<?php
include("head.php");
$pmid = $_GET["pmid"];
$id = $_GET["id"];
$did = $_GET["did"];
$vit = $_GET["vit"];
$who = $_GET["who"];
$unick = getnick_uid($who);
if($who==""){
$sname = "";
}else{
$sname = "$unick`s";
}
//////////////////////////////////////////
if($action=="add")
{
addonline(getuid_sid($sid),"Adding New Album","");
echo "<div><br/>Add New Album!<br/></div>";
echo "<p align=\"center\">";
$who = $_GET["who"];
$unick = getnick_uid($who);
$name = $_POST["name"];
$logo = $_POST["logo"];
$cmt = $_POST["cmt"];
$time = time();
if($name=="")
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error: No Name</b><br/>";
}
else if($cmt=="")
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error: No Description!</b><br/>";
}else{
mysql_query("INSERT INTO ibwf_albums SET uid='".$uid."', name='".$name."', logo='".$logo."', cmt='".$cmt."', time='".$time."'");
$nick = getnick_uid($uid);
//$msg = "Hey $nick, Dunno What This is about :rofl!";
//autopm($msg, $uid);
echo "<img src=\"images/ok.gif\" alt=\"O\"/><br/>";
echo "<b>Album Added Successfully!</b><br/>";
$aid = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_albums WHERE name='".$name."' AND uid='".$uid."'"));
echo "<a href=\"album.php?action=ver&id=$aid[0]\">To Album</a><br/>";
}
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////
else if($action=="new")
{
addonline(getuid_sid($sid),"Adding New Album","");
echo "<div><br/>Add New Album!<br/></div>";
echo "<form action=\"album.php?action=add\" method=\"post\">";
$nick = getnick_uid($uid);
echo "Name Of Album:<br/> <input name=\"name\" value=\"$nick\" size=\"12\" maxlength=\"50\"/><br/>";
echo "Logo:<br/> <input name=\"logo\" value=\"/images/logo.gif\" size=\"12\" maxlength=\"300\"/><br/>";
echo "Description:<br/> <input name=\"cmt\" size=\"12\" maxlength=\"300\"/><br/>";
echo "<input type=\"submit\" value=\"Create\"/>";
echo "</form>";
echo "<p align=\"center\">";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////
else if($action=="cmt")
{
addonline(getuid_sid($sid),"Album Comments","");
echo "<div><br/>Album Comments<br/></div>";
if($page=="" || $page<=0)$page=1;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albumcom WHERE did='".$did."'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
$sql = "
SELECT id, uid, did, texto, cor, time FROM ibwf_albumcom WHERE did='".$did."' ORDER BY id DESC
LIMIT $limit_start, $items_per_page
";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
$nick = getnick_uid($item[1]);
$text = parsepm($item[3], $sid,left,$item[1]);
$tmstamp = $item[5];
$tmdt = date("d m Y - H:i:s", $tmstamp);
$lnk = "<font color=\"$item[4]\"><a href=\"index.php?action=viewuser&who=$item[1]\">$nick</a></font>:$text<br/>$tmdt";
if(candelcmta($uid, $item[0]))
{
$dlnk = "<a href=\"album.php?action=del4&vit=$item[0]&did=$item[2]&who=$who\">[x]</a>";
}
echo "$lnk $dlnk<br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
if($page > 1){
$prev = ($page - 1);
echo "<a href=\"album.php?page=$prev&did=$did&action=cmt&who=$who\">Previous</a> ";
}
if($page < $num_pages){
$next = ($page + 1);
echo "<a href=\"album.php?page=$next&did=$did&action=cmt&who=$who\">Next</a><br/>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
echo "<center>";
$rets = "<form action=\"album.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"did\" value=\"$did\">";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
echo "</center>";
echo "<p align=\"center\">";
}
}else{
echo "<b>No Comments In This Album!</b><br/>";
}
echo "<br/><a href=\"album.php?action=cmt2&did=$did&who=$who\">Add Comment</a><br/>";
echo "<a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////
else if($action=="cmt2")
{
addonline(getuid_sid($sid),"Commenting On Album","");
echo "<div><br/>Comment On Album<br/></div>";
echo "<form action=\"album.php?sid=$sid&action=cmt3&did=$did&who=$who\" method=\"post\">";
echo "<b>Type Your Comment</b><br/>";
echo "Text:<br/> <input name=\"texto\" size=\"12\" maxlength=\"250\"/><br/>";
echo "Nick Colour:<br/><select name=\"cor\">";
echo "<option value=\"black\">preto</option>";
echo "<option value=\"blue\">azul</option>";
echo "<option value=\"red\">vermelho</option>";
echo "<option value=\"green\">verde</option>";
echo "<option value=\"yellow\">amarelo</option>";
echo "<option value=\"orange\">laranja</option>";
echo "<option value=\"pink\">rosa</option>";
echo "<option value=\"purple\">roxo</option>";
echo "<option value=\"silver\">prata</option>";
echo "</select><br/>";
echo "<input type=\"submit\" value=\"Send\"/>";
echo "</form><br/>";
echo "<p align=\"center\">";
