2013-10-05 12:55:03 +02:00
|
|
|
<?php
|
2013-10-05 21:24:20 +02:00
|
|
|
class PostController
|
2013-10-05 12:55:03 +02:00
|
|
|
{
|
2013-10-07 00:44:17 +02:00
|
|
|
public function workWrapper($callback)
|
|
|
|
|
{
|
2013-10-09 21:02:54 +02:00
|
|
|
$this->context->stylesheets []= '../lib/tagit/jquery.tagit.css';
|
|
|
|
|
$this->context->scripts []= '../lib/tagit/jquery.tagit.js';
|
2013-10-07 00:44:17 +02:00
|
|
|
$callback();
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-13 13:38:24 +02:00
|
|
|
private static function locatePost($key, $disallowNumeric = false)
|
2013-10-13 12:28:16 +02:00
|
|
|
{
|
2013-10-13 13:38:24 +02:00
|
|
|
if (is_numeric($key) and !$disallowNumeric)
|
2013-10-13 12:28:16 +02:00
|
|
|
{
|
|
|
|
|
$post = R::findOne('post', 'id = ?', [$key]);
|
|
|
|
|
if (!$post)
|
|
|
|
|
throw new SimpleException('Invalid post ID "' . $key . '"');
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$post = R::findOne('post', 'name = ?', [$key]);
|
|
|
|
|
if (!$post)
|
|
|
|
|
throw new SimpleException('Invalid post name "' . $key . '"');
|
|
|
|
|
}
|
|
|
|
|
return $post;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static function serializeTags($post)
|
|
|
|
|
{
|
|
|
|
|
$x = [];
|
|
|
|
|
foreach ($post->sharedTag as $tag)
|
|
|
|
|
$x []= $tag->name;
|
|
|
|
|
natcasesort($x);
|
|
|
|
|
$x = join('', $x);
|
|
|
|
|
return md5($x);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private static function handleUploadErrors($file)
|
|
|
|
|
{
|
|
|
|
|
switch ($file['error'])
|
|
|
|
|
{
|
|
|
|
|
case UPLOAD_ERR_OK:
|
|
|
|
|
break;
|
|
|
|
|
case UPLOAD_ERR_INI_SIZE:
|
|
|
|
|
throw new SimpleException('File is too big (maximum size allowed: ' . ini_get('upload_max_filesize') . ')');
|
|
|
|
|
case UPLOAD_ERR_FORM_SIZE:
|
|
|
|
|
throw new SimpleException('File is too big than it was allowed in HTML form');
|
|
|
|
|
case UPLOAD_ERR_PARTIAL:
|
|
|
|
|
throw new SimpleException('File transfer was interrupted');
|
|
|
|
|
case UPLOAD_ERR_NO_FILE:
|
|
|
|
|
throw new SimpleException('No file was uploaded');
|
|
|
|
|
case UPLOAD_ERR_NO_TMP_DIR:
|
|
|
|
|
throw new SimpleException('Server misconfiguration error: missing temporary folder');
|
|
|
|
|
case UPLOAD_ERR_CANT_WRITE:
|
|
|
|
|
throw new SimpleException('Server misconfiguration error: cannot write to disk');
|
|
|
|
|
case UPLOAD_ERR_EXTENSION:
|
|
|
|
|
throw new SimpleException('Server misconfiguration error: upload was canceled by an extension');
|
|
|
|
|
default:
|
|
|
|
|
throw new SimpleException('Generic file upload error (id: ' . $file['error'] . ')');
|
|
|
|
|
}
|
|
|
|
|
if (!is_uploaded_file($file['tmp_name']))
|
|
|
|
|
throw new SimpleException('Generic file upload error');
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
|
2013-10-05 12:55:03 +02:00
|
|
|
/**
|
2013-10-05 19:24:08 +02:00
|
|
|
* @route /posts
|
2013-10-09 11:45:18 +02:00
|
|
|
* @route /posts/{page}
|
2013-10-13 22:20:06 +02:00
|
|
|
* @route /posts/{query}/
|
2013-10-09 11:45:18 +02:00
|
|
|
* @route /posts/{query}/{page}
|
|
|
|
|
* @validate page \d*
|
|
|
|
|
* @validate query [^\/]*
|
2013-10-05 12:55:03 +02:00
|
|
|
*/
|
2013-10-09 12:24:25 +02:00
|
|
|
public function listAction($query = null, $page = 1)
|
2013-10-05 12:55:03 +02:00
|
|
|
{
|
2013-10-09 11:45:18 +02:00
|
|
|
$this->context->stylesheets []= 'post-list.css';
|
2013-10-10 00:12:27 +02:00
|
|
|
$this->context->stylesheets []= 'paginator.css';
|
2013-10-09 12:18:22 +02:00
|
|
|
if ($this->config->browsing->endlessScrolling)
|
2013-10-10 00:12:27 +02:00
|
|
|
$this->context->scripts []= 'paginator-endless.js';
|
2013-10-09 11:45:18 +02:00
|
|
|
|
2013-10-14 00:25:40 +02:00
|
|
|
//redirect requests in form of /posts/?query=... to canonical address
|
2013-10-05 22:52:55 +02:00
|
|
|
