From e6d298c5066b51a2e03a5e6778e26a03796951dd Mon Sep 17 00:00:00 2001 From: twotalesanimation <80506065+twotalesanimation@users.noreply.github.com> Date: Fri, 5 Dec 2025 09:59:05 +0200 Subject: [PATCH] fix: correct require paths and database connection in album processors - Fix rootPath calculation in all album processors (was going up too many levels) - Use global \ from connection.php instead of calling openDatabaseConnection() - Fix cleanup code in save_album.php to use existing \ - Update all processors to use proper config file includes (env.php, session.php, connection.php, functions.php) - Ensures validateCSRFToken() and other functions are properly available --- src/pages/gallery/gallery.php | 2 +- src/processors/delete_album.php | 10 ++++------ src/processors/delete_photo.php | 12 +++++------- src/processors/get_album_photos.php | 10 ++++------ src/processors/save_album.php | 16 ++++++---------- src/processors/update_album.php | 12 +++++------- 6 files changed, 25 insertions(+), 37 deletions(-) diff --git a/src/pages/gallery/gallery.php b/src/pages/gallery/gallery.php index 78086da4..1f64ea55 100644 --- a/src/pages/gallery/gallery.php +++ b/src/pages/gallery/gallery.php @@ -208,7 +208,7 @@ require_once($rootPath . '/components/banner.php');

Member Photo Gallery

- Create Album + Create Album
diff --git a/src/processors/delete_album.php b/src/processors/delete_album.php index 3d2675e9..b964fae7 100644 --- a/src/processors/delete_album.php +++ b/src/processors/delete_album.php @@ -1,14 +1,14 @@ prepare("SELECT user_id FROM photo_albums WHERE album_id = ?"); $albumCheck->bind_param("i", $album_id); diff --git a/src/processors/delete_photo.php b/src/processors/delete_photo.php index 30494420..40931e92 100644 --- a/src/processors/delete_photo.php +++ b/src/processors/delete_photo.php @@ -1,15 +1,15 @@ 'Forbidden'])); } -$rootPath = dirname(dirname(dirname(__DIR__))); -require_once($rootPath . '/connection.php'); -require_once($rootPath . '/functions.php'); - // Validate CSRF token if (!isset($_POST['csrf_token']) || !validateCSRFToken($_POST['csrf_token'])) { http_response_code(400); @@ -24,8 +24,6 @@ if (!$photo_id) { exit(json_encode(['error' => 'Photo ID is required'])); } -$conn = openDatabaseConnection(); - // Get photo and verify ownership through album $photoStmt = $conn->prepare(" SELECT p.photo_id, p.album_id, p.file_path, a.user_id diff --git a/src/processors/get_album_photos.php b/src/processors/get_album_photos.php index 04ea8c55..cfaafff2 100644 --- a/src/processors/get_album_photos.php +++ b/src/processors/get_album_photos.php @@ -1,14 +1,14 @@ 'Unauthorized'])); } -$rootPath = dirname(dirname(dirname(__DIR__))); -require_once($rootPath . '/connection.php'); - $album_id = intval($_GET['id'] ?? 0); if (!$album_id) { @@ -16,8 +16,6 @@ if (!$album_id) { exit(json_encode(['error' => 'Album ID is required'])); } -$conn = openDatabaseConnection(); - // Verify album exists and user has access $albumCheck = $conn->prepare("SELECT user_id FROM photo_albums WHERE album_id = ?"); $albumCheck->bind_param("i", $album_id); diff --git a/src/processors/save_album.php b/src/processors/save_album.php index dc8aa967..1638c00d 100644 --- a/src/processors/save_album.php +++ b/src/processors/save_album.php @@ -1,5 +1,9 @@ query("DELETE FROM photo_albums WHERE album_id = " . intval($album_id)); - $cleanupConn->close(); + $conn->query("DELETE FROM photo_albums WHERE album_id = " . intval($album_id)); } http_response_code(400); diff --git a/src/processors/update_album.php b/src/processors/update_album.php index 297d70ab..93b6b0e7 100644 --- a/src/processors/update_album.php +++ b/src/processors/update_album.php @@ -1,5 +1,9 @@