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////
else if($action=="cmt3")
{
addonline(getuid_sid($sid),"Commenting On Album","");
echo "<div><br/>Comment On Album<br/></div>";
echo "<p align=\"center\">";
$texto = $_POST["texto"];
$cor = $_POST["cor"];
if($texto=="")
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error: No Text!</b><br/>";
}else{
$time = time();
mysql_query("INSERT INTO ibwf_albumcom SET uid='".$uid."', did='".$did."', texto='".$texto."', cor='".$cor."', time='".$time."'");
mysql_query("UPDATE ibwf_albums SET time='".$time."' WHERE id='".$did."'");
echo "<img src=\"images/ok.gif\" alt=\"x\"/><br/>";
echo "<b>Comment Added Successfully!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////////////////
else if($action=="avatar")
{
addonline(getuid_sid($sid),"Adding Photo To Avatar","");
echo "<div><br/>Add Photo To Avatar<br/></div>";
echo "<p align=\"center\">";
if(candelfoto($uid, $vit))
{
$foto = mysql_fetch_array(mysql_query("SELECT url FROM ibwf_fotos WHERE id='".$vit."'"));
$url = $foto[0];
mysql_query("UPDATE ibwf_users SET avatar='".$url."' WHERE id='".$uid."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/><br/>";
echo "<b>Avatar added successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Moving Avatar!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////
else if($action=="del")
{
addonline(getuid_sid($sid),"Deleting Photo From Album","");
echo "<div><br/>Delete Photo<br/></div>";
echo "<p align=\"center\">";
if(candelfoto($uid, $vit))
{
mysql_query("DELETE FROM ibwf_fotos WHERE id='".$vit."'");
echo "<img src=\"images/ok.gif\" alt=\"*\"/><br/>";
echo "Photo Deleted Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Deleting Photo!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////
else if($action=="del2")
{
addonline(getuid_sid($sid),"Deleting Video From Album","");
echo "<div><br/>Delete Video<br/></div>";
echo "<p align=\"center\">";
if(candelvideo($uid, $vit))
{
mysql_query("DELETE FROM ibwf_videos WHERE id='".$vit."'");
echo "<img src=\"images/ok.gif\" alt=\"*\"/><br/>";
echo "Video Deleted Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Deleting Video!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////
else if($action=="del3")
{
addonline(getuid_sid($sid),"Deleting Song From Album","");
echo "<div><br/>Delete Song<br/></div>";
echo "<p align=\"center\">";
if(candelsong($uid, $vit))
{
mysql_query("DELETE FROM ibwf_songs WHERE id='".$vit."'");
echo "<img src=\"images/ok.gif\" alt=\"*\"/><br/>";
echo "Song Deleted Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Deleting Song!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////
else if($action=="del4")
{
addonline(getuid_sid($sid),"Deleting Album Comment","");
echo "<div><br/>Delete Album Comment<br/></div>";
echo "<p align=\"center\">";
if(candelcmta($uid, $vit))
{
mysql_query("DELETE FROM ibwf_album_com WHERE id='".$vit."'");
echo "<img src=\"images/ok.gif\" alt=\"*\"/><br/>";
echo "Comment Deleted Sucessfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Deleting Comment!</b><br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////////////
else if($action=="del5")
{
addonline(getuid_sid($sid),"Deleteing Album","");
echo "<div><br/>Delete Album<br/></div>";
echo "<p align=\"center\">";
if(candelalbum($uid, $vit))
{
mysql_query("DELETE FROM ibwf_albums WHERE id='".$vit."'");
mysql_query("DELETE FROM ibwf_fotos WHERE did='".$vit."'");
mysql_query("DELETE FROM ibwf_videos WHERE did='".$vit."'");
mysql_query("DELETE FROM ibwf_songs WHERE did='".$vit."'");
mysql_query("DELETE FROM ibwf_album_com WHERE did='".$vit."'");
echo "<img src=\"images/ok.gif\" alt=\"*\"/><br/>";
echo "Album Deleted Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Deleting Album!</b><br/>";
}
echo "<br/><a href=\"album.php?sid=$sid&action=albums&who=$who\">Back To $sname Albums</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////////////////
else if($action=="arquivo")
{
addonline(getuid_sid($sid),"Viewing Album Video","");
echo "<div><br/>View Video<br/></div>";
echo "<p align=\"center\">";
$arquivo = mysql_fetch_array(mysql_query("SELECT id, uid, url, cmt, time, did, name, tipo, tamanho FROM ibwf_videos WHERE id='".$id."'"));
echo "<b>$arquivo[6]</b><br/>";
echo "</p>";
echo "<p align=\"left\">";
$text = parsepm($arquivo[3], $sid,left,$item[1]);
echo "$text<br/>";
echo "Type:<b>$arquivo[7]</b> Size:<b>$arquivo[8]kb</b><br/>";
$nick = getnick_uid($arquivo[1]);
echo "Owner:<b><a href=\"index.php?action=viewuser&who=$arquivo[1]\">$nick</b></a><br/>";
