Mod: User Categories - Page 2 Mod: User Categories - Page 2
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Mod: User Categories

Started by vortac, October 03, 2006, 03:56:56 AM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

vortac

What are the errors you are getting?  I doubt there are enormous changes between .9 and .10, especially if it's strictly a security update, but I don't really know (I'm not using coppermine these days).  Patch has the ability to figure out how to patch some types of changes, and others will result in rejected hunks.  If you get a ton of rejected hunks, it may mean you are not in the correct directory, which sounds like the problems others have had.  Make sure you unzip the patch file into the directory that contains the coppermine php files (files like catmgr.php, install.php, etc), and then execute the patch command within that same directory.

- Eric

Quote from: webberz on November 20, 2006, 01:00:53 PM
This is exactly what I am looking for! I wish I can get it installed.  I can't locate version 1.4.9 only the lastest coppermine 1.4.10 and this gives errors.  I expect because the files being updated have been changed in 1.4.10.  I would use 1.4.9 instead if I can get it, even though it may have security problems.  Or can you provide a updated patch for 1.4.10.  thanks

webberz

all files had missing hunks.  I was in the correct directory.  Anyways, I found a copy of 1.4.9 and applied against that and it worked.  thanks.  Is it a small change to allow group access to categories. ie. a user can create albums within a category, can this be done for groups?

Problem. I have a group of friends and we all take pictures.  I have top categories like Parties, Birthdays, Weddings, etc.  Then I must create sub-categories for each user under each top category.  I would like to give my freinds group access to the Parties top category so anyone within that group can create sub-categories or albums under Parties ???

rongallon

How can  I use this patch if I don't have access to my webserver via ssh.  I just have ftp access.  Is there a way to patch my files.

Joachim Müller

It's not an actual patch, but a mod - it just uses the Lunix-command "patch". Although we appreciate all contributions, the thread starter has posted his hack in a format that we don't recommend, basically because it is not newbie-proof and can't be used by everyone.
However, it should be pretty easy to come up with this hack using a plain text editor - just take a look at the file provided inside the zip file. It is written in plain text.
A "minus" in front of a line means "remove this line", a "plus" in front of it means "add this line instead".

We'd like to see this mod "translated" to the regular way we usually see mods, using the syntax
Quoteedit foobar.php

findsomecodeand replace with someothercode

vortac

I didn't realize that posting the mod as a patch would be so problematic.  Since the patch file is about 750 lines and touches about 10 files, it seems like it might be impractical to post it in the format you are suggesting.  If I have some free time and there is sufficient interest maybe I'll forward port the changes into .10 and then upload the entire modified source tree for people to download.  Does this sound reasonable?

rongallon: there are some instructions covering your situation earlier in the thread.  Since my time is quite limited right now, this is probably your best bet.

- Eric

Quote from: GauGau on December 03, 2006, 12:06:50 PM
It's not an actual patch, but a mod - it just uses the Lunix-command "patch". Although we appreciate all contributions, the thread starter has posted his hack in a format that we don't recommend, basically because it is not newbie-proof and can't be used by everyone.
However, it should be pretty easy to come up with this hack using a plain text editor - just take a look at the file provided inside the zip file. It is written in plain text.
A "minus" in front of a line means "remove this line", a "plus" in front of it means "add this line instead".

We'd like to see this mod "translated" to the regular way we usually see mods, using the syntax

bennettsweb

--Interest--

I tried to patch with the windows prog, but got errors.  I will probably get around to doing it manually if someone doesn't modify the source files first.

Thanks for the mod though!

colin911

I'm super interested in this.  I just created a coppermine site tht needs this functionality to work correctly under the structure I have in mind.  But I don;t have Shell access, only FTP. 

any chances of getting this to work without shell access?


Nibbler

Edit file albmgr.php

Find:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
             alb_get_subcat_data($subcat['cid'], $ident . '   ');
         }
     }


Change to:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description, owner_id FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name'], $subcat['owner_id']);
             alb_get_subcat_data($subcat['cid'], $ident . '   ');
         }
     }



Find:

?>
<tr>
<?php
 $cat 
= isset($_GET['cat']) ? ($_GET['cat']) : 0;
 if (
$cat == 1$cat 0;
 
 if (
GALLERY_ADMIN_MODE) {
     
$result cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat ORDER BY pos ASC");
 } elseif (
USER_ADMIN_MODE) {
     
$result cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (USER_ID FIRST_USER_CAT) . " ORDER BY pos ASC");
 } else 
cpg_die(ERROR$lang_errors['perm_denied'], __FILE____LINE__);
 
$rowset cpg_db_fetch_rowset($result);
 
$i 100;


Change to:

?>
<tr>
<?php
 $cat 
= isset($_GET['cat']) ? ($_GET['cat']) : (USER_ID FIRST_USER_CAT);
 if (
$cat == 1$cat 0;
 
 if (
GALLERY_ADMIN_MODE) {
     
$result cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = $cat ORDER BY pos ASC");
 } elseif (
USER_ADMIN_MODE) {
     
$result cpg_db_query("SELECT DISTINCT t1.aid, t1.title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE ($cat> " FIRST_USER_CAT " AND t1.category = " . (USER_ID FIRST_USER_CAT) . ") OR (t1.category=$cat AND t1.category=t2.cid AND t2.owner_id=" USER_ID ") ORDER BY t1.pos ASC");
 } else 
cpg_die(ERROR$lang_errors['perm_denied'], __FILE____LINE__);
 
$rowset cpg_db_fetch_rowset($result);
 
$i 100;



Find:

                 <br />
                 <table width="300" border="0" cellspacing="0" cellpadding="0">
<?php
 
if (GALLERY_ADMIN_MODE) {
     
$CAT_LIST = array();
     
$CAT_LIST[] = array(FIRST_USER_CAT USER_ID$lang_albmgr_php['my_gallery']);
     
$CAT_LIST[] = array(0$lang_albmgr_php['no_category']);
     
alb_get_subcat_data(0'');
 
     echo <<<EOT
                 <tr>
                         <td>
                                 <b>
{$lang_albmgr_php['select_category']}</b>
                                 <select onChange="if(this.options[this.selectedIndex].value) window.location.href='
{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;"  name="cat" class="listbox">
 EOT;
     foreach(
$CAT_LIST as $category) {
         echo 
'                                <option value="' $category[0] . '"' . ($cat == $category[0] ? ' selected''') . ">" $category[1] . "</option>\n";
     }
     echo <<<EOT
                                 </select>
                                 <br /><br />
                         </td>
                 </tr>
 
