[Openfirst-cvscommit] photogallery/admin cleargallery.php,1.3,1.4 edit.php,1.3,1.4 editphoto.php,1.1
Brought to you by:
xtimg
Menu
▾
▴
[Openfirst-cvscommit] photogallery/admin cleargallery.php,1.3,1.4 edit.php,1.3,1.4 editphoto.php,1.1,1.2 galleryglobals.php,1.1,1.2 index.php,1.3,1.4 newgallery.php,1.3,1.4 upload.php,1.5,1.6
Update of /cvsroot/openfirst/photogallery/admin
In directory sc8-pr-cvs1:/tmp/cvs-serv19520
Modified Files:
cleargallery.php edit.php editphoto.php galleryglobals.php
index.php newgallery.php upload.php
Log Message:
Changed system syntax. Made some bug changes. Prepared this module for complete audit.
Index: cleargallery.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/cleargallery.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** cleargallery.php 21 Aug 2003 17:53:12 -0000 1.3
--- cleargallery.php 22 Aug 2003 14:58:04 -0000 1.4
***************
*** 27,34 ****
--- 27,36 ----
*/
+ // Include important globals related to this module
include("../../config/globals.php");
include($header);
include("galleryglobals.php");
+ // Check if user is an admin then allow processes
if(! ISSET($user->user)){
showlogin();
***************
*** 36,39 ****
--- 38,42 ----
}
+ // Retrieve gallery information
$query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['ID']."'");
$gallery = mysql_fetch_object($query);
***************
*** 46,60 ****
$dir = opendir($dirlocate);
! while(! (($file = readdir($dir) === false)){
! if (is_file($dirlocate."/".$file)){
! unlink($dirlocate."/".$file);
! if (file_exists($dirlocate."/thumbs/".$file)){
! unlink($dirlocate."/thumbs/".$file);
! }
! }
! echo "<br><br><center>The <b>".$gallery->GalleryName."</b> gallery has been reset. [ <a href='index.php'>Manage</a> ]<br><br>";
! die(include($footer));
! }
}
--- 49,68 ----
$dir = opendir($dirlocate);
! // Run through the files in the current folder
! while(! (($file = readdir($dir) === false)){
! // Delete file and its thumbs in the folder
! if (is_file($dirlocate."/".$file)){
! unlink($dirlocate."/".$file);
!
! if (file_exists($dirlocate."/thumbs/".$file)){
! unlink($dirlocate."/thumbs/".$file);
! }
!
! }
!
! echo "<br><br><center>The <b>".$gallery->GalleryName."</b> gallery has been reset. [ <a href='index.php'>Manage</a> ]<br><br>";
! die(include($footer));
! }
}
Index: edit.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/edit.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** edit.php 21 Aug 2003 14:32:58 -0000 1.3
--- edit.php 22 Aug 2003 14:58:04 -0000 1.4
***************
*** 27,31 ****
*/
! // Import globals and estbalish database connection
include("../../config/globals.php");
include($header);
--- 27,31 ----
*/
! // Include important globals related to this module
include("../../config/globals.php");
include($header);
***************
*** 33,37 ****
// Check if user is an admin then allow processes
! if (isset($user->user)){
// Check if user initiated delete and run delete process
--- 33,40 ----
// Check if user is an admin then allow processes
! if(! ISSET($user->user)){
! showlogin();
! die(include($footer));
! }
// Check if user initiated delete and run delete process
***************
*** 39,46 ****
echo("<p>Are you absolutely sure you want to delete this gallery? All pictures in the gallery will be removed from the server.</p> <a href='edit.php?DELETE=" . $_GET["DELETE"] . "&CONFIRMED=1'>Yes, I am sure</a> <a href='edit.php'>No, I've changed my mind</a>");
die(include($footer));
! } elseif(isset($_GET["DELETE"]) == true && isset($_GET["CONFIRMED"]) == true) {
! $query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['DELETE']."'") or die(mysql_error());
! $gallery = mysql_fetch_object($query);
function deldir($dir){
$current_dir = opendir($dir);
--- 42,50 ----
echo("<p>Are you absolutely sure you want to delete this gallery? All pictures in the gallery will be removed from the server.</p> <a href='edit.php?DELETE=" . $_GET["DELETE"] . "&CONFIRMED=1'>Yes, I am sure</a> <a href='edit.php'>No, I've changed my mind</a>");
die(include($footer));
! }elseif(isset($_GET["DELETE"]) == true && isset($_GET["CONFIRMED"]) == true) {
! $query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['DELETE']."'") or die(mysql_error());
! $gallery = mysql_fetch_object($query);
+ // Delete the directory as asked above
function deldir($dir){
$current_dir = opendir($dir);
***************
*** 52,62 ****
--- 56,71 ----
}
}
+
+ // Close the directory for future reading
closedir($current_dir);
rmdir(${dir});
}
+ // If the files exist then delete them
if(file_exists("../" . $gallerydir.$gallery->GalleryName."/thumbs")) {
deldir("../".$gallerydir.$gallery->GalleryName."/thumbs");
}
+
+ // If the files exist then delete them
if(file_exists("../" . $gallerydir.$gallery->GalleryName)) {
deldir("../".$gallerydir.$gallery->GalleryName);
***************
*** 66,86 ****
echo "<br><br><center>The gallery has been deleted! [ <a href='index.php'>Manage</a> ]</center><br>";
die(include($footer));
}
// Check if user initiated delete of particular photo and run photo and thumb delete
if(ISSET($_GET['DELETEPHOTO'])){
!
