function wall_attach_post(&$a) { if (argc() > 1) { $channel = get_channel_by_nick(argv(1)); } elseif ($_FILES['media']) { require_once 'include/api.php'; $user_info = api_get_user($a); $nick = $user_info['screen_name']; $channel = get_channel_by_nick($user_info['screen_name']); } if (!$channel) { killme(); } $observer = $a->get_observer(); // if($_FILES['userfile']['tmp_name']) { // $x = @getimagesize($_FILES['userfile']['tmp_name']); // logger('getimagesize: ' . print_r($x,true), LOGGER_DATA); // if(($x) && ($x[2] === IMAGETYPE_GIF || $x[2] === IMAGETYPE_JPEG || $x[2] === IMAGETYPE_PNG)) { // $args = array( 'source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash'])); // $ret = photo_upload($channel,$observer,$args); // if($ret['success']) { // echo "\n\n" . $ret['body'] . "\n\n"; // killme(); // } // if($using_api) // return; // notice($ret['message']); // killme(); // } // } $def_album = get_pconfig($channel['channel_id'], 'system', 'photo_path'); $def_attach = get_pconfig($channel['channel_id'], 'system', 'attach_path'); $r = attach_store($channel, $observer ? $observer['xchan_hash'] : '', '', array('source' => 'editor', 'visible' => 0, 'album' => $def_album, 'directory' => $def_attach, 'allow_cid' => '<' . $channel['channel_hash'] . '>')); if (!$r['success']) { notice($r['message'] . EOL); killme(); } if (intval($r['data']['is_photo'])) { echo "\n\n" . $r['body'] . "\n\n"; if ($using_api) { return; } killme(); } echo "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; killme(); }
function wall_attach_post(&$a) { if (argc() > 1) { $channel = get_channel_by_nick(argv(1)); } elseif ($_FILES['media']) { require_once 'include/api.php'; $user_info = api_get_user($a); $nick = $user_info['screen_name']; $channel = get_channel_by_nick($user_info['screen_name']); } if (!$channel) { killme(); } $observer = $a->get_observer(); if ($_FILES['userfile']['tmp_name']) { $x = @getimagesize($_FILES['userfile']['tmp_name']); logger('getimagesize: ' . print_r($x, true), LOGGER_DATA); if ($x && ($x[2] === IMAGETYPE_GIF || $x[2] === IMAGETYPE_JPEG || $x[2] === IMAGETYPE_PNG)) { $args = array('source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash'])); $ret = photo_upload($channel, $observer, $args); if ($ret['success']) { echo "\n\n" . $ret['body'] . "\n\n"; killme(); } if ($using_api) { return; } notice($ret['message']); killme(); } } $r = attach_store($channel, $observer ? $observer['xchan_hash'] : ''); if (!$r['success']) { notice($r['message'] . EOL); killme(); } echo "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n"; killme(); }
function wall_upload_post(&$a) { $using_api = x($_FILES, 'media') ? true : false; if ($using_api) { require_once 'include/api.php'; $user_info = api_get_user($a); $nick = $user_info['screen_name']; } else { if (argc() > 1) { $nick = argv(1); } } $channel = $nick ? get_channel_by_nick($nick) : false; if (!$channel) { if ($using_api) { return; } notice(t('Channel not found.') . EOL); killme(); } $observer = $a->get_observer(); $args = array('source' => 'editor', 'album' => t('Wall Photos'), 'not_visible' => 1, 'contact_allow' => array($channel['channel_hash'])); $ret = photo_upload($channel, $observer, $args); if (!$ret['success']) { if ($using_api) { return; } notice($ret['message']); killme(); } $m = $ret['body']; if ($using_api) { return "\n\n" . $ret['body'] . "\n\n"; } else { echo "\n\n" . $ret['body'] . "\n\n"; } killme(); }
function api_direct_messages_box(&$a, $type, $box) { if (api_user() === false) { return false; } $user_info = api_get_user($a); // params $count = x($_GET, 'count') ? $_GET['count'] : 20; $page = x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0; if ($page < 0) { $page = 0; } $start = $page * $count; $channel = $a->get_channel(); $profile_url = $a->get_baseurl() . '/channel/' . $channel['channel_address']; if ($box == "sentbox") { $sql_extra = "`from_xchan`='" . dbesc($channel['channel_hash']) . "'"; } elseif ($box == "conversation") { $sql_extra = "`parent_mid`='" . dbesc($_GET["uri"]) . "'"; } elseif ($box == "all") { $sql_extra = "true"; } elseif ($box == "inbox") { $sql_extra = "`from_xchan`!='" . dbesc($channel['channel_hash']) . "'"; } $r = q("SELECT * FROM `mail` WHERE channel_id = %d AND {$sql_extra} ORDER BY created DESC LIMIT %d OFFSET %d", intval(api_user()), intval($count), intval($start)); $ret = array(); if ($r) { foreach ($r as $item) { if ($item['from_xchan'] == $channel['channel_hash']) { $sender = $user_info; $recipient = api_get_user($a, null, $item['to_xchan']); } else { $sender = api_get_user($a, null, $item['from_xchan']); $recipient = $user_info; } $ret[] = api_format_message($item, $recipient, $sender); } } $data = array('$messages' => $ret); switch ($type) { case "atom": case "rss": $data = api_rss_extra($a, $data, $user_info); } return api_apply_template("direct_messages", $type, $data); }
