Merge develop into 3011_hcard_vcard

[friendica.git] / mod / wall_upload.php

diff --git a/mod/wall_upload.php b/mod/wall_upload.php
index 291307b8ec3d22efcf14e2b6295c1fb686f9aa00..8bf471d3d2ee70f17877c49ab6a38e7990650d7f 100644 (file)
--- a/mod/wall_upload.php
+++ b/mod/wall_upload.php
@@ -6,26 +6,35 @@ function wall_upload_post(&$a, $desktopmode = true) {
 
        logger("wall upload: starting new upload", LOGGER_DEBUG);
 
+       $r_json = (x($_GET,'response') && $_GET['response']=='json');
+
        if($a->argc > 1) {
-               if(! x($_FILES,'media')) {
-                       $nick = $a->argv[1];
-                       $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`  WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
-                               dbesc($nick)
-                       );
-
-                       if(! count($r))
-                                return;
-               }
-                else {
+               if(! x($_FILES,'media')) {
+                       $nick = $a->argv[1];
+                       $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`  WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
+                               dbesc($nick)
+                       );
+
+                       if(! count($r)){
+                               if ($r_json) {
+                                   echo json_encode(array('error'=>t('Invalid request.')));
+                                   killme();
+                               }
+                               return;
+                       }
+               } else {
                        $user_info = api_get_user($a);
-                       $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`  WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
-                               dbesc($user_info['screen_name'])
-                       );
-                }
-       }
-       else
+                       $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`  WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1",
+                               dbesc($user_info['screen_name'])
+                       );
+               }
+       } else {
+               if ($r_json) {
+                   echo json_encode(array('error'=>t('Invalid request.')));
+                   killme();
+               }
                return;
-
+       }
 
        $can_post  = false;
        $visitor   = 0;
@@ -62,14 +71,24 @@ function wall_upload_post(&$a, $desktopmode = true) {
                }
        }
 
+
        if(! $can_post) {
+               if ($r_json) {
+                   echo json_encode(array('error'=>t('Permission denied.')));
+                   killme();
+               }
                notice( t('Permission denied.') . EOL );
                killme();
        }
 
-       if(! x($_FILES,'userfile') && ! x($_FILES,'media'))
+       if(! x($_FILES,'userfile') && ! x($_FILES,'media')){
+               if ($r_json) {
+                   echo json_encode(array('error'=>t('Invalid request.')));
+               }
                killme();
+       }
 
+       $src = "";
        if(x($_FILES,'userfile')) {
                $src      = $_FILES['userfile']['tmp_name'];
                $filename = basename($_FILES['userfile']['name']);
@@ -98,6 +117,15 @@ function wall_upload_post(&$a, $desktopmode = true) {
                        $filetype = $_FILES['media']['type'];
        }
 
+       if ($src=="") {
+               if ($r_json) {
+                   echo json_encode(array('error'=>t('Invalid request.')));
+                   killme();
+               }
+               notice(t('Invalid request.').EOL);
+               killme();
+       }
+
        // This is a special treatment for picture upload from Twidere
        if (($filename == "octet-stream") AND ($filetype != "")) {
                $filename = $filetype;
@@ -109,6 +137,7 @@ function wall_upload_post(&$a, $desktopmode = true) {
 
        // If there is a temp name, then do a manual check
        // This is more reliable than the provided value
+
        $imagedata = getimagesize($src);
        if ($imagedata)
                $filetype = $imagedata['mime'];
@@ -119,7 +148,12 @@ function wall_upload_post(&$a, $desktopmode = true) {
        $maximagesize = get_config('system','maximagesize');
 
        if(($maximagesize) && ($filesize > $maximagesize)) {
-               echo  sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL;
+               $msg = sprintf( t('Image exceeds size limit of %s'), formatBytes($maximagesize));
+               if ($r_json) {
+                       echo json_encode(array('error'=>$msg));
+               } else {
+                       echo  $msg. EOL;
+               }
                @unlink($src);
                killme();
        }
@@ -131,7 +165,12 @@ function wall_upload_post(&$a, $desktopmode = true) {
        $limit = service_class_fetch($page_owner_uid,'photo_upload_limit');
 
        if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
-               echo upgrade_message(true) . EOL ;
+               $msg = upgrade_message(true);
+               if ($r_json) {
+                       echo json_encode(array('error'=>$msg));
+               } else {
+                       echo  $msg. EOL;
+               }
                @unlink($src);
                killme();
        }
@@ -141,7 +180,12 @@ function wall_upload_post(&$a, $desktopmode = true) {
        $ph = new Photo($imagedata, $filetype);
 
        if(! $ph->is_valid()) {
-               echo ( t('Unable to process image.') . EOL);
+               $msg = t('Unable to process image.');
+               if ($r_json) {
+                       echo json_encode(array('error'=>$msg));
+               } else {
+                       echo  $msg. EOL;
+               }
                @unlink($src);
                killme();
        }
@@ -169,7 +213,12 @@ function wall_upload_post(&$a, $desktopmode = true) {
        $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
 
        if(! $r) {
-               echo ( t('Image upload failed.') . EOL);
+               $msg = t('Image upload failed.');
+               if ($r_json) {
+                       echo json_encode(array('error'=>$msg));
+               } else {
+                       echo  $msg. EOL;
+               }
                killme();
        }
 
@@ -192,9 +241,13 @@ function wall_upload_post(&$a, $desktopmode = true) {
        if (!$desktopmode) {
 
                $r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash);
-               if (!$r)
+               if (!$r){
+                       if ($r_json) {
+                           echo json_encode(array('error'=>''));
+                           killme();
+                       }
                        return false;
-
+               }
                $picture = array();
 
                $picture["id"] = $r[0]["id"];
@@ -206,9 +259,18 @@ function wall_upload_post(&$a, $desktopmode = true) {
                $picture["picture"] = $a->get_baseurl()."/photo/{$hash}-0.".$ph->getExt();
                $picture["preview"] = $a->get_baseurl()."/photo/{$hash}-{$smallest}.".$ph->getExt();
 
+               if ($r_json) {
+                   echo json_encode(array('picture'=>$picture));
+                   killme();
+               }
                return $picture;
        }
 
+       if ($r_json) {
+           echo json_encode(array('ok'=>true));
+           killme();
+       }
+
 /* mod Waitman Gobble NO WARRANTY */
 
 //if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post)