/** * FTP Import * * @param int album_id album_id upload media * @return string HTML * */ function MG_ftpUpload($album_id) { global $MG_albums, $_USER, $_CONF, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03; $retval = ''; $T = new Template(MG_getTemplatePath($album_id)); $T->set_file('mupload', 'ftpupload.thtml'); $T->set_var('site_url', $_CONF['site_url']); $T->set_var('album_id', $album_id); if ($MG_albums[$album_id]->access == 3 || SEC_hasRights('mediagallery.admin') || $MG_albums[$album_id]->member_uploads == 1 && !COM_isAnonUser()) { $T->set_var(array('s_form_action' => $_MG_CONF['site_url'] . '/admin.php', 'lang_upload_help' => $LANG_MG03['upload_help'], 'lang_media_ftp' => $LANG_MG01['upload_media'], 'lang_directory' => $LANG_MG01['directory'], 'lang_recurse' => $LANG_MG01['recurse'], 'lang_delete_files' => $LANG_MG01['delete_files'], 'lang_caption' => $LANG_MG01['caption'], 'lang_file' => $LANG_MG01['file'], 'lang_description' => $LANG_MG01['description'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 'lang_yes' => $LANG_MG01['yes'], 'lang_no' => $LANG_MG01['no'], 'lang_ftp_help' => $LANG_MG03['ftp_help'], 'album_id' => $album_id, 'ftp_path' => $_MG_CONF['ftp_path'], 'action' => 'ftp')); $T->parse('output', 'mupload'); $retval .= $T->finish($T->get_var('output')); return $retval; } else { COM_errorLog("MediaGallery: user attempted to upload to a restricted album."); return MG_genericError($LANG_MG00['access_denied_msg']); } }
function MG_MassdeleteAlbum($album_id) { global $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01; // need to check perms here... if ($MG_albums[$album_id]->access != 3) { COM_errorLog("MediaGallery: Someone has tried to illegally delete an album in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: " . $_SERVER['REMOTE_ADDR'], 1); return MG_genericError($LANG_MG00['access_denied_msg']); } MG_MassdeleteChildAlbums($album_id); if ($_MG_CONF['member_albums'] == 1 && $MG_albums[$album_id]->parent == $_MG_CONF['member_album_root']) { $result = DB_query("SELECT * FROM {$_TABLES['mg_albums']} WHERE owner_id=" . $MG_albums[$album_id]->owner_id . " AND album_parent=" . $MG_albums[$album_id]->parent); $numRows = DB_numRows($result); if ($numRows == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET member_gallery=0 WHERE uid=" . $MG_albums[$album_id]->owner_id, 1); } } MG_initAlbums(); require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php'; MG_buildFullRSS(); }
function MG_mediaEdit($album_id, $media_id, $actionURL = '', $mqueue = 0, $view = 0, $back = '') { global $MG_albums, $_USER, $_CONF, $_MG_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $LANG_MG07, $_POST, $_DB_dbms; MG_initAlbums(); if ($actionURL == '') { $actionURL = $_MG_CONF['site_url'] . '/index.php'; } $retval = ''; $preview = ''; $preview_end = ''; $srcURL = ''; if ($view) { $srcURL = '&s=1'; } $T = new Template(MG_getTemplatePath($album_id)); $T->set_file(array('admin' => 'mediaedit.thtml', 'asf_options' => 'edit_asf_options.thtml', 'mp3_options' => 'edit_mp3_options.thtml', 'swf_options' => 'edit_swf_options.thtml', 'mov_options' => 'edit_mov_options.thtml', 'flv_options' => 'edit_flv_options.thtml')); $T->set_var('album_id', $album_id); // a little sanity check, make sure the media item really belongs to the passed album. $match = 0; // Find which albums this image is already in... $sql = "SELECT album_id FROM " . ($mqueue ? $_TABLES['mg_media_album_queue'] : $_TABLES['mg_media_albums']) . " WHERE media_id='" . DB_escapeString($media_id) . "'"; $result = DB_query($sql); $nRows = DB_numRows($result); $albums = array(); for ($i = 0; $i < $nRows; $i++) { $row = DB_fetchArray($result); $albums[$i] = $row['album_id']; if ($row['album_id'] == $album_id) { $match = 1; } } // pull the media information from the database... $sql = "SELECT * FROM " . ($mqueue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . " WHERE media_id='" . DB_escapeString($media_id) . "'"; $result = DB_query($sql); $row = DB_fetchArray($result); if ($MG_albums[$album_id]->access != 3 && !SEC_inGroup($MG_albums[$album_id]->mod_group_id) && $row['media_user_id'] != $_USER['uid']) { COM_errorLog("Someone has tried to illegally sort albums in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } // Build Album List $level = 0; $album_jumpbox = '<select name="albums" width="40">'; $MG_albums[0]->buildJumpBox($album_id); $album_jumpbox .= '</select>'; // should check the above for errors, etc... if ($row['media_type'] == 0) { if (!function_exists('MG_readEXIF')) { require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-exif.php'; } $exif_info = MG_readEXIF($row['media_id'], 1, $mqueue); if ($exif_info == '') { $exif_info = ''; } } else { $exif_info = ''; } $dtObject = new Date($row['media_time'], $_USER['tzid']); $media_time_month = $dtObject->month; $media_time_day = $dtObject->day; $media_time_year = $dtObject->year; $media_time_hour = $dtObject->hour; $media_time_minute = $dtObject->minute; $month_select = '<select name="media_month">'; $month_select .= COM_getMonthFormOptions($media_time_month); $month_select .= '</select>'; $day_select = '<select name="media_day">'; for ($i = 1; $i < 32; $i++) { $day_select .= '<option value="' . $i . '"' . ($media_time_day == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $day_select .= '</select>'; $current_year = (int) date("Y"); $end_year = $current_year + 10; $year_select = '<select name="media_year">'; for ($i = 1998; $i < $end_year; $i++) { $year_select .= '<option value="' . $i . '"' . ($media_time_year == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $year_select .= '</select>'; $hour_select = '<select name="media_hour">'; for ($i = 0; $i < 24; $i++) { $hour_select .= '<option value="' . $i . '"' . ($media_time_hour == $i ? 'selected="selected"' : "") . '>' . $i . '</option>'; } $hour_select .= '</select>'; $minute_select = '<select name="media_minute">'; for ($i = 0; $i < 60; $i++) { $minute_select .= '<option value="' . $i . '"' . ($media_time_minute == $i ? 'selected="selected"' : "") . '>' . ($i < 10 ? '0' : '') . $i . '</option>'; } $minute_select .= '</select>'; $i = 0; switch ($row['media_type']) { case 0: if (!file_exists($_MG_CONF['path_mediaobjects'] . 'disp/' . $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext'])) { $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.jpg'; } else { $pThumbnail = $row['media_filename'][0] . '/' . $row['media_filename'] . '.' . $row['media_mime_ext']; } $thumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $pThumbnail; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'disp/' . $pThumbnail); if ($_CONF['image_lib'] == 'gdlib' && !function_exists("imagerotate")) { $rotate_right = ''; $rotate_left = ''; } else { $rotate_right = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&action=right' . $srcURL . '&queue=' . $mqueue . '&media_id=' . $row['media_id'] . '&album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_right_icon.gif" alt="' . $LANG_MG01['rotate_left'] . '" style="border:none;"/></a>'; $rotate_left = '<a href="' . $_MG_CONF['site_url'] . '/admin.php?mode=rotate&action=left' . $srcURL . '&queue=' . $mqueue . '&media_id=' . $row['media_id'] . '&album_id=' . $album_id . '">' . '<img src="' . $_MG_CONF['site_url'] . '/images/rotate_left_icon.gif" alt="' . $LANG_MG01['rotate_right'] . '" style="border:none;"/></a>'; } break; case 1: switch ($row['mime_type']) { case 'video/x-flv': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flv.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flv.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'application/x-shockwave-flash': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/flash.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'flash.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'video/mpeg': case 'video/x-mpeg': case 'video/x-mpeq2a': if ($_MG_CONF['use_wmp_mpeg'] == 1) { $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; } case 'video/x-motion-jpeg': case 'video/quicktime': case 'video/x-qtc': case 'audio/mpeg': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/quicktime.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'quicktime.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; case 'video/x-ms-asf': case 'video/x-ms-asf-plugin': case 'video/avi': case 'video/msvideo': case 'video/x-msvideo': case 'video/avs-video': case 'video/x-ms-wmv': case 'video/x-ms-wvx': case 'video/x-ms-wm': case 'application/x-troff-msvideo': case 'application/x-ms-wmz': case 'application/x-ms-wmd': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/wmp.