function wall_upload_post(&$a, $desktopmode = true)
{
logger("wall upload: starting new upload", LOGGER_DEBUG);
$r_json = x($_GET, 'response') && $_GET['response'] == 'json';
if ($a->argc > 1) {
if (!x($_FILES, 'media')) {
$nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick));
if (!count($r)) {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
return;
}
} else {
$user_info = api_get_user($a);
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name']));
}
} else {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
return;
}
$can_post = false;
$visitor = 0;
$page_owner_uid = $r[0]['uid'];
$default_cid = $r[0]['id'];
$page_owner_nick = $r[0]['nickname'];
$community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false;
if (local_user() && local_user() == $page_owner_uid) {
$can_post = true;
} else {
if ($community_page && remote_user()) {
$cid = 0;
if (is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $page_owner_uid) {
$cid = $v['cid'];
break;
}
}
}
if ($cid) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid));
if (count($r)) {
$can_post = true;
$visitor = $cid;
}
}
}
}
if (!$can_post) {
if ($r_json) {
echo json_encode(['error' => t('Permission denied.')]);
killme();
}
notice(t('Permission denied.') . EOL);
killme();
}
if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
killme();
}
$src = "";
if (x($_FILES, 'userfile')) {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
} elseif (x($_FILES, 'media')) {
if (is_array($_FILES['media']['tmp_name'])) {
$src = $_FILES['media']['tmp_name'][0];
} else {
$src = $_FILES['media']['tmp_name'];
}
if (is_array($_FILES['media']['name'])) {
$filename = basename($_FILES['media']['name'][0]);
} else {
$filename = basename($_FILES['media']['name']);
}
if (is_array($_FILES['media']['size'])) {
$filesize = intval($_FILES['media']['size'][0]);
} else {
$filesize = intval($_FILES['media']['size']);
}
if (is_array($_FILES['media']['type'])) {
$filetype = $_FILES['media']['type'][0];
} else {
$filetype = $_FILES['media']['type'];
}
}
if ($src == "") {
if ($r_json) {
echo json_encode(['error' => t('Invalid request.')]);
killme();
}
notice(t('Invalid request.') . EOL);
killme();
}
// This is a special treatment for picture upload from Twidere
if ($filename == "octet-stream" and $filetype != "") {
$filename = $filetype;
$filetype = "";
}
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
// If there is a temp name, then do a manual check
// This is more reliable than the provided value
$imagedata = getimagesize($src);
if ($imagedata) {
$filetype = $imagedata['mime'];
}
logger("File upload src: " . $src . " - filename: " . $filename . " - size: " . $filesize . " - type: " . $filetype, LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
$msg = sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize));
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($page_owner_uid));
$limit = service_class_fetch($page_owner_uid, 'photo_upload_limit');
if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
$msg = upgrade_message(true);
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if (!$ph->is_valid()) {
$msg = t('Unable to process image.');
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
@unlink($src);
killme();
}
$ph->orient($src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
logger("File upload: Scaling picture to new size " . $max_length, LOGGER_DEBUG);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$hash = photo_new_resource();
$smallest = 0;
$defperm = '<' . $default_cid . '>';
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
if (!$r) {
$msg = t('Image upload failed.');
if ($r_json) {
echo json_encode(['error' => $msg]);
} else {
echo $msg . EOL;
}
killme();
}
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
if ($r) {
$smallest = 1;
}
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
if ($r and $smallest == 0) {
$smallest = 2;
}
}
$basename = basename($filename);
if (!$desktopmode) {
$r = q("SELECT `id`, `datasize`, `width`, `height`, `type` FROM `photo` WHERE `resource-id` = '%s' ORDER BY `width` DESC LIMIT 1", $hash);
if (!$r) {
if ($r_json) {
echo json_encode(['error' => '']);
killme();
}
return false;
}
$picture = array();
$picture["id"] = $r[0]["id"];
$picture["size"] = $r[0]["datasize"];
$picture["width"] = $r[0]["width"];
$picture["height"] = $r[0]["height"];
$picture["type"] = $r[0]["type"];
$picture["albumpage"] = $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash;
$picture["picture"] = $a->get_baseurl() . "/photo/{$hash}-0." . $ph->getExt();
$picture["preview"] = $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt();
if ($r_json) {
echo json_encode(['picture' => $picture]);
killme();
}
return $picture;
}
if ($r_json) {
echo json_encode(['ok' => true]);
killme();
}
/* mod Waitman Gobble NO WARRANTY */
//if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post)
if ($_REQUEST['hush'] != 'yeah') {
if (local_user() && (!feature_enabled(local_user(), 'richtext') || x($_REQUEST['nomce']))) {
echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]\n\n";
} else {
echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "\" alt=\"{$basename}\" /></a><br /><br />";
