Jump to content

need help with multiple file uploads


nerdynewf

Recommended Posts

I have a website, that I inherited at work, using a custom built CMS allowing users to login to an admin section and make changes including creating image galleries and uploading images. The trouble is that it will only upload one image at a time, and I would like to change it to allow to upload multiple images. I am still learning php and not sure what I am doing wrong. How can I get this code to allow multiple files to be uploaded? 

<?php
/****************************************************************************
NLBIA Gallery Module
Revised February 24th 2006
V1.0
Revised February 27th 2006
	- Added sid
	- Fixed the dynamic table generation
*****************************************************************************/
$docroot = "../";
$modulesDir = $docroot."modules/";
$moduleDir = "Gallery/";
$moduleName = "Gallery";
$username = $_SESSION['usersession'];

// Figure out the user type 
$utidresult = mysql_query("SELECT utid FROM users WHERE username='$username'"); 
$utid = mysql_result($utidresult,0,"utid");

$typeresult = mysql_query("SELECT * FROM usertype WHERE utid=$utid"); 
$userType = mysql_result($typeresult,0,"type");

//check for type, if "Super" display all. 
    IF ($userType!="Super"){
	$checkQuery = "select * from userRights WHERE userid='$userid' AND module='$moduleName'";
	$checkResult = mysql_query($checkQuery, $connection) or die("Query failed : " . mysql_error());
	$access = ( mysql_num_rows($checkResult) > 0 ? 1 : 0 ); 
	}
	ELSE{
	$access=1;
	}

if((($_SESSION['loggedin'])==yes)&&($access=='1')) {

$do = $_GET["do"];
$urlString=$_SERVER['QUERY_STRING'];
$exUrl = explode("&", $urlString);
$subUrl = $exUrl[0];
$tableName = "gallery";


//Variables for the gallery
$itemsPerRow = 3;
$picsPerPage = 9;
$itemCount = 0;
$totalCount = 0;
$tdWidth = 125;
$trHeight = 100;


error_reporting(E_ERROR | E_PARSE);

$uploaddir = $modulesDir.$moduleDir."galleryimages/"; // Directory to store the main images
$uploadTHdir = $modulesDir.$moduleDir."gallerythumbs/"; // Directory to store the thumbnails

$curpage = $_GET['curpage'];

echo "<span class=\"adminHeader\">Image Gallery Administration</span><br /><br />";

IF ($do == "addImage") {

echo "<span class=\"actionHead\">Add an Image</span><br /><br />";

$page=$_GET['page'];

$descriptionPost = addslashes($_POST['description']);
$albumPost = addslashes($_POST['album']);
$image = $_FILES['theImage']['name'];

if($page=="submit"){$error = chkGalleryElements($image,$albumPost,$descriptionPost);}

	IF (($page=="submit")&&($error=="5")){

	$maxfilesize = 5000000;

	$query = "SELECT MAX(iid) FROM gallery";
	$result=mysql_query($query, $connection) or die("Query failed : " . mysql_error());
	$maxImageId = max(mysql_fetch_array($result)); 
	IF ($maxImageId==null){
	$maxImageId=0;
	}
	
	$imageName = $maxImageId + 1;

	$uploadfile = "$uploaddir$imageName.jpg";
	$uploadTHfile = $uploadTHdir."th_".$imageName.".jpg";
	$uploadsize = $_FILES['theImage']['size'];
						
	/*== get file extension (fn at bottom of script) ==*/
	/*== checks to see if image file, if not do not allow upload ==*/
	
	$pext = getFileExtension($image);
	$pext = strtolower($pext);
	if (($pext != "jpg")  && ($pext != "jpeg")) {
		print "<h1>ERROR</h1> The file you uploaded had the following extension: $pext.<br>";
		print "<p>Please upload an image with the extension .jpg or .jpeg ONLY.<br><br>";
		
		echo "<br /><br /><a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
		
	} elseif ($maxfilesize <= $uploadsize){
		echo "The image that you have uploaded is too big.  The system will accomodate any images up to 5MB and resize them to ensure optimal browsing.  If your file is larger than this, please resize the image.";
		echo "<br /><br /><a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	} else {
		if (move_uploaded_file($_FILES['theImage']['tmp_name'], $uploadfile)) {
			
			// The file
			$filename = $uploadfile;
			$desiredwidth = 390;
			$desiredthumb_width = 150;
			
			// Get new dimensions
			list($width, $height) = getimagesize($filename);
			IF ($width > 390){
			$new_width = $desiredwidth;
			$new_height = $desiredwidth/$width * $height;
			}
			ELSE{
			$new_width = $width;
			$new_height = $height;
			}
			
			IF ($width > 150){
			$new_thumb_width = $desiredthumb_width;
			$new_thumb_height = $desiredthumb_width/$width * $height;
			}
			ELSE{
			$new_thumb_width = $width;
			$new_thumb_height = $height;
			}
			
			// Resample
			$image_p = imagecreatetruecolor($new_width, $new_height);
			$image = imagecreatefromjpeg($filename);
			imagecopyresampled($image_p, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
			