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'wmp.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',415,540)\">"; $preview_end = "</a>"; break; default: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/video.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'video.png'); break; } $rotate_right = ''; $rotate_left = ''; break; case 2: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/audio.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'audio.png'); $preview = "<a href=\"javascript:showVideo('" . $_MG_CONF['site_url'] . "/video.php?n=" . $row['media_id'] . ($mqueue ? "&s=q" : '') . "',325,330)\">"; $preview_end = "</a>"; $rotate_right = ''; $rotate_left = ''; break; case 4: switch ($row['mime_type']) { case 'application/zip': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/zip.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'zip.png'); break; case 'application/pdf': $thumbnail = $_MG_CONF['mediaobjects_url'] . '/pdf.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'pdf.png'); break; default: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/generic.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'generic.png'); break; } $rotate_right = ''; $rotate_left = ''; break; case 5: $thumbnail = $_MG_CONF['mediaobjects_url'] . '/remote.png'; $size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'remote.png'); $rotate_left = ''; $rotate_right = ''; break; } $media_time = MG_getUserDateTimeFormat($row['media_time']); if ($row['media_tn_attached'] == 1) { foreach ($_MG_CONF['validExtensions'] as $ext) { if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext)) { $pAttachedThumbnail = $_MG_CONF['path_mediaobjects'] . 'tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext; $iAttachedThumbnail = $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext; break; } } $atnsize = @getimagesize($pAttachedThumbnail); if ($atnsize != FALSE) { if ($atnsize[0] > $atnsize[1]) { $ratio = $atnsize[0] / 200; $newwidth = 200; $newheight = round($atnsize[1] / $ratio); } else { $ratio = $atnsize[1] / 200; $newheight = 200; $newwidth = round($atnsize[0] / $ratio); } $atnsize = 'height="' . $newheight . '" width="' . $newwidth . '"'; } else { $atnsize = ''; } $T->set_var(array('attached_thumbnail' => '<img src="' . $_MG_CONF['mediaobjects_url'] . '/tn/' . $row['media_filename'][0] . '/tn_' . $row['media_filename'] . $ext . '" alt="" ' . $atnsize . '/>')); } // playback options, if needed... if ($row['mime_type'] == 'video/x-ms-asf' || $row['mime_type'] == 'video/x-ms-wvx' || $row['mime_type'] == 'video/x-ms-wm' || $row['mime_type'] == 'video/x-ms-wmx' || $row['mime_type'] == 'video/x-ms-wmv' || $row['mime_type'] == 'audio/x-ms-wma' || $row['mime_type'] == 'video/x-msvideo') { // pull defaults, then override... $playback_options['autostart'] = $_MG_CONF['asf_autostart']; $playback_options['enablecontextmenu'] = $_MG_CONF['asf_enablecontextmenu']; $playback_options['stretchtofit'] = $_MG_CONF['asf_stretchtofit']; $playback_options['uimode'] = $_MG_CONF['asf_uimode']; $playback_options['showstatusbar'] = $_MG_CONF['asf_showstatusbar']; $playback_options['playcount'] = $_MG_CONF['asf_playcount']; $playback_options['height'] = $_MG_CONF['asf_height']; $playback_options['width'] = $_MG_CONF['asf_width']; $playback_options['bgcolor'] = $_MG_CONF['asf_bgcolor']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $uimode_select = '<select name="uimode">'; $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>'; $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>'; $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>'; $uimode_select .= '</select>'; $T->set_var(array('autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'stretchtofit_enabled' => $playback_options['stretchtofit'] ? ' checked="checked"' : '', 'stretchtofit_disabled' => $playback_options['stretchtofit'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'playcount' => $playback_options['playcount'], 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playcount' => $LANG_MG07['playcount'], 'lang_playcount_help' => $LANG_MG07['playcount_help'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown', 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'])); $T->parse('playback_options', 'asf_options'); } if ($row['mime_type'] == 'audio/mpeg') { // pull defaults, then override... $playback_options['autostart'] = $_MG_CONF['mp3_autostart']; $playback_options['enablecontextmenu'] = $_MG_CONF['mp3_enablecontextmenu']; $playback_options['uimode'] = $_MG_CONF['mp3_uimode']; $playback_options['showstatusbar'] = $_MG_CONF['mp3_showstatusbar']; $playback_options['loop'] = $_MG_CONF['mp3_loop']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $uimode_select = '<select name="uimode">'; $uimode_select .= '<option value="none" ' . ($playback_options['uimode'] == 'none' ? ' selected="selected"' : '') . '>' . $LANG_MG07['none'] . '</option>'; $uimode_select .= '<option value="mini" ' . ($playback_options['uimode'] == 'mini' ? ' selected="selected"' : '') . '>' . $LANG_MG07['mini'] . '</option>'; $uimode_select .= '<option value="full" ' . ($playback_options['uimode'] == 'full' ? ' selected="selected"' : '') . '>' . $LANG_MG07['full'] . '</option>'; $uimode_select .= '</select>'; $T->set_var(array('audio_tab' => true, 'autostart_enabled' => $playback_options['autostart'] ? ' checked="checked"' : '', 'autostart_disabled' => $playback_options['autostart'] ? '' : ' checked="checked"', 'enablecontextmenu_enabled' => $playback_options['enablecontextmenu'] ? ' checked="checked"' : '', 'enablecontextmenu_disabled' => $playback_options['enablecontextmenu'] ? '' : ' checked="checked"', 'showstatusbar_enabled' => $playback_options['showstatusbar'] ? ' checked="checked"' : '', 'showstatusbar_disabled' => $playback_options['showstatusbar'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'uimode_select' => $uimode_select, 'uimode' => $playback_options['uimode'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_enable_context_menu' => $LANG_MG07['enable_context_menu'], 'lang_enable_context_menu_help' => $LANG_MG07['enable_context_menu_help'], 'lang_stretch_to_fit' => $LANG_MG07['stretch_to_fit'], 'lang_stretch_to_fit_help' => $LANG_MG07['stretch_to_fit_help'], 'lang_status_bar' => $LANG_MG07['status_bar'], 'lang_status_bar_help' => $LANG_MG07['status_bar_help'], 'lang_ui_mode' => $LANG_MG07['ui_mode'], 'lang_ui_mode_help' => $LANG_MG07['ui_mode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'])); $T->parse('playback_options', 'mp3_options'); } if ($row['mime_type'] == 'application/x-shockwave-flash' || $row['mime_type'] == 'video/x-flv') { // pull defaults, then override... $playback_options['play'] = $_MG_CONF['swf_play']; $playback_options['menu'] = $_MG_CONF['swf_menu']; $playback_options['quality'] = $_MG_CONF['swf_quality']; $playback_options['height'] = $_MG_CONF['swf_height']; $playback_options['width'] = $_MG_CONF['swf_width']; $playback_options['loop'] = $_MG_CONF['swf_loop']; $playback_options['scale'] = $_MG_CONF['swf_scale']; $playback_options['wmode'] = $_MG_CONF['swf_wmode']; $playback_options['allowscriptaccess'] = $_MG_CONF['swf_allowscriptaccess']; $playback_options['bgcolor'] = $_MG_CONF['swf_bgcolor']; $playback_options['swf_version'] = $_MG_CONF['swf_version']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $quality_select = '<select name="quality">'; $quality_select .= '<option value="low" ' . ($playback_options['quality'] == 'low' ? ' selected="selected"' : '') . '>' . $LANG_MG07['low'] . '</option>'; $quality_select .= '<option value="high" ' . ($playback_options['quality'] == 'high' ? ' selected="selected"' : '') . '>' . $LANG_MG07['high'] . '</option>'; $quality_select .= '</select>'; $scale_select = '<select name="scale">'; $scale_select .= '<option value="showall" ' . ($playback_options['scale'] == 'showall' ? ' selected="selected"' : '') . '>' . $LANG_MG07['showall'] . '</option>'; $scale_select .= '<option value="noborder" ' . ($playback_options['scale'] == 'noborder' ? ' selected="selected"' : '') . '>' . $LANG_MG07['noborder'] . '</option>'; $scale_select .= '<option value="exactfit" ' . ($playback_options['scale'] == 'exactfit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['exactfit'] . '</option>'; $scale_select .= '</select>'; $wmode_select = '<select name="wmode">'; $wmode_select .= '<option value="window" ' . ($playback_options['wmode'] == 'window' ? ' selected="selected"' : '') . '>' . $LANG_MG07['window'] . '</option>'; $wmode_select .= '<option value="opaque" ' . ($playback_options['wmode'] == 'opaque' ? ' selected="selected"' : '') . '>' . $LANG_MG07['opaque'] . '</option>'; $wmode_select .