}
} else {
$m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]";
return $m;
}
/* mod Waitman Gobble NO WARRANTY */
killme();
// NOTREACHED
}
function profile_photo_post(&$a)
{
if (!local_user()) {
notice(t('Permission denied.') . EOL);
return;
}
check_form_security_token_redirectOnErr('/profile_photo', 'profile_photo');
if (x($_POST, 'cropfinal') && $_POST['cropfinal'] == 1) {
// unless proven otherwise
$is_default_profile = 1;
if ($_REQUEST['profile']) {
$r = q("select id, `is-default` from profile where id = %d and uid = %d limit 1", intval($_REQUEST['profile']), intval(local_user()));
if (count($r) && !intval($r[0]['is-default'])) {
$is_default_profile = 0;
}
}
// phase 2 - we have finished cropping
if ($a->argc != 2) {
notice(t('Image uploaded but image cropping failed.') . EOL);
return;
}
$image_id = $a->argv[1];
if (substr($image_id, -2, 1) == '-') {
$scale = substr($image_id, -1, 1);
$image_id = substr($image_id, 0, -2);
}
$srcX = $_POST['xstart'];
$srcY = $_POST['ystart'];
$srcW = $_POST['xfinal'] - $srcX;
$srcH = $_POST['yfinal'] - $srcY;
$r = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d AND `scale` = %d LIMIT 1", dbesc($image_id), dbesc(local_user()), intval($scale));
if (count($r)) {
$base_image = $r[0];
$im = new Photo($base_image['data'], $base_image['type']);
if ($im->is_valid()) {
$im->cropImage(175, $srcX, $srcY, $srcW, $srcH);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 4, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "175") . EOL);
}
$im->scaleImage(80);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 5, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "80") . EOL);
}
$im->scaleImage(48);
$r = $im->store(local_user(), 0, $base_image['resource-id'], $base_image['filename'], t('Profile Photos'), 6, $is_default_profile);
if ($r === false) {
notice(sprintf(t('Image size reduction [%s] failed.'), "48") . EOL);
}
// If setting for the default profile, unset the profile photo flag from any other photos I own
if ($is_default_profile) {
$r = q("UPDATE `photo` SET `profile` = 0 WHERE `profile` = 1 AND `resource-id` != '%s' AND `uid` = %d", dbesc($base_image['resource-id']), intval(local_user()));
$r = q("UPDATE `contact` SET `photo` = '%s', `thumb` = '%s', `micro` = '%s' WHERE `self` AND `uid` = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-6.' . $im->getExt()), intval(local_user()));
} else {
$r = q("update profile set photo = '%s', thumb = '%s' where id = %d and uid = %d", dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-4.' . $im->getExt()), dbesc($a->get_baseurl() . '/photo/' . $base_image['resource-id'] . '-5.' . $im->getExt()), intval($_REQUEST['profile']), intval(local_user()));
}
// we'll set the updated profile-photo timestamp even if it isn't the default profile,
// so that browsers will do a cache update unconditionally
$r = q("UPDATE `contact` SET `avatar-date` = '%s' WHERE `self` = 1 AND `uid` = %d", dbesc(datetime_convert()), intval(local_user()));
info(t('Shift-reload the page or clear browser cache if the new photo does not display immediately.') . EOL);
// Update global directory in background
$url = $a->get_baseurl() . '/profile/' . $a->user['nickname'];
if ($url && strlen(get_config('system', 'directory'))) {
proc_run('php', "include/directory.php", "{$url}");
}
require_once 'include/profile_update.php';
profile_change();
} else {
notice(t('Unable to process image') . EOL);
}
}
goaway($a->get_baseurl() . '/profiles');
return;
// NOTREACHED
}
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
notice(sprintf(t('Image exceeds size limit of %s'), formatBytes($maximagesize)) . EOL);
@unlink($src);
return;
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if (!$ph->is_valid()) {
notice(t('Unable to process image.') . EOL);
@unlink($src);
return;
}
$ph->orient($src);
@unlink($src);
return profile_photo_crop_ui_head($a, $ph);
}
function photos_post(&$a)
{
logger('mod-photos: photos_post: begin', LOGGER_DEBUG);
logger('mod_photos: REQUEST ' . print_r($_REQUEST, true), LOGGER_DATA);
logger('mod_photos: FILES ' . print_r($_FILES, true), LOGGER_DATA);
$phototypes = Photo::supportedTypes();
$can_post = false;
$visitor = 0;
$page_owner_uid = $a->data['user']['uid'];
$community_page = $a->data['user']['page-flags'] == PAGE_COMMUNITY ? true : false;
if (local_user() && local_user() == $page_owner_uid) {
$can_post = true;
} else {
if ($community_page && remote_user()) {
$cid = 0;
if (is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $page_owner_uid) {
$cid = $v['cid'];
break;
}
}
}
if ($cid) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid));
if (count($r)) {
$can_post = true;
$visitor = $cid;
}
}
}
}
if (!$can_post) {
notice(t('Permission denied.') . EOL);
killme();
}
$r = q("SELECT `contact`.*, `user`.`nickname` FROM `contact` LEFT JOIN `user` ON `user`.`uid` = `contact`.`uid` \n\t\tWHERE `user`.`uid` = %d AND `self` = 1 LIMIT 1", intval($page_owner_uid));
if (!count($r)) {
notice(t('Contact information unavailable') . EOL);
logger('photos_post: unable to locate contact record for page owner. uid=' . $page_owner_uid);
killme();
}
$owner_record = $r[0];
