2021-12-14 18:32:47 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
declare(strict_types=1);
|
2014-01-15 21:28:40 +00:00
|
|
|
|
2023-01-10 22:44:09 +00:00
|
|
|
namespace Shimmie2;
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
class _SafeOuroborosImage
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Author
|
|
|
|
*/
|
2021-03-14 23:43:50 +00:00
|
|
|
public string $author = '';
|
|
|
|
public ?int $creator_id = null;
|
|
|
|
public ?int $height = null;
|
|
|
|
public ?int $width = null;
|
|
|
|
public string $file_ext = '';
|
|
|
|
public ?int $file_size = null;
|
|
|
|
public string $file_url = '';
|
|
|
|
public string $md5 = '';
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Post Meta
|
|
|
|
*/
|
2021-03-14 23:43:50 +00:00
|
|
|
public ?int $change = null;
|
2024-01-20 14:10:59 +00:00
|
|
|
/** @var array{n:int,s:int,json_class:string} */
|
2021-03-14 23:43:50 +00:00
|
|
|
public ?array $created_at = null;
|
|
|
|
public ?int $id = null;
|
|
|
|
public ?int $parent_id = null;
|
|
|
|
public string $rating = 'q';
|
|
|
|
public int $score = 1;
|
|
|
|
public ?string $source = '';
|
|
|
|
public string $status = '';
|
|
|
|
public string $tags = 'tagme';
|
|
|
|
public bool $has_children = false;
|
|
|
|
public bool $has_comments = false;
|
|
|
|
public bool $has_notes = false;
|
|
|
|
public string $description = '';
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Thumbnail
|
|
|
|
*/
|
2021-03-14 23:43:50 +00:00
|
|
|
public ?int $preview_height = null;
|
|
|
|
public string $preview_url = '';
|
|
|
|
public ?int $preview_width = null;
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Downscaled Image
|
|
|
|
*/
|
2021-03-14 23:43:50 +00:00
|
|
|
public ?int $sample_height = null;
|
|
|
|
public string $sample_url = '';
|
|
|
|
public ?int $sample_width = null;
|
2013-11-28 23:09:05 +00:00
|
|
|
|
2017-03-09 07:52:31 +00:00
|
|
|
public function __construct(Image $img)
|
2013-11-28 23:09:05 +00:00
|
|
|
{
|
|
|
|
global $config;
|
|
|
|
// author
|
|
|
|
$author = $img->get_owner();
|
|
|
|
$this->author = $author->name;
|
|
|
|
$this->creator_id = intval($author->id);
|
|
|
|
|
|
|
|
// file
|
|
|
|
$this->height = intval($img->height);
|
|
|
|
$this->width = intval($img->width);
|
2020-06-14 16:05:55 +00:00
|
|
|
$this->file_ext = $img->get_ext();
|
2013-11-28 23:09:05 +00:00
|
|
|
$this->file_size = intval($img->filesize);
|
|
|
|
$this->file_url = make_http($img->get_image_link());
|
|
|
|
$this->md5 = $img->hash;
|
|
|
|
|
|
|
|
// meta
|
|
|
|
$this->change = intval($img->id); //DaFug is this even supposed to do? ChangeID?
|
|
|
|
// Should be JSON specific, just strip this when converting to XML
|
2024-02-20 00:22:25 +00:00
|
|
|
$this->created_at = ['n' => 123456789, 's' => \Safe\strtotime($img->posted), 'json_class' => 'Time'];
|
2013-11-28 23:09:05 +00:00
|
|
|
$this->id = intval($img->id);
|
|
|
|
$this->parent_id = null;
|
2019-08-07 19:53:59 +00:00
|
|
|
|
2023-11-11 21:49:12 +00:00
|
|
|
if (Extension::is_enabled(RatingsInfo::KEY) !== false) {
|
2019-08-07 19:53:59 +00:00
|
|
|
// 'u' is not a "valid" rating
|
2024-01-15 17:12:36 +00:00
|
|
|
if ($img['rating'] == 's' || $img['rating'] == 'q' || $img['rating'] == 'e') {
|
|
|
|
$this->rating = $img['rating'];
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
|
|
|
}
|
2023-11-11 21:49:12 +00:00
|
|
|
if (Extension::is_enabled(NumericScoreInfo::KEY) !== false) {
|
2024-01-15 17:12:36 +00:00
|
|
|
$this->score = $img['numeric_score'];
|
2019-08-07 19:53:59 +00:00
|
|
|
}
|
|
|
|
|
2013-11-28 23:09:05 +00:00
|
|
|
$this->source = $img->source;
|
|
|
|
$this->status = 'active'; //not supported in Shimmie... yet
