ploto

ploto Git Source Tree


Root/plog-admin/plog-admin-functions.php

<?php

if (basename($_SERVER['PHP_SELF']) == basename(__FILE__)) {
	// ignorance is bliss
	exit();
}

function get_files($directory, $get_all_files = false, $get_folders = false, $relative_path = false) {
	global $config;
	$sep = (substr($directory, -1) == '/') ? '': '/';
	// Try to open the directory
	if($dir = opendir($directory)) {
		// Create an array for all files found
		$tmp = array();
		// Create an array for all folders found (if set)
		$tmp_folders = array();

		// Add the files
		while($file = readdir($dir)) {
			// Make sure the file exists
			if($file != '.' && $file != '..') {
				if (!$get_folders) {
					if ($file[0] == '.') {
						continue;
					}
				}
				// If it's a directory, list all files within it
				if (is_dir($directory.$sep.$file)) {
					$tmp2 = get_files($directory.$sep.$file, $get_all_files, $get_folders, $relative_path);
					if (is_array($tmp2)) {
						if (!isset($tmp2['files'])) {
							$tmp = array_merge($tmp, $tmp2);
						} else {
							$tmp = array_merge($tmp, $tmp2['files']);
							$tmp_folders = array_merge($tmp_folders, $tmp2['folders']);
						}
					}
					if ($get_folders) {
						if (!$relative_path) {
							$tmp_folders[] = $directory.$sep.$file;
						} else {
							$tmp_folders[] = str_replace($relative_path, '', $directory.$sep.$file);
						}
					}
				} else if (is_readable($directory.$sep.$file)) {
					$filename = basename(stripslashes($file));
					$pi = pathinfo($file);
					if (is_allowed_extension($pi['extension']) || $get_all_files) {
						if (!$relative_path) {
							$tmp[] = $directory.$sep.$file;
						} else {
							$tmp[] = str_replace($relative_path, '', $directory.$sep.$file);
						}
					}
				}
			}
		}
		// Finish off the function
		closedir($dir);
		sort($tmp);
		if ($get_folders) {
			$return = array();
			// Reverse the order of folders so subfolders come first 
			krsort($tmp_folders);
			$return['files'] = $tmp;
			$return['folders'] = $tmp_folders;
			return $return;
		}
		return $tmp;
	}
}

function move_this($item, $destination) {
	// If safe_mode enabled, open the permissions first
	if (is_safe_mode()) {
		$old_parent_path = dirname($item).'/';
		$new_parent_path = dirname($destination).'/';
		chmod_ftp($old_parent_path, 0777);
		chmod_ftp($new_parent_path, 0777);
	}
	$move = @rename($item, $destination);
	// If safe_mode enabled, close the permissions back down to the default
	if (is_safe_mode()) {
		chmod_ftp($old_parent_path);
		chmod_ftp($new_parent_path);
	}
	if (!$move) {
		return false;
	}
	return true;
}

function kill_dir($path) {
// Great removal function originally named advancedRmdir() by kisgabo94 at freemail dot hu
	// if the path exists, attempt to delete it, else we don't need to do anything
	if (isset($path) && file_exists($path)) {
		$origipath = $path;
		$handler = opendir($path);
		while (true) {
			$item = readdir($handler);
			if ($item == '.' or $item == '..') {
				continue;
			} elseif (gettype($item) == 'boolean') {
				closedir($handler);
				// If safe_mode enabled, open the permissions first
				if (is_safe_mode() && !is_writable(dirname($path).'/')) {
					$parent_path = dirname($path).'/';
					chmod_ftp($parent_path, 0777);
				}
				$remove = @rmdir($path);
				// If safe_mode enabled, close the permissions back down to the default
				if (is_safe_mode()) {
					chmod_ftp($parent_path);
				}
				if (!$remove) {
					return false;
				}
				if ($path == $origipath) {
					break;
				}
				$path = substr($path, 0, strrpos($path, '/'));
				$handler = opendir($path);
			} elseif (is_dir($path.'/'.$item)) {
				closedir($handler);
				$path = $path.'/'.$item;
				$handler = opendir($path);
			} else {
				// If safe_mode enabled, open the permissions first
				if (is_safe_mode() && !is_writable($path)) {
					chmod_ftp($path.'/', 0777);
				}
				@unlink($path.'/'.$item);
			}
		}
	}
	return true;
}

function kill_file($file) {
	// if the path exists, attempt to delete it, else we don't need to do anything
	if (isset($file) && file_exists($file)) {
		// Check if it's an uploaded file
		$uploaded = is_uploaded_file($file);
		// If safe_mode enabled, open the permissions first
		if (is_safe_mode() && !$uploaded) {
			$parent_path = dirname($file).'/';
			chmod_ftp($parent_path, 0777);
		}
		$remove = @unlink($file);
		// If safe_mode enabled, close the permissions back down to the default
		if (is_safe_mode() && !$uploaded) {
			chmod_ftp($parent_path);
		}
		if (!$remove) {
			return false;
		}
	}
	return true;
}

function is_win() {
	if (strtolower(substr(PHP_OS, 0, 3)) == 'win') {
		return true;
	}
	return false;
}

function is_open_perms($file) {
	if (!is_win()) {
		clearstatcache();
		$perm = substr(decoct(fileperms($file)),2);
		return ($perm == '0777');
	}
	return false;
}

function generate_pagination_view_menu() {
	$url_query = '?';
	$url_parts = parse_url($_SERVER['REQUEST_URI']);
	if (isset($url_parts['query'])) {
		// If entries_per_page is already present in URL, remove it
		if (strpos($url_parts['query'], 'entries_per_page') !== false || strpos($url_parts['query'], 'plog_page') !== false) {
			parse_str($url_parts['query'], $query_parts);
			foreach ($query_parts as $qkey => $qval) {
				if ($qkey != 'entries_per_page' && $qkey != 'plog_page') {
					$url_query .= $qkey.'='.$qval.'&';
				}
			}
		} else {
			$url_query .= str_replace('&', '&', $url_parts['query']).'&';
		}
	}

	$java = 'document.location.href=\''.$url_parts['path'].$url_query.'entries_per_page=\'+this.options[this.selectedIndex].value';

	$possible_values = array('1'=>1, '5'=>5, '10'=>10, '20'=>20, '50'=>50, '100'=>100, '250'=>250, '500'=>500);
	$output= "\n\t\t\t" . '<label accesskey="e" for="entries_per_page">'.plog_tr('<em>E</em>ntries per page').'</label>
			<select class="entries-page" onchange="'.$java.'" name="entries_per_page" id="entries_per_page">';
	foreach ($possible_values as $key => $value) {
		if ($_SESSION['entries_per_page'] == $key) {
			$output .= "\n\t\t\t\t" . '<option value="'.$value.'" selected="selected">'.$key.'</option>';
		} else {
			$output .= "\n\t\t\t\t" . '<option value="'.$value.'">'.$key.'</option>';
		}
	}
	$output.= "\n\t\t\t" . '</select>';
	$output.= "\n\t\t\t" . '<input id="pagination-go" class="submit" type="submit" value="'.plog_tr('Go').'" />';
	$output.= "\n\t\t\t<script type=\"text/javascript\">toggle('pagination-go');</script>";
	return $output;
}

function add_picture($album_id, $tmpname, $filename, $caption, $desc, $allow_comm = 1) {
	global $config;

	$filename_parts = explode('.', strrev($filename), 2);
	$filename_base = strrev($filename_parts[1]);
	$filename_ext = strtolower(strrev($filename_parts[0]));

	$ext_array = array('jpg', 'jpeg', 'gif', 'png', 'bmp');

	$result = array(
		'output' => '',
		'errors' => '',
		'picture_id' => false,
	);

	$i = 0;

	$unique_filename_base = strtolower(sanitize_filename(SmartStripSlashes($filename_base), true));

	// Now get the name of the collection
	$sql = "SELECT c.path AS collection_path, c.id AS collection_id,
			a.path AS album_path, a.id AS album_id
			FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."collections c
			WHERE c.id = a.parent_id AND a.id = '$album_id'";

	$sql_result = run_query($sql);
	$albumdata = mysqli_fetch_assoc($sql_result);

	// This shouldn't happen in normal cases
	if (empty($albumdata)) {
		$result['errors'] .= plog_tr('No such album!');
		return $result;
	}

	$dest_album_name = SmartStripSlashes($albumdata['album_path']);
	$dest_collection_name = SmartStripSlashes($albumdata['collection_path']);

	$create_path = $dest_collection_name.'/'.$dest_album_name;

	foreach ($ext_array as $ext) {
		while (is_file($config['basedir'].'plog-content/images/'.$create_path.'/'.$unique_filename_base.'.'.$ext)) {
			$unique_filename_base = SmartStripSlashes($filename_base).'-'.++$i;
		}
	}

	$final_filename = sanitize_filename($unique_filename_base).'.'.$filename_ext;

	// Final fully qualified filename
	$final_fqfn = $config['basedir'].'plog-content/images/'.$create_path.'/'.$final_filename;

	if (!makeDirs($config['basedir'].'plog-content/images/'.$create_path)) {
		$result['errors'] .= sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$create_path.'</strong>');
		return $result;
	}

	if (is_uploaded_file($tmpname)) {
		// If safe_mode enabled, open the permissions if the destination path
		if (is_safe_mode()) {
			$parent_path = $config['basedir'].'plog-content/images/'.$create_path;
			chmod_ftp($parent_path, 0777);
		}
		if (!move_uploaded_file($tmpname, $final_fqfn)) {
			$result['errors'] .= sprintf(plog_tr('Could not move uploaded file: %s to %s'), '<strong>'.$tmpname.'</strong>', '<strong>'.$final_fqfn.'</strong>');
		}
		// If safe_mode enabled, close the permissions back down to the default
		if (is_safe_mode()) {
			chmod_ftp($parent_path);
		}
	} else {
		if (!move_this($tmpname, $final_fqfn)) {
			$result['errors'] .= sprintf(plog_tr('Could not move file: %s to %s'), '<strong>'.$tmpname.'</strong>', '<strong>'.$final_fqfn.'</strong>');
		}
	}

	if (empty($result['errors'])) {
		if (is_file($tmpname)) {
			kill_file($tmpname);
		}
		$res = @chmod($final_fqfn, PLOGGER_CHMOD_FILE);

		// Get the EXIF data.
		require_once(PLOGGER_DIR.'plog-includes/lib/exifer1_7/exif.php');
		$exif_raw = read_exif_data_raw($final_fqfn, false);
		$exif = array();

