Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-05-29 06:43:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Working on getting new components to work with AJAX and Jquery

Browse source
This commit is contained in:
Michał Gdula 2022-08-08 12:43:57 +01:00
parent ffa8a8e1a3
commit d8b20c9b34
15 changed files with 344 additions and 123 deletions
Download patch file Download diff file Expand all files Collapse all files

84
app/image/delete_image.php
View file

@ -1,27 +1,73 @@
<?php
/*
Confirm deleting user
user must be privilaged to do this action this the privilaged == true
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
if (isset($_POST['delete_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Delete from table
$image_delete_request = "DELETE FROM swag_table WHERE id =".$image['id'];
$image_delete = mysqli_query($conn,$image_delete_request);
if ($image_delete) {
// See if image is in the directory
if (is_file("images/".$image['imagename'])) {
unlink("images/".$image['imagename']);
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
// Delete thumbnail if exitsts
if (is_file("images/thumbnails/".$image['imagename'])) {
unlink("images/thumbnails/".$image['imagename']);
}
header("Location:index.php?del=true&id=".$image['id']);
} else {
header("Location: image.php?id=".$image['id']."&del=fail>");
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
// nice uwu

60
app/image/edit_author.php
View file

@ -1,26 +1,52 @@
<?php
/*
Author confirm
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
if (isset($_POST['author_confirm']) && is_admin($_SESSION['id'])) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
session_start();
// Include server connection
include "../server/conn.php";
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
if (isset($_POST['submit'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['update_author'];
$param_id = $image["id"];
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

81
app/image/edit_description.php
View file

@ -1,32 +1,71 @@
<?php
$conn_ip = "localhost";
$conn_username = "uwu";
$conn_password = "fennec621";
$conn_database = "swag";
$conn = mysqli_connect($conn_ip, $conn_username, $conn_password , $conn_database);
if ($conn->connect_error) {
// Send notification that connection couldn't be made
}
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['description'];
$param_id = $_POST['id'];
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
echo "sniffleAdd('Info', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', ".$root_dir."'assets/icons/check.svg')";
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
echo "sniffleAdd('Error', 'An error occured on the servers', 'var(--red)', ".$root_dir."'assets/icons/check.svg')";
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

101
app/image/edit_tags.php
View file

@ -5,37 +5,88 @@ if (isset($_POST['tags_confirm']) && $privilaged) {
// Unset all the variables, needed by flyout
unset($header, $content, $action);
// Clean tags before adding
function clean($string) {
// Change to lowercase
$string = strtolower($string);
// Replace hyphens
$string = str_replace('-', '_', $string);
// Regex
$string = preg_replace('/[^A-Za-z0-9\_ ]/', '', $string);
// Return string
return preg_replace('/ +/', ' ', $string);
}
// Clean input
$tags_string = tag_clean(trim($_POST['add_tags']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $image["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
header("Location:image.php?id=".$image["id"]."&update=success");
} else {
header("Location:image.php?id=".$image["id"]."&update=error");
}
}
}
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Tag cleaning
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', '<?php echo $root_dir; ?>assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}