File: /hosting/www/kipepeo.es/public/Fotos/albmgr.php
<?php
/*************************
Coppermine Photo Gallery
************************
Copyright (c) 2003-2016 Coppermine Dev Team
v1.0 originally written by Gregory Demar
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3
as published by the Free Software Foundation.
********************************************
Coppermine version: 1.6.03
$HeadURL$
**********************************************/
// TODO: title tags contain hardcoded English instead of lang vars.
define('IN_COPPERMINE', true);
define('ALBMGR_PHP', true);
require('include/init.inc.php');
set_js_var('lang_edit', $lang_common['edit']);
js_include('js/jquery.sort.js');
js_include('js/albmgr.js');
if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$icon_array = array();
$icon_array['ok'] = cpg_fetch_icon('ok', 1);
$icon_array['cancel'] = cpg_fetch_icon('cancel', 1);
$icon_array['up'] = cpg_fetch_icon('up', 0);
$icon_array['upup'] = cpg_fetch_icon('upup', 0);
$icon_array['down'] = cpg_fetch_icon('down', 0);
$icon_array['downdown'] = cpg_fetch_icon('downdown', 0);
$icon_array['new'] = cpg_fetch_icon('add', 1);
$icon_array['delete'] = cpg_fetch_icon('delete', 0);
$icon_array['edit'] = cpg_fetch_icon('edit', 1);
$icon_array['modifyalb'] = cpg_fetch_icon('modifyalb', 1);
$icon_array['edit_files'] = cpg_fetch_icon('edit', 1);
$icon_array['thumbnail'] = cpg_fetch_icon('thumbnails', 1);
$icon_array['blank'] = cpg_fetch_icon('blank', 1);
/**
* alb_get_subcat_data()
*
* @param integer $parent
* @param string $ident
**/
function alb_get_subcat_data($parent, $ident = '')
{
global $CONFIG, $CAT_LIST, $USER_DATA;
// select cats where the users can change the albums
$groups = '';
foreach ($USER_DATA['groups'] as $group) {
$groups .= "group_id = '$group' OR ";
}
$groups .= "0";
$result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
if ($result->numRows() > 0) {
$rowset = cpg_db_fetch_rowset($result);
foreach ($rowset as $subcat) {
if (!GALLERY_ADMIN_MODE) {
$check_group = cpg_db_query("SELECT group_id FROM {$CONFIG['TABLE_CATMAP']} WHERE ($groups) AND cid = ".$subcat['cid']);
$check_group_rowset = cpg_db_fetch_rowset($check_group);
if ($check_group_rowset) {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
}
} else {
$CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
}
alb_get_subcat_data($subcat['cid'], $ident . ' ');
}
}
}
list($timestamp, $form_token) = getFormToken();
// Set the message variables for the javascript file
// confirm album modifications
set_js_var('confirm_modifs', $lang_albmgr_php['confirm_modifs']);
// confirm album delete
set_js_var("confirm_delete", $lang_albmgr_php['confirm_delete1'] . "\n" . $lang_albmgr_php['confirm_delete2']);
// alert when try to delete album without an album selected
set_js_var('dontDelete', $lang_albmgr_php['select_first']);
// confirm category change when there are unsaved changes
set_js_var('category_change', $lang_albmgr_php['category_change']);
// confirm page change when there are unsaved changes
set_js_var('page_change', $lang_albmgr_php['page_change']);
// title for upload image
set_js_var('upload_file', $lang_albmgr_php['upload_files']);
// form token & timestamp
set_js_var('form_token', $form_token);
set_js_var('timestamp', $timestamp);
// get the category value
if ($superCage->get->keyExists('cat')) {
$cat = $superCage->get->getInt('cat');
} else {
$cat = 0;
}
if ($cat == 1) {
$cat = 0;
}
if (!GALLERY_ADMIN_MODE && USER_ADMIN_MODE) {
if ($cat == 0) {
