jappixmini: include jappix source

[friendica-addons.git] / jappixmini / jappix / php / file-share.php

diff --git a/jappixmini/jappix/php/file-share.php b/jappixmini/jappix/php/file-share.php
new file mode 100644 (file)
index 0000000..39d4eb8
--- /dev/null
+++ b/jappixmini/jappix/php/file-share.php
@@ -0,0 +1,122 @@
+<?php
+
+/*
+
+Jappix - An open social platform
+This is the Jappix microblog file attaching script
+
+-------------------------------------------------
+
+License: AGPL
+Author: Vanaryon
+Last revision: 14/01/12
+
+*/
+
+// PHP base
+define('JAPPIX_BASE', '..');
+
+// Get the needed files
+require_once('./functions.php');
+require_once('./read-main.php');
+require_once('./read-hosts.php');
+
+// Optimize the page rendering
+hideErrors();
+compressThis();
+
+// Not allowed for a special node
+if(isStatic() || isUpload())
+       exit;
+
+// Set a special XML header
+header('Content-Type: text/xml; charset=utf-8');
+
+// Everything is okay
+if((isset($_FILES['file']) && !empty($_FILES['file'])) && (isset($_POST['user']) && !empty($_POST['user'])) && (isset($_POST['location']) && !empty($_POST['location']))) {
+       // Get the user name
+       $user = $_POST['user'];
+       
+       // Get the file name
+       $tmp_filename = $_FILES['file']['tmp_name'];
+       $filename = $_FILES['file']['name'];
+       
+       // Get the location
+       if(HOST_UPLOAD)
+               $location = HOST_UPLOAD;
+       else
+               $location = $_POST['location'];
+       
+       // Get the file new name
+       $ext = getFileExt($filename);
+       $new_name = preg_replace('/(^)(.+)(\.)(.+)($)/i', '$2', $filename);
+       
+       // Define some vars
+       $content_dir = JAPPIX_BASE.'/store/share/'.$user;
+       $security_file = $content_dir.'/index.html';
+       $name = sha1(time().$filename);
+       $path = $content_dir.'/'.$name.'.'.$ext;
+       $thumb_xml = '';
+       
+       // Forbidden file?
+       if(!isSafe($filename) || !isSafe($name.'.'.$ext)) {
+               exit(
+'<jappix xmlns=\'jappix:file:post\'>
+       <error>forbidden-type</error>
+</jappix>'
+               );
+       }
+       
+       // Create the user directory
+       if(!is_dir($content_dir)) {
+               mkdir($content_dir, 0777, true);
+               chmod($content_dir, 0777);
+       }
+       
+       // Create (or re-create) the security file
+       if(!file_exists($security_file))        
+               file_put_contents($security_file, securityHTML());
+       
+       // File upload error?
+       if(!is_uploaded_file($tmp_filename) || !move_uploaded_file($tmp_filename, $path)) {
+               exit(
+'<jappix xmlns=\'jappix:file:post\'>
+       <error>move-error</error>
+</jappix>'
+               );
+       }
+       
+       // Resize and compress if this is a JPEG file
+       if(preg_match('/^(jpg|jpeg|png|gif)$/i', $ext)) {
+               // Resize the image
+               resizeImage($path, $ext, 1024, 1024);
+               
+               // Copy the image
+               $thumb = $content_dir.'/'.$name.'_thumb.'.$ext;
+               copy($path, $thumb);
+               
+               // Create the thumbnail
+               if(resizeImage($thumb, $ext, 140, 105))
+                       $thumb_xml = '<thumb>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'_thumb.'.$ext).'</thumb>';
+       }
+       
+       // Return the path to the file
+       exit(
+'<jappix xmlns=\'jappix:file:post\'>
+       <href>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'.'.$ext).'</href>
+       <title>'.htmlspecialchars($new_name).'</title>
+       <type>'.htmlspecialchars(getFileMIME($path)).'</type>
+       <length>'.htmlspecialchars(filesize($path)).'</length>
+       '.$thumb_xml.'
+</jappix>'
+       );
+}
+
+// Bad request error!
+exit(
+'<jappix xmlns=\'jappix:file:post\'>
+       <error>bad-request</error>
+</jappix>'
+);
+
+?>