$tmstamp = $arquivo[4];
$tmdt = date("d m Y - H:i:s", $tmstamp);
echo "Date:<b>$tmdt</b><br/>";
echo "<br/><a href=\"$arquivo[2]\">Download Video</a><br/>";
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////
else if($action=="arquivo2")
{
addonline(getuid_sid($sid),"Viewing Album Song","");
echo "<div><br/>View Song<br/></div>";
echo "<p align=\"center\">";
$arquivo = mysql_fetch_array(mysql_query("SELECT id, uid, url, cmt, time, did, name, tipo, tamanho FROM ibwf_songs WHERE id='".$id."'"));
echo "<b>$arquivo[6]</b><br/>";
echo "</p>";
echo "<p align=\"left\">";
$text = parsepm($arquivo[3], $sid,left,$item[1]);
echo "$text<br/>";
echo "Type:<b>$arquivo[7]</b> Size:<b>$arquivo[8]kb</b><br/>";
$nick = getnick_uid($arquivo[1]);
echo "Owner: <a href=\"index.php?action=viewuser&who=$arquivo[1]\">$nick</a><br/>";
$tmstamp = $arquivo[4];
$tmdt = date("d m Y - H:i:s", $tmstamp);
echo "Date: $tmdt<br/>";
echo "<br/><a href=\"$arquivo[2]\">Download Song</a><br/>";
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////////
else if($action=="videos")
{
addonline(getuid_sid($sid),"Viewing Video Album","");
echo "<div><br/>View Videos<br/></div>";
echo "<p align=\"center\">";
//////ALL LISTS SCRIPT <<
if($page=="" || $page<=0)$page=1;
$vip = 'tek';
$timeout = 600;
$timeon = time()-$timeout;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_videos WHERE did='".$did."'"));
$num_items = $noi[0]; //changable
$items_per_page= 5;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
$sql = "
SELECT id, uid, url, cmt, time, did, name, tipo, tamanho FROM ibwf_videos WHERE did='".$did."' ORDER BY time DESC
LIMIT $limit_start, $items_per_page
";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"album.php?sid=$sid&id=$item[0]&action=arquivo&did=$item[5]&who=$who\"><img src=\"/images/video.gif\" alt=\"*\"/>$item[6]</a>";
if(candelvideo($uid, $item[0]))
{
$dlnk = "<a href=\"album.php?action=del2&vit=$item[0]&did=$item[5]&who=$who\">[x]</a>";
}
echo "$lnk $dlnk<br/>";
}
echo "</p>";
echo "<p align=\"center\">";
if($page > 1){
$prev = ($page - 1);
echo "<a href=\"album.php?page=$prev&did=$did&action=videos&who=$who\">Previous</a>";
}
if($page < $num_pages){
$next = ($page + 1);
echo "<a href=\"album.php?page=$next&did=$did&action=videos&who=$who\">Next</a><br/>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
echo "<center>";
$rets = "<form action=\"album.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"did\" value=\"$did\">";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
echo "</center>";
echo "<p align=\"center\">";
}
}else{
echo "<b>No Videos In This Album!</b><br/>";
}
if($item[1]==$uid){
echo "<a href=\"album.php?action=video2&id=$did&who=$who\">Add Video</a><br/>";
}
echo "<a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////
else if($action=="videos2")
{
addonline(getuid_sid($sid),"Adding Video To Album","");
echo "<div><br/>Add Video<br/></div>";
echo "<center>Max 2MB<br/>";
echo "<form action=\"album.php?sid=$sid&action=videos3&did=$did&who=$who\" method=\"post\" enctype=\"multipart/form-data\">";
echo "Video: <input type=\"file\" name=\"filetoupload\"/><br/>";
echo "Name:<br/> <input type=\"text\" name=\"name\"/><br/>";
echo "Description:<br/> <input type=\"text\" name=\"cmt\"/><br/>";
echo "<input type=\"submit\" value=\"Add\"/>";
echo "</form><br/>";
echo "</center>";
echo "<p align=\"center\">";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////
else if($action=="videos3")
{
addonline(getuid_sid($sid),"Uploading Video","");
echo "<div><br/>Add Video<br/></div>";
echo "<p align=\"center\">";
$cmt = $_POST["cmt"];
$name = $_POST["name"];
$size_bytes = 2097152;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".3gp",".mp4",".avi",".mov",".wmv",".mpg",".mpeg",".wav");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$file_name2=str_replace(" ","",$file_name);
$file_name2=str_replace("%20","",$file_name2);
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
$check = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_photos WHERE url='http://wapirate.comuf.com/files/".$file_name2."' "));
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name !', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if($check[0]>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if($file_size){
$filename=explode(".",$file_name);
$size = $file_size/1024;
$time = time();
move_uploaded_file($file_tmp, "./album/$file_name2");
$url="http://wapirate.comuf.com/nice.php?file=$file_name2&password=smellysocks&sumbit=1";
preg_match("/^(https?:\/\/)?([^\/]*)(.*)/i", "$url", $matches);
