<?php

### Load WP-Config File If This File Is Called Directly
if (!function_exists('add_action')) {
	require_once('../../../wp-config.php');
}

$wpdb->bsg_album = $wpdb->prefix . "bsg_album";
$wpdb->bsg_gallery = $wpdb->prefix . "bsg_gallery";
$wpdb->bsg_photos = $wpdb->prefix . "bsg_photos";

$to = "";
$objs = "";
$sql = "";
$to = $_REQUEST['to'];
$return = "";

switch($to){
	case 'get':
		$url = str_replace(array('rss_200','rss'),'json',$_GET['url']);
		if(strpos($url, 'flickr') === false){}
		else{
			$url .= '&nojsoncallback=1';
		}
		echo file_get_contents($url);
		break;
	case 'put':
		if (!extension_loaded('json')){
			include('common/inc/JSON.php');
			$json = new JSON;
			$objs = $json->unserialize(stripslashes($_POST['images']));
		}
		else{
			$objs = json_decode(stripslashes($_POST['images']));
		}

		
		$sql = "INSERT INTO $wpdb->bsg_album (album_title, gallery_id, album_params) VALUES (".cleanSQL(addslashes($_POST['album_title']), "text").",".$_POST['gallery_id'].",".cleanSQL($_POST['album_params'], "text").")";
		$wpdb->query($sql);

		$id = mysql_insert_id();

		foreach($objs as $obj => $v){
			$sql = "INSERT INTO $wpdb->bsg_photos (photo_alt, photo_url, photo_tnurl, photo_order,album_id) VALUES (".cleanSQL(addslashes($v->alt), "text").",'".$v->url."','".$v->tnurl."','".$obj."',$id)";
			$wpdb->query($sql);
		}

		$sql = "SELECT * FROM $wpdb->bsg_gallery WHERE gallery_id = ".$_POST['gallery_id'];
		$results = $wpdb->get_row($sql);
		$return.= '"gallery":"'.$results->gallery_js.'"';

		echo '{"result":"done",'.$return.'}';
		
		break;
	case 'update':
		if (!extension_loaded('json')){
			include('common/inc/JSON.php');
			$json = new JSON;
			$objs = $json->unserialize(stripslashes($_POST['images']));
		}
		else{
			$objs = json_decode(stripslashes($_POST['images']));
		}


		$sql = "UPDATE $wpdb->bsg_album SET album_title=".cleanSQL($_POST['album_title'], "text").", gallery_id=".$_POST['gallery_id'].",album_params=".cleanSQL($_POST['album_params'], "text")." WHERE album_id = ".$_POST['id']." LIMIT 1";
		$wpdb->query($sql);

		$id = $_POST['id'];
		
		$sql = "DELETE FROM $wpdb->bsg_photos WHERE album_id = ".$_POST['id'];
		$wpdb->query($sql);

		foreach($objs as $obj => $v){
			$sql = "INSERT INTO $wpdb->bsg_photos (photo_alt, photo_url, photo_tnurl, photo_order,album_id) VALUES (".cleanSQL($v->alt, "text").",'".$v->url."','".$v->tnurl."','".$obj."',$id)";
			$wpdb->query($sql);
		}

		$sql = "SELECT * FROM $wpdb->bsg_gallery WHERE gallery_id = ".$_POST['gallery_id'];
		$results = $wpdb->get_row($sql);
		$return.= '"gallery":"'.$results->gallery_js.'"';

		echo '{"result":"done",'.$return.'}';
		
		break;
}
?>