 EOT;
 }
 
 
?>

                 <tr>


Change to:

                 <br />
                 <table width="300" border="0" cellspacing="0" cellpadding="0">
<?php
 
 $CAT_LIST 
= array();
 
$CAT_LIST[] = array(FIRST_USER_CAT USER_ID$lang_albmgr_php['my_gallery']);
 if (
GALLERY_ADMIN_MODE) {
     
$CAT_LIST[] = array(0$lang_albmgr_php['no_category']);
 }
 
alb_get_subcat_data(0'');
 
 echo <<<EOT
                 <tr>
                         <td>
                                 <b>
{$lang_albmgr_php['select_category']}</b>
                                 <select onChange="if(this.options[this.selectedIndex].value) window.location.href='
{$_SERVER['PHP_SELF']}?cat='+this.options[this.selectedIndex].value;"  name="cat" class="listbox">
 EOT;
 foreach(
$CAT_LIST as $category) {
     if (
GALLERY_ADMIN_MODE || $category[2] == USER_ID || $category[0] == FIRST_USER_CAT USER_ID) {
         echo 
'                                <option value="' $category[0] . '"' . ($cat == $category[0] ? ' selected''') . ">" $category[1] . "</option>\n";
     } else {
         echo 
'                                <optgroup label="' $category[1] . '"></optgroup>\n"';
     }
 }
 echo <<<EOT
                                 </select>
                                 <br /><br />
                         </td>
                 </tr>
 
 EOT;
 
 
?>

                 <tr>



Edit file catmgr.php

Find:


//ob_end_flush(); //commented out, as it doesn't seem to do anything particularly helpful

if (!GALLERY_ADMIN_MODE) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
// Fix categories that have an invalid parent
function fix_cat_table()
{


Change to:


//ob_end_flush(); //commented out, as it doesn't seem to do anything particularly helpful

if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
// Fix categories that have an invalid parent
function fix_cat_table()
{



Find:

     $sort_query = 'pos';
     }

     $sql = "SELECT cid, name, description " . "FROM {$CONFIG['TABLE_CATEGORIES']} " . "WHERE parent = '$parent' " . "ORDER BY $sort_query";
     $result = cpg_db_query($sql);

     if (($cat_count = mysql_num_rows($result)) > 0) {


Change to:

     $sort_query = 'pos';
     }

     $sql = "SELECT cid, name, description, owner_id " . "FROM {$CONFIG['TABLE_CATEGORIES']} " . "WHERE parent = '$parent' " . "ORDER BY $sort_query";
     $result = cpg_db_query($sql);

     if (($cat_count = mysql_num_rows($result)) > 0) {



Find:

                     'pos' => $pos++,
                     'prev' => $prev_cid,
                     'cat_count' => $cat_count,
                     'name' => $ident . $subcat['name']);
                 $CAT_LIST[$last_index]['next'] = $subcat['cid'];
             } else {
                 $CAT_LIST[] = array('cid' => $subcat['cid'],
                     'parent' => $parent,
                     'pos' => $pos++,
                     'cat_count' => $cat_count,
                     'name' => $ident . $subcat['name']);
             }
             $prev_cid = $subcat['cid'];


Change to:

                     'pos' => $pos++,
                     'prev' => $prev_cid,
                     'cat_count' => $cat_count,
                     'name' => $ident . $subcat['name'],
                     'owner_id' => $subcat['owner_id']);
                 $CAT_LIST[$last_index]['next'] = $subcat['cid'];
             } else {
                 $CAT_LIST[] = array('cid' => $subcat['cid'],
                     'parent' => $parent,
                     'pos' => $pos++,
                     'cat_count' => $cat_count,
                     'name' => $ident . $subcat['name'],
                     'owner_id' => $subcat['owner_id']);
             }
             $prev_cid = $subcat['cid'];



Find:


EOT;
     }
     $lb .= '                        <option value="0"' . ($highlight == 0 ? ' selected': '') . '>' . $lang_albmgr_php['no_category'] . "</option>\n";
     foreach($CAT_LIST as $category) if ($category['cid'] != 1 && $category['cid'] != $curr_cat) {
         $lb .= '                        <option value="' . $category['cid'] . '"' . ($highlight == $category['cid'] ? ' selected': '') . ">" . $category['name'] . "</option>\n";
     } elseif ($category['cid'] != 1 && $category['cid'] == $curr_cat) {
         $lb .= '                        <option value="' . $category['parent'] . '"' . ($highlight == $category['cid'] ? ' selected': '') . ">" . $category['name'] . "</option>\n";
     }

     $lb .= <<<EOT


Change to:


EOT;
     }
     
     if (GALLERY_ADMIN_MODE) {
         $lb .= '                        <option value="0"' . ($highlight == 0 ? ' selected': '') . '>' . $lang_albmgr_php['no_category'] . "</option>\n";
     } else {
         $lb .= '                        <option value="0"' . ($highlight == 0 ? ' selected': '') . '>' . $lang_albmgr_php['no_user_category'] . "</option>\n";
     }

     foreach($CAT_LIST as $category) {
         if (!(GALLERY_ADMIN_MODE || $category['owner_id'] == USER_ID)) {
             $lb .= '                        <optgroup label="' . $category['name'] .'"></optgroup>\n"';
         } elseif ($category['cid'] != 1 && $category['cid'] != $curr_cat) {
             $lb .= '                        <option value="' . $category['cid'] . '"' . ($highlight == $category['cid'] ? ' selected': '') . ">" . $category['name'] . "</option>\n";
         } elseif ($category['cid'] != 1 && $category['cid'] == $curr_cat) {
             $lb .= '                        <option value="' . $category['parent'] . '"' . ($highlight == $category['cid'] ? ' selected': '') . ">" . $category['name'] . "</option>\n";
         }
     }

     $lb .= <<<EOT



Find:

     $CAT_LIST3 = $CAT_LIST;

     foreach ($CAT_LIST3 as $key => $category) {
         echo "        <tr>\n";
         echo '                <td class="tableb" width="80%"><b>' . $category['name'] . '</b></td>' . "\n";



