X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fwall_upload.php;h=8bf471d3d2ee70f17877c49ab6a38e7990650d7f;hb=39b37281a78b58b50503056e69b2aaa9885257b0;hp=f1fde2e33c3b364b44f14852d4a314b7c3f65f12;hpb=0e9c8f6f1a0af4b613e468aa2a74ae9a268038d2;p=friendica.git diff --git a/mod/wall_upload.php b/mod/wall_upload.php index f1fde2e33c..8bf471d3d2 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -2,30 +2,39 @@ require_once('include/Photo.php'); -function wall_upload_post(&$a) { +function wall_upload_post(&$a, $desktopmode = true) { logger("wall upload: starting new upload", LOGGER_DEBUG); + $r_json = (x($_GET,'response') && $_GET['response']=='json'); + if($a->argc > 1) { - if(! x($_FILES,'media')) { - $nick = $a->argv[1]; - $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", - dbesc($nick) - ); - - if(! count($r)) - return; - } - else { + if(! x($_FILES,'media')) { + $nick = $a->argv[1]; + $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", + dbesc($nick) + ); + + if(! count($r)){ + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } + return; + } + } else { $user_info = api_get_user($a); - $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", - dbesc($user_info['screen_name']) - ); - } - } - else + $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", + dbesc($user_info['screen_name']) + ); + } + } else { + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } return; - + } $can_post = false; $visitor = 0; @@ -62,14 +71,24 @@ function wall_upload_post(&$a) { } } + if(! $can_post) { + if ($r_json) { + echo json_encode(array('error'=>t('Permission denied.'))); + killme(); + } notice( t('Permission denied.') . EOL ); killme(); } - if(! x($_FILES,'userfile') && ! x($_FILES,'media')) + if(! x($_FILES,'userfile') && ! x($_FILES,'media')){ + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + } killme(); + } + $src = ""; if(x($_FILES,'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); @@ -98,6 +117,15 @@ function wall_upload_post(&$a) { $filetype = $_FILES['media']['type']; } + if ($src=="") { + if ($r_json) { + echo json_encode(array('error'=>t('Invalid request.'))); + killme(); + } + notice(t('Invalid request.').EOL); + killme(); + } + // This is a special treatment for picture upload from Twidere if (($filename == "octet-stream") AND ($filetype != "")) { $filename = $filetype; @@ -109,6 +137,7 @@ function wall_upload_post(&$a) { // If there is a temp name, then do a manual check // This is more reliable than the provided value + $imagedata = getimagesize($src); if ($imagedata) $filetype = $imagedata['mime']; @@ -119,7 +148,12 @@ function wall_upload_post(&$a) { $maximagesize = get_config('system','maximagesize'); if(($maximagesize) && ($filesize > $maximagesize)) { - echo sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL; + $msg = sprintf( t('Image exceeds size limit of %s'), formatBytes($maximagesize)); + if ($r_json) { + echo json_encode(array('error'=>$msg)); + } else { + echo $msg. EOL; + } @unlink($src); killme(); } @@ -131,7 +165,12 @@ function wall_upload_post(&$a) { $limit = service_class_fetch($page_owner_uid,'photo_upload_limit'); if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) { - echo upgrade_message(true) . EOL ; + $msg = upgrade_message(true); + if ($r_json) { + echo json_encode(array('error'=>$msg)); + } else { + echo $msg. EOL; + } @unlink($src); killme(); } @@ -141,7 +180,12 @@ function wall_upload_post(&$a) { $ph = new Photo($imagedata, $filetype); if(! $ph->is_valid()) { - echo ( t('Unable to process image.') . EOL); + $msg = t('Unable to process image.'); + if ($r_json) { + echo json_encode(array('error'=>$msg)); + } else { + echo $msg. EOL; + } @unlink($src); killme(); } @@ -169,7 +213,12 @@ function wall_upload_post(&$a) { $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm); if(! $r) { - echo ( t('Image upload failed.') . EOL); + $msg = t('Image upload failed.'); + if ($r_json) { + echo json_encode(array('error'=>$msg)); + } else { + echo $msg. EOL; + } killme(); } @@ -189,6 +238,38 @@ function wall_upload_post(&$a) { $basename = basename($filename); + if (!$desktopmode) { + + $r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash); + if (!$r){ + if ($r_json) { + echo json_encode(array('error'=>'')); + killme(); + } + return false; + } + $picture = array(); + + $picture["id"] = $r[0]["id"]; + $picture["size"] = $r[0]["datasize"]; + $picture["width"] = $r[0]["width"]; + $picture["height"] = $r[0]["height"]; + $picture["type"] = $r[0]["type"]; + $picture["albumpage"] = $a->get_baseurl().'/photos/'.$page_owner_nick.'/image/'.$hash; + $picture["picture"] = $a->get_baseurl()."/photo/{$hash}-0.".$ph->getExt(); + $picture["preview"] = $a->get_baseurl()."/photo/{$hash}-{$smallest}.".$ph->getExt(); + + if ($r_json) { + echo json_encode(array('picture'=>$picture)); + killme(); + } + return $picture; + } + + if ($r_json) { + echo json_encode(array('ok'=>true)); + killme(); + } /* mod Waitman Gobble NO WARRANTY */