isgalleryowner($ds['galleryID'], $userID)) AND $_POST['picID']) {
safe_query("UPDATE ".PREFIX."gallery_pictures SET name='".$_POST['name']."', comment='".$_POST['comment']."' WHERE picID='".$_POST['picID']."'");
if($_POST['reset']) safe_query("UPDATE ".PREFIX."gallery_pictures SET views='0' WHERE picID='".$_POST['picID']."'");
} else redirect('index.php?site=gallery','No picture set.');
redirect('index.php?site=gallery&picID='.$_POST['picID'],'',0);
}
elseif($_GET['action'] == "edit") {
if($_GET['id']) {
$ds = mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."gallery_pictures WHERE picID='".$_GET['id']."'"));
$picID = $_GET['id'];
eval ("\$gallery = \"".gettemplate("gallery_edit")."\";");
echo $gallery;
} else redirect('index.php?site=gallery','No picture set.');
}
elseif($_GET['action'] == "delete") {
include('_mysql.php');
include('_settings.php');
include('_functions.php');
$galclass = new Gallery;
$ds=mysql_fetch_array(safe_query("SELECT galleryID FROM ".PREFIX."gallery_pictures WHERE picID='".$_GET['id']."'"));
if((isgalleryadmin($userID) OR $galclass->isgalleryowner($ds['galleryID'], $userID)) AND $_GET['id']) {
$ds = mysql_fetch_array(safe_query("SELECT galleryID FROM ".PREFIX."gallery_pictures WHERE picID='".$_GET['id']."'"));
//delete thumb
@unlink($dir.'thumb/'.$_GET['id'].'.jpg');
//delete original
if(file_exists($dir.'large/'.$_GET['id'].'.jpg')) @unlink($dir.'large/'.$_GET['id'].'.jpg');
else @unlink($dir.'large/'.$_GET['id'].'.gif');
//delete database entry
safe_query("DELETE FROM ".PREFIX."gallery_pictures WHERE picID='".$_GET['id']."'");
safe_query("DELETE FROM ".PREFIX."comments WHERE parentID='".$_GET['id']."' AND type='ga'");
}
redirect('index.php?site=gallery&galleryID='.$ds[galleryID],'',0);
}
elseif($_GET['action'] == "diashow" OR $_GET['action'] == "window") {
include('_mysql.php');
include('_settings.php');
include('_functions.php');
if(!$_GET['picID']) {
$result = mysql_fetch_array(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$_GET['galleryID']."' ORDER BY picID ASC LIMIT 0,1"));
$picID = $result[picID];
} else $picID = $_GET['picID'];
//get name+comment
$ds = mysql_fetch_array(safe_query("SELECT name, comment FROM ".PREFIX."gallery_pictures WHERE picID=".$picID.""));
echo '
webSPELL Diashow: '.$ds[name].' ';
//get next
$browse=mysql_fetch_array(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$_GET['galleryID']."' AND picID>".$picID." ORDER BY picID ASC LIMIT 0,1"));
if($browse[picID] AND $_GET['action'] == "diashow") echo ' ';
echo '';
if($_GET['action'] == "diashow") {
if($browse[picID]) {
echo '';
safe_query("UPDATE ".PREFIX."gallery_pictures SET views=views+1 WHERE picID='".$picID."'");
}
} else echo ' ';
//output image
echo ''.cleartext($ds[comment], false).' ';
if($browse[picID] OR $_GET['action'] == "window") echo ' ';
echo ' ';
}
elseif($_GET['picID']) {
$galclass = new Gallery;
eval ("\$gallery = \"".gettemplate("title_gallery")."\";");
echo $gallery;
safe_query("UPDATE ".PREFIX."gallery_pictures SET views=views+1 WHERE picID='".$_GET['picID']."'");
$ds=mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."gallery_pictures WHERE picID='".$_GET['picID']."'"));
$picturename = clearfromtags($ds[name]);
$picID = $ds[picID];
$picture=$galclass->getlargefile($picID);
$picinfo = getimagesize($picture);
$xsize=$picinfo[0];
$ysize=$picinfo[1];
$xwindowsize=$xsize+30;
$ywindowsize=$ysize+30;
$comment = cleartext($ds[comment], false);
$views = $ds[views];
if($xsize>$picsize_l) $width='width="'.$picsize_l.'"';
else $width='width="'.$xsize.'"';
$filesize = round(filesize($picture)/1024,1);
//next picture
$browse=mysql_fetch_array(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$ds[galleryID]."' AND picID>".$ds[picID]." ORDER BY picID ASC LIMIT 0,1"));
