|
|
@ -64,36 +64,6 @@ function strip_markup($post_body) |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
|
* Download the url's target with curl. |
|
|
|
* |
|
|
|
* @param [type] $url |
|
|
|
* @param [type] $timeout |
|
|
|
* @param [type] $fd |
|
|
|
* @return null|string Returns a string on error. |
|
|
|
*/ |
|
|
|
function download_file_into($url, $timeout, $fd) |
|
|
|
{ |
|
|
|
$err = null; |
|
|
|
$curl = curl_init(); |
|
|
|
curl_setopt($curl, CURLOPT_URL, $url); |
|
|
|
curl_setopt($curl, CURLOPT_FAILONERROR, true); |
|
|
|
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false); |
|
|
|
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5); |
|
|
|
curl_setopt($curl, CURLOPT_TIMEOUT, $timeout); |
|
|
|
curl_setopt($curl, CURLOPT_USERAGENT, 'Tinyboard'); |
|
|
|
curl_setopt($curl, CURLOPT_FILE, $fd); |
|
|
|
curl_setopt($curl, CURLOPT_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS); |
|
|
|
curl_setopt($curl, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); |
|
|
|
|
|
|
|
if (curl_exec($curl) === false) { |
|
|
|
$err = curl_error($curl); |
|
|
|
} |
|
|
|
|
|
|
|
curl_close($curl); |
|
|
|
return $err; |
|
|
|
} |
|
|
|
|
|
|
|
/** |
|
|
|
* Method handling functions |
|
|
|
*/ |
|
|
@ -739,64 +709,6 @@ function handle_post() |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
if ($config['allow_upload_by_url'] && isset($_POST['file_url1']) && !empty($_POST['file_url1'])) { |
|
|
|
function unlink_tmp_file($file) |
|
|
|
{ |
|
|
|
@unlink($file); |
|
|
|
fatal_error_handler(); |
|
|
|
} |
|
|
|
|
|
|
|
function upload_by_url($config, $post, $url) |
|
|
|
{ |
|
|
|
$post['file_url'] = $url; |
|
|
|
if (!preg_match('@^https?://@', $post['file_url'])) { |
|
|
|
error($config['error']['invalidimg']); |
|
|
|
} |
|
|
|
|
|
|
|
if (mb_strpos($post['file_url'], '?') !== false) { |
|
|
|
$url_without_params = mb_substr($post['file_url'], 0, mb_strpos($post['file_url'], '?')); |
|
|
|
} else { |
|
|
|
$url_without_params = $post['file_url']; |
|
|
|
} |
|
|
|
|
|
|
|
$post['extension'] = strtolower(mb_substr($url_without_params, mb_strrpos($url_without_params, '.') + 1)); |
|
|
|
|
|
|
|
if ($post['op'] && $config['allowed_ext_op']) { |
|
|
|
if (!in_array($post['extension'], $config['allowed_ext_op'])) { |
|
|
|
error($config['error']['unknownext']); |
|
|
|
} |
|
|
|
} else if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files'])) { |
|
|
|
error($config['error']['unknownext']); |
|
|
|
} |
|
|
|
|
|
|
|
$post['file_tmp'] = tempnam($config['tmp'], 'url'); |
|
|
|
register_shutdown_function('unlink_tmp_file', $post['file_tmp']); |
|
|
|
|
|
|
|
$fd = fopen($post['file_tmp'], 'w'); |
|
|
|
|
|
|
|
$dl_err = download_file_into($post['file_url'], $config['upload_by_url_timeout'], $fd); |
|
|
|
fclose($fd); |
|
|
|
if ($dl_err !== null) { |
|
|
|
error($config['error']['nomove'] . '<br/>Curl says: ' . $dl_err); |
|
|
|
} |
|
|
|
|
|
|
|
$_FILES[$post['file_tmp']] = array( |
|
|
|
'name' => basename($url_without_params), |
|
|
|
'tmp_name' => $post['file_tmp'], |
|
|
|
'file_tmp' => true, |
|
|
|
'error' => 0, |
|
|
|
'size' => filesize($post['file_tmp']) |
|
|
|
); |
|
|
|
} |
|
|
|
|
|
|
|
for ($counter = 1; $counter <= $config['max_images']; $counter++) { |
|
|
|
$varname = "file_url" . $counter; |
|
|
|
if (isset($_POST[$varname]) && !empty($_POST[$varname])) { |
|
|
|
upload_by_url($config, $post, $_POST[$varname]); |
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
// Convert multiple upload format to array of files. This makes the following code |
|
|
|
// work the same whether we used the JS or HTML multiple file upload techniques. |
|
|
|
if (array_key_exists('file_multiple', $_FILES)) { |
|
|
|