|
|
|
|
$this->tags = $img->get_tag_list();
|
|
|
|
$this->has_children = false;
|
|
|
|
$this->has_comments = false;
|
|
|
|
$this->has_notes = false;
|
|
|
|
|
|
|
|
// thumb
|
2019-06-18 18:45:59 +00:00
|
|
|
$this->preview_height = $config->get_int(ImageConfig::THUMB_HEIGHT);
|
|
|
|
$this->preview_width = $config->get_int(ImageConfig::THUMB_WIDTH);
|
2013-11-28 23:09:05 +00:00
|
|
|
$this->preview_url = make_http($img->get_thumb_link());
|
|
|
|
|
|
|
|
// sample (use the full image here)
|
|
|
|
$this->sample_height = intval($img->height);
|
|
|
|
$this->sample_width = intval($img->width);
|
|
|
|
$this->sample_url = make_http($img->get_image_link());
|
|
|
|
}
|
|
|
|
}
|
2014-01-15 21:28:40 +00:00
|
|
|
|
|
|
|
class OuroborosPost extends _SafeOuroborosImage
|
|
|
|
{
|
2024-01-20 14:10:59 +00:00
|
|
|
/** @var array{tmp_name:string,name:string} */
|
|
|
|
public ?array $file = null;
|
2021-03-14 23:43:50 +00:00
|
|
|
public bool $is_rating_locked = false;
|
|
|
|
public bool $is_note_locked = false;
|
2013-12-02 22:45:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Initialize an OuroborosPost for creation
|
|
|
|
* Mainly just acts as a wrapper and validation layer
|
2020-03-13 09:23:54 +00:00
|
|
|
* @noinspection PhpMissingParentConstructorInspection
|
2024-01-20 14:10:59 +00:00
|
|
|
*
|
|
|
|
* @param array<string,mixed> $post
|
2013-12-02 22:45:07 +00:00
|
|
|
*/
|
2023-02-03 16:58:16 +00:00
|
|
|
public function __construct(array $post)
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
if (array_key_exists('tags', $post)) {
|
2016-07-30 21:11:49 +00:00
|
|
|
// implode(explode()) to resolve aliases and sanitise
|
|
|
|
$this->tags = Tag::implode(Tag::explode(urldecode($post['tags'])));
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (array_key_exists('file', $post)) {
|
2013-12-03 03:51:55 +00:00
|
|
|
if (!is_null($post['file'])) {
|
|
|
|
assert(is_array($post['file']));
|
|
|
|
assert(array_key_exists('tmp_name', $post['file']));
|
|
|
|
assert(array_key_exists('name', $post['file']));
|
|
|
|
$this->file = $post['file'];
|
|
|
|
}
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (array_key_exists('rating', $post)) {
|
|
|
|
assert(
|
|
|
|
$post['rating'] == 's' ||
|
|
|
|
$post['rating'] == 'q' ||
|
|
|
|
$post['rating'] == 'e'
|
|
|
|
);
|
|
|
|
$this->rating = $post['rating'];
|
|
|
|
}
|
|
|
|
if (array_key_exists('source', $post)) {
|
2024-01-20 20:48:47 +00:00
|
|
|
$this->file_url = filter_var_ex(
|
2015-01-05 11:47:53 +00:00
|
|
|
urldecode($post['source']),
|
|
|
|
FILTER_SANITIZE_URL
|
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (array_key_exists('sourceurl', $post)) {
|
2024-01-20 20:48:47 +00:00
|
|
|
$this->source = filter_var_ex(
|
2015-01-05 11:47:53 +00:00
|
|
|
urldecode($post['sourceurl']),
|
|
|
|
FILTER_SANITIZE_URL
|
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (array_key_exists('description', $post)) {
|
2024-01-20 20:48:47 +00:00
|
|
|
$this->description = filter_var_ex(
|
2015-01-05 11:47:53 +00:00
|
|
|
$post['description'],
|
|
|
|
FILTER_SANITIZE_STRING
|
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (array_key_exists('is_rating_locked', $post)) {
|
2015-01-05 11:47:53 +00:00
|
|
|
assert(
|
|
|
|
$post['is_rating_locked'] == 'true' ||
|
|
|
|
$post['is_rating_locked'] == 'false' ||
|
|
|
|
$post['is_rating_locked'] == '1' ||
|
|
|
|
$post['is_rating_locked'] == '0'
|
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->is_rating_locked = $post['is_rating_locked'];
|
|
|
|
}
|
|
|
|
if (array_key_exists('is_note_locked', $post)) {
|
2015-01-05 11:47:53 +00:00
|
|
|
