'upper(name)', 'share_status' => 'share_status', 'createdate' => 'create_date'); function __construct() { parent::__construct(SZ_WEBAPI_API_DESCRIPTION_PATH); } protected function Process() { if (!strcasecmp($this->method, "getinfo_public")) { $this->GetInfoPublic(); return; } csSYNOPhotoDB::GetDBInstance()->SetSessionCache(); csSYNOPhotoMisc::CheckSessionTimeOut(true); $this->UserID = isset($_SESSION[SYNOPHOTO_ADMIN_USER]['reg_syno_userid']) ? $_SESSION[SYNOPHOTO_ADMIN_USER]['reg_syno_userid'] : 0; if ($this->UserID === 0) { $this->TableName = SHARED_ALBUM_ADMIN_TABLE_NAME; $this->PhotoTableName = SHARED_ALBUM_PHOTO_ADMIN_TABLE_NAME; $this->VideoTableName = SHARED_ALBUM_VIDEO_ADMIN_TABLE_NAME; } else { $this->TableName = SHARED_ALBUM_TABLE_NAME; $this->PhotoTableName = SHARED_ALBUM_PHOTO_TABLE_NAME; $this->VideoTableName = SHARED_ALBUM_VIDEO_TABLE_NAME; } if (!strcasecmp($this->method, "list")) { $this->SharedAlbumList(); } else if (!strcasecmp($this->method, "getinfo")) { $this->GetInfo(); } else if (!strcasecmp($this->method, "create")) { $this->Create(); } else if (!strcasecmp($this->method, "edit")) { $this->Edit(); } else if (!strcasecmp($this->method, "delete")) { $this->Delete(); } else if (!strcasecmp($this->method, "add_items")) { $this->AddItems(); } else if (!strcasecmp($this->method, "remove_items")) { $this->RemoveItems(); } else if (!strcasecmp($this->method, "edit_public_share")) { $this->EditPublicShare(); } else if (!strcasecmp($this->method, "get_single_item")) { $this->GetSingleItem(); } else if (!strcasecmp($this->method, "set_single_item")) { $this->SetSingleItem(); } } private function SharedAlbumList() { $ret = false; if (!isset($_REQUEST['offset']) || !isset($_REQUEST['limit']) || !is_numeric($_REQUEST['offset']) || !is_numeric($_REQUEST['limit'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $offset = $_REQUEST['offset'] + 0; $limit = $_REQUEST['limit'] + 0; $sortBy = $this->allowSortByArray['filename']; $sortDirection = 'ASC'; $additional = array(); if (isset($_REQUEST['sort_by']) && array_key_exists($_REQUEST['sort_by'], $this->allowSortByArray)) { $sortBy = $this->allowSortByArray[$_REQUEST['sort_by']]; } if (isset($_REQUEST['sort_direction']) && strtolower($_REQUEST['sort_direction']) === 'desc') { $sortDirection = 'DESC'; } if (isset($_REQUEST['additional'])) { $additional = explode(",", $_REQUEST['additional']); } $query = "SELECT COUNT(*) FROM " . $this->TableName . " WHERE hidden = 'f' AND "; $sqlParams = array(); $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); $total = intval($row[0]) + 1; // 1 is sharedalbum_single $query = "SELECT id FROM " . $this->TableName . " WHERE hidden = 'f' AND "; $sqlParams = array(); $this->appendUserIDCond($query, $sqlParams); // we will add sharedalbum_single in this method, // so regulate the offset/limit to get correct shared_album information if ($offset === 0) { $shared_limit = $limit -1; $shared_offset = 0; } else { $shared_limit = $limit; $shared_offset = $offset - 1; } $limitOffsetString = PHOTO_DB_GetLimitOffsetString($shared_limit, $shared_offset); if ('share_status' === $sortBy) { $currentDate = 'root' === SYNOPHOTO_ADMIN_USER ? 'current_date' : "date('now')"; $query .= "ORDER BY CASE " . "WHEN is_shared = 'f' THEN 0 " . // none "WHEN start_time IS NULL OR end_time IS NULL THEN 2 ". // valid "WHEN start_time > $currentDate OR end_time < $currentDate THEN 1 ". // invalid "ELSE 2 ". // valid "END $sortDirection, upper(name) ASC"; } else { $query .= "ORDER BY $sortBy $sortDirection"; } $query .= " $limitOffsetString"; $db_result = PHOTO_DB_Query($query, $sqlParams); $result['items'] = array(); $i = 0; if ((int)$offset === 0) { $sharedAlbum = SharedAlbum::GetHiddenAlbumInfo(NULL, $additional); if ($sharedAlbum !== NULL) { $sharedAlbum = $this->GetInfoById(explode("_", $sharedAlbum['id'])[1], $additional); } if ($sharedAlbum !