<?
// GLOBAL VARS
// determines how many portfolios will be listed on the portfolio page
$ports_per_page = 1000;

// docroot from apache
$docroot = $_SERVER['DOCUMENT_ROOT'];

// dir for content and php includes for index.php
$data_dir = $docroot . '/includes/data/';
$admin_dir = $docroot . '/includes/admin/';

// db vars from httpd.conf environment variables
$dbuser = $_SERVER['DB_USER'];
$dbpass = $_SERVER['DB_PASS'];
$dbname = $_SERVER['DB_NAME'];
$dbhost = $_SERVER['DB_HOST'];

// images directory for uploading
// an environment variable needs to be created in httpd.conf for webout
$webout = $_SERVER['WEBOUT'];
// an alias needs to be created in httpd.conf for webout_url
$webout_url = 'webout/';

// who gets emails from the contacts page
#$contact_email = 'coldchillbill@yahoo.com';
#$contact_email = 'basem@bingojones.net';
$contact_email = 'bill@billgollihur.com';

// mysql init
$link = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
mysql_select_db($dbname);


//---------------------------------------------------------------------------------------------

// grabs any ports marked recent
function getRecentImages() {
  $query = "SELECT id FROM images WHERE recent!=''";
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $images = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push($images, $line['id']);
  }
  return $images;
}

// grabs any ports marked recent
function getRecentImagesAndAnimations() {
  $query = "SELECT id FROM images WHERE recent!=''";
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $images = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push($images, $line['id']);
  }

  $query = "SELECT id FROM animations WHERE recent!=''";
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $animations = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push($animations, $line['id']);
  }

  return array($images, $animations);
}

// removes a port from the list of recents
function removeRecent($imageID) {
  $imageID = mysql_clean($imageID);
  $query = "UPDATE images SET recent='' WHERE id='$imageID';";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
}

// returns the image id for the given portfolio's current TOC
function getCurrentTOC($portID) {
  $portID = mysql_clean($portID);
  $TOC_query = "SELECT id FROM images WHERE portID=\"$portID\" AND active=\"1\" ORDER BY imageOrder LIMIT 1;";
  $TOC_result = mysql_query($TOC_query) or die ('Query failed: ' . mysql_error());
  $toc_array = mysql_fetch_array($TOC_result, MYSQL_ASSOC);
  return $toc_array['id'];
}

// returns the image id for the given portfolio's current TOC in Animations section
function getCurrentAnimationTOC($portID) {
  $portID = mysql_clean($portID);
  $TOC_query = "SELECT id FROM animations WHERE portID=\"$portID\" AND active=\"1\" ORDER BY imageOrder LIMIT 1;";
  $TOC_result = mysql_query($TOC_query) or die ('Query failed: ' . mysql_error());
  $toc_array = mysql_fetch_array($TOC_result, MYSQL_ASSOC);
  return $toc_array['id'];
}

// returns a numeric array of associative arrays full of each portfolios info,
// including the TOC, which is retrieved for each and every port
// TODO: take the TOC business out of here.  wasteful.
function getAllArtists($type) {
  $type = mysql_clean($type);
  $query = 'SELECT * FROM portfolios ORDER BY lastName;';
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $ports = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    // wasteful by gettingCurrentTOC every time, even when it's not needed LEGACY
    if ( ($line['toc'] = getCurrentTOC($line['id'])) && ($type == 'clean') && ($line['active'] == '1') ) {
      array_push($ports, $line);
    } elseif ($type != 'clean') {
      // placeholder for no TOC file in admin interface
      if (!isset($line['toc']))  {
	$line['toc'] = 'NO';
      }
      array_push($ports, $line);
    }
  }
  return $ports;
}

// returns a numeric array of associative arrays full of each portfolios info,
// including the TOC, which is retrieved for each and every port
// TODO: take the TOC business out of here.  wasteful.
function getAllArtistsWithAnimations($type) {
  $type = mysql_clean($type);
  $query = 'SELECT * FROM portfolios ORDER BY lastName;';
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $ports = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    // wasteful by gettingCurrentAnimationTOC every time, even when it's not needed LEGACY
    // too lazy
    if ( ($line['toc'] = getCurrentAnimationTOC($line['id'])) && ($type == 'clean') && ($line['active'] == '1') ) {
      array_push($ports, $line);
    } elseif ($type != 'clean') {
      // placeholder for no TOC file in admin interface
      if (!isset($line['toc']))  {
	$line['toc'] = 'NO';
      }
      array_push($ports, $line);
    }
  }
  return $ports;
}