! $query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['ID']."'") or die(mysql_error());
! $gallery = mysql_fetch_object($query);
! unlink("../".$gallerydir.$gallery->GalleryName."/".$_GET['PHOTO']) or die("<br><br><center>Can't remove gallery! [ <a href='index.php'>Manage</a> ]");
! if (file_exists("../".$gallerydir.$gallery->GalleryName."/thumbs/".$_GET['PHOTO'])){
! unlink("../".$gallerydir.$gallery->GalleryName."/thumbs/".$_GET['PHOTO']) or die("<br><br><center>Can't remove gallery! [ <a href='index.php'>Manage</a> ]");
! die("<br><br><center>The photo and its thumbnail have been deleted! [ <a href='index.php?ID=".$_GET['ID']."'>Manage</a> ]</center>");
! }else{
! die("<br><br><center>The photo has been deleted! [ <a href='index.php?ID=".$_GET['ID']."'>Manage</a> ]</center>");
! }
}
$query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['ID']."'");
$gallery = mysql_fetch_object($query);
--- 75,98 ----
echo "<br><br><center>The gallery has been deleted! [ <a href='index.php'>Manage</a> ]</center><br>";
die(include($footer));
+
}
// Check if user initiated delete of particular photo and run photo and thumb delete
if(ISSET($_GET['DELETEPHOTO'])){
! $query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['ID']."'") or die(mysql_error());
! $gallery = mysql_fetch_object($query);
! unlink("../".$gallerydir.$gallery->GalleryName."/".$_GET['PHOTO']) or die("<br><br><center>Can't remove gallery! [ <a href='index.php'>Manage</a> ]");
!
! // If the file exists then delete the image and its thumbs
! if (file_exists("../".$gallerydir.$gallery->GalleryName."/thumbs/".$_GET['PHOTO'])){
! unlink("../".$gallerydir.$gallery->GalleryName."/thumbs/".$_GET['PHOTO']) or die("<br><br><center>Can't remove gallery! [ <a href='index.php'>Manage</a> ]");
! die("<br><br><center>The photo and its thumbnail have been deleted! [ <a href='index.php?ID=".$_GET['ID']."'>Manage</a> ]</center>");
! }else{
! die("<br><br><center>The photo has been deleted! [ <a href='index.php?ID=".$_GET['ID']."'>Manage</a> ]</center>");
! }
}
+ // Get information above the gallery
$query = mysql_query("SELECT * FROM ofirst_photogallery_galleries WHERE ID = '".$_GET['ID']."'");
$gallery = mysql_fetch_object($query);
***************
*** 88,96 ****
?>
<h2>Edit Gallery</h2>
! <p><em><?php echo $gallery->GalleryName; ?> Options - </em><a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit</a>
! | <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a> |
! <a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a> |
! <a href="edit.php?DELETE=<?php echo $_GET['ID']; ?>">Delete Gallery</a> (Must
! be empty to perform operation)</p>
<table width="388" align="center">
<tr>
--- 100,110 ----
?>
<h2>Edit Gallery</h2>
!
! <em><?php echo $gallery->GalleryName; ?></em> Options -<a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit</a>
! | <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a>
! | <a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a>
! | <a href="edit.php?DELETE=<?php echo $_GET['ID']; ?>">Delete Gallery</a>
! (Must be empty to perform operation)<br><br>
!