function wall_upload_post(&$a, $desktopmode = true) { logger("wall upload: starting new upload", LOGGER_DEBUG); $r_json = x($_GET, 'response') && $_GET['response'] == 'json'; if ($a->argc > 1) { if (!x($_FILES, 'media')) { $nick = $a->argv[1]; $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick)); if (!count($r)) { if ($r_json) { echo json_encode(['error' => t('Invalid request.')]); killme(); } return; } } else { $user_info = api_get_user($a); $r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name'])); } } else { if ($r_json) { echo json_encode(['error' => t('Invalid request.')]); killme(); } return; } $can_post = false; $visitor = 0; $page_owner_uid = $r[0]['uid']; $default_cid = $r[0]['id']; $page_owner_nick = $r[0]['nickname']; $community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false; if (local_user() && local_user() == $page_owner_uid) { $can_post = true; } else { if ($community_page && remote_user()) { $cid = 0; if (is_array($_SESSION['remote'])) { foreach ($_SESSION['remote'] as $v) { if ($v['uid'] == $page_owner_uid) { $cid = $v['cid']; break; } } } if ($cid) { $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid)); if (count($r)) { $can_post = true; $visitor = $cid; } } } } if (!$can_post) { if ($r_json) { echo json_encode(['error' => t('Permission denied.')]); killme(); } notice(t('Permission denied.') . EOL); killme(); } if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) { if ($r_json) { echo json_encode(['error' => t('Invalid request.')]); killme(); } killme(); } $src = ""; if (x($_FILES, 'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $filetype = $_FILES['userfile']['type']; } elseif (x($_FILES, 'media')) { if (is_array($_FILES['media']['tmp_name'])) { $src = $_FILES['media']['tmp_name'][0]; } else { $src = $_FILES['media']['tmp_name']; } if (is_array($_FILES['media']['name'])) { $filename = basename($_FILES['media']['name'][0]); } else { $filename = basename($_FILES['media']['name']); } if (is_array($_FILES['media']['size'])) { $filesize = intval($_FILES['media']['size'][0]); } else { $filesize = intval($_FILES['media']['size']); } if (is_array($_FILES['media']['type'])) { $filetype = $_FILES['media']['type'][0]; } else { $filetype = $_FILES['media']['type']; } } if ($src == "") { if ($r_json) { echo json_encode(['error' => t('Invalid request.')]); killme(); } notice(t('Invalid request.') . EOL); killme(); } // This is a special treatment for picture upload from Twidere if ($filename == "octet-stream" and $filetype != "") { $filename = $filetype; $filetype = ""; } if ($filetype == "") { $filetype = guess_image_type($filename); } // If there is a temp name, then do a manual check // This is more reliable than the provided value $imagedata = getimagesize($src); if ($imagedata) { $filetype = $imagedata['mime']; } logger("File upload src: " . $src . " - filename: " . $filename . " - size: " . $filesize . " - type: " . $filetype, LOGGER_DEBUG); $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { $msg = sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)); if ($r_json) { echo json_encode(['error' => $msg]); } else { echo $msg . EOL; } @unlink($src); killme(); } $r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($page_owner_uid)); $limit = service_class_fetch($page_owner_uid, 'photo_upload_limit'); if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) { $msg = upgrade_message(true); if ($r_json) { echo json_encode(['error' => $msg]); } else { echo $msg . EOL; } @unlink($src); killme(); } $imagedata = @file_get_contents($src); $ph = new Photo($imagedata, $filetype); if (!$ph->is_valid()) { $msg = t('Unable to process image.'); if ($r_json) { echo json_encode(['error' => $msg]); } else { echo $msg . EOL; } @unlink($src); killme(); } $ph->orient($src); @unlink($src); $max_length = get_config('system', 'max_image_length'); if (!$max_length) { $max_length = MAX_IMAGE_LENGTH; } if ($max_length > 0) { $ph->scaleImage($max_length); logger("File upload: Scaling picture to new size " . $max_length, LOGGER_DEBUG); } $width = $ph->getWidth(); $height = $ph->getHeight(); $hash = photo_new_resource(); $smallest = 0; $defperm = '<' . $default_cid . '>'; $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm); if (!