ok in rotate.php I have edited the checking permissions area to come up with:
<?
// change to suit your needs eg: define (JPG_QUALITY, '75'); gives a more compressed
// image file, but a poorer quality, when re-writing the jpeg after rotation.
define('JPG_QUALITY', '100');
//define variables and includes (should be no need to change these)
define('ROOT_PATH', './../');
include(ROOT_PATH.'global.php');
require(ROOT_PATH.'includes/sessions.php');
$user_access = get_permission();
//is there an image_id and does the user have permission to delete the image? If not, send them back to the index page!
//if (!$image_id || ($config['user_delete_image'] != 1)) {
// header("Location: ".$site_sess->url(ROOT_PATH."index.php", "&"));
// exit;
// }
//if ok so far, read the image info from the database
$sql = "SELECT image_id, cat_id, user_id, image_name, image_media_file, image_thumb_file
FROM ".IMAGES_TABLE."
WHERE image_id = $image_id";
$image_row = $site_db->query_firstrow($sql);
//is the user a registered user and the 'owner' of the image? If not, send them back to the index page!
// if (!$image_row || $image_row['user_id'] <= USER_AWAITING || ($user_info['user_id'] != $image_row['user_id'])) {
// header("Location: ".$site_sess->url(ROOT_PATH."index.php", "&"));
// exit;
// }
//is the user an administrator? If not, send them back to the index page!
if ($user_info['user_id'] != ADMIN) {
header("Location: ".$site_sess->url(ROOT_PATH."index.php", "&"));
exit;
}
//so far so good, more variables need defining...
this isn't working however either. Basically I only want admins to be able to rotate the pictures. I can deal with the templates/links. Thanks Oracle!