Home/ Questions/Q 8127151
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-06T07:25:32+00:00

I am building a website using php and mysql.I have a login that is

  • 0

I am building a website using php and mysql.I have a login that is ONLY for an administrator and nothing more.Administrator can create image albums and upload images into them.Every other user does not need to login to the website.
My problem is that i can’t display the images to the users without being logged in to the website.Administrator can see the images when he is logged in to the website.Are there any ideas what am i doing wrong?Any kind of solution is acceptable..

Here is the code which includes the above:

albums.php

<?php
if (!logged_in()){
?>
        <ul>
          <li class="first"><a href="indexAdmin.html"><span class="style2">   <b>Α</b>ΡΧΙΚΗ</span></a></li>
          <li class="first"><a href="#"><span class="style2"><b>Μ</b>ΟΥΣΕΙΟ</span></a>
          <ul>
            <li class="second"><a href="istoriki_anadromi.html"><span>Ιστορική Αναδρομή</span></a></li>
            <li class="second"><a href="oikonomiki_zwi.html"><span>Οικονομική Ζωή</span></a></li>
            <li class="second"><a href="nautilia.html"><span>Ναυτιλία</span></a></li>
            <li class="second"><a href="ixoi.html"><span>Ήχοι της Πόλης</span></a></li>
            <li class="second"><a href="proswpikotites.html"><span>Προσωπικότητες</span></a></li>
            <li class="second"><a href="thesmoi.html"><span>Θεσμοί της Πόλης</span></a></li>
          </ul></li>

          <li class="first"><a href="#"><span class="style2"><b>Κ</b>ΕΝΤΡΟ <b>Ε</b>ΡΕΥΝΩΝ</span></a>
          <ul>
            <li class="second"><a href="progr.html"><span>Εκπαιδευτικά Προγράμματα</span></a></li>
            <li class="second"><a href="simposia.html"><span>Επιστημονικά Συμπόσια</span></a></li>
            <li class="second"><a href="imerides.html"><span>Ημερίδες</span></a></li>
            <li class="second"><a href="dialexeis.html"><span>Διαλέξεις</span></a></li>
          </ul></li>

          <li class="first"><a href="#"><span class="style2"><b>Ι</b>ΣΤΟΡΙΚΟ <b>Α</b>ΡΧΕΙΟ</span></a>
          <ul>
            <li class="second"><a href="arxeio_dimou.html"><span>Αρχείο Δήμου</span></a></li>
            <li class="second"><a href="idiwtika_arxeia.html"><span>Ιδιωτκά Αρχεία</span></a></li>
            <li class="second"><a href="albums.php"><span>Φωτογραφίες</span></a></li>
            <li class="second"><a href="video.html"><span>Βίντεο</span></a></li>
          </ul></li>

          <li class="first"><a href="contact.html"><span class="style2"><b>Ε</b>ΠΙΚΟΙΝΩΝΙΑ</span></a></li>
    </ul>
    <?php
}else{ ?>
<ul>
          <li class="first"><a href="indexAdmin.html"><span class="style2"><b>Α</b>ΡΧΙΚΗ</span></a></li>
          <li class="first"><a href="#"><span class="style2"><b>Μ</b>ΟΥΣΕΙΟ</span></a>
          <ul>
            <li class="second"><a href="istoriki_anadromi.html"><span>Ιστορική Αναδρομή</span></a></li>
            <li class="second"><a href="oikonomiki_zwi.html"><span>Οικονομική Ζωή</span></a></li>
            <li class="second"><a href="nautilia.html"><span>Ναυτιλία</span></a></li>
            <li class="second"><a href="ixoi.html"><span>Ήχοι της Πόλης</span></a></li>
            <li class="second"><a href="proswpikotites.html"><span>Προσωπικότητες</span></a></li>
            <li class="second"><a href="thesmoi.html"><span>Θεσμοί της Πόλης</span></a></li>
          </ul></li>

          <li class="first"><a href="#"><span class="style2"><b>Κ</b>ΕΝΤΡΟ <b>Ε</b>ΡΕΥΝΩΝ</span></a>
          <ul>
            <li class="second"><a href="progr.html"><span>Εκπαιδευτικά Προγράμματα</span></a></li>
            <li class="second"><a href="simposia.html"><span>Επιστημονικά Συμπόσια</span></a></li>
            <li class="second"><a href="imerides.html"><span>Ημερίδες</span></a></li>
            <li class="second"><a href="dialexeis.html"><span>Διαλέξεις</span></a></li>
          </ul></li>