// requires an array of ports with portfolios.id as key and fullname as value (getAllArtists()).
// requires a section to send the user to upon selection
// requires a default port to highlight for navigation (currently only admin)
// returns an html select drop-down with portID as value.  defaults to optional $default_port
function allArtistsDropDown($port_arr, $section, $default_port) {
  // this function is in header for every page
  $dropdown = "<select name=\"portID\" onchange=\"MM_jumpMenu('parent',this,0)\">\n";
  $dropdown .= "\t<option value=\"\">Choose a portfolio</option>\n";
  foreach ($port_arr as $port) {
    if ($default_port == $port['id']) {
	$selected = 'selected';
    } else {
	$selected = '';
    }
    $sec = explode('&', $section);
    if ($sec[0] == 'manageHomepage') {
      $web_address = $_SERVER['PHP_SELF'] . "?section=$section&portnum=$port[id]";
    } else {
      $web_address = make_url($port['firstName'],$port['lastName']);
    }
    $dropdown .= "\t<option value=\"$web_address\" $selected>$port[firstName] $port[lastName]</option>\n";
  }
  $dropdown .= "</select>\n";
  return $dropdown;
}


// given a portID and type, will return a numeric array of associate arrays filled with
// info for every image associated with that array
// clean means that it is active, for the actual website rather than admin
function getAllImagesForPort($portID, $type) {
  $portID = mysql_clean($portID);
  $type = mysql_clean($type);
  if ($type == 'clean') $active_check = 'AND active="1"';
  $sql_images = "SELECT * FROM images WHERE portID=\"$portID\" $active_check ORDER BY imageOrder;";
  $result = mysql_query($sql_images) or die ('Query failed: ' . mysql_error());
  $imgs = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push ($imgs, $line);
  }
  return $imgs;
}

// given a portID and type, will return a numeric array of associate arrays filled with
// info for every animation associated with that array
// clean means that it is active, for the actual website rather than admin
function getAllAnimationsForPort($portID, $type) {
  $portID = mysql_clean($portID);
  $type = mysql_clean($type);
  if ($type == 'clean') $active_check = 'AND active="1"';
  $sql_images = "SELECT * FROM animations WHERE portID=\"$portID\" $active_check ORDER BY imageOrder;";
  $result = mysql_query($sql_images) or die ('Query failed: ' . mysql_error());
  $imgs = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push ($imgs, $line);
  }
  return $imgs;
}

// query populates array $port with the current artist's info
function getPortData($portID) {
  $portID = mysql_clean($portID);
  $query = "SELECT * FROM portfolios WHERE id=\"$portID\"";
  $result = mysql_query($query) or die ('Query failed: ' . mysql_error());
  $port = mysql_fetch_array($result, MYSQL_ASSOC);
  return $port;
}

// set's a portfolio active or inactive (will not show up in 'clean' versions)
function setActive($is_active, $ptp) {
  for ($i = 0; $i < count($ptp); $i++) {
    $ptp[$i] = mysql_clean($ptp[$i]);
    $where .= 'id="' . $ptp[$i] . '"';
    if ($ptp[$i + 1]) { $where .= ' OR '; }
  }
  $is_active = mysql_clean($is_active);
  $query = "UPDATE portfolios SET active=\"$is_active\" WHERE $where;";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

// given a portID, will return an associative array with all topics as keys,
// and 1 or 0 for values
function getTopicsForPort($id) {
  $id = mysql_clean($id);
  $query = "SELECT * FROM topics WHERE portID = " . $id;
  $results = mysql_query($query) or die ("Query Topics ($query) failed: " . mysql_error());
  $topics = mysql_fetch_array($results, MYSQL_ASSOC);
  array_shift($topics);
  return $topics;
}

