$objTemplate->setScript('CONTENT', 'comment');
break;
case 'members':
$objTemplate->setScript('CONTENT', 'members');
break;
case 'groups':
$objTemplate->setScript('CONTENT', 'groups');
break;
case 'forgotpassword':
$objTemplate->setScript('CONTENT', 'forgotpassword');
break;
default:
$objTemplate->setScript('CONTENT', 'error');
break;
}
$objTemplate->setScript('RECENTALBUMS', 'recentalbums');
$objTemplate->setScript('RECENTPICTURES', 'recentpictures');
$objTemplate->setScript('BREADCRUMBS', 'breadcrumbs');
$objTemplate->setScript('MINIMENU', 'minimenu');
$objTemplate->setScript('WELCOME', 'welcome');
/* Welcome has to be at the bottom, so that comments/pictures being seen aren't counted. */
echo $objTemplate->get();
} catch (Exception $e) {
echo "Sorry, there was an error that couldn't be handled. Please try again later! <br><br>";
if (DEBUG) {
print "Please report this error along with the following text to <a href='mailto:ronospap@skullsecurity.org'>Ron</a>:";
print "<pre>";
print $e;
print "</pre>";
}
}
$objMiniMenu->add('Pending Uploads', 'index.php?action=upload&subaction=preview');
foreach ($arrNews as $objNews) {
if ($objUser && $objUser->get('is_admin')) {
$objNewsTemplate = new clsTemplate('newsitemadmin');
} else {
$objNewsTemplate = new clsTemplate('newsitem');
}
$objNewsUser = $objNews->getForeignObject('user');
$objAlbum = $objNews->getForeignObject('album');
$objNewsTemplate->setText('ID', $objNews->get('id'));
$objNewsTemplate->setText('USERID', $objNewsUser->get('id'));
$objNewsTemplate->setText('USERNAME', $objNewsUser->get('username'));
$objNewsTemplate->setText('DATE', date('Y-m-d', strtotime($objNews->get('date'))));
$objNewsTemplate->setText('TITLE', $objNews->get('title'));
$objNewsTemplate->setText('TEXT', bbcode_format($objNews->get('text')));
echo $objNewsTemplate->get();
}
} else {
if (!$objUser || $objUser->get('is_admin') != 1) {
throw new Exception("exception_accessdenied");
}
$objNews = new clsDB('news');
$objNews->getFromRequest(array('id', 'title', 'text'));
if ($strSubAction == 'edit') {
$objNews->load();
echo "<form action='index.php' method='post'>";
echo "<input type='hidden' name='subaction' value='save'>";
echo $objNews->getHiddenField('id');
echo "Title:<br>";
echo $objNews->getTextField('title', new clsParameters('size', 40)) . "<br><br>";
echo "Post:<br>";
$strGroup .= "Create sub-albums?" . $objAlbumGroup->getCombo('allow_create_subalbum', $arrOptions) . "<br>";
$objEditTemplate->setText('GROUPPERMISSIONS', $strGroup);
$strMember = '';
$strMember .= "View pictures? " . $objAlbumMember->getCombo('allow_view', $arrOptions) . "<br>";
$strMember .= "Rate pictures? " . $objAlbumMember->getCombo('allow_rate', $arrOptions) . "<br>";
$strMember .= "Post pictures? " . $objAlbumMember->getCombo('allow_post_picture', $arrOptions) . "<br>";
$strMember .= "Post comments? " . $objAlbumMember->getCombo('allow_post_comment', $arrOptions) . "<br>";
$strMember .= "Delete pictures? " . $objAlbumMember->getCombo('allow_delete_picture', $arrOptions) . "<br>";
$strMember .= "Create sub-albums?" . $objAlbumMember->getCombo('allow_create_subalbum', $arrOptions) . "<br>";
$objEditTemplate->setText('MEMBERPERMISSIONS', $strMember);
$strGuest = '';
$strGuest .= "View pictures? " . $objAlbumGuest->getCombo('allow_view', $arrOptions) . "<br>";
$strGuest .= "Rate pictures? " . $objAlbumGuest->getCombo('allow_rate', $arrOptions) . "<br>";
$strGuest .= "Post pictures? " . $objAlbumGuest->getCombo('allow_post_picture', $arrOptions) . "<br>";
$strGuest .= "Post comments? " . $objAlbumGuest->getCombo('allow_post_comment', $arrOptions) . "<br>";
$strGuest .= "Delete pictures? " . $objAlbumGuest->getCombo('allow_delete_picture', $arrOptions) . "<br>";
$strGuest .= "Create sub-albums?" . $objAlbumGuest->getCombo('allow_create_subalbum', $arrOptions) . "<br>";
$objEditTemplate->setText('GUESTPERMISSIONS', $strGuest);
if ($objAlbum->isNew()) {
