function wall_attach_post(&$a)
{
if (argc() > 1) {
$channel = get_channel_by_nick(argv(1));
} elseif ($_FILES['media']) {
require_once 'include/api.php';
$user_info = api_get_user($a);
$nick = $user_info['screen_name'];
$channel = get_channel_by_nick($user_info['screen_name']);
}
if (!$channel) {
killme();
}
$observer = $a->get_observer();
if ($_FILES['userfile']['tmp_name']) {
$x = @getimagesize($_FILES['userfile']['tmp_name']);
logger('getimagesize: ' . print_r($x, true), LOGGER_DATA);
if ($x && ($x[2] === IMAGETYPE_GIF || $x[2] === IMAGETYPE_JPEG || $x[2] === IMAGETYPE_PNG)) {
$args = array('source' => 'editor', 'visible' => 0, 'contact_allow' => array($channel['channel_hash']));
$ret = photo_upload($channel, $observer, $args);
if ($ret['success']) {
echo "\n\n" . $ret['body'] . "\n\n";
killme();
}
if ($using_api) {
return;
}
notice($ret['message']);
killme();
}
}
$r = attach_store($channel, $observer ? $observer['xchan_hash'] : '');
if (!$r['success']) {
notice($r['message'] . EOL);
killme();
}
echo "\n\n" . '[attachment]' . $r['data']['hash'] . ',' . $r['data']['revision'] . '[/attachment]' . "\n";
killme();
}
function wall_upload_post(&$a)
{
$using_api = x($_FILES, 'media') ? true : false;
if ($using_api) {
require_once 'include/api.php';
$user_info = api_get_user($a);
$nick = $user_info['screen_name'];
} else {
if (argc() > 1) {
$nick = argv(1);
}
}
$channel = $nick ? get_channel_by_nick($nick) : false;
if (!$channel) {
if ($using_api) {
return;
}
notice(t('Channel not found.') . EOL);
killme();
}
$observer = $a->get_observer();
$args = array('source' => 'editor', 'album' => t('Wall Photos'), 'not_visible' => 1, 'contact_allow' => array($channel['channel_hash']));
$ret = photo_upload($channel, $observer, $args);
if (!$ret['success']) {
if ($using_api) {
return;
}
notice($ret['message']);
killme();
}
$m = $ret['body'];
if ($using_api) {
return "\n\n" . $ret['body'] . "\n\n";
} else {
echo "\n\n" . $ret['body'] . "\n\n";
}
killme();
}
/**
* A lot going on in this function, and some of it is old cruft and some is new cruft
* and the entire thing probably needs to be refactored. It started out just storing
* files, before we had DAV. It was made extensible to do extra stuff like edit an
* existing file or optionally store a separate revision using $options to choose between different
* storage models. Along the way we moved from
* DB data storage to file system storage.
* Then DAV came along and used different upload methods depending on whether the
* file was stored as a DAV directory object or updated as a file object. One of these
* is essentially an update and the other is basically an upload, but doesn't use the traditional PHP
* upload workflow.
* Then came hubzilla and we tried to merge photo functionality with the file storage. Most of
* that integration occurs within this function.
* This required overlap with the old photo_upload stuff and photo albums were
* completely different concepts from directories which needed to be reconciled somehow.
* The old revision stuff is kind of orphaned currently. There's new revision stuff for photos
* which attaches (2) etc. onto the name, but doesn't integrate with the attach table revisioning.
* That's where it sits currently. I repeat it needs to be refactored, and this note is here
* for future explorers and those who may be doing that work to understand where it came
* from and got to be the monstrosity of tangled unrelated code that it currently is.
*/
function attach_store($channel, $observer_hash, $options = '', $arr = null)
{
require_once 'include/photos.php';
call_hooks('photo_upload_begin', $arr);
$ret = array('success' => false);
$channel_id = $channel['channel_id'];
$sql_options = '';
$source = $arr ? $arr['source'] : '';
$album = $arr ? $arr['album'] : '';
$newalbum = $arr ? $arr['newalbum'] : '';
$hash = $arr && $arr['hash'] ? $arr['hash'] : null;
$upload_path = $arr && $arr['directory'] ? $arr['directory'] : '';
$visible = $arr && $arr['visible'] ? $arr['visible'] : '';
$observer = array();
if ($observer_hash) {
$x = q("select * from xchan where xchan_hash = '%s' limit 1", dbesc($observer_hash));
if ($x) {
$observer = $x[0];
}
}
logger('arr: ' . print_r($arr, true));
if (!perm_is_allowed($channel_id, $observer_hash, 'write_storage')) {
$ret['message'] = t('Permission denied.');
return $ret;
}
$str_group_allow = perms2str($arr['group_allow']);
$str_contact_allow = perms2str($arr['contact_allow']);
$str_group_deny = perms2str($arr['group_deny']);
$str_contact_deny = perms2str($arr['contact_deny']);
// The 'update' option sets db values without uploading a new attachment
// 'replace' replaces the existing uploaded data
// 'revision' creates a new revision with new upload data
// Default is to upload a new file
// revise or update must provide $arr['hash'] of the thing to revise/update
// By default remove $src when finished
$remove_when_processed = true;
if ($options === 'import') {
$src = $arr['src'];
$filename = $arr['filename'];
$filesize = @filesize($src);
$hash = $arr['resource_id'];
if (array_key_exists('hash', $arr)) {
$hash = $arr['hash'];
}
if (array_key_exists('type', $arr)) {
$type = $arr['type'];
}
if ($arr['preserve_original']) {
$remove_when_processed = false;
}
// if importing a directory, just do it now and go home - we're done.
if (array_key_exists('is_dir', $arr) && intval($arr['is_dir'])) {
$x = attach_mkdir($channel, $observer_hash, $arr);
if ($x['message']) {
logger('import_directory: ' . $x['message']);
}
return;
}
} elseif ($options !== 'update') {
$f = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_upload_file', $f);
call_hooks('attach_upload_file', $f);
if (x($f, 'src') && x($f, 'filesize')) {
$src = $f['src'];
$filename = $f['filename'];
$filesize = $f['filesize'];
$type = $f['type'];
} else {
if (!x($_FILES, 'userfile')) {
$ret['message'] = t('No source file.');
return $ret;
}
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
}
}
$existing_size = 0;
if ($options === 'replace') {
$x = q("select id, hash, filesize from attach where id = %d and uid = %d limit 1", intval($arr['id']), intval($channel_id));
if (!$x) {
$ret['message'] = t('Cannot locate file to replace');
return $ret;
}
$existing_id = $x[0]['id'];
$existing_size = intval($x[0]['filesize']);
$hash = $x[0]['hash'];
}
if ($options === 'revise' || $options === 'update') {
$sql_options = " order by revision desc ";
if ($options === 'update' && $arr && array_key_exists('revision', $arr)) {
$sql_options = " and revision = " . intval($arr['revision']) . " ";
}
$x = q("select id, aid, uid, filename, filetype, filesize, hash, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where hash = '%s' and uid = %d {$sql_options} limit 1", dbesc($arr['hash']), intval($channel_id));
if (!$x) {
$ret['message'] = t('Cannot locate file to revise/update');
return $ret;
}
$hash = $x[0]['hash'];
}
$def_extension = '';
$is_photo = 0;
$gis = @getimagesize($src);
logger('getimagesize: ' . print_r($gis, true), LOGGER_DATA);
if ($gis && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1;
if ($gis[2] === IMAGETYPE_GIF) {
$def_extension = '.gif';
}
if ($gis[2] === IMAGETYPE_JPEG) {
$def_extension = '.jpg';
}
if ($gis[2] === IMAGETYPE_PNG) {
$def_extension = '.png';
}
}
$pathname = '';
if ($is_photo) {
if ($newalbum) {
$pathname = filepath_macro($newalbum);
} elseif (array_key_exists('folder', $arr)) {
$x = q("select filename from attach where hash = '%s' and uid = %d limit 1", dbesc($arr['folder']), intval($channel['channel_id']));
if ($x) {
$pathname = $x[0]['filename'];
}
} else {
$pathname = filepath_macro($album);
}
} else {
$pathname = filepath_macro($upload_path);
}
$darr = array('pathname' => $pathname);
// if we need to create a directory, use the channel default permissions.
$darr['allow_cid'] = $channel['allow_cid'];
$darr['allow_gid'] = $channel['allow_gid'];
$darr['deny_cid'] = $channel['deny_cid'];
$darr['deny_gid'] = $channel['deny_gid'];
$direct = null;
if ($pathname) {
$x = attach_mkdirp($channel, $observer_hash, $darr);
$folder_hash = $x['success'] ? $x['data']['hash'] : '';
$direct = $x['success'] ? $x['data'] : null;
if (!$str_contact_allow && !$str_group_allow && !$str_contact_deny && !$str_group_deny) {
$str_contact_allow = $x['data']['allow_cid'];
$str_group_allow = $x['data']['allow_gid'];
$str_contact_deny = $x['data']['deny_cid'];
$str_group_deny = $x['data']['deny_gid'];
}
} else {
$folder_hash = $arr && array_key_exists('folder', $arr) ? $arr['folder'] : '';
}
if (!$options || $options === 'import') {
// A freshly uploaded file. Check for duplicate and resolve with the channel's overwrite settings.
$r = q("select filename, id, hash, filesize from attach where filename = '%s' and folder = '%s' ", dbesc($filename), dbesc($folder_hash));
if ($r) {
$overwrite = get_pconfig($channel_id, 'system', 'overwrite_dup_files');
if ($overwrite) {
$options = 'replace';
$existing_id = $x[0]['id'];
$existing_size = intval($x[0]['filesize']);
$hash = $x[0]['hash'];
} else {
if (strpos($filename, '.') !== false) {
$basename = substr($filename, 0, strrpos($filename, '.'));
$ext = substr($filename, strrpos($filename, '.'));
} else {
$basename = $filename;
$ext = $def_extension;
}
$r = q("select filename from attach where ( filename = '%s' OR filename like '%s' ) and folder = '%s' ", dbesc($basename . $ext), dbesc($basename . '(%)' . $ext), dbesc($folder_hash));
if ($r) {
$x = 1;
do {
$found = false;
foreach ($r as $rr) {
if ($rr['filename'] === $basename . '(' . $x . ')' . $ext) {
$found = true;
break;
}
}
if ($found) {
$x++;
}
} while ($found);
$filename = $basename . '(' . $x . ')' . $ext;
} else {
$filename = $basename . $ext;
}
}
}
}
if (!$hash) {
$hash = random_string();
}
// Check storage limits
if ($options !== 'update') {
$maxfilesize = get_config('system', 'maxfilesize');
if ($maxfilesize && $filesize > $maxfilesize) {
$ret['message'] = sprintf(t('File exceeds size limit of %d'), $maxfilesize);
if ($remove_when_processed) {
@unlink($src);
}
call_hooks('photo_upload_end', $ret);
return $ret;
}
$limit = service_class_fetch($channel_id, 'attach_upload_limit');
if ($limit !== false) {
$r = q("select sum(filesize) as total from attach where aid = %d ", intval($channel['channel_account_id']));
if ($r && $r[0]['total'] + $filesize > $limit - $existing_size) {
$ret['message'] = upgrade_message(true) . sprintf(t("You have reached your limit of %1\$.0f Mbytes attachment storage."), $limit / 1024000);
if ($remove_when_processed) {
@unlink($src);
}
call_hooks('photo_upload_end', $ret);
return $ret;
}
}
$mimetype = isset($type) && $type ? $type : z_mime_content_type($filename);
}
$os_basepath = 'store/' . $channel['channel_address'] . '/';
$os_relpath = '';
if ($folder_hash) {
$curr = find_folder_hash_by_attach_hash($channel_id, $folder_hash, true);
if ($curr) {
$os_relpath .= $curr . '/';
}
$os_relpath .= $folder_hash . '/';
}
$os_relpath .= $hash;
if ($src) {
@file_put_contents($os_basepath . $os_relpath, @file_get_contents($src));
}
if (array_key_exists('created', $arr)) {
$created = $arr['created'];
} else {
$created = datetime_convert();
}
if (array_key_exists('edited', $arr)) {
$edited = $arr['edited'];
} else {
$edited = $created;
}
if ($options === 'replace') {
$r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', filesize = %d, os_storage = %d, is_photo = %d, data = '%s', edited = '%s' where id = %d and uid = %d", dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), intval($existing_id), intval($channel_id));
} elseif ($options === 'revise') {
$r = q("insert into attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, data, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )\n\t\t\tVALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($x[0]['aid']), intval($channel_id), dbesc($x[0]['hash']), dbesc($observer_hash), dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval($x[0]['revision'] + 1), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), dbesc($created), dbesc($x[0]['allow_cid']), dbesc($x[0]['allow_gid']), dbesc($x[0]['deny_cid']), dbesc($x[0]['deny_gid']));
} elseif ($options === 'update') {
$r = q("update attach set filename = '%s', filetype = '%s', folder = '%s', edited = '%s', os_storage = %d, is_photo = %d, \n\t\t\tallow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s' where id = %d and uid = %d", dbesc(array_key_exists('filename', $arr) ? $arr['filename'] : $x[0]['filename']), dbesc(array_key_exists('filetype', $arr) ? $arr['filetype'] : $x[0]['filetype']), dbesc($folder_hash ? $folder_hash : $x[0]['folder']), dbesc($created), dbesc(array_key_exists('os_storage', $arr) ? $arr['os_storage'] : $x[0]['os_storage']), dbesc(array_key_exists('is_photo', $arr) ? $arr['is_photo'] : $x[0]['is_photo']), dbesc(array_key_exists('allow_cid', $arr) ? $arr['allow_cid'] : $x[0]['allow_cid']), dbesc(array_key_exists('allow_gid', $arr) ? $arr['allow_gid'] : $x[0]['allow_gid']), dbesc(array_key_exists('deny_cid', $arr) ? $arr['deny_cid'] : $x[0]['deny_cid']), dbesc(array_key_exists('deny_gid', $arr) ? $arr['deny_gid'] : $x[0]['deny_gid']), intval($x[0]['id']), intval($x[0]['uid']));
} else {
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, filetype, folder, filesize, revision, os_storage, is_photo, data, created, edited, allow_cid, allow_gid,deny_cid, deny_gid )\n\t\t\tVALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($channel['channel_account_id']), intval($channel_id), dbesc($hash), dbesc(get_observer_hash()), dbesc($filename), dbesc($mimetype), dbesc($folder_hash), intval($filesize), intval(0), intval(1), intval($is_photo), dbesc($os_relpath), dbesc($created), dbesc($created), dbesc($arr && array_key_exists('allow_cid', $arr) ? $arr['allow_cid'] : $str_contact_allow), dbesc($arr && array_key_exists('allow_gid', $arr) ? $arr['allow_gid'] : $str_group_allow), dbesc($arr && array_key_exists('deny_cid', $arr) ? $arr['deny_cid'] : $str_contact_deny), dbesc($arr && array_key_exists('deny_gid', $arr) ? $arr['deny_gid'] : $str_group_deny));
}
if ($is_photo) {
$args = array('source' => $source, 'visible' => $visible, 'resource_id' => $hash, 'album' => basename($pathname), 'os_path' => $os_basepath . $os_relpath, 'filename' => $filename, 'getimagesize' => $gis, 'directory' => $direct);
if ($arr['contact_allow']) {
$args['contact_allow'] = $arr['contact_allow'];
}
if ($arr['group_allow']) {
$args['group_allow'] = $arr['group_allow'];
}
if ($arr['contact_deny']) {
$args['contact_deny'] = $arr['contact_deny'];
}
if ($arr['group_deny']) {
$args['group_deny'] = $arr['group_deny'];
}
if (array_key_exists('allow_cid', $arr)) {
$args['allow_cid'] = $arr['allow_cid'];
}
if (array_key_exists('allow_gid', $arr)) {
$args['allow_gid'] = $arr['allow_gid'];
}
if (array_key_exists('deny_cid', $arr)) {
$args['deny_cid'] = $arr['deny_cid'];
}
if (array_key_exists('deny_gid', $arr)) {
$args['deny_gid'] = $arr['deny_gid'];
}
$args['created'] = $created;
$args['edited'] = $edited;
if ($arr['item']) {
$args['item'] = $arr['item'];
}
$p = photo_upload($channel, $observer, $args);
if ($p['success']) {
$ret['body'] = $p['body'];
}
}
if ($options !== 'update' && $remove_when_processed) {
@unlink($src);
}
if (!$r) {
$ret['message'] = t('File upload failed. Possible system limit or action terminated.');
call_hooks('photo_upload_end', $ret);
return $ret;
}
// Caution: This re-uses $sql_options set further above
$r = q("select id, aid, uid, hash, creator, filename, filetype, filesize, revision, folder, os_storage, is_photo, flags, created, edited, allow_cid, allow_gid, deny_cid, deny_gid from attach where uid = %d and hash = '%s' {$sql_options} limit 1", intval($channel_id), dbesc($hash));
if (!$r) {
$ret['message'] = t('Stored file could not be verified. Upload failed.');
call_hooks('photo_upload_end', $ret);
return $ret;
}
$ret['success'] = true;
$ret['data'] = $r[0];
if (!$is_photo) {
// This would've been called already with a success result in photos_upload() if it was a photo.
call_hooks('photo_upload_end', $ret);
}
return $ret;
}
/**
* @brief Creates a new file in the directory.
*
* Data will either be supplied as a stream resource, or in certain cases
* as a string. Keep in mind that you may have to support either.
*
* After successful creation of the file, you may choose to return the ETag
* of the new file here.
*
* @throw \Sabre\DAV\Exception\Forbidden
* @param string $name Name of the file
* @param resource|string $data Initial payload
* @return null|string ETag
*/
public function createFile($name, $data = null)
{
logger('create file in directory ' . $name, LOGGER_DEBUG);
if (!$this->auth->owner_id) {
logger('permission denied ' . $name);
throw new DAV\Exception\Forbidden('Permission denied.');
}
if (!perm_is_allowed($this->auth->owner_id, $this->auth->observer, 'write_storage')) {
logger('permission denied ' . $name);
throw new DAV\Exception\Forbidden('Permission denied.');
}
$mimetype = z_mime_content_type($name);
$c = q("SELECT * FROM channel WHERE channel_id = %d AND channel_removed = 0 LIMIT 1", intval($this->auth->owner_id));
if (!$c) {
logger('no channel');
throw new DAV\Exception\Forbidden('Permission denied.');
}
$filesize = 0;
$hash = random_string();
$f = 'store/' . $this->auth->owner_nick . '/' . ($this->os_path ? $this->os_path . '/' : '') . $hash;
$direct = null;
if ($this->folder_hash) {
$r = q("select * from attach where hash = '%s' and is_dir = 1 and uid = %d limit 1", dbesc($this->folder_hash), intval($c[0]['channel_id']));
if ($r) {
$direct = $r[0];
}
}
if ($direct && ($direct['allow_cid'] || $direct['allow_gid'] || $direct['deny_cid'] || $direct['deny_gid'])) {
$allow_cid = $direct['allow_cid'];
$allow_gid = $direct['allow_gid'];
$deny_cid = $direct['deny_cid'];
$deny_gid = $direct['deny_gid'];
} else {
$allow_cid = $c[0]['channel_allow_cid'];
$allow_gid = $c[0]['channel_allow_gid'];
$deny_cid = $c[0]['channel_deny_cid'];
$deny_gid = $c[0]['channel_deny_gid'];
}
$r = q("INSERT INTO attach ( aid, uid, hash, creator, filename, folder, os_storage, filetype, filesize, revision, is_photo, content, created, edited, allow_cid, allow_gid, deny_cid, deny_gid )\n\t\t\tVALUES ( %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", intval($c[0]['channel_account_id']), intval($c[0]['channel_id']), dbesc($hash), dbesc($this->auth->observer), dbesc($name), dbesc($this->folder_hash), intval(1), dbesc($mimetype), intval($filesize), intval(0), intval($is_photo), dbesc($f), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($allow_cid), dbesc($allow_gid), dbesc($deny_cid), dbesc($deny_gid));