== NULL) { $sharedAlbum['id'] = 'sharedalbum_single'; if (isset($sharedAlbum['additional']['public_share']['public_share_url'])) { unset($sharedAlbum['additional']['public_share']['public_share_url']); } $result['items'][$i] = $sharedAlbum; $i ++; } } while(($idRow = PHOTO_DB_FetchRow($db_result))) { $sharedAlbum = $this->GetInfoById($idRow[0], $additional); if (NULL === $sharedAlbum) { continue; } $result['items'][$i] = $sharedAlbum; $i ++; } $result['total'] = $total; $result['offset'] = (-1 == $limit || $offset + $limit > $total) ? $total : $offset + $limit; $this->SetResponse($result); $ret = true; End: return $ret; } private function GetInfo() { $ret = false; if (!isset($_REQUEST['id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $additional = array(); if (isset($_REQUEST['additional'])) { $additional = explode(',', $_REQUEST['additional']); } $ids = explode(',', $_REQUEST['id']); $result['shared_albums'] = array(); $success_count = 0; foreach ($ids as $id) { $id_arr = explode("_", $id); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { continue; } if ($id_arr[1] === 'single') { $sharedAlbum = SharedAlbum::GetHiddenAlbumInfo(NULL, $additional); $sharedAlbum['id'] = 'sharedalbum_single'; if (isset($sharedAlbum['additional']['public_share']['public_share_url'])) { unset($sharedAlbum['additional']['public_share']['public_share_url']); } $result['shared_albums'][] = $sharedAlbum; $success_count ++; continue; } $sharedAlbumId = $id_arr[1]; if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { continue; } $sharedAlbum = $this->GetInfoById($sharedAlbumId, $additional); if (NULL === $sharedAlbum) { continue; } $result['shared_albums'][] = $sharedAlbum; $success_count ++; } if ($success_count === 0) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_GET_INFO_ERROR); goto End; } $this->SetResponse($result); $ret = true; End: return $ret; } private function Create() { $ret = false; if (!isset($_REQUEST['name'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $name = $_REQUEST['name']; $itemIds = array(); if (isset($_REQUEST['item_id'])) { $itemIds = explode(",", $_REQUEST['item_id']); } // check existence if (FALSE !== $this->CheckExistenceByName($name)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_HAS_EXISTED); goto End; } $sqlParams = array(); if ($this->UserID !== 0) { $query = "INSERT INTO " . $this->TableName . " (userid, name, is_shared, hidden) VALUES (?, ?, 'f', 'f')"; $sqlParams = array($this->UserID, $name); } else { $query = "INSERT INTO " . $this->TableName . " (name, is_shared, hidden) VALUES (?, 'f', 'f')"; $sqlParams = array($name); } $db_result = PHOTO_DB_Query($query, $sqlParams); if (FALSE === ($sharedAlbumId = $this->CheckExistenceByName($name))) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_CREATE_FAIL); goto End; } foreach($itemIds as $itemId) { $id_arr = explode('_', $itemId); if (3 !== count($id_arr) || ($id_arr[0] !== 'photo' && $id_arr[0] !== 'video')) { continue; } $type = $id_arr[0]; $albumName = @pack('H*', $id_arr[1]); $fileName = @pack('H*', $id_arr[2]); if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName)) { return false; } if ('/' === $albumName) { $filePath = $fileName; } else { $filePath = $albumName.'/'.$fileName; } $dbId = csSYNOPhotoMisc::GetPhotoVideoDBId($filePath, $type); if (FALSE === $dbId) { continue; } $this->AddItemQuery($type, $sharedAlbumId, $dbId); } $result['id'] = 'sharedalbum_'.$sharedAlbumId; $this->SetResponse($result); $ret = true; End: return $ret; } private function Edit() { $ret = false; if (!isset($_REQUEST['id']) || !isset($_REQUEST['name'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['id']); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $sharedAlbumId = $id_arr[1]; $name = $_REQUEST['name']; if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_NOT_EXISTS); goto End; } if (FALSE !