public function getUsername()
{
$objUser = new clsUser($this->get('user_id'));
if ($objUser->isNew()) {
return $this->get('username');
}
return $objUser->get('username');
}
require_once 'include/upgrade.php';
$strAction = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
$strSubAction = isset($_REQUEST['subaction']) ? $_REQUEST['subaction'] : '';
$objBreadcrumbs = new clsBreadcrumbs();
$objBreadcrumbs->add('Home', 'index.php');
$objMiniMenu = new clsMiniMenu();
if (!isset($_SESSION['objUser'])) {
$objUser = clsUser::getCookie();
} else {
$objUser = $_SESSION['objUser'];
}
/* This re-loads the user object in case it's changed. */
if ($objUser) {
$objUser = new clsUser($objUser->get('id'));
}
if ($objUser && $objUser->isNew()) {
$objUser = null;
}
if (!preg_match('/^[a-zA-Z2-9_-]*$/', $strAction)) {
throw new Exception(ERRORMSG_INVALID);
}
$objTemplate = new clsTemplate('default');
$objTemplate->setText('SCRIPT', clsDB::initializeJS());
$objTemplate->setText('TITLE', "OSPAP2");
/* Inline CSS for advanced. */
$objTemplate->setText('HEAD', clsUser::getAdvancedStyle($objUser));
if (isset($_REQUEST['error']) && isset($arrMessages[$_REQUEST['error']])) {
$objTemplate->setText('ERROR', $arrMessages[$_REQUEST['error']]);
} else {
if (isset($_REQUEST['message']) && isset($arrMessages[$_REQUEST['message']])) {
$objTemplate->setText('MESSAGE', $arrMessages[$_REQUEST['message']]);
require_once 'cls/clsGroup.php';
require_once 'cls/clsParameters.php';
require_once 'cls/clsPicture.php';
require_once 'cls/clsTemplate.php';
require_once 'cls/clsThumbnail.php';
$objAlbum = new clsAlbum();
$objAlbum->getFromRequest();
$objAlbum->load();
$objMember = new clsUser();
$objMember->getFromRequest();
$objMember->load();
$objGroup = new clsGroup();
$objGroup->getFromRequest();
$objGroup->load();
$arrSimplePermissions = array(-1 => "Don't change", 0 => "Use same permission as parent", 1 => "Public (anybody can see the album and post comments)", 2 => "Public with rating (same as Public, but users can rate pictures)", 3 => "Public with group posting (same as Public, except group members can post pictures)", 4 => "Private (only group members can see)", 5 => "Private with rating (same as Private, but users can rate pictures)", 6 => "Private with group posting (same as Private, except group members can post pictures)");
if ($strSubAction == '' && $objMember->isNew()) {
if (!$objAlbum->canView($objUser)) {
throw new Exception('exception_accessdenied');
}
/* Do they have access? */
if (!$objAlbum->canView($objUser)) {
throw new Exception('exception_accessdenied');
}
/* Are they filtering? */
if ($objUser && $objUser->get('remember_filter') && $objUser->get('filter_user')) {
header("Location: index.php?action=albums&subaction=useralbums&user_id=" . $objUser->get('filter_user'));
}
$objBreadcrumbs->add('Albums', 'index.php?action=albums');
$objAlbum->addBreadcrumbs($objBreadcrumbs, false);
/* Editing the album. */
if (!$objAlbum->isNew() && $objAlbum->canEdit($objUser)) {
if ($strSubAction == 'save') {
if (!$objGroup->canEdit($objUser)) {
throw new Exception('exception_accessdenied');
}
$objGroup->getFromRequest(array('id', 'name', 'is_private', 'is_hidden'));
if ($objGroup->isNew()) {
$objGroup->set('user_id', $objUser->get('id'));
}
$objGroup->save();
header("Location: index.php?action=groups&subaction=view&message=group_saved&" . $objGroup->getIDPair());
}
if ($strSubAction == 'invite') {
if (!$objGroup->isMember($objUser)) {
throw new Exception('exception_accessdenied');
}
if ($objMember->isNew()) {
$objTemplate->setText('PAGETITLE', "Inviting a user");
$objBreadcrumbs->add('Inviting', 'index.php?action=groups&subaction=invite&' . $objGroup->getIDPair());
$objMiniMenu->add('Back', 'index.php?action=groups&subaction=view&' . $objGroup->getIDPair());
$arrMembers = clsDB::getListStatic('user', '', 'username');
foreach ($arrMembers as $objMember) {
print "<ul>";
if (!$objGroup->isMemberOrPotential($objMember)) {
print "<li><a href='index.php?action=groups&subaction=invite&" . $objGroup->getIDPair() . "&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></li>";
}
print "</ul>";
}
} else {
$strResult = $objGroup->inviteUser($objMember, $objUser);
header("Location: index.php?action=groups&subaction=invite&message={$strResult}&" . $objGroup->getIDPair());
}
public static function getCookie()
{
if (!isset($_COOKIE['ospap2_id'])) {
return null;
}
if (!isset($_COOKIE['ospap2_passhash'])) {
return null;
}
$objUser = new clsUser($_COOKIE['ospap2_id']);
if ($objUser->isNew()) {
return null;
}
if (sha1($objUser->get('password')) == $_COOKIE['ospap2_passhash']) {
/* Rejuvinate the cookie. */
$objUser->setCookie();
return $objUser;
}
return null;
}