unset($arrSimplePermissions[-1]);
}
if ($objParent->isNew()) {
unset($arrSimplePermissions[0]);
}
$arrKeys = array_keys($arrSimplePermissions);
$objAlbum->set('simple_permissions', $arrKeys[0]);
$arrSimplePermissions[$arrKeys[0]] .= " <em>(recommended)</em>";
$objEditTemplate->setText('SIMPLEPERMISSIONS', $objAlbum->getRadioString('simple_permissions', $arrSimplePermissions));
$objEditTemplate->setText('SUBMIT', $objAlbum->getSubmit('Save'));
print $objEditTemplate->get();
}
} else {
if ($strSubAction == 'delete') {
if (!$objComment->canDelete($objUser)) {
throw new Exception('exception_accessdenied');
}
$objComment->delete();
$objComment->save();
header("Location: index.php?action=picture&" . $objPicture->getIDPair());
} else {
if ($strSubAction = 'viewnew') {
if (!$objUser) {
throw new Exception('exception_accessdenied');
}
$arrComments = clsComment::getNewComments($objUser);
foreach ($arrComments as $objComment) {
$objComment = new clsComment($objComment->get('id'));
$objPicture = new clsPicture($objComment->get('picture_id'));
$objCommentTemplate = new clsTemplate('newcomment');
$objCommentTemplate->setText('IMAGE', "<a href='index.php?action=picture&" . $objPicture->getIDPair() . "'>" . $objPicture->getHtmlThumbnail(128, 128) . "</a>");
$objCommentTemplate->setText('TITLE', $objComment->get('title') . ' ' . $objComment->getNewIcon($objUser));
$objCommentTemplate->setText('USERNAME', $objComment->getUsername());
$objCommentTemplate->setText('DATE', time_to_text(strtotime($objComment->get('date'))));
$objCommentTemplate->setText('TEXT', bbcode_format($objComment->get('text')));
print $objCommentTemplate->get();
/* Mark the comment as viewed */
$objComment->setViewed($objUser);
}
}
}
}
}
$objMemberTemplate->setText('REMEMBERFILTER', $objMember->getCheckNoJavascript('remember_filter'));
$objMemberTemplate->setText('REALNAME', $objMember->getTextField('realname'));
$objMemberTemplate->setText('LOCATION', $objMember->getTextField('location'));
$objMemberTemplate->setText('SAVE', $objMember->getSubmit('Save'));
if (!$objMember->isNew()) {
$objMemberTemplate->setText('BLANK', "(Blank not to change it.)");
}
print $objMemberTemplate->get();
} else {
$objTemplate->setText('PAGETITLE', 'Viewing ' . $objMember->get('username'));
$objBreadcrumbs->add($objMember->get('username'), "index.php?action=members&subaction=view&" . $objMember->getIDPair());
$objMemberTemplate = new clsTemplate('viewuser');
$objMemberTemplate->setText('USERNAME', $objMember->get('username'));
$objMemberTemplate->setText('REALNAME', $objMember->get('realname'));
$objMemberTemplate->setText('LOCATION', $objMember->get('location'));
print $objMemberTemplate->get();
}
}
if ($strSubAction == 'save') {
if (!clsUser::canEdit($objMember, $objUser)) {
throw new Exception('exception_accessdenied');
}
$objMember->getFromRequest(array('id', 'username', 'password1', 'password2', 'email', 'is_advanced', 'show_empty', 'remember_filter', 'realname', 'location'));
if ($objMember->isNew()) {
$ret = $objMember->attemptCreate();
if (is_string($ret)) {
$objMember->remove('password1');
$objMember->remove('password2');
header("Location: index.php?action=members&subaction=view&error={$ret}&" . $objMember->getQueryString());
} else {
$objUser = $ret;
print $objGroupTemplate->get();
}
if ($strSubAction == 'edit') {
if (!$objGroup->canEdit($objUser)) {
throw new Exception('exception_accessdenied');
}
$objTemplate->setText('PAGETITLE', "Editing Group: " . $objGroup->get('name'));
$objGroupTemplate = new clsTemplate('editgroup');
$objGroupTemplate->setText('HIDDEN', $objGroup->getHiddenField('id'));
$objGroupTemplate->setText('HIDDEN', "<input type='hidden' name='action' value='groups'>");
$objGroupTemplate->setText('HIDDEN', "<input type='hidden' name='subaction' value='save'>");
$objGroupTemplate->setText('NAME', $objGroup->getTextField('name'));