Change to:

     $CAT_LIST3 = $CAT_LIST;

     foreach ($CAT_LIST3 as $key => $category) {
         if (!(GALLERY_ADMIN_MODE || $category['owner_id'] == USER_ID))
             continue;

         echo "        <tr>\n";
         echo '                <td class="tableb" width="80%"><b>' . $category['name'] . '</b></td>' . "\n";




Find:

             echo '                <td class="tableb" width="4%">' . '&nbsp;' . '</td>' . "\n";
         }

         echo '                <td class="tableb" width="4%">' . '<a href="' . $_SERVER['PHP_SELF'] . '?op=editcat&amp;cid=' . $category['cid'] . '">' . '<img src="images/edit.gif" border="0" alt="" />' . '</a></td>' . "\n";
         echo '                <td class="tableb" width="4%">' . "\n" . cat_list_box($category['parent'], $category['cid']) . "\n" . '</td>' . "\n";
         echo "        </tr>\n";
     }


Change to:

             echo '                <td class="tableb" width="4%">' . '&nbsp;' . '</td>' . "\n";
         }

         echo '                <td class="tableb" width="4%">' . '<a href="' . $_SERVER['PHP_SELF'] . '?op=editcat&amp;cid=' . $category['cid'] . '&amp;owner_id=' . $category['owner_id'] . '">' . '<img src="images/edit.gif" border="0" alt="" />' . '</a></td>' . "\n";
         echo '                <td class="tableb" width="4%">' . "\n" . cat_list_box($category['parent'], $category['cid']) . "\n" . '</td>' . "\n";
         echo "        </tr>\n";
     }



Find:

         return false;
}


if (isset($_POST['update_config'])) {
     $value = $_POST['categories_alpha_sort'];


Change to:

         return false;
}

function cat_owner_box($curr_owner)
{
     global $CONFIG;

     $result = cpg_db_query("SELECT user_name, user_id FROM {$CONFIG['TABLE_USERS']} ORDER BY user_name");
     $rowset = cpg_db_fetch_rowset($result);
     $html = '    <select name="owner_id" class="listbox">' . "\n";
     $html .= '                    <option value="0">Administrator</option>' . "\n";

     foreach ($rowset as $user) {
         $html .= '                    <option value="' . $user['user_id'] . '"';
         if ($user['user_id']==$curr_owner)
             $html .= ' selected';

         $html .= '>' . $user['user_name'] . "</option>\n";
     }

     $html .= "                    </select>";
     return $html;
}

if (isset($_POST['update_config'])) {
     $value = $_POST['categories_alpha_sort'];



Find:

         $pos1 = (int)$_GET['pos1'];
         $pos2 = (int)$_GET['pos2'];

         cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET pos='$pos1' WHERE cid = '$cid1' LIMIT 1");
         cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET pos='$pos2' WHERE cid = '$cid2' LIMIT 1");
         break;


Change to:

         $pos1 = (int)$_GET['pos1'];
         $pos2 = (int)$_GET['pos2'];


         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($cid1, $cid2))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }

         cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET pos='$pos1' WHERE cid = '$cid1' LIMIT 1");
         cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET pos='$pos2' WHERE cid = '$cid2' LIMIT 1");
         break;



Find:


         $cid = (int)$_GET['cid'];
         $parent = (int)$_GET['parent'];
                 $children=array();
                 verify_children($cid, $cid);
                 if (!in_array($parent, $children)){
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='$parent', pos='-1' WHERE cid = '$cid' LIMIT 1");
                 }else{
                         cpg_die(ERROR, "You cannot move a category into its own child", __FILE__, __LINE__);
                 }
                 break;

     case 'editcat':
         if (!isset($_GET['cid'])) cpg_die(CRITICAL_ERROR, sprintf($lang_catmgr_php['miss_param'], 'editcat'), __FILE__, __LINE__);

         $cid = (int)$_GET['cid'];
         $result = cpg_db_query("SELECT cid, name, parent, description, thumb FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid' LIMIT 1");

         if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_catmgr_php['unknown_cat'], __FILE__, __LINE__);


Change to:


         $cid = (int)$_GET['cid'];
         $parent = (int)$_GET['parent'];
         
         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($cid, $parent))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }

         $children=array();
         verify_children($cid, $cid);
         if (!in_array($parent, $children)){
             cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='$parent', pos='-1' WHERE cid = '$cid' LIMIT 1");
         }else{
             cpg_die(ERROR, "You cannot move a category into its own child", __FILE__, __LINE__);
         }
         break;

     case 'editcat':
         if (!isset($_GET['cid'])) cpg_die(CRITICAL_ERROR, sprintf($lang_catmgr_php['miss_param'], 'editcat'), __FILE__, __LINE__);

         $cid = (int)$_GET['cid'];

         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($cid))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }
         $result = cpg_db_query("SELECT cid, name, parent, description, thumb FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid' LIMIT 1");

         if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_catmgr_php['unknown_cat'], __FILE__, __LINE__);



Find:



         $cid = (int)$_POST['cid'];
         $parent = (int)$_POST['parent'];
         $thumb = (int)$_POST['thumb'];
         $name = trim($_POST['name']) ? addslashes($_POST['name']) : '&lt;???&gt;';
         $description = addslashes($_POST['description']);
                 $children=array();
                 verify_children($cid, $cid);
                 if (!in_array($parent, $children)){
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='$parent', name='$name', description='$description', thumb='$thumb' WHERE cid = '$cid' LIMIT 1");
                 }else{
                         cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET name='$name', description='$description', thumb='$thumb' WHERE cid = '$cid' LIMIT 1");
                 }
         break;

     case 'createcat':


Change to:



         $cid = (int)$_POST['cid'];
         
         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($cid))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }

         $parent = (int)$_POST['parent'];
         $thumb = (int)$_POST['thumb'];
         $name = trim($_POST['name']) ? addslashes($_POST['name']) : '&lt;???&gt;';
         $description = addslashes($_POST['description']);
         $children=array();
         verify_children($cid, $cid);
         if (GALLERY_ADMIN_MODE && isset($_POST['owner_id'])){
             $owner_id=$_POST['owner_id'];
             if (!in_array($parent, $children)){
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='$parent', name='$name', description='$description', thumb='$thumb', owner_id='$owner_id' WHERE cid = '$cid' LIMIT 1");
             }else{
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET name='$name', description='$description', thumb='$thumb', owner_id='$owner_id' WHERE cid = '$cid' LIMIT 1");
             }
         } else {
             if (!in_array($parent, $children)){
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET parent='$parent', name='$name', description='$description', thumb='$thumb' WHERE cid = '$cid' LIMIT 1");
             }else{
                 cpg_db_query("UPDATE {$CONFIG['TABLE_CATEGORIES']} SET name='$name', description='$description', thumb='$thumb' WHERE cid = '$cid' LIMIT 1");
             }
         }
         break;

     case 'createcat':

Nibbler

Find:



                 $parent = (int)$_POST['parent'];
         $name = trim($_POST['name']) ? addslashes($_POST['name']) : '&lt;???&gt;';
         $description = addslashes($_POST['description']);

         cpg_db_query("INSERT INTO {$CONFIG['TABLE_CATEGORIES']} (pos, parent, name, description) VALUES ('10000', '$parent', '$name', '$description')");
         break;

     case 'deletecat':


Change to:



                 $parent = (int)$_POST['parent'];
         
         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($parent))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }

         $name = trim($_POST['name']) ? addslashes($_POST['name']) : '&lt;???&gt;';
         $description = addslashes($_POST['description']);

         $query = "INSERT INTO {$CONFIG['TABLE_CATEGORIES']} (pos, parent, name, description, owner_id) VALUES ('10000', '$parent', '$name', '$description', ";
         if (GALLERY_ADMIN_MODE && isset($_POST['owner_id']))
             cpg_db_query($query . "{$_POST['owner_id']})");
         else
             cpg_db_query($query . USER_ID . ")");
         break;

     case 'deletecat':



Find:


         $cid = (int)$_GET['cid'];

         $result = cpg_db_query("SELECT parent FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid' LIMIT 1");
         if ($cid == 1) cpg_die(ERROR, $lang_catmgr_php['usergal_cat_ro'], __FILE__, __LINE__);
         if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_catmgr_php['unknown_cat'], __FILE__, __LINE__);


Change to:


         $cid = (int)$_GET['cid'];

         if (!(GALLERY_ADMIN_MODE || verify_cat_owner($cid))) {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
             break;
         }

         $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='$cid'");
         if (mysql_num_rows($result)) {
             cpg_die(ERROR, $lang_catmgr_php['cat_not_empty'], __FILE__, __LINE__);
             break;
         }

         $result = cpg_db_query("SELECT parent FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid' LIMIT 1");
         if ($cid == 1) cpg_die(ERROR, $lang_catmgr_php['usergal_cat_ro'], __FILE__, __LINE__);
         if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_catmgr_php['unknown_cat'], __FILE__, __LINE__);



Find:


starttable('100%', $lang_catmgr_php['update_create'], 2);
$lb = cat_list_box($current_category['parent'], $current_category['cid'], false);
$op = $current_category['cid'] ? 'updatecat' : 'createcat';
if ($CONFIG['show_bbcode_help']) {$description_help .= '&nbsp;'. cpg_display_help('f=index.html&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&amp;t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
echo <<<EOT


Change to:


starttable('100%', $lang_catmgr_php['update_create'], 2);
$lb = cat_list_box($current_category['parent'], $current_category['cid'], false);
$owner_box=cat_owner_box($owner_id);
$op = $current_category['cid'] ? 'updatecat' : 'createcat';
if ($CONFIG['show_bbcode_help']) {$description_help .= '&nbsp;'. cpg_display_help('f=index.html&amp;base=64&amp;h='.urlencode(base64_encode(serialize($lang_bbcode_help_title))).'&amp;t='.urlencode(base64_encode(serialize($lang_bbcode_help))),470,245);}
echo <<<EOT



Find:

                 $lb
                 </td>
         </tr>
         <tr>
             <td width="40%" class="tableb">
                         {$lang_catmgr_php['cat_title']}


Change to:

                 $lb
                 </td>
         </tr>
EOT;
if (GALLERY_ADMIN_MODE) {
     echo <<<EOT
         <input type="hidden" name="owner_id" />
         <tr>
             <td width="40%" class="tableb">
                         {$lang_catmgr_php['cat_owner']}
         </td>
         <td width="60%" class="tableb" valign="top">
                 $owner_box
                 </td>
         </tr>
EOT;
}
       
echo <<<EOT
         <tr>
             <td width="40%" class="tableb">
                         {$lang_catmgr_php['cat_title']}



Edit file db_input.php

Find:


         if (GALLERY_ADMIN_MODE) {
             $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET title='$title', description='$description', category='$category', thumb='$thumb', uploads='$uploads', comments='$comments', votes='$votes', visibility='$visibility', alb_password='$password', alb_password_hint='$password_hint', keyword='$keyword' WHERE aid='$aid' LIMIT 1";
         } else {
             $category = FIRST_USER_CAT + USER_ID;
             $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET title='$title', description='$description', thumb='$thumb',  comments='$comments', votes='$votes', visibility='$visibility', alb_password='$password', alb_password_hint='$password_hint',keyword='$keyword' WHERE aid='$aid' AND category='$category' LIMIT 1";
         }

         $update = cpg_db_query($query);


Change to:


         if (GALLERY_ADMIN_MODE) {
             $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET title='$title', description='$description', category='$category', thumb='$thumb', uploads='$uploads', comments='$comments', votes='$votes', visibility='$visibility', alb_password='$password', alb_password_hint='$password_hint', keyword='$keyword' WHERE aid='$aid' LIMIT 1";
         } else if (verify_cat_owner($category) || $category == FIRST_USER_CAT + USER_ID) {
             $query = "UPDATE {$CONFIG['TABLE_ALBUMS']} SET title='$title', description='$description', category='$category', thumb='$thumb',  comments='$comments', votes='$votes', visibility='$visibility', alb_password='$password', alb_password_hint='$password_hint',keyword='$keyword' WHERE aid='$aid' LIMIT 1";
         } else {
             cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
         }

         $update = cpg_db_query($query);



Edit file delete.php

Find:

     $album_data = mysql_fetch_array($result);

     if (!GALLERY_ADMIN_MODE) {
         if ($album_data['category'] != FIRST_USER_CAT + USER_ID) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
     }

     $query = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='$aid'";


Change to:

     $album_data = mysql_fetch_array($result);

     if (!GALLERY_ADMIN_MODE) {
         $category=$album_data['category'];
         if (!(verify_cat_owner($category) || $category == FIRST_USER_CAT + USER_ID)) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
     }

     $query = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='$aid'";



Find:

                 case '0':
                     break;
                 case '1':
                     if (GALLERY_ADMIN_MODE) {
                         $category = (int)$_POST['cat'];
                     } else {
                         $category = FIRST_USER_CAT + USER_ID;
                     }
                     echo "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['create_alb'], $op['album_nm']) . "</td></tr>\n";
                     $query = "INSERT INTO {$CONFIG['TABLE_ALBUMS']} (category, title, uploads, pos) VALUES ('$category', '" . addslashes($op['album_nm']) . "', 'NO',  '{$op['album_sort']}')";
                     cpg_db_query($query);
                     break;
                 case '2':
                     echo "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['update_alb'], $op['album_no'], $op['album_nm'], $op['album_sort']) . "</td></tr>\n";
                     $query = "UPDATE $CONFIG[TABLE_ALBUMS] SET title='" . addslashes($op['album_nm']) . "', pos='{$op['album_sort']}' WHERE aid='{$op['album_no']}' $restrict LIMIT 1";
                     cpg_db_query($query);
                     break;
                 default:


Change to:

                 case '0':
                     break;
                 case '1':
                     $category = (int)$_POST['cat'];
                     if (!(GALLERY_ADMIN_MODE
                           || verify_cat_owner($category)
                           || ($category == FIRST_USER_CAT + USER_ID))) {
                         cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
                         break;
                     }
                     echo "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['create_alb'], $op['album_nm']) . "</td></tr>\n";
                     $query = "INSERT INTO {$CONFIG['TABLE_ALBUMS']} (category, title, uploads, pos) VALUES ('$category', '" . addslashes($op['album_nm']) . "', 'NO',  '{$op['album_sort']}')";
                     cpg_db_query($query);
                     break;
                 case '2':
                     $category = (int)$_POST['cat'];
                     if (!(GALLERY_ADMIN_MODE
                           || verify_cat_owner($category)
                           || ($category == FIRST_USER_CAT + USER_ID))) {
                         cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
                         break;
                     }
                     echo "<tr><td colspan=\"6\" class=\"tableb\">" . sprintf($lang_delete_php['update_alb'], $op['album_no'], $op['album_nm'], $op['album_sort']) . "</td></tr>\n";
                     $query = "UPDATE $CONFIG[TABLE_ALBUMS] SET title='" . addslashes($op['album_nm']) . "', pos='{$op['album_sort']}' WHERE aid='{$op['album_no']}' LIMIT 1";
                     cpg_db_query($query);
                     break;
                 default:



Edit file include/functions.inc.php

Find:

   $query = "DELETE FROM {$CONFIG['TABLE_VOTE_STATS']} WHERE $clause";
   cpg_db_query($query);
}
?>


Change to:

   $query = "DELETE FROM {$CONFIG['TABLE_VOTE_STATS']} WHERE $clause";
   cpg_db_query($query);
}

function verify_cat_owner($cid1, $cid2=-99)
{
     global $CONFIG;

     $result = cpg_db_query("SELECT owner_id FROM {$CONFIG['TABLE_CATEGORIES']} WHERE cid = '$cid1' || cid = '$cid2'");
     $count=mysql_num_rows($result);
     
     if(!$count) {
         return false;
     } else if (($cid2 >= 0) && ($count != 2)) {
         return false;
     }
     
     while($row=cpg_db_fetch_row($result)) {
         if ($row["owner_id"]!=USER_ID) {
             return false;
         }
     }

     return true;
}

?>



Edit file index.php

Find:

             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['link_pic_count'] = $link_pic_count;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 ) ? sprintf(", {$lang_list_albums['n_link_pictures']},  {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT)) ? html_albummenu($alb_thumb['aid']) : ' ';
         } elseif ($CONFIG['show_private']) { // uncomment this else block to show private album description
             $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
             $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;


Change to:

             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['link_pic_count'] = $link_pic_count;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 ) ? sprintf(", {$lang_list_albums['n_link_pictures']},  {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT) || verify_cat_owner($cat)) ? html_albummenu($alb_thumb['aid']) : ' ';
         } elseif ($CONFIG['show_private']) { // uncomment this else block to show private album description
             $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
             $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;



Find:

             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['link_pic_count'] = $link_pic_count;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 ) ? sprintf(", {$lang_list_albums['n_link_pictures']},   {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT)) ? html_albummenu($alb_thumb['aid']) : ' ';
         }
     }



Change to:

             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['link_pic_count'] = $link_pic_count;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 ) ? sprintf(", {$lang_list_albums['n_link_pictures']},   {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT) || verify_cat_owner($cat)) ? html_albummenu($alb_thumb['aid']) : ' ';
         }
     }




Find:

             $alb_list[$alb_idx]['pic_count'] = $count;
             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0)  ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT)) ? html_albummenu($alb_thumb['aid']) : '';
         } elseif ($CONFIG['show_private']) { // uncomment this else block to show private album description
             $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
             $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;


Change to:

             $alb_list[$alb_idx]['pic_count'] = $count;
             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0)  ? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT) || verify_cat_owner($cat)) ? html_albummenu($alb_thumb['aid']) : '';
         } elseif ($CONFIG['show_private']) { // uncomment this else block to show private album description
             $last_upload_date = $count ? localised_date($alb_stat['last_upload'], $lastup_date_fmt) : '';
             $link_pic_count = !empty($alb_stat['link_pic_count']) ? $alb_stat['link_pic_count'] : 0;



Find:

             $alb_list[$alb_idx]['pic_count'] = $count;
             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 )? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT)) ? html_albummenu($alb_thumb['aid']) : '';
         }
     }
     ob_start();


Change to:

             $alb_list[$alb_idx]['pic_count'] = $count;
             $alb_list[$alb_idx]['last_upl'] = $last_upload_date;
             $alb_list[$alb_idx]['album_info'] = sprintf($lang_list_albums['n_pictures'], $count) . ($count ? sprintf($lang_list_albums['last_added'], $last_upload_date) : "") . (($CONFIG['link_pic_count'] && $link_pic_count > 0 )? sprintf(", {$lang_list_albums['n_link_pictures']}, {$lang_list_albums['total_pictures']}", $link_pic_count, $count + $link_pic_count) : "");
             $alb_list[$alb_idx]['album_adm_menu'] = (GALLERY_ADMIN_MODE || (USER_ADMIN_MODE && $cat == USER_ID + FIRST_USER_CAT) || verify_cat_owner($cat)) ? html_albummenu($alb_thumb['aid']) : '';
         }
     }
     ob_start();

Nibbler

Edit file lang/english.php


Find:

   'alb_mrg' => 'Album Manager',
   'my_gallery' => '* My gallery *',
   'no_category' => '* No category *',
   'delete' => 'Delete',
   'new' => 'New',
   'apply_modifs' => 'Apply modifications',


Change to:

   'alb_mrg' => 'Album Manager',
   'my_gallery' => '* My gallery *',
   'no_category' => '* No category *',
   'no_user_category' => '* Click to Choose *',
   'delete' => 'Delete',
   'new' => 'New',
   'apply_modifs' => 'Apply modifications',



Find:

   'miss_param' => 'Parameters required for \'%s\'operation not supplied !',
   'unknown_cat' => 'Selected category does not exist in database',
   'usergal_cat_ro' => 'User galleries category can\'t be deleted !',
   'manage_cat' => 'Manage categories',
   'confirm_delete' => 'Are you sure you want to DELETE this category', //js-alert
   'category' => 'Category',


Change to:

   'miss_param' => 'Parameters required for \'%s\'operation not supplied !',
   'unknown_cat' => 'Selected category does not exist in database',
   'usergal_cat_ro' => 'User galleries category can\'t be deleted !',
   'cat_not_empty' => 'Category not empty (still contains albums)',
   'manage_cat' => 'Manage categories',
   'confirm_delete' => 'Are you sure you want to DELETE this category', //js-alert
   'category' => 'Category',



Find:

   'cat_title' => 'Category title',
   'cat_thumb' => 'Category thumbnail',
   'cat_desc' => 'Category description',
   'categories_alpha_sort' => 'Sort categories alphabetically (instead of custom sort order)', //cpg1.4
   'save_cfg' => 'Save configuration', //cpg1.4
);


Change to:

   'cat_title' => 'Category title',
   'cat_thumb' => 'Category thumbnail',
   'cat_desc' => 'Category description',
   'cat_owner' => 'Category owner',
   'categories_alpha_sort' => 'Sort categories alphabetically (instead of custom sort order)', //cpg1.4
   'save_cfg' => 'Save configuration', //cpg1.4
);



Find:

   'can_post_comments' => 'Visitors can post comments',
   'can_rate' => 'Visitors can rate files',
   'user_gal' => 'User Gallery',
   'no_cat' => '* No category *',
   'alb_empty' => 'Album is empty',
   'last_uploaded' => 'Last uploaded',


Change to:

   'can_post_comments' => 'Visitors can post comments',
   'can_rate' => 'Visitors can rate files',
   'user_gal' => 'User Gallery',
   'my_gallery' => '* My gallery *',
   'no_cat' => '* No category *',
   'alb_empty' => 'Album is empty',
   'last_uploaded' => 'Last uploaded',



Edit file modifyalb.php

Find:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
             get_subcat_data($subcat['cid'], $ident . '&nbsp;&nbsp;&nbsp;');
         }
     }


Change to:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description, owner_id FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name'], $subcat['owner_id']);
             get_subcat_data($subcat['cid'], $ident . '&nbsp;&nbsp;&nbsp;');
         }
     }



Find:

{
     global $ALBUM_DATA, $CAT_LIST, $USER_DATA, $lang_modifyalb_php;

     if (!GALLERY_ADMIN_MODE || $ALBUM_DATA['category'] > FIRST_USER_CAT) {
         echo <<<EOT
         <tr>
             <td class="tableb">
                         $text
         </td>
         <td class="tableb" valign="top">
                         <i>{$lang_modifyalb_php['user_gal']}</i>
                         <input type="hidden" name="$name" value="{$ALBUM_DATA['category']}" />
                 </td>

EOT;
         return;
     }

     $CAT_LIST = array();
     $CAT_LIST[] = array(0, $lang_modifyalb_php['no_cat']);
     get_subcat_data(0, '');

     echo <<<EOT


Change to:

{
     global $ALBUM_DATA, $CAT_LIST, $USER_DATA, $lang_modifyalb_php;

     $CAT_LIST = array();
     if (GALLERY_ADMIN_MODE)
         $CAT_LIST[] = array(0, $lang_modifyalb_php['no_cat']);
     
     $CAT_LIST[] = array(FIRST_USER_CAT + USER_ID, $lang_modifyalb_php['my_gallery']);
     
     get_subcat_data(0, '');

     echo <<<EOT



Find:

                         <select name="$name" class="listbox">
EOT;
     foreach($CAT_LIST as $category) {
         echo '                                <option value="' . $category[0] . '"' . ($ALBUM_DATA['category'] == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
     }
     echo <<<EOT
                         </select>


Change to:

                         <select name="$name" class="listbox">
EOT;
     foreach($CAT_LIST as $category) {
         if (GALLERY_ADMIN_MODE || $category[2] == USER_ID || $category[0] == FIRST_USER_CAT + USER_ID) {
             echo '                                <option value="' . $category[0] . '"' . ($ALBUM_DATA['category'] == $category[0] ? ' selected': '') . ">" . $category[1] . "</option>\n";
         } else {
             echo '                                <optgroup label="' . $category[1] . '"></optgroup>\n"';
         }
     }
     echo <<<EOT
                         </select>



Find:

         while ($row = mysql_fetch_array($result)) $rowset[] = $row;
         mysql_free_result($result);
     } else {
         $result = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = '" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
         $rowset = cpg_db_fetch_rowset($result);
         mysql_free_result($result);
     }


