diff --git a/php/access/admin.php b/php/access/admin.php index cfd9708..8335b66 100644 --- a/php/access/admin.php +++ b/php/access/admin.php @@ -25,12 +25,14 @@ switch ($_POST['function']) { echo $album->add($_POST['title']); break; - case 'setAlbumTitle': if (isset($_POST['albumIDs'], $_POST['title'])) - echo setAlbumTitle($_POST['albumIDs'], $_POST['title']); + case 'setAlbumTitle': if (!isset($_POST['albumIDs'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumIDs']); + echo $album->setTitle($_POST['title']); break; - case 'setAlbumDescription': if (isset($_POST['albumID'], $_POST['description'])) - echo setAlbumDescription($_POST['albumID'], $_POST['description']); + case 'setAlbumDescription': if (!isset($_POST['albumID'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumID']); + echo $album->setDescription($_POST['description']); break; case 'setAlbumPublic': if (isset($_POST['albumID'])) @@ -42,8 +44,9 @@ switch ($_POST['function']) { echo setAlbumPassword($_POST['albumID'], $_POST['password']); break; - case 'deleteAlbum': if (isset($_POST['albumIDs'])) - echo deleteAlbum($_POST['albumIDs']); + case 'deleteAlbum': if (!isset($_POST['albumIDs'])) exit(); + $album = new Album($database, $plugins, $settings, $_POST['albumIDs']); + echo $album->delete($_POST['albumIDs']); break; // Photo Functions diff --git a/php/modules/Album.php b/php/modules/Album.php index d7dd5d3..c77227c 100644 --- a/php/modules/Album.php +++ b/php/modules/Album.php @@ -12,10 +12,10 @@ class Album { private $database = null; private $plugins = null; - private $settings = array(); - private $albumIDs = array(); + private $settings = null; + private $albumIDs = null; - public function __construct($database = null, $plugins = null, $settings = null, $albumIDs = array()) { + public function __construct($database, $plugins, $settings, $albumIDs) { # Init vars $this->database = $database; @@ -62,7 +62,7 @@ class Album { public function getAll($public) { - if (!isset($public)) return false; + if (!isset($this->database, $this->settings, $public)) return false; # Call plugins $this->plugins('getAll:before', func_get_args()); @@ -114,4 +114,75 @@ class Album { } + public function setTitle($title = 'Untitled') { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('setTitle:before', func_get_args()); + + # Parse + if (strlen($title)>50) $title = substr($title, 0, 50); + + # Execute query + $result = $this->database->query("UPDATE lychee_albums SET title = '$title' WHERE id IN ($this->albumIDs);"); + + # Call plugins + $this->plugins('setTitle:after', func_get_args()); + + if (!$result) return false; + return true; + + } + + public function setDescription($description = '') { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('setDescription:before', func_get_args()); + + # Parse + $description = htmlentities($description); + if (strlen($description)>1000) return false; + + # Execute query + $result = $this->database->query("UPDATE lychee_albums SET description = '$description' WHERE id IN ($this->albumIDs);"); + + # Call plugins + $this->plugins('setDescription:after', func_get_args()); + + if (!$result) return false; + return true; + + } + + public function delete($albumIDs) { + + if (!isset($this->database, $this->albumIDs)) return false; + + # Call plugins + $this->plugins('delete:before', func_get_args()); + + # Init vars + $error = false; + + # Execute query + $result = $this->database->query("SELECT id FROM lychee_photos WHERE album IN ($albumIDs);"); + + # For each album delete photo + while ($row = $result->fetch_object()) + if (!deletePhoto($row->id)) $error = true; + + # Delete albums + $result = $this->database->query("DELETE FROM lychee_albums WHERE id IN ($albumIDs);"); + + # Call plugins + $this->plugins('delete:after', func_get_args()); + + if ($error||!$result) return false; + return true; + + } + } \ No newline at end of file