			$image_t = imagecreatetruecolor($new_thumb_width, $new_thumb_height);
			$imagethumb = imagecreatefromjpeg($filename);
			imagecopyresampled($image_t, $imagethumb, 0, 0, 0, 0, $new_thumb_width, $new_thumb_height, $width, $height);
			
			// Output
			imagejpeg($image_p, "$uploadfile", 100);
			imagejpeg($image_t, "$uploadTHfile", 100);
			
			$query = "INSERT INTO gallery VALUES ('','$imageName','$descriptionPost','$albumPost')";
			mysql_query($query, $connection) or die("Query failed : " . mysql_error());
						
			echo "Thank-you image has been added to the gallery.<br /><br />";
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			} 
			else {
				echo "File upload is not valid.  Check permissions or contact the system administrator.";
				echo "<br /><br />";
				echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			}
		}
	} 	

	ELSE{
		//code to display the editor which replaces the textarea.
		  echo "<script type=\"text/javascript\" src=\""
          ."$docroot"
        ."editor/fckeditor.js\"></script>"
		."<script type=\"text/javascript\">"
 		."window.onload = function()"
 		."{"
 		."var oFCKeditor = new FCKeditor( 'description','','250','Default','' ) ;"
 		."oFCKeditor.BasePath	= '"
         ."$docroot"
        ."editor/' ;"
 		."oFCKeditor.ReplaceTextarea() ;"
 		."}"
 		."</script>";
 		//editor code end

		IF ($error==2){
		echo "<font color=\"red\">Please check to ensure that all fields have been filled.</font><br /><br />";
		$error==0;
		}
		
	echo "<table width=\"100%\">"
	     ."<form enctype=\"multipart/form-data\" action=\"default.php?$urlString&page=submit\"  method=\"POST\">"
					
			."<tr><td width=\"120\">"
			//<!-- Name of input element determines name in $_FILES array -->
			."<b>Choose Image: </b></td><td><input name=\"theImage\" type=\"file\" /></td></tr>"
			."<tr><td width=\"80\"><strong>Add to Album:</strong></td><td>"
			."<select name=\"album\" size=\"1\">"
			."<option selected";
		     	if (($albumPost!=null)||($albumPost!="")){
				echo "value=\"$albumPost\">";
				$albumNameQuery = "SELECT * from galleryalbum where aid=$albumPost";
				$albumNameResult = mysql_query($albumNameQuery, $connection) or die("Query failed : " . mysql_error());
				$albumName = mysql_result($albumNameResult,0,"aname");	
				echo stripslashes($albumName);
			}
			else{
				echo ">";
			}
			 echo "</option>";
			
				$query = "SELECT * FROM galleryalbum";
				$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
				$numrows = mysql_num_rows($result);
	
				for ($i = 0; $i < $numrows; $i++) {			
					$aname = mysql_result($result,$i,"aname");
					$aid = mysql_result($result,$i,"aid");
					
					echo "<option value=\"$aid\">";
					echo $aname;
					echo "</option>";
				}
				echo "</select>";
			echo "</td></tr>"
			
			."<tr><td colspan=\"2\" height=\"10\"></td></tr>"	
			."<tr><td colspan=\"2\"><b>Description:</b><br /></td></tr>"	
			."<tr><td colspan=\"2\" height=\"100\"><textarea name=\"description\" rows=\"8\" cols=\"75\">";
			if (($descriptionPost!=null)||($descriptionPost!="")){
				echo stripslashes($descriptionPost);
			}
			echo "</textarea></td></tr>"
			."<tr><td colspan=\"2\" height=\"10\"></td></tr>"	
						
			."<tr><td colspan=\"2\" height=\"10\">"
			."<input type=\"submit\" value=\"Submit\" />"
			."</td></tr>"
			."</form>"
			."</table>";
			
			echo "<br /><br /><a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	}
}

ELSEIF ($do=="modImage"){

$page=$_GET['page'];
$iid = $_GET['iid'];

$albumPost=addslashes($_POST['album']);
$imageName=addslashes(basename($_FILES['theImage']['name']));
$descriptionPost=addslashes($_POST['description']);

$maxfilesize = 5000000;
if ($page=="submit"){$error = chkModGalleryElements($albumPost,$descriptionPost);}
echo "<span class=\"actionHead\">Modify an Image</span>"
		."<br /><br />";

	IF (($page=="submit")&&($error==5)){
			$oldImageQuery = "SELECT * FROM gallery WHERE iid=$iid"; 
			$oldImageResult = mysql_query($oldImageQuery, $connection) or die("Query failed : " . mysql_error()); 
			$oldImageName = stripslashes(mysql_result($oldImageResult,0,"imageName"));
				
			IF ($imageName!=null){
			$uploadfile = $uploaddir.$oldImageName;
						
			$uploadfile = $uploaddir.$oldImageName.".jpg";
			$uploadTHfile = $uploadTHdir."th_".$oldImageName.".jpg";
			
			$image = $_FILES['theImage']['name'];
			$uploadsize = $_FILES['theImage']['size'];
					