// given a portID, will return an associative array with all styles as keys,
// and 1 or 0 for values
function getStylesForPort($id) {
  $id = mysql_clean($id);
  $query = "SELECT * FROM styles WHERE portID = " . $id;
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  $styles = mysql_fetch_array($results, MYSQL_ASSOC);
  array_shift($styles);
  return $styles;
}

// deletes styles row for port, only for deleting a port since every port needs a styles row
function deleteStyles($id) {
  $id = mysql_clean($id);
  $query = "DELETE FROM styles WHERE portID = " . $id . ';';
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  return 1;
}

// deletes topics row for port, only for deleting a port since every port needs a topics row
function deleteTopics($id) {
  $id = mysql_clean($id);
  $query = "DELETE FROM topics WHERE portID = " . $id . ';';
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  return 1;
}

// misnomer actually, since it is actually an insert.  row for supplied portID must be deleted first!
// should check for deleted row first, and check for dupes -- not necessary because portID col is unique in db.
// $styles needs to be an assoc array with style names as key and 1 or 0 as value
// TODO: for the love of god, make it update!
function updateStyles($portID, $styles) {
  $styletext = "`portID`," . "`" . array_shift($styles) . "`";
  $stylevalues = "'$portID'," . "'1'";
  foreach ($styles as $style) {
    $style = mysql_clean($style);
    $styletext .= ",`$style`";
    $stylevalues .= ",'1'";
  }
  $query = "INSERT INTO styles($styletext) VALUES ($stylevalues);";
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  return 1;
}

// misnomer actually, since it is actually an insert.  row for supplied portID must be deleted first!
// should check for deleted row first, and check for dupes -- not necessary because portID col is unique in db.
// $topics needs to be an assoc array with topic names as key and 1 or 0 as value
// TODO: for the love of god, make it update!
function updateTopics($portID, $topics) {
  // first element is portID
  $topictext = "`portID`," . "`" . array_shift($topics) . "`";
  $topicvalues = "'$portID'," . "'1'";
  foreach ($topics as $topic) {
    $topic = mysql_clean($topic);
    $topictext .= ",`$topic`";
    $topicvalues .= ",'1'";
  }
  $query = "INSERT INTO topics($topictext) VALUES ($topicvalues);";
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  return 1;
}

// update a port's info
// will use keys from update_set as column names and values as corresponding values
function updatePort($portID, $update_set) {
  $update_query = "UPDATE portfolios SET ";
  $update_set['firstName'] = preg_replace('/[\+\/\_]/', ' ', $update_set['firstName']);
  $update_set['lastName'] = preg_replace('/[\+\/\_]/', ' ', $update_set['lastName']);
  foreach ($update_set as $key => $value) {
    // in case of blank password, don't add it to the list of things to process
    if ( ($key == 'password') && ($value == '') ) continue;
    $key = mysql_clean($key);
    $value = mysql_clean($value);
    $value = "'$value'";
    $update_query .= "$key=$value";
    $update_query .= ', ';
  }
  $portID = mysql_clean($portID);
  $update_query .= "WHERE id='$portID';";
  $update_query = preg_replace("/, WHERE/", ' WHERE', $update_query);
  $results = mysql_query($update_query) or die ("$query failed: " . mysql_error());
  return 1;
}

// for the error.php feature of retrieving portfolio details by name instead of portID
//* names have to be spelled correctly, firstname_lastname
//* case is insensitive
//* portfolio must be active
//* will only return one record, even if more than one active portfolio uses the same firstname and lastname
function getPortIDByName($first, $last) {
  $first = mysql_clean($first);
  $last = mysql_clean($last);
  $query = "SELECT id FROM portfolios WHERE firstName=\"$first\" AND lastName=\"$last\" LIMIT 1;";
  $results = mysql_query($query) or die ("$query failed: " . mysql_error());
  $id_array = mysql_fetch_array($results, MYSQL_ASSOC);
  return $id_array['id'];
}

function getAllStyles() {
  $query = 'SHOW columns FROM styles';
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $styles = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if ($line['Field'] != 'portID') $styles[$line['Field']] = '0';
  }
  return $styles;
}

function getAllTopics() {
  $query = 'SHOW columns FROM topics';
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $topics = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if ($line['Field'] != 'portID') $topics[$line['Field']] = '0';
  }
  return $topics;
}