		$exif['date_taken'] = (isset($exif_raw['SubIFD']['DateTimeOriginal'])) ? trim($exif_raw['SubIFD']['DateTimeOriginal']) : '';
		$exif['camera'] = (isset($exif_raw['IFD0']['Make']) && isset($exif_raw['IFD0']['Model'])) ? trim($exif_raw['IFD0']['Make']).' '.trim($exif_raw['IFD0']['Model']) : '';
		$exif['shutter_speed'] = (isset($exif_raw['SubIFD']['ExposureTime'])) ? $exif_raw['SubIFD']['ExposureTime'] : '';
		$exif['focal_length'] = (isset($exif_raw['SubIFD']['FocalLength'])) ? $exif_raw['SubIFD']['FocalLength'] : '';
		$exif['flash'] = (isset($exif_raw['SubIFD']['Flash'])) ? $exif_raw['SubIFD']['Flash'] : '';
		$exif['aperture'] = (isset($exif_raw['SubIFD']['FNumber'])) ? $exif_raw['SubIFD']['FNumber'] : '';
		$exif['iso'] = (isset($exif_raw['SubIFD']['ISOSpeedRatings'])) ? $exif_raw['SubIFD']['ISOSpeedRatings'] : '';

		$picture_path = $create_path.'/'.$final_filename;

		$query = "INSERT INTO `".PLOGGER_TABLE_PREFIX."pictures`
			(`parent_collection`,
			`parent_album`,
			`path`,
			`date_modified`,
			`date_submitted`,
			`allow_comments`,
			`EXIF_date_taken`,
			`EXIF_camera`,
			`EXIF_shutterspeed`,
			`EXIF_focallength`,
			`EXIF_flash`,
			`EXIF_aperture`,
			`EXIF_iso`,
			`caption`,
			`description`)
			VALUES
				('".$albumdata['collection_id']."',
				'".$albumdata['album_id']."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$picture_path)."',
				NOW(),
				NOW(),
				".intval($allow_comm).",
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['date_taken'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['camera'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['shutter_speed'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['focal_length'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['flash'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['aperture'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$exif['iso'])."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$caption)."',
				'".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$desc)."')";

		$sql_result = run_query($query);

		$result['output'] .= sprintf(plog_tr('Your image %s was uploaded successfully.'), '<strong>'.$filename.'</strong>');
		$result['picture_id'] = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);

		// Let's generate the thumbnail and the large thumbnail right away.
		// This way, the user won't see any latency from the thumbnail generation
		// when viewing the gallery for the first time
		// This also helps with the image pre-loading problem introduced
		// by a javascript slideshow.

		$thumbpath = generate_thumb($picture_path, $result['picture_id'], THUMB_SMALL);
		//$thumbpath = generate_thumb($picture_path, $result['picture_id'],THUMB_LARGE);
	}

	return $result;
}

function update_picture($id, $caption, $allow_comments, $description) {
	$id = intval($id);
	$caption = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$caption);
	$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
	$allow_comments = intval($allow_comments);
	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
			caption = '$caption',
			description = '$description',
			allow_comments = '$allow_comments'
		WHERE id='$id'";
	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected picture.'));
	} else {
		return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}
}

function update_picture_field($picture_id, $field, $value) {
	$fields = array('caption', 'description');
	if (!in_array($field, $fields)) {
		return array('errors' => plog_tr('Invalid action'));
	}

	$errors = $output = '';

	$picture_id = intval($picture_id);
	$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($value));

	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET $field = '$value' WHERE id='$picture_id'";

	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected picture.'));
	} else {
		return array('errors' => plog_tr('Could not modify selected picture.'));
	}

}

function move_picture($pic_id, $to_album) {
	global $config, $thumbnail_config;
	// We need the parent_id from the album we're changing to
	$to_album = intval($to_album);
	$pic_id = intval($pic_id);

	$query = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."albums WHERE `id` = '".$to_album."'";
	$result = run_query($query);
	$row = mysqli_fetch_assoc($result);

	if (!is_array($row)) {
		return array('errors' => sprintf(plog_tr('There is no album with id %s.'), '<strong>'.$to_album.'</strong>'));
	}

	$new_collection = $row['parent_id'];

	// Move picture to new location
	// We need to query to get collection names and album names to find new directory path

	$picture = get_picture_by_id($pic_id);
	// If attempting to move within the same album, abort
	if ($picture['parent_album'] == $to_album) {
		return;
	}
	$album = get_album_by_id($to_album);

	$filename = SmartStripSlashes(basename($picture['path']));
	$target_path = SmartStripSlashes($album['collection_path']).'/'.SmartStripSlashes($album['album_path']);

	$filename_parts = explode('.', strrev($filename), 2);
	$filename_base = strrev($filename_parts[1]);
	$filename_ext = strrev($filename_parts[0]);
	$unique_filename_base = strtolower(SmartStripSlashes($filename_base));

	$i = 0;
	while ($to_album != $picture['parent_album'] && is_file($config['basedir'].'plog-content/images/'.$target_path.'/'.$unique_filename_base.'.'.$filename_ext)) {
		$unique_filename_base = $filename_base.'('.++$i.')';
	}

	// Final fully qualified file name
	$picture_path = $target_path.'/'.sanitize_filename($unique_filename_base).'.'.$filename_ext;
	$final_fqfn = $config['basedir'].'plog-content/images/'.$picture_path;

	$rename = move_this($config['basedir'].'plog-content/images/'.$picture['path'], $final_fqfn);
	@chmod($final_fqfn, PLOGGER_CHMOD_FILE);

	// Delete thumbnails
	foreach($thumbnail_config as $tval) {
		$thumbpath = $config['basedir'].'plog-content/thumbs/'.dirname($picture['path']).'/'.$tval['type'].'/'.$picture['id'].'-'.$filename;
		if (file_exists($thumbpath)) {
			kill_file($thumbpath);
		}
	}

	if (!$rename) {
		return array('errors' => sprintf(plog_tr('Could not move file: %s to %s'), '<strong>'.$picture['path'].'</strong>', '<strong>'.$final_fqfn.'</strong>'));
	}

	// Check if collection thumbnail = picture moved to different collection and set to default if so
	if ($picture['parent_collection'] != $new_collection) {
		$collection = get_collection_by_id($picture['parent_collection']);
		if ($collection['thumbnail_id'] == $picture['id']) {
			$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET `thumbnail_id`='0' WHERE id='".$collection['id']."'";
			run_query($query);
		}
	}
	// Check if album thumbnail = moved picture and set to default if so
	$album = get_album_by_id($picture['parent_album']);
	if ($album['thumbnail_id'] == $picture['id']) {
		$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET `thumbnail_id`='0' WHERE id='".$album['id']."'";
		run_query($query);
	}

	// Update database
	$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
			path = '".mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$picture_path)."',
			parent_album = '".$to_album."',
			parent_collection = '".$new_collection."'
		WHERE id = '".$pic_id."'";
	if (!mysqli_query($GLOBALS["PLOGGER_DBH"],$sql)) {
		return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}
	return array('output' => plog_tr('Success'));
}

function delete_picture($del_id) {
	global $config, $thumbnail_config;
	$del_id = intval($del_id);
	$picture = get_picture_by_id($del_id);
	if ($picture) {
		// Check if collection thumbnail = deleted picture and set to default if so
		$collection = get_collection_by_id($picture['parent_collection']);
		if ($collection['thumbnail_id'] == $picture['id']) {
			$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET `thumbnail_id`='0' WHERE id='".$collection['id']."'";
			run_query($query);
		}
		// Check if album thumbnail = deleted picture and set to default if so
		$album = get_album_by_id($picture['parent_album']);
		if ($album['thumbnail_id'] == $picture['id']) {
			$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET `thumbnail_id`='0' WHERE id='".$album['id']."'";
			run_query($query);
		}

		$query = "DELETE FROM ".PLOGGER_TABLE_PREFIX."pictures WHERE `id`= '".$picture['id']."'";
		run_query($query);

		// Delete all comments for the picture
		$query = "DELETE FROM ".PLOGGER_TABLE_PREFIX."comments WHERE `parent_id`= '".$picture['id']."'";
		run_query($query);

		// Make sure that the file is actually located inside our 'plog-content/images/' directory
		$full_path = $config['basedir'].'plog-content/images/'.SmartStripSlashes($picture['path']);
		// Also check whether this image is in the correct folder
		$relative_path = substr($full_path, 0, strlen($config['basedir']));
		$basename = SmartStripSlashes(basename($picture['path']));
		if ($relative_path == $config['basedir']) {
			foreach($thumbnail_config as $tval) {
				$thumbpath = $config['basedir'].'plog-content/thumbs/'.dirname($picture['path']).'/'.$tval['type'].'/'.$picture['id'].'-'.$basename;
				if (file_exists($thumbpath)) {
					kill_file($thumbpath);
				}
			}
			if (is_file($full_path)) {
				if (!kill_file($full_path)) {
					$errors = plog_tr('Could not physically delete file from disk!');
				}
			}
		} else {
			$errors = plog_tr('Picture has invalid path, ignoring delete request.');
		}
	} else {
		$errors =  sprintf(plog_tr('There is no picture with id %s.'), '<strong>'.$del_id.'</strong>');
	}
	if (isset($errors)) {
		return array('errors' => $errors);
	}
	return true;
}

function add_collection($collection_name, $description) {
	global $config;
	$output = $errors = '';
	$id = 0;
	$collection_name = trim(SmartStripSlashes($collection_name));
	if (empty($collection_name)) {
		return array('errors' => plog_tr('Please enter a valid name for the collection.'));
	}

	$collection_folder = strtolower(sanitize_filename($collection_name));

	// First try to create the directory, and only if that succeeds, then insert a new
	// row into collections table, otherwise the collection will not be usable anyway
	$create_path = $config['basedir'].'plog-content/images/'.$collection_folder;

	// Do not allow collections with duplicate names, otherwise mod_rewritten links will start
	// to behave weird.
	if (is_dir($create_path)) {
		// If there is already a directory, check to see if it's in the database
		$collection_data = get_collection_by_name($collection_name);
		if ($collection_data) {
			// It's in the database, so throw duplicate collection error
			return array('errors' => sprintf(plog_tr('New collection could not be created, because there is already one named %s!'), '<strong>'.$collection_name.'</strong>'));
		} else {
			// It's not in the database so attempt to delete the directory
			if (!kill_dir($create_path)) {
				// Could not delete the directory, so prompt the user to delete it manually
				return array('errors' => sprintf(plog_tr('Collection directory %s exists, but no collection exists in the database. Attempt to delete automatically failed. Please delete folder via FTP manually and try again.'), '<strong>'.$create_path.'</strong>'));
			}
		}
	}

	// Create directory
	if (!makeDirs($create_path)) {
		$errors .= sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$create_path.'</strong>');
	} else {
		$sql_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$collection_name);
		$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
		$collection_folder = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$collection_folder);
		$query = "INSERT INTO ".PLOGGER_TABLE_PREFIX."collections (`name`,`description`,`path`) VALUES ('$sql_name', '$description', '$collection_folder')";
		$result = run_query($query);
		$id = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);

		$output .= sprintf(plog_tr('You have successfully created the collection %s.'), '<strong>'.$collection_name.'</strong>');
	}