if($browse[picID]) $forward = 'Next ';
$browse=mysql_fetch_array(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$ds[galleryID]."' AND picID<".$ds[picID]." ORDER BY picID DESC LIMIT 0,1"));
if($browse[picID]) $backward = 'Back ';
//rateform
if($loggedin) {
$getgallery=safe_query("SELECT gallery_pictures FROM ".PREFIX."user WHERE userID='".$userID."'");
$found=false;
if(mysql_num_rows($getgallery)) {
$ga=mysql_fetch_array($getgallery);
if($ga[gallery_pictures]!="") {
$string=$ga[gallery_pictures];
$array=explode(":", $string);
$anzarray=count($array);
for($i=0; $i<$anzarray; $i++) {
if($array[$i]==$_GET['picID']) $found=true;
}
}
}
if($found) $rateform="You have already rated. ";
else $rateform='';
} else $rateform = 'Rate: You have to register or login! ';
$votes=$ds[votes];
unset($ratingpic);
$ratings=array(0,0,0,0,0,0,0,0,0,0);
for($i=0; $i<$ds[rating]; $i++) {
$ratings[$i]=1;
}
$ratingpic=' ';
foreach($ratings as $pic) {
$ratingpic.=' ';
}
//admin
if((isgalleryadmin($userID) AND $publicadmin) OR $galclass->isgalleryowner($ds['galleryID'],$userID)) {
$adminaction = ' ';
}
//group+gallery
$gallery = ''.$galclass->getgalleryname($_GET['picID']).' ';
if($galclass->getgroupid_by_gallery($ds[galleryID])) $group = ''.$galclass->getgroupname($galclass->getgroupid_by_gallery($ds[galleryID])).' ';
else $group = ''.getnickname($galclass->getgalleryowner($ds[galleryID])).' ';
eval ("\$gallery = \"".gettemplate("gallery_comments")."\";");
echo $gallery;
//comments
$comments_allowed = $ds[comments];
$parentID = $ds[picID];
$type = "ga";
$referer = "index.php?site=gallery&picID=".$ds[picID];
include("comments.php");
}
elseif($_GET['galleryID']) {
$galclass = new Gallery;
eval ("\$gallery = \"".gettemplate("title_gallery")."\";");
echo $gallery;
$ds=mysql_fetch_array(safe_query("SELECT name FROM ".PREFIX."gallery WHERE galleryID='".$_GET['galleryID']."'"));
$title = clearfromtags($ds[name]);
$pics = mysql_num_rows(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$_GET['galleryID']."'"));
$pages = ceil($pics/$gallerypictures);
$gallery[galleryID]=$_GET['galleryID'];
if($galclass->getgroupid_by_gallery($_GET['galleryID'])) $group = ''.$galclass->getgroupname($galclass->getgroupid_by_gallery($_GET['galleryID'])).' ';
else $group = ''.getnickname($galclass->getgalleryowner($_GET['galleryID'])).' ';
if(!$_GET['page']) $page = 1;
else $page = $_GET['page'];
if($pages>1) $pagelink = makepagelink("index.php?site=gallery&galleryID=".$_GET['galleryID'], $page, $pages);
else $pagelink = ' page 1 of 1 ';
eval ("\$gallery = \"".gettemplate("gallery_gallery_head")."\";");
echo $gallery;
if ($page == "1") {
$ergebnis = safe_query("SELECT * FROM ".PREFIX."gallery_pictures WHERE galleryID='".$_GET['galleryID']."' ORDER BY picID LIMIT 0,$gallerypictures");
}
else {
$start=$page*$gallerypictures-$gallerypictures;
$ergebnis = safe_query("SELECT * FROM ".PREFIX."gallery_pictures WHERE galleryID='".$_GET['galleryID']."' ORDER BY picID LIMIT $start,$gallerypictures");
}
echo '';
$i=1;
$percent=100/$pics_per_row;
while($pic = mysql_fetch_array($ergebnis)) {
if($i%2) $bg=BG_2;
else $bg=BG_1;
$pic[pic] = $dir.'thumb/'.$pic[picID].'.jpg';
if(!file_exists($pic[pic])) $pic[pic] = 'images/nopic.gif';
$pic[name] = clearfromtags($pic[name]);
$pic[comment] = cleartext($pic[comment], false);
$pic[comments] = mysql_num_rows(safe_query("SELECT commentID FROM ".PREFIX."comments WHERE parentID='".$pic[picID]."' AND type='ga'"));
eval ("\$gallery = \"".gettemplate("gallery_showlist")."\";");
echo $gallery;
if($pics_per_row>1) {
if(($i-1)%$pics_per_row) echo ' '; }
else echo ' ';
$i++;
}
if(!($i%2)) echo ' ';
echo ' ';
eval ("\$gallery = \"".gettemplate("gallery_gallery_foot")."\";");