= '<option value="transparent" ' . ($playback_options['wmode'] == 'transparent' ? ' selected="selected"' : '') . '>' . $LANG_MG07['transparent'] . '</option>'; $wmode_select .= '</select>'; $asa_select = '<select name="allowscriptaccess">'; $asa_select .= '<option value="always" ' . ($playback_options['allowscriptaccess'] == 'always' ? ' selected="selected"' : '') . '>' . $LANG_MG07['always'] . '</option>'; $asa_select .= '<option value="sameDomain" ' . ($playback_options['allowscriptaccess'] == 'sameDomain' ? ' selected="selected"' : '') . '>' . $LANG_MG07['sameDomain'] . '</option>'; $asa_select .= '<option value="never" ' . ($playback_options['allowscriptaccess'] == 'never' ? ' selected="selected"' : '') . '>' . $LANG_MG07['never'] . '</option>'; $asa_select .= '</select>'; $T->set_var(array('play_enabled' => $playback_options['play'] ? ' checked="checked"' : '', 'play_disabled' => $playback_options['play'] ? '' : ' checked="checked"', 'menu_enabled' => $playback_options['menu'] ? ' checked="checked"' : '', 'menu_disabled' => $playback_options['menu'] ? '' : ' checked="checked"', 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'quality_select' => $quality_select, 'scale_select' => $scale_select, 'wmode_select' => $wmode_select, 'asa_select' => $asa_select, 'flashvars' => isset($playback_options['flashvars']) ? $playback_options['flashvars'] : '', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'swf_version' => $playback_options['swf_version'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_menu' => $LANG_MG07['menu'], 'lang_menu_help' => $LANG_MG07['menu_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_swf_scale_help' => $LANG_MG07['swf_scale_help'], 'lang_wmode' => $LANG_MG07['wmode'], 'lang_wmode_help' => $LANG_MG07['wmode_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_quality' => $LANG_MG07['quality'], 'lang_quality_help' => $LANG_MG07['quality_help'], 'lang_flash_vars' => $LANG_MG07['flash_vars'], 'lang_asa' => $LANG_MG07['asa'], 'lang_asa_help' => $LANG_MG07['asa_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'], 'lang_swf_version_help' => $LANG_MG07['swf_version_help'])); if ($row['mime_type'] == 'application/x-shockwave-flash') { $T->parse('playback_options', 'swf_options'); } else { $T->parse('playback_options', 'flv_options'); } } if ($row['media_mime_ext'] == 'mov' || $row['media_mime_ext'] == 'mp4' || $row['mime_type'] == 'video/quicktime' || $row['mime_type'] == 'video/mpeg') { // pull defaults, then override... $playback_options['autoref'] = $_MG_CONF['mov_autoref']; $playback_options['autoplay'] = $_MG_CONF['mov_autoplay']; $playback_options['controller'] = $_MG_CONF['mov_controller']; $playback_options['kioskmode'] = isset($_MG_CONF['mov_kioskmod']) ? $_MG_CONF['mov_kiokmode'] : ''; $playback_options['scale'] = $_MG_CONF['mov_scale']; $playback_options['loop'] = $_MG_CONF['mov_loop']; $playback_options['height'] = $_MG_CONF['mov_height']; $playback_options['width'] = $_MG_CONF['mov_width']; $playback_options['bgcolor'] = $_MG_CONF['mov_bgcolor']; $poResult = DB_query("SELECT * FROM {$_TABLES['mg_playback_options']} WHERE media_id='" . DB_escapeString($row['media_id']) . "'"); $poNumRows = DB_numRows($poResult); for ($i = 0; $i < $poNumRows; $i++) { $poRow = DB_fetchArray($poResult); $playback_options[$poRow['option_name']] = $poRow['option_value']; } $scale_select = '<select name="scale">'; $scale_select .= '<option value="tofit" ' . ($playback_options['scale'] == 'tofit' ? ' selected="selected"' : '') . '>' . $LANG_MG07['to_fit'] . '</option>'; $scale_select .= '<option value="aspect" ' . ($playback_options['scale'] == 'aspect' ? ' selected="selected"' : '') . '>' . $LANG_MG07['aspect'] . '</option>'; $scale_select .= '<option value="1" ' . ($playback_options['scale'] == '1' ? ' selected="selected"' : '') . '>' . $LANG_MG07['normal_size'] . '</option>'; $scale_select .= '</select>'; $T->set_var(array('autoref_enabled' => $playback_options['autoref'] ? ' checked="checked"' : '', 'autoref_disabled' => $playback_options['autoref'] ? '' : ' checked="checked"', 'autoplay_enabled' => $playback_options['autoplay'] ? ' checked="checked"' : '', 'autoplay_disabled' => $playback_options['autoplay'] ? '' : ' checked="checked"', 'controller_enabled' => $playback_options['controller'] ? ' checked="checked"' : '', 'controller_disabled' => $playback_options['controller'] ? '' : ' checked="checked"', 'kioskmode_enabled' => $playback_options['kioskmode'] ? ' checked="checked"' : '', 'kioskmode_disabled' => $playback_options['kioskmode'] ? '' : ' checked="checked"', 'scale_select' => $scale_select, 'loop_enabled' => $playback_options['loop'] ? ' checked="checked"' : '', 'loop_disabled' => $playback_options['loop'] ? '' : ' checked="checked"', 'height' => $playback_options['height'], 'width' => $playback_options['width'], 'bgcolor' => $playback_options['bgcolor'], 'lang_playback_options' => $LANG_MG07['playback_options'], 'lang_option' => $LANG_MG07['option'], 'lang_description' => $LANG_MG07['description'], 'lang_on' => $LANG_MG07['on'], 'lang_off' => $LANG_MG07['off'], 'lang_height' => $LANG_MG07['height'], 'lang_width' => $LANG_MG07['width'], 'lang_height_help' => $LANG_MG07['height_help'], 'lang_width_help' => $LANG_MG07['width_help'], 'lang_auto_start' => $LANG_MG07['auto_start'], 'lang_auto_start_help' => $LANG_MG07['auto_start_help'], 'lang_auto_ref' => $LANG_MG07['auto_ref'], 'lang_auto_ref_help' => $LANG_MG07['auto_ref_help'], 'lang_controller' => $LANG_MG07['controller'], 'lang_controller_help' => $LANG_MG07['controller_help'], 'lang_kiosk_mode' => $LANG_MG07['kiosk_mode'], 'lang_kiosk_mode_help' => $LANG_MG07['kiosk_mode_help'], 'lang_scale' => $LANG_MG07['scale'], 'lang_scale_help' => $LANG_MG07['scale_help'], 'lang_loop' => $LANG_MG07['loop'], 'lang_loop_help' => $LANG_MG07['loop_help'], 'lang_bgcolor' => $LANG_MG07['bgcolor'], 'lang_bgcolor_help' => $LANG_MG07['bgcolor_help'])); $T->parse('playback_options', 'mov_options'); } $T->set_var(array('original_filename' => $row['media_original_filename'], 'attach_tn' => $row['media_tn_attached'], 'at_tn_checked' => $row['media_tn_attached'] == 1 ? ' checked="checked"' : '', 'album_id' => $album_id, 'media_thumbnail' => $thumbnail, 'nocache' => time(), 'media_id' => $row['media_id'], 'media_title' => $row['media_title'], 'media_desc' => $row['media_desc'], 'media_time' => $media_time[0], 'media_views' => $row['media_views'], 'media_comments' => $row['media_comments'], 'media_exif_info' => $exif_info, 'media_rating_max' => 5, 'height' => $size[1] + 50, 'width' => $size[0] + 40, 'queue' => $mqueue, 'month_select' => $month_select, 'day_select' => $day_select, 'year_select' => $year_select, 'hour_select' => $hour_select, 'minute_select' => $minute_select, 'user_ip' => $row['media_user_ip'], 'album_select' => $album_jumpbox, 'media_rating' => $row['media_rating'] / 2, 'media_votes' => $row['media_votes'], 's_mode' => 'edit', 's_title' => $LANG_MG01['edit_media'], 's_rotate_right' => $rotate_right, 's_rotate_left' => $rotate_left, 's_form_action' => $actionURL, 'allowed_html' => COM_allowedHTML(SEC_getUserPermissions(), false, 'mediagallery', 'media_title'), 'site_url' => $_MG_CONF['site_url'], 'preview' => $preview, 'preview_end' => $preview_end)); if ($row['remote_media'] == 1) { $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['remote_url'])); } else { $T->set_var(array('remoteurl' => $row['remote_url'], 'lang_remote_url' => $LANG_MG01['alternate_url'])); } if ($row['media_type'] == 1) { $T->set_var(array('lang_resolution' => $LANG_MG07['resolution'], 'resolution' => $row['media_resolution_x'] > 0 && $row['media_resolution_y'] > 0 ? $row['media_resolution_x'] . 'x' . $row['media_resolution_y'] : 'unknown')); } else { $T->set_var(array('lang_resolution' => '', 'resolution' => '')); } // Pull user information now if ($row['media_user_id'] != '') { if ($_CONF['show_fullname']) { $displayname = 'fullname'; } else { $displayname = 'username'; } $username = DB_getItem($_TABLES['users'], $displayname, "uid={$row['media_user_id']}"); } else { $username = ''; } $userselect = '<select name="owner_name"> '; $sql = "SELECT * FROM {$_TABLES['users']} WHERE status=3 AND uid > 1 ORDER BY username ASC"; $result = DB_query($sql); while ($userRow = DB_fetchArray($result)) { $userselect .= '<option value="' . $userRow['uid'] . '"' . ($userRow['uid'] == $row['media_user_id'] ? ' selected="selected"' : '') . '>' . $userRow['username'] . '</option>' . LB; } $userselect .