			$pext = getFileExtension($image);
			$pext = strtolower($pext);
			if (($pext != "jpg")  && ($pext != "jpeg")) {
			print "<h1>ERROR</h1> The file you uploaded had the following extension: $pext.<br>";
			print "<p>Please upload an image with the extension .jpg or .jpeg ONLY.<br><br>";
			
			echo "<br /><br /><a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			
			} 
			elseif ($maxfilesize <= $uploadsize){
			echo "The image that you have uploaded is too big.  The system will accomodate any images up to 5MB and resize them to ensure optimal browsing.  If your file is larger than this, please resize the image.";
			echo "<br /><br /><a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			} 
			else {
					if (move_uploaded_file($_FILES['theImage']['tmp_name'], $uploadfile)) {
					
					//remove old image
					$filePath = $uploaddir . $oldImageName;
					unlink($filePath);
					$thFilePath = $uploadTHdir . "th_".$oldImageName;
					unlink($thFilePath);
					
					// The file
					$filename = $uploadfile;
					$desiredwidth = 390;
					$desiredthumb_width = 150;

					// Get new dimensions
					list($width, $height) = getimagesize($filename);
					IF ($width > 390){
					$new_width = $desiredwidth;
					$new_height = $desiredwidth/$width * $height;
					}
					ELSE{
					$new_width = $width;
					$new_height = $height;
					}
					
					IF ($width > 150){
					$new_thumb_width = $desiredthumb_width;
					$new_thumb_height = $desiredthumb_width/$width * $height;
					}
					ELSE{
					$new_thumb_width = $width;
					$new_thumb_height = $height;
					}
					
					// Resample
					$image_p = imagecreatetruecolor($new_width, $new_height);
					$image = imagecreatefromjpeg($filename);
					imagecopyresampled($image_p, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
					
					$image_t = imagecreatetruecolor($new_thumb_width, $new_thumb_height);
					$imagethumb = imagecreatefromjpeg($filename);
					imagecopyresampled($image_t, $imagethumb, 0, 0, 0, 0, $new_thumb_width, $new_thumb_height, $width, $height);
					
					// Output
					imagejpeg($image_p, "$uploadfile", 100);
					imagejpeg($image_t, "$uploadTHfile", 100);
			
					$query = "UPDATE gallery SET description='$descriptionPost', aid='$albumPost' WHERE iid='$iid'";
					$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
								
					echo "Thank you, the image has been modified.  This image can be further edited at any time from the Gallery section of the administration."
					."<br /><br />";
					
					echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
					
					} 
			
					else {
						echo "File upload is not valid.  Check permissions or contact the system administrator.";
						echo "<br /><br />";
						echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
					}
				}
			}	
			else {	
				$query = "UPDATE gallery SET description='$descriptionPost', aid='$albumPost' WHERE iid='$iid'";
				$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
							
				echo "Thank you, the image has been modified.  This image can be further edited at any time from the Gallery section of the administration."
		   		 ."<br /><br />";
				
				echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			}
	}

	ELSE {
		//code to display the editor which replaces the textarea.
		  echo "<script type=\"text/javascript\" src=\""
          ."$docroot"
        ."editor/fckeditor.js\"></script>"
		."<script type=\"text/javascript\">"
 		."window.onload = function()"
 		."{"
 		."var oFCKeditor = new FCKeditor( 'description','','250','Default','' ) ;"
 		."oFCKeditor.BasePath	= '"
         ."$docroot"
        ."editor/' ;"
 		."oFCKeditor.ReplaceTextarea() ;"
 		."}"
 		."</script>";
 		//editor code end
		
		$query = "SELECT * FROM gallery WHERE iid=$iid"; 
		$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error()); 
		$imageName = mysql_result($result,0,"imageName");
		$description = mysql_result($result,0,"description");
		$aid = mysql_result($result,0,"aid");
		
		IF ($error==2){
		echo "<font color=\"red\">Please check to ensure that all fields have been filled.</font><br /><br />";
		}
		
		echo "<form action=\"default.php?$subUrl&do=modImage&page=submit&iid=$iid\" method=\"post\" enctype=\"multipart/form-data\">"
		."<table width=\"100%\">"
		."<tr><td  valign=\"top\"><b>Current Image: </b></td><td><img src=\"$uploadTHdir"."th_"."$imageName.jpg\" border=0></td></tr>"
		."<tr><td width=\"150\"><b>Replace Image: </b></td><td><input name=\"theImage\" type=\"file\" /></td></tr>"
		."<tr><td><strong>Album:</strong></td><td>";
		
		
		IF (($albumPost!=null)||($albumPost!="")){
		$curAlbumQuery = "SELECT * FROM galleryalbum where aid=$albumPost";
		}
		ELSE{
		$curAlbumQuery = "SELECT * FROM galleryalbum where aid=$aid";
		}
		$curAlbumResult = mysql_query($curAlbumQuery, $connection) or die("Query failed : " . mysql_error());
		$curAname = mysql_result($curAlbumResult,0,"aname");
		$curAid = mysql_result($curAlbumResult,0,"aid");
		
		echo "<select name=\"album\" size=\"1\">";
	
