cpg_fetch_icon('modifyalb', 2), 'thumbnail_view' => cpg_fetch_icon('thumbnails', 2), 'file_info' => cpg_fetch_icon('info', 2), 'album' => cpg_fetch_icon('alb_mgr', 2), 'move' => cpg_fetch_icon('move', 2), 'title' => cpg_fetch_icon('title', 2), 'file_name' => cpg_fetch_icon('filename', 2), 'description' => cpg_fetch_icon('text_left', 2), 'keyword' => cpg_fetch_icon('keyword_mgr', 2), 'file_approval' => cpg_fetch_icon('file_approval', 2), 'file_approve' => cpg_fetch_icon('file_approve', 0, $lang_editpics_php['approve_pic']), 'file_approve_all' => cpg_fetch_icon('file_approve', 0, $lang_editpics_php['approve_all']), 'file_disapprove' => cpg_fetch_icon('file_disapprove', 2), 'exif' => cpg_fetch_icon('exif_mgr', 2), 'reset_views' => cpg_fetch_icon('stats_delete', 0), 'reset_views_all' => cpg_fetch_icon('stats_delete', 0, $lang_editpics_php['reset_all_view_count']), 'reset_votes' => cpg_fetch_icon('blank', 2), 'ok' => cpg_fetch_icon('ok', 2), 'category' => cpg_fetch_icon('category', 2), 'delete' => cpg_fetch_icon('delete', 0, $lang_editpics_php['del_pic']), 'delete_all' => cpg_fetch_icon('delete', 0, $lang_editpics_php['del_all']), 'comment_delete' => cpg_fetch_icon('comment_disapprove', 0, $lang_editpics_php['del_comm']), 'comment_delete_all' => cpg_fetch_icon('comment_disapprove', 0, $lang_editpics_php['del_all_comm']), 'edit_files' => cpg_fetch_icon('edit', 2), 'continue' => cpg_fetch_icon('right', 0), ); if ($superCage->get->keyExists('album')) { $album_id = $superCage->get->getInt('album'); } elseif ($superCage->post->keyExists('album')) { $album_id = $superCage->post->getInt('album'); } else { $album_id = 0; } if (isset($USER_DATA['allowed_albums']) && count($USER_DATA['allowed_albums']) > 0) { define('MODERATOR_MODE', 1); $albStr = implode(',', $USER_DATA['allowed_albums']); $albStr = "($albStr)"; if (isset($album_id) && in_array($album_id, $USER_DATA['allowed_albums'])) { define('MODERATOR_EDIT_MODE', 1); } else { define('MODERATOR_EDIT_MODE', 0); } } else { define('MODERATOR_MODE', 0); define('MODERATOR_EDIT_MODE', 0); } if (!(USER_IS_ADMIN || USER_ADMIN_MODE || MODERATOR_MODE || USER_CAN_UPLOAD_PICTURES)) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } if (USER_ID == 0 && $CONFIG['allow_guests_enter_file_details'] == 0) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } define('UPLOAD_APPROVAL_MODE', $superCage->get->keyExists('mode')); define('EDIT_PICTURES_MODE', !$superCage->get->keyExists('mode')); if (UPLOAD_APPROVAL_MODE && !GALLERY_ADMIN_MODE && !MODERATOR_MODE) { cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__); } // Remove outdated guest tokens every hour at maximum if ($CONFIG['guest_token_cleanup'] < time() - 3600) { $guest_token_lifetime = $CONFIG['form_token_lifetime'] * 5; cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET guest_token = '' WHERE ctime < ".time()." - {$guest_token_lifetime}"); cpg_db_query("UPDATE {$CONFIG['TABLE_CONFIG']} SET value = ".time()." WHERE name = 'guest_token_cleanup'"); } if (EDIT_PICTURES_MODE) { $query = "SELECT title, category, keyword FROM {$CONFIG['TABLE_ALBUMS']} " ." WHERE aid = '$album_id'"; $result = cpg_db_query($query); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $ALBUM_DATA = mysql_fetch_assoc($result); mysql_free_result($result); $cat = $ALBUM_DATA['category']; $actual_cat = $cat; if ((!user_is_allowed() && !GALLERY_ADMIN_MODE && !MODERATOR_EDIT_MODE)) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } } else { $ALBUM_DATA = array(); } $THUMB_ROWSPAN = 5; if ($CONFIG['user_field1_name'] != '') { $THUMB_ROWSPAN++; } if ($CONFIG['user_field2_name'] != '') { $THUMB_ROWSPAN++; } if ($CONFIG['user_field3_name'] != '') { $THUMB_ROWSPAN++; } if ($CONFIG['user_field4_name'] != '') { $THUMB_ROWSPAN++; } // Type 0 => input // 1 => album list // 2 => text_area // 3 => picture information $captionLabel = $lang_editpics_php['desc']; $keywordLabel = sprintf($lang_common['keywords_insert1'], $lang_common['keyword_separators'][$CONFIG['keyword_separator']]) . '
' . $lang_common['keywords_insert2'] .''; if ($CONFIG['show_bbcode_help']) { $captionLabel .= ' '. cpg_display_help('f=empty.html&h=lang_bbcode_help_title&t=lang_bbcode_help', 500, 300); } $data = array( array($icon_array['file_info'] . $lang_editpics_php['pic_info'], '', 3), array($icon_array['album'] . $lang_common['album'], 'aid', 1), array($icon_array['title'] . $lang_common['title'], 'title', 0, 255), array($icon_array['description'] . $captionLabel, 'caption', 2, $CONFIG['max_img_desc_length']), array($icon_array['keyword'] . $keywordLabel, 'keywords', 0, 255), array($CONFIG['user_field1_name'], 'user1', 0, 255), array($CONFIG['user_field2_name'], 'user2', 0, 255), array($CONFIG['user_field3_name'], 'user3', 0, 255), array($CONFIG['user_field4_name'], 'user4', 0, 255), ); /** * get_post_var() * * Function to fetch the given key's data from post and return it * * @param string String part of the key * @param int The pid attached to the key * * @return string Data from post */ function get_post_var($var, $pid) { global $lang_errors; $superCage = Inspekt::makeSuperCage(); $var_name = $var.$pid; if ($superCage->post->keyExists($var_name)) { return $superCage->post->getEscaped($var_name); } else { cpg_die(CRITICAL_ERROR, $lang_errors['param_missing']." ($var_name)", __FILE__, __LINE__); } } /** * process_post_data() * * Function to process the form posted */ function process_post_data() { global $CONFIG, $user_albums_list, $lang_errors; $superCage = Inspekt::makeSuperCage(); //Check if the form token is valid if(!checkFormToken()){ cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__); } $user_album_set = array(); $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " OR uploads = 'YES'"); while ($row = mysql_fetch_assoc($result)) { $user_album_set[$row['aid']] = 1; } mysql_free_result($result); $pid_array = $superCage->post->getInt('pid'); if (!is_array($pid_array)) { cpg_die(CRITICAL_ERROR, $lang_errors['param_missing'], __FILE__, __LINE__); } if ($superCage->post->keyExists('galleryicon')) { $galleryicon = $superCage->post->getInt('galleryicon'); } else { $galleryicon = ''; } foreach ($pid_array as $pid) { $aid = $superCage->post->getInt("aid$pid"); $title = get_post_var('title', $pid); $caption = get_post_var('caption', $pid); $keywords = get_post_var('keywords', $pid); $user1 = get_post_var('user1', $pid); $user2 = get_post_var('user2', $pid); $user3 = get_post_var('user3', $pid); $user4 = get_post_var('user4', $pid); $delete = false; $reset_vcount = false; $reset_votes = false; $del_comments = false; $isgalleryicon = ($galleryicon === $pid); if ($superCage->post->keyExists('delete' . $pid)) { $delete = $superCage->post->getInt('delete' . $pid); } if ($superCage->post->keyExists('reset_vcount' . $pid)) { $reset_vcount = $superCage->post->getInt('reset_vcount' . $pid); } if ($superCage->post->keyExists('reset_votes' . $pid)) { $reset_votes = $superCage->post->getInt('reset_votes' . $pid); } if ($superCage->post->keyExists('del_comments' . $pid)) { $del_comments = $superCage->post->getInt('del_comments' . $pid); } // We will be selecting pid in the query as we need it in $pic array for the plugin filter $query = "SELECT pid, category, filepath, filename, owner_id FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid = $pid"; $result = cpg_db_query($query); if (!mysql_num_rows($result)) { cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__); } $pic = mysql_fetch_assoc($result); mysql_free_result($result); if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics'] ) { if ($pic['category'] != FIRST_USER_CAT + USER_ID) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } if (!isset($user_album_set[$aid])) { cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } } cpg_trim_keywords($keywords); $update = "aid = '$aid'"; $update .= ", title = '$title'"; $update .= ", caption = '$caption'"; $update .= ", keywords = '$keywords'"; $update .= ", user1 = '$user1'"; $update .= ", user2 = '$user2'"; $update .= ", user3 = '$user3'"; $update .= ", user4 = '$user4'"; if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET galleryicon = 0 WHERE owner_id = {$pic['owner_id']}"); $update .= ", galleryicon = " . $galleryicon; } if (is_movie($pic['filename'])) { $pwidth = $superCage->post->getInt('pwidth' . $pid); $pheight = $superCage->post->getInt('pheight' . $pid); $update .= ", pwidth = " . $pwidth; $update .= ", pheight = " . $pheight; } if ($reset_vcount) { $update .= ", hits = 0"; resetDetailHits($pid); } if ($reset_votes) { $update .= ", pic_rating = 0, votes = 0"; resetDetailVotes($pid); } if (GALLERY_ADMIN_MODE || UPLOAD_APPROVAL_MODE || MODERATOR_MODE) { $approved = ''; if ($superCage->post->keyExists('approved' . $pid)) { $approved = $superCage->post->getAlpha('approved' . $pid); } if ($approved == 'YES') { $update .= ", approved = 'YES'"; } else { $update .= ", approved = 'NO'"; } } if ($del_comments || $delete) { cpg_db_query("DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = $pid"); } if ($delete) { $dir = $CONFIG['fullpath'].$pic['filepath']; $file = $pic['filename']; if (!is_writable($dir)) { cpg_die(CRITICAL_ERROR, sprintf($lang_errors['directory_ro'], $dir), __FILE__, __LINE__); } $files = array($dir . $file, $dir . $CONFIG['normal_pfx'] . $file, $dir . $CONFIG['orig_pfx'] . $file, $dir . $CONFIG['thumb_pfx'] . $file); // Check for custom thumbnails for non-images if (!is_image($file)) { $mime_content = cpg_get_type($file); $file_base_name = str_replace('.' . $mime_content['extension'], '', basename($file)); foreach (array('.gif','.png','.jpg') as $thumb_extension) { if (file_exists($dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension)) { // Thumbnail found, check if it's the only file using that thumbnail $count = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name}.