          <li class="first"><a href="#"><span class="style2"><b>Ι</b>ΣΤΟΡΙΚΟ <b>Α</b>ΡΧΕΙΟ</span></a>
          <ul>
            <li class="second"><a href="arxeio_dimou.html"><span>Αρχείο Δήμου</span></a></li>
            <li class="second"><a href="idiwtika_arxeia.html"><span>Ιδιωτκά Αρχεία</span></a></li>
            <li class="second"><a href="albumsAdmin.php"><span>Φωτογραφίες</span></a></li>
            <li class="second"><a href="video.html"><span>Βίντεο</span></a></li>
          </ul></li>

          <li class="first"><a href="contact.html"><span class="style2"><b>Ε</b>ΠΙΚΟΙΝΩΝΙΑ</span></a></li>
    </ul>
    <?php }?>
  </div>
</div>
<div class="content3">
<div class="content_resize3">
  <div class="mainbar3">
    <div class="article3">
          <h2><span>Συλλογές Φωτογραφιών</span></h2>
      <div class="clr"></div>
    <table border="0" cellspacing="0" cellpadding="2" width="610">
    <tr>
     <td>
     <br />


<?php

$albums1 = get_albumsAll();


if (empty($albums1)){
echo '<p>There are no albums</p>';
}else{
foreach ($albums1 as $album) {
                echo '<table style="display:inline-table;"><tr><td><p class="links"><a href="view_album1.php', $album, '" height="100" width="100">', $album['name'], '</a> (', $album['count'], ' images)<br />
                ', $album['description'], '...<br /></p> </td></tr></table>';
            }
        }
?>

view_album.php

<?php
include 'init.php';
if (!logged_in()) {
header('Location: albums.php');
exit();
}

if (!isset($_GET['album_id']) || empty($_GET['album_id']) ||   album_check($_GET['album_id']) == false) {
header('Location: albumsAdminAll.php');
exit();
}

$album_id = $_GET['album_id'];
$album_data = album_data($album_id, 'name', 'description');
?>
<div class="content3">
<div class="content_resize">
  <div class="mainbar3">
    <div class="article3">
      <?php echo '<h2>','<span>', $album_data['name'], '</span>', '</h2>', '<p id="description">', $album_data['description'], '</p>'; ?>
      <div class="clr"></div>
      <div class="post_content3">
        <p>

<?php
$album_id = $_GET['album_id'];
$images = get_images($album_id);

if (empty($images)) {
echo 'There are no images in this album<br /><br /><br />
        <p class="links"><a href="upload_image.php">Eισαγωγή Φωτογραφιών</a></p>';
} else {
foreach ($images as $image) {
    echo '<table style="display:inline-table;"><tr><td><a href="uploads/',   $image['album'], '/', $image['id'], '.', $image['ext'], '" height="100" width="100"><img src="uploads/thumbs/', $image['album'], '/', $image['id'], '.', $image['ext'], '" id="img" title="Uploaded ', date('D M Y / h:i ', $image['timestamp']), '" /></a> 
    <a href="delete_image.php?image_id=', $image['id'], '">[x]</a></td></tr></table>';

}echo '<br/><br/><p class="links"><a href="upload_image.php"><p class="links">Eισαγωγή Φωτογραφιών</p></a>
    <p class="links"><a href="albumsAdminAll.php">Back to Albums</a>  </p><br/>';
}

?>

init.php

<?php
ob_start();
session_start();

mysql_connect('localhost','root','');
mysql_query("SET CHARACTER SET utf8");
mysql_select_db('museum');

include 'func/user.func.php';
include 'func/album.func.php';
include 'func/image.func.php';
include 'func/thumb.func.php';

 ?>

albums.func.php

     <?php
function album_data($album_id) {
$album_id = (int)$album_id;
$args = func_get_args();
unset($args[0]);
$fields = '`'.implode('`, `', $args).'`';

$query = mysql_query("SELECT $fields FROM `albums` WHERE `album_id`=$album_id AND `user_id`=".$_SESSION['user_id']) or die(mysql_error());
$query_result = mysql_fetch_assoc($query);
foreach ($args as $field) {
    $args[$field] = $query_result[$field];

}    
return $args;
}

function album_check($album_id) {
$album_id = (int)$album_id;
$query = mysql_query("SELECT COUNT(`album_id`) FROM `albums` WHERE `album_id`=$album_id AND `user_id`=".$_SESSION['user_id']);
return (mysql_result($query, 0) == 1) ? true : false;
}

function get_albums() {
$albums = array();