// returns the number of bytes that were written to the file, or FALSE on failure
$size = file_put_contents($f, $data);
// delete attach entry if file_put_contents() failed
if ($size === false) {
logger('file_put_contents() failed to ' . $f);
attach_delete($c[0]['channel_id'], $hash);
return;
}
// returns now
$edited = datetime_convert();
$is_photo = 0;
$x = @getimagesize($f);
logger('getimagesize: ' . print_r($x, true), LOGGER_DATA);
if ($x && ($x[2] === IMAGETYPE_GIF || $x[2] === IMAGETYPE_JPEG || $x[2] === IMAGETYPE_PNG)) {
$is_photo = 1;
}
// updates entry with filesize and timestamp
$d = q("UPDATE attach SET filesize = '%s', is_photo = %d, edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($size), intval($is_photo), dbesc($edited), dbesc($hash), intval($c[0]['channel_id']));
// update the folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($edited), dbesc($this->folder_hash), intval($c[0]['channel_id']));
$maxfilesize = get_config('system', 'maxfilesize');
if ($maxfilesize && $size > $maxfilesize) {
attach_delete($c[0]['channel_id'], $hash);
return;
}
// check against service class quota
$limit = engr_units_to_bytes(service_class_fetch($c[0]['channel_id'], 'attach_upload_limit'));
if ($limit !== false) {
$x = q("SELECT SUM(filesize) AS total FROM attach WHERE aid = %d ", intval($c[0]['channel_account_id']));
if ($x && $x[0]['total'] + $size > $limit) {
logger('service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . userReadableSize($limit));
attach_delete($c[0]['channel_id'], $hash);
return;
}
}
if ($is_photo) {
$album = '';
if ($this->folder_hash) {
$f1 = q("select filename from attach WHERE hash = '%s' AND uid = %d", dbesc($this->folder_hash), intval($c[0]['channel_id']));
if ($f1) {
$album = $f1[0]['filename'];
}
}
require_once 'include/photos.php';
$args = array('resource_id' => $hash, 'album' => $album, 'os_path' => $f, 'filename' => $name, 'getimagesize' => $x, 'directory' => $direct);
$p = photo_upload($c[0], \App::get_observer(), $args);
}
$sync = attach_export_data($c[0], $hash);
if ($sync) {
build_sync_packet($c[0]['channel_id'], array('file' => array($sync)));
}
}
/**
* @brief Updates the data of the file.
*
* @param resource $data
* @return void
*/
public function put($data)
{
logger('put file: ' . basename($this->name), LOGGER_DEBUG);
$size = 0;
// @todo only 3 values are needed
$c = q("SELECT * FROM channel WHERE channel_id = %d AND channel_removed = 0 LIMIT 1", intval($this->auth->owner_id));
$is_photo = false;
$album = '';
$r = q("SELECT flags, folder, os_storage, filename, is_photo FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($this->data['hash']), intval($c[0]['channel_id']));
if ($r) {
if (intval($r[0]['os_storage'])) {
$d = q("select folder, data from attach where hash = '%s' and uid = %d limit 1", dbesc($this->data['hash']), intval($c[0]['channel_id']));
if ($d) {
if ($d[0]['folder']) {
$f1 = q("select * from attach where is_dir = 1 and hash = '%s' and uid = %d limit 1", dbesc($d[0]['folder']), intval($c[0]['channel_id']));
if ($f1) {
$album = $f1[0]['filename'];
$direct = $f1[0];
}
}
$fname = dbunescbin($d[0]['data']);
$f = 'store/' . $this->auth->owner_nick . '/' . ($fname ? $fname : '');
// @todo check return value and set $size directly
@file_put_contents($f, $data);
$size = @filesize($f);
logger('filename: ' . $f . ' size: ' . $size, LOGGER_DEBUG);
}
$gis = @getimagesize($f);
logger('getimagesize: ' . print_r($gis, true), LOGGER_DATA);
if ($gis && ($gis[2] === IMAGETYPE_GIF || $gis[2] === IMAGETYPE_JPEG || $gis[2] === IMAGETYPE_PNG)) {
$is_photo = 1;
}
} else {
// this shouldn't happen any more
$r = q("UPDATE attach SET data = '%s' WHERE hash = '%s' AND uid = %d", dbescbin(stream_get_contents($data)), dbesc($this->data['hash']), intval($this->data['uid']));
$r = q("SELECT length(data) AS fsize FROM attach WHERE hash = '%s' AND uid = %d LIMIT 1", dbesc($this->data['hash']), intval($this->data['uid']));
if ($r) {
$size = $r[0]['fsize'];
}
}
}
// returns now()
$edited = datetime_convert();
$d = q("UPDATE attach SET filesize = '%s', is_photo = %d, edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($size), intval($is_photo), dbesc($edited), dbesc($this->data['hash']), intval($c[0]['channel_id']));
if ($is_photo) {
require_once 'include/photos.php';
$args = array('resource_id' => $this->data['hash'], 'album' => $album, 'os_path' => $f, 'filename' => $r[0]['filename'], 'getimagesize' => $gis, 'directory' => $direct);
$p = photo_upload($c[0], get_app()->get_observer(), $args);
}
// update the folder's lastmodified timestamp
$e = q("UPDATE attach SET edited = '%s' WHERE hash = '%s' AND uid = %d", dbesc($edited), dbesc($r[0]['folder']), intval($c[0]['channel_id']));
// @todo do we really want to remove the whole file if an update fails
// because of maxfilesize or quota?
