Cyclone-Team/e949
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Продолжение переписывания

Browse Source
This commit is contained in:
Shr3dd3r
2023-11-03 02:38:51 +03:00
parent 12143c148d
commit a573faf5a1
7 changed files with 236 additions and 144 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
api/post/create.php
View File

@@ -3,28 +3,31 @@
// Includes
require_once("../_auth.php");
require_once("../_utils.php");
require_once("../_errorslist.php");
require_once("../_types.php");
require_once("../user/index.php");
// Functions
/*
* FUNCTION
* Check if image size properties are valid
*/
function ImageSizeIsValid ($x, $y) {
function Post_ImgResIsValid ($x, $y): bool {
global $Config;
return ($x <= $Config["media"]["max_pic_res"]["x"])
&& ($y <= $Config["media"]["max_pic_res"]["y"])
&& (GetRatio($x, $y) <= $Config["media"]["max_pic_res"]["ratio"]);
&& (Utils_GetRatio($x, $y) <= $Config["media"]["max_pic_res"]["ratio"]);
}
/*
* FUNCTION
* Create preview version of image
*/
function Post_CreatePreviewFromImage ($src, $dst) {
function Post_CreatePreviewFromImage ($src, $dst): ReturnT {
$img = null;
// Reading image from source path
@@ -36,18 +39,20 @@ function Post_CreatePreviewFromImage ($src, $dst) {
$img = imagecreatefrompng($src);
break;
default:
throw new Exception("invalid mime type");
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "invalid mime type");
}
// Saving it as LQ JPEG
imagejpeg($img, $dst, 30);
return new ReturnT(data: true);
}
/*
* FUNCTION
* Store image
*/
function Post_StoreImage ($path, $preview = true) {
function Post_StoreImage ($path, $preview = true): ReturnT {
global $Config;
// Paths
@@ -60,37 +65,105 @@ function Post_StoreImage ($path, $preview = true) {
if ($Config["media"]["previews_enabled"] && $preview) {
$previewDir = "../../" . $Config["media"]["prevs_path"];
$previewPath = JoinPaths($previewDir, $fileName . ".jpg");
Post_CreatePreviewFromImage($path, $previewPath);
$res = Post_CreatePreviewFromImage($path, $previewPath);
if ($res.IsError())
return $res;
}
move_uploaded_file($path, $targetPath);
return new ReturnT(data: true);
}
/*
* FUNCTION
* Create single publication
*/
function Post_Create (
int $author_id,
string $tags,
string $pic_path,
?string $title = null,
?string $prev_path = null,
bool $comms_enabled = false,
bool $edit_lock = false
): ReturnT {
$result = null;
// Author ID should exist
if (!User_IDExist($author_id))
return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "specified user id does not exist");
// Performing SQL query
$s = $db->prepare("INSERT INTO posts (author_id,comment_section_id,tags,title,pic_path,preview_path,comments_enabled,edit_lock) VALUES (?,?,?,?,?,?,?,?)");
$s->bind_param("ssssssss", $author_id, null, $tags, $title, $pic_path, $prev_path, $comms_enabled, $edit_lock);
if ($s->execute() === false)
return new ReturnT(err_code: E_DBE_INSERTFAIL, err_desc: "failed to create post record in DB");
return new ReturnT(data: $result);
}
// Methods
/*
* METHOD
* Create single publication
*/
function Post_Create ($author, $tags, $pic_path, $title = null, $prev_path = null, $comms_enabled = false, $edit_lock = false): ReturnT {
global $db;
function Post_Create_Method (array $req, array $files): ReturnT {
global $db, $Config, $LOGGED_IN, $THIS_USER;
$result = null;
$author_id = $THIS_USER;
$tags = null;
$pic_path = null;
$title = null;
$prev_path = null;
$comms_enabled = false;
// Check post params
// Author ID should exist
if (!User_IDExist($author))
// TODO
// Input sanity checks
// Performing SQL query
$s = $db->prepare("INSERT INTO posts (author_id,comment_section_id,tags,title,pic_path,preview_path,comments_enabled,edit_lock) VALUES (?,?,?,?,?,?,?,?)");