	// Caller can check the value of id, if it is zero, then collection creation failed
	// errors and output are separate, because this way the caller can format the return value
	// as it needs
	$result = array(
		'output' => $output,
		'errors' => $errors,
		'id' => $id,
	);
	return $result;

}

function update_collection($collection_id, $name, $description, $thumbnail_id = 0) {
	global $config;

	$errors = $output = '';

	$name = trim(SmartStripSlashes($name));
	if (empty($name)) {
		return array('errors' => plog_tr('Please enter a valid name for the collection.'));
	}

	$target_name = strtolower(sanitize_filename($name));

	$errors = $output = '';

	$collection_id = intval($collection_id);
	$thumbnail_id = intval($thumbnail_id);

	$name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$name);
	$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);

	// Rename the directory
	// First, get the collection name of our source collection
	$sql = "SELECT c.path as collection_path, name
			FROM ".PLOGGER_TABLE_PREFIX."collections c
			WHERE c.id = '$collection_id'";

	$result = run_query($sql);
	$row = mysqli_fetch_assoc($result);

	$source_collection_name = SmartStripSlashes($row['collection_path']);
	$source_path = $config['basedir'].'plog-content/images/'.$source_collection_name;
	$target_path = $config['basedir'].'plog-content/images/'.$target_name;

	// Check for self-renaming collection instance
	if ($source_path != $target_path) {
		// Do not allow collections with duplicate names, otherwise mod_rewritten links will start
		// to behave weird.
		if (is_dir($target_path)) {
			// If there is already a directory, check to see if it's in the database
			$collection_data = get_collection_by_name($name);
			if ($collection_data) {
				// It's in the database, so throw duplicate collection error
				return array('errors' => sprintf(plog_tr('Collection %s could not be renamed to %s, because there is another collection with that name.'), '<strong>'.$row['name'].'</strong>', '<strong>'.$name.'</strong>'));
			} else {
				// It's not in the database so attempt to delete the directory
				if (!kill_dir($target_path)) {
					// Could not delete the directory, so prompt the user to delete it manually
					return array('errors' => sprintf(plog_tr('Collection directory %s exists, but no collection exists in the database. Attempt to delete automatically failed. Please delete folder via FTP manually and try again.'), '<strong>'.$target_path.'</strong>'));
				}
			}
		}

		// Perform the rename on the directory
		if (!move_this($source_path, $target_path)) {
			return array('errors' => sprintf(plog_tr('Error renaming directory: %s to %s'), '<strong>'.$source_path.'</strong>', '<strong>'.$target_path.'</strong>'));
		}
	}

	$target_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_name);

	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET name = '$name', path = '$target_name', description = '$description', thumbnail_id = '$thumbnail_id' WHERE id='$collection_id'";
	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if (!$result) {
		return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}

	$output = plog_tr('You have successfully modified the selected collection.');

	// XXX: Update the path only if a collection was actually renamed

	// Update the path field for all pictures within that collection
	// Now we need to update the database paths of all pictures within source album
	$sql = "SELECT p.id AS id, p.path AS path, c.name AS collection_name, a.path AS album_path
		FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."pictures p, ".PLOGGER_TABLE_PREFIX."collections c
		WHERE p.parent_album = a.id AND p.parent_collection = c.id AND p.parent_collection = '$collection_id'";

	$result = run_query($sql);

	while($row = mysqli_fetch_assoc($result)) {

		$filename = basename($row['path']);
		$album_path = $row['album_path'];

		$new_path = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($target_name.'/'.$album_path.'/'.$filename));

		// Update database
		$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '$new_path' WHERE id = '$row[id]'";
		mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($output .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}

	return array(
		'errors' => $errors,
		'output' => $output,
	);
}

function update_collection_field($collection_id, $field, $value) {
	$fields = array('name', 'description');
	if (!in_array($field, $fields)) {
		return array('errors' => plog_tr('Invalid action'));
	}

	$errors = $output = '';

	$collection_id = intval($collection_id);
	$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($value));

	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET $field = '$value' WHERE id='$collection_id'";

	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected collection.'));
	} else {
		return array('errors' => plog_tr('Could not modify selected collection.'));
	}

}

function delete_collection($del_id) {
	global $config;
	$sql = "SELECT c.name AS collection_name, c.path AS collection_path, c.id AS collection_id
		FROM ".PLOGGER_TABLE_PREFIX."collections c
		WHERE c.id = '$del_id'";

	$result = run_query($sql);
	$collection = mysqli_fetch_assoc($result);

	if (!$collection) {
		return array('errors' => plog_tr('No such collection.'));
	}

	// First delete all albums registered with this album
	$sql = 'SELECT * FROM '.PLOGGER_TABLE_PREFIX.'albums WHERE parent_id = '.$collection['collection_id'];
	$result = run_query($sql);
	while ($row = mysqli_fetch_assoc($result)) {
		delete_album($row['id']);
	}

	// XXX: un-register collection
	$query = "DELETE FROM ".PLOGGER_TABLE_PREFIX."collections WHERE `id`= '".$collection['collection_id']."'";
	run_query($query);

	// Finally try to delete the directory itself. It will succeed, if there are no files left inside it ..
	// If there are then .. how did they get there? Probably not through Plogger and in this case do we 
	// really want to delete those?
	$source_collection_name = SmartStripSlashes($collection['collection_path']);

	// Delete any thumbnails for the collection
	$collection_thumb_directory = $config['basedir'].'plog-content/thumbs/'.$source_collection_name;
	if (file_exists($collection_thumb_directory)) {
		kill_dir($collection_thumb_directory);
	}
	// Check to see if the collection_directory is a real directory and then try to delete it
	$collection_directory = $config['basedir'].'plog-content/images/'.$source_collection_name;
	if (is_dir($collection_directory)) {
		if (!kill_dir($collection_directory)) {
			return array('errors' => plog_tr('Collection directory still contains files after all albums have been deleted.'));
		}
	} else {
		return array('errors' => plog_tr('Collection has invalid path, not deleting directory.'));
	}
	return array();
}

function add_album($album_name, $description, $pid) {
	global $config;
	$output = $errors = '';
	$id = 0;
	$album_name = trim(SmartStripSlashes($album_name));
	if (empty($album_name)) {
		return array('errors' => plog_tr('Please enter a valid name for the album.'));
	}
	// Get the parent collection name
	$query = "SELECT c.path as collection_path FROM ". PLOGGER_TABLE_PREFIX."collections c WHERE id = '$pid'";

	$result = run_query($query);
	$row = mysqli_fetch_assoc($result);

	// This shouldn't happen
	if (empty($row)) {
		return array('errors' => plog_tr('No such collection.'));
	}

	$album_folder = strtolower(sanitize_filename($album_name));

	// First try to create the directory to hold the images, if that fails, then the album
	// will be unusable anyway
	$create_path = $config['basedir'].'plog-content/images/'.SmartStripSlashes($row['collection_path']).'/'.$album_folder;

	// Check path so we are not creating duplicate albums within the same collection
	if (is_dir($create_path)) {
		// If there is already a directory, check to see if it's in the database
		$album_data = get_album_by_name($album_name, $pid);
		if ($album_data) {
			// It's in the database, so throw duplicate album error
			return array('output' => 'existing', 'id' => $album_data['id'], 'errors' => sprintf(plog_tr('New album could not be created, because there is already one named %s in the collection %s'), '<strong>'.$album_folder.'</strong>', '<strong>'.ucfirst(SmartStripSlashes($row['collection_path']).'</strong>')));
		} else {
			// It's not in the database so attempt to delete the directory
			if (!kill_dir($create_path)) {
				// Could not delete the directory, so prompt the user to delete it manually
				return array('errors' => sprintf(plog_tr('Album directory %s exists, but no album exists in the database. Attempt to delete automatically failed. Please delete folder via FTP manually and try again.'), '<strong>'.$create_path.'</strong>'));
			}
		}
	}

	if (!makeDirs($create_path)) {
		$errors .= sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$path.'</strong>');
	} else {
		$sql_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$album_name);
		$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$description);
		$album_folder = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$album_folder);
		$query = "INSERT INTO ".PLOGGER_TABLE_PREFIX."albums (`name`,`description`,`parent_id`,`path`) VALUES ('$sql_name', '$description', '$pid', '$album_folder')";
		$result = run_query($query);
		$id = mysqli_insert_id($GLOBALS["PLOGGER_DBH"]);

		$output .= sprintf(plog_tr('You have successfully created the album %s.'), '<strong>'.$album_name.'</strong>');
	}
	// Caller can check the value of id, if it is zero, then album creation failed
	// errors and output are separate, because this way the caller can format the return value
	// as it needs
	$result = array(
		'output' => $output,
		'errors' => $errors,
		'id' => $id,
	);
	return $result;
}

function update_album($album_id, $name, $description, $thumbnail_id = 0) {
	global $config;
	$errors = $output = '';

	$album_id = intval($album_id);
	$thumbnail_id = intval($thumbnail_id);
	$name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes(trim($name)));
	$description = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($description));
	if (empty($name)) {
		return array('errors' => plog_tr('Please enter a valid name for the album.'));
	}

	$target_name = strtolower(sanitize_filename(SmartStripSlashes($name)));

	// First, get the album name and collection name of our source album
	$sql = "SELECT c.path AS collection_path, a.path AS album_path, a.parent_id AS collection_id
			FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."collections c
			WHERE c.id = a.parent_id AND a.id = ".$album_id;

	$result = run_query($sql);
	$row = mysqli_fetch_assoc($result);

	$source_album_name = SmartStripSlashes($row['album_path']);
	$source_collection_name = SmartStripSlashes($row['collection_path']);

	$source_path = $config['basedir'].'plog-content/images/'.$source_collection_name.'/'.$source_album_name;
	$target_path = $config['basedir'].'plog-content/images/'.$source_collection_name.'/'.$target_name;

	// Check for self-renaming album instance
	if ($source_path != $target_path) {
		// Check path so we are not creating duplicate albums within the same collection
		if (is_dir($target_path)) {
			// If there is already a directory, check to see if it's in the database
			$album_data = get_album_by_name($name, $row['collection_id']);
			if ($album_data) {
				// It's in the database, so throw duplicate album error
				return array('errors' => sprintf(plog_tr('New album could not be created, because there is already one named %s in the collection %s'), '<strong>'.$target_name.'</strong>', '<strong>'.$source_collection_name.'</strong>'));
			} else {
				// It's not in the database so attempt to delete the directory
				if (!kill_dir($target_path)) {
					// Could not delete the directory, so prompt the user to delete it manually
					return array('errors' => sprintf(plog_tr('Album directory %s exists, but no album exists in the database. Attempt to delete automatically failed. Please delete folder via FTP manually and try again.'), '<strong>'.$target_path.'</strong>'));
				}
			}
		}

		// Perform the rename on the directory
		if (!move_this($source_path, $target_path)) {
			return array(
				'errors' => sprintf(plog_tr('Error renaming directory: %s to %s'), '<strong>'.$source_path.'</strong>', '<strong>'.$target_path.'</strong>'));
		}
	}

	$target_name = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_name);

	// Proceed only if rename succeeded
	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET
			name = '$name',
			description = '$description',
			thumbnail_id = '$thumbnail_id',
			path = '$target_name'
		WHERE id='$album_id'";

	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if (!$result) {
		return array('errors' => mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}

	$output .= plog_tr('You have successfully modified the selected album.');

	// Update the path field for all pictures within that album
	$sql = "SELECT p.path AS path, p.id AS id, c.name AS collection_name, a.name AS album_name
			FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."pictures p, ".PLOGGER_TABLE_PREFIX."collections c
			WHERE p.parent_album = a.id AND p.parent_collection = c.id AND p.parent_album = '$album_id'";

	$result = run_query($sql);

	while($row = mysqli_fetch_assoc($result)) {

		$filename = basename($row['path']);
		$new_path = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],SmartStripSlashes($source_collection_name.'/'.$target_name.'/'.$filename));

		// Update database
		$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET path = '$new_path' WHERE id = '$row[id]'";
		mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($errors .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}

	return array(
		'errors' => $errors,
		'output' => $output,
	);
}

function update_album_field($album_id, $field, $value) {
	$fields = array('name', 'description');
	if (!in_array($field, $fields)) {
		return array('errors' => plog_tr('Invalid action'));
	}

	$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim(SmartStripSlashes($value)));
	$errors = $output = '';
	$album_id = intval($album_id);

	// Proceed only if rename succeeded
	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET
			$field = '$value'
		WHERE id='$album_id'";

	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);

	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected album.'));
	} else {
		return array('errors' => plog_tr('Could not modify selected album.'));
	}
}

function move_album($album_id, $to_collection) {
	global $config;

	$res = array(
		'errors' => '',
		'output' => '',
	);

	$album_id = intval($album_id);
	$to_collection = intval($to_collection);

	$sql = "SELECT
				c.path as collection_path,
				c.thumbnail_id as collection_thumb,
				c.id as collection_id,
				a.path as album_path
			FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."collections c
			WHERE c.id = a.parent_id AND a.id = '$album_id'";

	$result = run_query($sql);
	$row = mysqli_fetch_assoc($result);

	$source_album_name = SmartStripSlashes($row['album_path']);
	$source_collection_name = SmartStripSlashes($row['collection_path']);
	$source_collection_thumb = $row['collection_thumb'];
	$source_collection_id = $row['collection_id'];

	// If moving to same collection, abort
	if ($to_collection == $source_collection_id) {
		return;
	}

	// Next, get the collection name of our destination collection
	$sql = "SELECT c.path as collection_path FROM ".PLOGGER_TABLE_PREFIX."collections c WHERE c.id = '$to_collection'";

	$result = run_query($sql);
	$row = mysqli_fetch_assoc($result);

	$target_collection_name = SmartStripSlashes($row['collection_path']);
	$source_path = $config['basedir'].'plog-content/images/'.$source_collection_name.'/'.$source_album_name.'/';
	$target_path = $config['basedir'].'plog-content/images/'.$target_collection_name.'/'.$source_album_name.'/';
	$thumb_path = $config['basedir'].'plog-content/thumbs/'.$source_collection_name.'/'.$source_album_name.'/';

	// Check path so we are not creating duplicate albums within the same collection
	if (is_dir($target_path)) {
		// If there is already a directory, check to see if it's in the database
		$album_data = get_album_by_name($source_album_name, $to_collection);
		if ($album_data) {
			// It's in the database, so throw duplicate album error
			return array('errors' => sprintf(plog_tr('New album could not be created, because there is already one named %s in the collection %s'), '<strong>'.$source_album_name.'</strong>', '<strong>'.$target_collection_name.'</strong>'));
		} else {
			// It's not in the database so attempt to delete the directory
			if (!kill_dir($target_path)) {
				// Could not delete the directory, so prompt the user to delete it manually
				return array('errors' => sprintf(plog_tr('Album directory %s exists, but no album exists in the database. Attempt to delete automatically failed. Please delete folder via FTP manually and try again.'), '<strong>'.$target_path.'</strong>'));
			}
		}
	}

	// Attempt to make new album directory in target collection
	if (!makeDirs($target_path)) {
		return array('errors' => sprintf(plog_tr('Could not create directory %s!'), '<strong>'.$target_path.'</strong>'));
	}

	// Now we need to update the database paths of all pictures within source album
	$sql = "SELECT p.path as path, p.id as picture_id, c.name as collection_name, a.name as album_name
		FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."pictures p, ".PLOGGER_TABLE_PREFIX."collections c
		WHERE p.parent_album = a.id AND p.parent_collection = c.id AND p.parent_album = '$album_id'";

	$result = run_query($sql);
	$pic_ids = array();

	while($row = mysqli_fetch_assoc($result)) {
		$filename = SmartStripSlashes(basename($row['path']));
		$pic_ids[] = $row['picture_id'];
		$old_path = $source_path.$filename;
		$new_path = $target_path.$filename;

		if (!move_this($old_path, $new_path)) {
			$res['errors'] .=  sprintf(plog_tr('Could not move file: %s to %s'), '<strong>'.$old_path.'</strong>', '<strong>'.$new_path.'</strong>');
		} else {
			@chmod($new_path, PLOGGER_CHMOD_FILE);
		}

		$path_insert = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$target_collection_name.'/'.$source_album_name.'/'.$filename);

		$sql = "UPDATE ".PLOGGER_TABLE_PREFIX."pictures SET
				parent_collection = '$to_collection',
				path = '$path_insert'
			WHERE id = '$row[picture_id]'";
		mysqli_query($GLOBALS["PLOGGER_DBH"],$sql) or ($res['errors'] .= mysqli_error($GLOBALS["PLOGGER_DBH"]));
	}

	// Check if collection thumbnail = picture moved to different collection and set to default if so
	if (in_array($source_collection_thumb, $pic_ids)) {
		$query = "UPDATE ".PLOGGER_TABLE_PREFIX."collections SET `thumbnail_id`='0' WHERE id='".$source_collection_id."'";
		run_query($query);
	}

	// Update the parent id of the moved album
	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."albums SET `parent_id` = '$to_collection' WHERE `id`='$album_id'";
	$result = run_query($query);

	// Attempt to delete the old folder and thumbnails if there were no errors moving the files
	if ($res['errors'] == '') {
		kill_dir($thumb_path);
		$remove = kill_dir($source_path);
		if (!$remove) {
			$res['errors'] .= sprintf(plog_tr('Could not remove album from collection %s. Album still contains files after all pictures have been moved.'), '<strong>'.$source_collection_name.'</strong>');
		}
	}
	return $res;
}

function delete_album($del_id) {
	global $config;
	$sql = "SELECT c.name AS collection_name, a.name AS album_name, a.id AS album_id, c.path AS collection_path, a.path AS album_path
		FROM ".PLOGGER_TABLE_PREFIX."albums a, ".PLOGGER_TABLE_PREFIX."collections c
		WHERE c.id = a.parent_id AND a.id = '$del_id'";

	$result = run_query($sql);
	$album = mysqli_fetch_assoc($result);

	if (!$album) {
		return array('errors' => plog_tr('No such album'));
	}

	// First delete all pictures registered with this album
	$sql = 'SELECT * FROM '.PLOGGER_TABLE_PREFIX.'pictures WHERE parent_album = '.$album['album_id'];
	$result = run_query($sql);
	while ($row = mysqli_fetch_assoc($result)) {
		delete_picture($row['id']);
	}

	// XXX: un-register album
	$query = "DELETE FROM ".PLOGGER_TABLE_PREFIX."albums WHERE `id`= '".$album['album_id']."'";
	run_query($query);

	// Finally try to delete the directory itself. It will succeed, if there are no files left inside it ..
	// If there are then .. how did they get there? Probably not through Plogger and in this case do we 
	// really want to delete those?
	$source_album_name = SmartStripSlashes($album['album_path']);
	$source_collection_name = SmartStripSlashes($album['collection_path']);

	// Delete any thumbnails for the album
	$album_thumb_directory = $config['basedir'].'plog-content/thumbs/'.$source_collection_name.'/'.$source_album_name;
	if (file_exists($album_thumb_directory)) {
		kill_dir($album_thumb_directory);
	}
	// Check to see if the album_directory is a real directory and then try to delete it
	$album_directory = $config['basedir'].'plog-content/images/'.$source_collection_name.'/'.$source_album_name;
	if (is_dir($album_directory)) {
		if (!kill_dir($album_directory)) {
			return array('errors' => plog_tr('Album directory still contains files after all pictures have been deleted.'));
		}

	} else {
		return array('errors' => plog_tr('Album has invalid path, not deleting directory.'));
	}
	return array();
}

function update_comment($id, $author, $email, $url, $comment) {
	$id = intval($id);
	$author = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$author);
	$email = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$email);
	$url = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$url);
	$comment = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],trim($comment));

	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."comments SET author = '$author', comment = '$comment', url = '$url', email = '$email' WHERE id='$id'";
	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected comment.'));
	} else {
		return array('errors' => plog_tr('Could not modify selected comment.'));
	}
}

function update_comment_field($id, $field, $value) {
	$allowed_fields = array('author', 'email', 'url', 'comment');
	if (!in_array($field, $allowed_fields)) {
		return array('errors' => plog_tr('Invalid action'));
	}

	$id = intval($id);
	$value = mysqli_real_escape_string($GLOBALS["PLOGGER_DBH"],$value);

	$query = "UPDATE ".PLOGGER_TABLE_PREFIX."comments SET $field = '$value' WHERE id='$id'";
	$result = mysqli_query($GLOBALS["PLOGGER_DBH"],$query);
	if ($result) {
		return array('output' => plog_tr('You have successfully modified the selected comment.'));
	} else {
		return array('errors' => plog_tr('Could not modify selected comment.'));
	}
}

function count_albums($parent_id = 0) {
	if (!$parent_id)
		$numquery = "SELECT COUNT(*) AS `num_albums` FROM `".PLOGGER_TABLE_PREFIX."albums`";
	else
		$numquery = "SELECT COUNT(*) AS `num_albums` FROM `".PLOGGER_TABLE_PREFIX."albums` WHERE parent_id = '$parent_id'";

	$numresult = run_query($numquery);
	$num_albums = mysqli_result($numresult, 0, 'num_albums');
	return $num_albums;
}

function count_collections() {

	$numquery = "SELECT COUNT(*) AS `num_collections` FROM `".PLOGGER_TABLE_PREFIX."collections`";

	$numresult = run_query($numquery);
	$num_albums = mysqli_result($numresult, 0, 'num_collections');
	return $num_albums;
}

function count_pictures($parent_id = 0) {
	if (!$parent_id)
		$numquery = "SELECT COUNT(*) AS `num_pics` FROM `".PLOGGER_TABLE_PREFIX."pictures`";
	else
		$numquery = "SELECT COUNT(*) AS `num_pics` FROM `".PLOGGER_TABLE_PREFIX."pictures` WHERE parent_album = '$parent_id'";

	$numresult = run_query($numquery);
	$num_pics = mysqli_result($numresult, 0, 'num_pics');
	return $num_pics;
}

function count_comments($parent_id = false) {
	$numquery = "SELECT COUNT(*) AS `num_comments` FROM `".PLOGGER_TABLE_PREFIX."comments` WHERE approved = 1";
	if ($parent_id !== false) {
		$numquery .= " AND parent_id = '".$parent_id."'";
	}

	$numresult = run_query($numquery);
	$num_comments = mysqli_result($numresult, 0, 'num_comments');
	return $num_comments;
}

function plog_edit_comment_form($comment_id) {
	$output = '';
	$comment_id = intval($comment_id);
	$sql = "SELECT * FROM ".PLOGGER_TABLE_PREFIX."comments c WHERE c.id = '$comment_id'";
	$result = run_query($sql);
	$comment = mysqli_fetch_assoc($result);
	if (!is_array($comment)) {
		// XXX: return an error message instead
		return false;
	}
	$query = '';
	if (strpos($_SERVER['PHP_SELF'], 'plog-manage') !== false) {
		$query = '?level=comments&id='.$comment['parent_id'];
	}

	$output .= "\n\t" . '<form class="edit width-700" action="'.$_SERVER['PHP_SELF'].$query.'" method="post">';

	// Get the thumbnail
	$photo = get_picture_by_id($comment['parent_id']);
	$thumbpath = generate_thumb(SmartStripSlashes($photo['path']), $photo['id'], THUMB_SMALL);
	$output .= "\n\t\t" . '<div style="float: right;"><img src="'.$thumbpath.'" alt="" /></div>
		<div>
			<div class="strong">'.plog_tr('Edit Comment').'</div>
			<p>
				<label class="strong" accesskey="a" for="author">'.plog_tr('Author').':</label><br />
				<input size="65" name="author" id="author" value="'.SmartStripSlashes($comment['author']).'" />
			</p>
			<p>
				<label class="strong" accesskey="e" for="email">'.plog_tr('Email').':</label><br />
				<input size="65" name="email" id="email" value="'.SmartStripSlashes($comment['email']).'" />
			</p>
			<p>
				<label class="strong" accesskey="u" for="url">'.plog_tr('Website').':</label><br />
				<input size="65" name="url" id="url" value="'.SmartStripSlashes($comment['url']).'" />
			</p>
			<p>
				<label class="strong" accesskey="c" for="comment">'.plog_tr('Comment').':</label><br />
				<textarea cols="62" rows="4" name="comment" id="comment">'.SmartStripSlashes($comment['comment']).'</textarea>
			</p>
			<input type="hidden" name="pid" value="'.$comment['id'].'" />
			<input type="hidden" name="action" value="update-comment" />
			<input class="submit" name="update" value="'.plog_tr('Update').'" type="submit" />
			<input class="submit-cancel" name="cancel" value="'.plog_tr('Cancel').'" type="submit" />
		</div>
	</form>' . "\n";
		return $output;
}

function makeDirs($path, $mode = PLOGGER_CHMOD_DIR) { // Creates directory tree recursively
	if (is_safe_mode()) {
		return is_dir($path) or (makeDirs(dirname($path), $mode) and makeDirs_ftp($path));
	} else {
		return is_dir($path) or (makeDirs(dirname($path), $mode) and mkdir($path, $mode) and configure_blank_index($path) and chmod($path, $mode));
	}
}

/** These functions are for safe_mode enabled servers **/
function connect_ftp() {
	global $config, $PLOGGER_FTP;

	$ftp_server = $config['ftp_host'];
	$ftp_user = $config['ftp_user'];
	$ftp_pass = $config['ftp_pass'];

	// Create connection
	$PLOGGER_FTP = ftp_connect($ftp_server); 
	// Login to ftp server
	$ftp_result = ftp_login($PLOGGER_FTP, $ftp_user, $ftp_pass);

	// Check if connection was made
	if ((!$PLOGGER_FTP) || (!$ftp_result)) {
		return false;
	}
	return true;
}

function close_ftp() {
	global $PLOGGER_FTP;

	if (isset($PLOGGER_FTP)) {
		ftp_close($PLOGGER_FTP);
	}
}

function makeDirs_ftp($path) {
	global $config, $PLOGGER_FTP;
	$return = false;

	$ftp_path = str_replace($config['basedir'], '', $path);
	$ftp_dir = dirname($ftp_path);
	$ftp_new_dir = str_replace($ftp_dir.'/', '', $ftp_path);

	if (!isset($PLOGGER_FTP)) {
		// Check if connection was made
		$ftp_connection = connect_ftp();
		if ($ftp_connection === false) {
			return $return;
		}
	}
	ftp_chdir($PLOGGER_FTP, $config['ftp_path'].$ftp_dir); // Go to destination dir
	$ftp_create_dir = ftp_mkdir($PLOGGER_FTP, $ftp_new_dir); // Create directory
	if ($ftp_create_dir) {
		chmod_ftp($path, 0777);
		configure_blank_index($path);
		$chmod = decoct(PLOGGER_CHMOD_DIR);
		$ftp_exec_dir = ftp_site($PLOGGER_FTP, 'CHMOD '.$chmod.' '.$ftp_new_dir.'/');
	}
	if ($ftp_exec_dir) {
		$return = true;
	} else {
		echo 'could not chmod!';
	}
	return $return;
}

function chmod_ftp($path, $mode = PLOGGER_CHMOD_DIR) {
	global $config, $PLOGGER_FTP;
	$return = false;

	$ftp_chmod_dir = str_replace($config['basedir'], $config['ftp_path'], $path);

	if (!isset($PLOGGER_FTP)) {
		// Check if connection was made
		$ftp_connection = connect_ftp();
		if ($ftp_connection === false) {
			return $return;
		}
	}
	$chmod = decoct($mode);
	$ftp_exec_dir = @ftp_site($PLOGGER_FTP, 'CHMOD '.$chmod.' '.$ftp_chmod_dir);
	if ($ftp_exec_dir) {
		$return = true;
	}
	return $return;
}
/** END functions for safe_mode enabled servers **/

function configure_htaccess_fullpic($allow = false) {
	$cfg = '';
	$placeholder_start = '# BEGIN Plogger';
	$placeholder_end = '# END Plogger';
	$thisfile =  '/plog-admin/'.basename(__FILE__);
	$adm = strpos($_SERVER['PHP_SELF'], '/plog-admin');
	$rewritebase = substr($_SERVER['PHP_SELF'], 0, $adm);
	if (!$allow) {
		$cfg .= "deny from all\n";
	}
	// Read the file
	global $config;
	$fpath = $config['basedir'].'plog-content/images/.htaccess';
	$htaccess_lines = (is_file($fpath)) ? @file($fpath) : array();

	$output = '';
	$configuration_placed = false;
	$between_placeholders = false;
	foreach($htaccess_lines as $line) {
		$tline = trim($line);
		if ($placeholder_start == $tline) {
			$between_placeholders = true;
			$output .= $line.$cfg;
			$configuration_placed = true;
			continue;
		}
		if ($placeholder_end == $tline) {
			$between_placeholders = false;
			$output .= $line;
			continue;
		}
		if ($between_placeholders) continue;

		$output .= $line;
	}

	// No placeholders? Append to the end
	if (!$configuration_placed) {
		$output .= "\n\n" .$placeholder_start. "\n" .$cfg.$placeholder_end. "\n";
	}

	$fh = @fopen($fpath, 'w');
	// Write changes out if the file can be opened.
	// XXX: perhaps plog-options.php should check whether settings can be written and warn the user if not?
	$success = false;
	if ($fh) {
		$success = true;
		fwrite($fh, $output);
		fclose($fh);
	}
	return $success;
}

function configure_mod_rewrite($enable = false) {
	global $config;

	if (file_exists($config['basedir'].'.htaccess') && is_writable($config['basedir'].'.htaccess')) {
		$cfg = '';
		$placeholder_start = '# BEGIN Plogger';
		$placeholder_end = '# END Plogger';
		$thisfile = '/plog-admin/'.basename(__FILE__);
		$adm = strpos($_SERVER['PHP_SELF'], '/plog-admin');
		$rewritebase = substr($_SERVER['PHP_SELF'], 0, $adm);
		if ($enable) {
			if (empty($rewritebase)) {
				$rewritebase = '/';
			}
			$cfg .= "<IfModule mod_rewrite.c>\n";
			$cfg .= "RewriteEngine on\n";
			$cfg .= "RewriteBase $rewritebase\n";
			$cfg .= "RewriteCond %{REQUEST_URI} !(\.|/\$)\n";
			$cfg .= "RewriteRule ^.*\$ http://".parse_url($config['gallery_url'], PHP_URL_HOST)."%{REQUEST_URI}/ [R=301,L]\n";
			if (strpos($config['gallery_url'], 'www.')) {
				$cfg .= "RewriteCond %{HTTP_HOST} !^www [NC]\n";
				$cfg .= "RewriteRule ^(.*)\$ ".$config['gallery_url']."\$1 [R=301,L]\n";
			}
			$cfg .= "RewriteCond %{REQUEST_FILENAME} -d [OR]\n";
			$cfg .= "RewriteCond %{REQUEST_FILENAME} -f\n";
			$cfg .= "RewriteRule ^.*$ - [S=2]\n";
			$cfg .= "RewriteRule feed/$ plog-rss.php?path=%{REQUEST_URI} [L]\n";
			$cfg .= "RewriteRule ^.*$ index.php?path=%{REQUEST_URI} [L]\n";
			$cfg .= "</IfModule>\n";
		}
		// Read the file
		global $config;
		$fpath = $config['basedir'].'.htaccess'; 
		$htaccess_lines = @file($fpath);

		$output = '';
		$configuration_placed = false;
		$between_placeholders = false;
		foreach($htaccess_lines as $line) {
			$tline = trim($line);
			if ($placeholder_start == $tline) {
				$between_placeholders = true;
				$output .= $line.$cfg;
				$configuration_placed = true;
				continue;
			}
			if ($placeholder_end == $tline) {
				$between_placeholders = false;
				$output .= $line;
				continue;
			}
			if ($between_placeholders) continue;

			$output .= $line;
		}

		// No placeholders? Append to the end
		if (!$configuration_placed) {
			$output .= "\n\n" .$placeholder_start. "\n" .$cfg.$placeholder_end. "\n";
		}

