/** * Remove Album * * @param mixed $albumID * @param mixed $userID * @return bool */ public static function deleteAlbum($albumID, $userID) { global $db; if (BuckysAlbum::checkAlbumOwner($albumID, $userID)) { //Remove Album $query = $db->prepare("DELETE FROM " . TABLE_ALBUMS . " WHERE albumID=%s AND OWNER=%s", $albumID, $userID); $db->query($query); //Remove Assigned Photos $query = $db->prepare("DELETE FROM " . TABLE_ALBUMS_PHOTOS . " WHERE albumID=%s", $albumID); $db->query($query); return true; } return false; }
<?php require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID if (!($userID = buckys_is_logged_in())) { buckys_redirect('/index.php', MSG_NOT_LOGGED_IN_USER, MSG_TYPE_ERROR); } $albumID = isset($_REQUEST['albumID']) ? $_REQUEST['albumID'] : ''; if (!$albumID || !BuckysAlbum::checkAlbumOwner($albumID, $userID)) { buckys_redirect("/photo_albums.php", MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Getting UserData from Id $userData = BuckysUser::getUserData($profileID); //Getting Album $album = BuckysAlbum::getAlbum($albumID); //Getting Photos $myphotos = BuckysPost::getPhotosByUserID($userID, $userID, BuckysPost::INDEPENDENT_POST_PAGE_ID, true); $albumPhotos = BuckysAlbum::getPhotos($albumID); //Getting Album Photos if (isset($_POST['action'])) { //Create New Album if ($_POST['action'] == 'save-album') { //If the album title is empty, throw error //If the album title is empty, throw error if (trim($_POST['album_name']) == '') { buckys_redirect('/photo_album_edit.php?albumID=' . $_POST['albumID'], MSG_ALBUM_TITLE_EMPTY, MSG_TYPE_ERROR); } BuckysAlbum::updateAlbum($_POST['albumID'], trim($_POST['album_name']), $_POST['visibility'], $_POST['photos']); buckys_redirect("/photo_album_edit.php?albumID=" . $_POST['albumID'], MSG_ALBUM_UPDATED); } else { if ($_POST['action'] == 'remove-from-album' || $_POST['action'] == 'add-to-album') {
/** * Save Post * * @param $userID * @param mixed $data * @return bool|int|null|string */ public static function savePhoto($userID, $data) { global $db, $TNB_GLOBALS; //Check the Photo File Name if (!isset($data['file']) || strpos($data['file'], "../") !== false || !file_exists(DIR_FS_PHOTO_TMP . $data['file'])) { buckys_add_message(MSG_FILE_UPLOAD_ERROR, MSG_TYPE_ERROR); return false; } $data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID; // Validate the file type $fileParts = pathinfo($data['file']); if (!in_array(strtolower($fileParts['extension']), $TNB_GLOBALS['imageTypes'])) { buckys_add_message(MSG_INVALID_PHOTO_TYPE, MSG_TYPE_ERROR); return false; } //Validate File Size list($width, $height, $type, $attr) = getimagesize(DIR_FS_PHOTO_TMP . $data['file']); if ($width * $height > MAX_IMAGE_WIDTH * MAX_IMAGE_HEIGHT) { buckys_add_message(MSG_PHOTO_MAX_SIZE_ERROR, MSG_TYPE_ERROR); return false; } //Checking File Size and move it from the tmp folder to the user photo folder and resize it. if ($data['post_visibility'] == 2) { //Calc Ratio using real image width $ratio = floatval($width / $data['width']); $sourceWidth = ($data['x2'] - $data['x1']) * $ratio; BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], PROFILE_IMAGE_WIDTH, PROFILE_IMAGE_HEIGHT, $data['x1'] * $ratio, $data['y1'] * $ratio, $sourceWidth, $sourceWidth); if ($data['pageID'] == BuckysPost::INDEPENDENT_POST_PAGE_ID) { //Update User Profile Field BuckysUser::updateUserFields($userID, ['thumbnail' => $data['file']]); $is_profile = 1; } else { //Update Page Profile field $pageIns = new BuckysPage(); $pageIns->updateData($data['pageID'], ['logo' => $data['file']]); $is_profile = 1; } } else { if ($width > MAX_POST_IMAGE_WIDTH) { $height = $height * (MAX_POST_IMAGE_WIDTH / $width); $width = MAX_POST_IMAGE_WIDTH; } if ($height > MAX_POST_IMAGE_HEIGHT) { $width = $width * (MAX_POST_IMAGE_HEIGHT / $height); $height = MAX_POST_IMAGE_HEIGHT; } //Create normal image BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], $width, $height, 0, 0); $is_profile = 0; } $now = date('Y-m-d H:i:s'); $newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => 'image', 'post_date' => $now, 'image' => $data['file'], 'visibility' => $data['post_visibility'] > 0 ? 1 : 0, 'is_profile' => $is_profile]); if (!$newId) { buckys_add_message($db->getLastError(), MSG_TYPE_ERROR); return false; } //Assign Photo to Album if (isset($data['album']) && $data['album'] != '') { if (!BuckysAlbum::checkAlbumOwner($data['album'], $userID)) { buckys_add_message(MSG_INVALID_ALBUM_ID, MSG_TYPE_ERROR); } else { BuckysAlbum::addPhotoToAlbum($data['album'], $newId); } } buckys_add_message(MSG_PHOTO_UPLOADED_SUCCESSFULLY); return $newId; }