]> git.mxchange.org Git - friendica.git/blob - mod/wall_attach.php
Remove unused global cache constants
[friendica.git] / mod / wall_attach.php
1 <?php
2 /**
3  * @file mod/wall_attach.php
4  */
5
6 use Friendica\App;
7 use Friendica\Core\Config;
8 use Friendica\Core\L10n;
9 use Friendica\Database\DBM;
10 use Friendica\Util\DateTimeFormat;
11 use Friendica\Util\Mimetype;
12
13 function wall_attach_post(App $a) {
14
15         $r_json = (x($_GET,'response') && $_GET['response']=='json');
16
17         if($a->argc > 1) {
18                 $nick = $a->argv[1];
19                 $r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid`  WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
20                         dbesc($nick)
21                 );
22                 if (! DBM::is_result($r)) {
23                         if ($r_json) {
24                                 echo json_encode(['error'=>L10n::t('Invalid request.')]);
25                                 killme();
26                         }
27                         return;
28         }
29
30         } else {
31                 if ($r_json) {
32                         echo json_encode(['error'=>L10n::t('Invalid request.')]);
33                         killme();
34                 }
35                 return;
36         }
37
38         $can_post  = false;
39         $visitor   = 0;
40
41         $page_owner_uid   = $r[0]['uid'];
42         $page_owner_cid   = $r[0]['id'];
43         $page_owner_nick  = $r[0]['nickname'];
44         $community_page   = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
45
46         if((local_user()) && (local_user() == $page_owner_uid))
47                 $can_post = true;
48         else {
49                 if($community_page && remote_user()) {
50                         $contact_id = 0;
51                         if(is_array($_SESSION['remote'])) {
52                                 foreach($_SESSION['remote'] as $v) {
53                                         if($v['uid'] == $page_owner_uid) {
54                                                 $contact_id = $v['cid'];
55                                                 break;
56                                         }
57                                 }
58                         }
59                         if($contact_id) {
60
61                                 $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
62                                         intval($contact_id),
63                                         intval($page_owner_uid)
64                                 );
65                                 if (DBM::is_result($r)) {
66                                         $can_post = true;
67                                         $visitor = $contact_id;
68                                 }
69                         }
70                 }
71         }
72         if(! $can_post) {
73                 if ($r_json) {
74                         echo json_encode(['error'=>L10n::t('Permission denied.')]);
75                         killme();
76                 }
77                 notice(L10n::t('Permission denied.') . EOL );
78                 killme();
79         }
80
81         if(! x($_FILES,'userfile')) {
82                 if ($r_json) {
83                         echo json_encode(['error'=>L10n::t('Invalid request.')]);
84                 }
85                 killme();
86         }
87
88         $src      = $_FILES['userfile']['tmp_name'];
89         $filename = basename($_FILES['userfile']['name']);
90         $filesize = intval($_FILES['userfile']['size']);
91
92         $maxfilesize = Config::get('system','maxfilesize');
93
94         /* Found html code written in text field of form,
95          * when trying to upload a file with filesize
96          * greater than upload_max_filesize. Cause is unknown.
97          * Then Filesize gets <= 0.
98          */
99
100         if($filesize <=0) {
101                 $msg = L10n::t('Sorry, maybe your upload is bigger than the PHP configuration allows') . EOL .(L10n::t('Or - did you try to upload an empty file?'));
102                 if ($r_json) {
103                         echo json_encode(['error'=>$msg]);
104                 } else {
105                         notice( $msg. EOL );
106                 }
107                 @unlink($src);
108                 killme();
109         }
110
111         if(($maxfilesize) && ($filesize > $maxfilesize)) {
112                 $msg = L10n::t('File exceeds size limit of %s', formatBytes($maxfilesize));
113                 if ($r_json) {
114                         echo json_encode(['error'=>$msg]);
115                 } else {
116                         echo  $msg. EOL ;
117                 }
118                 @unlink($src);
119                 killme();
120         }
121
122         $filedata = @file_get_contents($src);
123         $mimetype = Mimetype::getContentType($filename);
124         $hash = get_guid(64);
125         $created = DateTimeFormat::utcNow();
126
127         $fields = ['uid' => $page_owner_uid, 'hash' => $hash, 'filename' => $filename, 'filetype' => $mimetype,
128                 'filesize' => $filesize, 'data' => $filedata, 'created' => $created, 'edited' => $created,
129                 'allow_cid' => '<' . $page_owner_cid . '>', 'allow_gid' => '','deny_cid' => '', 'deny_gid' => ''];
130
131         $r = dba::insert('attach', $fields);
132
133         @unlink($src);
134
135         if(! $r) {
136                 $msg =  L10n::t('File upload failed.');
137                 if ($r_json) {
138                         echo json_encode(['error'=>$msg]);
139                 } else {
140                         echo  $msg. EOL ;
141                 }
142                 killme();
143         }
144
145         $r = q("SELECT `id` FROM `attach` WHERE `uid` = %d AND `created` = '%s' AND `hash` = '%s' LIMIT 1",
146                 intval($page_owner_uid),
147                 dbesc($created),
148                 dbesc($hash)
149         );
150
151         if (! DBM::is_result($r)) {
152                 $msg = L10n::t('File upload failed.');
153                 if ($r_json) {
154                         echo json_encode(['error'=>$msg]);
155                 } else {
156                         echo  $msg. EOL ;
157                 }
158                 killme();
159         }
160
161         if ($r_json) {
162                 echo json_encode(['ok'=>true]);
163                 killme();
164         }
165
166         $lf = "\n";
167
168         echo  $lf . $lf . '[attachment]' . $r[0]['id'] . '[/attachment]' . $lf;
169
170         killme();
171         // NOTREACHED
172 }