leftypol
/
leftypol
4
5
Fork 2
Code Issues 54 Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Fixed minor bug in config.php 

Added ZIP support.
Cleaned functions.
pull/40/head
Savetheinternet 14 years ago
parent
2eddc7a4ee
commit
cdf1603c3a
4 changed files with 218 additions and 56 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      inc/config.php
  2. 103
      inc/functions.php
  3. 159
      post.php
  4. BIN
      src/zip.png

10
inc/config.php
View File

@ -40,7 +40,7 @@
define('ERROR_NOMOVE', 'The server failed to handle your upload.');
define('ERROR_FILEEXT', 'Unsupported image format.');
define('ERR_INVALIDIMG','Invalid image.');
define('ERR_FILSIZE', 'The file was too large.');
define('ERR_FILESIZE', 'Maximum file size: %maxsz%<br>Your file\'s size: %sz%');
define('ERR_MAXSIZE', 'The file was too big.');
// For resizing, max values
@ -53,6 +53,10 @@
define('MAX_WIDTH', 10000);
define('MAX_HEIGHT', MAX_WIDTH);
define('ALLOW_ZIP', true);
define('ZIP_IMAGE', 'src/zip.png');
/**
Redraw the image using GD functions to strip any excess data (commonly ZIP archives)
WARNING: Very beta. Currently strips animated GIFs too :(
@ -63,7 +67,7 @@
define('REDRAW_GIF', false);
// Display the aspect ratio in a post's file info
define('SHOW_RATIO', false);
define('SHOW_RATIO', true);
define('DIR_IMG', 'src/');
define('DIR_THUMB', 'thumb/');
@ -92,7 +96,7 @@
define('URL_MATCH', '/^' . (@$_SERVER['HTTPS']?'https':'http').':\/\/'.$_SERVER['HTTP_HOST'] . '(' . preg_quote(ROOT, '/') . '|' . preg_quote(ROOT, '/') . '' . preg_quote(FILE_INDEX, '/') . '|' . preg_quote(ROOT, '/') . '' . str_replace('%d', '\d+', preg_quote(FILE_PAGE, '/')) . ')$/');
if(!defined(IS_INSTALLATION)) {
if(!defined('IS_INSTALLATION')) {
if(!file_exists(DIR_IMG)) @mkdir(DIR_IMG) or error("Couldn't create " . DIR_IMG . ". Install manually.");
if(!file_exists(DIR_THUMB)) @mkdir(DIR_THUMB) or error("Couldn't create " . DIR_IMG . ". Install manually.");
if(!file_exists(DIR_RES)) @mkdir(DIR_RES) or error("Couldn't create " . DIR_IMG . ". Install manually.");