== $this->CheckExistenceByName($name, $sharedAlbumId)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_HAS_EXISTED); goto End; } $sqlParams = array($name, $sharedAlbumId); $query = "UPDATE " . $this->TableName . " SET name = ? WHERE id = ? AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $ret = true; End: return $ret; } private function Delete() { $ret = false; if (!isset($_REQUEST['id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $ids = explode(",", $_REQUEST['id']); $success_count = 0; foreach ($ids as $id) { $id_arr = explode("_", $id); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { continue; } $sharedAlbumId = $id_arr[1]; if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { continue; } $sqlParams = array($sharedAlbumId); $query = "DELETE FROM " . $this->TableName . " WHERE id = ? AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $success_count ++; } if ($success_count === 0) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_DELETE_FAIL); goto End; } $ret = true; End: return $ret; } private function AddItems() { $ret = false; if (!isset($_REQUEST['id']) || !isset($_REQUEST['item_id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['id']); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $sharedAlbumId = $id_arr[1]; $itemIds = explode(",", $_REQUEST['item_id']); if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_NOT_EXISTS); goto End; } foreach($itemIds as $itemId) { $id_arr = explode('_', $itemId); if (3 !== count($id_arr) || ($id_arr[0] !== 'photo' && $id_arr[0] !== 'video')) { continue; } $type = $id_arr[0]; $albumName = @pack('H*', $id_arr[1]); $fileName = @pack('H*', $id_arr[2]); if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName)) { return false; } if ('/' === $albumName) { $filePath = $fileName; } else { $filePath = $albumName.'/'.$fileName; } $dbId = csSYNOPhotoMisc::GetPhotoVideoDBId($filePath, $type); if (FALSE === $dbId) { continue; } $this->AddItemQuery($type, $sharedAlbumId, $dbId); } $ret = true; End: return $ret; } private function RemoveItems() { $ret = false; if (!isset($_REQUEST['id']) || !isset($_REQUEST['item_id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['id']); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } if ($id_arr[1] === 'single') { $sharedAlbum = SharedAlbum::GetHiddenAlbumInfo(); $id_arr[1] = explode("_", $sharedAlbum['id'])[1]; } $sharedAlbumId = $id_arr[1]; $itemIds = explode(",", $_REQUEST['item_id']); if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_NOT_EXISTS); goto End; } foreach($itemIds as $itemId) { $id_arr = explode('_', $itemId); if (3 !== count($id_arr) || ($id_arr[0] !== 'photo' && $id_arr[0] !== 'video')) { continue; } $type = $id_arr[0]; $albumName = @pack('H*', $id_arr[1]); $fileName = @pack('H*', $id_arr[2]); if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName)) { return false; } if ('/' === $albumName) { $filePath = $fileName; } else { $filePath = $albumName.'/'.$fileName; } $dbId = csSYNOPhotoMisc::GetPhotoVideoDBId($filePath, $type); if (FALSE === $dbId) { continue; } $this->DeleteItemQuery($type, $sharedAlbumId, $dbId); } $ret = true; End: return $ret; } private function GetInfoPublic() { $ret = false; if (!isset($_REQUEST['public_share_id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $sharedAlbum = SharedAlbum::GetInfoByPublicShare($_REQUEST['public_share_id']); if (NULL === $sharedAlbum) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_GET_INFO_ERROR); goto End; } if ('valid' !== $sharedAlbum['share_status']) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } $result['shared_album'] = $sharedAlbum; $this->SetResponse($result); $ret = true; End: return $ret; } private function validateDate($date) { $d = DateTime::createFromFormat('Y-m-d', $date); return $d && $d->format('Y-m-d') == $date; } private function EditPublicShare() { $ret = false; if (!SharedAlbum::CheckPublicSharePermission()) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } if (!isset($_REQUEST['id']) || !isset($_REQUEST['is_shared'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['id']); if (2 !