Change to:

         while ($row = mysql_fetch_array($result)) $rowset[] = $row;
         mysql_free_result($result);
     } else {
         $result = cpg_db_query("SELECT DISTINCT t1.aid, t1.title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ") ORDER BY t1.title ASC");
         $rowset = cpg_db_fetch_rowset($result);
         mysql_free_result($result);
     }



Find:

     if (GALLERY_ADMIN_MODE) {
         $results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_ALBUMS']} WHERE 1 LIMIT 1");
     } else {
         $results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " LIMIT 1");
     }
     if (mysql_num_rows($results) == 0) cpg_die(ERROR, $lang_modifyalb_php['err_no_alb_to_modify'], __FILE__, __LINE__);
     $ALBUM_DATA = mysql_fetch_array($results);


Change to:

     if (GALLERY_ADMIN_MODE) {
         $results = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_ALBUMS']} WHERE 1 LIMIT 1");
     } else {
         $results = cpg_db_query("SELECT DISTINCT t1.* FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ") ORDER BY t1.title ASC");
     }
     if (mysql_num_rows($results) == 0) cpg_die(ERROR, $lang_modifyalb_php['err_no_alb_to_modify'], __FILE__, __LINE__);
     $ALBUM_DATA = mysql_fetch_array($results);



Find:

$cat = $ALBUM_DATA['category'];
$actual_cat = $cat;

if (!GALLERY_ADMIN_MODE && $ALBUM_DATA['category'] != FIRST_USER_CAT + USER_ID) {
     cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}



Change to:

$cat = $ALBUM_DATA['category'];
$actual_cat = $cat;

if (!(GALLERY_ADMIN_MODE || $ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID || verify_cat_owner($ALBUM_DATA['category']))) {
     cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}




Edit file picmgr.php

Find:

//                $sql = "SELECT aid, CONCAT('(', user_name, ') ', title) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_USERS']} AS u ON category = (" . FIRST_USER_CAT . " + user_id)";
                 $sql = $cpg_udb->get_admin_album_list();  //it's always bridged so we no longer need to check.
             } else {
                 $sql = "SELECT aid, title AS title FROM {$CONFIG['TABLE_ALBUMS']}  WHERE category = " . (FIRST_USER_CAT + USER_ID);
             }
//       }
         $result = cpg_db_query($sql);


Change to:

//                $sql = "SELECT aid, CONCAT('(', user_name, ') ', title) AS title " . "FROM {$CONFIG['TABLE_ALBUMS']} AS a " . "INNER JOIN {$CONFIG['TABLE_USERS']} AS u ON category = (" . FIRST_USER_CAT . " + user_id)";
                 $sql = $cpg_udb->get_admin_album_list();  //it's always bridged so we no longer need to check.
             } else {
                 $sql = "SELECT DISTINCT t1.aid, t1.title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ")";
             }
//       }
         $result = cpg_db_query($sql);



Edit file upload.php

Find:

// Get public and private albums, and set maximum individual file size.

if (GALLERY_ADMIN_MODE) {
     $public_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < " . FIRST_USER_CAT . " ORDER BY title");
} else {
$public_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < " . FIRST_USER_CAT . " AND uploads='YES' AND (visibility = '0' OR visibility IN ".USER_GROUP_SET.") ORDER BY title");
}
if (mysql_num_rows($public_albums)) {
     $public_albums_list = cpg_db_fetch_rowset($public_albums);
} else {
     $public_albums_list = array();
}

if (USER_ID) {
     $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
     if (mysql_num_rows($user_albums)) {
         $user_albums_list = cpg_db_fetch_rowset($user_albums);
     } else {
         $user_albums_list = array();
     }
} else {
     $user_albums_list = array();
}

if (!count($public_albums_list) && !count($user_albums_list)) {
     cpg_die (ERROR, $lang_upload_php['err_no_alb_uploadables'], __FILE__, __LINE__);
}


Change to:

// Get public and private albums, and set maximum individual file size.

if (GALLERY_ADMIN_MODE) {
     $public_albums_q1 = "SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < " . FIRST_USER_CAT;
} else {
     $public_albums_q1 = "SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category < " . FIRST_USER_CAT . " AND uploads='YES' AND (visibility = '0' OR visibility IN ".USER_GROUP_SET.") ";
}

if (USER_ID) {
     $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
     $public_albums = cpg_db_query($public_albums_q1 . " UNION SELECT t1.aid, t1.title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ") ORDER BY title");
     if (mysql_num_rows($user_albums)) {
         $user_albums_list = cpg_db_fetch_rowset($user_albums);
     } else {
         $user_albums_list = array();
     }
} else {
     $public_albums = cpg_db_query($public_albums_q1 . " ORDER BY title");
     $user_albums_list = array();
}

if (mysql_num_rows($public_albums)) {
     $public_albums_list = cpg_db_fetch_rowset($public_albums);
} else {
     $public_albums_list = array();
}

if (!count($public_albums_list) && !count($user_albums_list)) {
     cpg_die (ERROR, $lang_upload_php['err_no_alb_uploadables'], __FILE__, __LINE__);
}



Find:


         // Check if the album id provided is valid
         if (!GALLERY_ADMIN_MODE) {
             $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='$album' and (uploads = 'YES' OR category = '" . (USER_ID + FIRST_USER_CAT) . "')");
             if (mysql_num_rows($result) == 0)cpg_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
             $row = mysql_fetch_array($result);
             mysql_free_result($result);


Change to:


         // Check if the album id provided is valid
         if (!GALLERY_ADMIN_MODE) {
             $result = cpg_db_query("SELECT DISTINCT t1.category FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.aid='$album' AND (t1.uploads = 'YES' OR t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . "))");
             if (mysql_num_rows($result) == 0)cpg_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
             $row = mysql_fetch_array($result);
             mysql_free_result($result);



Edit file xp_publish.php

Find:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name']);
             get_subcat_data($subcat['cid'], $ident . '&nbsp;&nbsp;&nbsp;');
         }
     }


Change to:

{
     global $CONFIG, $CAT_LIST;

     $result = cpg_db_query("SELECT cid, name, description, owner_id FROM {$CONFIG['TABLE_CATEGORIES']} WHERE parent = '$parent' AND cid != 1 ORDER BY pos");
     if (mysql_num_rows($result) > 0) {
         $rowset = cpg_db_fetch_rowset($result);
         foreach ($rowset as $subcat) {
             $CAT_LIST[] = array($subcat['cid'], $ident . $subcat['name'], $subcat['owner_id']);
             get_subcat_data($subcat['cid'], $ident . '&nbsp;&nbsp;&nbsp;');
         }
     }



