manage also needs the new authenticate_success function

[friendica.git] / mod / wall_upload.php

diff --git a/mod/wall_upload.php b/mod/wall_upload.php
index 769e5dcbcaa51e37b7e87cf61bbef449e3f3bb7a..b34f2cf6b09e9339828a205fd60e2807e9cfb668 100644 (file)
--- a/mod/wall_upload.php
+++ b/mod/wall_upload.php
@@ -1,16 +1,107 @@
 <?php
 
+require_once('Photo.php');
 
 function wall_upload_post(&$a) {
 
+       if($a->argc > 1) {
+               $nick = $a->argv[1];
+               $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1",
+                       dbesc($nick)
+               );
+               if(! count($r))
+                       return;
 
- $src      = $_FILES['userfile']['tmp_name'];
+       }
+       else
+               return;
 
+       $can_post  = false;
+       $visitor   = 0;
 
-unlink($src);
+       $page_owner_uid   = $r[0]['uid'];
+       $page_owner_nick  = $r[0]['nickname'];
+       $community_page   = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
 
+       if((local_user()) && (local_user() == $page_owner_uid))
+               $can_post = true;
+       else {
+               if($community_page && remote_user()) {
+                       $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1",
+                               intval(remote_user()),
+                               intval($page_owner_uid)
+                       );
+                       if(count($r)) {
+                               $can_post = true;
+                               $visitor = remote_user();
+                       }
+               }
+       }
 
-       echo "<img src=\"".$a->get_baseurl(). "/images/default-profile.jpg\" alt=\"default\" />";
-       killme();
+       if(! $can_post) {
+               notice( t('Permission denied.') . EOL );
+               killme();
+       }
+
+       if(! x($_FILES,'userfile'))
+               killme();
+
+       $src      = $_FILES['userfile']['tmp_name'];
+       $filename = basename($_FILES['userfile']['name']);
+       $filesize = intval($_FILES['userfile']['size']);
+
+       $maximagesize = get_config('system','maximagesize');
+
+       if(($maximagesize) && ($filesize > $maximagesize)) {
+               echo  sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL;
+               @unlink($src);
+               killme();
+       }
+
+       $imagedata = @file_get_contents($src);
+       $ph = new Photo($imagedata);
+
+       if(! $ph->is_valid()) {
+               echo ( t('Unable to process image.') . EOL);
+               @unlink($src);
+               killme();
+       }
+
+       @unlink($src);
+
+       $width = $ph->getWidth();
+       $height = $ph->getHeight();
 
-}
\ No newline at end of file
+       $hash = photo_new_resource();
+       
+       $smallest = 0;
+
+       $defperm = '<' . $page_owner_uid . '>';
+
+       $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
+
+       if(! $r) {
+               echo ( t('Image upload failed.') . EOL);
+               killme();
+       }
+
+       if($width > 640 || $height > 640) {
+               $ph->scaleImage(640);
+               $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
+               if($r) 
+                       $smallest = 1;
+       }
+
+       if($width > 320 || $height > 320) {
+               $ph->scaleImage(320);
+               $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
+               if($r)
+                       $smallest = 2;
+       }
+
+       $basename = basename($filename);
+       echo  '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.jpg\" alt=\"$basename\" /></a><br /><br />";
+
+       killme();
+       // NOTREACHED
+}