assert(
|
|
|
|
$post['is_note_locked'] == 'true' ||
|
|
|
|
$post['is_note_locked'] == 'false' ||
|
|
|
|
$post['is_note_locked'] == '1' ||
|
|
|
|
$post['is_note_locked'] == '0'
|
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->is_note_locked = $post['is_note_locked'];
|
|
|
|
}
|
|
|
|
if (array_key_exists('parent_id', $post)) {
|
2023-02-04 20:50:26 +00:00
|
|
|
$this->parent_id = int_escape($post['parent_id']);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2014-01-15 21:28:40 +00:00
|
|
|
|
2013-11-28 23:09:05 +00:00
|
|
|
class _SafeOuroborosTag
|
|
|
|
{
|
2021-03-14 23:43:50 +00:00
|
|
|
public bool $ambiguous = false;
|
|
|
|
public int $count = 0;
|
|
|
|
public int $id = 0;
|
|
|
|
public string $name = '';
|
|
|
|
public int $type = 0;
|
2013-11-28 23:09:05 +00:00
|
|
|
|
2024-01-20 14:10:59 +00:00
|
|
|
/**
|
|
|
|
* @param array{id:int,tag:string,count:int} $tag
|
|
|
|
*/
|
2017-03-09 07:52:31 +00:00
|
|
|
public function __construct(array $tag)
|
2013-11-28 23:09:05 +00:00
|
|
|
{
|
|
|
|
$this->count = $tag['count'];
|
|
|
|
$this->id = $tag['id'];
|
|
|
|
$this->name = $tag['tag'];
|
|
|
|
}
|
|
|
|
}
|
2014-01-15 21:28:40 +00:00
|
|
|
|
2013-11-28 23:09:05 +00:00
|
|
|
class OuroborosAPI extends Extension
|
|
|
|
{
|
2021-03-14 23:43:50 +00:00
|
|
|
private ?string $type;
|
2015-01-05 11:47:53 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_200 = 'OK';
|
|
|
|
public const MSG_HTTP_200 = 'Request was successful';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_403 = 'Forbidden';
|
|
|
|
public const MSG_HTTP_403 = 'Access denied';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_404 = 'Not found';
|
|
|
|
public const MSG_HTTP_404 = 'Not found';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_418 = 'I\'m a teapot';
|
|
|
|
public const MSG_HTTP_418 = 'Short and stout';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_420 = 'Invalid Record';
|
|
|
|
public const MSG_HTTP_420 = 'Record could not be saved';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_421 = 'User Throttled';
|
|
|
|
public const MSG_HTTP_421 = 'User is throttled, try again later';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_422 = 'Locked';
|
|
|
|
public const MSG_HTTP_422 = 'The resource is locked and cannot be modified';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_423 = 'Already Exists';
|
|
|
|
public const MSG_HTTP_423 = 'Resource already exists';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_424 = 'Invalid Parameters';
|
|
|
|
public const MSG_HTTP_424 = 'The given parameters were invalid';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_500 = 'Internal Server Error';
|
|
|
|
public const MSG_HTTP_500 = 'Some unknown error occurred on the server';
|
2013-12-02 22:45:07 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const HEADER_HTTP_503 = 'Service Unavailable';
|
|
|
|
public const MSG_HTTP_503 = 'Server cannot currently handle the request, try again later';
|
2013-11-28 23:09:05 +00:00
|
|
|
|
2021-12-14 18:32:47 +00:00
|
|
|
public const ERROR_POST_CREATE_MD5 = 'MD5 mismatch';
|
|
|
|
public const ERROR_POST_CREATE_DUPE = 'Duplicate';
|
|
|
|
public const OK_POST_CREATE_UPDATE = 'Updated';
|
2013-11-28 23:09:05 +00:00
|
|
|
|
2024-01-15 11:52:35 +00:00
|
|
|
public function onPageRequest(PageRequestEvent $event): void
|
2013-11-28 23:09:05 +00:00
|
|
|
{
|
2015-09-12 10:43:28 +00:00
|
|
|
global $page, $user;
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
if (preg_match("%\.(xml|json)$%", implode('/', $event->args), $matches) === 1) {
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->type = $matches[1];
|
|
|