<table width="388" align="center">
<tr>
***************
*** 111,114 ****
--- 125,129 ----
if (is_file($dirlocate."/".$file)){
$num++;
+
?>
<tr>
***************
*** 116,121 ****
<td valign="top"><?php echo $file; ?></td>
<td valign="top">
! <?php
if (file_exists($dirlocate."/thumbs/".$file)){
echo "Yes";
--- 131,137 ----
<td valign="top"><?php echo $file; ?></td>
<td valign="top">
! <?php
+ // Check if the file exists then print if it has a thumb or not
if (file_exists($dirlocate."/thumbs/".$file)){
echo "Yes";
***************
*** 126,133 ****
?>
</td>
! <td valign="top">[ <a href="editphoto.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $file; ?>">Edit</a>
! ]<br>
! [ <a href='edit.php?ID=<?php echo $_GET['ID']; ?>&DELETEPHOTO=True&PHOTO=<?php echo $file; ?>'>
! Delete</a> ] </td>
</tr>
<?php
--- 142,147 ----
?>
</td>
! <td valign="top">[ <a href="editphoto.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $file; ?>">Edit</a> ]<br>
! [ <a href='edit.php?ID=<?php echo $_GET['ID']; ?>&DELETEPHOTO=True&PHOTO=<?php echo $file; ?>'>Delete</a> ] </td>
</tr>
<?php
***************
*** 135,140 ****
}
}
if($num == 0){
! echo "<tr><td>--</td><td><br>No photos in gallery!<br><br></td><td>--</td><td>--</td></tr>";
}
?>
--- 149,156 ----
}
}
+
+ // If there is no record then preview no photos message
if($num == 0){
! echo "<tr><td> </td><td><br>No photos in gallery!<br><br></td><td> </td><td> </td></tr>";
}
?>
***************
*** 145,152 ****
<br>
</center>
! <?php
! }else{
! showlogin();
! }
! include($footer);
! ?>
--- 161,163 ----
<br>
</center>
! <?php include($footer); ?>
Index: editphoto.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/editphoto.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** editphoto.php 21 Aug 2003 17:51:06 -0000 1.1
--- editphoto.php 22 Aug 2003 14:58:04 -0000 1.2
***************
*** 27,34 ****
--- 27,36 ----
*/
+ // Import globals and estbalish database connection
include("../../config/globals.php");
include($header);
include("galleryglobals.php");
+ // Check if user is an admin then allow processes
if(! ISSET($user->user)){
showlogin();
***************
*** 66,72 ****
--- 68,77 ----
if(mysql_num_rows($imgquery) == 0){
mysql_query("INSERT INTO ofirst_photogallery_image SET
+ Image = '".$_GET['PHOTO']."',
+ Gallery = '".$_GET['ID']."',
ImageName = '".$_POST['imagename']."',
Description = '".$description."',
Dates = '".$_POST['date']."'") or die(mysql_error());
+
}else{
mysql_query("UPDATE ofirst_photogallery_image SET
***************
*** 76,79 ****
--- 81,86 ----
WHERE Gallery = '".$_GET['ID']."' AND Image = '".$_GET['PHOTO']."'") or die(mysql_error());
}
+
+ // Delete the textfile that goes with the actual image
if(ISSET($_POST['deletefile'])){
$textfile = substr($_GET['PHOTO'],0,-4).".txt";
***************
*** 83,90 ****
--- 90,100 ----
echo "<br><br>Image information updated.";
}
+
echo " [ <a href='editphoto.php?ID=".$_GET['ID']."&PHOTO=".$_GET['PHOTO']."'>Manage</a> ]<br><br>";
die(include($footer));
+
}
+ // Delete file information from the database upon request
if(ISSET($_POST['deleteall'])){
mysql_query("DELETE FROM ofirst_photogallery_image WHERE Gallery = '".$_GET['ID']."' AND Image = '".$_GET['PHOTO']."'");
***************
*** 96,105 ****
<h2>Edit Gallery</h2>
<p><em><?php echo $gallery->GalleryName; ?> Options - </em><a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit</a>
! | <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a> |
! <a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a> |
! <a href="edit.php?DELETE=<?php echo $_GET['ID']; ?>">Delete Gallery</a> (Must be empty to perform operation)</p>
<p align="center"><img src="../gallery/<?php echo $gallery->GalleryName; ?>/<?php echo $_GET['PHOTO']; ?>" width="300" height="225"><br>
! <br>
! [ <a href="makethumb.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $_GET['PHOTO']; ?>">Make Thumbnail</a> ]</p>
<form action='editphoto.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $_GET['PHOTO']; ?>' method='POST'>
