if (!$objAlbum->canEdit($objUser)) {
throw new Exception('exception_accessdenied');
}
/* Get the parent album based on the album_id that the user specified. */
$objAlbum->getFromRequest();
$objParent = new clsAlbum($objAlbum->get('album_id'));
if (!$objParent->canCreateSubalbum($objUser)) {
throw new Exception('exception_accessdenied');
}
/* Set the breadcrumbs and title. */
$objBreadcrumbs->add('Albums', 'index.php?action=albums');
$objAlbum->addBreadcrumbs($objBreadcrumbs, false);
$objBreadcrumbs->add('Edit', 'index.php?action=albums&subaction=edit');
$objTemplate->setText('PAGETITLE', "Editing an Album");
/* Set up the option list. */
if ($objParent->isNew()) {
$arrOptions = array(NO => "No", YES => "Yes");
} else {
$arrOptions = array(INHERIT => "Inherit", NO => "No", YES => "Yes");
}
/* On a new album, set the default policies. After this, the policy objects should never change. If the
* policy is 0, which may mean that it was an import, also set the default policies. */
if ($objAlbum->isNew() || $objAlbum->get('albumpolicy_guest_id') == 0) {
$objAlbum->setDefaultPolicies($objUser);
}
$objAlbumGuest = $objAlbum->getForeignObject('albumpolicy', 'guest');
$objAlbumMember = $objAlbum->getForeignObject('albumpolicy', 'member');
$objAlbumGroup = $objAlbum->getForeignObject('albumpolicy', 'group');
/* A tiny kludge, but it could be worse. This allows us to use these objects without conflicting names. */
$objAlbumGuest->setName('albumpolicy_guest');
$objAlbumMember->setName('albumpolicy_member');
if ($strSubAction == 'confirm') {
$user_id = $objUser ? $objUser->get('id') : 0;
$objPicture = new clsPicture();
$objPicture->getFromRequest(array('id', 'album_id', 'title', 'caption'));
$objPicture->load();
$objPicture->getFromRequest(array('id', 'album_id', 'title', 'caption'));
if ($objPicture->get('confirmed')) {
/* If the picture is already confirmed, just skip this. */
$strSubAction = 'preview';
} else {
if ($objPicture->get('user_id') != $user_id) {
throw new Exception('exception_accessdenied');
}
/* Make sure that users can only edit their own pictures. */
$objAlbum = new clsAlbum($objPicture->get('album_id'));
if ($objAlbum->isNew()) {
$objTemplate->setText('ERROR', "Please select an album for the picture.");
} elseif ($objAlbum->canPostPicture($objUser)) {
$objPicture->set('confirmed', 1);
$objPicture->set('date', date('Y-m-d H:i:s'));
$objPicture->save();
$objTemplate->setText('MESSAGE', "Picture has been saved [<a href='index.php?action=albums&" . $objAlbum->getIDPair() . "'>Go to album</a>].");
} else {
$objTemplate->setText('ERROR', "You are not allowed to post pictures in that category.");
}
$strSubAction = 'preview';
}
}
if ($strSubAction == 'delete') {
$user_id = $objUser ? $objUser->get('id') : 0;
$objPicture = new clsPicture();
