Created
December 17, 2012 08:52
-
-
Save anonymous/4316786 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function fihHomeIndex() { | |
global $conf, $DBH; | |
if ($_SERVER['REQUEST_METHOD'] == 'POST') { | |
$errors = array(); | |
if (empty($_POST['adult'])) { | |
$errors[] = 'Please choose whether this image is ADULT content or family safe!'; | |
} else { | |
if ($_POST['adult'] == 'yes' || $_POST['adult'] == 'no') { | |
} else { $errors[] = 'Possible hacking attempt. Upload aborted.'; } | |
} | |
if ($spamIP = isSpamIP($_SERVER['REMOTE_ADDR'])) { | |
$errors[] = 'Sorry, your IP is listed in one of the spammer lists we use.'; | |
} | |
if (count($errors) >= 1) { | |
fihDisplayHead(); | |
fihDisplayFirstColumn(); | |
fihDisplayError($errors); | |
fihDisplayFoot(); | |
} else { | |
$upload_errors = array(); | |
$empty_fields = 0; | |
$fields_submitted = count($_FILES['fihImageUpload']['name']); | |
foreach ($_FILES['fihImageUpload']['name'] as $index => $name) { | |
if ($_FILES['fihImageUpload']['error'][$index] == 4) { | |
$empty_fields++; | |
} | |
} | |
$all_fields_empty = ($fields_submitted == $empty_fields) ? true : false; | |
if ($all_fields_empty) { | |
fihDisplayHead(); | |
fihDisplayFirstColumn(); | |
fihDisplayError('Please choose atleast one file to upload!'); | |
fihDisplayFoot(); | |
} else { | |
$files_to_process = $fields_submitted; | |
// TODO if a image was rejected due to an error, the script may | |
// break if it tries to process a empty $_FILES array.. | |
// print_r($_FILES); | |
foreach ($_FILES['fihImageUpload']['name'] as $index => $name) { | |
if ($_FILES['fihImageUpload']['error'][$index] == 4) { | |
$files_to_process--; | |
continue; | |
} | |
if ($_FILES['fihImageUpload']['error'][$index] == 0) { | |
if (filesize($_FILES['fihImageUpload']['tmp_name'][$index]) > 5242880) { | |
$upload_errors[] = htmlspecialchars($name) . ' exceeded file size limit.'; | |
$files_to_process--; | |
continue; | |
} | |
} | |
if (false !== ($fileInfo = @getimagesize($_FILES['fihImageUpload']['tmp_name'][$index]))) { | |
if (strrchr($_FILES['fihImageUpload']['name'][$index], '.') == FALSE) { | |
$upload_errors[] = 'Files must have an extension.'; | |
$files_to_process--; | |
continue; | |
} elseif (!in_array(substr(strrchr($_FILES['fihImageUpload']['name'][$index], '.'), 1), $conf['upload']['file_types']) || | |
!in_array($fileInfo['mime'], $conf['upload']['mime_types'])) { | |
$upload_errors[] = htmlspecialchars($name) . ' is not an image.'; | |
$files_to_process--; | |
continue; | |
} | |
} else { | |
$upload_errors[] = htmlspecialchars($name) . ' is not an image.'; | |
$files_to_process--; | |
continue; | |
} | |
} | |
if (count($upload_errors) > 0 || $files_to_process == 0) { | |
fihDisplayHead(); | |
fihDisplayFirstColumn(); | |
fihDisplayError($upload_errors); | |
fihDisplayFoot(); | |
die(); | |
} else { | |
foreach ($_FILES['fihImageUpload']['name'] as $index => $name) { | |
$orig_name = sanitize(explode('.', $_FILES['fihImageUpload']['name'][$index])[0]) . '.' . explode('.', $_FILES['fihImageUpload']['name'][$index])[1]; | |
$new_name = sanitize(explode('.', $_FILES['fihImageUpload']['name'][$index])[0]) . '_' . time() . '.' . explode('.', $_FILES['fihImageUpload']['name'][$index])[1]; | |
# Upload the file first | |
if (move_uploaded_file($_FILES['fihImageUpload']['tmp_name'][$index], $conf['storage']['folder'] . 'full/' . $new_name)) { | |
$ii = getimagesize($conf['storage']['folder'] . 'full/' . $new_name); | |
# Second tell the database that we uploaded a file | |
if (!$DBH->query("INSERT INTO `".$conf['db']['table_prefix']."images` (`image_id`, `image_orig_filename`, `image_filename`, `image_adult`) VALUES | |
(NULL, '" . $orig_name . "', | |
'" . $new_name . "', '" . $_POST['adult'] . "');")) { | |
die('Database error'); | |
} | |
$li = $DBH->insert_id; | |
$image_ext = $ii[0] . 'x' . $ii[1]; | |
$image_size = filesize($conf['storage']['folder'] . 'full/' . $new_name); | |
createThumbnail($new_name, $conf['storage']['folder'] . 'thumb/', 200, 200, $li); | |
if (!$DBH->query("INSERT INTO `".$conf['db']['table_prefix']."images_meta` (`meta_id`, `image_id`, `image_ext`, `image_size`) VALUES | |
(NULL, '" . $li . "', '" . $image_ext . "', '" . $image_size . "');")) { | |
die('Database error'); | |
} | |
$template_info[$index] = array( | |
'thumb_url' => $conf['storage']['url'] . 't/' . $li, | |
'image_absolute_url' => $conf['storage']['url'] . 'f/' . $li, | |
'image_page_url' => $conf['base_url'] . 'view-image/' . $li, | |
'filename' => $orig_name | |
); | |
$sti = base64_encode(serialize($template_info)); | |
header('Location: ' . $conf['base_url'] . 'upload-success/' . $sti); | |
} | |
} | |
} | |
} | |
} | |
} else { | |
# Display the header | |
fihDisplayHead(); | |
# Display the first column, which contains a login form and social networking tools | |
fihDisplayFirstColumn(); | |
# Display the upload section | |
fihDisplayUpload(); | |
# Footer | |
fihDisplayFoot(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment