mirror of
https://github.com/vichan-devel/vichan.git
synced 2025-01-18 17:14:04 +01:00
Fixed minor bug in config.php
Added ZIP support. Cleaned functions.
This commit is contained in:
parent
2eddc7a4ee
commit
cdf1603c3a
@ -40,7 +40,7 @@
|
||||
define('ERROR_NOMOVE', 'The server failed to handle your upload.');
|
||||
define('ERROR_FILEEXT', 'Unsupported image format.');
|
||||
define('ERR_INVALIDIMG','Invalid image.');
|
||||
define('ERR_FILSIZE', 'The file was too large.');
|
||||
define('ERR_FILESIZE', 'Maximum file size: %maxsz%<br>Your file\'s size: %sz%');
|
||||
define('ERR_MAXSIZE', 'The file was too big.');
|
||||
|
||||
// For resizing, max values
|
||||
@ -53,6 +53,10 @@
|
||||
define('MAX_WIDTH', 10000);
|
||||
define('MAX_HEIGHT', MAX_WIDTH);
|
||||
|
||||
define('ALLOW_ZIP', true);
|
||||
define('ZIP_IMAGE', 'src/zip.png');
|
||||
|
||||
|
||||
/**
|
||||
Redraw the image using GD functions to strip any excess data (commonly ZIP archives)
|
||||
WARNING: Very beta. Currently strips animated GIFs too :(
|
||||
@ -63,7 +67,7 @@
|
||||
define('REDRAW_GIF', false);
|
||||
|
||||
// Display the aspect ratio in a post's file info
|
||||
define('SHOW_RATIO', false);
|
||||
define('SHOW_RATIO', true);
|
||||
|
||||
define('DIR_IMG', 'src/');
|
||||
define('DIR_THUMB', 'thumb/');
|
||||
@ -92,7 +96,7 @@
|
||||
|
||||
define('URL_MATCH', '/^' . (@$_SERVER['HTTPS']?'https':'http').':\/\/'.$_SERVER['HTTP_HOST'] . '(' . preg_quote(ROOT, '/') . '|' . preg_quote(ROOT, '/') . '' . preg_quote(FILE_INDEX, '/') . '|' . preg_quote(ROOT, '/') . '' . str_replace('%d', '\d+', preg_quote(FILE_PAGE, '/')) . ')$/');
|
||||
|
||||
if(!defined(IS_INSTALLATION)) {
|
||||
if(!defined('IS_INSTALLATION')) {
|
||||
if(!file_exists(DIR_IMG)) @mkdir(DIR_IMG) or error("Couldn't create " . DIR_IMG . ". Install manually.");
|
||||
if(!file_exists(DIR_THUMB)) @mkdir(DIR_THUMB) or error("Couldn't create " . DIR_IMG . ". Install manually.");
|
||||
if(!file_exists(DIR_RES)) @mkdir(DIR_RES) or error("Couldn't create " . DIR_IMG . ". Install manually.");
|
||||
|
@ -1,4 +1,55 @@
|
||||
<?php
|
||||
|
||||
function zipFileErrMsg($errno) {
|
||||
// using constant name as a string to make this function PHP4 compatible
|
||||
$zipFileFunctionsErrors = array(
|
||||
'ZIPARCHIVE::ER_MULTIDISK' => 'Multi-disk zip archives not supported.',
|
||||
'ZIPARCHIVE::ER_RENAME' => 'Renaming temporary file failed.',
|
||||
'ZIPARCHIVE::ER_CLOSE' => 'Closing zip archive failed',
|
||||
'ZIPARCHIVE::ER_SEEK' => 'Seek error',
|
||||
'ZIPARCHIVE::ER_READ' => 'Read error',
|
||||
'ZIPARCHIVE::ER_WRITE' => 'Write error',
|
||||
'ZIPARCHIVE::ER_CRC' => 'CRC error',
|
||||
'ZIPARCHIVE::ER_ZIPCLOSED' => 'Containing zip archive was closed',
|
||||
'ZIPARCHIVE::ER_NOENT' => 'No such file.',
|
||||
'ZIPARCHIVE::ER_EXISTS' => 'File already exists',
|
||||
'ZIPARCHIVE::ER_OPEN' => 'Can\'t open file',
|
||||
'ZIPARCHIVE::ER_TMPOPEN' => 'Failure to create temporary file.',
|
||||
'ZIPARCHIVE::ER_ZLIB' => 'Zlib error',
|
||||
'ZIPARCHIVE::ER_MEMORY' => 'Memory allocation failure',
|
||||
'ZIPARCHIVE::ER_CHANGED' => 'Entry has been changed',
|
||||
'ZIPARCHIVE::ER_COMPNOTSUPP' => 'Compression method not supported.',
|
||||
'ZIPARCHIVE::ER_EOF' => 'Premature EOF',
|
||||
'ZIPARCHIVE::ER_INVAL' => 'Invalid argument',
|
||||
'ZIPARCHIVE::ER_NOZIP' => 'Not a zip archive',