$r) { $msg = t('Image upload failed.'); if ($r_json) { echo json_encode(['error' => $msg]); } else { echo $msg . EOL; } killme(); } if ($width > 640 || $height > 640) { $ph->scaleImage(640); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm); if ($r) { $smallest = 1; } } if ($width > 320 || $height > 320) { $ph->scaleImage(320); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm); if ($r and $smallest == 0) { $smallest = 2; } } $basename = basename($filename); if (!$desktopmode) { $r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash); if (!$r) { if ($r_json) { echo json_encode(['error' => '']); killme(); } return false; } $picture = array(); $picture["id"] = $r[0]["id"]; $picture["size"] = $r[0]["datasize"]; $picture["width"] = $r[0]["width"]; $picture["height"] = $r[0]["height"]; $picture["type"] = $r[0]["type"]; $picture["albumpage"] = $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash; $picture["picture"] = $a->get_baseurl() . "/photo/{$hash}-0." . $ph->getExt(); $picture["preview"] = $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt(); if ($r_json) { echo json_encode(['picture' => $picture]); killme(); } return $picture; } if ($r_json) { echo json_encode(['ok' => true]); killme(); } /* mod Waitman Gobble NO WARRANTY */ //if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post) if ($_REQUEST['hush'] != 'yeah') { if (local_user() && (!feature_enabled(local_user(), 'richtext') || x($_REQUEST['nomce']))) { echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]\n\n"; } else { echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "\" alt=\"{$basename}\" /></a><br /><br />"; } } else { $m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]"; return $m; } /* mod Waitman Gobble NO WARRANTY */ killme(); // NOTREACHED }
function api_direct_messages_box(&$a, $type, $box) { if (api_user() === false) { return false; } // params $count = x($_GET, 'count') ? $_GET['count'] : 20; $page = x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0; if ($page < 0) { $page = 0; } $since_id = x($_REQUEST, 'since_id') ? $_REQUEST['since_id'] : 0; $max_id = x($_REQUEST, 'max_id') ? $_REQUEST['max_id'] : 0; $user_id = x($_REQUEST, 'user_id') ? $_REQUEST['user_id'] : ""; $screen_name = x($_REQUEST, 'screen_name') ? $_REQUEST['screen_name'] : ""; // caller user info unset($_REQUEST["user_id"]); unset($_GET["user_id"]); unset($_REQUEST["screen_name"]); unset($_GET["screen_name"]); $user_info = api_get_user($a); //$profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; $profile_url = $user_info["url"]; // pagination $start = $page * $count; // filters if ($box == "sentbox") { $sql_extra = "`mail`.`from-url`='" . dbesc($profile_url) . "'"; } elseif ($box == "conversation") { $sql_extra = "`mail`.`parent-uri`='" . dbesc($_GET["uri"]) . "'"; } elseif ($box == "all") { $sql_extra = "true"; } elseif ($box == "inbox") { $sql_extra = "`mail`.`from-url`!='" . dbesc($profile_url) . "'"; } if ($max_id > 0) { $sql_extra .= ' AND `mail`.`id` <= ' . intval($max_id); } if ($user_id != "") { $sql_extra .= ' AND `mail`.`contact-id` = ' . intval($user_id); } elseif ($screen_name != "") { $sql_extra .= " AND `contact`.`nick` = '" . dbesc($screen_name) . "'"; } $r = q("SELECT `mail`.*, `contact`.`nurl` AS `contact-url` FROM `mail`,`contact` WHERE `mail`.`contact-id` = `contact`.`id` AND `mail`.`uid`=%d AND {$sql_extra} AND `mail`.`id` > %d ORDER BY `mail`.`id` DESC LIMIT %d,%d", intval(api_user()), intval($since_id), intval($start), intval($count)); $ret = array(); foreach ($r as $item) { if ($box == "inbox" || $item['from-url'] != $profile_url) { $recipient = $user_info; $sender = api_get_user($a, normalise_link($item['contact-url'])); } elseif ($box == "sentbox" || $item['from-url'] == $profile_url) { $recipient = api_get_user($a, normalise_link($item['contact-url'])); $sender = $user_info; } $ret[] = api_format_messages($item, $recipient, $sender); } $data = array('$messages' => $ret); switch ($type) { case "atom": case "rss": $data = api_rss_extra($a, $data, $user_info); } return api_apply_template("direct_messages", $type, $data); }