if ($a->argc > 3 && $a->argv[2] === 'album') {
$album = hex2bin($a->argv[3]);
if ($album === t('Profile Photos') || $album === 'Contact Photos' || $album === t('Contact Photos')) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
$r = q("SELECT count(*) FROM `photo` WHERE `album` = '%s' AND `uid` = %d", dbesc($album), intval($page_owner_uid));
if (!count($r)) {
notice(t('Album not found.') . EOL);
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
// Check if the user has responded to a delete confirmation query
if ($_REQUEST['canceled']) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
$newalbum = notags(trim($_POST['albumname']));
if ($newalbum != $album) {
q("UPDATE `photo` SET `album` = '%s' WHERE `album` = '%s' AND `uid` = %d", dbesc($newalbum), dbesc($album), intval($page_owner_uid));
$newurl = str_replace(bin2hex($album), bin2hex($newalbum), $_SESSION['photo_return']);
goaway($a->get_baseurl() . '/' . $newurl);
return;
// NOTREACHED
}
if ($_POST['dropalbum'] == t('Delete Album')) {
// Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) {
$drop_url = $a->query_string;
$extra_inputs = array(array('name' => 'albumname', 'value' => $_POST['albumname']));
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array('$method' => 'post', '$message' => t('Do you really want to delete this photo album and all its photos?'), '$extra_inputs' => $extra_inputs, '$confirm' => t('Delete Album'), '$confirm_url' => $drop_url, '$confirm_name' => 'dropalbum', '$cancel' => t('Cancel')));
$a->error = 1;
// Set $a->error so the other module functions don't execute
return;
}
$res = array();
// get the list of photos we are about to delete
if ($visitor) {
$r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `album` = '%s'", intval($visitor), intval($page_owner_uid), dbesc($album));
} else {
$r = q("SELECT distinct(`resource-id`) as `rid` FROM `photo` WHERE `uid` = %d AND `album` = '%s'", intval(local_user()), dbesc($album));
}
if (count($r)) {
foreach ($r as $rr) {
$res[] = "'" . dbesc($rr['rid']) . "'";
}
} else {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
$str_res = implode(',', $res);
// remove the associated photos
q("DELETE FROM `photo` WHERE `resource-id` IN ( {$str_res} ) AND `uid` = %d", intval($page_owner_uid));
// find and delete the corresponding item with all the comments and likes/dislikes
$r = q("SELECT `parent-uri` FROM `item` WHERE `resource-id` IN ( {$str_res} ) AND `uid` = %d", intval($page_owner_uid));
if (count($r)) {
foreach ($r as $rr) {
q("UPDATE `item` SET `deleted` = 1, `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc($rr['parent-uri']), intval($page_owner_uid));
create_tags_from_itemuri($rr['parent-uri'], $page_owner_uid);
delete_thread_uri($rr['parent-uri'], $page_owner_uid);
$drop_id = intval($rr['id']);
// send the notification upstream/downstream as the case may be
if ($rr['visible']) {
proc_run('php', "include/notifier.php", "drop", "{$drop_id}");
}
}
}
}
goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
return;
// NOTREACHED
}
// Check if the user has responded to a delete confirmation query for a single photo
if ($a->argc > 2 && $_REQUEST['canceled']) {
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
}
if ($a->argc > 2 && x($_POST, 'delete') && $_POST['delete'] == t('Delete Photo')) {
// same as above but remove single photo
// Check if we should do HTML-based delete confirmation
if ($_REQUEST['confirm']) {
$drop_url = $a->query_string;
$a->page['content'] = replace_macros(get_markup_template('confirm.tpl'), array('$method' => 'post', '$message' => t('Do you really want to delete this photo?'), '$extra_inputs' => array(), '$confirm' => t('Delete Photo'), '$confirm_url' => $drop_url, '$confirm_name' => 'delete', '$cancel' => t('Cancel')));
$a->error = 1;
// Set $a->error so the other module functions don't execute
return;
}
if ($visitor) {
$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `contact-id` = %d AND `uid` = %d AND `resource-id` = '%s' LIMIT 1", intval($visitor), intval($page_owner_uid), dbesc($a->argv[2]));
} else {
$r = q("SELECT `id`, `resource-id` FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s' LIMIT 1", intval(local_user()), dbesc($a->argv[2]));
}
if (count($r)) {
q("DELETE FROM `photo` WHERE `uid` = %d AND `resource-id` = '%s'", intval($page_owner_uid), dbesc($r[0]['resource-id']));
$i = q("SELECT * FROM `item` WHERE `resource-id` = '%s' AND `uid` = %d LIMIT 1", dbesc($r[0]['resource-id']), intval($page_owner_uid));
if (count($i)) {
q("UPDATE `item` SET `deleted` = 1, `edited` = '%s', `changed` = '%s' WHERE `parent-uri` = '%s' AND `uid` = %d", dbesc(datetime_convert()), dbesc(datetime_convert()), dbesc($i[0]['uri']), intval($page_owner_uid));
create_tags_from_itemuri($i[0]['uri'], $page_owner_uid);
delete_thread_uri($i[0]['uri'], $page_owner_uid);
$url = $a->get_baseurl();
$drop_id = intval($i[0]['id']);
if ($i[0]['visible']) {
proc_run('php', "include/notifier.php", "drop", "{$drop_id}");
}
}
}
goaway($a->get_baseurl() . '/photos/' . $a->data['user']['nickname']);
return;
// NOTREACHED
}
if ($a->argc > 2 && (x($_POST, 'desc') !== false || x($_POST, 'newtag') !== false) || x($_POST, 'albname') !== false) {
