source: extensions/Icy_Picture_Modify/include/functions_icy_picture_modify.inc.php @ 11610

Last change on this file since 11610 was 11610, checked in by icy, 9 years ago

Merge branch 'master' into svn

File size: 2.3 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/*
25 * Check if the current image is editable by the current user. The input
26 * data $image_id and $user_id must be validated befored being used here.
27 * @return bool
28 * @author icy
29 *
30*/
31function icy_check_image_owner($image_id, $user_id = 0)
32{
33  if (!preg_match(PATTERN_ID, $image_id))
34  {
35    fatal_error('[Hacking attempt] the input parameter "'.$image_id.'" is not valid');
36  }
37  if (!preg_match(PATTERN_ID, $user_id))
38  {
39    fatal_error('[Hacking attempt] the input parameter "'.$user_id.'" is not valid');
40  }
41
42  $query = '
43SELECT COUNT(id)
44  FROM '.IMAGES_TABLE.'
45  WHERE id = '.$image_id.'
46  AND added_by = '.$user_id.'
47;';
48
49  list($count) = pwg_db_fetch_row(pwg_query($query));
50
51  return ($count > 0 ? true: false);
52}
53?>
Note: See TracBrowser for help on using the repository browser.