%'"), 0); if ($count == 1) { unset($files[count($files)-1]); $files[] = $dir . $CONFIG['thumb_pfx'] . $file_base_name . $thumb_extension; break; } } } } foreach ($files as $currFile) { if (is_file($currFile)) { @unlink($currFile); } } // Plugin filter to be called before deleting a file CPGPluginAPI::action('before_delete_file', $pic); cpg_db_query("DELETE FROM {$CONFIG['TABLE_PICTURES']} WHERE pid = $pid LIMIT 1"); cpg_db_query("UPDATE {$CONFIG['TABLE_ALBUMS']} SET thumb = '0' WHERE thumb = '$pid'"); // Plugin filter to be called after a file is deleted CPGPluginAPI::action('after_delete_file', $pic); } else { cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET $update WHERE pid = $pid"); // Executes after a file update is committed CPGPluginAPI::action('after_edit_file', $pid); } } } function form_label($text) { echo <<< EOT $text EOT; } function form_pic_info($text) { global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG; global $lang_byte_units, $lang_editpics_php, $lang_common, $loop_counter, $row_style_class, $icon_array, $cpg_udb; if (!is_movie($CURRENT_PIC['filename'])) { $pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], ($CURRENT_PIC['filesize'] >> 10), $CURRENT_PIC['hits'], $CURRENT_PIC['votes']); } else { $pic_info = sprintf($lang_editpics_php['pic_info_str'], '', '', ($CURRENT_PIC['filesize'] >> 10), $CURRENT_PIC['hits'], $CURRENT_PIC['votes']); } if (UPLOAD_APPROVAL_MODE) { if ($CURRENT_PIC['owner_id']) { $pic_info .= ' - ' . $cpg_udb->get_user_name($CURRENT_PIC['owner_id']) . ''; } } $thumb_url = get_pic_url($CURRENT_PIC, 'thumb'); $thumb_link = 'displayimage.php?pid='.$CURRENT_PIC['pid']; $filename = htmlspecialchars($CURRENT_PIC['filename']); $filepath = htmlspecialchars($CURRENT_PIC['filepath']); $isgalleryicon_selected = ($CURRENT_PIC['galleryicon']) ? 'checked="checked" ':''; $isgalleryicon_disabled = (!isset($CURRENT_PIC['category']) || ($CURRENT_PIC['category'] < FIRST_USER_CAT)) ? ' style="display:none;" ':''; if ($loop_counter == 0) { $row_style_class = 'tableb'; } else { $row_style_class = 'tableb tableb_alternate'; } $loop_counter++; if ($loop_counter > 1) { $loop_counter = 0; } if ($CURRENT_PIC['approved'] == 'YES') { $pic_approval_checked = 'checked="checked"'; } else { $pic_approval_checked = ''; } // The approve checkbox is shown only if the user is admin or moderator. $approve_html = ''; if (GALLERY_ADMIN_MODE || MODERATOR_MODE) { $approve_html = << EOT; } // The reset hits box will only be displayed if a file has more than zero hits if ($CURRENT_PIC['hits'] == 0) { $hits_reset_disabled = 'disabled="disabled"'; } else { $hits_reset_disabled = ''; } // The reset votes box will only be displayed if a file has more than zero votes if ($CURRENT_PIC['votes'] == 0) { $votes_reset_disabled = 'disabled="disabled"'; } else { $votes_reset_disabled = ''; } echo <<< EOT $approve_html
{$icon_array['file_name']}{$lang_common['filename']}: {$CONFIG['site_url']}{$CONFIG['fullpath']}{$filepath}{$filename}
 
$text $pic_info
EOT; } function form_options() { global $CURRENT_PIC, $lang_editpics_php, $row_style_class; if (UPLOAD_APPROVAL_MODE) { echo <<       EOT; } else { echo << EOT; } } function form_input($text, $name, $max_length,$field_width = 100) { global $CURRENT_PIC, $LINEBREAK, $row_style_class; $value = array_key_exists($name, $CURRENT_PIC) ? $CURRENT_PIC[$name] : ''; $name .= $CURRENT_PIC['pid']; $text = sprintf($text, $CURRENT_PIC['pid']); if ($text == '') { echo ' ' . $LINEBREAK; return; } echo << $text EOT; } function form_alb_list_box($text, $name) { global $CURRENT_PIC; global $row_style_class, $icon_array; $options = album_selection_options($CURRENT_PIC['aid']); $name .