<?php
// +-----------------------------------------------------------------------+
// | Piwigo - a PHP based picture gallery                                  |
// +-----------------------------------------------------------------------+
// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
// +-----------------------------------------------------------------------+
// | This program is free software; you can redistribute it and/or modify  |
// | it under the terms of the GNU General Public License as published by  |
// | the Free Software Foundation                                          |
// |                                                                       |
// | This program is distributed in the hope that it will be useful, but   |
// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
// | General Public License for more details.                              |
// |                                                                       |
// | You should have received a copy of the GNU General Public License     |
// | along with this program; if not, write to the Free Software           |
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA.                                                                  |
// +-----------------------------------------------------------------------+

if (!defined("PHPWG_ROOT_PATH")){
	die("Hacking attempt!");
}

global $prefixeTable;
include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
load_language('plugin.lang', E_AUTHOR_PATH);

// Check access and exit when user status is not ok
check_status(ACCESS_ADMINISTRATOR);

// Default is to create an author, if changed to 1, show the edit page
$edit = 0;

// The values for the form fields
$EAid = 0;
$EAname = '';
$EAcode = '';
$EAurl = '';
$EAdescr = '';
$EAcopyright_id = '';	// The default should be 0, but this equals 0, doesnt it?

// Fetch all the copyrights and assign them to the template
$query = sprintf(
	'SELECT `cr_id`,`name`
	FROM %s
	WHERE `visible`<>0
	AND cr_id <> -1
	ORDER BY cr_id ASC
	;',
	COPYRIGHTS_ADMIN);
$result = pwg_query($query);
$EAcopyrights = array();
while ($row = pwg_db_fetch_assoc($result)) {
	$EAcopyrights[$row['cr_id']] = $row['name'];
}
$template->assign('EAcopyrights', $EAcopyrights);

// Do managing of authors
if (isset($_GET['tab'])) {
	// Create a new author
	if ($_GET['tab'] == 'create') {
		// Fetch the values from the form
		$name = pwg_db_real_escape_string($_REQUEST['name']);
		$code = pwg_db_real_escape_string($_REQUEST['code']);
		$url = pwg_db_real_escape_string($_REQUEST['url']);
		$descr = pwg_db_real_escape_string($_REQUEST['descr']);
		$copyright = pwg_db_real_escape_string($_REQUEST['copyrightID']);

		// Check whether an author with such a name or code exists
		// Therefore count the number of authors with that name or code
		$query = sprintf(
			'SELECT COUNT(*)
			FROM %s
			WHERE `name` = \'%s\'
			OR `code` = \'%s\'
			;',
			AUTHORS, $name, $code);
		$result = pwg_query($query);
		$counter = pwg_db_num_rows($result);
		
		if ($counter != 0) {
			// The author exists already
			array_push($page['errors'], l10n('This author already exists.'));
		} else {
			// The author did not yet exist
			// Compose a query to insert the author
			$query = sprintf(
				'INSERT INTO %s
				(`name`,`code`,`url`,`descr`,`copyright`) VALUES
				("%s","%s","%s","%s",%d)
				;',
				AUTHORS, $name, $code, $url, $descr, $copyright);
			pwg_query($query); // Execute the query
		}
	}

	// Edit an existing author
	if ($_GET['tab'] == 'edit') {
		$edit = 1; // Show the edit page
		$EAid = $_REQUEST['id']; // Fetch the id of the author to be edited

		// Fetch the current attributes to the author
		$query = sprintf(
			'SELECT *
			FROM %s
			WHERE `author_id`=%d
			;',
			AUTHORS, $EAid);
		$result = pwg_query($query);
		$row = pwg_db_fetch_assoc($result);

		// Save the attributes in convenient variables
		$EAname = $row['name'];
		$EAcode = $row['code'];
		$EAurl = $row['url'];
		$EAdescr = $row['descr'];
		$EAcopyright_id = $row['copyright'];
	}

	// Update an existing author
	if ($_GET['tab'] == 'update') {
		// Fetch the values from the edit form
		$id = pwg_db_real_escape_string($_REQUEST['id']);
		$name = pwg_db_real_escape_string($_REQUEST['name']);
		$code = pwg_db_real_escape_string($_REQUEST['code']);
		$url = pwg_db_real_escape_string($_REQUEST['url']);
		$descr = pwg_db_real_escape_string($_REQUEST['descr']);
		$copyright = pwg_db_real_escape_string($_REQUEST['copyrightID']);

		// Check whether an author with such a name or code exists
		// Therefore count the number of authors with that name or code
		$query = sprintf(
			'SELECT COUNT(*)
			FROM %s
			WHERE `name` = \'%s\'
			OR `code` = \'%s\'
			;',
			AUTHORS, $name, $code);
		$result = pwg_query($query);
		$counter = pwg_db_num_rows($result);
		
		if ($counter != 0) {
			// The author exists already
			array_push($page['errors'], l10n('This author already exists.'));
		} else {
			// The author did not yet exist
			// Compose a query to update the author
			$query = sprintf(
				'UPDATE %s
				SET `name`="%s", `code`="%s", `url`="%s", `descr`="%s", `copyright`=%d
				WHERE `author_id`=%d
				;',
				AUTHORS, $name, $code, $url, $descr, $copyright, $id);
			pwg_query($query); // Execute the query
		}
	}

	// Delete an existing author
	if ($_GET['tab'] == 'delete') {
		// Fetch the id of the author to be deleted
		$id = $_REQUEST['id'];
		
		// Get the author's name
		$query = sprintf(
			'SELECT name
			FROM %s
			WHERE author_id=%d
			;',
			AUTHORS, $id);
		$result = pwg_query($query);
		$row = pwg_db_fetch_assoc($result);
		$name = $row['name'];
		
		// Delete all his 'default' entries from the copyright table
		delete_default_CR($name);
		
		// Unset the author in the images table
		$query = sprintf(
			'UPDATE %s
			SET `author`=NULL
			WHERE `author`=\'%s\'
			;',
			IMAGES, $name);
		pwg_query($query);
		
		// Delete the author
		$query = sprintf(
			'DELETE FROM %s
			WHERE `author_id`=%d
			;',
			AUTHORS, $id);
		pwg_query($query);
	}
}

/* Assign variables to the template */
global $template;

// Add the admin.tpl template
$template->set_filenames(
	array('plugin_admin_content' => dirname(__FILE__).'/admin.tpl')
);

// Select the existing authors
$query = sprintf(
	'SELECT *
	FROM %s
	;',
	AUTHORS);
$result = pwg_query($query);

// Append the authors to the Smarty array
while ($row = pwg_db_fetch_assoc($result)) {
	$template->append(
		'EAs',
		array(
			'author_id' => $row['author_id'],
			'name'      => $row['name'],
			'code'      => $row['code'],
			'url'       => $row['url'],
			'descr'     => $row['descr'],
			'copyright_id'   => $row['copyright']
		)
	);
}

// Assign the path for URL forming
$template->assign(
	'E_AUTHOR_PATH',
	E_AUTHOR_WEB_PATH
);

// Assign all the variables we constructed above
$template->assign('edit', $edit);
$template->assign('EAid', $EAid);
$template->assign('EAname', $EAname);
$template->assign('EAcode', $EAcode);
$template->assign('EAurl', $EAurl);
$template->assign('EAdescr', $EAdescr);
$template->assign('EAcopyright_id', $EAcopyright_id);

// Get it up and running
$template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content');

?>