diff -ru cpg149-CLEAN1/editpics.php cpg149/editpics.php
--- cpg149-CLEAN1/editpics.php	2006-10-02 15:16:08.000000000 -0400
+++ cpg149/editpics.php	2006-10-03 15:36:06.000000000 -0400
@@ -44,7 +44,7 @@
         mysql_free_result($result);
         $cat = $ALBUM_DATA['category'];
         $actual_cat = $cat;
-        if ($cat != FIRST_USER_CAT + USER_ID && !GALLERY_ADMIN_MODE) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
+        if ($cat != FIRST_USER_CAT + USER_ID && !GALLERY_ADMIN_MODE && !verify_cat_owner($cat)) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
 } else {
         $ALBUM_DATA = array();
 }
@@ -124,8 +124,7 @@
                 mysql_free_result($result);
 
                 if (!GALLERY_ADMIN_MODE) {
-                        if ($pic['category'] != FIRST_USER_CAT + USER_ID) cpg_die(ERROR, $lang_errors['perm_denied']."<br />(picture category = {$pic['category']}/ $pid)", __FILE__, __LINE__);
-                        if (!isset($user_album_set[$aid])) cpg_die(ERROR, $lang_errors['perm_denied']."<br />(target album = $aid)", __FILE__, __LINE__);
+                        if (!($pic['category'] == FIRST_USER_CAT + USER_ID || verify_cat_owner($pic['category']))) cpg_die(ERROR, $lang_errors['perm_denied']."<br />(picture category = {$pic['category']}/ $pid)", __FILE__, __LINE__);
                 }
 
                 $update  = "aid = '".$aid."'";
@@ -428,8 +427,18 @@
                 $public_albums_list = array();
         }
         mysql_free_result($public_albums);
-} else {
+} elseif (USER_ID) {
+    $public_albums = cpg_db_query("SELECT DISTINCT t1.aid, t1.title AS cat_title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category=t2.cid AND t2.owner_id=" . USER_ID . " ORDER BY title");
+
+    if (mysql_num_rows($public_albums)) {
+        $public_albums_list=cpg_db_fetch_rowset($public_albums);
+    } else {
         $public_albums_list = array();
+    }
+    mysql_free_result($public_albums);
+
+} else {
+    $public_albums_list = array();
 }
 
 get_user_albums(USER_ID);
diff -ru cpg149-CLEAN1/include/functions.inc.php cpg149/include/functions.inc.php
--- cpg149-CLEAN1/include/functions.inc.php	2006-10-02 15:22:24.000000000 -0400
+++ cpg149/include/functions.inc.php	2006-10-03 15:20:27.000000000 -0400
@@ -2999,7 +2999,10 @@
 function verify_cat_owner($cid1, $cid2=-99)
 {
     global $CONFIG;
-
+   
+    if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE))
+        return false;
+    
     $result = cpg_db_query("SELECT owner_id FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid1' || cid = '$cid2'");
     $count=mysql_num_rows($result);
     