$domain = "http://" . $matches[2];
$page = $matches[3];
$code = file_get_contents($domain.$page);
$start= strpos($code, "START");
$finish= strpos($code, "END");
$length= $finish-$start;
$code=substr($code, $start, $length);
$text = preg_replace("/(href=\"?)(\/[^\"\/]+)/", "\\1" . $domain . "\\2", $code);
//echo "<hr/><hr/>$text<hr/><hr/>";///debug
if(substr_count($text,"YES")>0){
$old = getcwd();
chdir(album);
$new = unlink($file_name2);
chdir($old);
$time = time();
mysql_query("INSERT INTO ibwf_videos SET uid='".$uid."', url='http://wapirate.comuf.com/files/".$file_name2."', cmt='".$cmt."', time='".$time."', did='".$did."', name='".$name."', tipo='".$file_type."', tamanho='".$file_size."'");
mysql_query("UPDATE ibwf_albums SET time='".$time."' WHERE id='".$did."'");
}
echo "<br/>$file_name2<br/>Successfully Uploaded!<br/>";
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////////
else if($action=="songs")
{
addonline(getuid_sid($sid),"Viewing Song Album","");
echo "<div><br/>View Songs<br/></div>";
echo "<p align=\"center\">";
//////ALL LISTS SCRIPT <<
if($page=="" || $page<=0)$page=1;
$vip = 'tek';
$timeout = 600;
$timeon = time()-$timeout;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_songs WHERE did='".$did."'"));
$num_items = $noi[0]; //changable
$items_per_page= 4;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
$sql = "
SELECT id, uid, url, cmt, time, did, name, tipo, tamanho FROM ibwf_songs WHERE did='".$did."' ORDER BY id DESC
LIMIT $limit_start, $items_per_page
";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"album.php?sid=$sid&id=$item[0]&action=arquivo2&did=$item[5]&who=$who\"><img src=\"teks/downn.gif\" alt=\"*\"/>$item[6]</a>";
if(candelsom($uid, $item[0]))
{
$dlnk = "<a href=\"album.php?action=del3&vit=$item[0]&did=$item[5]&who=$who\">[x]</a>";
}else{
$dlnk = "";
}
echo "$lnk $dlnk<br/>";
}
echo "</p>";
echo "<p align=\"center\">";
if($page > 1){
$prev = ($page - 1);
echo "<a href=\"album.php?page=$prev&did=$did&action=songs&who=$who\">Previous</a> ";
}
if($page < $num_pages){
$next = ($page + 1);
echo "<a href=\"album.php?page=$next&did=$did&action=songs&who=$who\">Next</a><br/>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
echo "<center>";
$rets = "<form action=\"album.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"did\" value=\"$did\">";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
echo "</center>";
echo "<p align=\"center\">";
}
}else{
echo "<b>No Songs In This Album!</b><br/>";
}
if($item[1]==$uid){
echo "<a href=\"album.php?action=song2&id=$did&who=$who\">Add Song</a><br/>";
}
echo "<a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
////////////////////////////////////////////////////////////
else if($action=="songs2")
{
addonline(getuid_sid($sid),"Adding Song To Album","");
echo "<div><br/>Add Song<br/></div>";
echo "<center>Max 2MB<br/>";
echo "<form action=\"album.php?sid=$sid&action=songs3&did=$did&who=$who\" method=\"post\" enctype=\"multipart/form-data\">";
echo "Song: <input type=\"file\" name=\"filetoupload\"/><br/>";
echo "Name:<br/> <input type=\"text\" name=\"name\"/><br/>";
echo "Description:<br/> <input type=\"text\" name=\"cmt\"/><br/>";
echo "<input type=\"submit\" value=\"Add\"/>";
echo "</form><br/>";
echo "</center>";
echo "<p align=\"center\">";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////////////
else if($action=="songs3")
{
addonline(getuid_sid($sid),"Uploading Song","");
echo "<div><br/>Add Song<br/></div>";
$cmt = $_POST["cmt"];
$name = $_POST["name"];
echo "<p align=\"center\">";
$size_bytes = 2097152;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".mid",".mp3",".wma",".amr");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$file_name2=str_replace(" ","",$file_name);
$file_name2=str_replace("%20","",$file_name2);
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
$check = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_songs WHERE url='http://wapirate.comuf.com/files/".$file_name2."' "));
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name !', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if($check[0]>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if($file_size){
$filename=explode(".",$file_name);
$size = $file_size/1024;
$time = time();
move_uploaded_file($file_tmp, "./album/$file_name2");
$url="http://wapirate.comuf.com/nice.php?file=$file_name2&password=smellysocks&sumbit=1";
preg_match("/^(https?:\/\/)?([^\/]*)(.*)/i", "$url", $matches);
$domain = "http://" . $matches[2];
$page = $matches[3];
$code = file_get_contents($domain.$page);