			$imgAlbumQuery = "SELECT * FROM galleryalbum";
			$imgAlbumResult = mysql_query($imgAlbumQuery, $connection) or die("Query failed : " . mysql_error());
			$numrows = mysql_num_rows($imgAlbumResult);

			for ($i = 0; $i < $numrows; $i++) {			
				$listaname = mysql_result($imgAlbumResult,$i,"aname");
				$listaid = mysql_result($imgAlbumResult,$i,"aid");
				
				$sel = ( $curAid == $listaid ? " selected" : "" );

				echo "<option value=\"$listaid\" $sel>";
				echo $listaname;
				echo "</option>";
			}
			echo "</select>";
		echo "</td></tr>";

		
		echo "<tr><td colspan=\"2\" height=\"10\"></td></tr>"
		."<tr><td colspan=\"2\"><strong>Description:</strong></td></tr>"
		."<tr><td colspan=\"2\"><textarea name=\"description\" rows=\"10\" cols=\"75\">";
		if (($descriptionPost!=null)||($descriptionPost!="")){
			echo stripslashes($descriptionPost);
		}
		else {
			echo $description;
		}	
		echo "</textarea></td></tr>"
		."<tr><td colspan=\"2\"><input name=\"Submit\" value=\"Submit\" type=\"submit\"></td></tr></table>"
		."</form>";	
		echo "<br />";
		echo "<a href=\"default.php?$subUrl&do=viewAlbum&aid=$aid#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	}
}

ELSEIF ($do == "delImage") {
	$curpage = $_GET["curpage"];
	$action = $_GET["action"];
	$iid = $_GET["iid"];
	$aid = $_GET["aid"];

	echo "<span class=\"actionHead\">Remove an Image</span><br /><br />";	
	
	IF ($action=="yes"){
	
		$query = "SELECT imageName FROM gallery WHERE iid=$iid";
		$result=mysql_query($query, $connection) or die("Query failed : " . mysql_error());
		$imageName = stripslashes(mysql_result($result,0,"imageName"));
		
		$query = "DELETE FROM gallery WHERE iid='$iid'";
		mysql_query($query, $connection) or die("Query failed : " . mysql_error());
		
		$imagePath = $uploaddir . $imageName . ".jpg";
		$imageTHPath = $uploadTHdir . "th_" . $imageName . ".jpg";
		chmod($imagePath, 0755);
		chmod($imageTHPath, 0755);
		unlink($imagePath);
		unlink($imageTHPath);
		echo "The Image has been removed.<br />";
		echo "<br />";
		echo "<a href=\"default.php?$subUrl&do=viewAlbum&aid=$aid&curpage=$curpage#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	}

	ELSE{
		echo "Are you sure you wish to remove this image from the gallery?";
		echo "<br /><br />";
		echo "<a href=\"default.php?$urlString&action=yes&iid=$iid\"><img src=\"".$modulesDir.$moduleDir."imgs/accept.gif\" height=\"32\" width=\"32\" alt=\"Accept\" border=\"none\"/></a> Accept";
		echo "   ";
		echo "<a href=\"default.php?$subUrl&do=viewAlbum&aid=$aid&curpage=$curpage#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/cancel.gif\" height=\"32\" width=\"32\" alt=\"Cancel\" border=\"none\"/></a> Cancel";
	}
}

ELSEIF ($do == "addAlbum") {

echo "<span class=\"actionHead\">Add an Album</span><br /><br />";
	$page = $_GET["page"];
	$anamePost = addslashes($_POST["aname"]);
	$descriptionPost = addslashes($_POST["description"]);
	
	if($page=="submit"){
	$error = chkAlbumElements($anamePost,$descriptionPost);
	$albumError = chkAlbum($anamePost);
	}
	
	IF (($page=="submit")&&($error==5)&&$albumError==0){
		$query = "INSERT INTO galleryalbum VALUES('','$anamePost','$descriptionPost')";
		$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
		echo "Thank you, the album <b>$aname</b> has been added.  You can now add pictures to this album."
		    ."<br /><br />";
		echo "<a href=\"default.php?$subUrl&aid=$aid&curpage=$curpage#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	}

	ELSE{
		IF ($albumError==1){
		echo "<font color=\"red\">This album already exists, please try a different name for the album</font><br />";
		}
		IF ($error==2){
		echo "<font color=\"red\">Please check to ensure that all fields have been filled.</font><br /><br />";
		}		
		//code to display the editor which replaces the textarea.
		  echo "<script type=\"text/javascript\" src=\""
          ."$docroot"
        ."editor/fckeditor.js\"></script>"
		."<script type=\"text/javascript\">"
 		."window.onload = function()"
 		."{"
 		."var oFCKeditor = new FCKeditor( 'description','','150','Internal','' ) ;"
 		."oFCKeditor.BasePath	= '"
         ."$docroot"
        ."editor/' ;"
 		."oFCKeditor.ReplaceTextarea() ;"
 		."}"
 		."</script>";
 		//editor code end
	
		echo "<br />"
	    	."<table width=\"100%\">"
	     	."<form enctype=\"multipart/form-data\" action=\"default.php?$urlString&page=submit\"  method=\"POST\">"
					
