//Set pages/submenu $_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['title'] = _AT('pa_albums') . ' - ' . $info['name']; $_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['parent'] = AT_PA_BASENAME . 'index.php'; $_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['children'] = array(AT_PA_BASENAME . 'photo.php'); $_pages[AT_PA_BASENAME . 'photo.php']['parent'] = AT_PA_BASENAME . 'albums.php?id=' . $aid; //TODO: Validate users, using permission and course album control. if ($info['member_id'] != $_SESSION['member_id'] && $info['type_id'] != AT_PA_TYPE_PERSONAL) { $visible_albums = $pa->getAlbums($_SESSION['member_id'], $info['type_id']); if (!isset($visible_albums[$aid]) && $info['permission'] == AT_PA_PRIVATE_ALBUM) { //TODO msg; $msg->addError("ACCESS_DENIED"); header('location: index.php'); exit; } } if ($pa->checkPhotoPriv($pid, $_SESSION['member_id']) || $pa->checkAlbumPriv($_SESSION['member_id'])) { $action_permission = true; } else { $action_permission = false; } //run a quick query to get the next and previous id if (sizeof($photos) > 1) { $sql = 'SELECT id, ordering FROM %spa_photos WHERE album_id=%d AND (ordering=%d OR ordering=%d) ORDER BY ordering'; $rows_next_prev = queryDB($sql, array(TABLE_PREFIX, $aid, $photo_info['ordering'] - 1, $photo_info['ordering'] + 1)); if (count($rows_next_prev) > 0) { $prev = $rows_next_prev[0]; $next = $rows_next_prev[1]; //then reassign prev and next if (empty($next)) { if ($prev['ordering'] > $photo_info['ordering']) { $next = $prev;
/***********************************************************************/ // $Id$ $_user_location = 'public'; define('AT_INCLUDE_PATH', '../../../include/'); require AT_INCLUDE_PATH . 'vitals.inc.php'; include AT_INCLUDE_PATH . '../mods/_core/file_manager/filemanager.inc.php'; //clr_dir() //include (AT_INCLUDE_PATH.'lib/filemanager.inc.php'); //clr_dir() include AT_PA_INCLUDE . 'lib.inc.php'; //album_filepath include AT_PA_INCLUDE . 'classes/PhotoAlbum.class.php'; //validates if this is me/have the privilege to delete. $id = intval($_REQUEST['id']); $pa = new PhotoAlbum($id); $info = $pa->getAlbumInfo(); if (!$pa->checkAlbumPriv($_SESSION['member_id'])) { $msg->addError('ACCESS_DENIED'); header('Location: index.php'); exit; } if ($_POST['submit_no']) { $msg->addFeedback('CANCELLED'); Header('Location: index.php'); exit; } if ($_POST['submit_yes']) { //delete $pa->deleteAlbum(); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); if ($info['type_id'] == AT_PA_TYPE_COURSE_ALBUM) { Header('Location: course_albums.php');
$page = intval($_GET['p']); $photos_count = sizeof($pa->getAlbumPhotos()); $last_page = ceil($photos_count/AT_PA_PHOTOS_PER_PAGE); if (!$page || $page < 0) { $page = 1; } elseif ($page > $last_page){ $page = $last_page; } $count = (($page-1) * AT_PA_PHOTOS_PER_PAGE) + 1; $offset = ($page-1) * AT_PA_PHOTOS_PER_PAGE; //get details $photos = $pa->getAlbumPhotos($offset); $comments = $pa->getComments($id, false); //TODO: Can improve performance by adding this to a session variable $memory_usage = memoryUsage($_SESSION['member_id']); include (AT_INCLUDE_PATH.'header.inc.php'); $savant->assign('album_info', $info); $savant->assign('photos', $photos); $savant->assign('comments', $comments); $savant->assign('page', $page); $savant->assign('num_rows', $photos_count); $savant->assign('memory_usage', $memory_usage/(1024*1024)); //mb $savant->assign('allowable_memory_usage', $_config['pa_max_memory_per_member']); //mb $savant->assign('action_permission', $pa->checkAlbumPriv($_SESSION['member_id'])); $savant->display('photos/pa_profile_albums.tmpl.php'); include (AT_INCLUDE_PATH.'footer.inc.php'); ?>
$_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['parent'] = AT_PA_BASENAME . 'index.php'; //$_pages[AT_PA_BASENAME.'albums.php?id='.$aid]['children'] = array(AT_PA_BASENAME.'photo.php'); $_pages[AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid]['title'] = _AT('pa_photo'); $_pages[AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid]['parent'] = AT_PA_BASENAME . 'albums.php?id=' . $aid; $_pages[AT_PA_BASENAME . 'delete_comment.php']['parent'] = AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid; //init $pa = new PhotoAlbum($aid); if ($pid == 0) { //not a photo $isPhoto = false; } else { $isPhoto = true; } //Check permission //owner of comments and album owner can delete comments. if (!$pa->checkCommentPriv($comment_id, $_SESSION['member_id'], $isPhoto) && !$pa->checkAlbumPriv($_SESSION['member_id'])) { $msg->addError('ACCESS_DENIED'); header('Location: index.php'); exit; } if ($_POST['submit_no']) { $msg->addFeedback('CANCELLED'); if ($isPhoto) { header('Location: photo.php?pid=' . $pid . SEP . 'aid=' . $aid); } else { header('Location: albums.php?id=' . $aid); } exit; } if ($_POST['submit_yes']) { //delete
