private function build_stats(Image $image) { $h_owner = html_escape($image->get_owner()->name); $h_ownerlink = "<a href='" . make_link("user/{$h_owner}") . "'>{$h_owner}</a>"; $h_ip = html_escape($image->owner_ip); $h_date = autodate($image->posted); $h_filesize = to_shorthand_int($image->filesize); global $user; if ($user->can("view_ip")) { $h_ownerlink .= " ({$h_ip})"; } $html = "\n\t\tId: {$image->id}\n\t\t<br>Posted: {$h_date} by {$h_ownerlink}\n\t\t<br>Size: {$image->width}x{$image->height}\n\t\t<br>Filesize: {$h_filesize}\n\t\t"; if (!is_null($image->source)) { $h_source = html_escape($image->source); if (substr($image->source, 0, 7) != "http://" && substr($image->source, 0, 8) != "https://") { $h_source = "http://" . $h_source; } $html .= "<br>Source: <a href='{$h_source}'>link</a>"; } if (class_exists("Ratings")) { if ($image->rating == null || $image->rating == "u") { $image->rating = "u"; } $h_rating = Ratings::rating_to_human($image->rating); $html .= "<br>Rating: {$h_rating}"; } return $html; }
protected function build_upload_block() { global $config; $upload_list = ""; for ($i = 0; $i < $config->get_int('upload_count'); $i++) { if ($i == 0) { $style = ""; } else { $style = "style='display:none'"; } $upload_list .= "<input accept='image/jpeg,image/png,image/gif' size='10' " . "id='data{$i}' name='data{$i}' {$style} onchange=\"\$('#data" . ($i + 1) . "').show()\" type='file'>\n"; } $max_size = $config->get_int('upload_size'); $max_kb = to_shorthand_int($max_size); // <input type='hidden' name='max_file_size' value='$max_size' /> return "\n\t\t\t<script>\n\t\t\t\$(document).ready(function() {\n\t\t\t\t\$('#tag_input').DefaultValue('tagme');\n\t\t\t\t\$('#tag_input').autocomplete('" . make_link("api/internal/tag_list/complete") . "', {\n\t\t\t\t\twidth: 320,\n\t\t\t\t\tmax: 15,\n\t\t\t\t\thighlight: false,\n\t\t\t\t\tmultiple: true,\n\t\t\t\t\tmultipleSeparator: ' ',\n\t\t\t\t\tscroll: true,\n\t\t\t\t\tscrollHeight: 300,\n\t\t\t\t\tselectFirst: false\n\t\t\t\t});\n\t\t\t});\n\t\t\t</script>\n\t\t\t<form enctype='multipart/form-data' action='" . make_link("upload") . "' method='POST'>\n\t\t\t\t{$upload_list}\n\t\t\t\t<input id='tag_input' name='tags' type='text' autocomplete='off'>\n\t\t\t\t<input type='submit' value='Post'>\n\t\t\t</form>\n\t\t\t<div id='upload_completions' style='clear: both;'><small>(Max file size is {$max_kb})</small></div>\n\t\t\t<noscript><a href='" . make_link("upload") . "'>Larger Form</a></noscript>\n\t\t"; }
/** * Collect the information and return it in a keyed array. */ private function get_info() { global $config, $database; global $_event_listeners; // yay for using secret globals \o/ $info = array(); $info['site_title'] = $config->get_string("title"); $info['site_theme'] = $config->get_string("theme"); $info['site_url'] = "http://" . $_SERVER["HTTP_HOST"] . get_base_href(); $info['sys_shimmie'] = VERSION; $info['sys_schema'] = $config->get_string("db_version"); $info['sys_php'] = phpversion(); $info['sys_db'] = $database->get_driver_name(); $info['sys_os'] = php_uname(); $info['sys_disk'] = to_shorthand_int(disk_total_space("./") - disk_free_space("./")) . " / " . to_shorthand_int(disk_total_space("./")); $info['sys_server'] = $_SERVER["SERVER_SOFTWARE"]; $info['thumb_engine'] = $config->get_string("thumb_engine"); $info['thumb_quality'] = $config->get_int('thumb_quality'); $info['thumb_width'] = $config->get_int('thumb_width'); $info['thumb_height'] = $config->get_int('thumb_height'); $info['thumb_mem'] = $config->get_int("thumb_mem_limit"); $info['stat_images'] = $database->get_one("SELECT