From 2330bb06ececee220d854883a2870a3adf17c277 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 19 Oct 2014 03:54:53 +0200 Subject: Version 4.1. Support for photo galleries and advanced caching. --- action.php | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 64 insertions(+), 1 deletion(-) (limited to 'action.php') diff --git a/action.php b/action.php index 1e70b21..e2d0098 100644 --- a/action.php +++ b/action.php @@ -12,7 +12,7 @@ if ( ! isset($_GET["task"]) || $_GET["task"] == "" ){ ob_clean(); exit; } -$cache = false; +$c->bypassCache = true; switch($_GET["task"]){ case("login"): @@ -287,6 +287,69 @@ JG Adlershof"; ob_end_flush(); exit; break; + case("gallery"): + lredirect("foto"); + if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + if ( ! isset($_POST["name"]) || $_POST["name"] == "" ){ + //print_gallery("name"); + redirect("foto"); + } + if ( ! isset($_POST["desc"]) ){ + $_POST["desc"] = ""; + } + $sql = $db->prepare("INSERT INTO " . DBPREFIX . "gallery (id, name, description, owner, restricted, time) VALUES (NULL, %s, %s, %d, %d, %d);", $_POST["name"], $_POST["desc"], $user->getUserId(), 0, time() ); + if ( $db->doQuery($sql) ){ + $c->flush2(); + redirect("foto"); + } else { + redirect("foto"); + //print_gallery("database"); + } + break; + case("editGallery"): + if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + if ( ! isset($_GET["gallery"]) || $_GET["gallery"] == "" ){ + $_GET["gallery"] = 0; + } + lredirect( "gallery;gallery=".htmlentities($_GET["gallery"]).";edit=1" ); + if ( ! isset($_POST["name"]) || $_POST["name"] == "" || ! isset($_POST["desc"]) || $_POST["desc"] == "" || $_GET["gallery"] == 0 ){ + redirect("foto"); + } + $sql = $db->prepare("UPDATE " . DBPREFIX . "gallery SET name = %s, description = %s WHERE id = %d;", $_POST["name"], $_POST["desc"], $_GET["gallery"]); + if ( $db->doQuery($sql) ){ + $c->flush2(); + redirect( "gallery&gallery=" . htmlentities($_GET["gallery"]) ); + } else { + redirect("foto"); + } + break; + case("deleteGallery"): + if ( $_SERVER['REQUEST_METHOD'] != 'POST' ){ + header($_SERVER["SERVER_PROTOCOL"] . " 405 Method Not Allowed"); + ob_clean(); + echo "Method not allowed"; + exit; + } + lredirect( "gallery;gallery=".htmlentities($_GET["gallery"]) ); + if ( ! isset($_GET["gallery"]) || $_GET["gallery"] == "" ){ + redirect( "gallery;gallery=".htmlentities($_GET["gallery"]) ); + } + rrmdir( IMAGE_PATH . $_GET["gallery"] ); + $sql = $db->prepare("DELETE FROM " . DBPREFIX . "gallery WHERE id = %d;", $_GET["gallery"]); + if ( $db->doQuery($sql) ) + $c->flush2(); + redirect("foto"); + break; default: print_404(); break; -- cgit v1.2.3