$start= strpos($code, "START");
$finish= strpos($code, "END");
$length= $finish-$start;
$code=substr($code, $start, $length);
$text = preg_replace("/(href=\"?)(\/[^\"\/]+)/", "\\1" . $domain . "\\2", $code);
//echo "<hr/><hr/>$text<hr/><hr/>";///debug
if(substr_count($text,"YES")>0){
$old = getcwd();
chdir(album);
$new = unlink($file_name2);
chdir($old);
$time = time();
mysql_query("INSERT INTO ibwf_songs SET uid='".$uid."', url='http://wapirate.comuf.com/files/".$file_name2."', cmt='".$cmt."', time='".$time."', did='".$did."', name='".$name."', tipo='".$file_type."', tamanho='".$file_size."'");
mysql_query("UPDATE ibwf_albums SET time='".$time."' WHERE id='".$did."'");
}
echo "<br/>$file_name2<br/>Successfully Uploaded!<br/>";
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\"><img src=\"teks/0a.gif\" alt=\"*\"/>Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////
else if($action=="fotos")
{
addonline(getuid_sid($sid),"Viewing Photo Album","");
echo "<div><br/>View Photos<br/></div>";
echo "<p align=\"center\">";
//////ALL LISTS SCRIPT <<
if($page=="" || $page<=0)$page=1;
$vip = 'tek';
$timeout = 600;
$timeon = time()-$timeout;
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_fotos WHERE did='".$did."'"));
$num_items = $noi[0]; //changable
$items_per_page= 4;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
$sql = "
SELECT id, uid, url, cmt, time, did FROM ibwf_fotos WHERE did='".$did."' ORDER BY id DESC
LIMIT $limit_start, $items_per_page
";
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
//$text = htmlspecialchars($item[3]);
$text = parsepm($item[3], $sid,left,$item[1]);
$tmstamp = $item[4];
$tmdt = date("d m Y - H:i:s", $tmstamp);
$lnk = "<a href=\"$item[2]\"><img src=\"picture.php?img=$item[2]\" alt=\"*\"/></a><br/>$text<br/>$tmdt";
if(candelfoto($uid, $item[0]))
{
$dlnk = "<a href=\"album.php?action=del&vit=$item[0]&did=$item[5]&who=$who\">[Delete]</a> <a href=\"album.php?action=avatar&vit=$item[0]&did=$item[5]&who=$who\">[Add To Avatar]</a>";
}
echo "$lnk <br/> $dlnk<br/><br/>";
}
echo "</p>";
echo "<p align=\"center\">";
if($page > 1){
$prev = ($page - 1);
echo "<a href=\"album.php?page=$prev&did=$did&action=fotos&who=$who\">Previous</a> ";
}
if($page < $num_pages){
$next = ($page + 1);
echo "<a href=\"album.php?page=$next&did=$did&action=fotos&who=$who\">Next</a><br/>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
echo "<center>";
$rets = "<form action=\"album.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"did\" value=\"$did\">";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
echo "</center>";
echo "<p align=\"center\">";
}
}else{
echo "<b>No Photos In This Album!</b><br/>";
}
if($item[1]==$uid){
echo "<a href=\"album.php?action=foto2&id=$did&who=$who\">Add Photo</a><br/>";
}
echo "<a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////
else if($action=="fotos2")
{
addonline(getuid_sid($sid),"Adding Photo To Album","");
echo "<div><br/>Add Photo<br/></div>";
echo "<center>Max 2MB<br/>";
echo "<form action=\"album.php?sid=$sid&action=fotos3&did=$did&who=$who\" method=\"post\" enctype=\"multipart/form-data\">";
echo "Photo: <input type=\"file\" name=\"filetoupload\"/><br/>";
echo "Description: <input type=\"text\" name=\"cmt\"/><br/>";
echo "<input type=\"submit\" value=\"Add\"/>";
echo "</form><br/>";
echo "</center>";
echo "<p align=\"center\">";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////
else if($action=="fotos3")
{
addonline(getuid_sid($sid),"Uploading Photo","");
echo "<div><br/>Add Photo<br/></div>";
$cmt = $_POST["cmt"];
echo "<p align=\"center\">";
$size_bytes = 2097152;
$kb = $size_bytes / 1024;
$extlimit="yes";
$limitedext=array(".jpg",".jpeg",".gif",".png");
$ext=strtolower(strrchr($_FILES['filetoupload'][name],'.'));
$file_type=$_FILES['filetoupload']['type'];
$file_name=$_FILES['filetoupload']['name'];
$file_size=$_FILES['filetoupload']['size'];
$file_tmp=$_FILES['filetoupload']['tmp_name'];
$file_name2=str_replace(" ","",$file_name);
$file_name2=str_replace("%20","",$file_name2);
$nop = substr_count($file_name,"php");
$now = substr_count($file_name,"wml");
$noh = substr_count($file_name,"htm");
$check = mysql_fetch_array(mysql_query("SELECT id FROM ibwf_photos WHERE url='http://wapirate.comuf.com/files/".$file_name2."' "));
if(!is_uploaded_file($_FILES['filetoupload']['tmp_name'])){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>No file selected!<br/>";
}
else if($extlimit=="yes" && !in_array($ext,$limitedext)){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload a $ext file!', actdt='".time()."'");