$desc = x($_POST, 'desc') ? notags(trim($_POST['desc'])) : '';
$rawtags = x($_POST, 'newtag') ? notags(trim($_POST['newtag'])) : '';
$item_id = x($_POST, 'item_id') ? intval($_POST['item_id']) : 0;
$albname = x($_POST, 'albname') ? notags(trim($_POST['albname'])) : '';
$str_group_allow = perms2str($_POST['group_allow']);
$str_contact_allow = perms2str($_POST['contact_allow']);
$str_group_deny = perms2str($_POST['group_deny']);
$str_contact_deny = perms2str($_POST['contact_deny']);
$resource_id = $a->argv[2];
if (!strlen($albname)) {
$albname = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
}
if (x($_POST, 'rotate') !== false && (intval($_POST['rotate']) == 1 || intval($_POST['rotate']) == 2)) {
logger('rotate');
$r = q("select * from photo where `resource-id` = '%s' and uid = %d and scale = 0 limit 1", dbesc($resource_id), intval($page_owner_uid));
if (count($r)) {
$ph = new Photo($r[0]['data'], $r[0]['type']);
if ($ph->is_valid()) {
$rotate_deg = intval($_POST['rotate']) == 1 ? 270 : 90;
$ph->rotate($rotate_deg);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 0", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 1", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$width = $ph->getWidth();
$height = $ph->getHeight();
$x = q("update photo set data = '%s', height = %d, width = %d where `resource-id` = '%s' and uid = %d and scale = 2", dbesc($ph->imageString()), intval($height), intval($width), dbesc($resource_id), intval($page_owner_uid));
}
}
}
}
$p = q("SELECT * FROM `photo` WHERE `resource-id` = '%s' AND `uid` = %d ORDER BY `scale` DESC", dbesc($resource_id), intval($page_owner_uid));
if (count($p)) {
$ext = $phototypes[$p[0]['type']];
$r = q("UPDATE `photo` SET `desc` = '%s', `album` = '%s', `allow_cid` = '%s', `allow_gid` = '%s', `deny_cid` = '%s', `deny_gid` = '%s' WHERE `resource-id` = '%s' AND `uid` = %d", dbesc($desc), dbesc($albname), dbesc($str_contact_allow), dbesc($str_group_allow), dbesc($str_contact_deny), dbesc($str_group_deny), dbesc($resource_id), intval($page_owner_uid));
}
/* Don't make the item visible if the only change was the album name */
$visibility = 0;
if ($p[0]['desc'] !== $desc || strlen($rawtags)) {
$visibility = 1;
}
if (!$item_id) {
// Create item container
$title = '';
$uri = item_new_uri($a->get_hostname(), $page_owner_uid);
$arr = array();
$arr['uid'] = $page_owner_uid;
$arr['uri'] = $uri;
$arr['parent-uri'] = $uri;
$arr['type'] = 'photo';
$arr['wall'] = 1;
$arr['resource-id'] = $p[0]['resource-id'];
$arr['contact-id'] = $owner_record['id'];
$arr['owner-name'] = $owner_record['name'];
$arr['owner-link'] = $owner_record['url'];
$arr['owner-avatar'] = $owner_record['thumb'];
$arr['author-name'] = $owner_record['name'];
$arr['author-link'] = $owner_record['url'];
$arr['author-avatar'] = $owner_record['thumb'];
$arr['title'] = $title;
$arr['allow_cid'] = $p[0]['allow_cid'];
$arr['allow_gid'] = $p[0]['allow_gid'];
$arr['deny_cid'] = $p[0]['deny_cid'];
$arr['deny_gid'] = $p[0]['deny_gid'];
$arr['last-child'] = 1;
$arr['visible'] = $visibility;
$arr['origin'] = 1;
$arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . $a->get_baseurl() . '/photo/' . $p[0]['resource-id'] . '-' . $p[0]['scale'] . '.' . $ext . '[/img]' . '[/url]';
$item_id = item_store($arr);
}
if ($item_id) {
$r = q("SELECT * FROM `item` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($item_id), intval($page_owner_uid));
}
if (count($r)) {
$old_tag = $r[0]['tag'];
$old_inform = $r[0]['inform'];
}
if (strlen($rawtags)) {
$str_tags = '';
$inform = '';
// if the new tag doesn't have a namespace specifier (@foo or #foo) give it a hashtag
$x = substr($rawtags, 0, 1);
if ($x !== '@' && $x !== '#') {
$rawtags = '#' . $rawtags;
}
$taginfo = array();
$tags = get_tags($rawtags);
if (count($tags)) {
foreach ($tags as $tag) {
if (isset($profile)) {
unset($profile);
}
if (strpos($tag, '@') === 0) {
$name = substr($tag, 1);
if (strpos($name, '@') || strpos($name, 'http://')) {
$newname = $name;
$links = @lrdd($name);
if (count($links)) {
foreach ($links as $link) {
if ($link['@attributes']['rel'] === 'http://webfinger.net/rel/profile-page') {
$profile = $link['@attributes']['href'];
}
if ($link['@attributes']['rel'] === 'salmon') {
$salmon = '$url:' . str_replace(',', '%sc', $link['@attributes']['href']);
if (strlen($inform)) {
$inform .= ',';
}
$inform .= $salmon;
}
}
}
$taginfo[] = array($newname, $profile, $salmon);
} else {
$newname = $name;
$alias = '';
$tagcid = 0;
if (strrpos($newname, '+')) {
$tagcid = intval(substr($newname, strrpos($newname, '+') + 1));
}
if ($tagcid) {
$r = q("SELECT * FROM `contact` WHERE `id` = %d AND `uid` = %d LIMIT 1", intval($tagcid), intval($profile_uid));
} else {
$newname = str_replace('_', ' ', $name);
//select someone from this user's contacts by name
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1", dbesc($newname), intval($page_owner_uid));
if (!$r) {
//select someone by attag or nick and the name passed in
$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1", dbesc($name), dbesc($name), intval($page_owner_uid));
}
}
/* elseif(strstr($name,'_') || strstr($name,' ')) {
