$nav_content['name'] = htmlspecialchars($content->get_name());
$nav_string[] = $nav_content;
$smarty->assign('nav_string', $nav_string);
$content->inc_views();
$smarty->assign('html', $content->get_html());
$smarty->assign('name', htmlspecialchars($content->get_name()));
$smarty->assign('content_id', $content->get_id());
$smarty->assign('views', $content->get_views());
$smarty->assign('current_rating', $content->get_current_rating());
$smarty->assign('cat_id', $HTTP_GET_VARS['cat_id']);
$smarty->assign('redirect', PHREAKPIC_PATH . 'view_content.php');
