<?php /* Jappix - An open social platform This is the Jappix microblog file attaching script ------------------------------------------------- License: AGPL Author: Vanaryon Last revision: 14/01/12 */ // PHP base define('JAPPIX_BASE', '..'); // Get the needed files require_once('./functions.php'); require_once('./read-main.php'); require_once('./read-hosts.php'); // Optimize the page rendering hideErrors(); compressThis(); // Not allowed for a special node if(isStatic() || isUpload()) exit; // Set a special XML header header('Content-Type: text/xml; charset=utf-8'); // Everything is okay if((isset($_FILES['file']) && !empty($_FILES['file'])) && (isset($_POST['user']) && !empty($_POST['user'])) && (isset($_POST['location']) && !empty($_POST['location']))) { // Get the user name $user = $_POST['user']; // Get the file name $tmp_filename = $_FILES['file']['tmp_name']; $filename = $_FILES['file']['name']; // Get the location if(HOST_UPLOAD) $location = HOST_UPLOAD; else $location = $_POST['location']; // Get the file new name $ext = getFileExt($filename); $new_name = preg_replace('/(^)(.+)(\.)(.+)($)/i', '$2', $filename); // Define some vars $content_dir = JAPPIX_BASE.'/store/share/'.$user; $security_file = $content_dir.'/index.html'; $name = sha1(time().$filename); $path = $content_dir.'/'.$name.'.'.$ext; $thumb_xml = ''; // Forbidden file? if(!isSafe($filename) || !isSafe($name.'.'.$ext)) { exit( '<jappix xmlns=\'jappix:file:post\'> <error>forbidden-type</error> </jappix>' ); } // Create the user directory if(!is_dir($content_dir)) { mkdir($content_dir, 0777, true); chmod($content_dir, 0777); } // Create (or re-create) the security file if(!file_exists($security_file)) file_put_contents($security_file, securityHTML()); // File upload error? if(!is_uploaded_file($tmp_filename) || !move_uploaded_file($tmp_filename, $path)) { exit( '<jappix xmlns=\'jappix:file:post\'> <error>move-error</error> </jappix>' ); } // Resize and compress if this is a JPEG file if(preg_match('/^(jpg|jpeg|png|gif)$/i', $ext)) { // Resize the image resizeImage($path, $ext, 1024, 1024); // Copy the image $thumb = $content_dir.'/'.$name.'_thumb.'.$ext; copy($path, $thumb); // Create the thumbnail if(resizeImage($thumb, $ext, 140, 105)) $thumb_xml = '<thumb>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'_thumb.'.$ext).'</thumb>'; } // Return the path to the file exit( '<jappix xmlns=\'jappix:file:post\'> <href>'.htmlspecialchars($location.'store/share/'.$user.'/'.$name.'.'.$ext).'</href> <title>'.htmlspecialchars($new_name).'</title> <type>'.htmlspecialchars(getFileMIME($path)).'</type> <length>'.htmlspecialchars(filesize($path)).'</length> '.$thumb_xml.' </jappix>' ); } // Bad request error! exit( '<jappix xmlns=\'jappix:file:post\'> <error>bad-request</error> </jappix>' ); ?>