2 //gallery member class
\r
4 class GALLERY_MEMBER extends MEMBER {
\r
6 function makeguest() {
\r
8 $this->realname = 'guest';
\r
9 $this->displayname = 'guest';
\r
12 function canAddAlbum() {
\r
15 if ($this->isAdmin()) return true;
\r
17 //depends on setting of $NPG_CONF['add_album']
\r
18 if ($NPG_CONF['add_album'] == 'guest' ) return true;
\r
19 if ($NPG_CONF['add_album'] == 'member' && $this->isloggedin() ) return true;
\r
20 if ($NPG_CONF['add_album'] == 'select') {
\r
21 $result = mysql_query('select addalbum from '.sql_table('plug_gallery_member').' where memberid='.intval($this->getID()) );
\r
22 if(!$result) return false;
\r
23 $row = mysql_fetch_assoc($result);
\r
24 if($row['addalbum']) return true;
\r
31 function canAddPicture($albumid=0) {
\r
34 if ($this->isAdmin()) return true;
\r
36 //if no album specified (ie albumid = 0), then look if user is member or owner of any albums
\r
38 $aa = $this->getAllowedAlbums();
\r
39 if($aa) return true; else return false;
\r
42 //album owner or guest/public album
\r
43 $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid='.intval($albumid));
\r
44 if(!$result) return false;
\r
45 $row = mysql_fetch_assoc($result);
\r
46 if($row['ownerid'] == $this->getID() || $row['ownerid']==0) return true;
\r
49 $result = mysql_query('select tmemberid from '.sql_table('plug_gallery_album_team').' where talbumid='.intval($albumid));
\r
50 if(!$result) return false;
\r
51 while($row = mysql_fetch_assoc($result)) {
\r
52 if($this->getID() == $row['tmemberid']) return true;
\r
56 function canModifyAlbum($albumid) {
\r
59 if ($this->isAdmin()) return true;
\r
61 //album owner except for public/guest albums -- only admin can modify those
\r
62 $result = mysql_query('select ownerid from '.sql_table('plug_gallery_album').' where albumid <> 0 and albumid='.intval($albumid));
\r
63 if(!$result) return false;
\r
64 $row = mysql_fetch_assoc($result);
\r
65 if($row['ownerid'] == $this->getID()) return true;
\r
67 //album admin (from team)
\r
68 $result = mysql_query('select tmemberid, tadmin from '.sql_table('plug_gallery_album_team').' where talbumid='.intval($albumid));
\r
69 if(!$result) return false;
\r
70 while($row = mysql_fetch_assoc($result)) {
\r
71 if($this->getID() == $row['tmemberid'] || $row['tadmin']) return true;
\r
75 function canModifyPicture($pictureid) {
\r
78 if ($this->isAdmin()) return true;
\r
81 $result = mysql_query('select ownerid from '.sql_table('plug_gallery_picture').' where pictureid='.intval($pictureid));
\r
82 if(!$result) return false;
\r
83 $row = mysql_fetch_assoc($result);
\r
84 if($row['ownerid'] == $this->getID()) return true;
\r
86 //album owner, but not guest
\r
87 $result = mysql_query('select a.ownerid from '.sql_table('plug_gallery_album').' as a, '.sql_table('plug_gallery_picture').' as p where a.albumid=p.albumid and p.pictureid='.intval($pictureid));
\r
88 if(!$result) return false;
\r
89 $row = mysql_fetch_assoc($result);
\r
90 if($row['ownerid'] == $this->getID() && $this->getID() <> 0) return true;
\r
92 //album admin (from team)
\r
96 function canModifyComment($commentid) {
\r
99 if ($this->isAdmin()) {
\r
100 $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.intval($commentid));
\r
101 if (mysql_num_rows($result)) return true; else return false;
\r
105 $result = sql_query('select cmemberid from '. sql_table('plug_gallery_comment'). ' where commentid = '.intval($commentid));
\r
106 $row = mysql_fetch_assoc($result);
\r
107 if($row['cmemberid'] == $this->getID()) return true;
\r
111 function getAllowedAlbums() {
\r
112 $allowed_albums = array();
\r
114 $memberid = intval($this->getID());
\r
115 if(!$memberid) $memberid=0; //guest
\r
117 if($this->isadmin()) {
\r
118 $query = "select *, title as albumname from ".sql_table('plug_gallery_album')
\r
119 .' left join '.sql_table('member').' on ownerid=mnumber';
\r
121 $query = "select *, title as albumname from ".sql_table('plug_gallery_album')
\r
122 .' left join '.sql_table('plug_gallery_album_team').' on albumid=talbumid'
\r
123 .' left join '.sql_table('member').' on ownerid=mnumber'
\r
124 ." where tmemberid=$memberid or ownerid=$memberid or ownerid=0";
\r
127 $result = mysql_query($query);
\r
128 if(!$result) echo mysql_error().'<br/>';
\r
129 if(@ !mysql_num_rows($result)) return false;
\r
130 while ($row = mysql_fetch_object($result)) {
\r
131 if($row->mnumber==0) $row->mname='guest';
\r
132 array_push($allowed_albums, $row);
\r
135 return $allowed_albums;
\r
137 function getAllowedAlbumsids() {
\r
138 $allowed_albums = array();
\r
140 $memberid = intval($this->getID());
\r
141 if(!$memberid) $memberid=0; //guest
\r
143 if($this->isadmin()) {
\r
144 $query = "select *, title as albumname from ".sql_table('plug_gallery_album')
\r
145 .' left join '.sql_table('member').' on ownerid=mnumber';
\r
147 $query = "select *, title as albumname from ".sql_table('plug_gallery_album')
\r
148 .' left join '.sql_table('plug_gallery_album_team').' on albumid=talbumid'
\r
149 .' left join '.sql_table('member').' on ownerid=mnumber'
\r
150 ." where tmemberid=$memberid or ownerid=$memberid or ownerid=0";
\r
153 $result = mysql_query($query);
\r
154 if(!$result) echo mysql_error().'<br/>';
\r
155 if(@ !mysql_num_rows($result)) return false;
\r
156 while ($row = mysql_fetch_object($result)) {
\r
157 if($row->mnumber==0) $row->mname='guest';
\r
158 array_push($allowed_albums, $row->albumid);
\r
162 return $allowed_albums;
\r