2 files changed, 30 insertions, 1 deletions

diff --git a/include/common.inc.php b/include/common.inc.php
index 06eed3757..285d1bdb3 100644
--- a/include/common.inc.php
+++ b/include/common.inc.php
@@ -172,7 +172,7 @@ include(PHPWG_ROOT_PATH.'include/user.inc.php');
 
 // language files
 load_language('common.lang');
-if (defined('IN_ADMIN') and IN_ADMIN)
+if ( is_admin() || (defined('IN_ADMIN') and IN_ADMIN) )
 {
   load_language('admin.lang');
 }
diff --git a/include/ws_functions.inc.php b/include/ws_functions.inc.php
index dc10719b6..72540f2da 100644
--- a/include/ws_functions.inc.php
+++ b/include/ws_functions.inc.php
@@ -824,6 +824,35 @@ SELECT * FROM '.IMAGES_TABLE.'
     );
 }
 
+function ws_images_setPrivacyLevel($params, &$service)
+{
+  if (!is_admin() || is_adviser() )
+  {
+    return new PwgError(401, 'Access denied');
+  }
+  if ( empty($params['image_id']) )
+  {
+    return new PwgError(WS_ERR_INVALID_PARAM, "Invalid image_id");
+  }
+  global $conf;
+  if ( !in_array( (int)$params['level'], $conf['available_permission_levels']) )
+  {
+    return new PwgError(WS_ERR_INVALID_PARAM, "Invalid level");
+  }
+  $query = '
+UPDATE '.IMAGES_TABLE.'
+  SET level='.(int)$params['level'].'
+  WHERE id IN ('.implode(',',$params['image_id']).')';
+  $result = pwg_query($query);
+  $affected_rows = mysql_affected_rows();
+  if ($affected_rows)
+  {
+    include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
+    invalidate_user_cache();
+  }
+  return $affected_rows;
+}
+
 /**
  * perform a login (web service method)
  */