if (USER_CAN_CREATE_PRIVATE_ALBUMS) {
$cat = USER_ID + FIRST_USER_CAT;
} else {
// user is only allowed to create public albums - get first category the user is allowed to create albums in
$result = cpg_db_query("SELECT cm.cid FROM {$CONFIG['TABLE_CATMAP']} AS cm INNER JOIN {$CONFIG['TABLE_CATEGORIES']} AS c ON cm.cid = c.cid WHERE cm.group_id in (" . implode(",", $USER_DATA['groups']). ") ORDER BY pos LIMIT 1");
$cat = $result->result(0, 0, true);
}
}
// only list the albums owned by the user
$user_id = USER_ID;
}
// set the cat value
set_js_var('category', $cat);
pageheader($lang_albmgr_php['title']);
echo <<< EOT
<form name="album_menu" id="cpg_form_album" method="post" action="delete.php?what=albmgr">
<input type="hidden" name="form_token" value="{$form_token}" />
<input type="hidden" name="timestamp" value="{$timestamp}" />
EOT;
starttable('100%', cpg_fetch_icon('alb_mgr', 2).$lang_albmgr_php['title'].' '.cpg_display_help('f=albums.htm&as=albmgr&ae=albmgr_end&top=1', '600', '400'), 1, '');
echo <<< EOT
<tr class="noscript">
<td class="tableh2">
<noscript>
{$lang_common['javascript_needed']}
</noscript>
</td>
</tr>
<tr>
<td>
EOT;
if (GALLERY_ADMIN_MODE) {
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat ORDER BY pos ASC");
} elseif (USER_ADMIN_MODE) {
// $cat and $user_id set above
$result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat AND owner = $user_id ORDER BY pos ASC");
} else {
cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
$rowset = cpg_db_fetch_rowset($result);
$i = 100;
$sort_order = '';
if (count($rowset) > 0) {
foreach ($rowset as $album) {
$sort_order .= $album['aid'] . '@' . ($i++) . ',';
}
}
if (GALLERY_ADMIN_MODE || USER_ADMIN_MODE) {
$CAT_LIST = array();
if (USER_CAN_CREATE_PRIVATE_ALBUMS) {
$CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_albmgr_php['my_gallery']);
}
//only add 'no category' when user is admin
if (GALLERY_ADMIN_MODE) {
$CAT_LIST[] = array(0, $lang_albmgr_php['no_category']);
}
alb_get_subcat_data(0, '');
echo <<< EOT
<table cellspacing="0" cellpadding="0" border="0" width="100%">
<tr>
<td class="tableh2">
<strong>{$lang_albmgr_php['select_category']}</strong>
<select name="cat" class="listbox">
EOT;
foreach ($CAT_LIST as $category) {
echo ' <option value="' . $category[0] . '"' . ($cat == $category[0] ? ' selected="selected"': '') . ">" . $category[1] . '</option>' . $LINEBREAK;
}
echo <<< EOT
</select>
<input type="hidden" id="sort_order" name="sort_order" value="{$sort_order}" />
<input type="hidden" id="album_order" name="album_order" value="" />
<input type="hidden" name="category" value="{$cat}" />
</td>
</tr>
</table>
EOT;
}
echo <<< EOT
</td>
</tr>
<tr>
<td class="tableb">
<div id="sort">
EOT;
if (count($rowset) > 0) {
echo ' <table id="album_sort" cellspacing="0" cellpadding="0" border="0">';
foreach ($rowset as $album) {
$title = stripslashes($album['title']);
echo <<< EOT
<tr id="sort-{$album['aid']}">
<td class="dragHandle"></td>
<td class="album_text" width="96%"><span class="albumName">{$title}</span> <a href="upload.php?album={$album['aid']}"><img src="images/icons/upload.png" title="{$lang_albmgr_php['upload_files']}" /></a><span class="editAlbum">{$icon_array['edit']}{$lang_common['edit']}</span></td>
</tr>
EOT;
}
echo ' </table>';
}
echo <<< EOT
</div>
</td>
</tr>
<tr>
<td>
<table class="tableb album_operate" cellspacing="0" cellpadding="0" border="0" width="100%">
<tr>
<td id="control">
EOT;
// Only show move-buttons when admin or in user's private category.