|
if ($this->type == 'json') {
|
2020-06-14 16:05:55 +00:00
|
|
|
$page->set_mime('application/json; charset=utf-8');
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif ($this->type == 'xml') {
|
2020-06-14 16:05:55 +00:00
|
|
|
$page->set_mime('text/xml; charset=utf-8');
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
2019-06-19 01:58:28 +00:00
|
|
|
$page->set_mode(PageMode::DATA);
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->tryAuth();
|
2013-11-28 23:09:05 +00:00
|
|
|
|
|
|
|
if ($event->page_matches('post')) {
|
2024-08-31 20:22:54 +00:00
|
|
|
if ($this->match($event, 'create')) {
|
2013-11-28 23:09:05 +00:00
|
|
|
// Create
|
2019-07-09 14:10:21 +00:00
|
|
|
if ($user->can(Permissions::CREATE_IMAGE)) {
|
2024-01-20 20:48:47 +00:00
|
|
|
$md5 = !empty($_REQUEST['md5']) ? filter_var_ex($_REQUEST['md5'], FILTER_SANITIZE_STRING) : null;
|
2015-01-05 11:47:53 +00:00
|
|
|
$this->postCreate(new OuroborosPost($_REQUEST['post']), $md5);
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 23:07:27 +00:00
|
|
|
$this->sendResponse(403, 'You cannot create new posts');
|
|
|
|
}
|
2024-08-31 20:22:54 +00:00
|
|
|
} elseif ($this->match($event, 'update')) {
|
2024-02-11 15:47:40 +00:00
|
|
|
throw new ServerError("update not implemented");
|
2024-08-31 20:22:54 +00:00
|
|
|
} elseif ($this->match($event, 'show')) {
|
2013-11-28 23:09:05 +00:00
|
|
|
// Show
|
2024-01-20 20:48:47 +00:00
|
|
|
$id = !empty($_REQUEST['id']) ? (int)filter_var_ex($_REQUEST['id'], FILTER_SANITIZE_NUMBER_INT) : null;
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->postShow($id);
|
2024-08-31 20:22:54 +00:00
|
|
|
} elseif ($this->match($event, 'index') || $this->match($event, 'list')) {
|
2013-11-28 23:09:05 +00:00
|
|
|
// List
|
2014-01-15 21:28:40 +00:00
|
|
|
$limit = !empty($_REQUEST['limit']) ? intval(
|
2024-01-20 20:48:47 +00:00
|
|
|
filter_var_ex($_REQUEST['limit'], FILTER_SANITIZE_NUMBER_INT)
|
2014-01-15 21:28:40 +00:00
|
|
|
) : 45;
|
|
|
|
$p = !empty($_REQUEST['page']) ? intval(
|
2024-01-20 20:48:47 +00:00
|
|
|
filter_var_ex($_REQUEST['page'], FILTER_SANITIZE_NUMBER_INT)
|
2014-01-15 21:28:40 +00:00
|
|
|
) : 1;
|
2024-01-20 20:48:47 +00:00
|
|
|
$tags = !empty($_REQUEST['tags']) ? filter_var_ex($_REQUEST['tags'], FILTER_SANITIZE_STRING) : [];
|
2020-01-26 13:19:35 +00:00
|
|
|
if (is_string($tags)) {
|
2013-11-28 23:09:05 +00:00
|
|
|
$tags = Tag::explode($tags);
|
|
|
|
}
|
2013-12-02 22:45:07 +00:00
|
|
|
$this->postIndex($limit, $p, $tags);
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif ($event->page_matches('tag')) {
|
2024-08-31 20:22:54 +00:00
|
|
|
if ($this->match($event, 'index') || $this->match($event, 'list')) {
|
2014-01-15 21:28:40 +00:00
|
|
|
$limit = !empty($_REQUEST['limit']) ? intval(
|
2024-01-20 20:48:47 +00:00
|
|
|
filter_var_ex($_REQUEST['limit'], FILTER_SANITIZE_NUMBER_INT)
|
2014-01-15 21:28:40 +00:00
|
|
|
) : 50;
|
|
|
|
$p = !empty($_REQUEST['page']) ? intval(
|
2024-01-20 20:48:47 +00:00
|
|
|
filter_var_ex($_REQUEST['page'], FILTER_SANITIZE_NUMBER_INT)
|
2014-01-15 21:28:40 +00:00
|
|
|
) : 1;
|
2024-01-20 20:48:47 +00:00
|
|
|
$order = (!empty($_REQUEST['order']) && ($_REQUEST['order'] == 'date' || $_REQUEST['order'] == 'count' || $_REQUEST['order'] == 'name')) ? filter_var_ex(
|
2014-01-15 21:28:40 +00:00
|
|
|
$_REQUEST['order'],
|
|
|
|
FILTER_SANITIZE_STRING
|
|
|
|
) : 'date';
|
2024-01-20 20:48:47 +00:00
|
|
|
$name = !empty($_REQUEST['name']) ? filter_var_ex($_REQUEST['name'], FILTER_SANITIZE_STRING) : '';
|
|
|
|
$name_pattern = !empty($_REQUEST['name_pattern']) ? filter_var_ex(
|
2014-01-15 21:28:40 +00:00
|
|
|