103
inc/functions.php
View File

@ -1,4 +1,55 @@
<?php
function zipFileErrMsg($errno) {
// using constant name as a string to make this function PHP4 compatible
$zipFileFunctionsErrors = array(
'ZIPARCHIVE::ER_MULTIDISK' => 'Multi-disk zip archives not supported.',
'ZIPARCHIVE::ER_RENAME' => 'Renaming temporary file failed.',
'ZIPARCHIVE::ER_CLOSE' => 'Closing zip archive failed',
'ZIPARCHIVE::ER_SEEK' => 'Seek error',
'ZIPARCHIVE::ER_READ' => 'Read error',
'ZIPARCHIVE::ER_WRITE' => 'Write error',
'ZIPARCHIVE::ER_CRC' => 'CRC error',
'ZIPARCHIVE::ER_ZIPCLOSED' => 'Containing zip archive was closed',
'ZIPARCHIVE::ER_NOENT' => 'No such file.',
'ZIPARCHIVE::ER_EXISTS' => 'File already exists',
'ZIPARCHIVE::ER_OPEN' => 'Can\'t open file',
'ZIPARCHIVE::ER_TMPOPEN' => 'Failure to create temporary file.',
'ZIPARCHIVE::ER_ZLIB' => 'Zlib error',
'ZIPARCHIVE::ER_MEMORY' => 'Memory allocation failure',
'ZIPARCHIVE::ER_CHANGED' => 'Entry has been changed',
'ZIPARCHIVE::ER_COMPNOTSUPP' => 'Compression method not supported.',
'ZIPARCHIVE::ER_EOF' => 'Premature EOF',
'ZIPARCHIVE::ER_INVAL' => 'Invalid argument',
'ZIPARCHIVE::ER_NOZIP' => 'Not a zip archive',
'ZIPARCHIVE::ER_INTERNAL' => 'Internal error',
'ZIPARCHIVE::ER_INCONS' => 'Zip archive inconsistent',
'ZIPARCHIVE::ER_REMOVE' => 'Can\'t remove file',
'ZIPARCHIVE::ER_DELETED' => 'Entry has been deleted',
);
$errmsg = 'unknown';
foreach ($zipFileFunctionsErrors as $constName => $errorMessage) {
if (defined($constName) and constant($constName) === $errno) {
return 'Zip File Function error: '.$errorMessage;
}
}
return 'Zip File Function error: unknown';
}
function sprintf3($str, $vars, $delim = '%') {
$replaces = array();
foreach($vars as $k => $v) {
$replaces[$delim . $k . $delim] = $v;
}
return str_replace(array_keys($replaces),
array_values($replaces), $str);
}
function commaize($n) {
$n = strval($n);
return (intval($n) < 1000) ? $n : commaize(substr($n, 0, -3)) . ',' . substr($n, -3);
}
function sql_open() {
global $sql;
$sql = @mysql_connect(MY_SERVER, MY_USER, MY_PASSWORD) or error('Database error.');
@ -15,6 +66,58 @@
}
}
function post($post, $OP) {
global $sql;
if($OP) {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, NULL, '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['thumb'],
$post['thumbwidth'],
$post['thumbheight'],
$post['file'],
$post['width'],
$post['height'],
$post['filesize'],
$post['filename'],
$post['filehash'],
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
return mysql_insert_id($sql);
} else {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$post['thread'],
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['has_file']?$post['thumb']:null,
$post['has_file']?$post['thumbwidth']:null,
$post['has_file']?$post['thumbheight']:null,
$post['has_file']?$post['file']:null,
$post['has_file']?$post['width']:null,
$post['has_file']?$post['height']:null,
$post['has_file']?$post['filesize']:null,
$post['has_file']?$post['filename']:null,
$post['has_file']?$post['filehash']:null,
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
return mysql_insert_id($sql);
}
}
function index($page) {
global $sql, $board;