// Sorting is also prevented in delete.php when user doesn't have the rights.
if (GALLERY_ADMIN_MODE || ($cat == USER_ID + FIRST_USER_CAT)) {
if (defined('THEME_HAS_PROGRESS_GRAPHICS')) {
$prefix = $THEME_DIR;
} else {
$prefix = '';
}
echo <<< EOT
<button type="button" id="upup_click" name="upup_click" class="button" value="{$lang_common['move_top']}" disabled="disabled" title="{$lang_common['move_top']}">{$icon_array['upup']}</button>
<button type="button" id="up_click" name="up_click" class="button" value="{$lang_common['move_up']}" disabled="disabled" title="{$lang_common['move_up']}">{$icon_array['up']}</button>
<button type="button" id="down_click" name="down_click" class="button" value="{$lang_common['move_down']}" disabled="disabled" title="{$lang_common['move_down']}">{$icon_array['down']}</button>
<button type="button" id="downdown_click" name="downdown_click" class="button" value="{$lang_common['move_bottom']}" disabled="disabled" title="{$lang_common['move_bottom']}">{$icon_array['downdown']}</button>
EOT;
}
//we still need to show buttons to add/edit albums
echo <<< EOT
<button type="button" id="delete_album" name="delete_album" class="button" value="{$lang_albmgr_php['delete_album']}" disabled="disabled" title="{$lang_albmgr_php['delete_album']}">{$icon_array['delete']}</button>
<button type="button" id="modify_album" name="modify_album" class="button" value="{$lang_common['album_properties']}" disabled="disabled">{$icon_array['modifyalb']}{$lang_common['album_properties']}</button>
<button type="button" id="editfiles_album" name="editfiles_album" class="button" value="{$lang_common['edit_files']}" disabled="disabled">{$icon_array['edit_files']}{$lang_common['edit_files']}</button>
<button type="button" id="thumbnail_album" name="thumbnail_album" class="button" value="{$lang_common['thumbnail_view']}" disabled="disabled">{$icon_array['thumbnail']}{$lang_common['thumbnail_view']}</button>
<button type="button" id="add_new_album" name="add_new_album" class="button" value="{$lang_albmgr_php['new_album']}">{$icon_array['new']}{$lang_albmgr_php['new_album']}</button>
<img id="loading" class="icon" src="{$prefix}images/loader.gif" style="margin-left: 10px; display: none;" alt="" />
<input type="text" id="add-name" name="add-name" size="27" maxlength="255" class="textinput" value="" onkeypress="return Sort.disableEnterKey(event)" style="display: none;" />
<button type="submit" id="addEvent" class="button" name="addEvent" value="{$lang_common['ok']}" style="display: none;">{$icon_array['ok']}{$lang_common['ok']}</button>
<button type="button" id="cancelEvent" name="cancelEvent" class="button add_cancel close" value="{$lang_albmgr_php['cancel']}" style="display: none;">{$icon_array['cancel']}{$lang_albmgr_php['cancel']}</button>
<input type="text" id="edit-name" name="edit-name" size="27" maxlength="255" class="textinput" value="" onkeypress="return Sort.disableEnterKey(event)" style="display: none;" />
<button type="submit" id="updateEvent" class="button" name="updateEvent" value="{$lang_common['ok']}" style="display: none;">{$icon_array['ok']}{$lang_common['ok']}</button>
<button type="button" id="updateCancel" name="updateCancel" class="button album_cancel close" value="{$lang_albmgr_php['cancel']}" style="display: none;">{$icon_array['cancel']}{$lang_albmgr_php['cancel']}</button>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td class="tableb">
<button type="submit" class="button" name="apply" id="apply" value="{$lang_common['apply_changes']}" style="display:none;">{$icon_array['ok']}{$lang_common['apply_changes']}</button>
<div id="submit_reminder" class="cpg_message_warning" style="display: none;">
{$lang_albmgr_php['submit_reminder']}
</div>
</td>
</tr>
EOT;
endtable();
echo '</form>';
pagefooter();
//EOF