		$fh = @fopen($fpath, 'w');
		// Write changes out if the file can be opened.
		// XXX: perhaps plog-options.php should check whether settings can be written and warn the user if not?
		$success = false;
		if ($fh) {
			$success = true;
			fwrite($fh, $output);
			fclose($fh);
		}
		return $success;
	} else {
		return false;
	}
}

function configure_blank_index($fpath = '') {
	if (substr($fpath, -1) !== '/') {
		$fpath = $fpath.'/';
	}
	// Write out the default blank index.php
	if (!empty($fpath) && !file_exists($fpath.'index.php') && is_writable($fpath)) {
		$output = "<?php\n// Ignorance is bliss\n?>";
		$fh = @fopen($fpath.'index.php', 'w');
		if ($fh) {
			fwrite($fh, $output);
			fclose($fh);
		}
	}
	// Always return true because a blank index is not required
	return true;
}

// Makes sure that argument does not contain characters that cannot be allowed, like . or /, which
// could be used to point to directory or filenames outside the Plogger directory
function is_valid_directory($str) {
	// Allow only alfanumeric characters, hyphen, [, ], dot, apostrophe and space in collection names
	return !preg_match("/[^\w|\.|'|\-|\[|\] ]/", $str);
}

/// XXX: Something for the future: perhaps hooks for plugins should be implemented,
// so plugins could add new fields to all those forms.
function plog_add_collection_form() {
	$output = "\n\t\t" . '<input type="button" class="submit-create" id="show-collection" onclick="toggle(\'create-collection\'); toggle(\'show-collection\')" value="'.plog_tr('Create Collection').'" style="display: none;" />
		<form action="'.$_SERVER['PHP_SELF'].'" method="post">
		<div id="create-collection" class="cssbox-green">
			<div class="cssbox-head-green" onclick="toggle(\'create-collection\'); toggle(\'show-collection\')">
				<h2 class="manage">'.plog_tr('Create Collection').'</h2>
			</div><!-- /cssbox-head-green -->
			<div class="cssbox-body-green">
				<label accesskey="n" for="name">'.plog_tr('<em>N</em>ame').':</label><br />
				<input name="name" id="name" /><br />
				<label accesskey="d" for="description">'.plog_tr('<em>D</em>escription').':</label><br />
				<input name="description" id="description" size="47" style="width: 95%;" />
				<input name="action" type="hidden" value="add-collection" />
				<input class="submit" type="submit" value="'.plog_tr('Add Collection').'" />
			</div><!-- /cssbox-body-green -->
		</div><!-- /create-collection cssbox-green -->
		</form>
		<script type="text/javascript">toggle(\'create-collection\'); toggle(\'show-collection\');</script>' . "\n";
	return $output;
}

function plog_add_album_form($parent_collection) {
	$parent_collection = intval($parent_collection);
	$output = "\n\t\t" . '<input type="button" class="submit-create" id="show-album" onclick="toggle(\'create-album\'); toggle(\'show-album\')" value="'.plog_tr('Create Album').'" style="display: none;" />
		<form action="'.$_SERVER['PHP_SELF'].'?level=albums&id='.$parent_collection.'" method="post">
		<div id="create-album" class="cssbox-green">
			<div class="cssbox-head-green" onclick="toggle(\'create-album\'); toggle(\'show-album\')">
				<h2 class="manage">'.plog_tr('Create Album').'</h2>
			</div><!-- /cssbox-head-green -->
			<div class="cssbox-body-green">
				<label accesskey="n" for="name">'.plog_tr('<em>N</em>ame').':</label><br />
				<input name="name" id="name" /><br />
				<label accesskey="d" for="description">'.plog_tr('<em>D</em>escription').':</label><br />
				<input name="description" id="description" size="47" style="width: 95%;" />
				<input name="action" type="hidden" value="add-album" />
				<input type="hidden" name="parent_collection" value="'.$parent_collection.'" />
				<input class="submit" type="submit" value="'.plog_tr('Add Album').'" />
			</div><!-- /cssbox-body-green -->
		</div><!-- /create-album cssbox-green -->
		</form>
		<script type="text/javascript">toggle(\'create-album\'); toggle(\'show-album\');</script>' . "\n";
	return $output;
}

function plog_edit_collection_form($collection_id) {
	global $config, $thumbnail_config;
	$output = '';
	$collection_id = intval($collection_id);

	$output .= "\n\t\t" . '<form class="edit width-700" action="'.$_SERVER['PHP_SELF'].'" method="post">';
	$collection = get_collection_by_id($collection_id);

	$auto_graphic = $config['gallery_url'].'plog-admin/images/auto.gif';
	$images = "\n\t\t\t\t\t" . '<option class="thumboption" value="0" style="padding-left: 100px; background-image: url('.$auto_graphic.');">'.plog_tr('automatic').'</option>';

	// Create a list of all pictures in the collection. Should I create a separate function for this as well?
	$sql = "SELECT p.id AS id, caption, p.path AS path, a.name AS album_name
			FROM ".PLOGGER_TABLE_PREFIX."pictures p
			LEFT JOIN ".PLOGGER_TABLE_PREFIX."albums AS a ON p.parent_album = a.id
			WHERE p.parent_collection = '".$collection_id."'
			ORDER BY a.name, p.date_submitted";

	$result = run_query($sql);
	while($row = mysqli_fetch_assoc($result)) {
		$selected = ($row['id'] == $collection['thumbnail_id']) ? ' selected="selected"' : '';
		$style = 'class="thumboption" style="padding-left: '.($thumbnail_config[THUMB_SMALL]['size'] + 5).'px; background-image: url('.generate_thumb(SmartStripSlashes($row['path']), $row['id']).');"';

		$images .= "\n\t\t\t\t\t" . '<option '.$style.' value="'.$row['id'].'"'.$selected.'>';
		$images .= SmartStripSlashes($row['album_name']).": ";
		$images .= !empty($row['caption']) ? SmartStripSlashes($row['caption']) : SmartStripSlashes(basename($row['path']));
		$images .= "</option>";
	}

	$output .= "\n\t\t\t" . '<div>
				<div class="strong">'.plog_tr('Edit Collection Properties').'</div>
				<p>
					<label class="strong" accesskey="n" for="name">'.plog_tr('<em>N</em>ame').':</label><br />
					<input size="68" name="name" id="name" value="'.htmlspecialchars(SmartStripSlashes($collection['name'])).'" />
				</p>
				<p>
					<label class="strong" accesskey="d" for="description">'.plog_tr('<em>D</em>escription').':</label><br />
					<input size="68" name="description" id="description" value="'.htmlspecialchars(SmartStripSlashes($collection['description'])).'" />
				</p>
				<p>
					<span class="strong">Thumbnail:</span><br />
					<select name="thumbnail_id" onchange="updateThumbPreview(this)" class="thumbselect width-500" id="thumbselect">'.$images.'
					</select>
					<script type="text/javascript">updateThumbPreview(document.getElementById(\'thumbselect\'));</script>
				</p>
				<input type="hidden" name="pid" value="'.$collection_id.'" />
				<input type="hidden" name="action" value="update-collection" />
				<input class="submit" name="update" value="'.plog_tr('Update').'" type="submit" />
				<input class="submit-cancel" name="cancel" value="'.plog_tr('Cancel').'" type="submit" />
			</div>
		</form>' . "\n";
		return $output;
}

function plog_edit_album_form($album_id) {
	global $config, $thumbnail_config;

	$album_id = intval($album_id);

	$album = get_album_by_id($album_id);
	$auto_graphic = $config['gallery_url'].'plog-admin/images/auto.gif';

	$page = isset($_GET['plog_page']) ? '&plog_page='.intval($_GET['plog_page']) : '';

	$output = "\n\t\t" . '<form class="edit width-700" action="'.$_SERVER['PHP_SELF'] .'?level=albums&id='.$album['parent_id'].$page .'" method="post">';

	$images = '<option class="thumboption" value="0" style="padding-left: 100px; background-image: url('.$auto_graphic.');">'.plog_tr('automatic').'</option>';

	$sql = "SELECT id, caption, path FROM ".PLOGGER_TABLE_PREFIX."pictures p WHERE p.parent_album = '".$album_id."'";

	$result = run_query($sql);
	while($row = mysqli_fetch_assoc($result)) {
			$selected = ($row['id'] == $album['thumbnail_id']) ? ' selected="selected"' : '';
			$style = 'class="thumboption" style="padding-left: '.($thumbnail_config[THUMB_SMALL]['size'] + 5).'px; background-image: url('.generate_thumb(SmartStripSlashes($row['path']), $row['id']).');"';
			$images .= "\n\t\t\t\t" . '<option '.$style.' value="'.$row['id'].'"'.$selected.'>';
			$images .= !empty($row['caption']) ? SmartStripSlashes($row['caption']) : SmartStripSlashes(basename($row['path']));
			$images .= "</option>";
		}

		$output .= "\n\t\t\t" . '<div>
				<div class="strong">'.plog_tr('Edit Album Properties').'</div>
				<p>
					<label class="strong" for="name" accesskey="n">'.plog_tr('<em>N</em>ame').':</label><br />
					<input size="61" name="name" id="name" value="'.htmlspecialchars(SmartStripSlashes($album['name'])).'" />
				</p>
				<p>
					<label class="strong" for="description" accesskey="d">'.plog_tr('<em>D</em>escription').':</label><br />
					<input size="61" name="description" id="description" value="'.htmlspecialchars(SmartStripSlashes($album['description'])).'" />
				</p>
				<p>
					<span class="strong">Thumbnail:</span><br />
					<select name="thumbnail_id" class="thumbselect width-450" id="thumbselect" onchange="updateThumbPreview(this)">'.$images.'
					</select>
					<script type="text/javascript">updateThumbPreview(document.getElementById(\'thumbselect\'));</script>
				</p>
				<input type="hidden" name="pid" value="'.$album_id.'" />
				<input type="hidden" name="action" value="update-album" />
				<input class="submit" name="update" value="'.plog_tr('Update').'" type="submit" />
				<input class="submit-cancel" name="cancel" value="'.plog_tr('Cancel').'" type="submit" />
			</div>
		</form>' . "\n";
		return $output;
}

function plog_picture_manager($id, $from, $limit) {
	global $config, $empty;
	$output = '';

	plogger_init_pictures(array(
		'type' => 'album',
		'value' => $id,
		'from' => $from,
		'limit' => $limit,
		'sortby' => !empty($config['default_sortby']) ? $config['default_sortby'] : 'id',
		'sortdir' => !empty($config['default_sortdir']) ? $config['default_sortdir'] : 'ASC'
	));

	// Create javascript initiation function for editable elements
	if (plogger_has_pictures()) {
		$output .= "\n\t\t" . '<script type="text/javascript">';
		$output .= "\n\t\t\t" . 'Event.observe(window, \'load\', init, false);';
		$output .= "\n\t\t\t" . 'function init() {' . "\n";

		while(plogger_has_pictures()) {
			plogger_load_picture();
			$output .= "\t\t\t\tmakeEditable('picture-description-".plogger_get_picture_id()."');
				makeEditable('picture-caption-".plogger_get_picture_id()."');\n";
		}
		$output .= "\t\t\t" . '}';
		$output .= "\n\t\t" . '</script>';
	}