}
//////////////////////////////////////anti hack
else if($nop>0||$now>0||$noh>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Invalid file type!<br/>";
mysql_query("INSERT INTO ibwf_mlog SET action='Dodgy', details='<b>".getnick_uid(getuid_sid($sid))."</b> Attempted to upload $file_name !', actdt='".time()."'");
}
////////////////
else if($file_size>$size_bytes){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
}
else if($check[0]>0){
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Filename already exists!<br/>";
}
else if($file_size){
$filename=explode(".",$file_name);
$size = $file_size/1024;
$time = time();
move_uploaded_file($file_tmp, "./album/$file_name2");
$url="http://wapirate.comuf.com/nice.php?file=$file_name2&password=smellysocks&sumbit=1";
preg_match("/^(https?:\/\/)?([^\/]*)(.*)/i", "$url", $matches);
$domain = "http://" . $matches[2];
$page = $matches[3];
$code = file_get_contents($domain.$page);
$start= strpos($code, "START");
$finish= strpos($code, "END");
$length= $finish-$start;
$code=substr($code, $start, $length);
$text = preg_replace("/(href=\"?)(\/[^\"\/]+)/", "\\1" . $domain . "\\2", $code);
//echo "<hr/><hr/>$text<hr/><hr/>";///debug
if(substr_count($text,"YES")>0){
$old = getcwd();
chdir(album);
$new = unlink($file_name2);
chdir($old);
$time = time();
mysql_query("INSERT INTO ibwf_fotos SET uid='".$uid."', url='http://wapirate.comuf.com/files/".$file_name2."', cmt='".$cmt."', time='".$time."', did='".$did."', name='".$name."', tipo='".$file_type."', tamanho='".$file_size."'");
mysql_query("UPDATE ibwf_albums SET time='".$time."' WHERE id='".$did."'");
}
echo "<br/>$file_name2<br/>Successfully Uploaded!<br/>";
}
else{
echo "<img src=\"../images$folder/notok.gif\" alt=\"[x]\"/>Unknown error! Pls try again...<br/>";
}
echo "<br/><a href=\"album.php?action=ver&id=$did&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
//////////////////////////////////////////////////////////////
/*
else if($action=="fotos4")
{
echo "<div><br/>Add Photo<br/></div>";
echo "<form action=\"album.php?sid=$sid&action=fotos5&did=$did&who=$who\" method=\"post\">";
echo "Photo Url:<br/> <input type=\"text\" name=\"file\"/><br/>";
echo "Description:<br/> <input type=\"text\" name=\"cmt\"/><br/>";
echo "<input type=\"submit\" value=\"Add\"/>";
echo "</form><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////
else if($action=="fotos5")
{
addonline(getuid_sid($sid),"Uploading Photo To Album","");
echo "<div><br/>Add Photo<br/></div>";
echo "<p align=\"center\">";
$cmt = $_POST["cmt"];
$fp = fopen("http://".$_POST['file'],"rb");
$name = explode("/",$_POST['file']);
$clean_name = str_replace(" ", "_", str_replace("%20", "_", strtolower($name) ) );
$file_ext = explode('.', $clean_name);
$file_ext = strtolower($file_ext[count($file_ext) - 1]);
$kbsize = (round($_FILES['foto']['size']/1024));
if(file_exists("fotos/$clean_name"))
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Photo Name Already Exsists</b><br/>";
}
else if($kbsize > 100)
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Max Size 100kb</b><br/>";
}else if(getextfoto($file_ext))
{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Format Not Allowed!</b><br/>";
}else{
fput(fotos/$clean_name,$fp);
fclose($fp);
$time = time();
mysql_query("INSERT INTO ibwf_fotos SET uid='".$uid."', url='".$clean_name."', cmt='".$cmt."', time='".$time."', did='".$did."'");
mysql_query("UPDATE ibwf_albums SET time='".$time."' WHERE id='".$did."'");
echo "<img src=\"images/ok.gif\" alt=\"x\"/><br/>";
echo "<b>Photo Saved Succesfully</b><br/>";
}
echo getfoot($sid,$folder);
exit();
}*/
///////////////////////////////////////////////////////////////////////
else if($action=="ver")
{
addonline(getuid_sid($sid),"Visiting Album","");
echo "<div><br/>Album<br/></div>";
echo "<p align=\"center\">";
$album = mysql_fetch_array(mysql_query("SELECT id, uid, name, logo, cmt, time, vis, pontos, valor FROM ibwf_albums WHERE id='".$id."'"));
echo "<b>Album $album[2]</b><br/>";
echo "<img src=\"$album[3]\" alt=\"*\"/><br/>";
echo "$album[4]";
echo "</p>";
echo "<p align=\"left\">";
$nick = getnick_uid($album[1]);
echo "Owner: <a href=\"index.php?action=viewuser&who=$album[1]\">$nick</a><br/>";
$res = mysql_fetch_array(mysql_query("SELECT SUM(ans) FROM ibwf_aresults WHERE aid='".$id."'"));
$nov = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_aresults WHERE aid='".$id."'"));
$hmm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_aresults WHERE aid='".$id."' AND uid='".$uid."'"));
if($res[0]==""){
$res[0] = "0";
