function addImage($album_id, $path_to_file)
{
if (albumExists($album_id) && file_exists($path_to_file)) {
$path_to_file = mysql_real_escape_string($path_to_file);
mysql_query("INSERT INTO `mbg_images`(`AlbumID`,`ImagePath`,`UploadDate`,`OrderID`) VALUES('{$album_id}','{$path_to_file}'," . time() . "," . time() . ")");
}
}
if ($size3[0] > 0 && $size3[1] > 0) {
mysql_query("UPDATE `mbg_albums` SET `Thumbnail3Size` = '{$size3['0']}x{$size3['1']}' WHERE `AlbumID` = '{$last_id}'");
}
}
}
}
// Start Uploading Files
if ($upload_image = $_FILES['upload_image']) {
$album_id = $_GET['album_id'];
$allowed_file_types = array("jpg", "png", "jpeg", "gif");
$file_name = $upload_image['name'];
$file_type = strtolower(end(explode(".", $file_name)));
$file_tmp = $upload_image['tmp_name'];
$path_to_upload_files = $images_path;
if (in_array($file_type, $allowed_file_types)) {
if (albumExists($album_id)) {
$album = getAlbum($album_id);
// Generate Name
switch (strtolower($naming)) {
case "hash":
case "random":
$new_name = substr(time(), 5) . '_' . substr(md5(time() + rand(1000, 9999)), 0, 6) . '_' . substr(sha1(time() + rand(1000, 9999)), 0, 6) . '.' . $file_type;
break;
case "normal":
$new_name = $file_name;
break;
default:
$new_name = str_replace(array(',', "'", '"'), '-', strtolower($file_name));
}
$album_path = $path_to_upload_files . 'album_' . $album_id . '/';
$upload_file_path = $album_path . $new_name;
<?php
defined('_VALID') or die('Restricted Access!');
Auth::checkAdmin();
$album = array();
$photos = array();
$exists = true;
$AID = isset($_GET['AID']) && is_numeric($_GET['AID']) && albumExists($_GET['AID']) ? intval(trim($_GET['AID'])) : NULL;
if (!$AID) {
$exists = false;
$errors[] = 'Invalid album identifier. Are you sure this album exists!?';
}
if (isset($_POST['submit_album_edit']) && !$errors) {
require $config['BASE_DIR'] . '/classes/filter.class.php';
$filter = new VFilter();
$name = $filter->get('name');
$tags = $filter->get('tags');
$category = $filter->get('category', 'INTEGER');
$type = $filter->get('type');
$status = $filter->get('status');
$total_comments = $filter->get('total_comments', 'INTEGER');
$total_views = $filter->get('total_views', 'INTEGER');
$total_favorites = $filter->get('total_favorites', 'INTEGER');
$rate = $filter->get('rate', 'FLOAT');
$ratedby = $filter->get('ratedby', 'INTEGER');
$x = $filter->get('x1', 'INTEGER');
$y = $filter->get('y1', 'INTEGER');
$width = $filter->get('width', 'INTEGER');
$height = $filter->get('height', 'INTEGER');
$pid = $filter->get('photo', 'INTEGER');
$random = $filter->get('random');
<?php
$id = $_GET['id'];
if (albumExists($id)) {
$album = getAlbum($id);
$images = getAlbumImages($id);
?>
<script type="text/javascript" src="js/album_manage.js"></script>
<a href="?action=album&id=<?php
echo $id;
?>
&edit" class="button" title="Click to edit">Album: <strong><?php
echo $album['AlbumName'];
?>
</strong></a>
<div class="separator"></div>
<h1>Manage Album</h1>
<?php
if (isset($_GET['edit'])) {
include "edit_album.php";
}
?>
<form action="" method="post" enctype="multipart/form-data" name="form1">
<input type="hidden" name="album_id" id="album_id" value="<?php
echo $album['AlbumID'];
?>
">
<input type="file" name="upload_image" id="upload_image" class="button">
</form>
<?php