// similar to updatePort, will add a port
// update set has columns as keys and corresponding values as values
function addPort($update_set) {
  $keys = '';
  $values = '';
  $update_set['firstName'] = preg_replace('/[\+\/\_]/', ' ', $update_set['firstName']);
  $update_set['lastName'] = preg_replace('/[\+\/\_]/', ' ', $update_set['lastName']);
  foreach ($update_set as $key => $value) {
    $key = mysql_clean($key);
    $value = mysql_clean($value);
    $keys .= $key . ',';
    $values .= "'$value',";
  }
  $keys .= 'creationDate';
  $values .= "'" . date("Y-m-d") . "'";
  $query = "INSERT INTO portfolios($keys) VALUES ($values);";
  $result = mysql_query($query); # or die ("$query failed: " . mysql_error());
  $error = mysql_error();
  $lastID = (string) mysql_insert_id();
  return array($lastID, $error);
}

// resets the imageOrder of each image.  all are reset, starting with 0 and increasing by 1
function orderImages($images) {
  for ($i = 0; $i < count($images); $i++) {
    $images[$i] = mysql_clean($images[$i]);
    $query = "UPDATE images SET imageOrder=\"$i\" WHERE id=\"$images[$i]\";";
    $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  }
}

// resets the imageOrder of each image.  all are reset, starting with 0 and increasing by 1
function orderAnimations($images) {
  for ($i = 0; $i < count($images); $i++) {
    $images[$i] = mysql_clean($images[$i]);
    $query = "UPDATE animations SET imageOrder=\"$i\" WHERE id=\"$images[$i]\";";
    $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  }
}

// get an image's data given it's id
function getImage($id) {
  $id = mysql_clean($id);
  $query = "SELECT * FROM images WHERE id=\"$id\";";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $id_array = mysql_fetch_array($result, MYSQL_ASSOC);
  return $id_array;
}

// get an animation's data given it's id
function getAnimation($id) {
  $id = mysql_clean($id);
  $query = "SELECT * FROM animations WHERE id=\"$id\";";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $id_array = mysql_fetch_array($result, MYSQL_ASSOC);
  return $id_array;
}

// update image given imageID and update_set assoc array with keys for cols and values for values
function updateImage($imageID, $update_set) {
  $update_set['modifiedDate'] = date("Y-m-d");
  $update_query = "UPDATE images SET ";
  foreach ($update_set as $key => $value) {
    $key = mysql_clean($key);
    $value = mysql_clean($value);
    $update_query .= "$key='$value',";
  }
  $imageID = mysql_clean($imageID);
  $update_query .= " WHERE id='$imageID';";
  $update_query = preg_replace("/, WHERE/", ' WHERE', $update_query);
  $results = mysql_query($update_query) or die ("$query failed: " . mysql_error());
  return 1;
}

// update animation given imageID and update_set assoc array with keys for cols and values for values
function updateAnimation($imageID, $update_set) {
  $update_set['modifiedDate'] = date("Y-m-d");
  $update_query = "UPDATE animations SET ";
  foreach ($update_set as $key => $value) {
    $key = mysql_clean($key);
    $value = mysql_clean($value);
    $update_query .= "$key='$value',";
  }
  $imageID = mysql_clean($imageID);
  $update_query .= " WHERE id='$imageID';";
  $update_query = preg_replace("/, WHERE/", ' WHERE', $update_query);
  $results = mysql_query($update_query) or die ("$query failed: " . mysql_error());
  return 1;
}

// the part of the upload process that puts it into the db.  all we need is the portID and title.
// returns the 'id' of the image inserted
function uploadImage($portID, $title) {
  $date = date("Y-m-d");
  $portID = mysql_clean($portID);
  $title = mysql_clean($title);
  $query = "INSERT INTO images(portID,title,creationDate,modifiedDate) VALUES ('$portID','$title','$date','$date');";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $lastID = (string) mysql_insert_id();
  return $lastID;
}