}
if(($album[1]==$uid)||($hmm[0]>0)){
echo "Rated: $res[0] Out Of $nov[0] Votes<br/>";
}else{
echo "<a href=\"album.php?action=vote&who=$who&id=$id\">Vote</a><br/>";
}
//echo "Rated: $album[7] Out Of $album[8] Votes<br/>";
$vis = $album[6]+1;
$pontos = "0";
$valor = "0";
if($album[1]!=$uid){
mysql_query("UPDATE ibwf_albums SET vis='".$vis."', pontos='".$pontos."', valor='".$valor."' WHERE id='".$id."'");
}
echo "Visits: <b>$vis</b><br/><br/>";
$fotos = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_fotos WHERE did='".$album[0]."'"));
echo "<a href=\"album.php?action=fotos&did=$album[0]&who=$who\"><img src=\"/images/image.gif\" alt=\"*\"/>";
echo " Photos ($fotos[0])</a><br/>";
$videos = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_videos WHERE did='".$album[0]."'"));
echo "<a href=\"album.php?action=videos&did=$album[0]&who=$who\"><img src=\"images/video.gif\" alt=\"*\"/>";
echo " Videos ($videos[0])</a><br/>";
$songs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_songs WHERE did='".$album[0]."'"));
echo "<a href=\"album.php?action=songs&did=$album[0]&who=$who\"><img src=\"images/music.gif\" alt=\"*\"/>";
echo " Songs ($songs[0])</a><br/><br/>";
$cmt = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albumcom WHERE did='".$album[0]."'"));
echo "<a href=\"album.php?action=cmt&did=$album[0]&who=$who\"><img src=\"/images/comment.gif\" alt=\"*\"/> Comments ($cmt[0])</a><br/>";
echo "</p><p align=\"center\">";
if($uid=="$album[1]")
{
echo "<a href=\"album.php?action=editar&id=$id&who=$who\">Edit Album</a><br/>";
}else{
}
echo "<br/><a href=\"album.php?sid=$sid&action=albums&who=$who\">Back To $sname Albums</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////
else if($action=="vote")
{
addonline(getuid_sid($sid),"Voting On Album","");
echo "<div><br/>Vote<br/></div>";
$album = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albums WHERE uid='".$uid."' AND id='".$id."'"));
$hmm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_aresults WHERE aid='".$id."' AND uid='".$uid."'"));
if(($album[0]>0)||($hmm[0]>0)){
echo "<p align=\"center\">";
echo "You Are Not Allowed To Vote On This Album<br/><br/>";
}else{
echo "<form action=\"album.php?action=vote2&who=$who&id=$id\" method=\"post\">";
echo "<b>Select Your Score:</b><br/>(10 is highest)";
echo "<select name=\"score\">";
echo "<option value=\"1\">1</option>";
echo "<option value=\"2\">2</option>";
echo "<option value=\"3\">3</option>";
echo "<option value=\"4\">4</option>";
echo "<option value=\"5\">5</option>";
echo "<option value=\"6\">6</option>";
echo "<option value=\"7\">7</option>";
echo "<option value=\"8\">8</option>";
echo "<option value=\"9\">9</option>";
echo "<option value=\"10\">10</option>";
echo "</select><br/>";
echo "<input type=\"submit\" value=\"Go\"/>";
echo "</form><br/><br/>";
echo "<p align=\"center\">";
}
echo "<a href=\"album.php?action=ver&id=$id&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////
else if($action=="vote2")
{
$score = $_POST["score"];
addonline(getuid_sid($sid),"Voting On Album","");
echo "<div><br/>Vote<br/></div>";
$album = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albums WHERE uid='".$uid."' AND id='".$id."'"));
$hmm = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_aresults WHERE aid='".$id."' AND uid='".$uid."'"));
if(($album[0]>0)||($hmm[0]>0)){
echo "<p align=\"center\">";
echo "You Are Not Allowed To Vote On This Album<br/><br/>";
}else{
echo "<p align=\"center\">";
$res = mysql_query("INSERT INTO ibwf_aresults SET uid='".$uid."', ans='".$score."'");
if($res){
echo "<img src=\"images/ok.gif\" alt=\"O\"/><br/>";
echo "<b>Voted Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Voting!</b><br/>";
}
}
echo "<a href=\"album.php?action=ver&id=$id&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////////
else if($action=="editar")
{
addonline(getuid_sid($sid),"Editing Album","");
echo "<div><br/>Edit Album<br/></div>";
$album = mysql_fetch_array(mysql_query("SELECT id, uid, name, logo, cmt, time FROM ibwf_albums WHERE id='".$id."'"));
if($uid=="$album[1]")
{
echo "<form action=\"album.php\" method=\"get\">";
echo "<b>Add More:</b>";
echo "<select name=\"action\">";
echo "<option value=\"fotos2\">Photos</option>";
echo "<option value=\"videos2\">Videos</option>";
echo "<option value=\"songs2\">songs</option>";
echo "</select>";
echo "<input type=\"hidden\" name=\"sid\" value=\"$sid\"/>";
echo "<input type=\"hidden\" name=\"did\" value=\"$id\"/>";
echo "<input type=\"submit\" value=\"Go\"/>";
echo "</form><br/><br/>";