$objGroupTemplate->setText('ISPRIVATE', $objGroup->getCheckNoJavascript('is_private'));
$objGroupTemplate->setText('ISHIDDEN', $objGroup->getCheckNoJavascript('is_hidden'));
$objGroupTemplate->setText('SAVE', $objGroup->getSubmit('Save'));
print $objGroupTemplate->get();
}
if ($strSubAction == 'save') {
if (!$objGroup->canEdit($objUser)) {
throw new Exception('exception_accessdenied');
}
$objGroup->getFromRequest(array('id', 'name', 'is_private', 'is_hidden'));
if ($objGroup->isNew()) {
$objGroup->set('user_id', $objUser->get('id'));
}
$objGroup->save();
header("Location: index.php?action=groups&subaction=view&message=group_saved&" . $objGroup->getIDPair());
}
if ($strSubAction == 'invite') {
if (!$objGroup->isMember($objUser)) {
throw new Exception('exception_accessdenied');
public function display($objUser)
{
$objAlbumOwner = $this->getForeignObject('user');
$intPictureCount = sizeof($this->getPictures());
$intSubAlbumCount = sizeof($this->getSubAlbums($objUser));
if ($intPictureCount == 0 && $intAlbumCount == 0 && $objUser && $objUser->get('show_empty') == 0) {
return '';
}
$objAlbumTemplate = new clsTemplate('album');
$objAlbumTemplate->setText('NAME', "<a href='index.php?action=albums&" . $this->getIDPair() . "' class='albumentrylink'>" . $this->get('name') . "</a> " . $this->getNewIcon($objUser));
$objAlbumTemplate->setText('ID', $this->get('id'));
$objAlbumTemplate->setText('USERNAME', $objAlbumOwner->get('username'));
$objAlbumTemplate->setText('CAPTION', bbcode_format($this->get('caption')));
$objAlbumTemplate->setText('EXPANDCLICK', "toggle_album(\"" . $this->get('id') . "\");");
$objAlbumTemplate->setText('LASTUPDATED', $this->getLastUpdated());
$objAlbumTemplate->setText('PICTURECOUNT', $intPictureCount);
$objAlbumTemplate->setText('ALBUMCOUNT', $intSubAlbumCount);
if ($intPictureCount == 0 && $intSubAlbumCount == 0) {
$objAlbumTemplate->setText('ISEMPTY', '(empty)');
}
$strPreview = "";
$arrPictures = $this->getTopPictures(ALBUM_NUMPREVIEW);
foreach ($arrPictures as $objPicture) {
$objAlbumTemplate->setText('PREVIEW', $objPicture->getHtmlThumbnail(ALBUM_PREVIEWSIZE, ALBUM_PREVIEWSIZE));
}
print $objAlbumTemplate->get();
}
}
/* Make sure that users can only edit their own pictures. */
$objPicture->delete();
$objPicture->save();
header("Location: index.php?action=upload&subaction=preview");
}
if ($strSubAction == 'preview') {
$objTemplate->setText('PAGETITLE', "Pending Pictures");
$objBreadcrumbs->add('Upload', 'index.php?action=upload');
$objBreadcrumbs->add('Pending', 'index.php?action=upload&subaction=preview');
$arrPictures = clsPicture::getPending($objUser);
print "You have <strong>" . sizeof($arrPictures) . "</strong> pictures waiting for attention" . ($objUser ? "" : " (note: unsaved images from all guests will appear here)") . ":<br><br>";
foreach ($arrPictures as $objPicture) {
$objPicture = new clsPicture($objPicture->get('id'));
$objAlbum = new clsAlbum($objPicture->get('album_id'));
$objTemplate = new clsTemplate('preview');
$objTemplate->setText('HIDDEN', $objPicture->getHiddenField('id'));
$objTemplate->setText('ALBUM', $objPicture->getCombo('album_id', clsDB::getOptionsFromList($objAlbum->getPostableAlbums($objUser), 'name', 'id', "Select an album")));
$objTemplate->setText('ID', $objPicture->get('id'));
$objTemplate->setText('IMAGE', $objPicture->getHtmlThumbnail(250, 250));
/* TODO: Customizable? */
$objTemplate->setText('NAME', $objPicture->get('original_name'));
$objTemplate->setText('WIDTH', $objPicture->get('width'));
$objTemplate->setText('HEIGHT', $objPicture->get('height'));
$objTemplate->setText('SAVEDELETE', $objPicture->getCombo('subaction', array('confirm' => 'Keep', 'delete' => 'Don\'t keep'), null, true));
$objTemplate->setText('TITLE', $objPicture->getTextField('title'));
$objTemplate->setText('CAPTION', $objPicture->getTextArea('caption'));
$objTemplate->setText('SUBMIT', $objPicture->getSubmit('Save'));
print $objTemplate->get();
}
}