Find:

     }

     if (USER_ID) {
         $user_albums = cpg_db_query("SELECT aid, title FROM {$CONFIG['TABLE_ALBUMS']} WHERE category='" . (FIRST_USER_CAT + USER_ID) . "' ORDER BY title");
         if (mysql_num_rows($user_albums)) {
             $user_albums_list = cpg_db_fetch_rowset($user_albums);
         } else {


Change to:

     }

     if (USER_ID) {
         $user_albums = cpg_db_query("SELECT DISTINCT t1.aid, t1.title FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ") ORDER BY t1.pos ASC");
         if (mysql_num_rows($user_albums)) {
             $user_albums_list = cpg_db_fetch_rowset($user_albums);
         } else {



Find:


     $html = "\n";
     foreach($CAT_LIST as $category) {
         $html .= '                        <option value="' . $category[0] . '">' . $category[1] . "</option>\n";
     }

     return $html;


Change to:


     $html = "\n";
     foreach($CAT_LIST as $category) {
         if (GALLERY_ADMIN_MODE || $category[2] == USER_ID || $category[0] == FIRST_USER_CAT + USER_ID) {
             $html .= '                        <option value="' . $category[0] . '">' . $category[1] . "</option>\n";
         } else {
             $html .= '                        <optgroup label="' . $category[1] . '"></optgroup>\n"';
         }
     }

     return $html;



Find:

         template_extract_block($template_select_album, 'no_album');
         template_extract_block($template_select_album, 'existing_albums');

         if (!USER_IS_ADMIN) template_extract_block($template_select_album, 'select_category');

         $params = array('{WELCOME}' => sprintf($lang_xp_publish_php['welcome'], USER_NAME),
             '{CREATE_NEW}' => $lang_xp_publish_php['create_new'],


Change to:

         template_extract_block($template_select_album, 'no_album');
         template_extract_block($template_select_album, 'existing_albums');


         $params = array('{WELCOME}' => sprintf($lang_xp_publish_php['welcome'], USER_NAME),
             '{CREATE_NEW}' => $lang_xp_publish_php['create_new'],



Find:

     } else {
         template_extract_block($template_select_album, 'no_album');

         if (!USER_IS_ADMIN) template_extract_block($template_select_album, 'select_category');

         $params = array('{WELCOME}' => sprintf($lang_xp_publish_php['welcome'], USER_NAME),
             '{UPLOAD}' => $lang_xp_publish_php['upload'],


Change to:

     } else {
         template_extract_block($template_select_album, 'no_album');


         $params = array('{WELCOME}' => sprintf($lang_xp_publish_php['welcome'], USER_NAME),
             '{UPLOAD}' => $lang_xp_publish_php['upload'],



Find:


     if (!(USER_CAN_CREATE_ALBUMS || USER_IS_ADMIN)) simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);

     if (USER_IS_ADMIN) {
         $category = (int)$_POST['cat'];
     } else {
         $category = FIRST_USER_CAT + USER_ID;
     }


Change to:


     if (!(USER_CAN_CREATE_ALBUMS || USER_IS_ADMIN)) simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);

     $cat = (int)$_POST['cat'];
     if (USER_IS_ADMIN) {
         $category = $cat;
     } else if (verify_cat_owner($cat)) {
         $category = $cat;
     } else {
         $category = FIRST_USER_CAT + USER_ID;
     }

Nibbler

Find:

     $position = 0;
     // Check if the album id provided is valid
     if (!USER_IS_ADMIN) {
         $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='$album' and category = '" . (USER_ID + FIRST_USER_CAT) . "'");
         if (mysql_num_rows($result) == 0) simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
         $row = mysql_fetch_array($result);
         mysql_free_result($result);


Change to:

     $position = 0;
     // Check if the album id provided is valid
     if (!USER_IS_ADMIN) {
         $result = cpg_db_query("SELECT DISTINCT t1.category FROM {$CONFIG['TABLE_ALBUMS']} t1, {$CONFIG['TABLE_CATEGORIES']} t2 WHERE t1.category = " . (USER_ID + FIRST_USER_CAT) . " OR (t1.category=t2.cid AND t2.owner_id=" . USER_ID . ") ORDER BY t1.pos ASC");
         if (mysql_num_rows($result) == 0) simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
         $row = mysql_fetch_array($result);
         mysql_free_result($result);

Nibbler


colin911

WOW!  Coool.  NIbbler.  Before I do all this I want to confirm that doing this should be what i need to do to modify the existing PHP files to have this work without shell access?

Or did you answer another post?

If the former is correct, I can work on base php files for version 1.4.10 and if it works I can post the changed files for others to donwload.

FYI:I'm not a coder, by any means, but I can find and replace!

Nibbler

Yeah, I just converted the instructions from a patch file to manual instructions. You don't need shell access.

colin911

Thanks.  I'll post my results.

Little_rU

Here is my patched version 1.4.10.

colin911

Is it a clean CPG? Or did you already have some plugins or mods or something in there>

Little_rU

Quote from: colin911 on January 30, 2007, 02:27:36 PM
Is it a clean CPG

Yes, just downloaded 1.4.10 and applied the patches.

colin911

OK, I tired it on the following system:  V1.4.10, with Stramm mod pack, full size photo access control, Jupload v2 and, top level users v1.0.

Get the following error when acessing albums in admin mode:
QuoteParse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/content/b/v/i/bviguides/html/Domains/Surfpic/gallery/albmgr.php on line 741

and get same error when acessing Create / order my albums in non admin but logged in as a user:
QuoteParse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/content/b/v/i/bviguides/html/Domains/Surfpic/gallery/albmgr.php on line 741

and get similar error when acessing "modify my albums":
QuoteParse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/content/b/v/i/bviguides/html/Domains/Surfpic/gallery/modifyalb.php on line 151

I'm going to triple check my copy and paste for those 2 php files but i'm quite sure I did it correctly.

Since I;m not a coder and can only follow directions, any ideas on what this error means?


Nibbler

It means there is an error in the syntax. Normally this is caused by a typo, missing bracket etc.