<%@ CodePage=65001 Language="VBScript"%> <% Option Explicit %> <% sBBSLangPage = "albums" BBS.SetupBBS BBS.SetScheme(0) dictEnvironment.item("V-LOCATIONLINKS") = dictEnvironment.item("V-LOCATIONLINKS") & " -> " & dictLanguage("GLOBAL-LOCATION9") & " -> " & dictLanguage("GLOBAL-LOCATION10") dim SQL, sOutput, sAlbumUsername, iUserAlbumID, vAlbumInfo ' Check for permission if not(BBS.HasPermission(PERM_ViewBBS, -1)) then response.redirect sBBSForumRoot & "/logon.asp?error=needregistration" if dictConfiguration("bENABLEPHOTOALBUMS") = 0 then response.redirect "../category-view.asp" if not(BBS.HasPermission(PERM_Albumcreate, -1)) then response.redirect sBBSForumRoot & "/restricted-page.asp" if not(BBS.HasPermission(PERM_AlbumView, -1)) then response.redirect sBBSForumRoot & "/restricted-page.asp" if dictConfiguration("bENABLEPHOTOALBUMS") = 0 then response.redirect "../category-view.asp" if iBBSUserLevel < USERLEVEL_user then response.redirect "../category-view.asp" ' Administrators might want to work on someone else's album if BBS.GetUserlevel(MODULE_Albums, -1) >= USERLEVEL_ModuleAdministrator then if len(request.querystring("useralbum")) > 0 then iUserAlbumID = BBS.GetUserInfoByID(request.querystring("useralbum"))(UI_MemberID) sAlbumUsername = BBS.GetUserInfoByID(request.querystring("useralbum"))(UI_Username) if iUserAlbumID <= 0 then response.redirect "photos-main.asp" else sAlbumUsername = sBBSUserName iUserAlbumID = iBBSMemberID end if else sAlbumUsername = sBBSUserName iUserAlbumID = iBBSMemberID end if if request.form("action") = "create" and request.form("action2") <> dictLanguage("GLOBAL-DELETE") then ' Create an album vAlbumInfo = Albums.GetAlbumInfoStruct() vAlbumInfo(AI_Name) = request.form("name") vAlbumInfo(AI_Description) = request.form("description") vAlbumInfo(AI_AllowUserComments) = bbs.ValidateBoolean(request.form("allowusercomments")) vAlbumInfo(AI_AllowGuestComments) = BBS.ValidateBoolean(request.form("allowguestcomments")) vAlbumInfo(AI_Username) = sAlbumUsername if len(trim(vAlbumInfo(AI_Name))) = 0 then vAlbumInfo(AI_Name) = "---" Albums.CreateAlbum(vAlbumInfo) end if if request.form("action2") = dictLanguage("GLOBAL-DELETE") then ' Delete an album vAlbumInfo = Albums.GetAlbumInfo(request.querystring("albumid")) if ucase(vAlbumInfo(AI_Username)) <> ucase(sBBSUsername) and BBS.GetUserlevel(MODULE_Albums, -1) < USERLEVEL_ModuleAdministrator then ' Trying to delete someone else's album? response.redirect "../category-view.asp" else Albums.DeleteAlbum(request.querystring("albumid")) end if end if if request.form("action") = "postedit" then ' Edit an album vAlbumInfo = Albums.GetAlbumInfo(request.querystring("albumid")) if ucase(vAlbumInfo(AI_Username)) <> ucase(sBBSUsername) and BBS.GetUserlevel(MODULE_Albums, -1) < USERLEVEL_ModuleAdministrator then ' Trying to delete someone else's album? response.redirect "../category-view.asp" else ' Create an album vAlbumInfo = Albums.GetAlbumInfo(request.querystring("albumid")) vAlbumInfo(AI_Name) = request.form("name") vAlbumInfo(AI_Description) = request.form("description") vAlbumInfo(AI_AllowUserComments) = bbs.ValidateBoolean(request.form("allowusercomments")) vAlbumInfo(AI_AllowGuestComments) = BBS.ValidateBoolean(request.form("allowguestcomments")) if len(trim(vAlbumInfo(AI_Name))) = 0 then vAlbumInfo(AI_Name) = "---" Albums.EditAlbum(vAlbumInfo) end if end if ' Get a list of this user's photo albums SQL = "select * from albums where username='" & BBS.ValidateSQL(sAlbumUsername) & "' order by name asc" rsMaster.open SQL, dbConnection, adOpenForwardonly, adLockReadOnly BBS.AddQuery(SQL) do until rsMaster.EOF vbString.Append dictLanguage("ALBUMS-NAME") & ": " & BBS.ValidateField(rsMaster.fields("name").value) & " (" & (rsMaster.fields("photocount").value) & " " & dictLanguage("ALBUMS-PHOTOS") & ")
" if len(rsMaster.fields("description").value) > 0 then vbString.Append BBS.MBBSDecode(rsMaster.fields("description").value, 0) & "
" end if vbString.Append "" & dictLanguage("ALBUMS-ACTIONS") & ": [" vbString.Append "" & dictLanguage("ALBUMS-UPLOAD") & " / " vbString.Append "" & dictLanguage("ALBUMS-VIEWPHOTOS") & " / " vbString.Append "" & dictLanguage("ALBUMS-EDIT") & "]
" vbString.Append "

" rsMaster.MoveNext loop rsMaster.Close sOutput = vbString.ToString() vbString.Clear dictEnvironment("V-ALBUMLIST") = sOutput sOutput = "" if request.querystring("action") = "edit" then dictEnvironment("C-SHOWEDIT") = 1 vAlbumInfo=Albums.GetAlbumInfo(request.querystring("albumid")) dictEnvironment("V-ALBUMINFO") = vAlbumInfo dictEnvironment("U-ALBUMEDIT") = "photo-controlpanel.asp?action=postedit&albumid=" & vAlbumInfo(AI_AlbumID) & "&useralbum=" & iUserAlbumID end if dictEnvironment("U-ALBUMCREATE") = "photo-controlpanel.asp?useralbum=" & iUserAlbumID dictEnvironment("U-ALBUMDELETE") = "photo-controlpanel.asp?useralbum=" & iUserAlbumID dictEnvironment.add "V-TITLE", dictLanguage.item("ALBUMS-TITLE") dictEnvironment.add "C-SHOWRANDOMQUOTES", dictConfiguration("bDISPLAYBBSQUOTES") if iBBSUserLevel >= USERLEVEL_SupportAdministrator then dictEnvironment.add "C-SHOWADMINLINK", 1 %> <% Filesystem.ExecuteBBSTemplate("/photos/photo-controlpanel.asp") %>