$newname = str_replace('_',' ',$name);
$r = q("SELECT * FROM `contact` WHERE `name` = '%s' AND `uid` = %d LIMIT 1",
dbesc($newname),
intval($page_owner_uid)
);
}
else {
$r = q("SELECT * FROM `contact` WHERE `attag` = '%s' OR `nick` = '%s' AND `uid` = %d ORDER BY `attag` DESC LIMIT 1",
dbesc($name),
dbesc($name),
intval($page_owner_uid)
);
}*/
if (count($r)) {
$newname = $r[0]['name'];
$profile = $r[0]['url'];
$notify = 'cid:' . $r[0]['id'];
if (strlen($inform)) {
$inform .= ',';
}
$inform .= $notify;
}
}
if ($profile) {
if (substr($notify, 0, 4) === 'cid:') {
$taginfo[] = array($newname, $profile, $notify, $r[0], '@[url=' . str_replace(',', '%2c', $profile) . ']' . $newname . '[/url]');
} else {
$taginfo[] = array($newname, $profile, $notify, null, $str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]');
}
if (strlen($str_tags)) {
$str_tags .= ',';
}
$profile = str_replace(',', '%2c', $profile);
$str_tags .= '@[url=' . $profile . ']' . $newname . '[/url]';
}
} elseif (strpos($tag, '#') === 0) {
$tagname = substr($tag, 1);
$str_tags .= '#[url=' . $a->get_baseurl() . "/search?tag=" . $tagname . ']' . $tagname . '[/url]';
}
}
}
$newtag = $old_tag;
if (strlen($newtag) && strlen($str_tags)) {
$newtag .= ',';
}
$newtag .= $str_tags;
$newinform = $old_inform;
if (strlen($newinform) && strlen($inform)) {
$newinform .= ',';
}
$newinform .= $inform;
$r = q("UPDATE `item` SET `tag` = '%s', `inform` = '%s', `edited` = '%s', `changed` = '%s' WHERE `id` = %d AND `uid` = %d", dbesc($newtag), dbesc($newinform), dbesc(datetime_convert()), dbesc(datetime_convert()), intval($item_id), intval($page_owner_uid));
create_tags_from_item($item_id);
update_thread($item_id);
$best = 0;
foreach ($p as $scales) {
if (intval($scales['scale']) == 2) {
$best = 2;
break;
}
if (intval($scales['scale']) == 4) {
$best = 4;
break;
}
}
if (count($taginfo)) {
foreach ($taginfo as $tagged) {
$uri = item_new_uri($a->get_hostname(), $page_owner_uid);
$arr = array();
$arr['uid'] = $page_owner_uid;
$arr['uri'] = $uri;
$arr['parent-uri'] = $uri;
$arr['type'] = 'activity';
$arr['wall'] = 1;
$arr['contact-id'] = $owner_record['id'];
$arr['owner-name'] = $owner_record['name'];
$arr['owner-link'] = $owner_record['url'];
$arr['owner-avatar'] = $owner_record['thumb'];
$arr['author-name'] = $owner_record['name'];
$arr['author-link'] = $owner_record['url'];
$arr['author-avatar'] = $owner_record['thumb'];
$arr['title'] = '';
$arr['allow_cid'] = $p[0]['allow_cid'];
$arr['allow_gid'] = $p[0]['allow_gid'];
$arr['deny_cid'] = $p[0]['deny_cid'];
$arr['deny_gid'] = $p[0]['deny_gid'];
$arr['last-child'] = 1;
$arr['visible'] = 1;
$arr['verb'] = ACTIVITY_TAG;
$arr['object-type'] = ACTIVITY_OBJ_PERSON;
$arr['target-type'] = ACTIVITY_OBJ_PHOTO;
$arr['tag'] = $tagged[4];
$arr['inform'] = $tagged[2];
$arr['origin'] = 1;
$arr['body'] = sprintf(t('%1$s was tagged in %2$s by %3$s'), '[url=' . $tagged[1] . ']' . $tagged[0] . '[/url]', '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . t('a photo') . '[/url]', '[url=' . $owner_record['url'] . ']' . $owner_record['name'] . '[/url]');
$arr['body'] .= "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . ']' . '[img]' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '[/img][/url]' . "\n";
$arr['object'] = '<object><type>' . ACTIVITY_OBJ_PERSON . '</type><title>' . $tagged[0] . '</title><id>' . $tagged[1] . '/' . $tagged[0] . '</id>';
$arr['object'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $tagged[1] . '" />' . "\n");
if ($tagged[3]) {
$arr['object'] .= xmlify('<link rel="photo" type="' . $p[0]['type'] . '" href="' . $tagged[3]['photo'] . '" />' . "\n");
}
$arr['object'] .= '</link></object>' . "\n";
$arr['target'] = '<target><type>' . ACTIVITY_OBJ_PHOTO . '</type><title>' . $p[0]['desc'] . '</title><id>' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '</id>';
$arr['target'] .= '<link>' . xmlify('<link rel="alternate" type="text/html" href="' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $p[0]['resource-id'] . '" />' . "\n" . '<link rel="preview" type="' . $p[0]['type'] . '" href="' . $a->get_baseurl() . "/photo/" . $p[0]['resource-id'] . '-' . $best . '.' . $ext . '" />') . '</link></target>';
$item_id = item_store($arr);
if ($item_id) {
//q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
// dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
// intval($page_owner_uid),
// intval($item_id)
//);
proc_run('php', "include/notifier.php", "tag", "{$item_id}");
}
}
}
}
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
return;
// NOTREACHED
}
/**
* default post action - upload a photo
*/
call_hooks('photo_post_init', $_POST);
/**
* Determine the album to use
*/
$album = notags(trim($_REQUEST['album']));
$newalbum = notags(trim($_REQUEST['newalbum']));
logger('mod/photos.php: photos_post(): album= ' . $album . ' newalbum= ' . $newalbum, LOGGER_DEBUG);
if (!strlen($album)) {
if (strlen($newalbum)) {
$album = $newalbum;
} else {
$album = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
}
}
/**
*
* We create a wall item for every photo, but we don't want to
* overwhelm the data stream with a hundred newly uploaded photos.
