示例#1
0
文件: albums.php 项目: shifter/ospap2
}
if ($strSubAction == 'move2') {
    if (!$objAlbum->canEdit($objUser)) {
        throw new Exception('exception_accessdenied');
    }
    $objAlbum->getFromRequest();
    $objParent = new clsAlbum($objAlbum->get('album_id'));
    if (!$objParent->canCreateSubalbum($objUser)) {
        throw new Exception('exception_accessdenied');
    }
    /* TODO: Make sure albums can't be moved to their own children. */
    $objAlbum->save();
    header("Location: index.php?action=albums&" . $objAlbum->getIDPair());
}
if ($strSubAction == 'seen') {
    clsAlbum::markSeen($objUser, $objAlbum);
    if ($objAlbum->isNew()) {
        header("Location: index.php");
    } else {
        header("Location: index.php?action=albums&" . $objAlbum->getIDPair());
    }
}
if ($strSubAction == 'edit') {
    if (!$objAlbum->canEdit($objUser)) {
        throw new Exception('exception_accessdenied');
    }
    /* Get the parent album based on the album_id that the user specified. */
    $objAlbum->getFromRequest();
    $objParent = new clsAlbum($objAlbum->get('album_id'));
    if (!$objParent->canCreateSubalbum($objUser)) {
        throw new Exception('exception_accessdenied');
示例#2
0
}
if ($strSubAction == 'save') {
    if (!clsUser::canEdit($objMember, $objUser)) {
        throw new Exception('exception_accessdenied');
    }
    $objMember->getFromRequest(array('id', 'username', 'password1', 'password2', 'email', 'is_advanced', 'show_empty', 'remember_filter', 'realname', 'location'));
    if ($objMember->isNew()) {
        $ret = $objMember->attemptCreate();
        if (is_string($ret)) {
            $objMember->remove('password1');
            $objMember->remove('password2');
            header("Location: index.php?action=members&subaction=view&error={$ret}&" . $objMember->getQueryString());
        } else {
            $objUser = $ret;
            $_SESSION['objUser'] = $objUser;
            clsAlbum::markSeen($objUser);
            header("Location: index.php?message=register_successful");
        }
    } else {
        if (strlen($objMember->get('password1'))) {
            $ret = $objMember->changePassword();
            if (is_string($ret)) {
                header("Location: index.php?action=members&subaction=view&" . $objMember->getIDPair() . "&error={$ret}");
                exit;
            }
        }
        $objMember->remove('password1');
        $objMember->remove('password2');
        $objMember->save();
        if ($objMember->get('id') == $objUser->get('id')) {
            $_SESSION['objUser'] = $objMember;