= '</select>'; if (SEC_hasRights('mediagallery.admin')) { $T->set_var('username', $userselect); } else { $T->set_var('username', $username); } $cat_select = '<select name="cat_id" id="cat_id">'; $cat_select .= '<option value="">' . $LANG_MG01['no_category'] . '</option>'; $result = DB_query("SELECT * FROM {$_TABLES['mg_category']} ORDER BY cat_id ASC"); while ($catRow = DB_fetchArray($result)) { $cat_select .= '<option value="' . $catRow['cat_id'] . '" ' . ($catRow['cat_id'] == $row['media_category'] ? ' selected="selected"' : '') . '>' . $catRow['cat_name'] . '</option>'; } $cat_select .= '</select>'; // keywords $keywords = $row['media_keywords']; if ($back != '') { $T->set_var(array('rpath' => htmlentities($back, ENT_QUOTES, COM_getEncodingt()))); } else { $T->set_var(array('rpath' => '')); } $artist = $row['artist']; $musicalbum = $row['album']; $genre = $row['genre']; // language items... $T->set_var(array('lang_original_filename' => $LANG_MG01['original_filename'], 'lang_media_item' => $LANG_MG00['media_col_header'], 'lang_media_attributes' => $LANG_MG01['media_attributes'], 'lang_mediaattributes' => $LANG_MG01['mediaattributes'], 'lang_attached_thumbnail' => $LANG_MG01['attached_thumbnail'], 'lang_category' => $LANG_MG01['category'], 'lang_keywords' => $LANG_MG01['keywords'], 'lang_rating' => $LANG_MG03['rating'], 'lang_comments' => $LANG_MG03['comments'], 'lang_votes' => $LANG_MG03['votes'], 'media_edit_title' => $LANG_MG01['media_edit'], 'media_edit_help' => $LANG_MG01['media_edit_help'], 'rotate_left' => $LANG_MG01['rotate_left'], 'rotate_right' => $LANG_MG01['rotate_right'], 'lang_title' => $LANG_MG01['title'], 'albums' => $LANG_MG01['albums'], 'description' => $LANG_MG01['description'], 'capture_time' => $LANG_MG01['capture_time'], 'views' => $LANG_MG03['views'], 'uploaded_by' => $LANG_MG01['uploaded_by'], 'submit' => $LANG_MG01['submit'], 'cancel' => $LANG_MG01['cancel'], 'reset' => $LANG_MG01['reset'], 'lang_save' => $LANG_MG01['save'], 'lang_reset' => $LANG_MG01['reset'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset_rating' => $LANG_MG01['reset_rating'], 'lang_reset_views' => $LANG_MG01['reset_views'], 'cat_select' => $cat_select, 'media_keywords' => $keywords, 'lang_replacefile' => $LANG_MG01['replace_file'], 'artist' => $artist, 'musicalbum' => $musicalbum, 'genre' => $genre, 'lang_artist' => $LANG_MG01['artist'], 'lang_genre' => $LANG_MG01['genre'], 'lang_music_album' => $LANG_MG01['music_album'])); $T->parse('output', 'admin'); $retval .= $T->finish($T->get_var('output')); return $retval; }
/** * deletes specified album and moves contents if target_id not 0 * * @param int album_id album_id to delete * @param int target_id album id of where to move the delted albums contents * @return string HTML * */ function MG_deleteAlbum($album_id, $target_id, $actionURL = '') { global $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01; if ($actionURL == '') { $actionURL = $_CONF['site_admin_url'] . '/plugins/mediagallery/index.php'; } // need to check perms here... if ($MG_albums[$album_id]->access != 3) { COM_errorLog("MediaGallery: Someone has tried to illegally delete an album in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } if ($target_id == 0) { // Delete all images -- need to recurse through all sub-albums... MG_deleteChildAlbums($album_id); } else { // move the stuff to another album... // add a check to make sure we have edit rights to the target album... $sql = "SELECT * FROM {$_TABLES['mg_albums']} WHERE album_id=" . $target_id; $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $access = SEC_hasAccess($row['owner_id'], $row['group_id'], $row['perm_owner'], $row['perm_group'], $row['perm_members'], $row['perm_anon']); if ($access == 3 || SEC_hasRights('mediagallery.admin')) { $sql = "UPDATE " . $_TABLES['mg_media_albums'] . " SET album_id = " . $target_id . " WHERE album_id = " . $album_id; DB_query($sql); $sql = "UPDATE " . $_TABLES['mg_albums'] . " SET album_parent = " . $target_id . " WHERE album_parent=" . $album_id; DB_query($sql); $sql = "DELETE FROM " . $_TABLES['mg_albums'] . " WHERE album_id = " . $album_id; DB_query($sql); // now we need to update the last_update, media_count and thumbnail image for this album.... $dbCount = DB_count($_TABLES['mg_media_albums'], 'album_id', $target_id); DB_query("UPDATE " . $_TABLES['mg_albums'] . " SET media_count=" . $dbCount . " WHERE album_id=" . $target_id); // now pull last_update and new thumbnail if ($MG_albums[$target_id]->album_cover == -1) { $result = DB_query("SELECT media_filename FROM {$_TABLES['mg_media']} AS m LEFT JOIN {$_TABLES['mg_media_albums']} AS ma ON m.media_id=ma.media_id WHERE ma.album_id=" . $target_id . " AND m.media_type=0 ORDER BY m.media_upload_time DESC LIMIT 1"); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $filename = $row['media_filename']; $sql = "UPDATE " . $_TABLES['mg_albums'] . " SET album_cover = '-1', album_cover_filename='" . $filename . "' WHERE album_id = " . $target_id; DB_query($sql); } else { $sql = "UPDATE " . $_TABLES['mg_albums'] . " SET album_cover = '-1', album_cover_filename='' WHERE album_id = " . $target_id; DB_query($sql); } } } else { COM_errorLog("MediaGallery: User attempting to move to a album that user does not have privelges too!"); return MG_genericError($LANG_MG00['access_denied_msg']); } } else { COM_errorLog("MediaGallery: Deleting Album - ERROR - Target albums does not exist"); return MG_genericError($LANG_MG00['access_denied_msg']); } } // check and see if we need to reset the member_gallery flag... if ($_MG_CONF['member_albums'] == 1 && $MG_albums[$album_id]->parent == $_MG_CONF['member_album_root']) { $result = DB_query("SELECT * FROM {$_TABLES['mg_albums']} WHERE owner_id=" . $MG_albums[$album_id]->owner_id . " AND album_parent=" . $MG_albums[$album_id]->parent); $numRows = DB_numRows($result); if ($numRows == 0) { DB_query("UPDATE {$_TABLES['mg_userprefs']} SET member_gallery=0 WHERE uid=" . $MG_albums[$album_id]->owner_id, 1); } } require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php'; MG_buildFullRSS(); if ($target_id != 0) { MG_buildAlbumRSS($target_id); } CACHE_remove_instance('whatsnew'); echo COM_refresh($actionURL); exit; }
function MG_watermarkUpload($actionURL = '') { global $album_jumpbox, $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST; if ($actionURL == '') { $actionURL = $_MG_CONF['site_url'] . '/admin.php'; } $retval = ''; $T = new Template(MG_getTemplatePath(0)); $T->set_file(array('upload' => 'wm_upload.thtml')); if ($MG_albums[0]->access != 3 && !$MG_albums[0]->owner_id) { COM_errorLog("Someone has tried to illegally edit media in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } $retval .= '<h2>' . $LANG_MG01['watermark_upload'] . '</h2>'; // check the php.ini for the settings... $post_max_size = ini_get('post_max_size'); $upload_max_filesize = ini_get('upload_max_filesize'); $html_max_filesize = 65536; $warning = sprintf($LANG_MG01['upload_warning'], $upload_max_filesize, $post_max_size); $T->set_var(array('s_form_action' => $_MG_CONF['site_url'] . '/admin.php', 'action' => 'wm_upload', 'lang_wmupload_help' => $LANG_MG01['wm_upload_help'], 'lang_watermark_upload' => $LANG_MG01['watermark_upload'], 'lang_file' => $LANG_MG01['file'], 'lang_description' => $LANG_MG01['description'], 'lang_save' => $LANG_MG01['save'], 'lang_cancel' => $LANG_MG01['cancel'], 'lang_reset' => $LANG_MG01['reset'], 'max_file_size' => '<input type="hidden" name="MAX_FILE_SIZE" value="' . $html_max_filesize . '"/>', 'lang_warning' => $warning)); if ($MG_albums[0]->owner_id) { $public = '<label for="wm_public">' . $LANG_MG01['public_access'] . ': </label><input type="checkbox" name="wm_public" id="wm_public" value="1"/><br/><br/>'; $T->set_var('public', $public); } $T->parse('output', 'upload'); $retval .= $T->finish($T->get_var('output')); return $retval; }
