84 lines
3.3 KiB
PHP
84 lines
3.3 KiB
PHP
<?php
|
|
|
|
// Copyright (C) 2002-2006 Balint Kis (balint@k-i-s.net)
|
|
// Copyright (C) 2005-2013 Solomon Peachy (pizza@shaftnet.org)
|
|
|
|
// This program is free software; you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation; either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
|
|
// This program is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with this program; if not, write to the Free Software
|
|
// Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
include_once "include/config.php";
|
|
include_once "include/site.php";
|
|
|
|
$database = site_prolog(PO_USER_TYPE_CLIENT);
|
|
|
|
$album_caption = pg_escape_string($database, $_REQUEST['album_caption']);
|
|
$album_description = pg_escape_string($database, $_REQUEST['album_description']);
|
|
$album_access_rights = pg_escape_string($database, $_REQUEST['album_access_rights']);
|
|
$parent_album = pg_escape_string($database, $_REQUEST['parent']);
|
|
$password = pg_escape_string($database, $_REQUEST['password']);
|
|
$spool_seed = pg_escape_string($database, $_REQUEST['spool_seed']);
|
|
$orderby = pg_escape_string($database, $_REQUEST['order_by']);
|
|
$event = pg_escape_string($database, $_REQUEST['event']);
|
|
if ($event != "null") $event = "'$event'";
|
|
|
|
$go = TRUE;
|
|
|
|
if ($parent_album != "null") {
|
|
if ($po_user['type'] != PO_USER_TYPE_ADMIN) {
|
|
$result = pg_query($database, "select identifier from album where identifier=$parent_album and users = $po_user[id]");
|
|
if (pg_num_rows($result) <= 0) {
|
|
site_push_error($strings['errors_not_owner']);
|
|
$go = FALSE;
|
|
}
|
|
}
|
|
}
|
|
|
|
if (($album_caption == 'Spool') || ($album_caption == '')) {
|
|
site_push_error($strings['errors_illegal_name']);
|
|
$go = FALSE;
|
|
}
|
|
|
|
if ($go) {
|
|
$album_id = pg_fetch_row(pg_query($database, "select nextval('album_id_sequence')"));
|
|
|
|
$result = pg_query($database, "insert into album (identifier, users, caption, description, access_rights, parent_album, password, event, orderby)
|
|
values ($album_id[0], '$po_user[id]', '$album_caption', '$album_description', '$album_access_rights', $parent_album, '$password', $event, $orderby)");
|
|
|
|
if ($result && ($spool_seed === 't'))
|
|
$result = pg_query($database, "insert into album_content(album, photo, version) (select $album_id[0] as album, ac2.photo, ac2.version from album_content ac2 where ac2.album = $po_user[spool_album])");
|
|
}
|
|
|
|
if ($result) {
|
|
pg_query($database, "commit");
|
|
if ($memcache) {
|
|
po_log("memcache: delete allalbum.$po_user[id]", PEAR_LOG_DEBUG);
|
|
$memcache->delete("allalbum.$po_user[id]");
|
|
}
|
|
} else {
|
|
pg_query($database, "rollback");
|
|
site_push_error($strings['errors_db_insert_failed']);
|
|
}
|
|
|
|
site_epilog($database);
|
|
|
|
if (isset($_REQUEST['return'])) {
|
|
header("Location: $_REQUEST[return]");
|
|
} elseif ($parent_album == "null") {
|
|
header("Location: ".generate_link('user', $po_user['id'], array(), TRUE));
|
|
} else {
|
|
header("Location: ".generate_link('album', $parent_album, array(), TRUE));
|
|
}
|
|
|
|
?>
|