function api_direct_messages_box(&$a, $type, $box) { if (local_user() === false) { return false; } $user_info = api_get_user($a); // params $count = x($_GET, 'count') ? $_GET['count'] : 20; $page = x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0; if ($page < 0) { $page = 0; } $start = $page * $count; if ($box == "sentbox") { $sql_extra = "`from-url`='%s'"; } else { $sql_extra = "`from-url`!='%s'"; } $r = q("SELECT * FROM `mail` WHERE uid=%d AND {$sql_extra} ORDER BY created DESC LIMIT %d,%d", intval(local_user()), dbesc($a->get_baseurl() . '/profile/' . $a->user['nickname']), intval($start), intval($count)); $ret = array(); foreach ($r as $item) { switch ($box) { case "inbox": $recipient = $user_info; $sender = api_get_user($a, $item['contact-id']); break; case "sentbox": $recipient = api_get_user($a, $item['contact-id']); $sender = $user_info; break; } $ret[] = array('id' => $item['id'], 'created_at' => api_date($item['created']), 'sender_id' => $sender['id'], 'sender_screen_name' => $sender['screen_name'], 'sender' => $sender, 'recipient_id' => $recipient['id'], 'recipient_screen_name' => $recipient['screen_name'], 'recipient' => $recipient, 'text' => $item['title'] . "\n" . strip_tags(bbcode($item['body']))); } $data = array('$messages' => $ret); switch ($type) { case "atom": case "rss": $data = api_rss_extra($a, $data, $user_info); } return api_apply_template("direct_messages", $type, $data); }
function wall_upload_post(&$a) { if ($a->argc > 1) { if (!x($_FILES, 'media')) { $nick = $a->argv[1]; $r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick)); if (!count($r)) { return; } } else { $user_info = api_get_user($a); $r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name'])); } } else { return; } $can_post = false; $visitor = 0; $page_owner_uid = $r[0]['uid']; $default_cid = $r[0]['id']; $page_owner_nick = $r[0]['nickname']; $community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false; if (local_user() && local_user() == $page_owner_uid) { $can_post = true; } else { if ($community_page && remote_user()) { $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval(remote_user()), intval($page_owner_uid)); if (count($r)) { $can_post = true; $visitor = remote_user(); $default_cid = $visitor; } } } if (!$can_post) { notice(t('Permission denied.') . EOL); killme(); } if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) { killme(); } if (x($_FILES, 'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); } elseif (x($_FILES, 'media')) { $src = $_FILES['media']['tmp_name']; $filename = basename($_FILES['media']['name']); $filesize = intval($_FILES['media']['size']); } $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { echo sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL; @unlink($src); killme(); } $imagedata = @file_get_contents($src); $ph = new Photo($imagedata); if (!$ph->is_valid()) { echo t('Unable to process image.') . EOL; @unlink($src); killme(); } @unlink($src); $width = $ph->getWidth(); $height = $ph->getHeight(); $hash = photo_new_resource(); $smallest = 0; $defperm = '<' . $default_cid . '>'; $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm); if (!$r) { echo t('Image upload failed.') . EOL; killme(); } if ($width > 640 || $height > 640) { $ph->scaleImage(640); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm); if ($r) { $smallest = 1; } } if ($width > 320 || $height > 320) { $ph->scaleImage(320); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm); if ($r) { $smallest = 2; } } $basename = basename($filename); /* mod Waitman Gobble NO WARRANTY */ //if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post) if ($_REQUEST['hush'] != 'yeah') { /*existing code*/ if (local_user() && intval(get_pconfig(local_user(), 'system', 'plaintext'))) { echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.jpg[/img][/url]\n\n"; } else { echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.jpg\" alt=\"{$basename}\" /></a><br /><br />"; } /*existing code*/ } else { $m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}.jpg[/img][/url]"; return $m; } /* mod Waitman Gobble NO WARRANTY */ killme(); // NOTREACHED }