$_REQUEST['name_pattern'],
|
|
|
|
FILTER_SANITIZE_STRING
|
|
|
|
) : '';
|
2024-08-31 20:22:54 +00:00
|
|
|
$this->tagIndex($limit, $p, $order, $name, $name_pattern);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif ($event->page_matches('post/show')) {
|
2019-06-19 01:58:28 +00:00
|
|
|
$page->set_mode(PageMode::REDIRECT);
|
2014-01-15 21:28:40 +00:00
|
|
|
$page->set_redirect(make_link(str_replace('post/show', 'post/view', implode('/', $event->args))));
|
|
|
|
$page->display();
|
|
|
|
die();
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Post
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Wrapper for post creation
|
|
|
|
*/
|
2024-01-20 14:10:59 +00:00
|
|
|
protected function postCreate(OuroborosPost $post, ?string $md5 = ''): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2024-01-09 21:01:10 +00:00
|
|
|
global $config, $database;
|
2019-06-18 18:45:59 +00:00
|
|
|
$handler = $config->get_string(ImageConfig::UPLOAD_COLLISION_HANDLER);
|
|
|
|
if (!empty($md5) && !($handler == ImageConfig::COLLISION_MERGE)) {
|
2013-12-02 22:45:07 +00:00
|
|
|
$img = Image::by_hash($md5);
|
|
|
|
if (!is_null($img)) {
|
|
|
|
$this->sendResponse(420, self::ERROR_POST_CREATE_DUPE);
|
2014-01-15 21:28:40 +00:00
|
|
|
return;
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
2024-08-31 20:22:54 +00:00
|
|
|
/** @var array<string, string> $meta */
|
2019-05-28 16:59:38 +00:00
|
|
|
$meta = [];
|
2024-02-20 21:28:14 +00:00
|
|
|
$meta['tags'] = $post->tags;
|
2024-08-31 20:22:54 +00:00
|
|
|
$meta['source'] = $post->source ?? '';
|
2023-11-11 21:49:12 +00:00
|
|
|
if (Extension::is_enabled(RatingsInfo::KEY) !== false) {
|
2019-08-07 19:53:59 +00:00
|
|
|
$meta['rating'] = $post->rating;
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
// Check where we should try for the file
|
2024-08-31 20:22:54 +00:00
|
|
|
if (
|
|
|
|
empty($post->file) &&
|
|
|
|
!empty($post->file_url) &&
|
|
|
|
filter_var_ex($post->file_url, FILTER_VALIDATE_URL) !== false
|
2014-01-15 21:28:40 +00:00
|
|
|
) {
|
2013-12-02 22:45:07 +00:00
|
|
|
// Transload from source
|
2024-01-20 20:48:47 +00:00
|
|
|
$meta['file'] = shm_tempnam('transload_' . $config->get_string(UploadConfig::TRANSLOAD_ENGINE));
|
2013-12-02 22:45:07 +00:00
|
|
|
$meta['filename'] = basename($post->file_url);
|
2024-01-20 19:47:26 +00:00
|
|
|
try {
|
|
|
|
fetch_url($post->file_url, $meta['file']);
|
|
|
|
} catch (FetchException $e) {
|
|
|
|
$this->sendResponse(500, "Transloading failed: $e");
|
2014-01-15 21:28:40 +00:00
|
|
|
return;
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
2024-02-20 21:28:14 +00:00
|
|
|
$meta['hash'] = \Safe\md5_file($meta['file']);
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
// Use file
|
2024-08-31 20:22:54 +00:00
|
|
|
assert(!is_null($post->file));
|
2013-12-02 22:45:07 +00:00
|
|
|
$meta['file'] = $post->file['tmp_name'];
|
|
|
|
$meta['filename'] = $post->file['name'];
|
2024-02-20 21:28:14 +00:00
|
|
|
$meta['hash'] = \Safe\md5_file($meta['file']);
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (!empty($md5) && $md5 !== $meta['hash']) {
|
|
|
|
$this->sendResponse(420, self::ERROR_POST_CREATE_MD5);
|
2014-01-15 21:28:40 +00:00
|
|
|
return;
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
if (!empty($meta['hash'])) {
|
|
|
|
$img = Image::by_hash($meta['hash']);
|
|
|
|
if (!is_null($img)) {
|
2019-06-18 18:45:59 +00:00
|
|
|
$handler = $config->get_string(ImageConfig::UPLOAD_COLLISION_HANDLER);
|
|
|
|
if ($handler == ImageConfig::COLLISION_MERGE) {
|
2024-01-15 13:40:18 +00:00
|
|
|
$postTags = Tag::explode($post->tags);
|
2017-05-14 06:18:47 +00:00
|
|
|
