+ $r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid`
+ WHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1",
+ intval($page_owner_uid)
+ );
+
+ if(! count($r)) {
+ notice( t('Contact information unavailable') . EOL);
+ logger('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
+ killme();
+ }
+
+ $owner_record = $r[0];
+
+
+ if(($a->argc > 3) && ($a->argv[2] === 'album')) {
+ $album = hex2bin($a->argv[3]);
+
+ if($album === t('Profile Photos') || $album === 'Contact Photos' || $album === t('Contact Photos')) {
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d",
+ dbesc($album),
+ intval($page_owner_uid)
+ );
+ if(! count($r)) {
+ notice( t('Album not found.') . EOL);
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $newalbum = notags(trim($_POST['albumname']));
+ if($newalbum != $album) {
+ q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d",
+ dbesc($newalbum),
+ dbesc($album),
+ intval($page_owner_uid)
+ );
+ $newurl = str_replace(bin2hex($album),bin2hex($newalbum),$_SESSION['photo_return']);
+ goaway($a->get_baseurl() . '/' . $newurl);
+ return; // NOTREACHED
+ }
+
+
+ if($_POST['dropalbum'] == t('Delete Album')) {
+
+ $res = array();
+
+ // get the list of photos we are about to delete
+
+ if($visitor) {
+ $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'",
+ intval($visitor),
+ intval($page_owner_uid),
+ dbesc($album)
+ );
+ }
+ else {
+ $r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'",
+ intval(local_user()),
+ dbesc($album)
+ );
+ }
+ if(count($r)) {
+ foreach($r as $rr) {
+ $res[] = "'" . dbesc($rr['rid']) . "'" ;
+ }
+ }
+ else {
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ $str_res = implode(',', $res);
+
+ // remove the associated photos
+
+ q("DELETE FROM `photo` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
+ intval($page_owner_uid)
+ );
+
+ // find and delete the corresponding item with all the comments and likes/dislikes
+
+ $r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( $str_res ) AND `uid` = %d",
+ intval($page_owner_uid)
+ );
+ if(count($r)) {
+ foreach($r as $rr) {
+ q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
+ dbesc(datetime_convert()),
+ dbesc($rr['parent-uri']),
+ intval($page_owner_uid)
+ );
+
+ $drop_id = intval($rr['id']);
+
+ // send the notification upstream/downstream as the case may be
+
+ if($rr['visible'])
+ proc_run('php',"include/notifier.php","drop","$drop_id");
+ }
+ }
+ }
+ goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
+ return; // NOTREACHED
+ }
+
+ if(($a->argc > 2) && (x($_POST,'delete')) && ($_POST['delete'] == t('Delete Photo'))) {
+
+ // same as above but remove single photo
+
+ if($visitor) {
+ $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1",
+ intval($visitor),
+ intval($page_owner_uid),
+ dbesc($a->argv[2])
+ );
+ }
+ else {
+ $r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1",
+ intval(local_user()),
+ dbesc($a->argv[2])
+ );
+ }
+ if(count($r)) {
+ q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'",
+ intval($page_owner_uid),
+ dbesc($r[0]['resource-id'])
+ );
+ $i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1",
+ dbesc($r[0]['resource-id']),
+ intval($page_owner_uid)
+ );
+ if(count($i)) {
+ q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d",
+ dbesc(datetime_convert()),
+ dbesc(datetime_convert()),
+ dbesc($i[0]['uri']),
+ intval($page_owner_uid)
+ );
+
+ $url = $a->get_baseurl();
+ $drop_id = intval($i[0]['id']);
+
+ if($i[0]['visible'])
+ proc_run('php',"include/notifier.php","drop","$drop_id");
+ }
+ }
+
+ goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
+ return; // NOTREACHED
+ }
+
+ if(($a->argc > 2) && ((x($_POST,'desc') !== false) || (x($_POST,'newtag') !== false)) || (x($_POST,'albname') !== false)) {
+
+ $desc = ((x($_POST,'desc')) ? notags(trim($_POST['desc'])) : '');
+ $rawtags = ((x($_POST,'newtag')) ? notags(trim($_POST['newtag'])) : '');
+ $item_id = ((x($_POST,'item_id')) ? intval($_POST['item_id']) : 0);
+ $albname = ((x($_POST,'albname')) ? notags(trim($_POST['albname'])) : '');
+ $str_group_allow = perms2str($_POST['group_allow']);
+ $str_contact_allow = perms2str($_POST['contact_allow']);
+ $str_group_deny = perms2str($_POST['group_deny']);
+ $str_contact_deny = perms2str($_POST['contact_deny']);
+
+ $resource_id = $a->argv[2];
+
+ if(! strlen($albname))
+ $albname = datetime_convert('UTC',date_default_timezone_get(),'now', 'Y');
+
+
+ $p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC",
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ if(count($p)) {
+ $r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d",
+ dbesc($desc),
+ dbesc($albname),
+ dbesc($str_contact_allow),
+ dbesc($str_group_allow),
+ dbesc($str_contact_deny),
+ dbesc($str_group_deny),
+ dbesc($resource_id),
+ intval($page_owner_uid)
+ );
+ }
+
+ /* Don't make the item visible if the only change was the album name */
+
+ $visibility = 0;
+ if($p[0]['desc'] !== $desc || strlen($rawtags))
+ $visibility = 1;
+
+ if(! $item_id) {
+
+ // Create item container
+
+ $title = '';
+ $basename = basename($filename);
+ $uri = item_new_uri($a->get_hostname(),$page_owner_uid);
+
+ $arr = array();
+
+ $arr['uid'] = $page_owner_uid;
+ $arr['uri'] = $uri;
+ $arr['parent-uri'] = $uri;
+ $arr['type'] = 'photo';
+ $arr['wall'] = 1;
+ $arr['resource-id'] = $p[0]['resource-id'];
+ $arr['contact-id'] = $owner_record['id'];
+ $arr['owner-name'] = $owner_record['name'];
+ $arr['owner-link'] = $owner_record['url'];
+ $arr['owner-avatar'] = $owner_record['thumb'];
+ $arr['author-name'] = $owner_record['name'];
+ $arr['author-link'] = $owner_record['url'];
+ $arr['author-avatar'] = $owner_record['thumb'];
+ $arr['title'] = $title;
+ $arr['allow_cid'] = $p[0]['allow_cid'];
+ $arr['allow_gid'] = $p[0]['allow_gid'];
+ $arr['deny_cid'] = $p[0]['deny_cid'];
+ $arr['deny_gid'] = $p[0]['deny_gid'];
+ $arr['last-child'] = 1;
+ $arr['visible'] = $visibility;
+ $arr['origin'] = 1;
+
+ $arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']'
+ . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.jpg' . '[/img]'
+ . '[/url]';
+
+ $item_id = item_store($arr);
+
+ }