// the part of the upload process that puts it into the db.  all we need is the portID and title.
// returns the 'id' of the image inserted
function uploadAnimation($portID, $title, $suffix) {
  $date = date("Y-m-d");
  $portID = mysql_clean($portID);
  $title = mysql_clean($title);
  $suffix = mysql_clean($suffix);
  $query = "INSERT INTO animations(portID,title,creationDate,modifiedDate,suffix) VALUES ('$portID','$title','$date','$date','$suffix');";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $lastID = (string) mysql_insert_id();
  return $lastID;
}

// this is a doozy.  given only a string of words and type 'clean' (or not), searches 
// 1) a list of cols from the db for the string using msyql REGEXP
// 2) all styles for anything containing any of the words
// 3) all styles for anything containing any of the words
function search($search_string, $type) {
  $search_string = mysql_clean($search_string);
  $type = mysql_clean($type);
  if ($type == 'clean') $active_check = ' AND active="1"';
  $search_elements = split (" ", $search_string);
  $search_query = "SELECT id, firstName, lastName FROM portfolios WHERE (";
  // construct query for #1
  foreach ($search_elements as $element) {
    $search_query .= "search REGEXP '$element' OR ";
    $search_query .= "medium REGEXP '$element' OR ";
    $search_query .= "firstName REGEXP '$element' OR ";
    $search_query .= "lastName REGEXP '$element' OR ";
    if (isset($styles[$element])) $search_query .= "styles.$element='1' OR ";
  }
  $search_query = trim($search_query, ' OR ');
  $search_query .= " $active_check);";
  $result = mysql_query($search_query) or die ("$search_query failed: " . mysql_error());
  $ports = array();
  // assign to array $ports all resulting ports
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push($ports, $line);
  }

// STYLES and TOPICS
  // #2 -- create an array for all matching styles
  $styles = getAllStyles();
  $ports_styles = search_styles_or_topics($search_elements, $styles, 'styles', 'clean');
  // #3 -- create another array for all matching topics
  $topics = getAllTopics();
  $ports_topics = search_styles_or_topics($search_elements, $topics, 'topics', 'clean');

// IMAGE TITLES
  // #4 -- create yet another array for all matching ports which contain images that match search
  $ports_titles = array();
  foreach ($search_elements as $element) {
    $title_query = "SELECT images.portID AS id, portfolios.firstName, portfolios.lastName FROM images, portfolios WHERE title REGEXP '$element' AND images.portID = portfolios.id;";
    $result = mysql_query($title_query) or die ("$title_query failed: " . mysql_error());
    while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
      array_push($ports_titles, $line);
    }
  }
  $ports_titles = array_unique2($ports_titles);
#  print_r($ports_topics);

  // take the union of matching styles and ports to get rid of dupes
  $union1 = array_union($ports_styles, $ports);
  // take the union of those and resulting topics to eliminate any remaining dupes
  $union2 = array_union($ports_topics, $union1);
  // finally, take the union of those and image results
  $union3 = array_union($ports_titles, $union2);
  // order the unions
  $union3_ordered = array();
  foreach ($union3 as $port) {
    array_push($union3_ordered, $port);
  }
  // and return the resultant array
  return $union3_ordered;
  // whew
}

// given $search_elements array originally from search textfield,
// all the styles|topics, a string indicating if it is a style or a topic,
// and type = 'clean' or not, return a numeric array of assoc arrays of each 
// resultant portfolio.  only with id, firstName, lastName
// no mysql cleaning since it's called from search function
function search_styles_or_topics ($search_elements, $all_styles_or_topics, $style_or_topic, $type) {
  if ($type == 'clean') $active_check = ' AND active="1"';
  $searches = array();
  // no easy way to search keys in php, so i had to iterate through
  foreach ($search_elements as $element) {
    foreach ($all_styles_or_topics as $key => $value) {
      // case insensitive regexp search
      if (preg_match("/$element/i", $key)) {
	array_push($searches, $key);
      }
    }
  }
  // assuming we came up with any matches, find the resultant portID's
  if (count($searches) > 0) {
    $query = "SELECT $style_or_topic.portID AS id, portfolios.firstName, portfolios.lastName FROM $style_or_topic, portfolios WHERE portfolios.id=$style_or_topic.portID AND (";
    $query .= '';
    foreach ($searches as $item) {
      $query .= "`$item`='1' OR ";
    }
    $query = trim($query, ' OR ');
    $query .= " $active_check);";
    $result = mysql_query($query) or die ("$query failed: " . mysql_error());
    $ports_st = array();
    while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
      array_push($ports_st, $line);
    }
  }
  return $ports_st;
}

