Catch and handle exceptions everywhere.

Author: page

htdocs/album/album_comment.php

@@ -1,76 +1,82 @@
-<?
+<?php
 
 function create_error_offline($msg)
 {
 	header('Location: '.URL.'/error.php?msg=' . rawurlencode(htmlspecialchars($msg, ENT_QUOTES)));
 	exit;
 }
 
-
-require_once('../config.inc');
-require_once(ENGINE . 'Default/smr.inc');
-require_once(get_file_loc('SmrMySqlDatabase.class.inc'));
-require_once(get_file_loc('SmrSession.class.inc'));
-
-require_once(LIB . 'Album/album_functions.php');
-
-if (SmrSession::$account_id == 0)
-	create_error_offline('You need to logged in to post comments!');
-
-if (!isset($_GET['album_id']) || empty($_GET['album_id']))
-	create_error_offline('Which picture do you want comment?');
-else
-	$album_id = $_GET['album_id'];
-
-if (!is_numeric($album_id))
-	create_error_offline('Picture ID has to be numeric!');
-
-if ($album_id < 1)
-	create_error_offline('Picture ID has to be positive!');
-
-require_once(get_file_loc('SmrAccount.class.inc'));
-$account =& SmrAccount::getAccount(SmrSession::$account_id);
-
-if (isset($_GET['action']) && $_GET['action'] == 'Moderate')
+try
 {
-	if(!$account->hasPermission(PERMISSION_MODERATE_PHOTO_ALBUM))
-		create_error_offline('You do not have permission to do that!');
-	$container = create_container('skeleton.php', 'album_moderate.php');
-	$container['account_id'] = $album_id;
-
-	forward($container);
+	require_once('../config.inc');
+	require_once(ENGINE . 'Default/smr.inc');
+	require_once(get_file_loc('SmrMySqlDatabase.class.inc'));
+	require_once(get_file_loc('SmrSession.class.inc'));
+	
+	require_once(LIB . 'Album/album_functions.php');
+	
+	if (SmrSession::$account_id == 0)
+		create_error_offline('You need to logged in to post comments!');
+	
+	if (!isset($_GET['album_id']) || empty($_GET['album_id']))
+		create_error_offline('Which picture do you want comment?');
+	else
+		$album_id = $_GET['album_id'];
+	
+	if (!is_numeric($album_id))
+		create_error_offline('Picture ID has to be numeric!');
+	
+	if ($album_id < 1)
+		create_error_offline('Picture ID has to be positive!');
+	
+	require_once(get_file_loc('SmrAccount.class.inc'));
+	$account =& SmrAccount::getAccount(SmrSession::$account_id);
+	
+	if (isset($_GET['action']) && $_GET['action'] == 'Moderate')
+	{
+		if(!$account->hasPermission(PERMISSION_MODERATE_PHOTO_ALBUM))
+			create_error_offline('You do not have permission to do that!');
+		$container = create_container('skeleton.php', 'album_moderate.php');
+		$container['account_id'] = $album_id;
+	
+		forward($container);
+		exit;
+	
+	}
+	
+	$db = new SmrMySqlDatabase();
+	
+	if (!isset($_GET['comment']) || empty($_GET['comment']))
+		create_error_offline('Please enter a comment');
+	else
+		$comment = $_GET['comment'];
+	
+	// get current time
+	$curr_time = TIME;
+	
+	$comment = word_filter($comment);
+	$account->sendMessageToBox(BOX_ALBUM_COMMENTS,$comment);
+	
+	// check if we have comments for this album already
+	$db->lockTable('album_has_comments');
+	
+	$db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = '.$album_id);
+	if ($db->nextRecord())
+		$comment_id = $db->getField('MAX(comment_id)') + 1;
+	else
+		$comment_id = 1;
+	
+	$db->query('INSERT INTO album_has_comments
+				(album_id, comment_id, time, post_id, msg)
+				VALUES ('.$album_id.', '.$comment_id.', '.$curr_time.', '.SmrSession::$account_id.', '.$db->escapeString($comment).')');
+	$db->unlock();
+	
+	header('Location: '.URL.'/album/?' . get_album_nick($album_id));
 	exit;
-
 }
-
-$db = new SmrMySqlDatabase();
-
-if (!isset($_GET['comment']) || empty($_GET['comment']))
-	create_error_offline('Please enter a comment');
-else
-	$comment = $_GET['comment'];
-
-// get current time
-$curr_time = TIME;
-
-$comment = word_filter($comment);
-$account->sendMessageToBox(BOX_ALBUM_COMMENTS,$comment);
-
-// check if we have comments for this album already
-$db->lockTable('album_has_comments');
-
-$db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = '.$album_id);
-if ($db->nextRecord())
-	$comment_id = $db->getField('MAX(comment_id)') + 1;
-else
-	$comment_id = 1;
-
-$db->query('INSERT INTO album_has_comments
-			(album_id, comment_id, time, post_id, msg)
-			VALUES ('.$album_id.', '.$comment_id.', '.$curr_time.', '.SmrSession::$account_id.', '.$db->escapeString($comment).')');
-$db->unlock();
-
-header('Location: '.URL.'/album/?' . get_album_nick($album_id));
-exit;
+catch(Exception $e)
+{
+	handleException($e);
+}
 
