summaryrefslogtreecommitdiff
path: root/lib/image
diff options
context:
space:
mode:
Diffstat (limited to 'lib/image')
-rw-r--r--lib/image/delfld.php16
-rw-r--r--lib/image/editfld.php44
-rw-r--r--lib/image/editinfo.php51
-rw-r--r--lib/image/folder.php43
-rw-r--r--lib/image/index.php14
-rw-r--r--lib/image/newfld.php32
-rw-r--r--lib/image/rename.php32
7 files changed, 198 insertions, 34 deletions
diff --git a/lib/image/delfld.php b/lib/image/delfld.php
new file mode 100644
index 0000000..a018b7a
--- /dev/null
+++ b/lib/image/delfld.php
@@ -0,0 +1,16 @@
+<?php
+
+assert_redir(count($args) >= 3, 'image');
+$fldid = intval($args[2]);
+
+$fld = mysql_fetch_assoc(sql(
+ "SELECT id, name, comment, public, owner ".
+ "FROM img_folders WHERE id = $fldid"
+ ));
+assert_error($fld && $fld['owner'] == $user['id'],
+ "This folder does not exist, or you are not allowed to edit it.");
+
+token_validate("Do you really want to delete this folder ?", "folder-image-$fldid");
+sql("DELETE FROM img_folders WHERE id = $fldid");
+sql("UPDATE images SET folder = 0 WHERE folder = $fldid");
+header("location: image");
diff --git a/lib/image/editfld.php b/lib/image/editfld.php
new file mode 100644
index 0000000..a0bef1f
--- /dev/null
+++ b/lib/image/editfld.php
@@ -0,0 +1,44 @@
+<?php
+
+require("lib/markdown.php");
+
+assert_redir(count($args) == 3, 'image');
+$fldid = intval($args[2]);
+
+$fld = mysql_fetch_assoc(sql(
+ "SELECT id, name, comment, public, owner ".
+ "FROM img_folders WHERE id = $fldid"
+ ));
+assert_error($fld && $fld['owner'] == $user['id'],
+ "This folder does not exist, or you are not allowed to edit it.");
+
+$fld_name = $fld['name'];
+$fld_comment = $fld['comment'];
+$fld_public = $fld['public'];
+if (isset($_POST['name']) && isset($_POST['comment'])) {
+ $fld_public = isset($_POST['public']);
+ $fld_name = esca($_POST['name']);
+ $fld_comment = esca($_POST['comment']);
+ $fld_comment_html = Markdown($fld_comment);
+ if ($fld_name == "") {
+ $error = "You must enter a name for your folder.";
+ } else {
+ sql("UPDATE img_folders SET name = '" . escs($fld_name) . "', comment = '" . escs($fld_comment) .
+ "', comment_html = '" . escs($fld_comment_html) . "', public = " . ($fld_public?'1':'0') .
+ " WHERE id = $fldid");
+ header("Location: folder-image-" . $fldid);
+ die();
+ }
+
+}
+
+$title = "Edit folder";
+$fields = array(
+ array("label" => "Name : ", "name" => "name", "value" => $fld_name),
+ array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public),
+ array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment),
+ );
+$validate = "Save";
+
+require("tpl/general/form.php");
+
diff --git a/lib/image/editinfo.php b/lib/image/editinfo.php
new file mode 100644
index 0000000..8223c18
--- /dev/null
+++ b/lib/image/editinfo.php
@@ -0,0 +1,51 @@
+<?php
+
+require("lib/markdown.php");
+
+require("lib/conf/image.php");
+
+$title = "Rename an image";
+
+if (count($args) < 3) header("location: index.php");
+$id = intval($args[2]);
+
+$info = mysql_fetch_assoc(sql(
+ "SELECT images.owner AS owner, images.id AS id, images.name AS name, images.comment AS comment,
+ img_folders.id AS folder_id, img_folders.name AS folder_name
+ FROM images LEFT JOIN img_folders ON images.folder = img_folders.id WHERE images.id = $id"
+));
+
+assert_error($info["owner"] == $user["id"], "You cannot rename this image.");
+
+$name = $info['name'];
+$comment = $info['comment'];
+$folder = $info['folder_id'];
+if (isset($_POST['name']) && isset($_POST['comment']) && isset($_POST['folder'])) {
+ $name = esca($_POST['name']);
+ $comment = esca($_POST['comment']);
+ $comment_html = Markdown($comment);
+ $folder = intval($_POST['folder']);
+ if ($name == "") {
+ $error = "You must give a non-empty name to this image. Please.";
+ } else {
+ sql("UPDATE images SET name = '" . escs($name) . "', comment='" . escs($comment). "',
+ comment_html = '" . escs($comment_html) . "', folder = $folder WHERE id = $id");
+ header("Location: image");
+ die();
+ }
+}
+
+$folders = array(0 => "[no folder]");
+$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC");
+while ($n = mysql_fetch_array($r))
+ $folders[$n['id']] = $n['name'];
+
+$title = "Edit image info : " . $info['name'];
+$fields = array(
+ array("label" => "Name : ", "name" => "name", "value" => $name),
+ array("label" => "Folder : ", "type" => "select", "name" => "folder", "choices" => $folders, "value" => $folder),
+ array("label" => "Comment : ", "name" => "comment", "value" => $comment, "type" => "textarea"),
+);
+$validate = "Save";
+
+require("tpl/general/form.php");
diff --git a/lib/image/folder.php b/lib/image/folder.php
new file mode 100644
index 0000000..56166d8
--- /dev/null
+++ b/lib/image/folder.php
@@ -0,0 +1,43 @@
+<?php
+
+require("lib/conf/image.php");
+
+assert_redir(count($args) == 3, 'image');
+$fldid = intval($args[2]);
+
+$fld = mysql_fetch_assoc(sql(
+ "SELECT img_folders.id AS id, img_folders.name AS name, img_folders.comment_html AS comment_html, ".