function getAllPortsForStyleOrTopic ($style_or_topic, $value, $type) {
  $query = "SELECT $style_or_topic.portID AS id, portfolios.active, portfolios.firstName, portfolios.lastName FROM $style_or_topic, portfolios WHERE `$value`='1' AND $style_or_topic.portID = portfolios.id;";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $ports = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    if ( ($type == 'clean') && ($line['active'] == '1') ) {
      array_push($ports, $line);
    }
  }
  return $ports;
}

// shell for all the set theory madness required to simply take the union of two arrays
function array_union($a, $b) {
  $union = array_merge_recursive($a, $b); // duplicates may still exist
  $union = array_unique2($union);
  return $union;
}

// from php.net
function recursivemakehash($tab)
{
  if(!is_array($tab))
    return $tab;
  $p = '';
  foreach($tab as $a => $b)
    $p .= sprintf('%08X%08X', crc32($a), crc32(recursivemakehash($b)));
  return $p;
}

// from php.net
function array_unique2($input)
{
  $dumdum = array();
  foreach($input as $a => $b)
    $dumdum[$a] = recursivemakehash($b);
  $newinput = array();
  foreach(array_unique($dumdum) as $a => $b)
    $newinput[$a] = $input[$a];
  return $newinput;
}

// takes an email and pass, returns the port info for processing passwords match
// blanks are handled in orig script
function login($email, $password) {
  $email = mysql_clean($email);
  $password = mysql_clean($password);
  $query = "SELECT * FROM portfolios WHERE email='$email' AND password='$password';";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $port = mysql_fetch_array($result, MYSQL_ASSOC);
  return $port;
}

// deletes all versions of given image except homepage version
// from filesystem and wipes it from db.
// requires the webout dir (not sure why), port id and image id
function deleteImage($dir, $port_id, $image_id) {
  $dir = mysql_clean($dir);
  $port_id = mysql_clean($port_id);
  $image_id = mysql_clean($image_id);
  foreach (array('TOC', 'thumb', 'main', 'TOC_deactivated') as $type) {
    if (file_exists($dir . $port_id . '/' . $image_id . "-$type.jpg"))
      unlink($dir . $port_id . '/' . $image_id . "-$type.jpg") 
	or die ("Image delete failed for " . $port_id . '/' . $image_id . "-$type.jpg");
  }
  $query = "DELETE FROM images WHERE id=\"$image_id\";";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

// deletes all versions of given animation except homepage version
// from filesystem and wipes it from db.
// requires the webout dir (not sure why), port id and image id
function deleteAnimation($dir, $port_id, $image_id, $suffix) {
  $dir = mysql_clean($dir);
  $port_id = mysql_clean($port_id);
  $image_id = mysql_clean($image_id);
  $suffix = mysql_clean($suffix);
  if (file_exists($dir . $port_id . '/anims/' . $image_id . "-TOC.jpg")) {
    unlink($dir . $port_id . '/anims/' . $image_id . "-TOC.jpg")
      or die ("Animation delete failed for " . $port_id . '/anims/' . $image_id . "-TOC.jpg");
  }
  if (file_exists($dir . $port_id . '/anims/' . $image_id . '.' . $suffix)) {
    unlink($dir . $port_id . '/anims/' . $image_id . '.' . $suffix)
      or die ("Animation delete failed for " . $port_id . '/anims/' . $image_id . '.' . $suffix);
  }
  $query = "DELETE FROM animations WHERE id=\"$image_id\";";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