COUNT(*) FROM images"); $info['stat_comments'] = $database->get_one("SELECT COUNT(*) FROM comments"); $info['stat_users'] = $database->get_one("SELECT COUNT(*) FROM users"); $info['stat_tags'] = $database->get_one("SELECT COUNT(*) FROM tags"); $info['stat_image_tags'] = $database->get_one("SELECT COUNT(*) FROM image_tags"); $els = array(); foreach (get_declared_classes() as $class) { $rclass = new ReflectionClass($class); if ($rclass->isAbstract()) { // don't do anything } elseif (is_subclass_of($class, "Extension")) { $els[] = $class; } } $info['sys_extensions'] = join(', ', $els); //$cfs = array(); //foreach($database->get_all("SELECT name, value FROM config") as $pair) { // $cfs[] = $pair['name']."=".$pair['value']; //} //$info[''] = "Config: ".join(", ", $cfs); return $info; }
private function build_stats($image) { $h_owner = html_escape($image->get_owner()->name); $h_ownerlink = "<a href='" . make_link("user/{$h_owner}") . "'>{$h_owner}</a>"; $h_ip = html_escape($image->owner_ip); $h_date = autodate($image->posted); $h_filesize = to_shorthand_int($image->filesize); global $user; if ($user->is_admin()) { $h_ownerlink .= " ({$h_ip})"; } $html = "\n\t\tId: {$image->id}\n\t\t<br>Posted: {$h_date} by {$h_ownerlink}\n\t\t<br>Size: {$image->width}x{$image->height}\n\t\t<br>Filesize: {$h_filesize}\n\t\t"; if (!is_null($image->source)) { $h_source = html_escape($image->source); if (substr($image->source, 0, 7) != "http://") { $h_source = "http://" . $h_source; } $html .= "<br>Source: <a href='{$h_source}'>link</a>"; } return $html; }
public function display_comment_list($images, $page_number, $total_pages, $can_post) { global $config, $page; //$prev = $page_number - 1; //$next = $page_number + 1; $page_title = $config->get_string('title'); $page->set_title($page_title); $page->set_heading($page_title); $page->disable_left(); $page->add_block(new Block(null, $this->build_upload_box(), "main", 0)); $page->add_block(new Block(null, "<hr>", "main", 80)); $this->display_paginator($page, "comment/list", null, $page_number, $total_pages, 90); // parts for each image $position = 10; foreach ($images as $pair) { $image = $pair[0]; $comments = $pair[1]; $h_filename = html_escape($image->filename); $h_filesize = to_shorthand_int($image->filesize); $w = $image->width; $h = $image->height; $comment_html = ""; $comment_id = 0; foreach ($comments as $comment) { $this->inner_id = $comment_id++; $comment_html .= $this->comment_to_html($comment, false); } $html = "<p style='clear:both'> </p><hr height='1'>"; $html .= "File: <a href=\"" . make_link("post/view/{$image->id}") . "\">{$h_filename}</a> - ({$h_filesize}, {$w}x{$h}) - "; $html .= html_escape($image->get_tag_list()); $html .= "<div style='text-align: left'>"; $html .= "<div style='float: left;'>" . $this->build_thumb_html($image) . "</div>"; $html .= "<div class='commentset'>{$comment_html}</div>"; $html .= "</div>"; $page->add_block(new Block(null, $html, "main", $position++)); } }
private function get_info() { global $config, $database; global $_event_listeners; // yay for using secret globals \o/ $info = array(); $info['site_title'] = $config->get_string("title"); $info['site_theme'] = $config->get_string("theme"); $info['site_url'] = "http://" . $_SERVER["HTTP_HOST"] . get_base_href(); $info['sys_shimmie'] = VERSION; $info['sys_schema'] = $config->get_string("db_version"); $info['sys_php'] = phpversion(); $info['sys_os'] = php_uname(); $info['sys_disk'] = to_shorthand_int(disk_total_space("./") - disk_free_space("./")) . " / " . to_shorthand_int(disk_total_space("./")); $info['sys_server'] = $_SERVER["SERVER_SOFTWARE"]; include "config.php"; // more magical hax $proto = preg_replace("#(.*)://.*#", "\$1", $database_dsn); $db = $database->db->ServerInfo(); $info['sys_db'] = "{$proto} / {$db['version']}"; $info['stat_images'] = $database->db->GetOne("SELECT COUNT(*) FROM images"); $info['stat_comments'] = $database->db->GetOne("SELECT COUNT(*) FROM comments"); $info['stat_users'] = $database->db->GetOne("SELECT COUNT(*) FROM users"); $info['stat_tags'] = $database->db->GetOne("SELECT COUNT(*) FROM tags"); $info['stat_image_tags'] = $database->db->GetOne("SELECT COUNT(*) FROM image_tags"); $els = array(); foreach ($_event_listeners as $el) { $els[] = get_class($el); } $info['sys_extensions'] = join(', ', $els); //$cfs = array(); //foreach($database->get_all("SELECT name, value FROM config") as $pair) { // $cfs[] = $pair['name']."=".$pair['value']; //} //$info[''] = "Config: ".join(", ", $cfs); return $info; }
public function onDataUpload(DataUploadEvent $event) { global $config; if ($this->is_full) { throw new UploadException("Upload failed; disk nearly full"); } if (filesize($event->tmpname) > $config->get_int('upload_size')) { $size = to_shorthand_int(filesize($event->tmpname)); $limit = to_shorthand_int($config->get_int('upload_size')); throw new UploadException("File too large ({$size} > {$limit})"); } }
/** * Someone please explain this * * @param string $tmpl * @param string $_escape * @return string */ public function parse_link_template($tmpl, $_escape = "url_escape") { global $config; // don't bother hitting the database if it won't be used... $tags = ""; if (strpos($tmpl, '$tags') !== false) { // * stabs dynamically typed languages with a rusty spoon * $tags = $this->get_tag_list(); $tags = str_replace("/", "", $tags); $tags = preg_replace("/^\\.+/", "", $tags); } $base_href = $config->get_string('base_href'); $fname = $this->get_filename(); $base_fname = strpos($fname, '.') ? substr($fname, 0, strrpos($fname, '.')) : $fname; $tmpl = str_replace('$id', $this->id, $tmpl); $tmpl = str_replace('$hash_ab', substr($this->hash, 0, 2), $tmpl); $tmpl = str_replace('$hash_cd', substr($this->hash, 2, 2), $tmpl); $tmpl = str_replace('$hash', $this->hash, $tmpl); $tmpl = str_replace('$tags', $_escape($tags), $tmpl); $tmpl = str_replace('$base', $base_href, $tmpl); $tmpl = str_replace('$ext', $this->ext, $tmpl); $tmpl = str_replace('$size', "{$this->width}x{$this->height}", $tmpl); $tmpl = str_replace('$filesize', to_shorthand_int($this->filesize), $tmpl); $tmpl = str_replace('$filename', $_escape($base_fname), $tmpl); $tmpl = str_replace('$title', $_escape($config->get_string("title")), $tmpl); $tmpl = str_replace('$date', $_escape(autodate($this->posted, false)), $tmpl); // nothing seems to use this, sending the event out to 50 exts is a lot of overhead if (!SPEED_HAX) { $plte = new ParseLinkTemplateEvent($tmpl, $this); send_event($plte); $tmpl = $plte->link; } static $flexihash = null; static $fh_last_opts = null; $matches = array(); if (preg_match("/(.*){(.*)}(.*)/", $tmpl, $matches)) { $pre = $matches[1]; $opts = $matches[2]; $post = $matches[3]; if ($opts != $fh_last_opts) { $fh_last_opts = $opts; $flexihash = new Flexihash(); foreach (explode(",", $opts) as $opt) { $parts = explode("=", $opt); $parts_count = count($parts); $opt_val = ""; $opt_weight = 0; if ($parts_count === 2) { $opt_val = $parts[0]; $opt_weight = $parts[1]; } elseif ($parts_count === 1) { $opt_val = $parts[0]; $opt_weight = 1; } $flexihash->addTarget($opt_val, $opt_weight); } } $choice = $flexihash->lookup($pre . $post); $tmpl = $pre . $choice . $post; } return $tmpl; }
