2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
|
authorize();
|
|
|
|
|
|
|
|
|
|
include(SERVER_ROOT.'/classes/class_validate.php');
|
|
|
|
|
$Val = new VALIDATE;
|
|
|
|
|
|
2011-10-27 08:00:15 +00:00
|
|
|
$P = array();
|
|
|
|
|
$P = db_array($_POST);
|
|
|
|
|
|
|
|
|
|
if ($P['category'] > 0 || check_perms('site_collages_renamepersonal')) {
|
|
|
|
|
$Val->SetFields('name', '1','string','The name must be between 3 and 100 characters',array('maxlength'=>100, 'minlength'=>3));
|
|
|
|
|
} else {
|
|
|
|
|
// Get a collage name and make sure it's unique
|
|
|
|
|
$name = $LoggedUser['Username']."'s personal collage";
|
|
|
|
|
$P['name'] = db_string($name);
|
|
|
|
|
$DB->query("SELECT ID FROM collages WHERE Name='".$P['name']."'");
|
|
|
|
|
$i = 2;
|
|
|
|
|
while ($DB->record_count() != 0) {
|
|
|
|
|
$P['name'] = db_string($name." no. $i");
|
|
|
|
|
$DB->query("SELECT ID FROM collages WHERE Name='".$P['name']."'");
|
|
|
|
|
$i++;
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
$Val->SetFields('description', '1','string','The description must be at least 10 characters',array('maxlength'=>65535, 'minlength'=>10));
|
|
|
|
|
|
|
|
|
|
$Err = $Val->ValidateForm($_POST);
|
2011-10-27 08:00:15 +00:00
|
|
|
|
|
|
|
|
if ($P['category'] == '0') {
|
|
|
|
|
$DB->query("SELECT COUNT(ID) FROM collages WHERE UserID='$LoggedUser[ID]' AND CategoryID='0' AND Deleted='0'");
|
|
|
|
|
list($CollageCount) = $DB->next_record();
|
|
|
|
|
if (($CollageCount >= $LoggedUser['Permissions']['MaxCollages']) || !check_perms('site_collages_personal')) {
|
|
|
|
|
$Err = 'You may not create a personal collage.';
|
|
|
|
|
} elseif (check_perms('site_collages_renamepersonal') && !stristr($P['name'], $LoggedUser['Username'])) {
|
|
|
|
|
$Err = 'Your personal collage\'s title must include your username.';
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
|
if(!$Err) {
|
|
|
|
|
$DB->query("SELECT ID,Deleted FROM collages WHERE Name='$P[name]'");
|
|
|
|
|
if($DB->record_count()) {
|
|
|
|
|
list($ID, $Deleted) = $DB->next_record();
|
|
|
|
|
if($Deleted) {
|
2012-12-27 08:00:27 +00:00
|
|
|
$Err = "That collection already exists but needs to be recovered; please <a href=\"staffpm.php\">contact</a> the staff team!";
|
2011-03-28 14:21:28 +00:00
|
|
|
} else {
|
|
|
|
|
$Err = "That collection already exists: <a href=\"/collages.php?id=$ID\">$ID</a>.";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if(!$Err) {
|
2011-10-27 08:00:15 +00:00
|
|
|
if(empty($CollageCats[$P['category']])) {
|
2011-03-28 14:21:28 +00:00
|
|
|
$Err = 'Please select a category';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($Err) {
|
2011-12-16 08:00:18 +00:00
|
|
|
//error($Err);
|
|
|
|
|
$Err = urlencode($Err);
|
|
|
|
|
$Name = urlencode($_POST['name']);
|
|
|
|
|
$Category = urlencode($_POST['category']);
|
|
|
|
|
$Tags = urlencode($_POST['tags']);
|
|
|
|
|
$Description = urlencode($_POST['description']);
|
|
|
|
|
header("Location: collages.php?action=new&err=$Err&name=$Name&cat=$Category&tags=$Tags&descr=$Description");
|
2011-03-28 14:21:28 +00:00
|
|
|
die();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$TagList = explode(',',$_POST['tags']);
|
|
|
|
|
foreach($TagList as $ID=>$Tag) {
|
2012-10-11 08:00:15 +00:00
|
|
|
$TagList[$ID] = Misc::sanitize_tag($Tag);
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
$TagList = implode(' ',$TagList);
|
|
|
|
|
|
2013-02-22 08:00:24 +00:00
|
|
|
$DB->query("INSERT INTO collages
|
|
|
|
|
(Name, Description, UserID, TagList, CategoryID)
|
2011-03-28 14:21:28 +00:00
|
|
|
VALUES
|
|
|
|
|
('$P[name]', '$P[description]', $LoggedUser[ID], '$TagList', '$P[category]')");
|
|
|
|
|
|
|
|
|
|
$CollageID = $DB->inserted_id();
|
|
|
|
|
$Cache->delete_value('collage_'.$CollageID);
|
2012-10-11 08:00:15 +00:00
|
|
|
Misc::write_log("Collage ".$CollageID." (".$_POST['name'].") was created by ".$LoggedUser['Username']);
|
2011-03-28 14:21:28 +00:00
|
|
|
header('Location: collages.php?id='.$CollageID);
|
|
|
|
|
|
|
|
|
|
?>
|