/** * saves the specified album information * * @param int album_id album_id to edit * @return string HTML * */ function MG_saveAlbum($album_id, $actionURL = '') { global $_DB_dbms, $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST; $update = 0; if (isset($_POST['album_id'])) { $aid = COM_applyFilter($_POST['album_id'], true); } else { $aid = 0; } if (isset($_POST['force_child_update'])) { $forceChildPermUpdate = COM_applyFilter($_POST['force_child_update'], true); } else { $forceChildPermUpdate = 0; } $thumb = $_FILES['thumbnail']; $thumbnail = $thumb['tmp_name']; if (isset($_POST['attach_tn'])) { $att = COM_applyFilter($_POST['attach_tn']); } else { $att = 0; } if ($aid > 0) { // should be 0 or negative 1 for create $album = $MG_albums[$aid]; $oldparent = $album->parent; $old_tn_attached = $album->tn_attached; $old_featured = $album->featured; $update = 1; } else { $album = new mgAlbum(); $album->id = $aid; $update = 0; $old_tn_attached = 0; } if ($_MG_CONF['htmlallowed'] == 1) { $album->title = COM_checkHTML(COM_killJS($_POST['album_name'])); $album->description = COM_checkHTML(COM_killJS($_POST['album_desc'])); } else { $album->title = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_name'])))); $album->description = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_desc'])))); } if ($album->title == "") { return MG_errorHandler("You must enter an Album Name"); } $album->parent = COM_applyFilter($_POST['parentaid'], true); // we should not need this if (isset($_POST['hidden'])) { $album->hidden = COM_applyFilter($_POST['hidden'], true); } else { $album->hidden = 0; } $album->cover = COM_applyFilter($_POST['cover']); $album->cover_filename = COM_applyFilter($_POST['album_cover_filename']); if (isset($_POST['enable_album_views'])) { $album->enable_album_views = COM_applyFilter($_POST['enable_album_views'], true); } else { $album->enable_album_views = 0; } $album->image_skin = COM_applyFilter($_POST['skin']); $album->album_skin = COM_applyFilter($_POST['askin']); $album->display_skin = COM_applyFilter($_POST['dskin']); if (isset($_POST['display_album_desc'])) { $album->display_album_desc = COM_applyFilter($_POST['display_album_desc'], true); } else { $album->display_album_desc = 0; } if (isset($_POST['enable_comments'])) { $album->enable_comments = COM_applyFilter($_POST['enable_comments'], true); } else { $album->enable_comments = 0; } $album->exif_display = COM_applyFilter($_POST['enable_exif'], true); if (isset($_POST['enable_rating'])) { $album->enable_rating = COM_applyFilter($_POST['enable_rating'], true); } else { $album->enable_rating = 0; } $album->playback_type = COM_applyFilter($_POST['playback_type'], true); $album->tn_attached = isset($_POST['attach_tn']) ? COM_applyFilter($_POST['attach_tn'], true) : 0; $album->enable_slideshow = COM_applyFilter($_POST['enable_slideshow'], true); if (isset($_POST['enable_random'])) { $album->enable_random = COM_applyFilter($_POST['enable_random'], true); } else { $album->enable_random = 0; } if (isset($_POST['enable_shutterfly'])) { $album->enable_shutterfly = COM_applyFilter($_POST['enable_shutterfly'], true); } else { $album->enable_shutterfly = 0; } if (isset($_POST['enable_views'])) { $album->enable_views = COM_applyFilter($_POST['enable_views'], true); } else { $album->enable_views = 0; } if (isset($_POST['enable_keywords'])) { $album->enable_keywords = COM_applyFilter($_POST['enable_keywords'], true); } else { $album->enable_keywords = 0; } if (isset($_POST['enable_sort'])) { $album->enable_sort = COM_applyFilter($_POST['enable_sort'], true); } else { $album->enable_sort = 0; } if (isset($_POST['enable_rss'])) { $album->enable_rss = COM_applyFilter($_POST['enable_rss'], true); } else { $album->enable_rss = 0; } $album->enable_postcard = COM_applyFilter($_POST['enable_postcard'], true); if (isset($_POST['albums_first'])) { $album->albums_first = COM_applyFilter($_POST['albums_first'], true); } else { $album->albums_first = 0; } if (isset($_POST['allow_download'])) { $album->allow_download = COM_applyFilter($_POST['allow_download'], true); } else { $album->allow_download = 0; } if (isset($_POST['usealternate'])) { $album->useAlternate = COM_applyFilter($_POST['usealternate'], true); } else { $album->useAlternate = 0; } $album->full = COM_applyFilter($_POST['full_display'], true); $album->tn_size = COM_applyFilter($_POST['tn_size'], true); $album->max_image_height = COM_applyFilter($_POST['max_image_height'], true); $album->max_image_width = COM_applyFilter($_POST['max_image_width'], true); $album->max_filesize = COM_applyFilter($_POST['max_filesize'], true); if ($album->max_filesize != 0) { $album->max_filesize = $album->max_filesize * 1024; } $album->display_image_size = COM_applyFilter($_POST['display_image_size'], true); $album->display_rows = COM_applyFilter($_POST['display_rows'], true); $album->display_columns = COM_applyFilter($_POST['display_columns'], true); $album->skin = COM_applyFilter($_POST['album_theme']); if (isset($_POST['filename_title'])) { $album->filename_title = COM_applyFilter($_POST['filename_title'], true); } else { $album->filename_title = 0; } $album->shopping_cart = 0; if (isset($_POST['wm_auto'])) { $album->wm_auto = COM_applyFilter($_POST['wm_auto'], true); } else { $album->wm_auto = 0; } $album->wm_id = COM_applyFilter($_POST['wm_id']); $album->wm_opacity = COM_applyFilter($_POST['wm_opacity'], true); $album->wm_location = COM_applyFilter($_POST['wm_location'], true); $album->album_sort_order = COM_applyFilter($_POST['album_sort_order'], true); if (isset($_POST['uploads'])) { $album->member_uploads = COM_applyFilter($_POST['uploads'], true); } else { $album->member_uploads = 0; } if (isset($_POST['moderate'])) { $album->moderate = COM_applyFilter($_POST['moderate'], true); } else { $album->moderate = 0; } if (isset($_POST['email_mod'])) { $album->email_mod = COM_applyFilter($_POST['email_mod'], true); } else { $album->email_mod = 0; } if (isset($_POST['podcast'])) { $album->podcast = COM_applyFilter($_POST['podcast'], true); } else { $album->podcast = 0; } if (isset($_POST['mp3ribbon'])) { $album->mp3ribbon = COM_applyFilter($_POST['mp3ribbon'], true); } else { $album->mp3ribbon = 0; } if (isset($_POST['rsschildren'])) { $album->rssChildren = COM_applyFilter($_POST['rsschildren'], true); } else { $album->rssChildren = 0; } if (isset($_POST['tnheight'])) { $album->tnHeight = COM_applyFilter($_POST['tnheight'], true); if ($album->tnHeight == 0) { $album->tnHeight = 200; } } else { $album->tnHeight = 200; } if (isset($_POST['tnwidth'])) { $album->tnWidth = COM_applyFilter($_POST['tnwidth'], true); if ($album->tnWidth == 0) { $album->tnWidth = 200; } } else { $album->tnWidth = 200; } if (SEC_hasRights('mediagallery.admin')) { $format_jpg = isset($_POST['format_jpg']) ? COM_applyFilter($_POST['format_jpg'], true) : 0; $format_png = isset($_POST['format_png']) ? COM_applyFilter($_POST['format_png'], true) : 0; $format_tif = isset($_POST['format_tif']) ? COM_applyFilter($_POST['format_tif'], true) : 0; $format_gif = isset($_POST['format_gif']) ? COM_applyFilter($_POST['format_gif'], true) : 0; $format_bmp = isset($_POST['format_bmp']) ? COM_applyFilter($_POST['format_bmp'], true) : 0; $format_tga = isset($_POST['format_tga']) ? COM_applyFilter($_POST['format_tga'], true) : 0; $format_psd = isset($_POST['format_psd']) ? COM_applyFilter($_POST['format_psd'], true) : 0; $format_mp3 = isset($_POST['format_mp3']) ? COM_applyFilter($_POST['format_mp3'], true) : 0; $format_ogg = isset($_POST['format_ogg']) ? COM_applyFilter($_POST['format_ogg'], true) : 0; $format_asf = isset($_POST['format_asf']) ? COM_applyFilter($_POST['format_asf'], true) : 0; $format_swf = isset($_POST['format_swf']) ? COM_applyFilter($_POST['format_swf'], true) : 0; $format_mov = isset($_POST['format_mov']) ? COM_applyFilter($_POST['format_mov'], true) : 0; $format_mp4 = isset($_POST['format_mp4']) ? COM_applyFilter($_POST['format_mp4'], true) : 0; $format_mpg = isset($_POST['format_mpg']) ? COM_applyFilter($_POST['format_mpg'], true) : 0; $format_zip = isset($_POST['format_zip']) ? COM_applyFilter($_POST['format_zip'], true) : 0; $format_other = isset($_POST['format_other']) ? COM_applyFilter($_POST['format_other'], true) : 0; $format_flv = isset($_POST['format_flv']) ? COM_applyFilter($_POST['format_flv'], true) : 0; $format_rflv = isset($_POST['format_rflv']) ? COM_applyFilter($_POST['format_rflv'], true) : 0; $format_emb = isset($_POST['format_emb']) ? COM_applyFilter($_POST['format_emb'], true) : 0; $album->valid_formats = $format_jpg + $format_png + $format_tif + $format_gif + $format_bmp + $format_tga + $format_psd + $format_mp3 + $format_ogg + $format_asf + $format_swf + $format_mov + $format_mp4 + $format_mpg + $format_zip + $format_other + $format_flv + $format_rflv + $format_emb; if (isset($_POST['featured'])) { $album->featured = COM_applyFilter($_POST['featured'], true); // admin only } else { $album->featured = 0; } $album->cbposition = COM_applyFilter($_POST['featureposition'], true); // admin only $album->cbpage = COM_applyFilter($_POST['featurepage']); // admin only $album->group_id = isset($_POST['group_id']) ? COM_applyFilter($_POST['group_id']) : 0; // admin only $album->mod_group_id = isset($_POST['mod_id']) ? COM_applyFilter($_POST['mod_id'], true) : 0; // admin only $perm_owner = isset($_POST['perm_owner']) ? $_POST['perm_owner'] : 0; // admin only $perm_group = isset($_POST['perm_group']) ? $_POST['perm_group'] : 