function delete_album($aid)
{
global $CONFIG, $lang_errors, $lang_delete_php, $LINEBREAK;
$return = '';
$query = "SELECT title, category, owner FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid ='{$aid}'";
$result = cpg_db_query($query);
if (!$result->numRows()) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$album_data = $result->fetchAssoc(true);
if (!GALLERY_ADMIN_MODE) {
if ($album_data['category'] != FIRST_USER_CAT + USER_ID && $album_data['owner'] != USER_ID) {
cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
}
$query = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='{$aid}'";
$result = cpg_db_query($query);
// Delete all files
$loopCounter = 0;
while ($pic = $result->fetchAssoc()) {
if ($loopCounter / 2 == floor($loopCounter / 2)) {
$tablecellstyle = 'tableb';
} else {
$tablecellstyle = 'tableb tableb_alternate';
}
ob_start();
delete_picture($pic['pid'], $tablecellstyle);
$return .= ob_get_contents();
$loopCounter++;
ob_end_clean();
}
$result->free();
// Delete album
$query = "DELETE FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$aid}'";
cpg_db_query($query);
if (cpg_db_affected_rows() > 0) {
$return .= "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['alb_del_success'], $album_data['title']) . '</td></tr>' . $LINEBREAK;
}
return $return;
}
// Wrap the IP address into single quotes if populated
}
cpg_db_query("INSERT INTO {$CONFIG['TABLE_BANNED']} (user_id, user_name, email, ip_addr, expiry) VALUES ({$post_user_id}, '{$post_user_name}', '{$post_email}', {$post_ip}, {$post_timestamp})");
$action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . $lang_banning_php['new_ban_record_created'] . '.</li>';
if ($superCage->post->keyExists('delete_comment') && $superCage->post->keyExists('comment_id')) {
$delete_what = $superCage->post->getInt('delete_comment');
if ($delete_what == 1) {
// delete the current comment only
$comm_id = $superCage->post->getInt('comment_id');
cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id = {$comm_id}");
$nb_com_del = cpg_db_affected_rows();
$action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . sprintf($lang_banning_php['comment_deleted'], $nb_com_del, $post_user_name) . '.</li>';
} elseif ($delete_what == 2) {
//delete all comments by this author
cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE author_id = {$post_user_id}");
$nb_com_del = cpg_db_affected_rows();
if ($nb_com_del != 0 && $post_user_name != '') {
$action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . sprintf($lang_banning_php['comment_deleted'], $nb_com_del, $post_user_name) . '.</li>';
}
}
//no need for an "else" - we don't delete a comment if else, i.e. if "none" has been selected
}
// Form fields for a new database record have been submit - let's create a new record --- end
}
// Determine wether form data for a new ban has been submit --- end
// Write the new record into the database --- end
}
// Processing of form data --- end
// Initialisze vars
$see_all_comments = '';
$checked_single = 'disabled="disabled"';
}
$ref = str_replace("pid={$pid}", "pid={$new_pid}", $ref);
}
$result->free();
}
}
$data = base64_encode(serialize($FAVPICS));
if (CPG_COOKIES_ALLOWED) {
setcookie($CONFIG['cookie_name'] . '_fav', $data, time() + CPG_DAY * 30, $CONFIG['cookie_path']);
}
// If the user is logged in then put it in the DB
if (USER_ID > 0) {
$sql = "UPDATE {$CONFIG['TABLE_FAVPICS']} SET user_favpics = '{$data}' WHERE user_id = " . USER_ID;
cpg_db_query($sql);
// User never stored a fav... so insert new row
if (!cpg_db_affected_rows()) {
$sql = "INSERT INTO {$CONFIG['TABLE_FAVPICS']} (user_id, user_favpics) VALUES (" . USER_ID . ", '{$data}')";
cpg_db_query($sql);
}
}
// Prepare message
if (in_array($pid, $FAVPICS)) {
$message_id = cpgStoreTempMessage($lang_rate_pic_php['fav_added']);
$message_icon = 'success';
} else {
$message_id = cpgStoreTempMessage($lang_rate_pic_php['fav_removed']);
$message_icon = 'info';
}
$ref .= strpos($ref, '?') !== FALSE ? '&' : '?';
$ref .= 'message_id=' . $message_id . '&message_icon=' . $message_icon . '#cpgMessageBlock';
$header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
}
$cid_set .= ')';
//Check if the form token is valid
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
if ($superCage->post->getAlpha('with_selected') == 'delete') {
// Delete selected comments if form is posted
cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id IN {$cid_set}");
$nb_com_del = cpg_db_affected_rows();
} elseif ($superCage->post->getAlpha('with_selected') == 'approve') {
cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET `approval` = 'YES' WHERE msg_id IN {$cid_set}");
$nb_com_yes = cpg_db_affected_rows();
} elseif ($superCage->post->getAlpha('with_selected') == 'disapprove') {
cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET `approval` = 'NO' WHERE msg_id IN {$cid_set}");
$nb_com_no = cpg_db_affected_rows();
}
}
// Submit ham samples back to akismet
if ($CONFIG['comment_akismet_api_key'] != '' && $CONFIG['comment_akismet_enable'] == 0) {
foreach ($akismet_ham_array as $key) {
$result = cpg_db_query("SELECT pid, msg_author, msg_body, msg_hdr_ip FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id='{$key}' LIMIT 1");
$comment_data = $result->fetchArray(true);
$akismet_result = cpg_akismet_submit_data($comment_evaluation_array, 'ham');
}
}
$result = cpg_db_query("SELECT count(*) FROM {$CONFIG['TABLE_COMMENTS']} WHERE 1");
$nbEnr = $result->fetchArray(true);
$comment_count = $nbEnr[0];
if (!$comment_count) {
cpg_die(INFORMATION, $lang_reviewcom_php['no_comment'], __FILE__, __LINE__);