		."<tr><td width=\"120\">"
		."<b>Album Name: </b></td><td><input type=\"text\" name=\"aname\" size=\"40\" value=";
		IF ($albumPost!=null){
		echo $albumPost;
		}
		echo "></td></tr>"
		."<tr><td colspan=\"2\" height=\"10\"></td></tr>"	
		."<tr><td colspan=\"2\"><b>Description:</b><br /></td></tr>"	
		."<tr><td colspan=\"2\" height=\"100\"><textarea name=\"description\" rows=\"8\" cols=\"75\">";
		IF ($descriptionPost!=null){
		echo $descriptionPost;
		}
		echo "</textarea></td></tr>"
		."<tr><td colspan=\"2\" height=\"10\"></td></tr>"	
					
		."<tr><td colspan=\"2\" height=\"10\">"
		."<input type=\"submit\" value=\"Submit\" />"
		."</td></tr>"
		."</form>"
		."</table>"
		."<br /><br />";
		echo "<a href=\"default.php?$subUrl&aid=$aid&curpage=$curpage#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
	}
}

ELSEIF ($do=="editAlbum"){
	$page=$_GET['page'];
	$aid = $_GET['aid'];
	$anamePost= addslashes($_POST['aname']);
	$descriptionPost= addslashes($_POST['description']);
	
	if($page=="submit"){
	$error = chkAlbumElements($anamePost,$descriptionPost);
	$albumError = chkAlbum($anamePost);
	}
	
	echo "<span class=\"actionHead\">Modify an Album</span><br /><br />";
	
		IF (($page=="submit")&&($error==5)&&($albumError==0)){
			$query = "UPDATE galleryalbum SET aname='$anamePost', description='$descriptionPost' WHERE aid='$aid'";
			$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
			echo "Thank you, the album has been modified.  All images associated with the album before modification will still exist with this album."
			."<br /><br />";
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
		}
	
		ELSE{
			IF ($albumError==1){
			echo "<font color=\"red\">This album already exists, please try a different name for the album</font><br />";
			}
			IF ($error==2){
			echo "<font color=\"red\">Please check to ensure that all fields have been filled.</font><br /><br />";
			}	
		
			//code to display the editor which replaces the textarea.
			echo "<script type=\"text/javascript\" src=\""
            ."$docroot"
            ."editor/fckeditor.js\"></script>"
			."<script type=\"text/javascript\">"
			."window.onload = function()"
			."{"
			."var oFCKeditor = new FCKeditor( 'description','','150','Internal','' ) ;"
			."oFCKeditor.BasePath	= '"
            ."$docroot"
            ."editor/' ;"
			."oFCKeditor.ReplaceTextarea() ;"
			."}"
			."</script>";
			//editor code end
		
			$query = "SELECT * FROM galleryalbum WHERE aid='$aid'";
			$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
			$aname = stripslashes(mysql_result($result,0,"aname"));
			$description = stripslashes(mysql_result($result,0,"description"));
	
			echo "<form action=\"default.php?$subUrl&do=editAlbum&page=submit&aid=$aid\" method=\"post\" enctype=\"multipart/form-data\">"
			."<table width=\"100%\">"
			."<tr><td width=\"80\"><strong>Album:</strong></td><td><input type=\"text\" name=\"aname\" size=\"40\" value=\"";
			if (($anamePost!=null)||($anamePost!="")){
				echo stripslashes($anamePost);
			}
			else{
				echo $aname;
			}	
			echo "\"></td></tr>"
			."<tr><td colspan=\"2\" height=\"10\"></td></tr>"
			."<tr><td colspan=\"2\"><strong>Description:</strong></td></tr>"
			."<tr><td colspan=\"2\"><textarea name=\"description\" rows=\"10\" cols=\"75\">";
			if (($descriptionPost!=null)||($descriptionPost!="")){
				echo stripslashes($descriptionPost);
			}
			else{
				echo $description;
			}	
			echo "</textarea></td></tr>"
			."<tr><td colspan=\"2\"><input name=\"Submit\" value=\"Submit\" type=\"submit\"></td></tr></table>"
			."</form>";
			echo "<br />";
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
		}
}

ELSEIF ($do=="delAlbum"){

	$action = $_GET["action"];
	$aid = $_GET["aid"];
	
	echo "<span class=\"actionHead\">Album Deletion</span><br /><br />";
	$error = isAlbumEmpty($aid);
	
		IF (($action=="yes")&&($error!=1)){
			$query = "DELETE FROM galleryalbum WHERE aid=$aid";
			$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
			echo "The album has been deleted.";
			echo "<br /><br />";
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
		}
	
		ELSE{
			IF ($error==1){
				
			echo "<font color=\"red\">This album cannot be removed as it has images associated with it.  Return to the Gallery Administration and either transfer the images or remove them from this album before it can be deleted.</font><br /><br />";
			