// deletes the given portID's rows in portfolios, styles and topics
// TODO: error handling for deletePort(), addPort() and managePort-edit.php
// TODO: delete all images for port as well.  shouldn't be left to other scripts,
// should be automatic and idiot-proof
function deletePort($id, $webout) {
  $id = mysql_clean($id);
  $query = "DELETE FROM portfolios WHERE id=\"$id\";";
  $styles_result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $styles_query = "DELETE FROM styles WHERE portID=\"$id\";";
  $styles_result = mysql_query($styles_query) or die ("$styles_query failed: " . mysql_error());
  $topics_query = "DELETE FROM topics WHERE portID=\"$id\";";
  $topics_result = mysql_query($topics_query) or die ("$topics_query failed: " . mysql_error());
  // get rid of the image dir if it exists
  //  print "webout . id = " . $webout . $id . '<br><br>';
  if (file_exists($webout . $id)) {
    if (file_exists($webout . $id . '/home.jpg')) {
      unlink($webout . $id . '/home.jpg');
    }
    if (file_exists($webout . $id . '/tmp')) {
      rm($webout . $id . '/tmp/');
    }
    rmdir($webout . $id);
  }
  return $result;
}

// simply return firstName, lastName and pass for a user given only email
function getPass($email) {
  $email = mysql_clean($email);
  $query = "SELECT firstName, lastName, password FROM portfolios WHERE email='$email';";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $port = mysql_fetch_array($result, MYSQL_ASSOC);
  return $port;
}

function getHomepagePorts() {
  $query = "SELECT * FROM homepage WHERE position='1' OR position='2' OR position='3';";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  $ports = array();
  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
    array_push($ports, $line);
  }
  return $ports;
}

// updates homepage info in tiny db table, only for one position at a time,
// the one specified in $pos
function updateHomepage($pos, $port_id) {
  $pos = mysql_clean($pos);
  $port_id = mysql_clean($port_id);
  $query = "UPDATE homepage SET portID='$port_id' WHERE position='$pos';";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

// Quote variable to make safe from SQL injection attacks.
function mysql_clean($value) {
  // Stripslashes
  if (get_magic_quotes_gpc()) {
    $value = stripslashes($value);
  }
  // Quote if not a number or a numeric string
  if (!is_numeric($value)) {
    $value = mysql_real_escape_string($value);
  }
  return $value;
}

function make_url($fn, $ln) {
  if ($fn != '') $firstName = preg_replace('/ /', '+', $fn) . '_';
  $lastName = $ln;
  $web_address = 'http://' . $_SERVER[HTTP_HOST] . '/' . $firstName . preg_replace('/ /', '+', $lastName);
  return $web_address;
}
  
/**
 * rm() -- Vigorously erase files and directories.
 *
 * @param $fileglob mixed If string, must be a file name (foo.txt), glob pattern (*.txt), or directory name.
 *                        If array, must be an array of file names, glob patterns, or directories.
 */
function rm($fileglob)
{
  if (is_string($fileglob)) {
    if (is_file($fileglob)) {
      return unlink($fileglob);
    } else if (is_dir($fileglob)) {
      $ok = rm("$fileglob/*");
      if (! $ok) {
	return false;
      }
      return rmdir($fileglob);
    } else {
      $matching = glob($fileglob);
      if ($matching === false) {
	trigger_error(sprintf('No files match supplied glob %s', $fileglob), E_USER_WARNING);
	return false;
      }     
      $rcs = array_map('rm', $matching);
      if (in_array(false, $rcs)) {
	return false;
      }
    }     
  } else if (is_array($fileglob)) {
    $rcs = array_map('rm', $fileglob);
    if (in_array(false, $rcs)) {
      return false;
    }
  } else {
    trigger_error('Param #1 must be filename or glob pattern, or array of filenames or glob patterns', E_USER_ERROR);
    return false;
  }

  return true;
}

function active_image($image_id, $value) {
  $image_id = mysql_clean($image_id);
  $value = mysql_clean($value);
  $query = "UPDATE images SET active='$value' WHERE id=\"$image_id\";";
#  print "query = $query<br><br>";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

function active_animation($image_id, $value) {
  $image_id = mysql_clean($image_id);
  $value = mysql_clean($value);
  $query = "UPDATE animations SET active='$value' WHERE id=\"$image_id\";";
#  print "query = $query<br><br>";
  $result = mysql_query($query) or die ("$query failed: " . mysql_error());
  return $result;
}

?>