// There is an Exception "InsufficientStorage" or "PaymentRequired" for
// our service class from SabreDAV we could use.
$maxfilesize = get_config('system', 'maxfilesize');
if ($maxfilesize && $size > $maxfilesize) {
attach_delete($c[0]['channel_id'], $this->data['hash']);
return;
}
$limit = service_class_fetch($c[0]['channel_id'], 'attach_upload_limit');
if ($limit !== false) {
$x = q("select sum(filesize) as total from attach where aid = %d ", intval($c[0]['channel_account_id']));
if ($x && $x[0]['total'] + $size > $limit) {
logger('service class limit exceeded for ' . $c[0]['channel_name'] . ' total usage is ' . $x[0]['total'] . ' limit is ' . $limit);
attach_delete($c[0]['channel_id'], $this->data['hash']);
return;
}
}
}
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookies);
curl_setopt($ch, CURLOPT_COOKIEJAR, $cookies);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_USERAGENT, 'Hubzilla');
$output = curl_exec($ch);
curl_close($ch);
$j = json_decode($output, true);
// logger('frphotohelper: ' . print_r($j,true));
$args = array();
$args['content'] = base64_decode($j['content'] ? $j['content'] : $j['data']);
$args['filename'] = $j['filename'];
$args['resource_id'] = $j['resource-id'];
$args['imgscale'] = array_key_exists('imgscale', $j) ? $j['imgscale'] : $j['scale'];
$args['album'] = $j['album'];
$args['visible'] = 0;
$args['created'] = $j['created'];
$args['edited'] = $j['edited'];
$args['title'] = $j['title'];
$args['description'] = $j['desc'];
if ($j['allow_cid'] || $j['allow_gid'] || $j['deny_cid'] || $j['deny_gid']) {
$args['contact_allow'] = $channel['channel_hash'];
}
$args['type'] = $j['type'];
$r = q("select * from photo where resource_id = '%s' and uid = %d limit 1", dbesc($args['resource_id']), intval($channel['channel_id']));
if ($r) {
killme();
}
$ret = photo_upload($channel, $channel, $args);
logger('photo_import: ' . print_r($ret, true));
killme();
function reflect_photo_callback($matches)
{
if (strpos($matches[2], 'http') !== false) {
return $matches[0];
}
$prefix = REFLECT_BASEURL;
$x = z_fetch_url($prefix . $matches[2], true);
$hash = basename($matches[2]);
if ($x['success']) {
$channel = reflect_get_channel();
require_once 'include/photos.php';
$p = photo_upload($channel, $channel, array('data' => $x['body'], 'resource_id' => str_replace('-', '', $hash), 'filename' => $hash . '.jpg', 'type' => 'image/jpeg', 'visible' => false));
if ($p['success']) {
$newlink = $p['resource_id'] . '-0.jpg';
}
// import photo and locate the link for it.
return '[zmg]' . z_root() . '/photo/' . $newlink . '[/zmg]';
}
// no replacement. Leave it alone.