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
			}
			ELSE{
			$error= 0;
			echo "Are you sure you wish to delete this album?";
			echo "<br /><br />";
			echo "<a href=\"default.php?$urlString&action=yes&aid=$aid\"><img src=\"".$modulesDir.$moduleDir."imgs/accept.gif\" height=\"32\" width=\"32\" alt=\"Accept\" border=\"none\"/></a> Accept";
			echo "   ";
			echo "<a href=\"default.php?$subUrl\"><img src=\"".$modulesDir.$moduleDir."imgs/cancel.gif\" height=\"32\" width=\"32\" alt=\"Cancel\" border=\"none\"/></a> Cancel";
			}
		}
}

ELSEIF ($do=="viewImage"){

	$aid = $_GET["aid"];
	$iid = $_GET["iid"];
	$curpage = $_GET["curpage"];
	$query = "SELECT * FROM gallery WHERE iid=$iid";
	$result=mysql_query($query, $connection) or die("Query failed : " . mysql_error());
	
	$imageName = stripslashes(mysql_result($result,0,"imageName"));
	$description = stripslashes(mysql_result($result,0,"description"));
	$aid = stripslashes(mysql_result($result,0,"aid"));
	
	$queryAlbum = "SELECT aname FROM galleryalbum WHERE aid=$aid";
	$resultAlbum =mysql_query($queryAlbum, $connection) or die("Query failed : " . mysql_error());
	$aname = stripslashes(mysql_result($resultAlbum,0,"aname"));
	
	echo "<span class=\"actionHead\">Image Details</span><br /><br />";
	echo "<img src=\"$uploaddir$imageName.jpg\" border=\"0\">";
	echo "<br /><br />";
	echo "<strong>Current Album:</strong> $aname<br />";
	echo "<strong>Description:</strong> $description";
	echo "<br /><br />";
	echo "<a href=\"default.php?$subUrl&do=viewAlbum&aid=$aid&curpage=$curpage#gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a><span class=\"moduleReturnText\">Return to Gallery Administration</span>";
}	
		
ELSE {
	$query = "SELECT * FROM galleryalbum";
	$result = mysql_query($query, $connection) or die("Query failed1 : " . mysql_error());
	$numrows = mysql_numrows($result);

	if ($numrows!=0){
	
	echo "<table><tr><td width=\"160\">";
	echo "<a href=\"default.php?$subUrl&do=addImage\"><img src=\"".$modulesDir.$moduleDir."imgs/addImage.gif\" height=\"32\" width=\"32\" alt=\"Add New Image\" border=\"none\"/></a> Add an Image<br /><br />";
	echo "</td><td>";
	
	echo "<a href=\"default.php?$subUrl&do=addAlbum\"><img src=\"".$modulesDir.$moduleDir."imgs/newAlbum.gif\" alt=\"Create Album\" border=\"none\"/></a> Create a New Album<br /><br />";
	echo "</td></tr></table>";
	echo "<strong>You can browse the following albums: (click album name to view)</strong><br /><br />";
	
	echo "<a name=\"albums\">";
	echo "<table cellspacing=\"0\" class=\"albumTable\"><tr class=\"moduleHead\"><td width=\"200\">Album:</td><td width=\"300\">Description</td><td width=\"80\" align=\"center\">Modify</td><td width=\"80\" align=\"center\">Remove</td></tr>";
	
	for ($i = 0 ; $i < $numrows ; $i++) {
		
		IF ($i%2==0){
			$rowclass = "moduleRowEven";
		}
		ELSE{
			$rowclass = "moduleRowOdd";
		}
	
		$aName = stripslashes(mysql_result($result,$i,"aName"));
		$description = stripslashes(mysql_result($result,$i,"description"));
		$aid = stripslashes(mysql_result($result,$i,"aid"));
		$nums = $i + 1;
		echo "<tr class=\"$rowclass\"><td><span class=\"galleryNums\">$nums.</span> <a href=\"default.php?$subUrl&do=viewAlbum&aid=$aid#gallery\" class=\"galleryLinks\">$aName</a></td>";
		echo "<td><i>$description</i></td><td align=\"center\"><a href=\"default.php?$subUrl&do=editAlbum&aid=$aid\"><img src=\"".$modulesDir.$moduleDir."imgs/modify.gif\" height=\"32\" width=\"32\" alt=\"Modify\" border=\"none\" title=\"Modify Image\"/></a></td><td align=\"center\"><a href=\"default.php?$subUrl&do=delAlbum&aid=$aid\"><img src=\"".$modulesDir.$moduleDir."imgs/delete.gif\" height=\"32\" width=\"32\" alt=\"Delete\" border=\"none\" title=\"Delete Image\"/></a></td></tr>";
	}	
		IF ($rowclass=="moduleRowEven"){
			$rowclass="moduleRowOdd";
		}
		ELSE {
			$rowclass="moduleRowEven";
		}
		$nums = $nums+1;
		echo "<tr class=\"$rowclass\"><td><span class=\"galleryNums\">$nums.</span> <a href=\"default.php?$subUrl&do=viewAlbum&aid=viewall#gallery\" class=\"galleryLinks\">View All Images</a></td><td><i>View all images from all albums.</i></td><td align=\"center\"> - </td><td align=\"center\"> - </td></tr></table><br /><br />";
		