== count($id_arr) || 'sharedalbum' != $id_arr[0]) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $sharedAlbumId = $id_arr[1]; $isShared = $_REQUEST['is_shared'] === 'true'; if (FALSE === $this->CheckExistenceById($sharedAlbumId)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_NOT_EXISTS); goto End; } $start_time = NULL; $end_time = NULL; if (isset($_REQUEST['start_time']) && isset($_REQUEST['end_time']) && $this->validateDate($_REQUEST['start_time']) && $this->validateDate($_REQUEST['end_time'])) { $start_time = $_REQUEST['start_time']; $end_time = $_REQUEST['end_time']; $startDate = new DateTime($start_time); $endDate = new DateTime($end_time); if ($startDate > $endDate) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } } if (NULL === ($shareLink = $this->GetShareLinkById($sharedAlbumId)) && $isShared) { do { $shareLink = SharedAlbum::GetRandomString(); } while (SharedAlbum::CheckExistenceBySharelink($shareLink)); } $sqlParams = array( $isShared ? 't' : 'f', $shareLink, $start_time, $end_time, $sharedAlbumId ); $query = "UPDATE " . $this->TableName . " SET is_shared = ?, sharelink = ?, start_time = ?, end_time = ? WHERE id = ? AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $info = $this->GetInfoById($sharedAlbumId, array('public_share')); if ($info === NULL) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_GET_INFO_ERROR); goto End; } $this->SetResponse($info['additional']['public_share']); $ret = true; End: return $ret; } private function GetSingleItem() { $ret = false; if (!SharedAlbum::CheckPublicSharePermission()) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } if (!isset($_REQUEST['item_id'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['item_id']); if (3 !== count($id_arr) || ('photo' !== $id_arr[0] && 'video' !== $id_arr[0])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $type = $id_arr[0]; $albumName = @pack('H*', $id_arr[1]); $fileName = @pack('H*', $id_arr[2]); if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } $hiddenAlbum = SharedAlbum::GetHiddenAlbumInfo(); if ($hiddenAlbum === NULL) { $result['is_shared'] = false; } else { $collectionid = explode("_", $hiddenAlbum['id'])[1]; $table = ('photo' === $type) ? $this->PhotoTableName : $this->VideoTableName; if ('/' === $albumName) { $filePath = $fileName; } else { $filePath = $albumName.'/'.$fileName; } $dbId = csSYNOPhotoMisc::GetPhotoVideoDBId($filePath, $type); if (FALSE === $dbId) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $query = "SELECT COUNT(*) FROM " . $table . " WHERE collectionid = ? AND {$type}id = ?"; $sqlParams = array($collectionid, $dbId); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); if (1 !== (int)$row[0]) { $result['is_shared'] = false; } else { $result['is_shared'] = true; $result['public_share_url'] = csSYNOPhotoMisc::GetServerHost(true) . SYNOPHOTO_URL_PREFIX . '/photo/share/' . $hiddenAlbum['additional']['public_share']['shareid'] . '/' . $_REQUEST['item_id']; } } $this->SetResponse($result); $ret = true; End: return $ret; } private function SetSingleItem() { $ret = false; if (!SharedAlbum::CheckPublicSharePermission()) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } if (!isset($_REQUEST['item_id']) || !isset($_REQUEST['enable'])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $id_arr = explode("_", $_REQUEST['item_id']); if (3 !== count($id_arr) || ('photo' !== $id_arr[0] && 'video' !== $id_arr[0])) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $type = $id_arr[0]; $albumName = @pack('H*', $id_arr[1]); $fileName = @pack('H*', $id_arr[2]); if (!csSYNOPhotoMisc::CheckAlbumAccessible($albumName)) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_ACCESS_DENY); goto End; } $hiddenAlbum = SharedAlbum::GetHiddenAlbumInfo(); if ($hiddenAlbum === NULL) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_GET_INFO_ERROR); goto End; } if ('/' === $albumName) { $filePath = $fileName; } else { $filePath = $albumName.'