	// Reset the picture array
		plogger_init_pictures(array(
			'type' => 'album',
			'value' => $id,
			'from' => $from,
			'limit' => $limit,
			'sortby' => !empty($config['default_sortby']) ? $config['default_sortby'] : 'id',
			'sortdir' => !empty($config['default_sortdir']) ? $config['default_sortdir'] : 'ASC'
	));

	if (plogger_has_pictures()) {
		$allow_comment = ($config['allow_comments']) ? plog_tr('Allow Comments') : ' ';
		$output .= "\n\t\t" . '<table style="width: 100%;" cellpadding="3" cellspacing="0">
			<col style="width: 15px;" />
			<tr class="header">
				<th class="table-header-left align-center width-15"><input name="allbox" type="checkbox" onclick="checkToggle(document.getElementById(\'contentList\'));" /></th>
				<th class="table-header-middle align-center width-150">'.plog_tr('Thumb').'</th>
				<th class="table-header-middle align-left width-175">'.plog_tr('Filename').'</th>
				<th class="table-header-middle align-left">'.plog_tr('Caption').'/'.plog_tr('Description').'</th>
				<th class="table-header-middle align-center width-125">'.$allow_comment.'</th>
				<th class="table-header-right align-center width-100">'.plog_tr('Actions').'</th>
			</tr>';
		$counter = 0;

		while(plogger_has_pictures()) {
			if ($counter%2 == 0) $table_row_color = 'color-1';
			else $table_row_color = 'color-2';
			$counter++;
			plogger_load_picture();

			$id = plogger_get_picture_id();
			$output .= "\n\t\t\t" . '<tr class="'.$table_row_color.'">';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-15"><p class="margin-5"><input type="checkbox" name="selected[]" value="'.$id.'" /></p></td>';
			$thumbpath = plogger_get_picture_thumb();
			$imgtag = '<img src="'.$thumbpath.'" title="'.plogger_get_picture_caption('clean').'" alt="'.plogger_get_picture_caption('clean').'" />';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-150"><div class="img-shadow"><a href="'.plogger_get_picture_thumb(THUMB_LARGE).'" rel="lightbox" title="'.plogger_get_picture_caption('code').'">'.$imgtag.'</a></div></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left width-175"><p class="margin-5"><strong><a href="'.$_SERVER['PHP_SELF'].'?level=comments&id='.$id.'">'.basename(plogger_get_source_picture_path()).'</a></strong><br /><br /><span>'.sprintf(plog_tr('Comments: %d'), plogger_picture_comment_count()).'</span></p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left vertical-top">
					<p class="margin-5 no-margin-bottom"><strong>'.plog_tr('Caption').':</strong></p>
					<p class="margin-5 no-margin-top" id="picture-caption-'.plogger_get_picture_id().'">'.plogger_get_picture_caption().'</p>
					<p class="margin-5 no-margin-bottom"><strong>'.plog_tr('Description').':</strong></p>
					<p class="margin-5 no-margin-top" id="picture-description-'.plogger_get_picture_id().'">'.plogger_get_picture_description().'</p>
				</td>';
			if ($config['allow_comments']) {
				$allow_comments = (1 == plogger_picture_allows_comments()) ? plog_tr('Yes') : plog_tr('No');
			} else {
				$allow_comments = ' ';
			}
			$output .= "\n\t\t\t\t" . '<td class="align-center width-125"><p class="margin-5">'.$allow_comments.'</p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-100"><p class="margin-5"><a href="?action=edit-picture&id='.$id;
			if (isset($_GET['entries_per_page'])) $output .= '&entries_per_page='.intval($_GET['entries_per_page']);
			if (isset($_GET['plog_page'])) $output .= '&plog_page='.intval($_GET['plog_page']);
			$output .= '"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/edit.gif" alt="'.plog_tr('Edit').'" title="'.plog_tr('Edit').'" /></a>';
			$parent_id = $_REQUEST['id'];
			$output .= '   <a href="?action=move-delete&selected%5B%5D='.$id.'&level=pictures&delete_checked=1&id='.$parent_id;
			if (isset($_GET['plog_page'])) $output .= '&plog_page='.intval($_GET['plog_page']);
			$output .= '" onclick="return confirm(\''.plog_tr('Are you sure you want to delete this item?').'\');"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/x.gif" alt="'.plog_tr('Delete').'" title="'.plog_tr('Delete').'" /></a></p></td>';
			$output .= "\n\t\t\t" . '</tr>';
		}

		$output .= "\n\t\t\t" . '<tr class="footer">
				<td class="align-left invert-selection" colspan="6"><a href="#" onclick="checkToggle(document.getElementById(\'contentList\')); return false;">'.plog_tr('Toggle Checkbox Selection').'</a></td>
			</tr>
		</table>' . "\n";
	} else {
		$output .= "\n\n\t\t" . '<p class="actions">'.sprintf(plog_tr('Sadly, there are no pictures yet. Why don\'t you <a title="upload images" href="%s" style="font-weight: bold;">upload some</a>?'), 'plog-upload.php').'</p>' . "\n";
		$empty = true;
	}
	return $output;
}

function plog_album_manager($id, $from, $limit) {
	global $config, $empty;
	$output = '';

	plogger_init_albums(array(
		'from' => $from,
		'collection_id' => $id,
		'limit' => $limit,
		'all_albums' => 1,
		'sortby' => !empty($config['album_sortby']) ? $config['album_sortby'] : 'id',
		'sortdir' => !empty($config['album_sortdir']) ? $config['album_sortdir'] : 'ASC'
	));

	// Create javascript initiation function for editable elements
	if (plogger_has_albums()) {
		$output .= "\n\t\t" . '<script type="text/javascript">';
		$output .= "\n\t\t\t" . 'Event.observe(window, \'load\', init, false);';
		$output .= "\n\t\t\t" . 'function init() {' . "\n";
		while(plogger_has_albums()) {
			plogger_load_album();
			// makeEditable('album-name-".plogger_get_album_id()."');
			$output .= "\t\t\t\tmakeEditable('album-description-".plogger_get_album_id()."');\n";
		}
		$output .= "\t\t\t" . '}';
		$output .= "\n\t\t" . '</script>';
	}

	plogger_init_albums(array(
		'from' => $from,
		'collection_id' => $id,
		'limit' => $limit,
		'all_albums' => 1,
		'sortby' => !empty($config['album_sortby']) ? $config['album_sortby'] : 'id',
		'sortdir' => !empty($config['album_sortdir']) ? $config['album_sortdir'] : 'ASC'
	));

	if (plogger_has_albums()) {
		$output .= "\n\t\t" . '<table style="width: 100%;" cellpadding="3" cellspacing="0">
			<col style="width: 15px;" />
			<tr class="header">
				<th class="table-header-left align-center width-15"><input name="allbox" type="checkbox" onclick="checkAll(document.getElementById(\'contentList\'));" /></th>
				<th class="table-header-middle align-left width-275">'.plog_tr('Name').'</th>
				<th class="table-header-middle align-left">'.plog_tr('Description').'</th>
				<th class="table-header-right align-center width-100">'.plog_tr('Actions').'</th>
			</tr>';
		$counter = 0;

		while(plogger_has_albums()) {
			plogger_load_album();
			$id = plogger_get_album_id();
			if ($counter%2 == 0) $table_row_color = 'color-1';
			else $table_row_color = 'color-2';
			$counter++;

			$text = (plogger_album_picture_count() == 1) ? plog_tr('image') : plog_tr('images');
			$output .= "\n\t\t\t" . '<tr class="'.$table_row_color.'">';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-15"><p class="margin-5"><input type="checkbox" name="selected[]" value="'.$id.'" /></p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left width-275"><p class="margin-5"><a class="folder" href="'.$_SERVER['PHP_SELF'].'?level=pictures&id='.$id.'"><span id="album-name-'.plogger_get_album_id().'"><strong>'.plogger_get_album_name().'</strong></span></a> - '.sprintf(plog_tr('%d'), plogger_album_picture_count()).' '.$text.'</p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left vertical-top"><p class="margin-5" id="album-description-'.plogger_get_album_id().'">'.plogger_get_album_description().'</p></td>';
			$page = (isset($_GET['plog_page'])) ? '&plog_page='.intval($_GET['plog_page']) : '';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-100"><p class="margin-5"><a href="'.$_SERVER['PHP_SELF'].'?action=edit-album&id='.$id.$page.'"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/edit.gif" alt="'.plog_tr('Edit').'" title="'.plog_tr('Edit').'" /></a>';
			$output .= '   <a href="'.$_SERVER['PHP_SELF'].'?action=move-delete&selected%5B%5D='.$id.'&level=albums&delete_checked=1&id='.$_REQUEST['id'].$page;
			$output .= '" onclick="return confirm(\''.plog_tr('Are you sure you want to delete this item?').'\');"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/x.gif" alt="'.plog_tr('Delete').'" title="'.plog_tr('Delete').'" /></a></p></td>';
			$output .= "\n\t\t\t" . '</tr>';
		}

		$output .= "\n\t\t\t" . '<tr class="footer">
				<td class="align-left invert-selection" colspan="7"><a href="#" onclick="checkToggle(document.getElementById(\'contentList\')); return false;">'.plog_tr('Toggle Checkbox Selection').'</a></td>
			</tr>
		</table>' . "\n";
	} else {
		$output .= "\n\n\t\t" . '<p class="actions">'.plog_tr('There are no albums in this collection yet, why don\'t you create one?').'</p>' . "\n";
		$empty = true;
	}
	return $output;
}

function plog_collection_manager($from, $limit) {
	global $config, $empty;
	$output = '';

	plogger_init_collections(array(
		'from' => $from,
		'limit' => $limit,
		'all_collections' => 1,
		'sortby' => !empty($config['collection_sortby']) ? $config['collection_sortby'] : 'id',
		'sortdir' => !empty($config['collection_sortdir']) ? $config['collection_sortdir'] : 'ASC'
	));

	// Create javascript initiation function for editable elements
	if (plogger_has_collections()) {
		$output .= "\n\t\t" . '<script type="text/javascript">';
		$output .= "\n\t\t\t" . 'Event.observe(window, \'load\', init, false);';
		$output .= "\n\t\t\t" . 'function init() {' . "\n";
		while(plogger_has_collections()) {
			plogger_load_collection();
			// makeEditable('collection-name-".plogger_get_collection_id()."');
			$output .= "\t\t\t\tmakeEditable('collection-description-".plogger_get_collection_id()."');\n";
		}
		$output .= "\t\t\t" . '}';
		$output .= "\n\t\t" . '</script>';
	}

	plogger_init_collections(array(
		'from' => $from,
		'limit' => $limit,
		'all_collections' => 1,
		'sortby' => !empty($config['collection_sortby']) ? $config['collection_sortby'] : 'id',
		'sortdir' => !empty($config['collection_sortdir']) ? $config['collection_sortdir'] : 'ASC'
	));

	if (plogger_has_collections()) {
		$output .= "\n\t\t" . '<table style="width: 100%;" cellpadding="3" cellspacing="0">
			<col style="width: 15px;" />
			<tr class="header">
				<th class="table-header-left align-center width-15"><input name="allbox" type="checkbox" onclick="checkAll(document.getElementById(\'contentList\'));" /></th>
				<th class="table-header-middle align-left width-275">'.plog_tr('Name').'</th>
				<th class="table-header-middle align-left">'.plog_tr('Description').'</th>
				<th class="table-header-right align-center width-100">'.plog_tr('Actions').'</th>
			</tr>';
		$counter = 0;

		while(plogger_has_collections()) {
			plogger_load_collection();
			if ($counter%2 == 0) $table_row_color = 'color-1';
			else $table_row_color = 'color-2';
			$counter++;