	IF ($do=="viewAlbum"){
	$aid = $_GET["aid"];
	
	$pageNum = 1;
	if(isset($_REQUEST['curpage'])) {
    		$pageNum = $_REQUEST['curpage'];
	}

	// Get the offset value
	$offset = ($pageNum - 1) * $picsPerPage;
	
	// Get the number of pages
	IF ($aid=="viewall"){
		$query = "SELECT iid FROM gallery";
	}
	ELSE {
		$query = "SELECT iid FROM gallery where aid=$aid";
	}

	$result = mysql_query($query) or die("Query failed2 : " . mysql_error());
	$numrows = mysql_numrows($result);
	IF ($numrows!=0){
	
	$maxPage = ceil($numrows/$picsPerPage);		
		
	// The following logic will find out if we should display the next/first and prev/last links
	if ($pageNum > 1) {
	        $curpage = $pageNum - 1;
    		$prev = " <a href=\"default.php?$subUrl&aid=$aid&do=viewAlbum&curpage=$curpage#gallery\">[Prev]</a> ";
    		$first = " <a href=\"default.php?$subUrl&aid=$aid&do=viewAlbum&curpage=1#gallery\">[First Page]</a> ";
	} else {
    		$prev  = " [Prev] ";       
	        $first = " [First Page] "; 
	}

	if ($pageNum < $maxPage) {
    		$curpage = $pageNum + 1;
    		$next = " <a href=\"default.php?$subUrl&aid=$aid&do=viewAlbum&curpage=$curpage#gallery\">[Next]</a> ";
    		$last = " <a href=\"default.php?$subUrl&aid=$aid&do=viewAlbum&curpage=$maxPage#gallery\">[Last Page]</a> ";
	} else {
 		$next = " [Next] ";      
 		$last = " [Last Page] "; 
	}
	echo "<a name=\"gallery\">";
	// print start of table and header row
	echo "<table class=\"albumTable\" width=700 cellpadding=\"0\" cellspacing=\"0\">";
	
	// -- PORTABLE PAGING CODE ABOVE -- //
	IF ($aid=="viewall"){
	$query = "SELECT * FROM gallery ORDER BY iid DESC LIMIT $offset, $picsPerPage";
	$aname = "All Pictures";
	}
	ELSE{
	$query = "SELECT * FROM gallery WHERE aid=$aid ORDER BY iid DESC LIMIT $offset, $picsPerPage";
	$queryAlbumName = "SELECT * FROM galleryalbum WHERE aid=$aid";
	$resultAlbumName=mysql_query($queryAlbumName, $connection) or die("Query failed3 : " . mysql_error());
	$aname = mysql_result($resultAlbumName,0,"aname");
	
	}
	$result=mysql_query($query, $connection) or die("Query failed4 : " . mysql_error());
	//$numrows = mysql_numrows($result);

	// PRINT THE GALLERY
	
	echo "<tr><td class=\"moduleHead\" colspan=$itemsPerRow align=center>Album: <i>$aname</i> | Viewing $numrows Pictures</td></tr>";
	
	// print the page navigation link
	echo "<tr><td colspan=$itemsPerRow height=\"40\" align=\"center\">";
	echo "<form method=\"POST\" action=\"default.php?$subUrl&aid=$aid&do=viewAlbum\">";
	echo "$first $prev Viewing page <b>$pageNum</b> of <b>$maxPage</b> $next $last";
	 
	 echo "  ";
				
		echo "<select  name=\"curpage\">";
			echo "<option value=\"1\" selected>Jump to...";
			for ($i = 0; $i < $maxPage; $i++) {
				$j=$i+1;
				echo "<option value=\"$j\">Page $j";
				}
			echo "</select>";
		echo "<input type=\"submit\" value=\"Go\">";
		echo "</form>";
	  echo "</td></tr>";
	  
	  
	  
	  


$numrows = mysql_num_rows($result);
for ($i = 0 ; $i < $picsPerPage && $i < $numrows; $i++) {
  	
	IF (($itemCount%$itemsPerRow)==0){
			echo "<tr height=$trHeight>";
	}
	
	$imageName = mysql_result($result,$i,"imageName") . ".jpg";
	$iid = mysql_result($result,$i,"iid");
				
	echo "<td width=$tdWidth>";
	
	echo "<table><tr><td>";
			
	echo "<img src=\"" . $uploadTHdir . "th_" . $imageName . "\" border=0>";
	echo "</td><td align=\"center\">";
	echo "<a href=default.php?$subUrl&curpage=$pageNum&do=viewImage&iid=$iid&aid=$aid><img src=\"".$modulesDir.$moduleDir."imgs/enlargeImg.gif\" height=\"32\" width=\"32\" alt=\"Enlarge Image\" border=\"none\" title=\"View Large Image\"/></a>";
	echo "<br /><br />";
	echo "<a href=default.php?$subUrl&curpage=$pageNum&do=modImage&iid=$iid&aid=$aid><img src=\"".$modulesDir.$moduleDir."imgs/modify.gif\" height=\"32\" width=\"32\" alt=\"Modify\" border=\"none\" title=\"Modify Image\"/></a>";
	echo "<br /><br />";
	echo " <a href=default.php?$subUrl&curpage=$pageNum&do=delImage&iid=$iid&aid=$aid><img src=\"".$modulesDir.$moduleDir."imgs/delete.gif\" height=\"32\" width=\"32\" alt=\"Delete\" border=\"none\" title=\"Delete Image\"/></a>";
	echo "</td></tr></table>";
	
	echo "</td>";
		
