feat: complete photo gallery implementation with album management and lightbox viewer
- Added photo gallery carousel view (gallery.php) with all member albums - Implemented album detail view with responsive photo grid and lightbox - Created album creation/editing form with drag-and-drop photo uploads - Added backend processors for album CRUD operations and photo management - Implemented API endpoints for fetching and deleting photos - Added database migration for photo_albums and photos tables - Included comprehensive feature documentation with testing checklist - Updated .htaccess with URL rewrite rules for gallery routes - Added Gallery link to Members Area menu in header - Created upload directory structure (/assets/uploads/gallery/) - Implemented security: CSRF tokens, ownership verification, file validation - Added transaction safety with rollback on errors and cleanup - Features: Lightbox with keyboard navigation, drag-and-drop uploads, responsive design
This commit is contained in:
twotalesanimation
59
src/processors/get_album_photos.php
Normal file
59
src/processors/get_album_photos.php
Normal file
@@ -0,0 +1,59 @@
|
||||
<?php
|
||||
session_start();
|
||||
|
||||
if (!isset($_SESSION['user_id'])) {
|
||||
http_response_code(403);
|
||||
exit(json_encode(['error' => 'Unauthorized']));
|
||||
}
|
||||
|
||||
$rootPath = dirname(dirname(dirname(__DIR__)));
|
||||
require_once($rootPath . '/connection.php');
|
||||
|
||||
$album_id = intval($_GET['id'] ?? 0);
|
||||
|
||||
if (!$album_id) {
|
||||
http_response_code(400);
|
||||
exit(json_encode(['error' => 'Album ID is required']));
|
||||
}
|
||||
|
||||
$conn = openDatabaseConnection();
|
||||
|
||||
// Verify album exists and user has access
|
||||
$albumCheck = $conn->prepare("SELECT user_id FROM photo_albums WHERE album_id = ?");
|
||||
$albumCheck->bind_param("i", $album_id);
|
||||
$albumCheck->execute();
|
||||
$albumResult = $albumCheck->get_result();
|
||||
|
||||
if ($albumResult->num_rows === 0) {
|
||||
$conn->close();
|
||||
http_response_code(404);
|
||||
exit(json_encode(['error' => 'Album not found']));
|
||||
}
|
||||
|
||||
$album = $albumResult->fetch_assoc();
|
||||
// Allow viewing own albums or public albums (owner is a member)
|
||||
if ($album['user_id'] !== $_SESSION['user_id']) {
|
||||
// For now, only allow owners to edit
|
||||
$conn->close();
|
||||
http_response_code(403);
|
||||
exit(json_encode(['error' => 'Unauthorized']));
|
||||
}
|
||||
$albumCheck->close();
|
||||
|
||||
// Get photos
|
||||
$photoStmt = $conn->prepare("SELECT photo_id, file_path, caption, display_order FROM photos WHERE album_id = ? ORDER BY display_order ASC");
|
||||
$photoStmt->bind_param("i", $album_id);
|
||||
$photoStmt->execute();
|
||||
$photoResult = $photoStmt->get_result();
|
||||
|
||||
$photos = [];
|
||||
while ($photo = $photoResult->fetch_assoc()) {
|
||||
$photos[] = $photo;
|
||||
}
|
||||
$photoStmt->close();
|
||||
|
||||
$conn->close();
|
||||
|
||||
header('Content-Type: application/json');
|
||||
echo json_encode($photos);
|
||||
?>
|
||||
Reference in New Issue
Block a user