* So we will make the first photo uploaded to this album in the last several hours
* visible by default, the rest will become visible over time when and if
* they acquire comments, likes, dislikes, and/or tags
*
*/
$r = q("SELECT * FROM `photo` WHERE `album` = '%s' AND `uid` = %d AND `created` > UTC_TIMESTAMP() - INTERVAL 3 HOUR ", dbesc($album), intval($page_owner_uid));
if (!count($r) || $album == t('Profile Photos')) {
$visible = 1;
} else {
$visible = 0;
}
if (intval($_REQUEST['not_visible']) || $_REQUEST['not_visible'] === 'true') {
$visible = 0;
}
$str_group_allow = perms2str(is_array($_REQUEST['group_allow']) ? $_REQUEST['group_allow'] : explode(',', $_REQUEST['group_allow']));
$str_contact_allow = perms2str(is_array($_REQUEST['contact_allow']) ? $_REQUEST['contact_allow'] : explode(',', $_REQUEST['contact_allow']));
$str_group_deny = perms2str(is_array($_REQUEST['group_deny']) ? $_REQUEST['group_deny'] : explode(',', $_REQUEST['group_deny']));
$str_contact_deny = perms2str(is_array($_REQUEST['contact_deny']) ? $_REQUEST['contact_deny'] : explode(',', $_REQUEST['contact_deny']));
$ret = array('src' => '', 'filename' => '', 'filesize' => 0, 'type' => '');
call_hooks('photo_post_file', $ret);
if (x($ret, 'src') && x($ret, 'filesize')) {
$src = $ret['src'];
$filename = $ret['filename'];
$filesize = $ret['filesize'];
$type = $ret['type'];
} else {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$type = $_FILES['userfile']['type'];
}
if ($type == "") {
$type = guess_image_type($filename);
}
logger('photos: upload: received file: ' . $filename . ' as ' . $src . ' (' . $type . ') ' . $filesize . ' bytes', LOGGER_DEBUG);
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
notice(t('Image exceeds size limit of ') . $maximagesize . EOL);
@unlink($src);
$foo = 0;
call_hooks('photo_post_end', $foo);
return;
}
if (!$filesize) {
notice(t('Image file is empty.') . EOL);
@unlink($src);
$foo = 0;
call_hooks('photo_post_end', $foo);
return;
}
logger('mod/photos.php: photos_post(): loading the contents of ' . $src, LOGGER_DEBUG);
$imagedata = @file_get_contents($src);
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($a->data['user']['uid']));
$limit = service_class_fetch($a->data['user']['uid'], 'photo_upload_limit');
if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
notice(upgrade_message() . EOL);
@unlink($src);
$foo = 0;
call_hooks('photo_post_end', $foo);
killme();
}
$ph = new Photo($imagedata, $type);
if (!$ph->is_valid()) {
logger('mod/photos.php: photos_post(): unable to process image', LOGGER_DEBUG);
notice(t('Unable to process image.') . EOL);
@unlink($src);
$foo = 0;
call_hooks('photo_post_end', $foo);
killme();
}
$ph->orient($src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$smallest = 0;
$photo_hash = photo_new_resource();
$r = $ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 0, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
if (!$r) {
logger('mod/photos.php: photos_post(): image store failed', LOGGER_DEBUG);
notice(t('Image upload failed.') . EOL);
killme();
}
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 1, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
$smallest = 1;
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$ph->store($page_owner_uid, $visitor, $photo_hash, $filename, $album, 2, 0, $str_contact_allow, $str_group_allow, $str_contact_deny, $str_group_deny);
$smallest = 2;
}
$basename = basename($filename);
$uri = item_new_uri($a->get_hostname(), $page_owner_uid);
// Create item container
$arr = array();
$arr['uid'] = $page_owner_uid;
$arr['uri'] = $uri;
$arr['parent-uri'] = $uri;
$arr['type'] = 'photo';
$arr['wall'] = 1;
$arr['resource-id'] = $photo_hash;
$arr['contact-id'] = $owner_record['id'];
$arr['owner-name'] = $owner_record['name'];
$arr['owner-link'] = $owner_record['url'];
$arr['owner-avatar'] = $owner_record['thumb'];
$arr['author-name'] = $owner_record['name'];
$arr['author-link'] = $owner_record['url'];
$arr['author-avatar'] = $owner_record['thumb'];
$arr['title'] = '';
$arr['allow_cid'] = $str_contact_allow;
$arr['allow_gid'] = $str_group_allow;
$arr['deny_cid'] = $str_contact_deny;
$arr['deny_gid'] = $str_group_deny;
$arr['last-child'] = 1;
$arr['visible'] = $visible;
