Changeset 25593 for trunk/admin/include/photos_add_direct_prepare.inc.php
- Timestamp:
- Nov 19, 2013, 9:19:36 PM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/include/photos_add_direct_prepare.inc.php
r25018 r25593 162 162 $selected_category = array(); 163 163 164 $query = ' 164 if (isset($_GET['album'])) 165 { 166 // set the category from get url or ... 167 check_input_parameter('album', $_GET, false, PATTERN_ID); 168 169 // test if album really exists 170 $query = ' 171 SELECT id 172 FROM '.CATEGORIES_TABLE.' 173 WHERE id = '.$_GET['album'].' 174 ;'; 175 $result = pwg_query($query); 176 if (pwg_db_num_rows($result) == 1) 177 { 178 $selected_category = array($_GET['album']); 179 180 // lets put in the session to persist in case of upload method switch 181 $_SESSION['selected_category'] = $selected_category; 182 } 183 else 184 { 185 fatal_error('[Hacking attempt] the album id = "'.$_GET['album'].'" is not valid'); 186 } 187 } 188 else if (isset($_SESSION['selected_category'])) 189 { 190 $selected_category = $_SESSION['selected_category']; 191 } 192 else 193 { 194 // we need to know the category in which the last photo was added 195 $query = ' 165 196 SELECT category_id 166 197 FROM '.IMAGES_TABLE.' AS i … … 169 200 ORDER BY i.id DESC 170 201 LIMIT 1 171 ;'; 172 $result = pwg_query($query); 173 if (pwg_db_num_rows($result) > 0) 174 { 175 $row = pwg_db_fetch_assoc($result); 176 177 $selected_category = array($row['category_id']); 202 ; 203 '; 204 $result = pwg_query($query); 205 if (pwg_db_num_rows($result) > 0) 206 { 207 $row = pwg_db_fetch_assoc($result); 208 $selected_category = array($row['category_id']); 209 } 178 210 } 179 211
Note: See TracChangeset
for help on using the changeset viewer.