= $CURRENT_PIC['pid']; echo << $text {$icon_array['move']} EOT; } function form_textarea($text, $name, $max_length) { global $ALBUM_DATA, $CURRENT_PIC, $row_style_class; $value = $CURRENT_PIC[$name]; $name .= $CURRENT_PIC['pid']; echo << $text EOT; } function form_status($text, $name) { global $CURRENT_PIC, $lang_editpics_php, $row_style_class; $checkYes = ($CURRENT_PIC[$name] == 'YES') ? 'checked="checked"' : ''; $checkNo = ($CURRENT_PIC[$name] == 'NO') ? 'checked="checked"' : ''; $name .= $CURRENT_PIC['pid']; if (!UPLOAD_APPROVAL_MODE && GALLERY_ADMIN_MODE) { echo <<< EOT $text    EOT; } } function create_form(&$data) { foreach ($data as $element) { if (is_array($element)) { switch ($element[2]) { case 0 : form_input($element[0], $element[1], $element[3]); break; case 1 : form_alb_list_box($element[0], $element[1]); break; case 2 : form_textarea($element[0], $element[1], $element[3]); break; case 3 : form_pic_info($element[0]); break; default: cpg_die(CRITICAL_ERROR, 'Invalid action for form creation', __FILE__, __LINE__); } // switch } else { form_label($element); } } // foreach } if ($superCage->post->keyExists('go')) { process_post_data(); } if ($superCage->get->keyExists('start')) { $start = $superCage->get->getInt('start'); } else { $start = 0; } if ($superCage->get->keyExists('count')) { $count = $superCage->get->getInt('count'); } else { $count = 25; } $newer_than = $superCage->get->keyExists('newer_than') ? "&newer_than=".$superCage->get->getInt('newer_than') : ''; $next_target = $CPG_PHP_SELF . '?album=' . $album_id . '&start=' . ($start + $count) . '&count=' . $count . (UPLOAD_APPROVAL_MODE ? '&mode=upload_approval' : '') . $newer_than; $prev_target = $CPG_PHP_SELF . '?album=' . $album_id . '&start=' . max(0, $start - $count) . '&count=' . $count . (UPLOAD_APPROVAL_MODE ? '&mode=upload_approval' : '') . $newer_than; $s50 = $count == 50 ? 'selected="selected"' : ''; $s75 = $count == 75 ? 'selected="selected"' : ''; $s100 = $count == 100 ? 'selected="selected"' : ''; $link_count = 0; // initialize if (UPLOAD_APPROVAL_MODE) { if (MODERATOR_MODE) { $result = cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'NO' AND aid IN $albStr"); } else { $result = cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE approved = 'NO'"); } list($pic_count) = mysql_fetch_row($result); mysql_free_result($result); if (MODERATOR_MODE) { $sql = "SELECT * " . " FROM {$CONFIG['TABLE_PICTURES']} " . " WHERE approved = 'NO' AND aid IN $albStr " . " ORDER BY pid " . " LIMIT $start, $count"; } else { $sql = "SELECT * " . " FROM {$CONFIG['TABLE_PICTURES']} " . " WHERE approved = 'NO' " . " ORDER BY pid " . " LIMIT $start, $count"; } $result = cpg_db_query($sql); $form_target = $CPG_PHP_SELF . '?mode=upload_approval&start=' . $start . '&count=' . $count; $title = $lang_editpics_php['upl_approval']; $help = ''; } else { $sql = "SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '$album_id'"; // If non-admin user but allowed to upload in this album, then we need to fetch only the photos uploaded by that user if (defined('USER_UPLOAD_ALLOWED')) { $owner_str = " AND owner_id = " . USER_ID; // If user is a guest, check if it's the same guest if (USER_ID == 0) { $owner_str .