	IF(($itemCount%$itemsPerRow)==($itemsPerRow-1)){
		echo "</tr>";
	} 	
	
	$itemCount++;
}
	
	
	echo "</table>";
	echo "<br /><br /><a href=\"default.php?module=Gallery\"><img src=\"".$modulesDir.$moduleDir."imgs/return.gif\" height=\"31\" width=\"32\" alt=\"Return\" border=\"none\"/></a> Return to Album Listing";
	}

	Else{
		IF ($aid==viewall){
		echo "<strong>There have been no images added to the system.</strong>";
		}
		Else{
		$queryAlbumName = "SELECT * FROM galleryalbum WHERE aid=$aid";
		$resultAlbumName=mysql_query($queryAlbumName, $connection) or die("Query failed5 : " . mysql_error());
		$aname = mysql_result($resultAlbumName,0,"aname");
		
		echo "<table class=\"albumTable\" width=\"600\" cellpadding=\"0\" cellspacing=\"0\">";
		echo "<tr><td class=\"moduleHead\" colspan=$itemsPerRow align=center>Album: <i>$aname</i> | Currently Empty</td></tr>";
		echo "</table>";
		}
	}	
	
	} //end viewAlbum
	}
	else{
	
	echo "<a href=\"default.php?$subUrl&do=addAlbum\"><img src=\"".$modulesDir.$moduleDir."imgs/newAlbum.gif\" alt=\"Create Album\" border=\"none\"/></a> Create a New Album<br /><br />";
	
	echo "It has been detected that there have been no albums added to the system.  Create an album before adding images.  Albums aide in organizing images into specific groups for ease of editing.";	
	}	
}

}/*End session login*/

//IF attempt is made through URL but no access is granted.
else if((($_SESSION['loggedin'])==yes)&&($access=='0')) {
echo "<br />";
echo "The current user does not have access to this module.  Please contact the system admin if access is required.";
echo "<br /><br />";
}

/*If session is not started, display the log in page*/

else {
	header("Location: default.php");
}

function getFileExtension($str) {
        $i = strrpos($str,".");
        if (!$i) { return ""; }
        $l = strlen($str) - $i;
        $ext = substr($str,$i+1,$l);
        return $ext;
    }
    
function chkAlbum($album){
GLOBAL $connection;
GLOBAL $aid;

$oldName = strtolower(mysql_result(mysql_query("SELECT * FROM galleryalbum WHERE aid=$aid"),0,"aname"));

$flag=0;
$query = "SELECT aname FROM galleryalbum";
$result = mysql_query($query, $connection) or die("Query failedA : " . mysql_error());
$numrows = mysql_num_rows($result);
	for ($i = 0; $i < $numrows; $i++) {			
		$aname = mysql_result($result,$i,"aname");
		IF (strtolower($aname) == strtolower($album) && strtolower($aname) != $oldName){
			$flag = 1;
		} 
	}
	return $flag;
}  

function isAlbumEmpty($aid){
GLOBAL $connection;
$flag=0;
$query = "SELECT * FROM gallery WHERE aid=$aid";
$result = mysql_query($query, $connection) or die("Query failedB : " . mysql_error());
$numrows = mysql_num_rows($result);
		IF ($numrows==0){
			$flag = 0;
		} 
		ELSE{
			$flag = 1;
		}
	return $flag;
}   

function chkGalleryElements($image,$album,$description){
		IF((customTrim($image)==1)||(customTrim($album)==1)||(customTrim($description)==1)){
			$error=2;
		}
		ELSE{
			$error=5;
		}
	return $error;
}

function chkModGalleryElements($album,$description){
		IF((customTrim($album)==1)||(customTrim($description)==1)){
			$error=2;
		}
		ELSE{
			$error=5;
		}
	return $error;
}

function chkAlbumElements($aname,$description){
		IF((customTrim($aname)==1)||(customTrim($description)==1)){
			$error=2;
		}
		ELSE{
			$error=5;
		}
	return $error;
}

function chkUser($user){
GLOBAL $connection;
$flag=0;
$query = "SELECT username FROM users";
$result = mysql_query($query, $connection) or die("Query failed : " . mysql_error());
$numrows = mysql_num_rows($result);
	for ($i = 0; $i < $numrows; $i++) {			
		$username = mysql_result($result,$i,"username");
		IF (strtolower($username) == strtolower($user)){
			$flag = 1;
		} 
	}
	return $flag;
}

function customTrim($string){
	if(trim($string)==""){
		$error=1;
	}
	return $error;
}
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.