+ "img_folders.public AS public, account.id AS owner, account.login AS ownername FROM img_folders ".
+ "LEFT JOIN account ON account.id = img_folders.owner ".
+ "WHERE img_folders.id = $fldid"
+));
+assert_error($fld && ($fld['public'] != 0 || $fld['owner'] == $user['id']),
+ "This folder does not exist, or you are not allowed to see it.");
+
+$can_edit = ($user['priv'] >= $apps['image']['editfld'] && $user['id'] = $fld['owner']);
+$is_owner = ($user['id'] == $fld['owner']);
+
+$filters = array (
+ "order" => array (
+ "name" => "title",
+ "upl_date" => "date uploaded",
+ ),
+ "way" => $ord_ways,
+);
+$fdefaults = array (
+ "order" => "name",
+ "way" => "ASC",
+);
+
+$title = $fld["name"];
+
+$images = array();
+$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ".
+ "images.comment_html AS comment_html FROM images WHERE images.folder = $fldid");
+while ($img = mysql_fetch_assoc($files)) $images[] = $img;
+
+$s = sql("SELECT id, name FROM img_folders WHERE owner = " . $fld['owner'] . ($fld['owner'] == $user['id'] ? '' : " AND public != 0"). " ORDER BY name ASC");
+$folers = array();
+while ($f = mysql_fetch_assoc($s)) $folders[] = $f;
+
+require("tpl/image/folder.php");
diff --git a/lib/image/index.php b/lib/image/index.php
index 59a304d..b9748dc 100644
--- a/lib/image/index.php
+++ b/lib/image/index.php
@@ -6,6 +6,7 @@ $filters = array (
"order" => array (
"name" => "title",
"upl_date" => "date uploaded",
+ "folder_name" => "folder",
),
"way" => $ord_ways,
);
@@ -17,7 +18,10 @@ $fdefaults = array (
$title = "Image upload";
$images = array();
-$files = sql("SELECT * FROM images WHERE owner = " . $user['id'] .
+$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ".
+ "images.comment_html AS comment_html, img_folders.id AS folder_id, img_folders.name AS folder_name ".
+ " FROM images LEFT JOIN img_folders ON img_folders.id = images.folder ".
+ "WHERE images.owner = " . $user['id'] .
" ORDER BY " . get_filter('order') . " " . get_filter('way'));
while ($img = mysql_fetch_assoc($files)) $images[] = $img;
@@ -33,7 +37,13 @@ if ($user['priv'] < $apps['image']['upload']) {
$can_upload = true;
}
+$folders = array();
+$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC");
+while ($f = mysql_fetch_assoc($r)) {
+ $folders[] = $f;
+}
+
$can_delete = ($user['priv'] >= $apps['image']['delete'] && $user['id'] != 0);
-$can_rename = ($user['priv'] >= $apps['image']['rename'] && $user['id'] != 0);
+$can_rename = ($user['priv'] >= $apps['image']['editinfo'] && $user['id'] != 0);
require("tpl/image/index.php");
diff --git a/lib/image/newfld.php b/lib/image/newfld.php
new file mode 100644
index 0000000..63afd17
--- /dev/null
+++ b/lib/image/newfld.php
@@ -0,0 +1,32 @@
+<?php
+
+require("lib/markdown.php");
+
+$fld_name = "";
+$fld_comment = "";
+$fld_public = true;
+if (isset($_POST['name']) && isset($_POST['comment'])) {
+ $fld_public = isset($_POST['public']);
+ $fld_name = esca($_POST['name']);
+ $fld_comment = esca($_POST['comment']);
+ $fld_comment_html = Markdown($fld_comment);
+ if ($fld_name == "") {
+ $error = "You must enter a name for your folder.";
+ } else {
+ sql("INSERT INTO img_folders(owner, name, comment, comment_html, public) ".
+ "VALUES(" . $user['id'] . ", '" . escs($fld_name) . "', '" . escs($fld_comment) .
+ "', '" . escs($fld_comment_html) . "', " . ($fld_public ? '1' : '0') . ")");
+ header("Location: folder-image-" . mysql_insert_id());
+ die();
+ }
+}
+
+$title = "New folder";
+$fields = array(
+ array("label" => "Name : ", "name" => "name", "value" => $fld_name),
+ array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public),
+ array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment),
+ );
+$validate = "Create folder";
+
+require("tpl/general/form.php");
diff --git a/lib/image/rename.php b/lib/image/rename.php
deleted file mode 100644
index 0fbc442..0000000
--- a/lib/image/rename.php
+++ /dev/null
@@ -1,32 +0,0 @@
-<?php
-
-require("lib/conf/image.php");
-
-$title = "Rename an image";
-
-if (count($args) < 3) header("location: index.php");
-$id = intval($args[2]);
-
-$info = mysql_fetch_assoc(sql("SELECT * FROM images WHERE id = $id"));
-
-assert_error($info["owner"] == $user["id"], "You cannot rename this image.");
-
-$name = $info['name'];
-if (isset($_POST['name'])) {
- $name = esca($_POST['name']);
- if ($name == "") {
- $error = "You must give a non-empty name to this image. Please.";
- } else {
- sql("UPDATE images SET name = '" . escs($name) . "' WHERE id = $id");
- header("Location: image");
- die();
- }
-}
-
-$title = "Rename : " . $info['name'];
-$fields = array(
- array("label" => "New name : ", "name" => "name", "value" => $name),
-);
-$validate = "Rename";
-
-require("tpl/general/form.php");