function delete_album($aid) { global $CONFIG, $lang_errors, $lang_delete_php, $LINEBREAK; $return = ''; $query = "SELECT title, category, owner FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid ='{$aid}'"; $result = cpg_db_query($query); if (!$result->numRows()) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $album_data = $result->fetchAssoc(true); if (!GALLERY_ADMIN_MODE) { if ($album_data['category'] != FIRST_USER_CAT + USER_ID && $album_data['owner'] != USER_ID) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } } $query = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='{$aid}'"; $result = cpg_db_query($query); // Delete all files $loopCounter = 0; while ($pic = $result->fetchAssoc()) { if ($loopCounter / 2 == floor($loopCounter / 2)) { $tablecellstyle = 'tableb'; } else { $tablecellstyle = 'tableb tableb_alternate'; } ob_start(); delete_picture($pic['pid'], $tablecellstyle); $return .= ob_get_contents(); $loopCounter++; ob_end_clean(); } $result->free(); // Delete album $query = "DELETE FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$aid}'"; cpg_db_query($query); if (cpg_db_affected_rows() > 0) { $return .= "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['alb_del_success'], $album_data['title']) . '</td></tr>' . $LINEBREAK; } return $return; }
// Wrap the IP address into single quotes if populated } cpg_db_query("INSERT INTO {$CONFIG['TABLE_BANNED']} (user_id, user_name, email, ip_addr, expiry) VALUES ({$post_user_id}, '{$post_user_name}', '{$post_email}', {$post_ip}, {$post_timestamp})"); $action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . $lang_banning_php['new_ban_record_created'] . '.</li>'; if ($superCage->post->keyExists('delete_comment') && $superCage->post->keyExists('comment_id')) { $delete_what = $superCage->post->getInt('delete_comment'); if ($delete_what == 1) { // delete the current comment only $comm_id = $superCage->post->getInt('comment_id'); cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id = {$comm_id}"); $nb_com_del = cpg_db_affected_rows(); $action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . sprintf($lang_banning_php['comment_deleted'], $nb_com_del, $post_user_name) . '.</li>'; } elseif ($delete_what == 2) { //delete all comments by this author cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE author_id = {$post_user_id}"); $nb_com_del = cpg_db_affected_rows(); if ($nb_com_del != 0 && $post_user_name != '') { $action_output .= '<li style="list-style-image:url(images/icons/ok.png)">' . sprintf($lang_banning_php['comment_deleted'], $nb_com_del, $post_user_name) . '.</li>'; } } //no need for an "else" - we don't delete a comment if else, i.e. if "none" has been selected } // Form fields for a new database record have been submit - let's create a new record --- end } // Determine wether form data for a new ban has been submit --- end // Write the new record into the database --- end } // Processing of form data --- end // Initialisze vars $see_all_comments = ''; $checked_single = 'disabled="disabled"';
} $ref = str_replace("pid={$pid}", "pid={$new_pid}", $ref); } $result->free(); } } $data = base64_encode(serialize($FAVPICS)); if (CPG_COOKIES_ALLOWED) { setcookie($CONFIG['cookie_name'] . '_fav', $data, time() + CPG_DAY * 30, $CONFIG['cookie_path']); } // If the user is logged in then put it in the DB if (USER_ID > 0) { $sql = "UPDATE {$CONFIG['TABLE_FAVPICS']} SET user_favpics = '{$data}' WHERE user_id = " . USER_ID; cpg_db_query($sql); // User never stored a fav... so insert new row if (!cpg_db_affected_rows()) { $sql = "INSERT INTO {$CONFIG['TABLE_FAVPICS']} (user_id, user_favpics) VALUES (" . USER_ID . ", '{$data}')"; cpg_db_query($sql); } } // Prepare message if (in_array($pid, $FAVPICS)) { $message_id = cpgStoreTempMessage($lang_rate_pic_php['fav_added']); $message_icon = 'success'; } else { $message_id = cpgStoreTempMessage($lang_rate_pic_php['fav_removed']); $message_icon = 'info'; } $ref .= strpos($ref, '?') !== FALSE ? '&' : '?'; $ref .= 'message_id=' . $message_id . '&message_icon=' . $message_icon . '#cpgMessageBlock'; $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
} $cid_set .= ')'; //Check if the form token is valid if (!checkFormToken()) { cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } if ($superCage->post->getAlpha('with_selected') == 'delete') { // Delete selected comments if form is posted cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id IN {$cid_set}"); $nb_com_del = cpg_db_affected_rows(); } elseif ($superCage->post->getAlpha('with_selected') == 'approve') { cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET `approval` = 'YES' WHERE msg_id IN {$cid_set}"); $nb_com_yes = cpg_db_affected_rows(); } elseif ($superCage->post->getAlpha('with_selected') == 'disapprove') { cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} SET `approval` = 'NO' WHERE msg_id IN {$cid_set}"); $nb_com_no = cpg_db_affected_rows(); } } // Submit ham samples back to akismet if ($CONFIG['comment_akismet_api_key'] != '' && $CONFIG['comment_akismet_enable'] == 0) { foreach ($akismet_ham_array as $key) { $result = cpg_db_query("SELECT pid, msg_author, msg_body, msg_hdr_ip FROM {$CONFIG['TABLE_COMMENTS']} WHERE msg_id='{$key}' LIMIT 1"); $comment_data = $result->fetchArray(true); $akismet_result = cpg_akismet_submit_data($comment_evaluation_array, 'ham'); } } $result = cpg_db_query("SELECT count(*) FROM {$CONFIG['TABLE_COMMENTS']} WHERE 1"); $nbEnr = $result->fetchArray(true); $comment_count = $nbEnr[0]; if (!$comment_count) { cpg_die(INFORMATION, $lang_reviewcom_php['no_comment'], __FILE__, __LINE__);