$merged = array_merge($postTags, $img->get_tag_array());
|
2015-01-05 11:47:53 +00:00
|
|
|
send_event(new TagSetEvent($img, $merged));
|
|
|
|
|
|
|
|
// This is really the only thing besides tags we should care
|
2024-08-31 20:22:54 +00:00
|
|
|
if (!empty($meta['source'])) {
|
2015-01-05 11:47:53 +00:00
|
|
|
send_event(new SourceSetEvent($img, $meta['source']));
|
|
|
|
}
|
|
|
|
$this->sendResponse(200, self::OK_POST_CREATE_UPDATE . ' ID: ' . $img->id);
|
|
|
|
return;
|
2019-05-28 16:59:38 +00:00
|
|
|
} else {
|
2015-01-05 11:47:53 +00:00
|
|
|
$this->sendResponse(420, self::ERROR_POST_CREATE_DUPE);
|
|
|
|
return;
|
|
|
|
}
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
try {
|
2024-01-09 21:59:24 +00:00
|
|
|
$image = $database->with_savepoint(function () use ($meta) {
|
2024-02-20 21:28:14 +00:00
|
|
|
$dae = send_event(new DataUploadEvent($meta['file'], basename($meta['file']), 0, $meta));
|
2024-01-09 21:59:24 +00:00
|
|
|
return $dae->images[0];
|
|
|
|
});
|
|
|
|
$this->sendResponse(200, make_link('post/view/' . $image->id), true);
|
2013-12-02 22:45:07 +00:00
|
|
|
} catch (UploadException $e) {
|
|
|
|
// Cleanup in case shit hit the fan
|
|
|
|
$this->sendResponse(500, $e->getMessage());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Wrapper for getting a single post
|
|
|
|
*/
|
2024-08-31 23:04:34 +00:00
|
|
|
protected function postShow(?int $id = null): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
if (!is_null($id)) {
|
2024-02-20 00:22:25 +00:00
|
|
|
$post = new _SafeOuroborosImage(Image::by_id_ex($id));
|
2019-05-29 17:23:29 +00:00
|
|
|
$this->sendData('post', [$post]);
|
2015-01-05 11:47:53 +00:00
|
|
|
} else {
|
|
|
|
$this->sendResponse(424, 'ID is mandatory');
|
|
|
|
}
|
|
|
|
}
|
2013-12-02 22:45:07 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Wrapper for getting a list of posts
|
2024-01-01 03:27:39 +00:00
|
|
|
* @param string[] $tags
|
2013-12-02 22:45:07 +00:00
|
|
|
*/
|
2024-01-20 14:10:59 +00:00
|
|
|
protected function postIndex(int $limit, int $page, array $tags): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
|
|
|
$start = ($page - 1) * $limit;
|
2023-12-14 16:33:21 +00:00
|
|
|
$results = Search::find_images(max($start, 0), min($limit, 100), $tags);
|
2019-05-28 16:59:38 +00:00
|
|
|
$posts = [];
|
2013-12-02 22:45:07 +00:00
|
|
|
foreach ($results as $img) {
|
|
|
|
if (!is_object($img)) {
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
$posts[] = new _SafeOuroborosImage($img);
|
|
|
|
}
|
|
|
|
$this->sendData('post', $posts, max($start, 0));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Tag
|
|
|
|
*/
|
|
|
|
|
2024-08-31 20:22:54 +00:00
|
|
|
protected function tagIndex(int $limit, int $page, string $order, string $name, string $name_pattern): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
global $database, $config;
|
2014-01-15 21:28:40 +00:00
|
|
|
$start = ($page - 1) * $limit;
|
2013-12-02 22:45:07 +00:00
|
|
|
switch ($order) {
|
|
|
|
case 'name':
|
2014-01-15 21:28:40 +00:00
|
|
|
$tag_data = $database->get_col(
|
2020-02-01 22:44:50 +00:00
|
|
|
"
|
|
|
|
SELECT DISTINCT
|
|
|
|
id, LOWER(substr(tag, 1, 1)), count
|
|
|
|
FROM tags
|
|
|
|
WHERE count >= :tags_min
|
|
|
|
ORDER BY LOWER(substr(tag, 1, 1)) LIMIT :start, :max_items
|
|
|
|
",
|
2019-07-14 02:18:45 +00:00
|
|
|
['tags_min' => $config->get_int(TagListConfig::TAGS_MIN), 'start' => $start, 'max_items' => $limit]
|
2014-01-15 21:28:40 +00:00
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
break;
|
|
|
|
case 'count':
|
2019-10-02 10:23:57 +00:00
|
|
|
default:
|
2014-01-15 21:28:40 +00:00
|
|
|
$tag_data = $database->get_all(