|
||||
'ZIPARCHIVE::ER_INTERNAL' => 'Internal error',
|
||||
'ZIPARCHIVE::ER_INCONS' => 'Zip archive inconsistent',
|
||||
'ZIPARCHIVE::ER_REMOVE' => 'Can\'t remove file',
|
||||
'ZIPARCHIVE::ER_DELETED' => 'Entry has been deleted',
|
||||
);
|
||||
$errmsg = 'unknown';
|
||||
foreach ($zipFileFunctionsErrors as $constName => $errorMessage) {
|
||||
if (defined($constName) and constant($constName) === $errno) {
|
||||
return 'Zip File Function error: '.$errorMessage;
|
||||
}
|
||||
}
|
||||
return 'Zip File Function error: unknown';
|
||||
}
|
||||
|
||||
function sprintf3($str, $vars, $delim = '%') {
|
||||
$replaces = array();
|
||||
foreach($vars as $k => $v) {
|
||||
$replaces[$delim . $k . $delim] = $v;
|
||||
}
|
||||
return str_replace(array_keys($replaces),
|
||||
array_values($replaces), $str);
|
||||
}
|
||||
|
||||
function commaize($n) {
|
||||
$n = strval($n);
|
||||
return (intval($n) < 1000) ? $n : commaize(substr($n, 0, -3)) . ',' . substr($n, -3);
|
||||
}
|
||||
|
||||
function sql_open() {
|
||||
global $sql;
|
||||
$sql = @mysql_connect(MY_SERVER, MY_USER, MY_PASSWORD) or error('Database error.');
|
||||
@ -15,6 +66,58 @@
|
||||
}
|
||||
}
|
||||
|
||||
function post($post, $OP) {
|
||||
global $sql;
|
||||
if($OP) {
|
||||
mysql_query(
|
||||
sprintf("INSERT INTO `posts` VALUES ( NULL, NULL, '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
|
||||
$post['subject'],
|
||||
$post['email'],
|
||||
$post['name'],
|
||||
$post['trip'],
|
||||
$post['body'],
|
||||
time(),
|
||||
time(),
|
||||
$post['thumb'],
|
||||
$post['thumbwidth'],
|
||||
$post['thumbheight'],
|
||||
$post['file'],
|
||||
$post['width'],
|
||||
$post['height'],
|
||||
$post['filesize'],
|
||||
$post['filename'],
|
||||
$post['filehash'],
|
||||
$post['password'],
|
||||
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
|
||||
), $sql) or error(mysql_error($sql));
|
||||
return mysql_insert_id($sql);
|
||||
} else {
|
||||
mysql_query(
|
||||
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
|
||||
$post['thread'],
|
||||
$post['subject'],
|
||||
$post['email'],
|
||||
$post['name'],
|
||||
$post['trip'],
|
||||
$post['body'],
|
||||
time(),
|
||||
time(),
|
||||
$post['has_file']?$post['thumb']:null,
|
||||
$post['has_file']?$post['thumbwidth']:null,
|
||||
$post['has_file']?$post['thumbheight']:null,
|
||||
$post['has_file']?$post['file']:null,
|
||||
$post['has_file']?$post['width']:null,
|
||||
$post['has_file']?$post['height']:null,
|
||||
$post['has_file']?$post['filesize']:null,
|
||||
$post['has_file']?$post['filename']:null,
|
||||
$post['has_file']?$post['filehash']:null,
|
||||
$post['password'],
|
||||
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
|
||||
), $sql) or error(mysql_error($sql));
|
||||
return mysql_insert_id($sql);
|
||||
}
|
||||
}
|
||||
|
||||
function index($page) {
|
||||
global $sql, $board;
|
||||
|
||||
|
159
post.php
159
post.php
@ -74,8 +74,13 @@
|
||||
$post['filename'] = $_FILES['file']['name'];
|
||||
$post['has_file'] = $OP || !empty($_FILES['file']['tmp_name']);
|
||||
|
||||
if($post['has_file'] && $_FILES['file']['size'] > MAX_FILESIZE)
|
||||
error(ERR_FILSIZE);
|
||||
if($post['has_file']) {
|
||||
$size = $_FILES['file']['size'];
|
||||
if($size > MAX_FILESIZE)
|
||||
error(sprintf3(ERR_FILESIZE, array(
|
||||
'sz'=>commaize($size),
|
||||
'maxsz'=>commaize(MAX_FILESIZE))));
|
||||
}
|
||||
|
||||
$trip = generate_tripcode($post['name']);
|
||||
$post['name'] = $trip[0];
|
||||
@ -91,7 +96,8 @@
|
||||
$post['file_id'] = rand(0, 1000000000);
|
||||
$post['file'] = DIR_IMG . $post['file_id'] . '.' . $post['extension'];
|
||||
$post['thumb'] = DIR_THUMB . $post['file_id'] . '.png';
|
||||
if(!in_array($post['extension'], $allowed_ext)) error(ERROR_FILEEXT);
|
||||
$post['zip'] = $OP && $post['has_file'] && ALLOW_ZIP && $post['extension'] == 'zip' ? $post['file'] : false;
|
||||
if(!($post['zip'] || in_array($post['extension'], $allowed_ext))) error(ERROR_FILEEXT);
|
||||
}
|
||||
|
||||
// Check string lengths
|
||||
@ -102,8 +108,6 @@
|
||||
if(!(!$OP && $post['has_file']) && strlen($post['body']) < 1) error(ERROR_TOOSHORTBODY);
|
||||
if(strlen($post['password']) > 20) error(sprintf(ERROR_TOOLONG, 'password'));
|
||||
|
||||
|
||||
|
||||
markup($post['body']);
|
||||
|
||||
if($post['has_file']) {
|
||||
@ -112,6 +116,11 @@
|
||||
// Move the uploaded file
|
||||
if(!@move_uploaded_file($_FILES['file']['tmp_name'], $post['file'])) error(ERROR_NOMOVE);
|
||||
|
||||
if($post['zip']) {
|
||||
$post['file'] = ZIP_IMAGE;
|
||||
$post['extension'] = strtolower(substr($post['file'], strrpos($post['file'], '.') + 1));
|
||||
}
|
||||
|
||||
$size = @getimagesize($post['file']);
|
||||
$post['width'] = $size[0];
|
||||
$post['height'] = $size[1];
|
||||
@ -132,7 +141,7 @@
|
||||
|
||||
$image = createimage($post['extension'], $post['file']);
|
||||
|
||||
if(REDRAW_IMAGE) {
|
||||
if(REDRAW_IMAGE && !$post['zip']) {
|
||||
switch($post['extension']) {
|
||||
case 'jpg':
|
||||
case 'jpeg':
|
||||
@ -156,7 +165,6 @@
|
||||
// Create a thumbnail
|
||||
$thumb = resize($image, $post['width'], $post['height'], $post['thumb'], THUMB_WIDTH, THUMB_HEIGHT);
|
||||
|
||||
|
||||
$post['thumbwidth'] = $thumb['width'];
|
||||
$post['thumbheight'] = $thumb['height'];
|
||||
}
|
||||
@ -167,54 +175,101 @@
|
||||
sql_open();
|
||||
mysql_safe_array($post);
|
||||
|
||||
if($OP) {
|
||||
mysql_query(
|
||||
sprintf("INSERT INTO `posts` VALUES ( NULL, NULL, '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
|
||||
$post['subject'],
|
||||
$post['email'],
|
||||
$post['name'],
|
||||
$post['trip'],
|
||||
$post['body'],
|
||||
time(),
|
||||
time(),
|
||||
$post['thumb'],
|
||||
$post['thumbwidth'],
|
||||
$post['thumbheight'],
|
||||
$post['file'],
|
||||
$post['width'],
|
||||
$post['height'],
|
||||
$post['filesize'],
|
||||
$post['filename'],
|
||||
$post['filehash'],
|
||||
$post['password'],
|
||||
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
|
||||
), $sql) or error(mysql_error($sql));
|
||||
$id = post($post, $OP);
|
||||
|
||||
if($post['zip']) {
|
||||
// Open ZIP
|
||||
$zip = zip_open($post['zip']);
|
||||
// Read files
|
||||
while($entry = zip_read($zip)) {
|
||||
$filename = basename(zip_entry_name($entry));
|
||||
$extension = strtolower(substr($filename, strrpos($filename, '.') + 1));
|
||||
|
||||
if(in_array($extension, $allowed_ext)) {
|
||||
if (zip_entry_open($zip, $entry, 'r')) {
|
||||
|
||||
// Fake post
|
||||
$dump_post = Array(
|
||||
'subject' => $post['subject'],
|
||||
'email' => $post['email'],
|
||||
'name' => $post['name'],
|
||||
'trip' => $post['trip'],
|
||||
'body' => '',
|
||||
'thread' => $id,
|
||||
'password' => '',
