Context Navigation

action.php

Revision 90, 3.5 kB (checked in by daniel, 4 months ago)
Fixed: Edit tag action
Property svn:keywords set to `Id`

Line
1	<?php
2	/**
3	* @package img.pew.cc
4	* @author Daniel Triendl <daniel@pew.cc>
5	* @version $Id$
6	* @license http://opensource.org/licenses/agpl-v3.html
7	*/
8
9	/**
10	* img.pew.cc Image Hosting
11	* Copyright (C) 2009-2010 Daniel Triendl <daniel@pew.cc>
12	*
13	* This program is free software: you can redistribute it and/or modify
14	* it under the terms of the GNU Affero General Public License as
15	* published by the Free Software Foundation, either version 3 of the
16	* License, or (at your option) any later version.
17	*
18	* This program is distributed in the hope that it will be useful,
19	* but WITHOUT ANY WARRANTY; without even the implied warranty of
20	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21	* GNU Affero General Public License for more details.
22	*
23	* You should have received a copy of the GNU Affero General Public License
24	* along with this program. If not, see <http://www.gnu.org/licenses/>.
25	*/
26
27	require_once('lib/init.php');
28
29	if (!isLogin()) errorMsg('Not logged in.');
30
31	$db = new sqlite('lib/db.sqlite');
32
33	if (!isset($_GET['image'])) errorMsg('Image not found.');
34	$res = $db->query("SELECT ROWID as id, user, location FROM images WHERE ROWID = '" . $db->escape(urlnumber_decode($_GET['image'])) . "';");
35	if (!$db->numrows($res)) errorMsg("Image not found.");
36	$row = $db->fetch($res);
37	if ($row['user'] != $_SESSION['openid_identity'] && !isAdmin()) errorMsg('Permission denied.');
38
39	switch (@$_GET['type']) {
40	case 'image':
41	switch (@$_GET['action']) {
42	case 'delete':
43	$db->exec("BEGIN;
44	DELETE FROM images WHERE ROWID = '" . $row['id'] . "';
45	UPDATE tags SET count = count - 1 WHERE ROWID IN (SELECT tag FROM imagetags WHERE image = '" . $row['id'] . "');
46	DELETE FROM tags WHERE count < 1;
47	DELETE FROM imagetags WHERE image = '" . $row['id'] . "';
48	COMMIT;");
49	unlink_safe($row['location']);
50	unlink_safe(dirname($row['location']) . '/preview/' . basename($row['location']));
51	errorMsg('Image deleted.', url());
52	break;
53	default:
54	errorMsg('No action set.');
55	break;
56	}
57	break;
58	case 'tags':
59	switch (@$_GET['action']) {
60	case 'edit':
61	if (isset($_POST['tags'])) {
62	$sql = "BEGIN;
63	UPDATE tags SET count = count - 1 WHERE ROWID IN (SELECT tag FROM imagetags WHERE image = '" . $row['id'] . "');
64	DELETE FROM imagetags WHERE image = '" . $row['id'] . "';\n";
65
66	$tags = explode(',', $_POST['tags']);
67	for ($i = 0; $i < count($tags); $i++) {
68	$tags[$i] = trim($tags[$i]);
69	}
70	$tags = array_unique($tags);
71	foreach ($tags as $tag) {
72	if (empty($tag)) continue;
73	// check if the tag already exists
74	$row2 = $db->fetch($db->query("SELECT ROWID as id FROM tags WHERE tag = '" . $db->escape(strtolower($tag)) . "'"));
75	if (!$row2) {
76	$db->exec("INSERT INTO tags (tag, text) VALUES ('" . $db->escape(strtolower($tag)) . "', '" . $db->escape($tag) . "');");
77	$row2 = $db->fetch($db->query("SELECT last_insert_rowid() as id;"));
78	}
79	// Save the tag for this image and update tag counter
80	$sql .= "INSERT INTO imagetags (image, tag) VALUES('" . $row['id'] . "', '" . $row2['id'] . "');\n";
81	$sql .= "UPDATE tags SET count = count + 1 WHERE ROWID = '" . $row2['id'] . "';\n";
82	}
83	$sql .= "DELETE FROM tags WHERE count < 1;\n";
84	$sql .= "COMMIT;";
85	$db->exec($sql);
86	header('Location: ' . url() . 'image.php?i=' . urlnumber_encode($row['id']));
87	errorMsg('Tags edited.', 'image.php?i=' . urlnumber_encode($row['id']));
88	}
89	break;
90	default:
91	errorMsg('No action set.');
92	break;
93	}
94	break;
95	default:
96	errorMsg('No action type set.');
97	break;
98	}
99
100	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/img/trunk/action.php

Download in other formats: