Gazelle/sections/collages/new_handle.php

96 lines
2.7 KiB
PHP
Raw Normal View History

2013-07-13 08:00:46 +00:00
<?php
2011-03-28 14:21:28 +00:00
authorize();
2013-05-27 08:00:58 +00:00
include(SERVER_ROOT.'/classes/validate.class.php');
2011-03-28 14:21:28 +00:00
$Val = new VALIDATE;
$P = array();
$P = db_array($_POST);
if ($P['category'] > 0 || check_perms('site_collages_renamepersonal')) {
2013-07-13 08:00:46 +00:00
$Val->SetFields('name', '1', 'string', 'The name must be between 3 and 100 characters', array('maxlength' => 100, 'minlength' => 3));
} else {
// Get a collage name and make sure it's unique
$name = $LoggedUser['Username']."'s personal collage";
$P['name'] = db_string($name);
2013-07-13 08:00:46 +00:00
$DB->query("
SELECT ID
FROM collages
WHERE Name = '".$P['name']."'");
$i = 2;
2013-07-10 00:08:53 +00:00
while ($DB->has_results()) {
2013-07-13 08:00:46 +00:00
$P['name'] = db_string("$name no. $i");
$DB->query("
SELECT ID
FROM collages
WHERE Name = '".$P['name']."'");
$i++;
}
}
2014-04-19 08:00:50 +00:00
$Val->SetFields('description', '1', 'string', 'The description must be between 10 and 65535 characters', array('maxlength' => 65535, 'minlength' => 10));
2011-03-28 14:21:28 +00:00
$Err = $Val->ValidateForm($_POST);
2013-11-01 08:01:02 +00:00
if (!$Err && $P['category'] === '0') {
2013-07-13 08:00:46 +00:00
$DB->query("
SELECT COUNT(ID)
FROM collages
WHERE UserID = '$LoggedUser[ID]'
AND CategoryID = '0'
AND Deleted = '0'");
list($CollageCount) = $DB->next_record();
if (($CollageCount >= $LoggedUser['Permissions']['MaxCollages']) || !check_perms('site_collages_personal')) {
$Err = 'You may not create a personal collage.';
} elseif (check_perms('site_collages_renamepersonal') && !stristr($P['name'], $LoggedUser['Username'])) {
$Err = 'Your personal collage\'s title must include your username.';
}
}
2011-03-28 14:21:28 +00:00
2013-04-19 08:00:55 +00:00
if (!$Err) {
2013-07-13 08:00:46 +00:00
$DB->query("
SELECT ID, Deleted
FROM collages
WHERE Name = '$P[name]'");
2013-07-10 00:08:53 +00:00
if ($DB->has_results()) {
2011-03-28 14:21:28 +00:00
list($ID, $Deleted) = $DB->next_record();
2013-04-19 08:00:55 +00:00
if ($Deleted) {
2013-07-13 08:00:46 +00:00
$Err = 'That collection already exists but needs to be recovered; please <a href="staffpm.php">contact</a> the staff team!';
2011-03-28 14:21:28 +00:00
} else {
$Err = "That collection already exists: <a href=\"/collages.php?id=$ID\">$ID</a>.";
}
}
}
2013-04-19 08:00:55 +00:00
if (!$Err) {
if (empty($CollageCats[$P['category']])) {
2011-03-28 14:21:28 +00:00
$Err = 'Please select a category';
}
}
2013-04-19 08:00:55 +00:00
if ($Err) {
2013-11-01 08:01:02 +00:00
$Name = $_POST['name'];
$Category = $_POST['category'];
$Tags = $_POST['tags'];
$Description = $_POST['description'];
include(SERVER_ROOT.'/sections/collages/new.php');
2011-03-28 14:21:28 +00:00
die();
}
2013-07-13 08:00:46 +00:00
$TagList = explode(',', $_POST['tags']);
foreach ($TagList as $ID => $Tag) {
2012-10-11 08:00:15 +00:00
$TagList[$ID] = Misc::sanitize_tag($Tag);
2011-03-28 14:21:28 +00:00
}
2013-07-13 08:00:46 +00:00
$TagList = implode(' ', $TagList);
2011-03-28 14:21:28 +00:00
2013-07-13 08:00:46 +00:00
$DB->query("
INSERT INTO collages
(Name, Description, UserID, TagList, CategoryID)
2011-03-28 14:21:28 +00:00
VALUES
2013-07-13 08:00:46 +00:00
('$P[name]', '$P[description]', $LoggedUser[ID], '$TagList', '$P[category]')");
2011-03-28 14:21:28 +00:00
$CollageID = $DB->inserted_id();
2013-07-13 08:00:46 +00:00
$Cache->delete_value("collage_$CollageID");
Misc::write_log("Collage $CollageID (".$_POST['name'].') was created by '.$LoggedUser['Username']);
header("Location: collages.php?id=$CollageID");
2011-03-28 14:21:28 +00:00
?>