|
||||
'has_file' => true,
|
||||
'file_id' => rand(0, 1000000000),
|
||||
'filename' => $filename
|
||||
);
|
||||
|
||||
$dump_post['file'] = DIR_IMG . $dump_post['file_id'] . '.' . $extension;
|
||||
$dump_post['thumb'] = DIR_THUMB . $dump_post['file_id'] . '.png';
|
||||
|
||||
// Extract the image from the ZIP
|
||||
$fp = fopen($dump_post['file'], 'w+');
|
||||
fwrite($fp, zip_entry_read($entry, zip_entry_filesize($entry)));
|
||||
fclose($fp);
|
||||
|
||||
$size = @getimagesize($dump_post['file']);
|
||||
$dump_post['width'] = $size[0];
|
||||
$dump_post['height'] = $size[1];
|
||||
|
||||
// Check if the image is valid
|
||||
if($dump_post['width'] < 1 || $dump_post['height'] < 1) {
|
||||
unlink($dump_post['file']);
|
||||
} else {
|
||||
mysql_query(
|
||||
sprintf("INSERT INTO `posts` VALUES ( NULL, '%d', '%s', '%s', '%s', '%s', '%s', '%d', '%d', '%s', '%d', '%d', '%s', '%d', '%d', '%d', '%s', '%s', '%s', '%s' )",
|
||||
$post['thread'],
|
||||
$post['subject'],
|
||||
$post['email'],
|
||||
$post['name'],
|
||||
$post['trip'],
|
||||
$post['body'],
|
||||
time(),
|
||||
time(),
|
||||
$post['has_file']?$post['thumb']:null,
|
||||
$post['has_file']?$post['thumbwidth']:null,
|
||||
$post['has_file']?$post['thumbheight']:null,
|
||||
$post['has_file']?$post['file']:null,
|
||||
$post['has_file']?$post['width']:null,
|
||||
$post['has_file']?$post['height']:null,
|
||||
$post['has_file']?$post['filesize']:null,
|
||||
$post['has_file']?$post['filename']:null,
|
||||
$post['has_file']?$post['filehash']:null,
|
||||
$post['password'],
|
||||
mysql_real_escape_string($_SERVER['REMOTE_ADDR'])
|
||||
), $sql) or error(mysql_error($sql));
|
||||
if($dump_post['width'] > MAX_WIDTH || $dump_post['height'] > MAX_HEIGHT) {
|
||||
unlink($dump_post['file']);
|
||||
error(ERR_MAXSIZE);
|
||||
} else {
|
||||
$dump_post['filehash'] = md5_file($dump_post['file']);
|
||||
$dump_post['filesize'] = filesize($dump_post['file']);
|
||||
|
||||
$image = createimage($extension, $dump_post['file']);
|
||||
|
||||
$success = true;
|
||||
if(REDRAW_IMAGE) {
|
||||
switch($extension) {
|
||||
case 'jpg':
|
||||
case 'jpeg':
|
||||
imagejpeg($image, $dump_post['file'], JPEG_QUALITY);
|
||||
break;
|
||||
case 'png':
|
||||
imagepng($image, $dump_post['file'], 7);
|
||||
break;
|
||||
case 'gif':
|
||||
if(REDRAW_GIF)
|
||||
imagegif($image, $dump_post['file']);
|
||||
break;
|
||||
case 'bmp':
|
||||
imagebmp($image, $dump_post['file']);
|
||||
break;
|
||||
default:
|
||||
$success = false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
// Create a thumbnail
|
||||
$thumb = resize($image, $dump_post['width'], $dump_post['height'], $dump_post['thumb'], THUMB_WIDTH, THUMB_HEIGHT);
|
||||
|
||||
$dump_post['thumbwidth'] = $thumb['width'];
|
||||
$dump_post['thumbheight'] = $thumb['height'];
|
||||
|
||||
// Create the post
|
||||
post($dump_post, false);
|
||||
}
|
||||
}
|
||||
|
||||
// Close the ZIP
|
||||
zip_entry_close($entry);
|
||||
}
|
||||
}
|
||||
}
|
||||
zip_close($zip);
|
||||
unlink($post['zip']);
|
||||
}
|
||||
|
||||
$id = mysql_insert_id($sql);
|
||||
buildThread(($OP?$id:$post['thread']));
|
||||
|
||||
if(!$OP) {
|
||||
|
BIN
src/zip.png
Executable file
BIN
src/zip.png
Executable file
Binary file not shown.
After Width: | Height: | Size: 15 KiB |
Loading…
x
Reference in New Issue
Block a user