$s->bind_param("ssssssss", $author, null, $tags, $title, $pic_path, $prev_path, $comms_enabled, $edit_lock);
// Check if user is authenticated
if (!$LOGGED_IN)
return new ReturnT(err_code: E_AUT_NOTAUTHED, err_desc: "you must be logged in to create posts");
if ($s->execute() !== true) {
return new ReturnT(null, 601, "failed to create post record in DB");
}
// Check if there are necessary input
if (!(isset($req["tags"]) && isset($files["pic"])))
return new ReturnT(err_code: E_UIN_INSUFARGS, err_desc: "tags and picture are necessary");
return new ReturnT($result);
// TODO: add rate-limiting, instead of this
// Check user role
if (User_HasRole($THIS_USER, "newbie").GetData())
return new ReturnT(err_code: E_ACS_INSUFROLE, err_desc: "newbies cant create posts");
// Check image properties
// If size is too large
if ($files["pic"]["size"] > $Config["media"]["max_pic_size"])
return new ReturnT(err_code: E_UIN_FILE2LARGE, err_desc: "picture size is too large");
$TmpFilePath = $_FILES["pic"]["tmp_name"];
$Ext = strtolower(pathinfo($TmpFilePath, PATHINFO_EXTENSION));
// If file extension is not in list of allowed
if (!in_array($Ext, $Config["media"]["allowed_exts"]))
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "picture extension is invalid");
// If file mime type is not in list of allowed
if (!in_array(mime_content_type($TmpFilePath), $Config["media"]["allowed_mimetypes"]))
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "picture mime type is invalid");
// Check if resolution is bigger than allowed or have unacceptable aspect ratio
list($SzX, $SzY, $Type, $Attr) = getimagesize($TmpFilePath);
if (!Post_ImgResIsValid($SzX, $SzY))
return new ReturnT(err_code: E_UIN_IMGBADRES, err_desc: "image with that resolution or aspect ratio cant be accepted");
// Copy picture to storage folder
$res = Post_StoreImage($TmpFilePath, $Config["media"]["previews_enabled"]);
if ($res.IsError())
return $res;
// TODO
// Actions
return Post_Create($author_id, $tags, $pic_path, $title, $prev_path, $comms_enabled, false);
}
@@ -98,43 +171,7 @@ function Post_Create ($author, $tags, $pic_path, $title = null, $prev_path = nul
if (ThisFileIsRequested(__FILE__)) {
require_once("../_json.php");
// Check if there are necessary input
if (!(isset($_POST["tags"]) && isset($_FILES["pic"])))
ReturnJSONError($Err_RDP_InvalidArgs, "not enough arguments");
// TODO: add rate-limiting, instead of this
// Check user privs
if (User_HasRole($THIS_USER, "newbie"))
ReturnJSONError($Err_DP_NotEnoughRole, "newbies cant create posts");
// Check image properties
// If size is too large
if ($_FILES["pic"]["size"] > $Config["media"]["max_pic_size"])
ReturnJSONError($Err_DP_FileTooLarge, "picture is too large");
$TmpFilePath = $_FILES["pic"]["tmp_name"];
$Ext = strtolower(pathinfo($TmpFilePath, PATHINFO_EXTENSION));
// If file extension is not in list of allowed
if (in_array($Ext, $Config["media"]["allowed_exts"]))
ReturnJSONError($Err_DP_FileWrongType, "file extension is invalid");
// If file mime type is not in list of allowed
if (in_array(mime_content_type($TmpFilePath), $Config["media"]["allowed_mimetypes"]))
ReturnJSONError($Err_DP_FileWrongType, "file mime type is invalid");
// Check if resolution is bigger than allowed or have unacceptable aspect ratio
list($SzX, $SzY, $Type, $Attr) = getimagesize($TmpFilePath);
if (!Post_ImageIsValid($SzX, $SzY))
ReturnJSONError($Err_DP_ImageWrongRes, "image with that resolution or aspect ratio cant be accepted");
// TODO: delete image if unacceptable
// Copy picture to storage folder
Post_StoreImage($TmpFilePath, $Config)
// Create post
//$success = Post_Create(
// TODO: cleanup if bad result
}
?>