echo $gallery;
}
elseif($_GET['groupID']) {
$galclass = new Gallery;
eval ("\$gallery = \"".gettemplate("title_gallery")."\";");
echo $gallery;
$galleries = mysql_num_rows(safe_query("SELECT galleryID FROM ".PREFIX."gallery WHERE groupID='".$_GET['groupID']."'"));
$pages = ceil($galleries/$gallerypictures);
if(!$_GET['page']) $page = 1;
else $page = $_GET['page'];
if($pages>1) $pagelink = makepagelink("index.php?site=gallery&groupID=".$_GET['groupID'], $page, $pages);
else $pagelink = ' page 1 of 1 ';
$group = $galclass->getgroupname($_GET['groupID']);
eval ("\$gallery = \"".gettemplate("gallery_group_head")."\";");
echo $gallery;
if ($page == "1") {
$ergebnis = safe_query("SELECT * FROM ".PREFIX."gallery WHERE groupID='".$_GET['groupID']."' ORDER BY galleryID DESC LIMIT 0,$gallerypictures");
}
else {
$start=$page*$gallerypictures-$gallerypictures;
$ergebnis = safe_query("SELECT * FROM ".PREFIX."gallery WHERE groupID='".$_GET['groupID']."' ORDER BY galleryID DESC LIMIT $start,$gallerypictures");
}
echo '';
$i=1;
while($gallery = mysql_fetch_array($ergebnis)) {
if($i%2) $bg=BG_2;
else BG_1;
$gallery[picID] = $galclass->randompic($gallery[galleryID]);
$gallery[pic] = $dir.'thumb/'.$gallery[picID].'.jpg';
$gallery[pics] = mysql_num_rows(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$gallery[galleryID]."'"));
$gallery[date] = date("d.m.Y - H:i",$gallery[date]);
if(!file_exists($gallery[pic])) $gallery[pic] = 'images/nopic.gif';
eval ("\$gallery = \"".gettemplate("gallery_showlist_group")."\";");
echo $gallery;
if($galleries_per_row>1) { if(($i-1)%$galleries_per_row) echo ' '; }
else echo ' ';
$i++;
}
if(!($i%2)) echo ' ';
echo ' ';
eval ("\$gallery = \"".gettemplate("gallery_group_foot")."\";");
echo $gallery;
}
else {
$galclass = new Gallery;
eval ("\$gallery = \"".gettemplate("title_gallery")."\";");
echo $gallery;
//latest gallery
$ds = mysql_fetch_array(safe_query("SELECT galleryID FROM ".PREFIX."gallery WHERE userID='0' ORDER BY galleryID DESC LIMIT 0,1"));
$latest = $galclass->showthumb($galclass->randompic($ds[galleryID]));
//random
$random = $galclass->showthumb($galclass->randompic());
//top comments
$ds = mysql_fetch_array(safe_query("SELECT parentID, COUNT(parentID) as max FROM ".PREFIX."comments WHERE type='ga' GROUP BY parentID ORDER BY max DESC LIMIT 0, 1"));
if(!$ds[parentID]) $ds[parentID] = $galclass->randompic();
$most_comments = $galclass->showthumb($ds[parentID]);
eval ("\$gallery = \"".gettemplate("gallery_content_head")."\";");
echo $gallery;
$ergebnis = safe_query("SELECT * FROM ".PREFIX."gallery_groups ORDER BY sort");
while($ds=mysql_fetch_array($ergebnis)) {
$title=''.$ds[name].' ';
$groupID=$ds[groupID];
$gallerys=mysql_num_rows(safe_query("SELECT galleryID FROM ".PREFIX."gallery WHERE groupID='".$ds[groupID]."'"));
$pics=mysql_num_rows(safe_query("SELECT picID FROM ".PREFIX."gallery as gal, ".PREFIX."gallery_pictures as pic WHERE gal.groupID='".$ds[groupID]."' AND gal.galleryID=pic.galleryID"));
eval ("\$gallery_groups = \"".gettemplate("gallery_content_categorys_head")."\";");
echo $gallery_groups;
$bg=BG_1;
$gallery = mysql_fetch_array(safe_query("SELECT * FROM ".PREFIX."gallery WHERE groupID='".$ds[groupID]."' ORDER BY galleryID DESC LIMIT 0,1"));
$gallery[picture]=$galclass->randompic($gallery[galleryID]);
$gallery[date]=date('d.m.Y',$gallery[date]);
$gallery[count]=mysql_num_rows(safe_query("SELECT picID FROM ".PREFIX."gallery_pictures WHERE galleryID='".$gallery[galleryID]."'"));
if($gallery[count]) {
eval ("\$gallery_groups = \"".gettemplate("gallery_content_showlist")."\";");
echo $gallery_groups;
} else echo 'No gallery exists! ';
eval ("\$gallery_groups = \"".gettemplate("gallery_content_categorys_foot")."\";");
echo $gallery_groups;
}
}
?>