/'.$fileName; } $dbId = csSYNOPhotoMisc::GetPhotoVideoDBId($filePath, $type); if (FALSE === $dbId) { $this->SetError(PHOTOSTATION_SHARED_ALBUM_BAD_PARAMS); goto End; } $collectionid = explode("_", $hiddenAlbum['id'])[1]; $sqlParams = array($collectionid, $dbId); if ($_REQUEST['enable'] === "true") { $this->AddItemQuery($type, $collectionid, $dbId); $result['is_shared'] = true; $result['public_share_url'] = csSYNOPhotoMisc::GetServerHost(true) . SYNOPHOTO_URL_PREFIX . '/photo/share/' . $hiddenAlbum['additional']['public_share']['shareid'] . '/' . $_REQUEST['item_id']; } else { $this->DeleteItemQuery($type, $collectionid, $dbId); $result['is_shared'] = false; } $this->SetResponse($result); $ret = true; End: return $ret; } /** * @return id if exist, FALSE otherwise */ private function CheckExistenceByName($name, $filter_id = -1) { $sqlParams = array($name, $filter_id); $query = "SELECT COUNT(*) FROM " . $this->TableName . " WHERE name = ? AND id <> ? AND hidden = 'f' AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); if (1 !== (int)$row[0]) { return FALSE; } $sqlParams = array($name); $query = "SELECT id FROM " . $this->TableName . " WHERE name = ? AND hidden = 'f' AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); return $row[0]; } private function CheckExistenceById($id) { $sqlParams = array($id); $query = "SELECT COUNT(*) FROM " . $this->TableName . " WHERE id = ? AND "; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); if (1 === (int)$row[0]) { return TRUE; } return FALSE; } private function GetInfoById($sharedAlbumId, $additional = array()) { $sharedAlbum = SharedAlbum::GetInfoById($sharedAlbumId, $additional); if ($sharedAlbum === NULL) { return NULL; } $thumbSize['preview']['resolutionx'] = 0; $thumbSize['preview']['resolutiony'] = 0; $thumbSize['small']['resolutionx'] = 0; $thumbSize['small']['resolutiony'] = 0; $thumbSize['large']['resolutionx'] = 0; $thumbSize['large']['resolutiony'] = 0; $thubmSize['sig'] = ""; $cover = SharedAlbum::GetSharedAlbumCover($sharedAlbumId); $getRealPath = ('root' === SYNOPHOTO_ADMIN_USER) ? false : true; if ($cover === NULL) { $sharedAlbum['thumbnail_status'] = 'default'; } else if (false !== ($item = PhotoAPIUtil::getItemByPath($cover['path'], array('thumb_size'), $cover['type'], $getRealPath))) { $sharedAlbum['thumbnail_status'] = $item['thumbnail_status']; $thumbSize = $item['additional']['thumb_size']; } if (in_array("thumb_size", $additional)) { $sharedAlbum['additional']['thumb_size'] = $thumbSize; } return $sharedAlbum; } private function AddItemQuery($type, $sharedAlbumId, $itemDBId) { $query = "INSERT INTO " . ($type === 'photo' ? $this->PhotoTableName : $this->VideoTableName) . " VALUES (?, ?)"; $db_result = PHOTO_DB_Query($query, array($sharedAlbumId, $itemDBId)); } private function DeleteItemQuery($type, $sharedAlbumId, $itemDBId) { $query = "DELETE FROM " . ($type === 'photo' ? $this->PhotoTableName : $this->VideoTableName) . " WHERE collectionid = ? AND {$type}id = ?"; $db_result = PHOTO_DB_Query($query, array($sharedAlbumId, $itemDBId)); } private function GetShareLinkById($sharedAlbumId) { $sqlParams = array($sharedAlbumId); $query = "SELECT sharelink FROM " . $this->TableName . " WHERE id = ? AND"; $this->appendUserIDCond($query, $sqlParams); $db_result = PHOTO_DB_Query($query, $sqlParams); $row = PHOTO_DB_FetchRow($db_result); if (!$row) { return NULL; } return $row[0]; } private function appendUserIDCond(&$sql, &$sqlParams) { $useridCond = " 1=1 "; if ($this->UserID !== 0) { $useridCond = " userid = ? "; $sqlParams[] = $this->UserID; } $sql = $sql . $useridCond; } } $api = new SharedAlbumAPI(); $api->Run(); ?>