$arr['origin'] = 1;
$arr['body'] = '[url=' . $a->get_baseurl() . '/photos/' . $owner_record['nickname'] . '/image/' . $photo_hash . ']' . '[img]' . $a->get_baseurl() . "/photo/{$photo_hash}-{$smallest}." . $ph->getExt() . '[/img]' . '[/url]';
$item_id = item_store($arr);
//if($item_id) {
// q("UPDATE `item` SET `plink` = '%s' WHERE `uid` = %d AND `id` = %d",
// dbesc($a->get_baseurl() . '/display/' . $owner_record['nickname'] . '/' . $item_id),
// intval($page_owner_uid),
// intval($item_id)
// );
//}
if ($visible) {
proc_run('php', "include/notifier.php", 'wall-new', $item_id);
}
call_hooks('photo_post_end', intval($item_id));
// addon uploaders should call "killme()" [e.g. exit] within the photo_post_end hook
// if they do not wish to be redirected
goaway($a->get_baseurl() . '/' . $_SESSION['photo_return']);
// NOTREACHED
}
function store_photo($a, $uid, $imagedata = "", $url = "")
{
$r = q("SELECT `user`.`nickname`, `user`.`page-flags`, `contact`.`id` FROM `user` INNER JOIN `contact` on `user`.`uid` = `contact`.`uid`\n\t\tWHERE `user`.`uid` = %d AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", intval($uid));
if (!count($r)) {
logger("Can't detect user data for uid " . $uid, LOGGER_DEBUG);
return array();
}
$page_owner_nick = $r[0]['nickname'];
// To-Do:
// $default_cid = $r[0]['id'];
// $community_page = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false);
if (strlen($imagedata) == 0 and $url == "") {
logger("No image data and no url provided", LOGGER_DEBUG);
return array();
} elseif (strlen($imagedata) == 0) {
logger("Uploading picture from " . $url, LOGGER_DEBUG);
$imagedata = @file_get_contents($url);
}
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && strlen($imagedata) > $maximagesize) {
logger("Image exceeds size limit of " . $maximagesize, LOGGER_DEBUG);
return array();
}
/*
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ",
intval($uid)
);
$limit = service_class_fetch($uid,'photo_upload_limit');
if(($limit !== false) && (($r[0]['total'] + strlen($imagedata)) > $limit)) {
logger("Image exceeds personal limit of uid ".$uid, LOGGER_DEBUG);
return(array());
}
*/
$tempfile = tempnam(get_temppath(), "cache");
file_put_contents($tempfile, $imagedata);
$data = getimagesize($tempfile);
if (!isset($data["mime"])) {
unlink($tempfile);
logger("File is no picture", LOGGER_DEBUG);
return array();
}
$ph = new Photo($imagedata, $data["mime"]);
if (!$ph->is_valid()) {
unlink($tempfile);
logger("Picture is no valid picture", LOGGER_DEBUG);
return array();
}
$ph->orient($tempfile);
unlink($tempfile);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$hash = photo_new_resource();
$smallest = 0;
// Pictures are always public by now
//$defperm = '<'.$default_cid.'>';
$defperm = "";
$visitor = 0;
$r = $ph->store($uid, $visitor, $hash, $tempfile, t('Wall Photos'), 0, 0, $defperm);
if (!$r) {
logger("Picture couldn't be stored", LOGGER_DEBUG);
return array();
}
$image = array("page" => $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash, "full" => $a->get_baseurl() . "/photo/{$hash}-0." . $ph->getExt());
if ($width > 800 || $height > 800) {
$image["large"] = $a->get_baseurl() . "/photo/{$hash}-0." . $ph->getExt();
}
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$r = $ph->store($uid, $visitor, $hash, $tempfile, t('Wall Photos'), 1, 0, $defperm);
if ($r) {
$image["medium"] = $a->get_baseurl() . "/photo/{$hash}-1." . $ph->getExt();
}
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$r = $ph->store($uid, $visitor, $hash, $tempfile, t('Wall Photos'), 2, 0, $defperm);
if ($r) {
$image["small"] = $a->get_baseurl() . "/photo/{$hash}-2." . $ph->getExt();
}
}
if ($width > 160 and $height > 160) {
$x = 0;
$y = 0;
$min = $ph->getWidth();
if ($min > 160) {
$x = ($min - 160) / 2;
}
if ($ph->getHeight() < $min) {
$min = $ph->getHeight();
if ($min > 160) {
$y = ($min - 160) / 2;
}
}
$min = 160;
$ph->cropImage(160, $x, $y, $min, $min);
$r = $ph->store($uid, $visitor, $hash, $tempfile, t('Wall Photos'), 3, 0, $defperm);
if ($r) {
$image["thumb"] = $a->get_baseurl() . "/photo/{$hash}-3." . $ph->getExt();
}
}
// Set the full image as preview image. This will be overwritten, if the picture is larger than 640.