/* as published by the Free Software Foundation. */ /***********************************************************************/ // $Id$ $_user_location = 'public'; define('AT_INCLUDE_PATH', '../../../include/'); require AT_INCLUDE_PATH . 'vitals.inc.php'; include AT_PA_INCLUDE . 'classes/PhotoAlbum.class.php'; include AT_PA_INCLUDE . 'classes/SimpleImage.class.php'; include AT_PA_INCLUDE . 'lib.inc.php'; include AT_PA_INCLUDE . 'classes/AjaxMessage.class.php'; //$_custom_css = $_base_path . AT_PA_BASENAME . 'module.css'; // use a custom stylesheet $_custom_head .= '<script src="' . $_base_path . AT_PA_BASENAME . 'include/ajaxupload.js" type="text/javascript"></script>'; $id = intval($_REQUEST['id']); $pa = new PhotoAlbum($id); $info = $pa->getAlbumInfo(); $action_permission = $pa->checkAlbumPriv($_SESSION['member_id']); //TODO: Validate users, using permission and course album control. if ($info['member_id'] != $_SESSION['member_id'] && $info['type_id'] != AT_PA_TYPE_PERSONAL) { $visible_albums = $pa->getAlbums($_SESSION['member_id'], $info['type_id']); if (!isset($visible_albums[$id]) && $info['permission'] == AT_PA_PRIVATE_ALBUM) { //TODO msg; $msg->addError("ACCESS_DENIED"); header('location: index.php'); exit; } } //Set pages/submenu $_pages[AT_PA_BASENAME . 'index.php']['children'] = array(AT_PA_BASENAME . 'albums.php'); $_pages[AT_PA_BASENAME . 'albums.php']['title'] = _AT('pa_albums') . ' - ' . $info['name']; if ($info['type_id'] == AT_PA_TYPE_MY_ALBUM) { $_pages[AT_PA_BASENAME . 'albums.php']['parent'] = AT_PA_BASENAME . 'index.php';
/* modify it under the terms of the GNU General Public License */ /* as published by the Free Software Foundation. */ /***********************************************************************/ // $Id$ $_user_location = 'public'; define('AT_INCLUDE_PATH', '../../../include/'); require AT_INCLUDE_PATH . 'vitals.inc.php'; include AT_PA_INCLUDE . 'classes/PhotoAlbum.class.php'; //check what comment this is for. Album or Photo. $pid = intval($_POST['pid']); $aid = intval($_POST['aid']); $cid = $_POST['cid']; $comment = $_POST['comment']; if (isset($_POST['pid']) && $pid > 0) { $isPhoto = true; } else { $isPhoto = false; } $cid = intval(str_replace('cid_', '', $cid)); $pa = new PhotoAlbum($aid); //validates if ($pa->checkAlbumPriv($_SESSION['member_id']) || $pa->checkCommentPriv($cid, $_SESSION['member_id'], $isPhoto)) { $result = $pa->editComment($cid, $comment, $isPhoto); } if ($result === true) { //TODO: AJAX header('HTTP/1.0 200 OK'); } else { header('HTTP/1.0 404 Not Found'); } exit;
$aid = intval($_REQUEST['aid']); //_pages $_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['title'] = _AT('pa_albums'); $_pages[AT_PA_BASENAME . 'albums.php?id=' . $aid]['parent'] = AT_PA_BASENAME . 'index.php'; //$_pages[AT_PA_BASENAME.'albums.php?id='.$aid]['children'] = array(AT_PA_BASENAME.'photo.php'); $_pages[AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid]['title'] = _AT('pa_photo'); $_pages[AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid]['parent'] = AT_PA_BASENAME . 'albums.php?id=' . $aid; $_pages[AT_PA_BASENAME . 'delete_photo.php']['parent'] = AT_PA_BASENAME . 'photo.php?pid=' . $pid . SEP . 'aid=' . $aid; //init $pa = new PhotoAlbum($aid); if ($pid < 1 || $aid < 1) { $msg->addError('PA_PHOTO_NOT_FOUND'); //no such picture header('Location: index.php'); exit; } elseif (!$pa->checkPhotoPriv($pid, $_SESSION['member_id']) && !$pa->checkAlbumPriv($_SESSION['member_id'])) { $msg->addError('ACCESS_DENIED'); header('Location: albums.php?id=' . $aid); exit; } if ($_POST['submit_no']) { $msg->addFeedback('CANCELLED'); Header('Location: photo.php?aid=' . $aid . SEP . 'pid=' . $pid); exit; } if ($_POST['submit_yes']) { //delete $pa->deletePhoto($pid); $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY'); header('Location: albums.php?id=' . $aid); exit;