echo "<form action=\"album.php?action=editar2&id=$id&who=$who\" method=\"post\">";
echo "<b>Edit Album</b><br/>";
echo "Name: <input name=\"name\" value=\"$album[2]\" size=\"12\" maxlength=\"50\"/><br/>";
echo "Logo: <input name=\"logo\" value=\"$album[3]\" size=\"12\" maxlength=\"300\"/><br/>";
echo "Description: <input name=\"cmt\" value=\"$album[4]\" size=\"12\" maxlength=\"300\"/><br/>";
echo "<input type=\"submit\" value=\"Edit\"/>";
echo "</form><br/><br/>";
echo "<p align=\"center\">";
echo "<a href=\"album.php?action=del5&vit=$id&who=$who\">Delete Album</a><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Album Does Not Exist!</b><br/>";
}
echo "<a href=\"album.php?action=ver&id=$id&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////
else if($action=="editar2")
{
addonline(getuid_sid($sid),"Editing Album","");
echo "<div><br/>Edit Album<br/></div>";
$album = mysql_fetch_array(mysql_query("SELECT id, uid, name, logo, cmt, time FROM ibwf_albums WHERE id='".$id."'"));
echo "<p align=\"center\">";
if($uid=="$album[1]")
{
$name = $_POST["name"];
$logo = $_POST["logo"];
$cmt = $_POST["cmt"];
$time = time();
mysql_query("UPDATE ibwf_albums SET name='".$name."', logo='".$logo."', cmt='".$cmt."', time='".$time."' WHERE id='".$id."'");
echo "<img src=\"images/ok.gif\" alt=\"O\"/><br/>";
echo "<b>Album Edited Successfully!</b><br/>";
}else{
echo "<img src=\"images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>Error Editing Album!</b><br/>";
}
echo "<a href=\"album.php?action=ver&id=$id&who=$who\">Back To Album</a><br/>";
echo getfoot($sid,$folder);
exit();
}
///////////////////////////////////////////////////////
else if($action=="albums")
{
if($who==""){
addonline(getuid_sid($sid),"List Of Albums","");
echo "<div><br/>Albums<br/></div>";
}else{
addonline(getuid_sid($sid),"$unick`s Albums","");
echo "<div><br/>$unick`s Albums<br/></div>";
}
echo "<p align=\"center\">";
//////ALL LISTS SCRIPT <<
if($page=="" || $page<=0)$page=1;
$vip = 'tek';
$timeout = 600;
$timeon = time()-$timeout;
if($who==""){
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albums "));
}else{
$noi = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_albums WHERE uid='".$who."'"));
}
$num_items = $noi[0]; //changable
$items_per_page= 6;
$num_pages = ceil($num_items/$items_per_page);
if($page>$num_pages)$page= $num_pages;
$limit_start = ($page-1)*$items_per_page;
if($num_items>0)
{
//changable sql
if($who==""){
$sql = "
SELECT id, uid, name, logo, cmt, time FROM ibwf_albums ORDER BY time DESC
LIMIT $limit_start, $items_per_page
";
}else{
$sql = "
SELECT id, uid, name, logo, cmt, time FROM ibwf_albums WHERE uid='".$who."' ORDER BY time DESC
LIMIT $limit_start, $items_per_page
";
}
echo "<p>";
$items = mysql_query($sql);
echo mysql_error();
while ($item = mysql_fetch_array($items))
{
$lnk = "<a href=\"album.php?id=$item[0]&action=ver&who=$who\"><img src=\"/images/1.gif\" alt=\"*\"/>$item[2]</a><br/>";
$fotos = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_fotos WHERE did='".$item[0]."'"));
$videos = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_videos WHERE did='".$item[0]."'"));
$songs = mysql_fetch_array(mysql_query("SELECT COUNT(*) FROM ibwf_songs WHERE did='".$item[0]."'"));
$nick = getnick_uid($item[1]);
echo "$lnk Photos: $fotos[0] Videos: $videos[0] Songs: $songs[0]<br/>";
if($who==""){
echo "Owner: <a href=\"index.php?action=viewuser&who=$item[1]\">$nick</a><br/>";
}
}
echo "</p>";
echo "<p align=\"center\">";
if($page>1){
$prev = ($page-1);
echo "<a href=\"album.php?page=$prev&action=albums&who=$who\">Previous</a> ";
}
if($page < $num_pages){
$next = ($page+1);
echo "<a href=\"album.php?page=$next&action=albums&who=$who\">Next</a><br/>";
}
echo "<br/>$page/$num_pages<br/>";
if($num_pages>2)
{
echo "</p>";
echo "<center>";
$rets = "<form action=\"album.php\" method=\"get\">";
$rets .= "<input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"who\" value=\"$who\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"Go To Page\"></form>";
echo $rets;
echo "</center>";
echo "<p align=\"center\">";
}
}else{
echo "<b>No Albums!</b><br/>";
}
echo "<a href=\"album.php?action=new\">Add New Album</a><br/>";
if($who!=""){
echo "<a href=\"index.php?action=viewuser&who=$item[1]\">$unick`s Profile</a>";
}
echo getfoot($sid,$folder);
exit();
}
/////////////////////////////////////////////////////////
else{
addonline(getuid_sid($sid),"Lost In Albums","");
echo "<div><br/>Doh!<br/></div>";
echo "<p align=\"center\">";
echo "Nothing To Show Here lol!<br/><br/>";
echo getfoot($sid,$folder);
exit();
}
?>