return $matches[0];
}
function photos_post(&$a)
{
logger('mod-photos: photos_post: begin', LOGGER_DEBUG);
logger('mod_photos: REQUEST ' . print_r($_REQUEST, true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES, true), LOGGER_DATA);
$ph = photo_factory('');
$phototypes = $ph->supportedTypes();
$can_post = false;
$page_owner_uid = $a->data['channel']['channel_id'];
if (perm_is_allowed($page_owner_uid, get_observer_hash(), 'post_photos')) {
$can_post = true;
}
if (!$can_post) {
notice(t('Permission denied.') . EOL);
if (is_ajax()) {
killme();
}
return;
}
$s = abook_self($page_owner_uid);
if (!$s) {
notice(t('Page owner information could not be retrieved.') . EOL);
logger('mod_photos: post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
if (is_ajax()) {
killme();
}
return;
}
$owner_record = $s[0];
if (argc() > 3 && argv(2) === 'album') {
$album = hex2bin(argv(3));
if ($album === t('Profile Photos')) {
// not allowed
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
if (!photos_album_exists($page_owner_uid, $album)) {
notice(t('Album not found.') . EOL);
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
/*
* RENAME photo album
*/
$newalbum = notags(trim($_REQUEST['albumname']));
if ($newalbum != $album) {
$x = photos_album_rename($page_owner_uid, $album, $newalbum);
if ($x) {
$newurl = str_replace(bin2hex($album), bin2hex($newalbum), $_SESSION['photo_return']);
goaway($a->get_baseurl() . '/' . $newurl);
}
}
/*
* DELETE photo album and all its photos
*/
if ($_REQUEST['dropalbum'] == t('Delete Album')) {
$res = array();
// get the list of photos we are about to delete
if (remote_user() && !local_user()) {
$str = photos_album_get_db_idstr($page_owner_uid, $album, remote_user());
} elseif (local_user()) {
$str = photos_album_get_db_idstr(local_user(), $album);
} else {
$str = null;
}
if (!$str) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$r = q("select id, item_restrict from item where resource_id in ( {$str} ) and resource_type = 'photo' and uid = %d", intval($page_owner_uid));
if ($r) {
foreach ($r as $i) {
drop_item($i['id'], false);
if (!$item_restrict) {
proc_run('php', 'include/notifier.php', 'drop', $i['id']);
}
}
}
// remove the associated photos in case they weren't attached to an item
q("delete from photo where resource_id in ( {$str} ) and uid = %d", intval($page_owner_uid));
}
goaway($a->get_baseurl() . '/photos/' . $a->data['channel']['channel_address']);
}
if (argc() > 2 && x($_REQUEST, 'delete') && $_REQUEST['delete'] === t('Delete Photo')) {
// same as above but remove single photo
$ob_hash = get_observer_hash();
if (!$ob_hash) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$r = q("SELECT `id`, `resource_id` FROM `photo` WHERE ( xchan = '%s' or `uid` = %d ) AND `resource_id` = '%s' LIMIT 1", dbesc($ob_hash), intval(local_user()), dbesc($a->argv[2]));
if ($r) {
q("DELETE FROM `photo` WHERE `uid` = %d AND `resource_id` = '%s'", intval($page_owner_uid), dbesc($r[0]['resource_id']));
$i = q("SELECT * FROM `item` WHERE `resource_id` = '%s' AND resource_type = 'photo' and `uid` = %d LIMIT 1", dbesc($r[0]['resource_id']), intval($page_owner_uid));
if (count($i)) {
q("UPDATE `item` SET item_restrict = (item_restrict | %d), `edited` = '%s', `changed` = '%s' WHERE `parent_mid` = '%s' AND `uid` = %d", intval(ITEM_DELETED), dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($i[0]['mid']), intval($page_owner_uid));
$url = $a->get_baseurl();
$drop_id = intval($i[0]['id']);
if ($i[0]['visible']) {
proc_run('php', "include/notifier.php", "drop", "{$drop_id}");
}
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
if ($a->argc > 2 && (x($_POST, 'desc') !== false || x($_POST, 'newtag') !== false) || x($_POST, 'albname') !== false) {
$desc = x($_POST, 'desc') ? notags(trim($_POST['desc'])) : '';
$rawtags = x($_POST, 'newtag') ? notags(trim($_POST['newtag'])) : '';
$item_id = x($_POST, 'item_id') ? intval($_POST['item_id']) : 0;
$albname = x($_POST, 'albname') ? notags(trim($_POST['albname'])) : '';
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$resource_id = $a->argv[2];
if (!strlen($albname)) {
$albname = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
}
if (x($_POST, 'rotate') !== false && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) {
logger('rotate');
$r = q("select * from photo where `resource_id` = '%s' and uid = %d and scale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid));
if (count($r)) {
$ph = photo_factory($r[0]['data'], $r[0]['type']);
if ($ph->is_valid()) {
$rotate_deg = intval($_POST['rotate']) == 1 ? 270 : 90;
$ph->rotate($rotate_deg);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 0 limit 1", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 1 limit 1", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource_id` = '%s' and uid = %d and scale = 2 limit 1", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
}
$p = q("SELECT * FROM `photo` WHERE `resource_id` = '%s' AND `uid` = %d and ( photo_flags = %d or photo_flags = %d ) ORDER BY `scale` DESC", dbesc($resource_id), intval($page_owner_uid), intval(PHOTO_NORMAL), intval(PHOTO_PROFILE));
if (count($p)) {
$ext = $phototypes[$p[0]['type']];
$r = q("UPDATE `photo` SET `description` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource_id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($albname), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($resource_id), intval($page_owner_uid));
}
$item_private = $str_contact_allow || $str_group_allow || $str_contact_deny || $str_group_deny ? true : false;
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['description'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
$item_id = photos_create_item($a->data['channel'], get_observer_hash(), $p[0], $visibility);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
}
if ($r) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
// make sure the linked item has the same permissions as the photo regardless of any other changes
$x = q("update item set allow_cid = '%s', allow_gid = '%s', deny_cid = '%s', deny_gid = '%s', item_private = %d\n\t\t\twhere id = %d limit 1", dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), intval($item_private), intval($item_id));
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a mention
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '@' . $rawtags;
}
$taginfo = array();
$tags = get_tags($rawtags);
if (count($tags)) {
foreach ($tags as $tag) {
// If we already tagged 'Robert Johnson', don't try and tag 'Robert'.
