<?php$author = "Shawn Tornga";$email = "tornga@nscl.msu.edu";$title = "Galleries";include("../includes/newSettings.inc.php");include_files("db, user");include("includes/illustrationlinks.inc.php");include_files("header");$db = new clsDb("Illustrations");$user = new clsUser("",AUTH_PHP);//$user->Authenticate();$edit = $user->IsPermitted("ImageUpload");if(isset($_GET['id']) && is_numeric($_GET['id'])) {    $gallery = $_GET['id'];    #GET GALLERY NAME    $sql = "SELECT nameLong FROM Folders WHERE id='$gallery' ";    $db->query($sql);    if($db->num_rows()>0) {        $name = $db->result(0,"nameLong");    }    else die("Unknown gallery");}else {   echo "<h1>Error!</h1>    <ul>        <li>Invalid gallery ID</li>    </ul>";    include_files("footer");    exit;}?><link rel="stylesheet" href="includes/formStyles.css" type="text/css"><h1>NSCL Illustrations</h1><h2><?=$name;?></h2><?php$sql = "SELECT Images.id, T.extention, caption, filetype, F.nameShort "."FROM Images "."JOIN Types T ON T.id=Images.type "."JOIN Folders F ON F.id=Images.folder "."WHERE Images.folder='$gallery' ORDER BY caption";$db->query($sql);$total = $db->num_rows();$numPerColumn = ceil($total/3);$i = 0;echo "<form action='editImage.php' method='post' name='mainform'><input type='hidden' name='referer' value='gallery.php?id=$gallery'><input type='hidden' name='action' value=''><input type='hidden' name='id' value=''><table cellpadding='0' cellspacing='0' border='0' width='100%'><tr>    <td width='33%' valign='top'>";while($row = $db->fetch_assoc()){    echo "    <table cellpadding='0' cellspacing='0' border='0' width='80%' align='center'>    <tr>        <td align='center'><img id='preview' title='$row[caption]' alt='$row[caption]' src='image.php?image=150&id=$row[id]'></td>    <tr>        <td align='center'><div id='caption'>$row[caption]</div></td>    <tr>        <td align='center'>            <div id='sizeLinks'>                JPEG <a href='image.php?image=800&id=$row[id]'>[800]</a>                $row[filetype] <a href='archive/".$row['id'].$row['extention']."'>[Original]</a>                <br>";    if($edit) {        echo "<a href='#' onClick=\"if(confirm('Are you sure you want to delete this image?')) {document.mainform.action.value='delete'; document.mainform.id.value='$row[id]'; document.mainform.submit();}\">[Delete Image]</a>        <a href='#' onClick=\"document.mainform.action.value='edit'; document.mainform.id.value='$row[id]'; document.mainform.submit();\">[Edit Image]</a>";    }    echo "</div></td></table><br>";    $i++;    if($i == $numPerColumn) {        echo "<td width='33%' valign='top' style='border-left: solid 1px black;'>";        $i=0;    }}echo "</table></form>";include_files("footer");?>