$albums_query = mysql_query("
SELECT `albums`.`album_id`, `albums`.`timestamp`, `albums`.`name`, LEFT(`albums`.`description`, 50) as `description`,
COUNT(`images`.`image_id`) as `image_count`
FROM `albums`
LEFT JOIN `images`
ON `albums`.`album_id` = `images`.`album_id`
WHERE `albums`.`user_id` = ".$_SESSION['user_id']."
GROUP BY `albums`.`album_id`
") or die(mysql_error());


if(mysql_num_rows($albums_query)>0){ 
//this statement checks whether the query return more than 0 rows, if yes then it will proceeds.
// you can even check if(mysql_numrows($albums_query)==1) if it should return only one row
    while ($albums_row = mysql_fetch_assoc($albums_query)) {
        $albums[] = array(
        'id' => $albums_row['album_id'],
        'timestamp' => $albums_row['timestamp'],
        'name' => $albums_row['name'],
        'description' => $albums_row['description'],
        'count' => $albums_row['image_count']
        );
    }return $albums;
}else{     
}
}

function get_albumsAll() {
$albums2 = array();

$albums_query2= mysql_query ("
SELECT `albums`.`album_id`, `albums`.`timestamp`, `albums`.`name`, LEFT(`albums`.`description`, 50) as `description`, COUNT(`images`.`image_id`) as `image_count`
FROM `albums`
LEFT JOIN `images`
ON `albums`.`album_id` = `images`.`album_id`
GROUP BY `albums`.`album_id`
") or die(mysql_error());

if(mysql_num_rows($albums_query2)>0){ 

while ($albums_row2 = mysql_fetch_assoc($albums_query2)){
    $albums2[] = array(
        'id' => $albums_row2['album_id'],
        'timestamp' => $albums_row2['timestamp'],
        'name' => $albums_row2['name'],
        'description' => $albums_row2['description'],
        'count' => $albums_row2['image_count']
        );
}
return $albums2;
}
}

function create_album($album_name, $album_description) {
$album_name = mysql_real_escape_string(htmlentities($album_name)); 
$album_description = mysql_real_escape_string(htmlentities($album_description)); 

mysql_query("INSERT INTO `albums` VALUES ('', '".$_SESSION['user_id']."', UNIX_TIMESTAMP(), '$album_name', '$album_description')");
mkdir('uploads/'.mysql_insert_id(), 0744);
mkdir('uploads/thumbs/'.mysql_insert_id(), 0744);
}


function edit_album($album_id, $album_name, $album_description) {
$album_id = (int)$album_id;
$album_name = mysql_real_escape_string($album_name);
$album_description = mysql_real_escape_string($album_description);
mysql_query("UPDATE `albums` SET `name` = '$album_name', `description` = '$album_description' WHERE `album_id` =    '$album_id' AND `user_id` = ".$_SESSION['user_id']);
}

function delete_album($album_id) {
$album_id = (int)$album_id;

// To do: use a method to delete all files from folder and thubs folder, then the directory

mysql_query("DELETE FROM `albums` WHERE `album_id`=$album_id AND `user_id`=".$_SESSION['user_id']);
mysql_query("DELETE FROM `images` WHERE `album_id`=$album_id AND `user_id`=".$_SESSION['user_id']);
}
?>

albumsAdminAll.php

    <?php
include 'init.php';
?>

<div class="content3">
<div class="content_resize">
  <div class="mainbar3">
    <div class="article3">
      <h2><span>Άλμπουμ</span></h2>
      <div class="clr"></div>
      <div class="post_content3">
        <p>

<?php
if(!logged_in()){
header('Location: albums.php');
exit();
}else{
$albums = get_albums();


if (empty($albums)){
    echo '<p>There are no albums</p>';

}else{
    foreach ($albums as $album){
                echo '<table style="display:inline-table;"><tr><td><p class="links"><a href="view_album.php?album_id=', $album['id'], '" height="100" width="100">', $album['name'], '</a> (', $album['count'], ' images)<br />
                ', $album['description'], '...<br />
                <div class="links2"><p class="links"><a href="edit_album.php?album_id=', $album['id'], '">Επεξεργασία</a> / <a href="delete_album.php?album_id=', $album['id'], '">Διαγραφή</a></div></div>
                </p></td></tr></table>';
        }echo '<br/><br/><br/><p class="links"><a href="upload_image.php">Eισαγωγή Φωτογραφιών</p></a>';
    }echo '<p class="links"><a href="albumsAdmin.php">Back to Menu</p></a>';
}
?>

Thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Why is it that the images only show up when the administrator is logged in? Do you force the user to a login page when they aren’t logged in? If that’s the case then you should only force/redirect them when they try to access pages where they are able to upload/edit images. If you haven’t already you should create pages that simply show the images to the user and don’t take into account whether the user is logged in our not.

    • 0