= " AND guest_token = '".cpg_get_guest_token()."'"; } // If users don't retain control over their pics in public galleries, show only the most recent uploads if ($CONFIG['users_can_edit_pics'] == 0) { $user_edit_pics_lifetime = $CONFIG['form_token_lifetime'] * 5; $owner_str .= " AND ctime > '".(time() - $user_edit_pics_lifetime)."'"; } } else { $owner_str = ''; } // Display only the uploaded files from the last queue after flash upload if ($superCage->get->keyExists('newer_than') && $CONFIG['editpics_ignore_newer_than'] != 1) { $owner_str .= " AND ctime > '".$superCage->get->getInt('newer_than')."'"; } $result = cpg_db_query($sql . $owner_str); list($pic_count) = mysql_fetch_row($result); mysql_free_result($result);; $sql = "SELECT p.*,a.category FROM {$CONFIG['TABLE_PICTURES']} as p " . " INNER JOIN {$CONFIG['TABLE_ALBUMS']} as a " . " ON a.aid = p.aid " . " WHERE p.aid = '$album_id' $owner_str" . " ORDER BY p.pid DESC LIMIT $start, $count"; $result = cpg_db_query($sql); $form_target = $CPG_PHP_SELF . '?album=' . $album_id . '&start=' . $start . '&count=' . $count . $newer_than; $title = $lang_editpics_php['edit_pics']; $help = ' ' . cpg_display_help('f=files.htm&as=edit_pics&ae=edit_pics_end&top=1', '800', '500'); } if (!mysql_num_rows($result)) { if ($link_count > 0) { cpg_die(INFORMATION, $lang_editpics_php['error_linked_only']); } else { if (UPLOAD_APPROVAL_MODE) { pageheader($lang_editpics_php['error_approval_empty'], ''); $text_output = '

' . $lang_editpics_php['error_approval_empty'] . '

'; $text_output .= <<< EOT

EOT; msg_box($lang_cpg_die[INFORMATION], $text_output, '', "index.php"); pagefooter(); exit; } else { cpg_die(INFORMATION, $lang_editpics_php['error_empty']); } } } if ($start + $count < $pic_count) { $next_link = "{$lang_editpics_php['see_next']}  -  "; } else { $next_link = ''; } if ($start > 0) { $prev_link = "{$lang_editpics_php['see_prev']}  -  "; } else { $prev_link = ''; } $pic_count_text = sprintf($lang_editpics_php['n_pic'], $pic_count); pageheader($title); $mode = UPLOAD_APPROVAL_MODE ? '&mode=upload_approval' : ''; $cat_l = isset($actual_cat) ? "?cat=$actual_cat" : (isset($cat) ? "?cat=$cat" : ''); if ($superCage->post->keyExists('go')) { starttable('100%', cpg_fetch_icon('info', 2) . $lang_common['information'], 1); echo <<< EOT
  • {$lang_editpics_php['success_changes']}
EOT; endtable(); } echo <<< EOT
EOT; starttable("100%", $title . $help, 3); echo << $pic_count_text  -   $prev_link $next_link {$lang_editpics_php['n_of_pic_to_disp']} EOT; if (!UPLOAD_APPROVAL_MODE) { echo <<{$icon_array['album_properties']}{$lang_editpics_php['album_properties']}  -   {$icon_array['category']}{$lang_editpics_php['parent_category']}  -   {$icon_array['thumbnail_view']}{$lang_editpics_php['thumbnail_view']} EOT; } echo << EOT; // The approve all checkbox is shown only if the user is admin or moderator. $approve_all_html = ''; if (GALLERY_ADMIN_MODE || MODERATOR_MODE) { $approve_all_html = << EOT; } echo << $approve_all_html
{$lang_editpics_php['select_unselect']}:
EOT; $submit_icon = cpg_fetch_icon('ok', 0); $submit_button = << EOT; echo $submit_button; while ($CURRENT_PIC = mysql_fetch_assoc($result)) { // wrap the actual block into another table print <<< EOT EOT; create_form($data); print <<< EOT EOT; } // while mysql_free_result($result); echo $submit_button; endtable(); list($timestamp, $form_token) = getFormToken(); echo " "; pagefooter(); ?>