diff --git a/controllers/EditAlbum.php b/controllers/EditAlbum.php index 5888876..e2aa20c 100644 --- a/controllers/EditAlbum.php +++ b/controllers/EditAlbum.php @@ -61,13 +61,24 @@ class EditAlbum extends HTMLController elseif (!$id_tag) $after_form = ''; + // Gather possible parents for this album to be filed into + $parentChoices = [0 => '-root-']; + foreach (PhotoAlbum::getHierarchy('tag', 'up') as $parent) + { + if (!empty($id_tag) && $parent['id_tag'] == $id_tag) + continue; + + $parentChoices[$parent['id_tag']] = $parent['tag']; + } + $form = new Form([ 'request_url' => BASEURL . '/editalbum/?' . ($id_tag ? 'id=' . $id_tag : 'add'), 'content_below' => $after_form, 'fields' => [ 'id_parent' => [ - 'type' => 'numeric', - 'label' => 'Parent album ID', + 'type' => 'select', + 'label' => 'Parent album', + 'options' => $parentChoices, ], 'id_asset_thumb' => [ 'type' => 'numeric', @@ -127,6 +138,12 @@ class EditAlbum extends HTMLController $data = $form->getData(); + // Sanity check: don't let an album be its own parent + if ($data['id_parent'] == $id_tag) + { + return $formview->adopt(new Alert('Invalid parent', 'An album cannot be its own parent.', 'danger')); + } + // Quick stripping. $data['tag'] = htmlentities($data['tag']); $data['description'] = htmlentities($data['description']);