0; // admin only $perm_members = isset($_POST['perm_members']) ? $_POST['perm_members'] : 0; $perm_anon = isset($_POST['perm_anon']) ? $_POST['perm_anon'] : 0; list($album->perm_owner, $album->perm_group, $album->perm_members, $album->perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); } else { $perm_owner = $album->perm_owner; // already set by existing album? $perm_group = $album->perm_group; // already set by existing album? if ($update == 0) { if (isset($MG_albums[$album->parent]->group_id)) { $grp_id = $MG_albums[$album->parent]->group_id; $album->group_id = $grp_id; } else { $gresult = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_name LIKE 'mediagallery Admin'"); $grow = DB_fetchArray($gresult); $grp_id = $grow['grp_id']; $album->group_id = $grp_id; // only do these two if create.... } $album->mod_group_id = $_MG_CONF['member_mod_group_id']; if ($album->mod_group_id == '' || $album->mod_group_id < 1) { $album->mod_group_id = $grp_id; } } $perm_members = $_POST['perm_members']; $perm_anon = $_POST['perm_anon']; list($junk1, $junk2, $album->perm_members, $album->perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon); } if (isset($_POST['owner_id'])) { $album->owner_id = COM_applyFilter($_POST['owner_id']); } else { $album->owner_id = 2; } // simple check to see if we can create off the album root... if (!SEC_hasRights('mediagallery.admin')) { if ($album->parent == $_MG_CONF['member_album_root'] && $update == 0) { if ($_MG_CONF['member_create_new'] == 0) { return MG_errorHandler("Cannot create a new album off the member root, please select a new parent album"); } } } // final permission check to make sure we have the proper rights to create here.... if ($album->parent == 0 && $update == 0 && !$_MG_CONF['member_albums'] == 1 && !$_MG_CONF['member_album_root'] == 0) { // see if we are mediagallery.admin if (!SEC_hasRights('mediagallery.admin')) { COM_errorLog("MediaGallery: Someone has tried to illegally save a Media Gallery Album in Root. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } } elseif ($album->parent != 0) { if (!isset($MG_albums[$album->parent]->id)) { // does not exist... COM_errorLog("MediaGallery: Someone has tried to save a album to non-existent parent album. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } else { if ($MG_albums[$album->parent]->access != 3 && !SEC_hasRights('mediagallery.admin') && !$_MG_CONF['member_albums'] && !($_MG_CONF['member_album_root'] == $MG_album[$album->parent]->id)) { COM_errorLog("MediaGallery: Someone has tried to illegally save a Media Gallery Album. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1); return MG_genericError($LANG_MG00['access_denied_msg']); } } } if ($old_tn_attached == 0 && $album->tn_attached == 1 && $thumb['tmp_name'] == '') { $album->tn_attached = 0; } if ($old_tn_attached == 1 && $album->tn_attached == 0) { $remove_old_tn = 1; } else { $remove_old_tn = 0; } if ($thumb['tmp_name'] != '' && $album->tn_attached == 1) { $thumbnail = $thumb['tmp_name']; $attachtn = 1; } else { $attachtn = 0; } // pull the watermark id associated with the filename... if ($album->wm_id == 'blank.png') { $wm_id = 0; } else { $wm_id = DB_getItem($_TABLES['mg_watermarks'], 'wm_id', 'filename="' . DB_escapeString($album->wm_id) . '"'); } if ($wm_id == '') { $wm_id = 0; } if ($wm_id == 0) { $album->wm_auto = 0; } $album->wm_id = $wm_id; // handle new featured albums if (SEC_hasRights('mediagallery.admin')) { if ($album->featured) { // check for other featured albums, we can only have one $sql = "SELECT album_id FROM {$_TABLES['mg_albums']} WHERE featured=1 AND cbpage='" . DB_escapeString($album->cbpage) . "'"; $result = DB_query($sql); $nRows = DB_numRows($result); if ($nRows > 0) { $row = DB_fetchArray($result); $sql = "UPDATE {$_TABLES['mg_albums']} SET featured=0 WHERE album_id=" . $row['album_id']; DB_query($sql); } } } else { // if a new album, set the member album defaults since we are a non-admin if ($album->isMemberAlbum() && update == 0) { $album->perm_owner = $_MG_CONF['member_perm_owner']; $album->perm_group = $_MG_CONF['member_perm_group']; $album->enable_random = $_MG_CONF['member_enable_random']; $album->max_image_height = $_MG_CONF['member_max_height']; $album->max_image_width = $_MG_CONF['member_max_width']; $album->max_filesize = $_MG_CONF['member_max_filesize']; $album->member_uploads = $_MG_CONF['member_uploads']; $album->moderate = $_MG_CONF['member_moderate']; $album->email_mod = $_MG_CONF['member_email_mod']; $album->valid_formats = $_MG_CONF['member_valid_formats']; } } $album->title = substr($album->title, 0, 254); if ($_DB_dbms == "mssql") { $album->description = substr($album->description, 0, 1500); } if ($album->last_update == '') { $album->last_update = 0; } $album->last_update = intval($album->last_update); if ($album->id < 1) { $album->id = $album->createAlbumID(); $aid = $album->id; $album->order = $album->getNextSortOrder(); } if ($album->id == 0) { COM_errorLog("MediaGallery: Internal Error - album_id = 0 - Contact mark@glfusion.org "); return MG_genericError($LANG_MG00['access_denied_msg']); } $album->saveAlbum(); $album->updateChildPermissions($forceChildPermUpdate); // now handle the attached cover... if ($attachtn == 1) { if (!function_exists('MG_getFile')) { require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php'; } $media_filename = $_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id; MG_attachThumbnail($album->id, $thumbnail, $media_filename); } if ($remove_old_tn == 1) { foreach ($_MG_CONF['validExtensions'] as $ext) { if (file_exists($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id . $ext)) { @unlink($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id . $ext); break; } } } MG_initAlbums(1); // do any album sorting here... if (isset($MG_albums[$aid]) && $MG_albums[$aid]->parent == 0) { switch ($MG_albums[$aid]->album_sort_order) { case 0: break; case 3: // upload, asc MG_staticSortAlbum($aid, 2, 1, 0); break; case 4: // upload, desc MG_staticSortAlbum($aid, 2, 0, 0); break; case 5: // title, asc MG_staticSortAlbum($aid, 0, 1, 0); break; case 6: // title, desc MG_staticSortAlbum($aid, 0, 0, 0); break; case 7: // rating, desc MG_staticSortAlbum($aid, 3, 0, 0); break; case 8: // rating, desc MG_staticSortAlbum($aid, 3, 1, 0); break; default: // skip it... break; } } else { // not a root album... switch ($MG_albums[$MG_albums[$aid]->parent]->album_sort_order) { case 0: break; case 3: // upload, asc MG_staticSortAlbum($MG_albums[$aid]->parent, 2, 1, 0); break; case 4: // upload, desc MG_staticSortAlbum($MG_albums[$aid]->parent, 2, 0, 0); break; case 5: // title, asc MG_staticSortAlbum($MG_albums[$aid]->parent, 0, 1, 0); break; case 6: // title, desc MG_staticSortAlbum($MG_albums[$aid]->parent, 0, 0, 0); break; case 7: // rating, desc MG_staticSortAlbum($MG_albums[$aid]->parent, 3, 0, 0); break; case 8: // rating, desc MG_staticSortAlbum($MG_albums[$aid]->parent, 3, 1, 0); break; default: // skip it... break; } // now call it for myself to sort my subs switch ($MG_albums[$aid]->album_sort_order) { case 0: break; case 3: // upload, asc MG_staticSortAlbum($aid, 2, 1, 0); break; case 4: // upload, desc MG_staticSortAlbum($aid, 2, 0, 0); break; case 5: // title, asc MG_staticSortAlbum($aid, 0, 1, 0); break; case 6: // title, desc MG_staticSortAlbum($aid, 0, 0, 0); break; case 7: // rating, desc MG_staticSortAlbum($aid, 3, 0, 0); break; case 8: // rating, desc MG_staticSortAlbum($aid, 3, 1, 0); break; default: // skip it... break; } } if (!function_exists('MG_buildFullRSS')) { require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php'; } MG_buildFullRSS(); MG_buildAlbumRSS($album->id); $actionURL = $_MG_CONF['site_url'] . '/album.php?aid=' . $album->id; echo COM_refresh($actionURL); exit; }
function MG_saveCategory($cat_id) { global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST; $update = 0; $A['cat_id'] = COM_applyFilter($_POST['cat_id'], true); // if ($_MG_CONF['htmlallowed'] == 1 ) { // $A['cat_name'] = DB_escapeString(COM_checkHTML(COM_killJS($_POST['cat_name']))); // $A['cat_description'] = DB_escapeString(COM_checkHTML(COM_killJS($_POST['cat_desc']))); // } else { $A['cat_name'] = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_name']))))); $A['cat_description'] = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['cat_desc']))))); // } if ($A['cat_name'] == "") { return MG_errorHandler($LANG_MG01['category_error']); } $sql = "SELECT MAX(cat_order) + 1 AS nextcat_order FROM " . $_TABLES['mg_category']; $result = DB_query($sql); $row = DB_fetchArray($result); if ($row == NULL || $result == NULL) { $A['cat_order'] = 10; } else { $A['cat_order'] = $row['nextcat_order']; if ($A['cat_order'] < 0) { $A['cat_order'] = 10; } } if ($A['cat_order'] == NULL) { $A['cat_order'] = 10; } // // -- Let's make sure we don't have any SQL overflows... // $A['cat_name'] = substr($A['cat_name'], 0, 254); if ($A['cat_id'] == 0) { COM_errorLog("Media Gallery Internal Error - cat_id = 0 - Contact support@glfusion.org "); return MG_genericError($LANG_MG00['access_denied_msg']); } DB_save($_TABLES['mg_category'], "cat_id,cat_name,cat_description,cat_order", "'{$A['cat_id']}','{$A['cat_name']}','{$A['cat_description']}',{$A['cat_order']}"); echo COM_refresh($_MG_CONF['admin_url'] . 'category.php'); exit; }