<table width="456" align="center">
--- 106,114 ----
<h2>Edit Gallery</h2>
<p><em><?php echo $gallery->GalleryName; ?> Options - </em><a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit</a>
! | <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a>
! | <a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a>
! | <a href="edit.php?DELETE=<?php echo $_GET['ID']; ?>">Delete Gallery</a> (Must be empty to perform operation)</p>
<p align="center"><img src="../gallery/<?php echo $gallery->GalleryName; ?>/<?php echo $_GET['PHOTO']; ?>" width="300" height="225"><br>
! <br>[ <a href="makethumb.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $_GET['PHOTO']; ?>">Make Thumbnail</a> ]</p>
<form action='editphoto.php?ID=<?php echo $_GET['ID']; ?>&PHOTO=<?php echo $_GET['PHOTO']; ?>' method='POST'>
<table width="456" align="center">
***************
*** 159,163 ****
</table>
</form><br><br>
! <?php
! include($footer);
! ?>
--- 168,170 ----
</table>
</form><br><br>
! <?php include($footer); ?>
Index: galleryglobals.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/galleryglobals.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** galleryglobals.php 20 Aug 2003 16:54:21 -0000 1.1
--- galleryglobals.php 22 Aug 2003 14:58:04 -0000 1.2
***************
*** 27,43 ****
*/
! // Declare gallery location compared to galleryglobals.php
! $gallerydir = "gallery/";
! //Declare image types allowed for uploading/previewing
! $imgtypes = "gif,jpg,peg,png,bmp"; // Note that any extensions that you have beyond
// 4 characters must be added to this variable
// only as the last three digits. ie. jpeg = peg
! // Declare maximum execution time for the galleries
! $gallery_execution_time = "1200";
! // Declare SMTP to use when sending photo's by e-mail
! $SMTP = "smtp.localhost.com";
?>
--- 27,43 ----
*/
! // Declare gallery location compared to galleryglobals.php
! $gallerydir = "gallery/";
! //Declare image types allowed for uploading/previewing
! $imgtypes = "gif,jpg,peg,png,bmp"; // Note that any extensions that you have beyond
// 4 characters must be added to this variable
// only as the last three digits. ie. jpeg = peg
! // Declare maximum execution time for the galleries
! $gallery_execution_time = "1200";
! // Declare SMTP to use when sending photo's by e-mail
! $SMTP = "smtp.localhost.com";
?>
Index: index.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/index.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** index.php 21 Aug 2003 17:53:12 -0000 1.3
--- index.php 22 Aug 2003 14:58:04 -0000 1.4
***************
*** 32,35 ****
--- 32,36 ----
include("galleryglobals.php");
+ // Check if user is an admin then allow processes
if(! ISSET($user->user)){
showlogin();
***************
*** 39,53 ****
?>
<h2>Gallery Manager</h2>
! Here is a list of current galleries installed on our website.
! <p align="center">
<table width="633" align="center">
<tr>
! <th valign="top"> <div align="center"> </div></td>
!
<th><strong>Gallery Name</strong></th>
<th><strong>Description</strong></th>
<th> <div align="left"><strong>Option</strong></div></th>
</tr>
! <?php
// Retrieve galleries from database and list them accordingly
--- 40,52 ----
?>
<h2>Gallery Manager</h2>
! Here is a list of current galleries installed on our website.<br>
<table width="633" align="center">
<tr>
! <th valign="top"><div align="center"></div></th>
<th><strong>Gallery Name</strong></th>
<th><strong>Description</strong></th>
<th> <div align="left"><strong>Option</strong></div></th>
</tr>
! <?php
// Retrieve galleries from database and list them accordingly
***************
*** 64,72 ****
[ <a href="edit.php?DELETE=<?php echo $gallery->ID; ?>">Delete</a> ]</td>
</tr>
! <?php
}
if (mysql_num_rows($query) == 0){
! echo "<tr><td>--</td><td><br>There are no galleries uploaded<br><br></td>";
}
--- 63,73 ----
[ <a href="edit.php?DELETE=<?php echo $gallery->ID; ?>">Delete</a> ]</td>
</tr>
! <?php
!