/** * @param string $name * @param null|string $label */ public function add_shorthand_int_option($name, $label = null) { global $config; $val = to_shorthand_int($config->get_string($name)); if (!is_null($label)) { $this->body .= "<label for='{$name}'>{$label}</label>"; } $this->body .= "<input type='text' id='{$name}' name='_config_{$name}' value='{$val}' size='6' style='text-align: center;'>\n"; $this->body .= "<input type='hidden' name='_type_{$name}' value='int'>\n"; }
/** * @return string */ protected function build_upload_block() { global $config; $upload_list = ""; $upload_count = $config->get_int('upload_count'); for ($i = 0; $i < $upload_count; $i++) { if ($i == 0) { $style = ""; } else { $style = "style='display:none'"; } $upload_list .= "<input id='data{$i}' name='data{$i}' {$style} onchange=\"\$('#data" . ($i + 1) . "').show()\" size='16' type='file'>\n"; } $max_size = $config->get_int('upload_size'); $max_kb = to_shorthand_int($max_size); // <input type='hidden' name='max_file_size' value='$max_size' /> return "\n\t\t\t<div class='mini_upload'>\n\t\t\t" . make_form(make_link("upload"), "POST", $multipart = True) . "\n\t\t\t\t{$upload_list}\n\t\t\t\t<input name='tags' type='text' placeholder='tagme' class='autocomplete_tags' required='required' autocomplete='off'>\n\t\t\t\t<input type='submit' value='Post'>\n\t\t\t</form>\n\t\t\t<small>(Max file size is {$max_kb})</small>\n\t\t\t<noscript><br><a href='" . make_link("upload") . "'>Larger Form</a></noscript>\n\t\t\t</div>\n\t\t"; }
public function receive_event(Event $event) { global $config, $database, $page, $user; if (is_null($this->theme)) { $this->theme = get_theme_object($this); } // f*****g PHP "security" measures -_-;;; $free_num = @disk_free_space(realpath("./images/")); if ($free_num === FALSE) { $is_full = false; } else { $is_full = $free_num < 100 * 1024 * 1024; } if ($event instanceof InitExtEvent) { $config->set_default_int('upload_count', 3); $config->set_default_int('upload_size', '1MB'); $config->set_default_bool('upload_anon', false); $config->set_default_bool('upload_replace', true); } if ($event instanceof PostListBuildingEvent) { if ($this->can_upload($user)) { if ($is_full) { $this->theme->display_full($page); } else { $this->theme->display_block($page); } } } if ($event instanceof PageRequestEvent) { if ($event->page_matches("upload/replace")) { /* Upload & Replace Image Request */ if (!$config->get_bool("upload_replace")) { throw new UploadException("Upload Replacing Images is not enabled."); } // check if the user is an administrator and can upload files. if (!$user->is_admin()) { $this->theme->display_permission_denied($page); } else { if ($is_full) { throw new UploadException("Can not replace Image: disk nearly full"); } // Try to get the image ID $image_id = int_escape($event->get_arg(0)); if (empty($image_id)) { $image_id = isset($_POST['image_id']) ? $_POST['image_id'] : null; } if (empty($image_id)) { throw new UploadException("Can not replace Image: No valid Image ID given."); } $image_old = Image::by_id($image_id); if (is_null($image_old)) { $this->theme->display_error($page, "Image not found", "No image in the database has the ID #{$image_id}"); } if (count($_FILES) + count($_POST) > 0) { if (count($_FILES) > 1) { throw new UploadException("Can