|
|
|
|
"
|
2024-01-20 20:48:47 +00:00
|
|
|
SELECT id, tag, count
|
|
|
|
FROM tags
|
|
|
|
WHERE count >= :tags_min
|
|
|
|
ORDER BY count DESC, tag ASC LIMIT :start, :max_items
|
|
|
|
",
|
2019-07-14 02:18:45 +00:00
|
|
|
['tags_min' => $config->get_int(TagListConfig::TAGS_MIN), 'start' => $start, 'max_items' => $limit]
|
2014-01-15 21:28:40 +00:00
|
|
|
);
|
2013-12-02 22:45:07 +00:00
|
|
|
break;
|
|
|
|
}
|
2019-05-28 16:59:38 +00:00
|
|
|
$tags = [];
|
2013-12-02 22:45:07 +00:00
|
|
|
foreach ($tag_data as $tag) {
|
|
|
|
$tags[] = new _SafeOuroborosTag($tag);
|
|
|
|
}
|
|
|
|
$this->sendData('tag', $tags, $start);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Utility methods
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Sends a simple {success,reason} message to browser
|
|
|
|
*/
|
2024-01-20 14:10:59 +00:00
|
|
|
private function sendResponse(int $code = 200, string $reason = '', bool $location = false): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
global $page;
|
|
|
|
if ($code == 200) {
|
|
|
|
$success = true;
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
$success = false;
|
|
|
|
}
|
|
|
|
if (empty($reason)) {
|
|
|
|
if (defined("self::MSG_HTTP_{$code}")) {
|
|
|
|
$reason = constant("self::MSG_HTTP_{$code}");
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
$reason = self::MSG_HTTP_418;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($code != 200) {
|
|
|
|
$proto = $_SERVER['SERVER_PROTOCOL'];
|
|
|
|
if (defined("self::HEADER_HTTP_{$code}")) {
|
|
|
|
$header = constant("self::HEADER_HTTP_{$code}");
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
// I'm a teapot!
|
|
|
|
$code = 418;
|
|
|
|
$header = self::HEADER_HTTP_418;
|
|
|
|
}
|
|
|
|
header("{$proto} {$code} {$header}", true);
|
|
|
|
}
|
2019-05-28 16:59:38 +00:00
|
|
|
$response = ['success' => $success, 'reason' => $reason];
|
2013-12-02 22:45:07 +00:00
|
|
|
if ($this->type == 'json') {
|
|
|
|
if ($location !== false) {
|
|
|
|
$response['location'] = $response['reason'];
|
|
|
|
unset($response['reason']);
|
|
|
|
}
|
2024-02-20 00:22:25 +00:00
|
|
|
$response = \Safe\json_encode($response);
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif ($this->type == 'xml') {
|
2013-12-02 22:45:07 +00:00
|
|
|
// Seriously, XML sucks...
|
2023-01-11 11:15:26 +00:00
|
|
|
$xml = new \XMLWriter();
|
2013-12-02 22:45:07 +00:00
|
|
|
$xml->openMemory();
|
|
|
|
$xml->startDocument('1.0', 'utf-8');
|
|
|
|
$xml->startElement('response');
|
|
|
|
$xml->writeAttribute('success', var_export($success, true));
|
|
|
|
if ($location !== false) {
|
|
|
|
$xml->writeAttribute('location', $reason);
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
$xml->writeAttribute('reason', $reason);
|
|
|
|
}
|
|
|
|
$xml->endElement();
|
|
|
|
$xml->endDocument();
|
|
|
|
$response = $xml->outputMemory(true);
|
|
|
|
unset($xml);
|
|
|
|
}
|
|
|
|
$page->set_data($response);
|
|
|
|
}
|
|
|
|
|
2024-01-20 14:10:59 +00:00
|
|
|
/**
|
|
|
|
* @param list<_SafeOuroborosTag>|list<_SafeOuroborosImage> $data
|
|
|
|
*/
|
|
|
|
private function sendData(string $type = '', array $data = [], int $offset = 0): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
global $page;
|
|
|
|
$response = '';
|
|
|
|
if ($this->type == 'json') {
|
2024-02-20 00:22:25 +00:00
|
|
|
$response = \Safe\json_encode($data);
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif ($this->type == 'xml') {
|
2023-01-11 11:15:26 +00:00
|
|
|
$xml = new \XMLWriter();
|
2013-12-02 22:45:07 +00:00
|
|
|
$xml->openMemory();
|
|
|
|
$xml->startDocument('1.0', 'utf-8');
|
2024-01-20 14:10:59 +00:00
|
|
|
|
|
|
|