159
post.php
View File

@ -74,8 +74,13 @@
$post['filename'] = $_FILES['file']['name'];
$post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']);
if($post['has_file'] && $_FILES['file']['size'] > MAX_FILESIZE)
error(ERR_FILSIZE);
if($post['has_file']) {
$size = $_FILES['file']['size'];
if($size > MAX_FILESIZE)
error(sprintf3(ERR_FILESIZE, array(
'sz'=>commaize($size),
'maxsz'=>commaize(MAX_FILESIZE))));
}
$trip = generate_tripcode($post['name']);
$post['name'] = $trip[0];
@ -91,7 +96,8 @@
$post['file_id'] = rand(0, 1000000000);
$post['file'] = DIR_IMG . $post['file_id'] . '.' . $post['extension'];
$post['thumb'] = DIR_THUMB . $post['file_id'] . '.png';
if(!in_array($post['extension'], $allowed_ext)) error(ERROR_FILEEXT);
$post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false;
if(!($post['zip'] || in_array($post['extension'], $allowed_ext))) error(ERROR_FILEEXT);
}
// Check string lengths
@ -102,8 +108,6 @@
if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY);
if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password'));
markup($post['body']);
if($post['has_file']) {
@ -112,6 +116,11 @@
// Move the uploaded file
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error(ERROR_NOMOVE);
if($post['zip']) {
$post['file'] = ZIP_IMAGE;
$post['extension'] = strtolower(substr($post['file'], strrpos($post['file'], '.') + 1));
}
$size = @getimagesize($post['file']);
$post['width'] = $size[0];
$post['height'] = $size[1];
@ -132,7 +141,7 @@
$image = createimage($post['extension'], $post['file']);
if(REDRAW_IMAGE) {
if(REDRAW_IMAGE && !$post['zip']) {
switch($post['extension']) {
case 'jpg':
case 'jpeg':
@ -156,7 +165,6 @@
// Create a thumbnail
$thumb = resize($image, $post['width'], $post['height'], $post['thumb'], THUMB_WIDTH, THUMB_HEIGHT);
$post['thumbwidth'] = $thumb['width'];
$post['thumbheight'] = $thumb['height'];
}
@ -167,54 +175,101 @@
sql_open();
mysql_safe_array($post);
if($OP) {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, NULL, '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['thumb'],
$post['thumbwidth'],
$post['thumbheight'],
$post['file'],
$post['width'],
$post['height'],
$post['filesize'],
$post['filename'],
$post['filehash'],
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
$id = post($post, $OP);
if($post['zip']) {
// Open ZIP
$zip = zip_open($post['zip']);
// Read files
while($entry = zip_read($zip)) {
$filename = basename(zip_entry_name($entry));
$extension = strtolower(substr($filename, strrpos($filename, '.') + 1));
if(in_array($extension, $allowed_ext)) {
if (zip_entry_open($zip, $entry, 'r')) {
// Fake post
$dump_post = Array(
'subject' => $post['subject'],
'email' => $post['email'],
'name' => $post['name'],
'trip' => $post['trip'],
'body' => '',
'thread' => $id,
'password' => '',
'has_file' => true,
'file_id' => rand(0, 1000000000),
'filename' => $filename
);
$dump_post['file'] = DIR_IMG . $dump_post['file_id'] . '.' . $extension;
$dump_post['thumb'] = DIR_THUMB . $dump_post['file_id'] . '.png';
// Extract the image from the ZIP
$fp = fopen($dump_post['file'], 'w+');
fwrite($fp, zip_entry_read($entry, zip_entry_filesize($entry)));
fclose($fp);
$size = @getimagesize($dump_post['file']);
$dump_post['width'] = $size[0];
$dump_post['height'] = $size[1];
// Check if the image is valid
if($dump_post['width'] < 1 || $dump_post['height'] < 1) {
unlink($dump_post['file']);
} else {
mysql_query(
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
$post['thread'],
$post['subject'],
$post['email'],
$post['name'],
$post['trip'],
$post['body'],
time(),
time(),
$post['has_file']?$post['thumb']:null,
$post['has_file']?$post['thumbwidth']:null,
$post['has_file']?$post['thumbheight']:null,
$post['has_file']?$post['file']:null,
$post['has_file']?$post['width']:null,
$post['has_file']?$post['height']:null,
$post['has_file']?$post['filesize']:null,
$post['has_file']?$post['filename']:null,
$post['has_file']?$post['filehash']:null,
$post['password'],
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
), $sql) or error(mysql_error($sql));
if($dump_post['width'] > MAX_WIDTH || $dump_post['height'] > MAX_HEIGHT) {
unlink($dump_post['file']);
error(ERR_MAXSIZE);
} else {
$dump_post['filehash'] = md5_file($dump_post['file']);
$dump_post['filesize'] = filesize($dump_post['file']);
$image = createimage($extension, $dump_post['file']);
$success = true;
if(REDRAW_IMAGE) {
switch($extension) {
case 'jpg':
case 'jpeg':
imagejpeg($image, $dump_post['file'], JPEG_QUALITY);
break;
case 'png':
imagepng($image, $dump_post['file'], 7);
break;
case 'gif':
if(REDRAW_GIF)
imagegif($image, $dump_post['file']);
break;
case 'bmp':
imagebmp($image, $dump_post['file']);
break;
default:
$success = false;
}
}
// Create a thumbnail
$thumb = resize($image, $dump_post['width'], $dump_post['height'], $dump_post['thumb'], THUMB_WIDTH, THUMB_HEIGHT);
$dump_post['thumbwidth'] = $thumb['width'];
$dump_post['thumbheight'] = $thumb['height'];
// Create the post
post($dump_post, false);
}
}
// Close the ZIP
zip_entry_close($entry);
}
}
}
zip_close($zip);
unlink($post['zip']);
}
$id = mysql_insert_id($sql);
buildThread(($OP?$id:$post['thread']));
if(!$OP) {

BIN
src/zip.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 15 KiB

Write Preview
Loading…
Cancel
Save