$image["preview"] = $image["full"];
// Deactivated, since that would result in a cropped preview, if the picture wasn't larger than 320
//if (isset($image["thumb"]))
// $image["preview"] = $image["thumb"];
// Unsure, if this should be activated or deactivated
//if (isset($image["small"]))
// $image["preview"] = $image["small"];
if (isset($image["medium"])) {
$image["preview"] = $image["medium"];
}
return $image;
}
function wall_upload_post(&$a)
{
logger("wall upload: starting new upload", LOGGER_DEBUG);
if ($a->argc > 1) {
if (!x($_FILES, 'media')) {
$nick = $a->argv[1];
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($nick));
if (!count($r)) {
return;
}
} else {
$user_info = api_get_user($a);
$r = q("SELECT `user`.*, `contact`.`id` FROM `user` LEFT JOIN `contact` on `user`.`uid` = `contact`.`uid` WHERE `user`.`nickname` = '%s' AND `user`.`blocked` = 0 and `contact`.`self` = 1 LIMIT 1", dbesc($user_info['screen_name']));
}
} else {
return;
}
$can_post = false;
$visitor = 0;
$page_owner_uid = $r[0]['uid'];
$default_cid = $r[0]['id'];
$page_owner_nick = $r[0]['nickname'];
$community_page = $r[0]['page-flags'] == PAGE_COMMUNITY ? true : false;
if (local_user() && local_user() == $page_owner_uid) {
$can_post = true;
} else {
if ($community_page && remote_user()) {
$cid = 0;
if (is_array($_SESSION['remote'])) {
foreach ($_SESSION['remote'] as $v) {
if ($v['uid'] == $page_owner_uid) {
$cid = $v['cid'];
break;
}
}
}
if ($cid) {
$r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", intval($cid), intval($page_owner_uid));
if (count($r)) {
$can_post = true;
$visitor = $cid;
}
}
}
}
if (!$can_post) {
notice(t('Permission denied.') . EOL);
killme();
}
if (!x($_FILES, 'userfile') && !x($_FILES, 'media')) {
killme();
}
if (x($_FILES, 'userfile')) {
$src = $_FILES['userfile']['tmp_name'];
$filename = basename($_FILES['userfile']['name']);
$filesize = intval($_FILES['userfile']['size']);
$filetype = $_FILES['userfile']['type'];
} elseif (x($_FILES, 'media')) {
$src = $_FILES['media']['tmp_name'];
$filename = basename($_FILES['media']['name']);
$filesize = intval($_FILES['media']['size']);
$filetype = $_FILES['media']['type'];
}
if ($filetype == "") {
$filetype = guess_image_type($filename);
}
$maximagesize = get_config('system', 'maximagesize');
if ($maximagesize && $filesize > $maximagesize) {
echo sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL;
@unlink($src);
killme();
}
$r = q("select sum(octet_length(data)) as total from photo where uid = %d and scale = 0 and album != 'Contact Photos' ", intval($page_owner_uid));
$limit = service_class_fetch($page_owner_uid, 'photo_upload_limit');
if ($limit !== false && $r[0]['total'] + strlen($imagedata) > $limit) {
echo upgrade_message(true) . EOL;
@unlink($src);
killme();
}
$imagedata = @file_get_contents($src);
$ph = new Photo($imagedata, $filetype);
if (!$ph->is_valid()) {
echo t('Unable to process image.') . EOL;
@unlink($src);
killme();
}
$ph->orient($src);
@unlink($src);
$max_length = get_config('system', 'max_image_length');
if (!$max_length) {
$max_length = MAX_IMAGE_LENGTH;
}
if ($max_length > 0) {
$ph->scaleImage($max_length);
}
$width = $ph->getWidth();
$height = $ph->getHeight();
$hash = photo_new_resource();
$smallest = 0;
$defperm = '<' . $default_cid . '>';
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 0, 0, $defperm);
if (!$r) {
echo t('Image upload failed.') . EOL;
killme();
}
if ($width > 640 || $height > 640) {
$ph->scaleImage(640);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 1, 0, $defperm);
if ($r) {
$smallest = 1;
}
}
if ($width > 320 || $height > 320) {
$ph->scaleImage(320);
$r = $ph->store($page_owner_uid, $visitor, $hash, $filename, t('Wall Photos'), 2, 0, $defperm);
if ($r) {
$smallest = 2;
}
}
$basename = basename($filename);
/* mod Waitman Gobble NO WARRANTY */
//if we get the signal then return the image url info in BBCODE, otherwise this outputs the info and bails (for the ajax image uploader on wall post)
if ($_REQUEST['hush'] != 'yeah') {
if (local_user() && (!feature_enabled(local_user(), 'richtext') || x($_REQUEST['nomce']))) {
echo "\n\n" . '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]\n\n";
} else {
echo '<br /><br /><a href="' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '" ><img src="' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "\" alt=\"{$basename}\" /></a><br /><br />";
}
} else {
$m = '[url=' . $a->get_baseurl() . '/photos/' . $page_owner_nick . '/image/' . $hash . '][img]' . $a->get_baseurl() . "/photo/{$hash}-{$smallest}." . $ph->getExt() . "[/img][/url]";
return $m;
}
/* mod Waitman Gobble NO WARRANTY */
killme();
// NOTREACHED
}