 ?>

htdocs/album/index.php

@@ -1,96 +1,102 @@
-<?
-
-require_once('../config.inc');
-require_once(LIB . 'Default/SmrMySqlDatabase.class.inc');
-require_once(LIB . 'Default/Globals.class.inc');
-require_once(ENGINE . 'Default/smr.inc');
-require_once(get_file_loc('SmrSession.class.inc'));
-
-require_once(LIB . 'Album/album_functions.php');
-
-// database object
-$db = new SmrMySqlDatabase();
-$db2 = new SmrMySqlDatabase();
-?>
-<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
-<html>
-<head>
-<link rel="stylesheet" type="text/css" href="<?php echo URL;?>/css/classic.css">
-<title>Space Merchant Realms - Photo Album</title>
-<meta http-equiv="pragma" content="no-cache">
-</head>
-<body>
-
-<table width="850" border="0" align="center" cellpadding="0" cellspacing="0" >
-<tr>
-<td align="center" colspan="2"><h1>Space Merchant Realms - Photo Album</h1></td>
-</tr>
-<tr>
-<td>
-<table width="750" border="0" cellspacing="0" cellpadding="0">
-<tr>
-<td>
-
-<table cellspacing="0" cellpadding="0" border="0" width="700">
-<tr>
-<td colspan="3" height="1" bgcolor="#0B8D35"></td>
-</tr>
-<tr>
-<td width="1" bgcolor="#0B8D35"></td>
-<td align="left" valign="top" bgcolor="#06240E">
-<table width="100%" height="100%" border="0" cellspacing="5" cellpadding="5">
-<tr>
-<td valign="top">
 <?php
-if (!empty($_SERVER['QUERY_STRING']))
+try
 {
-	// query string should be a nick or some letters of a nick
-	$query = urldecode($_SERVER['QUERY_STRING']);
-
-	$db->query('SELECT account_id as album_id
-				FROM album JOIN account USING(account_id)
-				WHERE hof_name LIKE '.$db->escapeString($query.'%').' AND
-					  approved = \'YES\'
-				ORDER BY hof_name');
-
-	if ($db->getNumRows() > 1)
+	require_once('../config.inc');
+	require_once(LIB . 'Default/SmrMySqlDatabase.class.inc');
+	require_once(LIB . 'Default/Globals.class.inc');
+	require_once(ENGINE . 'Default/smr.inc');
+	require_once(get_file_loc('SmrSession.class.inc'));
+	
+	require_once(LIB . 'Album/album_functions.php');
+	
+	// database object
+	$db = new SmrMySqlDatabase();
+	$db2 = new SmrMySqlDatabase();
+	?>
+	<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN">
+	<html>
+	<head>
+	<link rel="stylesheet" type="text/css" href="<?php echo URL;?>/css/classic.css">
+	<title>Space Merchant Realms - Photo Album</title>
+	<meta http-equiv="pragma" content="no-cache">
+	</head>
+	<body>
+	
+	<table width="850" border="0" align="center" cellpadding="0" cellspacing="0" >
+	<tr>
+	<td align="center" colspan="2"><h1>Space Merchant Realms - Photo Album</h1></td>
+	</tr>
+	<tr>
+	<td>
+	<table width="750" border="0" cellspacing="0" cellpadding="0">
+	<tr>
+	<td>
+	
+	<table cellspacing="0" cellpadding="0" border="0" width="700">
+	<tr>
+	<td colspan="3" height="1" bgcolor="#0B8D35"></td>
+	</tr>
+	<tr>
+	<td width="1" bgcolor="#0B8D35"></td>
+	<td align="left" valign="top" bgcolor="#06240E">
+	<table width="100%" height="100%" border="0" cellspacing="5" cellpadding="5">
+	<tr>
+	<td valign="top">
+	<?php
+	if (!empty($_SERVER['QUERY_STRING']))
 	{
-		$db2->query('SELECT account_id as album_id
-				FROM album JOIN account USING(account_id)
-				WHERE hof_name = '.$db->escapeString($query).' AND
-					  approved = \'YES\'
-				ORDER BY hof_name');
-		
-		if ($db2->nextRecord())
-			album_entry($db2->getField('album_id'));
-		else
-		{
-			// get all id's and build array
-			$album_ids = array();
+		// query string should be a nick or some letters of a nick
+		$query = urldecode($_SERVER['QUERY_STRING']);
 
-			while ($db->nextRecord())
-				$album_ids[] = $db->getField('album_id');
+		$db->query('SELECT account_id as album_id
+					FROM album JOIN account USING(account_id)
+					WHERE hof_name LIKE '.$db->escapeString($query.'%').' AND
+						  approved = \'YES\'
+					ORDER BY hof_name');
 
-			// double check if we have id's
-			if (count($album_ids) > 0)
-				search_result($album_ids);
+		if ($db->getNumRows() > 1)
+		{
+			$db2->query('SELECT account_id as album_id
+					FROM album JOIN account USING(account_id)
+					WHERE hof_name = '.$db->escapeString($query).' AND
+						  approved = \'YES\'
+					ORDER BY hof_name');
+			
+			if ($db2->nextRecord())
+				album_entry($db2->getField('album_id'));
+			else
+			{
+				// get all id's and build array
+				$album_ids = array();
+		
+				while ($db->nextRecord())
+					$album_ids[] = $db->getField('album_id');
+		
+				// double check if we have id's
+				if (count($album_ids) > 0)
+					search_result($album_ids);
+				else
+					main_page();
+			}
+	
+		}
+		elseif ($db->getNumRows() == 1)
+		{
+			if ($db->nextRecord())
+				album_entry($db->getField('album_id'));
 			else
 				main_page();
 		}
-
-	}
-	elseif ($db->getNumRows() == 1)
-	{
-		if ($db->nextRecord())
-			album_entry($db->getField('album_id'));
 		else
 			main_page();
 	}
 	else
 		main_page();
 }
-else
-	main_page();
+catch(Exception $e)
+{
+	handleException($e);
+}
 ?>
 </td>
 </tr>