// Robert Johnson should be first in the $tags array
$fullnametagged = false;
for ($x = 0; $x < count($tagged); $x++) {
if (stristr($tagged[$x], $tag . ' ')) {
$fullnametagged = true;
break;
}
}
if ($fullnametagged) {
continue;
}
require_once 'mod/item.php';
$body = $access_tag = '';
$success = handle_tag($a, $body, $access_tag, $str_tags, local_user() ? local_user() : $a->profile['profile_uid'], $tag);
logger('handle_tag: ' . print_r($success, tue), LOGGER_DEBUG);
if ($access_tag) {
logger('access_tag: ' . $tag . ' ' . print_r($access_tag, true), LOGGER_DEBUG);
if (strpos($access_tag, 'cid:') === 0) {
$str_contact_allow .= '<' . substr($access_tag, 4) . '>';
$access_tag = '';
} elseif (strpos($access_tag, 'gid:') === 0) {
$str_group_allow .= '<' . substr($access_tag, 4) . '>';
$access_tag = '';
}
}
if ($success['replaced']) {
$tagged[] = $tag;
$post_tags[] = array('uid' => $a->profile['profile_uid'], 'type' => $success['termtype'], 'otype' => TERM_OBJ_POST, 'term' => $success['term'], 'url' => $success['url']);
}
}
}
$r = q("select * from item where id = %d and uid = %d limit 1", intval($item_id), intval($page_owner_uid));
if ($r) {
$datarray = $r[0];
$datarray['term'] = $post_tags;
item_store_update($datarray, $execflag);
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
$_REQUEST['source'] = 'photos';
$r = photo_upload($a->channel, $a->get_observer(), $_REQUEST);
if (!$r['success']) {
notice($r['message'] . EOL);
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$_SESSION['username_exist'] = $name;
header('Location: registration.php');
exit;
}
$sql = "INSERT INTO users_account (name, password, email, birthdate, gender,city, height, education) \r\n\t\tVALUES ('{$name}', '{$password}','{$email}','{$birthdate}','{$gender}','{$city}','{$height}','{$education}')";
// echo "<br>". $sql. "<br>";
$result = $db->query($sql);
if (!$result) {
echo "Your query failed.";
} else {
echo "Welcome " . $name . ". You are now registered";
}
$query = 'select * from users_account ' . "where name='{$name}' ";
// echo "<br>" .$query. "<br>";
$result = $db->query($query);
if ($result->num_rows > 0) {
// if they are in the database register the user id
$row = $result->fetch_assoc();
$_SESSION['valid_user'] = $name;
$_SESSION['valid_userID'] = $row['userID'];
$_SESSION['new_user'] = true;
}
photo_upload('profilePhoto', 'users_profile_photo/', $_SESSION['valid_userID'], $db, false);
$to = "f35im@localhost";
$subject = "Hi " . $_SESSION['valid_user'] . ", Thank you for registering on Heydate";
$txt = "Hi " . $_SESSION['valid_user'] . ", are you ready to start finding the other half of your life?";
$headers = "From: heydate@heydate.com\r\n";
mail($to, $subject, $txt, $headers);
header('Location: index.php');
?>
<a href="index.php">Back to main page</a>
}
//delete photo
if (isset($_GET['delete'])) {
$target_file = "users_photo/" . $_GET['delete'];
echo $target_file;
unlink($target_file);
$sql = "DELETE FROM users_photo WHERE photo='" . $_GET['delete'] . "'";
if ($db->query($sql) === TRUE) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . $db->error;
}
}
//upload daily photo
if (isset($_POST['photo'])) {
photo_upload('photo', 'users_photo/', $userID, $db, true);
}
//submit edit
if (isset($_POST['submit_edit'])) {
if (!get_magic_quotes_gpc()) {
$name = addslashes($_POST['name']);
$password = md5($_POST['password']);
$email = $_POST['email'];
$birthdate = $_POST['birthdate'];
$gender = $_POST['gender'];
$city = $_POST['city'];
$height = $_POST['height'];
$education = addslashes($_POST['education']);
$Intro = addslashes($_POST['Intro']);
$Mate_Criteria = addslashes($_POST['Mate_Criteria']);
$Life_Style = addslashes($_POST['Life_Style']);