diff options
Diffstat (limited to 'lib/image')
-rw-r--r-- | lib/image/delfld.php | 16 | ||||
-rw-r--r-- | lib/image/editfld.php | 44 | ||||
-rw-r--r-- | lib/image/editinfo.php | 51 | ||||
-rw-r--r-- | lib/image/folder.php | 43 | ||||
-rw-r--r-- | lib/image/index.php | 14 | ||||
-rw-r--r-- | lib/image/newfld.php | 32 | ||||
-rw-r--r-- | lib/image/rename.php | 32 |
7 files changed, 198 insertions, 34 deletions
diff --git a/lib/image/delfld.php b/lib/image/delfld.php new file mode 100644 index 0000000..a018b7a --- /dev/null +++ b/lib/image/delfld.php @@ -0,0 +1,16 @@ +<?php + +assert_redir(count($args) >= 3, 'image'); +$fldid = intval($args[2]); + +$fld = mysql_fetch_assoc(sql( + "SELECT id, name, comment, public, owner ". + "FROM img_folders WHERE id = $fldid" + )); +assert_error($fld && $fld['owner'] == $user['id'], + "This folder does not exist, or you are not allowed to edit it."); + +token_validate("Do you really want to delete this folder ?", "folder-image-$fldid"); +sql("DELETE FROM img_folders WHERE id = $fldid"); +sql("UPDATE images SET folder = 0 WHERE folder = $fldid"); +header("location: image"); diff --git a/lib/image/editfld.php b/lib/image/editfld.php new file mode 100644 index 0000000..a0bef1f --- /dev/null +++ b/lib/image/editfld.php @@ -0,0 +1,44 @@ +<?php + +require("lib/markdown.php"); + +assert_redir(count($args) == 3, 'image'); +$fldid = intval($args[2]); + +$fld = mysql_fetch_assoc(sql( + "SELECT id, name, comment, public, owner ". + "FROM img_folders WHERE id = $fldid" + )); +assert_error($fld && $fld['owner'] == $user['id'], + "This folder does not exist, or you are not allowed to edit it."); + +$fld_name = $fld['name']; +$fld_comment = $fld['comment']; +$fld_public = $fld['public']; +if (isset($_POST['name']) && isset($_POST['comment'])) { + $fld_public = isset($_POST['public']); + $fld_name = esca($_POST['name']); + $fld_comment = esca($_POST['comment']); + $fld_comment_html = Markdown($fld_comment); + if ($fld_name == "") { + $error = "You must enter a name for your folder."; + } else { + sql("UPDATE img_folders SET name = '" . escs($fld_name) . "', comment = '" . escs($fld_comment) . + "', comment_html = '" . escs($fld_comment_html) . "', public = " . ($fld_public?'1':'0') . + " WHERE id = $fldid"); + header("Location: folder-image-" . $fldid); + die(); + } + +} + +$title = "Edit folder"; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $fld_name), + array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), + ); +$validate = "Save"; + +require("tpl/general/form.php"); + diff --git a/lib/image/editinfo.php b/lib/image/editinfo.php new file mode 100644 index 0000000..8223c18 --- /dev/null +++ b/lib/image/editinfo.php @@ -0,0 +1,51 @@ +<?php + +require("lib/markdown.php"); + +require("lib/conf/image.php"); + +$title = "Rename an image"; + +if (count($args) < 3) header("location: index.php"); +$id = intval($args[2]); + +$info = mysql_fetch_assoc(sql( + "SELECT images.owner AS owner, images.id AS id, images.name AS name, images.comment AS comment, + img_folders.id AS folder_id, img_folders.name AS folder_name + FROM images LEFT JOIN img_folders ON images.folder = img_folders.id WHERE images.id = $id" +)); + +assert_error($info["owner"] == $user["id"], "You cannot rename this image."); + +$name = $info['name']; +$comment = $info['comment']; +$folder = $info['folder_id']; +if (isset($_POST['name']) && isset($_POST['comment']) && isset($_POST['folder'])) { + $name = esca($_POST['name']); + $comment = esca($_POST['comment']); + $comment_html = Markdown($comment); + $folder = intval($_POST['folder']); + if ($name == "") { + $error = "You must give a non-empty name to this image. Please."; + } else { + sql("UPDATE images SET name = '" . escs($name) . "', comment='" . escs($comment). "', + comment_html = '" . escs($comment_html) . "', folder = $folder WHERE id = $id"); + header("Location: image"); + die(); + } +} + +$folders = array(0 => "[no folder]"); +$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); +while ($n = mysql_fetch_array($r)) + $folders[$n['id']] = $n['name']; + +$title = "Edit image info : " . $info['name']; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $name), + array("label" => "Folder : ", "type" => "select", "name" => "folder", "choices" => $folders, "value" => $folder), + array("label" => "Comment : ", "name" => "comment", "value" => $comment, "type" => "textarea"), +); +$validate = "Save"; + +require("tpl/general/form.php"); diff --git a/lib/image/folder.php b/lib/image/folder.php new file mode 100644 index 0000000..56166d8 --- /dev/null +++ b/lib/image/folder.php @@ -0,0 +1,43 @@ +<?php + +require("lib/conf/image.php"); + +assert_redir(count($args) == 3, 'image'); +$fldid = intval($args[2]); + +$fld = mysql_fetch_assoc(sql( + "SELECT img_folders.id AS id, img_folders.name AS name, img_folders.comment_html AS comment_html, ". + "img_folders.public AS public, account.id AS owner, account.login AS ownername FROM img_folders ". + "LEFT JOIN account ON account.id = img_folders.owner ". + "WHERE img_folders.id = $fldid" +)); +assert_error($fld && ($fld['public'] != 0 || $fld['owner'] == $user['id']), + "This folder does not exist, or you are not allowed to see it."); + +$can_edit = ($user['priv'] >= $apps['image']['editfld'] && $user['id'] = $fld['owner']); +$is_owner = ($user['id'] == $fld['owner']); + +$filters = array ( + "order" => array ( + "name" => "title", + "upl_date" => "date uploaded", + ), + "way" => $ord_ways, +); +$fdefaults = array ( + "order" => "name", + "way" => "ASC", +); + +$title = $fld["name"]; + +$images = array(); +$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ". + "images.comment_html AS comment_html FROM images WHERE images.folder = $fldid"); +while ($img = mysql_fetch_assoc($files)) $images[] = $img; + +$s = sql("SELECT id, name FROM img_folders WHERE owner = " . $fld['owner'] . ($fld['owner'] == $user['id'] ? '' : " AND public != 0"). " ORDER BY name ASC"); +$folers = array(); +while ($f = mysql_fetch_assoc($s)) $folders[] = $f; + +require("tpl/image/folder.php"); diff --git a/lib/image/index.php b/lib/image/index.php index 59a304d..b9748dc 100644 --- a/lib/image/index.php +++ b/lib/image/index.php @@ -6,6 +6,7 @@ $filters = array ( "order" => array ( "name" => "title", "upl_date" => "date uploaded", + "folder_name" => "folder", ), "way" => $ord_ways, ); @@ -17,7 +18,10 @@ $fdefaults = array ( $title = "Image upload"; $images = array(); -$files = sql("SELECT * FROM images WHERE owner = " . $user['id'] . +$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ". + "images.comment_html AS comment_html, img_folders.id AS folder_id, img_folders.name AS folder_name ". + " FROM images LEFT JOIN img_folders ON img_folders.id = images.folder ". + "WHERE images.owner = " . $user['id'] . " ORDER BY " . get_filter('order') . " " . get_filter('way')); while ($img = mysql_fetch_assoc($files)) $images[] = $img; @@ -33,7 +37,13 @@ if ($user['priv'] < $apps['image']['upload']) { $can_upload = true; } +$folders = array(); +$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); +while ($f = mysql_fetch_assoc($r)) { + $folders[] = $f; +} + $can_delete = ($user['priv'] >= $apps['image']['delete'] && $user['id'] != 0); -$can_rename = ($user['priv'] >= $apps['image']['rename'] && $user['id'] != 0); +$can_rename = ($user['priv'] >= $apps['image']['editinfo'] && $user['id'] != 0); require("tpl/image/index.php"); diff --git a/lib/image/newfld.php b/lib/image/newfld.php new file mode 100644 index 0000000..63afd17 --- /dev/null +++ b/lib/image/newfld.php @@ -0,0 +1,32 @@ +<?php + +require("lib/markdown.php"); + +$fld_name = ""; +$fld_comment = ""; +$fld_public = true; +if (isset($_POST['name']) && isset($_POST['comment'])) { + $fld_public = isset($_POST['public']); + $fld_name = esca($_POST['name']); + $fld_comment = esca($_POST['comment']); + $fld_comment_html = Markdown($fld_comment); + if ($fld_name == "") { + $error = "You must enter a name for your folder."; + } else { + sql("INSERT INTO img_folders(owner, name, comment, comment_html, public) ". + "VALUES(" . $user['id'] . ", '" . escs($fld_name) . "', '" . escs($fld_comment) . + "', '" . escs($fld_comment_html) . "', " . ($fld_public ? '1' : '0') . ")"); + header("Location: folder-image-" . mysql_insert_id()); + die(); + } +} + +$title = "New folder"; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $fld_name), + array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), + ); +$validate = "Create folder"; + +require("tpl/general/form.php"); diff --git a/lib/image/rename.php b/lib/image/rename.php deleted file mode 100644 index 0fbc442..0000000 --- a/lib/image/rename.php +++ /dev/null @@ -1,32 +0,0 @@ -<?php - -require("lib/conf/image.php"); - -$title = "Rename an image"; - -if (count($args) < 3) header("location: index.php"); -$id = intval($args[2]); - -$info = mysql_fetch_assoc(sql("SELECT * FROM images WHERE id = $id")); - -assert_error($info["owner"] == $user["id"], "You cannot rename this image."); - -$name = $info['name']; -if (isset($_POST['name'])) { - $name = esca($_POST['name']); - if ($name == "") { - $error = "You must give a non-empty name to this image. Please."; - } else { - sql("UPDATE images SET name = '" . escs($name) . "' WHERE id = $id"); - header("Location: image"); - die(); - } -} - -$title = "Rename : " . $info['name']; -$fields = array( - array("label" => "New name : ", "name" => "name", "value" => $name), -); -$validate = "Rename"; - -require("tpl/general/form.php"); |