function MG_saveStaticSortMedia($album_id, $actionURL = '') { global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST; // check permissions... if ($album_id == 0) { COM_errorLog("Media Gallery: Invalid album_id passed to sort"); return MG_genericError($LANG_MG00['access_denied_msg']); } // // -- get the sort options // $sortby = COM_applyFilter($_POST['sortyby'], true); $sortorder = COM_applyFilter($_POST['sortorder'], true); switch ($sortby) { case '0': // media_time $sql_sort_by = " ORDER BY m.media_time "; break; case '1': // media_upload_time $sql_sort_by = " ORDER BY m.media_upload_time "; break; case '2': // media title $sql_sort_by = " ORDER BY m.media_title "; break; case '3': // media original filename $sql_sort_by = " ORDER BY m.media_original_filename "; break; case '4': // rating $sql_sort_by = " ORDER BY m.media_rating "; break; default: $sql_sort_by = " ORDER BY m.media_time "; break; } switch ($sortorder) { case '0': // ascending $sql_order = " DESC"; break; case '1': // descending $sql_order = " ASC"; break; default: $sql_order = " ASC"; break; } $sql = "SELECT *\n FROM " . $_TABLES['mg_media_albums'] . " as ma LEFT JOIN " . $_TABLES['mg_media'] . " as m ON m.media_id = ma.media_id\n WHERE ma.album_id=" . intval($album_id) . $sql_sort_by . $sql_order; $order = 10; $result = DB_query($sql); $numRows = DB_numRows($result); for ($x = 0; $x < $numRows; $x++) { $row = DB_fetchArray($result); $media_id[$x] = $row['media_id']; $media_order[$x] = $order; $order += 10; } $media_count = $numRows; for ($x = 0; $x < $media_count; $x++) { $sql = "UPDATE " . $_TABLES['mg_media_albums'] . " SET media_order=" . $media_order[$x] . " WHERE media_id='" . $media_id[$x] . "' AND album_id=" . $album_id; $res = DB_query($sql); } echo COM_refresh($actionURL); exit; }
/** * Saves the global configuration to all albums * * @return string HTML * */ function MG_saveGlobalAlbumAttr() { global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST; if (!SEC_hasRights('mediagallery.admin')) { COM_errorLog("Media Gallery user attempted to edit global album attributes without proper accss."); return MG_genericError($LANG_MG00['access_denied_msg']); } $startaid = COM_applyFilter($_POST['startaid'], true); $A['enable_comments'] = isset($_POST['enable_comments']) ? COM_applyFilter($_POST['enable_comments'], true) : 0; $A['exif_display'] = isset($_POST['enable_exif']) ? COM_applyFilter($_POST['enable_exif'], true) : 0; $A['enable_rating'] = isset($_POST['enable_rating']) ? COM_applyFilter($_POST['enable_rating'], true) : 0; $A['rsschildren'] = isset($_POST['rsschildren']) ? COM_applyFilter($_POST['rsschildren'], true) : 0; $A['podcast'] = isset($_POST['podcast']) ? COM_applyFilter($_POST['podcast'], true) : 0; $A['mp3ribbon'] = isset($_POST['mp3ribbon']) ? COM_applyFilter($_POST['mp3ribbon'], true) : 0; $A['playback_type'] = isset($_POST['playback_type']) ? COM_applyFilter($_POST['playback_type'], true) : 0; $A['enable_slideshow'] = isset($_POST['enable_slideshow']) ? COM_applyFilter($_POST['enable_slideshow'], true) : 0; $A['enable_random'] = isset($_POST['enable_random']) ? COM_applyFilter($_POST['enable_random'], true) : 0; $A['enable_shutterfly'] = isset($_POST['enable_shutterfly']) ? COM_applyFilter($_POST['enable_shutterfly'], true) : 0; $A['enable_views'] = isset($_POST['enable_views']) ? COM_applyFilter($_POST['enable_views'], true) : 0; $A['enable_keywords'] = isset($_POST['enable_keywords']) ? COM_applyFilter($_POST['enable_keywords'], true) : 0; $A['enable_sort'] = isset($_POST['enable_sort']) ? COM_applyFilter($_POST['enable_sort'], true) : 0; $A['albums_first'] = isset($_POST['albums_first']) ? COM_applyFilter($_POST['albums_first'], true) : 0; $A['tn_size'] = isset($_POST['tn_size']) ? COM_applyFilter($_POST['tn_size'], true) : 0; $A['tn_height'] = isset($_POST['tnheight']) ? COM_applyFilter($_POST['tnheight'], true) : 200; $A['tn_width'] = isset($_POST['tnwidth']) ? COM_applyFilter($_POST['tnwidth'], true) : 200; if ($A['tn_height'] == 0) { $A['tn_height'] = 200; } if ($A['tn_width'] == 0) { $A['tn_width'] = 200; } $A['display_rows'] = isset($_POST['display_rows']) ? COM_applyFilter($_POST['display_rows'], true) : 0; $A['display_columns'] = isset($_POST['display_columns']) ? COM_applyFilter($_POST['display_columns'], true) : 0; $A['full_display'] = isset($_POST['full_display']) ? COM_applyFilter($_POST['full_display'], true) : 0; $A['max_image_height'] = isset($_POST['max_image_height']) ? COM_applyFilter($_POST['max_image_height'], true) : 0; $A['max_image_width'] = isset($_POST['max_image_width']) ? COM_applyFilter($_POST['max_image_width'], true) : 0; $A['max_filesize'] = isset($_POST['max_filesize']) ? COM_applyFilter($_POST['max_filesize'], true) : 0; $A['display_image_size'] = isset($_POST['display_image_size']) ? COM_applyFilter($_POST['display_image_size'], true) : 0; $A['enable_album_views'] = isset($_POST['enable_album_views']) ? COM_applyFilter($_POST['enable_album_views'], true) : 0; $A['enable_rss'] = isset($_POST['enable_rss']) ? COM_applyFilter($_POST['enable_rss'], true) : 0; $A['enable_postcard'] = isset($_POST['enable_postcard']) ? COM_applyFilter($_POST['enable_postcard'], true) : 0; $A['allow_download'] = isset($_POST['allow_download']) ? COM_applyFilter($_POST['allow_download'], true) : 0; $A['display_album_desc'] = isset($_POST['display_album_desc']) ? COM_applyFilter($_POST['display_album_desc'], true) : 0; $A['filename_title'] = isset($_POST['filename_title']) ? COM_applyFilter($_POST['filename_title'], true) : 0; $A['image_skin'] = COM_applyFilter($_POST['skin']); $A['album_skin'] = COM_applyFilter($_POST['askin']); $A['display_skin'] = COM_applyFilter($_POST['dskin']); $A['skin'] = COM_applyFilter($_POST['album_theme']); // valid media formats.... $format_jpg = isset($_POST['format_jpg']) ? COM_applyFilter($_POST['format_jpg'], true) : 0; $format_png = isset($_POST['format_png']) ? COM_applyFilter($_POST['format_png'], true) : 0; $format_tif = isset($_POST['format_tif']) ? COM_applyFilter($_POST['format_tif'], true) : 0; $format_gif = isset($_POST['format_gif']) ? COM_applyFilter($_POST['format_gif'], true) : 0; $format_bmp = isset($_POST['format_bmp']) ? COM_applyFilter($_POST['format_bmp'], true) : 0; $format_tga = isset($_POST['format_tga']) ? COM_applyFilter($_POST['format_tga'], true) : 0; $format_psd = isset($_POST['format_psd']) ? COM_applyFilter($_POST['format_psd'], true) : 0; $format_mp3 = isset($_POST['format_mp3']) ? COM_applyFilter($_POST['format_mp3'], true) : 0; $format_ogg = isset($_POST['format_ogg']) ? COM_applyFilter($_POST['format_ogg'], true) : 0; $format_asf = isset($_POST['format_asf']) ? COM_applyFilter($_POST['format_asf'], true) : 0; $format_swf = isset($_POST['format_swf']) ? COM_applyFilter($_POST['format_swf'], true) : 0; $format_mov = isset($_POST['format_mov']) ? COM_applyFilter($_POST['format_mov'], true) : 0; $format_mp4 = isset($_POST['format_mp4']) ? COM_applyFilter($_POST['format_mp4'], true) : 0; $format_mpg = isset($_POST['format_mpg']) ? COM_applyFilter($_POST['format_mpg'], true) : 0; $format_zip = isset($_POST['format_zip']) ? COM_applyFilter($_POST['format_zip'], true) : 0; $format_other = isset($_POST['format_other']) ? COM_applyFilter($_POST['format_other'], true) : 0; $format_flv = isset($_POST['format_flv']) ? COM_applyFilter($_POST['format_flv'], true) : 0; $format_rflv = isset($_POST['format_rflv']) ? COM_applyFilter($_POST['format_rflv'], true) : 0; $format_emb = isset($_POST['format_emb']) ? COM_applyFilter($_POST['format_emb'], true) : 0; $valid_formats = $format_jpg + $format_png + $format_tif + $format_gif + $format_bmp + $format_tga + $format_psd + $format_mp3 + $format_ogg + $format_asf + $format_swf + $format_mov + $format_mp4 + $format_mpg + $format_zip + $format_other + $format_flv + $format_rflv + $format_emb; $comment_active = isset($_POST['comment_active']) ? COM_applyFilter($_POST['comment_active'], true) : 