}
+ // If there are no values then preview an error
if (mysql_num_rows($query) == 0){
! echo "\n <tr>\n <td> </td>\n <td><br>There are no galleries uploaded<br><br></td>\n";
}
***************
*** 75,79 ****
<br></p>
<p align="center"> </p>
! <?php
! include($footer);
! ?>
--- 76,78 ----
<br></p>
<p align="center"> </p>
! <?php include($footer); ?>
Index: newgallery.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/newgallery.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** newgallery.php 21 Aug 2003 17:53:12 -0000 1.3
--- newgallery.php 22 Aug 2003 14:58:04 -0000 1.4
***************
*** 82,86 ****
</table>
</form>
! <?php
! include($footer);
! ?>
--- 82,84 ----
</table>
</form>
! <?php include($footer); ?>
Index: upload.php
===================================================================
RCS file: /cvsroot/openfirst/photogallery/admin/upload.php,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -d -r1.5 -r1.6
*** upload.php 21 Aug 2003 18:04:13 -0000 1.5
--- upload.php 22 Aug 2003 14:58:04 -0000 1.6
***************
*** 32,35 ****
--- 32,36 ----
include("galleryglobals.php");
+ // Check if user is an admin then allow processes
if(! ISSET($user->user)){
showlogin();
***************
*** 43,60 ****
if(ISSET($_POST['upload'])){
! ini_set("max_execution_time",$gallery_execution_time);
! $dirlocate = "../".$gallerydir.$gallery->GalleryName;
!
! $imgtypes .= ",txt";
! $imgtypes = explode(",",$imgtypes);
! for ($num=1;$num<=$_POST['NUM_UPLOADS'];$num++){
!
! // If upload field is empty then exit the particular loop
! if (! $_FILES['upload'.$num]['name'] == ""){
! $continue = false;
// NOTE: The change to uppercase in the if statement helps remove errors
--- 44,59 ----
if(ISSET($_POST['upload'])){
! ini_set("max_execution_time",$gallery_execution_time);
! $dirlocate = "../".$gallerydir.$gallery->GalleryName;
! $imgtypes .= ",txt";
! $imgtypes = explode(",",$imgtypes);
! for ($num=1;$num<=$_POST['NUM_UPLOADS'];$num++){
! // If upload field is empty then exit the particular loop
! if (! $_FILES['upload'.$num]['name'] == ""){
! $continue = false;
// NOTE: The change to uppercase in the if statement helps remove errors
***************
*** 74,79 ****
continue;
}
!
!
copy($_FILES['upload'.$num]['tmp_name'], $dirlocate."/".$_FILES['upload'.$num]['name']) or $error = true;
echo "<center><br>".$_FILES['upload'.$num]['name']." - ".$_FILES['upload'.$num]['size']." - ".$_FILES['upload'.$num]['type']." - ";
--- 73,78 ----
continue;
}
!
! // Copy files to the proper directory
copy($_FILES['upload'.$num]['tmp_name'], $dirlocate."/".$_FILES['upload'.$num]['name']) or $error = true;
echo "<center><br>".$_FILES['upload'.$num]['name']." - ".$_FILES['upload'.$num]['size']." - ".$_FILES['upload'.$num]['type']." - ";
***************
*** 97,102 ****
?>
<h2>Upload to Gallery</h2>
! <p><em><?php echo $gallery->GalleryName; ?> Options - </em><a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit
! </a> <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a>
<a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a> </p>
<p align="center">Current Files Allowed: <?php echo $imgtypes; ?></p>
--- 96,100 ----
?>
<h2>Upload to Gallery</h2>
! <p><em><?php echo $gallery->GalleryName; ?> Options - </em><a href="edit.php?ID=<?php echo $_GET['ID']; ?>">Edit </a> <a href="upload.php?ID=<?php echo $_GET['ID']; ?>">Upload Photos</a>
<a href="cleargallery.php?ID=<?php echo $_GET['ID']; ?>">Clear Gallery</a> </p>
<p align="center">Current Files Allowed: <?php echo $imgtypes; ?></p>
***************
*** 113,121 ****
echo $n.". <input type='file' name='upload".$n."' size='29'><br>\n";
}
?>
<br>
<input name="upload" type="submit" value="Upload To Gallery">
</form>
! <?php
! include($footer);
! ?>
--- 111,118 ----
echo $n.". <input type='file' name='upload".$n."' size='29'><br>\n";
}
+
?>
<br>
<input name="upload" type="submit" value="Upload To Gallery">
</form>
! <?php include($footer); ?>
|