			$id = plogger_get_collection_id();
			$text = (plogger_collection_album_count() == 1) ? plog_tr('album') : plog_tr('albums');
			$output .= "\n\t\t\t" . '<tr class="'.$table_row_color.'">';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-15"><p class="margin-5"><input type="checkbox" name="selected[]" value="'.$id.'" /></p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left width-275"><p class="margin-5"><a class="folder" href="?level=albums&id='.$id.'"><span id="collection-name-'.plogger_get_collection_id().'"><strong>'.plogger_get_collection_name().'</strong></span></a> - '.sprintf(plog_tr('%d'), plogger_collection_album_count()).' '.$text.'</p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-left vertical-top"><p class="margin-5" id="collection-description-'.plogger_get_collection_id().'">'.plogger_get_collection_description().'</p></td>';
			$output .= "\n\t\t\t\t" . '<td class="align-center width-100"><p class="margin-5"><a href="?action=edit-collection&id='.$id.'"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/edit.gif" alt="'.plog_tr('Edit').'" title="'.plog_tr('Edit').'" /></a>';
			$output .= '   <a href="?action=move-delete&selected%5B%5D='.$id.'&level=collections&delete_checked=1&';
			if (isset($_REQUEST['id'])) { $output .= 'id='.intval($_REQUEST['id']); }
			if (isset($_GET['plog_page'])) { $output .= '&plog_page='.intval($_GET['plog_page']); }
			$output .= '" onclick="return confirm(\''.plog_tr('Are you sure you want to delete this item?').'\');"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/x.gif" alt="'.plog_tr('Delete').'" title="'.plog_tr('Delete').'" /></a></p></td>';
			$output .= "\n\t\t\t" . '</tr>';
		}

		$output .= "\n\t\t\t" . '<tr class="footer">
				<td class="align-left invert-selection" colspan="7"><a href="#" onclick="checkToggle(document.getElementById(\'contentList\')); return false;">'.plog_tr('Toggle Checkbox Selection').'</a></td>
			</tr>
		</table>' . "\n";
	} else {
		$output .= "\n\n\t\t" . '<p class="actions">'.plog_tr('There are no collections yet').'.</p>' . "\n";
		$empty = true;
	}
	return $output;
}

function plog_comment_manager($id, $from, $limit) {
	global $config, $empty;
	$output = '';

	plogger_init_picture(array(
		'id' => $id,
		'from' => $from,
		'limit' => $limit
	));

	// Create javascript initiation function for editable elements
	if (plogger_picture_has_comments()) {
		$output .= "\n\t\t" . '<script type="text/javascript">';
		$output .= "\n\t\t\t" . 'Event.observe(window, \'load\', init, false);';
		$output .= "\n\t\t\t" . 'function init() {';
		while(plogger_picture_has_comments()) {
			plogger_load_comment();
			// makeEditable('picture".plogger_get_picture_id()."');
			$output .= "
				makeEditable('comment-comment-".plogger_get_comment_id()."');
				makeEditable('comment-author-".plogger_get_comment_id()."');
				makeEditable('comment-url-".plogger_get_comment_id()."');
				makeEditable('comment-email-".plogger_get_comment_id()."');";
		}
		$output .= "\n\t\t\t" . '}';
		$output .= "\n\t\t" . '</script>';
	}

	plogger_init_picture(array(
		'id' => $id,
		'from' => $from,
		'limit' => $limit
	));

	if (plogger_picture_has_comments()) {
		$output .= "\n\t\t" . '<table style="width: 100%;" cellpadding="3" cellspacing="0">
			<col style="width: 15px;" />
			<tbody>
				<tr class="header">
					<th class="table-header-left align-center width-15"><input name="allbox" type="checkbox" onclick="checkAll(document.getElementById(\'contentList\'));" /></th>
					<th class="table-header-middle align-left width-175">'.plog_tr('Author').'/'.plog_tr('Email').'/'.plog_tr('Website').'</th>
					<th class="table-header-middle align-left width-150">'.plog_tr('Date').'</th>
					<th class="table-header-middle align-left">'.plog_tr('Comment').'</th>
					<th class="table-header-right align-center width-100">'.plog_tr('Actions').'</th>
				</tr>';
		$counter = 0;

		while(plogger_picture_has_comments()) {
			plogger_load_comment();
			if ($counter%2 == 0) $table_row_color = 'color-1';
			else $table_row_color = 'color-2';
			$counter++;

			$id = plogger_get_comment_id();
			$output .= "\n\t\t\t\t" . '<tr class="'.$table_row_color.'">';
			$output .= "\n\t\t\t\t\t" .'<td class="align-center width-15"><p class="margin-5"><input type="checkbox" name="selected[]" value="'.$id.'" /></p></td>';
			$output .= "\n\t\t\t\t\t" . '<td class="align-left width-175">
						<p class="margin-5 no-margin-bottom"><strong>'.plog_tr('Author').':</strong></p>
						<p class="margin-5 no-margin-top" id="comment-author-'.$id.'">'.plogger_get_comment_author().'</p>
						<p class="margin-5 no-margin-bottom"><strong>'.plog_tr('Email').':</strong></p>
						<p class="margin-5 no-margin-top" id="comment-email-'.$id.'">'.plogger_get_comment_email().'</p>
						<p class="margin-5 no-margin-bottom"><strong>'.plog_tr('Website').':</strong></p>
						<p class="margin-5 no-margin-top" id="comment-url-'.$id.'">'.plogger_get_comment_url().'</p>
					</td>';
			$output .= "\n\t\t\t\t\t" . '<td class="align-left width-150"><p class="margin-5">'.plogger_get_comment_date('n/j/Y g:i a').'</p></td>';
			$output .= "\n\t\t\t\t\t" . '<td class="align-left vertical-top"><p class="margin-5" id="comment-comment-'.$id.'">'.plogger_get_comment_text().'</p></td>';
			$output .= "\n\t\t\t\t\t" . '<td class="align-center width-100"><p class="margin-5"><a href="?action=edit-comment&id='.$id.'"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/edit.gif" alt="'.plog_tr('Edit').'" title="'.plog_tr('Edit').'" /></a>';
		$output .= '   <a href="?action=delete-comment&id='.$id.'" onclick="return confirm(\''.plog_tr('Are you sure you want to delete this item?').'\');"><img style="display: inline;" src="'.$config['gallery_url'].'plog-admin/images/x.gif" alt="'.plog_tr('Delete').'" title="'.plog_tr('Delete').'" /></a></p></td>';
			$output .= "\n\t\t\t\t" . '</tr>';
	}

	$output .= "\n\t\t\t\t" . '<tr class="footer">
					<td class="align-left invert-selection" colspan="5"><a href="#" onclick="checkToggle(document.getElementById(\'contentList\')); return false;">'.plog_tr('Toggle Checkbox Selection').'</a></td>
				</tr>
			</tbody>
		</table>' . "\n";
	} else {
		$output .= "\n\n\t\t" . '<p class="actions">'.plog_tr('This picture has no comments.').'</p>' . "\n";
		$empty = true;
	}
	return $output;
}

function generate_ajax_picture_editing_init() {
	$output = '<script type="text/javascript">';
}

function plogger_show_server_info_link() {
	if (isset($_SESSION['plogger_logged_in'])) {
		return '<a id="show_server_info" accesskey="s" href="#" style="display: inline;" onclick="toggle(\'server-info, hide_server_info, show_server_info\');">'.plog_tr('Show server info').'</a><a id="hide_server_info" accesskey="s" href="#" style="display: none;" onclick="toggle(\'server-info, hide_server_info, show_server_info\');">'.plog_tr('Hide server info').'</a>';
	}
	return false;
}

function plogger_generate_server_info() {
	global $config;

	if (isset($_SESSION['plogger_logged_in'])) {
		$server_data = '<div id="server-info" style="display: none;">';

		$arg = explode('/', $_SERVER['SERVER_SOFTWARE']);
		$software_type = isset($arg[0]) ? $arg[0] : '';
		$software_version = isset($arg[1]) ? $arg[1] : '';
		$software_distro = isset($arg[2]) ? $arg[2] : '';

		$server_data .= "\n\t\t\t" . '<strong>'.plog_tr('Server Software').':</strong> '.$software_type.'/'.$software_version.' '.$software_distro.'<br />
			<strong>'.plog_tr('PHP Version').':</strong> '.phpversion().' ('.strtoupper(php_sapi_name()).')<br />
			<strong>'.plog_tr('MySQL Version').':</strong> '.mysqli_get_server_info($GLOBALS["PLOGGER_DBH"]).'<br />
			<strong>'.plog_tr('GD Version').':</strong>';

/* Thanks to the Pixelpost Crew for the gd_info code below */
			if(function_exists('gd_info')) {
				$gd_info1 = gd_info();
				$gd_info = $gd_info1['GD Version'];
				if($gd_info == "") {
					$gd_info = plog_tr('Not installed');
				} else if ($gd_info1['JPG Support']) {
					$gd_info .= plog_tr(' with JPEG support');
				}
			}
		// Determine the limiting setting for upload sizes
		$max_upload = intval(ini_get('upload_max_filesize'));
		$max_post = intval(ini_get('post_max_size')) * 0.75;
		$file_limit = ($max_upload < $max_post) ? $max_upload.'MB' : $max_post.'MB';

		$server_data .= ' '.$gd_info.'<br />
			<strong>'.plog_tr('Session Save Path').':</strong> '.session_save_path().'<br />
			<strong>'.plog_tr('File Upload Size Limit').':</strong> '.$file_limit.'<br />
			<strong>'.plog_tr('Temporary Memory Limit').':</strong> '.ini_get('memory_limit').'<br />
			<strong>'.plog_tr('Code Run Time Limit').':</strong> '.ini_get('max_execution_time').'s<br />';
		if (is_safe_mode()) {
			$server_data .= "\n\t\t\t" . '<strong>safe_mode enabled</strong><br />';
		}
		$server_data .= "\n\t\t" . '</div><!-- /server-info -->';

		return $server_data;
	}
	return false;
}

?>

Archive Download this file

Branches

Number of commits:
Page rendered in 0.06796s using 11 queries.