0; $exif_active = isset($_POST['exif_active']) ? COM_applyFilter($_POST['exif_active'], true) : 0; $rating_active = isset($_POST['rating_active']) ? COM_applyFilter($_POST['rating_active'], true) : 0; $rsschildren_active = isset($_POST['rsschildren_active']) ? COM_applyFilter($_POST['rsschildren_active'], true) : 0; $podcast_active = isset($_POST['podcast_active']) ? COM_applyFilter($_POST['podcast_active'], true) : 0; $mp3ribbon_active = isset($_POST['mp3ribbon_active']) ? COM_applyFilter($_POST['mp3ribbon_active'], true) : 0; $playback_active = isset($_POST['playback_active']) ? COM_applyFilter($_POST['playback_active'], true) : 0; $slideshow_active = isset($_POST['slideshow_active']) ? COM_applyFilter($_POST['slideshow_active'], true) : 0; $random_active = isset($_POST['random_active']) ? COM_applyFilter($_POST['random_active'], true) : 0; $shutterfly_active = isset($_POST['shutterfly_active']) ? COM_applyFilter($_POST['shutterfly_active'], true) : 0; $views_active = isset($_POST['views_active']) ? COM_applyFilter($_POST['views_active'], true) : 0; $keywords_active = isset($_POST['keywords_active']) ? COM_applyFilter($_POST['keywords_active'], true) : 0; $sort_active = isset($_POST['sort_active']) ? COM_applyFilter($_POST['sort_active'], true) : 0; $afirst_active = isset($_POST['afirst_active']) ? COM_applyFilter($_POST['afirst_active'], true) : 0; $thumbnail_active = isset($_POST['thumbnail_active']) ? COM_applyFilter($_POST['thumbnail_active'], true) : 0; $tnheight_active = isset($_POST['tnheight_active']) ? COM_applyFilter($_POST['tnheight_active'], true) : 0; $tnwidth_active = isset($_POST['tnwidth_active']) ? COM_applyFilter($_POST['tnwidth_active'], true) : 0; $rows_active = isset($_POST['rows_active']) ? COM_applyFilter($_POST['rows_active'], true) : 0; $columns_active = isset($_POST['columns_active']) ? COM_applyFilter($_POST['columns_active'], true) : 0; $full_display_active = isset($_POST['full_display_active']) ? COM_applyFilter($_POST['full_display_active'], true) : 0; $max_image_height_active = isset($_POST['max_image_height_active']) ? COM_applyFilter($_POST['max_image_height_active'], true) : 0; $max_image_width_active = isset($_POST['max_image_width_active']) ? COM_applyFilter($_POST['max_image_width_active'], true) : 0; $max_filesize_active = isset($_POST['max_filesize_active']) ? COM_applyFilter($_POST['max_filesize_active'], true) : 0; $display_image_size_active = isset($_POST['display_image_size_active']) ? COM_applyFilter($_POST['display_image_size_active'], true) : 0; $album_views_active = isset($_POST['album_views_active']) ? COM_applyFilter($_POST['album_views_active'], true) : 0; $enable_rss_active = isset($_POST['enable_rss_active']) ? COM_applyFilter($_POST['enable_rss_active'], true) : 0; $enable_postcard_active = isset($_POST['enable_postcard_active']) ? COM_applyFilter($_POST['enable_postcard_active'], true) : 0; $allow_download_active = isset($_POST['allow_download_active']) ? COM_applyFilter($_POST['allow_download_active'], true) : 0; $display_album_desc_active = isset($_POST['display_album_desc_active']) ? COM_applyFilter($_POST['display_album_desc_active'], true) : 0; $formats_active = isset($_POST['formats_active']) ? COM_applyFilter($_POST['formats_active'], true) : 0; $filename_title_active = isset($_POST['filename_title_active']) ? COM_applyFIlter($_POST['filename_title_active'], true) : 0; $image_skin_active = isset($_POST['image_skin_active']) ? COM_applyFilter($_POST['image_skin_active'], true) : 0; $album_skin_active = isset($_POST['album_skin_active']) ? COM_applyFilter($_POST['album_skin_active'], true) : 0; $display_skin_active = isset($_POST['display_skin_active']) ? COM_applyFilter($_POST['display_skin_active'], true) : 0; $admin_menu = isset($_POST['admin_menu']) ? COM_applyFilter($_POST['admin_menu'], true) : 0; $album_theme_active = isset($_POST['album_theme_active']) ? COM_applyFilter($_POST['album_theme_active'], true) : 0; if ($A['display_rows'] < 1 || $A['display_rows'] > 99) { $A['display_rows'] = 4; } if ($A['display_columns'] < 1 || $A['display_columns'] > 9) { $A['display_columns'] = 3; } $updateSQL = ''; $updateSQL .= $comment_active ? "enable_comments={$A['enable_comments']}" : ''; $updateSQL .= $exif_active ? ($updateSQL != '' ? ',' : '') . "exif_display={$A['exif_display']}" : ''; $updateSQL .= $rating_active ? ($updateSQL != '' ? ',' : '') . "enable_rating={$A['enable_rating']}" : ''; $updateSQL .= $rsschildren_active ? ($updateSQL != '' ? ',' : '') . "rsschildren={$A['rsschildren']}" : ''; $updateSQL .= $podcast_active ? ($updateSQL != '' ? ',' : '') . "podcast={$A['podcast']}" : ''; $updateSQL .= $mp3ribbon_active ? ($updateSQL != '' ? ',' : '') . "mp3ribbon={$A['mp3ribbon']}" : ''; $updateSQL .= $playback_active ? ($updateSQL != '' ? ',' : '') . "playback_type={$A['playback_type']}" : ''; $updateSQL .= $slideshow_active ? ($updateSQL != '' ? ',' : '') . "enable_slideshow={$A['enable_slideshow']}" : ''; $updateSQL .= $random_active ? ($updateSQL != '' ? ',' : '') . "enable_random={$A['enable_random']}" : ''; $updateSQL .= $shutterfly_active ? ($updateSQL != '' ? ',' : '') . "enable_shutterfly={$A['enable_shutterfly']}" : ''; $updateSQL .= $views_active ? ($updateSQL != '' ? ',' : '') . "enable_views={$A['enable_views']}" : ''; $updateSQL .= $keywords_active ? ($updateSQL != '' ? ',' : '') . "enable_keywords={$A['enable_keywords']}" : ''; $updateSQL .= $sort_active ? ($updateSQL != '' ? ',' : '') . "enable_sort={$A['enable_sort']}" : ''; $updateSQL .= $afirst_active ? ($updateSQL != '' ? ',' : '') . "albums_first={$A['albums_first']}" : ''; $updateSQL .= $thumbnail_active ? ($updateSQL != '' ? ',' : '') . "tn_size={$A['tn_size']}" : ''; $updateSQL .= $tnheight_active ? ($updateSQL != '' ? ',' : '') . "tnheight={$A['tn_height']}" : ''; $updateSQL .= $tnwidth_active ? ($updateSQL != '' ? ',' : '') . "tnwidth={$A['tn_width']}" : ''; $updateSQL .= $rows_active ? ($updateSQL != '' ? ',' : '') . "display_rows={$A['display_rows']}" : ''; $updateSQL .= $columns_active ? ($updateSQL != '' ? ',' : '') . "display_columns={$A['display_columns']}" : ''; $updateSQL .= $full_display_active ? ($updateSQL != '' ? ',' : '') . "full_display={$A['full_display']}" : ''; $updateSQL .= $allow_download_active ? ($updateSQL != '' ? ',' : '') . "allow_download={$A['allow_download']}" : ''; $updateSQL .= $display_album_desc_active ? ($updateSQL != '' ? ',' : '') . "display_album_desc={$A['display_album_desc']}" : ''; $updateSQL .= $formats_active ? ($updateSQL != '' ? ',' : '') . "valid_formats={$valid_formats}" : ''; $updateSQL .= $filename_title_active ? ($updateSQL != '' ? ',' : '') . "filename_title={$A['filename_title']}" : ''; $updateSQL .= $album_theme_active ? ($updateSQL != '' ? ',' : '') . "skin=\"{$A['skin']}\"" : ''; $updateSQL .= $max_image_height_active ? ($updateSQL != '' ? ',' : '') . "max_image_height={$A['max_image_height']}" : ''; $updateSQL .= $max_image_width_active ? ($updateSQL != '' ? ',' : '') . "max_image_width={$A['max_image_width']}" : ''; $updateSQL .= $max_filesize_active ? ($updateSQL != '' ? ',' : '') . "max_filesize={$A['max_filesize']}" : ''; $updateSQL .= $display_image_size_active ? ($updateSQL != '' ? ',' : '') . "display_image_size={$A['display_image_size']}" : ''; $updateSQL .= $album_views_active ? ($updateSQL != '' ? ',' : '') . "enable_album_views={$A['enable_album_views']}" : ''; $updateSQL .= $enable_rss_active ? ($updateSQL != '' ? ',' : '') . "enable_rss={$A['enable_rss']}" : ''; $updateSQL .= $enable_postcard_active ? ($updateSQL != '' ? ',' : '') . "enable_postcard={$A['enable_postcard']}" : ''; $updateSQL .= $image_skin_active ? ($updateSQL != '' ? ',' : '') . "image_skin=\"{$A['image_skin']}\"" : ''; $updateSQL .= $album_skin_active ? ($updateSQL != '' ? ',' : '') . "album_skin=\"{$A['album_skin']}\"" : ''; $updateSQL .= $display_skin_active ? ($updateSQL != '' ? ',' : '') . "display_skin=\"{$A['display_skin']}\"" : ''; if ($updateSQL != '') { if ($startaid == 0) { $sql = "UPDATE {$_TABLES['mg_albums']} SET " . $updateSQL; DB_query($sql); if ($enable_rss_active) { require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php'; MG_buildFullRSS(); MG_GlobalrebuildAllAlbumsRSS(0); } } else { MG_saveGlobalAlbumAttrChildren($startaid, $updateSQL); if ($enable_rss_active) { require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php'; MG_buildFullRSS(); MG_GlobalrebuildAllAlbumsRSS($startaid); } } } if ($admin_menu == 1) { echo COM_refresh($_MG_CONF['admin_url'] . 'index.php?msg=11'); } else { echo COM_refresh($_MG_CONF['site_url'] . '/index.php'); } exit; }