5 Jappix - An open social platform
6 This is the Jappix microblog file attaching script
8 -------------------------------------------------
12 Last revision: 14/01/12
17 define('JAPPIX_BASE', '..');
19 // Get the needed files
20 require_once('./functions.php');
21 require_once('./read-main.php');
22 require_once('./read-hosts.php');
24 // Optimize the page rendering
28 // Not allowed for a special node
29 if(isStatic() || isUpload())
32 // Set a special XML header
33 header('Content-Type: text/xml; charset=utf-8');
36 if((isset($_FILES['file']) && !empty($_FILES['file'])) && (isset($_POST['user']) && !empty($_POST['user'])) && (isset($_POST['location']) && !empty($_POST['location']))) {
38 $user = $_POST['user'];
41 $tmp_filename = $_FILES['file']['tmp_name'];
42 $filename = $_FILES['file']['name'];
46 $location = HOST_UPLOAD;
48 $location = $_POST['location'];
50 // Get the file new name
51 $ext = getFileExt($filename);
52 $new_name = preg_replace('/(^)(.+)(\.)(.+)($)/i', '$2', $filename);
55 $content_dir = JAPPIX_BASE.'/store/share/'.$user;
56 $security_file = $content_dir.'/index.html';
57 $name = sha1(time().$filename);
58 $path = $content_dir.'/'.$name.'.'.$ext;
62 if(!isSafe($filename) || !isSafe($name.'.'.$ext)) {
64 '<jappix xmlns=\'jappix:file:post\'>
65 <error>forbidden-type</error>
70 // Create the user directory
71 if(!is_dir($content_dir)) {
72 mkdir($content_dir, 0777, true);
73 chmod($content_dir, 0777);
76 // Create (or re-create) the security file
77 if(!file_exists($security_file))
78 file_put_contents($security_file, securityHTML());
81 if(!is_uploaded_file($tmp_filename) || !move_uploaded_file($tmp_filename, $path)) {
83 '<jappix xmlns=\'jappix:file:post\'>
84 <error>move-error</error>
89 // Resize and compress if this is a JPEG file
90 if(preg_match('/^(jpg|jpeg|png|gif)$/i', $ext)) {
92 resizeImage($path, $ext, 1024, 1024);
95 $thumb = $content_dir.'/'.$name.'_thumb.'.$ext;
98 // Create the thumbnail
99 if(resizeImage($thumb, $ext, 140, 105))
100 $thumb_xml = '<thumb>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'_thumb.'.$ext).'</thumb>';
103 // Return the path to the file
105 '<jappix xmlns=\'jappix:file:post\'>
106 <href>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'.'.$ext).'</href>
107 <title>'.htmlspecialchars($new_name).'</title>
108 <type>'.htmlspecialchars(getFileMIME($path)).'</type>
109 <length>'.htmlspecialchars(filesize($path)).'</length>
115 // Bad request error!
117 '<jappix xmlns=\'jappix:file:post\'>
118 <error>bad-request</error>