function api_direct_messages_box(&$a, $type, $box) { if (api_user() === false) { return false; } $user_info = api_get_user($a); // params $count = x($_GET, 'count') ? $_GET['count'] : 20; $page = x($_REQUEST, 'page') ? $_REQUEST['page'] - 1 : 0; if ($page < 0) { $page = 0; } $start = $page * $count; $profile_url = $a->get_baseurl() . '/profile/' . $a->user['nickname']; if ($box == "sentbox") { $sql_extra = "`from-url`='" . dbesc($profile_url) . "'"; } elseif ($box == "conversation") { $sql_extra = "`parent-uri`='" . dbesc($_GET["uri"]) . "'"; } elseif ($box == "all") { $sql_extra = "true"; } elseif ($box == "inbox") { $sql_extra = "`from-url`!='" . dbesc($profile_url) . "'"; } $r = q("SELECT * FROM `mail` WHERE uid=%d AND {$sql_extra} ORDER BY created DESC LIMIT %d,%d", intval(api_user()), intval($start), intval($count)); $ret = array(); foreach ($r as $item) { if ($box == "inbox" || $item['from-url'] != $profile_url) { $recipient = $user_info; $sender = api_get_user($a, $item['contact-id']); } elseif ($box == "sentbox" || $item['from-url'] != $profile_url) { $recipient = api_get_user($a, $item['contact-id']); $sender = $user_info; } $ret[] = api_format_messages($item, $recipient, $sender); } $data = array('$messages' => $ret); switch ($type) { case "atom": case "rss": $data = api_rss_extra($a, $data, $user_info); } return api_apply_template("direct_messages", $type, $data); }
function wall_upload_post(&$a) { logger("wall upload: starting new upload", LOGGER_DEBUG); if ($a->argc > 1) { if (!x($_FILES, 'media')) { $nick = $a->argv[1]; $r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick)); if (!count($r)) { return; } } else { $user_info = api_get_user($a); $r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name'])); } } else { return; } $can_post = false; $visitor = 0; $page_owner_uid = $r[0]['uid']; $default_cid = $r[0]['id']; $page_owner_nick = $r[0]['nickname']; $community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false; if (local_user() && local_user() == $page_owner_uid) { $can_post = true; } else { if ($community_page && remote_user()) { $cid = 0; if (is_array($_SESSION['remote'])) { foreach ($_SESSION['remote'] as $v) { if ($v['uid'] == $page_owner_uid) { $cid = $v['cid']; break; } } } if ($cid) { $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid)); if (count($r)) { $can_post = true; $visitor = $cid; } } } } if (!$can_post) { notice(t('Permission denied.') . EOL); killme(); } if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) { killme(); } if (x($_FILES, 'userfile')) { $src = $_FILES['userfile']['tmp_name']; $filename = basename($_FILES['userfile']['name']); $filesize = intval($_FILES['userfile']['size']); $filetype = $_FILES['userfile']['type']; } elseif (x($_FILES, 'media')) { $src = $_FILES['media']['tmp_name']; $filename = basename($_FILES['media']['name']); $filesize = intval($_FILES['media']['size']); $filetype = $_FILES['media']['type']; } if ($filetype == "") { $filetype = guess_image_type($filename); } $maximagesize = get_config('system', 'maximagesize'); if ($maximagesize && $filesize > $maximagesize) { echo sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL; @unlink($src); killme(); } $r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($page_owner_uid)); $limit = service_class_fetch($page_owner_uid, 'photo_upload_limit'); if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) { echo upgrade_message(true) . EOL; @unlink($src); killme(); } $imagedata = @file_get_contents($src); $ph = new Photo($imagedata, $filetype); if (!$ph->is_valid()) { echo t('Unable to process image.') . EOL; @unlink($src); killme(); } $ph->orient($src); @unlink($src); $max_length = get_config('system', 'max_image_length'); if (!$max_length) { $max_length = MAX_IMAGE_LENGTH; } if ($max_length > 0) { $ph->scaleImage($max_length); } $width = $ph->getWidth(); $height = $ph->getHeight(); $hash = photo_new_resource(); $smallest = 0; $defperm = '<' . $default_cid . '>'; $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm); if (!$r) { echo t('Image upload failed.') . EOL; killme(); } if ($width > 640 || $height > 640) { $ph->scaleImage(640); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm); if ($r) { $smallest = 1; } } if ($width > 320 || $height > 320) { $ph->scaleImage(320); $r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm); if ($r) { $smallest = 2; } } $basename = basename($filename); /* mod Waitman Gobble NO WARRANTY */ //if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post) if ($_REQUEST['hush'] != 'yeah') { if (local_user() && (!feature_enabled(local_user(), 'richtext') || x($_REQUEST['nomce']))) { echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]\n\n"; } else { echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "\" alt=\"{$basename}\" /></a><br /><br />"; } } else { $m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]"; return $m; } /* mod Waitman Gobble NO WARRANTY */ killme(); // NOTREACHED }