/**
* Save Post
*
* @param $userID
* @param mixed $data
* @return bool|int|null|string
*/
public static function savePhoto($userID, $data)
{
global $db, $TNB_GLOBALS;
//Check the Photo File Name
if (!isset($data['file']) || strpos($data['file'], "../") !== false || !file_exists(DIR_FS_PHOTO_TMP . $data['file'])) {
buckys_add_message(MSG_FILE_UPLOAD_ERROR, MSG_TYPE_ERROR);
return false;
}
$data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID;
// Validate the file type
$fileParts = pathinfo($data['file']);
if (!in_array(strtolower($fileParts['extension']), $TNB_GLOBALS['imageTypes'])) {
buckys_add_message(MSG_INVALID_PHOTO_TYPE, MSG_TYPE_ERROR);
return false;
}
//Validate File Size
list($width, $height, $type, $attr) = getimagesize(DIR_FS_PHOTO_TMP . $data['file']);
if ($width * $height > MAX_IMAGE_WIDTH * MAX_IMAGE_HEIGHT) {
buckys_add_message(MSG_PHOTO_MAX_SIZE_ERROR, MSG_TYPE_ERROR);
return false;
}
//Checking File Size and move it from the tmp folder to the user photo folder and resize it.
if ($data['post_visibility'] == 2) {
//Calc Ratio using real image width
$ratio = floatval($width / $data['width']);
$sourceWidth = ($data['x2'] - $data['x1']) * $ratio;
BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], PROFILE_IMAGE_WIDTH, PROFILE_IMAGE_HEIGHT, $data['x1'] * $ratio, $data['y1'] * $ratio, $sourceWidth, $sourceWidth);
if ($data['pageID'] == BuckysPost::INDEPENDENT_POST_PAGE_ID) {
//Update User Profile Field
BuckysUser::updateUserFields($userID, ['thumbnail' => $data['file']]);
$is_profile = 1;
} else {
//Update Page Profile field
$pageIns = new BuckysPage();
$pageIns->updateData($data['pageID'], ['logo' => $data['file']]);
$is_profile = 1;
}
} else {
if ($width > MAX_POST_IMAGE_WIDTH) {
$height = $height * (MAX_POST_IMAGE_WIDTH / $width);
$width = MAX_POST_IMAGE_WIDTH;
}
if ($height > MAX_POST_IMAGE_HEIGHT) {
$width = $width * (MAX_POST_IMAGE_HEIGHT / $height);
$height = MAX_POST_IMAGE_HEIGHT;
}
//Create normal image
BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], $width, $height, 0, 0);
$is_profile = 0;
}
$now = date('Y-m-d H:i:s');
$newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => 'image', 'post_date' => $now, 'image' => $data['file'], 'visibility' => $data['post_visibility'] > 0 ? 1 : 0, 'is_profile' => $is_profile]);
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
//Assign Photo to Album
if (isset($data['album']) && $data['album'] != '') {
if (!BuckysAlbum::checkAlbumOwner($data['album'], $userID)) {
buckys_add_message(MSG_INVALID_ALBUM_ID, MSG_TYPE_ERROR);
} else {
BuckysAlbum::addPhotoToAlbum($data['album'], $newId);
}
}
buckys_add_message(MSG_PHOTO_UPLOADED_SUCCESSFULLY);
return $newId;
}
if (isset($_REQUEST['action'])) {
$paramAction = get_secure_string($_REQUEST['action']);
}
$pageIns = new BuckysPage();
$pageFollowerIns = new BuckysPageFollower();
//Capture Ajax requests (such as save title, ... here)
if (is_numeric($userID)) {
switch ($paramAction) {
//============ Update About Content By Ajax =================//
case 'updateAbout':
$paramPageID = get_secure_integer($_REQUEST['pageID']);
$paramContent = get_secure_string($_REQUEST['content']);
$pageData = $pageIns->getPageByID($paramPageID);
if ($pageData && $pageData['userID'] == $userID) {
$data['about'] = $paramContent;
$pageIns->updateData($paramPageID, $data);
echo json_encode(['success' => 1, 'msg' => MSG_CONTENT_UPDATED_SUCCESS, 'content' => $paramContent, 'content_display' => render_enter_to_br($paramContent)]);
} else {
if (empty($pageData)) {
//No such page exists
echo json_encode(['success' => 0, 'msg' => MSG_NO_SUCH_PAGE]);
} else {
//You don't have permission to update content
echo json_encode(['success' => 0, 'msg' => MSG_NO_PERMISSION_TO_EDIT_PAGE]);
}
}
exit;
//=============== Update Page Title by Ajax ===================//
//=============== Update Page Title by Ajax ===================//
case 'updatePageTitle':
$paramPageID = get_secure_integer($_REQUEST['pageID']);