not upload more than one image for replacing."); } $source = isset($_POST['source']) ? $_POST['source'] : null; $tags = ''; // Tags aren't changed when uploading. Set to null to stop PHP warnings. if (count($_FILES)) { foreach ($_FILES as $file) { $ok = $this->try_upload($file, $tags, $source, $image_id); break; // leave the foreach loop. } } else { foreach ($_POST as $name => $value) { if (substr($name, 0, 3) == "url" && strlen($value) > 0) { $ok = $this->try_transload($value, $tags, $source, $image_id); break; // leave the foreach loop. } } } $this->theme->display_upload_status($page, $ok); } else { if (!empty($_GET['url'])) { $url = $_GET['url']; $ok = $this->try_transload($url, $tags, $url, $image_id); $this->theme->display_upload_status($page, $ok); } else { $this->theme->display_replace_page($page, $image_id); } } } // END of if admin / can_upload } else { if ($event->page_matches("upload")) { if (!$this->can_upload($user)) { $this->theme->display_permission_denied($page); } else { /* Regular Upload Image */ if (count($_FILES) + count($_POST) > 0) { $tags = Tag::explode($_POST['tags']); $source = isset($_POST['source']) ? $_POST['source'] : null; $ok = true; foreach ($_FILES as $file) { $ok = $ok & $this->try_upload($file, $tags, $source); } foreach ($_POST as $name => $value) { if (substr($name, 0, 3) == "url" && strlen($value) > 0) { $ok = $ok & $this->try_transload($value, $tags, $source); } } $this->theme->display_upload_status($page, $ok); } else { if (!empty($_GET['url'])) { $url = $_GET['url']; $tags = array('tagme'); if (!empty($_GET['tags']) && $_GET['tags'] != "null") { $tags = Tag::explode($_GET['tags']); } $ok = $this->try_transload($url, $tags, $url); $this->theme->display_upload_status($page, $ok); } else { if (!$is_full) { $this->theme->display_page($page); } } } } // END of if can_upload } } } // END of if PageRequestEvent if ($event instanceof SetupBuildingEvent) { $tes = array(); $tes["Disabled"] = "none"; if (function_exists("curl_init")) { $tes["cURL"] = "curl"; } $tes["fopen"] = "fopen"; $tes["WGet"] = "wget"; $sb = new SetupBlock("Upload"); $sb->position = 10; // Output the limits from PHP so the user has an idea of what they can set. $sb->add_label("<i>PHP's Upload Limit = " . ini_get('max_file_uploads') . "</i><br/>"); $sb->add_int_option("upload_count", "Max uploads: "); $sb->add_label("<br/><i>PHP's Max Size Upload = " . ini_get('upload_max_filesize') . "</i><br/>"); $sb->add_shorthand_int_option("upload_size", "<br/>Max size per file: "); $sb->add_bool_option("upload_anon", "<br/>Allow anonymous uploads: "); $sb->add_bool_option("upload_replace", "<br/>Allow replacing images: "); $sb->add_choice_option("transload_engine", $tes, "<br/>Transload: "); $event->panel->add_block($sb); } if ($event instanceof DataUploadEvent) { if ($is_full) { throw new UploadException("Upload failed; disk nearly full"); } if (filesize($event->tmpname) > $config->get_int('upload_size')) { $size = to_shorthand_int(filesize($event->tmpname)); $limit = to_shorthand_int($config->get_int('upload_size')); throw new UploadException("File too large ({$size} > {$limit})"); } } }
/** * Someone please explain this * * @retval string */ public function parse_link_template($tmpl, $_escape = "url_escape") { global $config; // don't bother hitting the database if it won't be used... $tags = ""; if (strpos($tmpl, '$tags') !== false) { // * stabs dynamically typed languages with a rusty spoon * $tags = $this->get_tag_list(); $tags = str_replace("/", "", $tags); $tags = preg_replace("/^\\.+/", "", $tags); } $base_href = $config->get_string('base_href'); $fname = $this->get_filename(); $base_fname = strpos($fname, '.') ? substr($fname, 0, strrpos($fname, '.')) : $fname; $tmpl = str_replace('$id', $this->id, $tmpl); $tmpl = str_replace('$hash_ab', substr($this->hash, 0, 2), $tmpl); $tmpl = str_replace('$hash_cd', substr($this->hash, 2, 2), $tmpl); $tmpl = str_replace('$hash', $this->hash, $tmpl); $tmpl = str_replace('$tags', $_escape($tags), $tmpl); $tmpl = str_replace('$base', $base_href, $tmpl); $tmpl = str_replace('$ext', $this->ext, $tmpl); $tmpl = str_replace('$size', "{$this->width}x{$this->height}", $tmpl); $tmpl = str_replace('$filesize', to_shorthand_int($this->filesize), $tmpl); $tmpl = str_replace('$filename', $_escape($base_fname), $tmpl); $tmpl = str_replace('$title', $_escape($config->get_string("title")), $tmpl); $plte = new ParseLinkTemplateEvent($tmpl, $this); send_event($plte); $tmpl = $plte->link; return $tmpl; }
public function receive_event(Event $event) { global $config, $database, $page, $user; if (is_null($this->theme)) { $this->theme = get_theme_object($this); } $is_full = disk_free_space(realpath("./images/")) < 100 * 1024 * 1024; if ($event instanceof InitExtEvent) { global $config; $config->set_default_int('upload_count', 3); $config->set_default_int('upload_size', '1MB'); $config->set_default_bool('upload_anon', false); } if ($event instanceof PostListBuildingEvent) { global $user; if ($this->can_upload($user)) { if ($is_full) { $this->theme->display_full($page); } else { $this->theme->display_block($page); } } } if ($event instanceof PageRequestEvent && $event->page_matches("upload")) { if (count($_FILES) + count($_POST) > 0) { $tags = Tag::explode($_POST['tags']); $source = isset($_POST['source']) ? $_POST['source'] : null; if ($this->can_upload($user)) { $ok = true; foreach ($_FILES as $file) { $ok = $ok & $this->try_upload($file, $tags, $source); } foreach ($_POST as $name => $value) { if (substr($name, 0, 3) == "url" && strlen($value) > 0) { $ok = $ok & $this->try_transload($value, $tags, $source); } } $this->theme->display_upload_status($page, $ok); } else { $this->theme->display_permission_denied($page); } } else { if (!empty($_GET['url'])) { global $user; if ($this->can_upload($user)) { $url = $_GET['url']; $tags = array('tagme'); if (!empty($_GET['tags']) && $_GET['tags'] != "null") { $tags = Tag::explode($_GET['tags']); } $ok = $this->try_transload($url, $tags, $url); $this->theme->display_upload_status($page, $ok); } else { $this->theme->display_permission_denied($page); } } else { if (!$is_full) { $this->theme->display_page($page); } } } } if ($event instanceof SetupBuildingEvent) { $sb = new SetupBlock("Upload"); $sb->position = 10; $sb->add_int_option("upload_count", "Max uploads: "); $sb->add_shorthand_int_option("upload_size", "<br>Max size per file: "); $sb->add_bool_option("upload_anon", "<br>Allow anonymous uploads: "); $sb->add_choice_option("transload_engine", array("Disabled" => "none", "cURL" => "curl", "fopen" => "fopen", "WGet" => "wget"), "<br>Transload: "); $event->panel->add_block($sb); } if ($event instanceof DataUploadEvent) { global $config; if ($is_full) { throw new UploadException("Upload failed; disk nearly full"); } if (filesize($event->tmpname) > $config->get_int('upload_size')) { $size = to_shorthand_int(filesize($event->tmpname)); $limit = to_shorthand_int($config->get_int('upload_size')); throw new UploadException("File too large ({$size} > {$limit})"); } } }