$xml->startElement($type . 's');
|
|
|
|
if ($type == 'post') {
|
|
|
|
$xml->writeAttribute('count', (string)count($data));
|
|
|
|
$xml->writeAttribute('offset', (string)$offset);
|
|
|
|
}
|
|
|
|
if ($type == 'tag') {
|
|
|
|
$xml->writeAttribute('type', 'array');
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
2024-01-20 14:10:59 +00:00
|
|
|
foreach ($data as $item) {
|
|
|
|
$this->createItemXML($xml, $type, $item);
|
|
|
|
}
|
|
|
|
$xml->endElement();
|
|
|
|
|
2013-12-02 22:45:07 +00:00
|
|
|
$xml->endDocument();
|
|
|
|
$response = $xml->outputMemory(true);
|
|
|
|
unset($xml);
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
2013-12-02 22:45:07 +00:00
|
|
|
$page->set_data($response);
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
|
|
|
|
2024-01-20 14:10:59 +00:00
|
|
|
private function createItemXML(\XMLWriter $xml, string $type, _SafeOuroborosTag|_SafeOuroborosImage $item): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
$xml->startElement($type);
|
2024-02-20 00:22:25 +00:00
|
|
|
foreach (json_decode(\Safe\json_encode($item)) as $key => $val) {
|
2013-12-02 22:45:07 +00:00
|
|
|
if ($key == 'created_at' && $type == 'post') {
|
|
|
|
$xml->writeAttribute($key, $val['s']);
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
if (is_bool($val)) {
|
|
|
|
$val = $val ? 'true' : 'false';
|
|
|
|
}
|
|
|
|
$xml->writeAttribute($key, $val);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$xml->endElement();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Try to figure who is uploading
|
|
|
|
*
|
|
|
|
* Currently checks for either user & session in request or cookies
|
|
|
|
* and initializes a global User
|
|
|
|
*/
|
2024-01-20 14:10:59 +00:00
|
|
|
private function tryAuth(): void
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2013-12-02 22:45:07 +00:00
|
|
|
global $config, $user;
|
|
|
|
|
|
|
|
if (isset($_REQUEST['user']) && isset($_REQUEST['session'])) {
|
|
|
|
//Auth by session data from query
|
|
|
|
$name = $_REQUEST['user'];
|
|
|
|
$session = $_REQUEST['session'];
|
|
|
|
$duser = User::by_session($name, $session);
|
|
|
|
if (!is_null($duser)) {
|
|
|
|
$user = $duser;
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
$user = User::by_id($config->get_int("anon_id", 0));
|
|
|
|
}
|
2019-07-04 17:48:33 +00:00
|
|
|
send_event(new UserLoginEvent($user));
|
2014-01-15 21:28:40 +00:00
|
|
|
} elseif (isset($_COOKIE[$config->get_string('cookie_prefix', 'shm') . '_' . 'session']) &&
|
|
|
|
isset($_COOKIE[$config->get_string('cookie_prefix', 'shm') . '_' . 'user'])
|
2013-12-02 22:45:07 +00:00
|
|
|
) {
|
|
|
|
//Auth by session data from cookies
|
2014-01-15 21:28:40 +00:00
|
|
|
$session = $_COOKIE[$config->get_string('cookie_prefix', 'shm') . '_' . 'session'];
|
|
|
|
$user = $_COOKIE[$config->get_string('cookie_prefix', 'shm') . '_' . 'user'];
|
2013-12-02 22:45:07 +00:00
|
|
|
$duser = User::by_session($user, $session);
|
|
|
|
if (!is_null($duser)) {
|
|
|
|
$user = $duser;
|
2014-01-15 21:28:40 +00:00
|
|
|
} else {
|
2013-12-02 22:45:07 +00:00
|
|
|
$user = User::by_id($config->get_int("anon_id", 0));
|
|
|
|
}
|
2019-07-04 17:48:33 +00:00
|
|
|
send_event(new UserLoginEvent($user));
|
2013-12-02 22:45:07 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Helper for matching API methods from event
|
|
|
|
*/
|
2024-08-31 20:22:54 +00:00
|
|
|
private function match(PageRequestEvent $event, string $page): bool
|
2014-01-15 21:28:40 +00:00
|
|
|
{
|
2024-08-31 20:22:54 +00:00
|
|
|
return (preg_match("%{$page}\.(xml|json)$%", implode('/', $event->args), $matches) === 1);
|
2013-11-28 23:09:05 +00:00
|
|
|
}
|
|
|
|
}
|