$formQuery = InputHelper::get('query');
|
2013-10-13 22:20:06 +02:00
|
|
|
if ($formQuery !== null)
|
2013-10-05 22:52:55 +02:00
|
|
|
{
|
2013-10-13 22:20:06 +02:00
|
|
|
$this->context->transport->searchQuery = $formQuery;
|
|
|
|
|
if (strpos($formQuery, '/') !== false)
|
2013-10-14 00:25:40 +02:00
|
|
|
throw new SimpleException('Search query contains invalid characters');
|
2013-10-13 22:20:06 +02:00
|
|
|
$url = \Chibi\UrlHelper::route('post', 'list', ['query' => urlencode($formQuery)]);
|
2013-10-05 22:52:55 +02:00
|
|
|
\Chibi\UrlHelper::forward($url);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-13 22:20:06 +02:00
|
|
|
$query = trim(urldecode($query));
|
2013-10-09 11:45:18 +02:00
|
|
|
$page = intval($page);
|
|
|
|
|
$postsPerPage = intval($this->config->browsing->postsPerPage);
|
2013-10-13 13:17:23 +02:00
|
|
|
$this->context->subTitle = 'browsing posts';
|
|
|
|
|
$this->context->transport->searchQuery = $query;
|
2013-10-07 20:44:14 +02:00
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ListPosts);
|
|
|
|
|
|
2013-10-13 13:17:23 +02:00
|
|
|
$buildDbQuery = function($dbQuery, $query)
|
2013-10-08 23:02:31 +02:00
|
|
|
{
|
2013-10-09 11:45:18 +02:00
|
|
|
$dbQuery->from('post');
|
2013-10-08 23:02:31 +02:00
|
|
|
|
2013-10-14 00:25:40 +02:00
|
|
|
|
|
|
|
|
/* safety */
|
2013-10-09 11:45:18 +02:00
|
|
|
$allowedSafety = array_filter(PostSafety::getAll(), function($safety)
|
|
|
|
|
{
|
2013-10-14 00:25:40 +02:00
|
|
|
return PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, PostSafety::toString($safety)) and
|
|
|
|
|
$this->context->user->hasEnabledSafety($safety);
|
2013-10-09 11:45:18 +02:00
|
|
|
});
|
|
|
|
|
$dbQuery->where('safety IN (' . R::genSlots($allowedSafety) . ')');
|
|
|
|
|
foreach ($allowedSafety as $s)
|
|
|
|
|
$dbQuery->put($s);
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-14 00:25:40 +02:00
|
|
|
|
|
|
|
|
/* hidden */
|
2013-10-13 12:28:16 +02:00
|
|
|
if (!PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, 'hidden'))
|
|
|
|
|
$dbQuery->andNot('hidden');
|
|
|
|
|
|
2013-10-14 00:25:40 +02:00
|
|
|
|
|
|
|
|
/* search tokens */
|
2013-10-13 22:20:06 +02:00
|
|
|
$tokens = array_filter(array_unique(explode(' ', $query)), function($x) { return $x != ''; });
|
2013-10-13 13:17:23 +02:00
|
|
|
if (count($tokens) > $this->config->browsing->maxSearchTokens)
|
|
|
|
|
throw new SimpleException('Too many search tokens (maximum: ' . $this->config->browsing->maxSearchTokens . ')');
|
|
|
|
|
foreach ($tokens as $token)
|
|
|
|
|
{
|
|
|
|
|
if ($token{0} == '-')
|
|
|
|
|
{
|
|
|
|
|
$dbQuery->andNot();
|
|
|
|
|
$token = substr($token, 1);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
$dbQuery->and();
|
|
|
|
|
|
|
|
|
|
$pos = strpos($token, ':');
|
|
|
|
|
if ($pos !== false)
|
|
|
|
|
{
|
|
|
|
|
$key = substr($token, 0, $pos);
|
|
|
|
|
$val = substr($token, $pos + 1);
|
|
|
|
|
|
|
|
|
|
switch ($key)
|
|
|
|
|
{
|
|
|
|
|
case 'favmin':
|
|
|
|
|
$dbQuery
|
|
|
|
|
->open()
|
|
|
|
|
->select('COUNT(1)')
|
|
|
|
|
->from('favoritee')
|
|
|
|
|
->where('post_id = post.id')
|
|
|
|
|
->close()
|
|
|
|
|
->addSql('>= ?')->put(intval($val));
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'type':
|
|
|
|
|
switch ($val)
|
|
|
|
|
{
|
|
|
|
|
case 'swf':
|
|
|
|
|
$type = PostType::Flash;
|
|
|
|
|
break;
|
|
|
|
|
case 'img':
|
|
|
|
|
$type = PostType::Image;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
throw new SimpleException('Unknown type "' . $val . '"');
|
|
|
|
|
}
|
|
|
|
|
$dbQuery
|
|
|
|
|
->addSql('type = ?')
|
|
|
|
|
->put($type);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'date':
|
|
|
|
|
case 'datemin':
|
|
|
|
|
case 'datemax':
|
|
|
|
|
list ($year, $month, $day) = explode('-', $val . '-0-0');
|
|
|
|
|
$yearMin = $yearMax = intval($year);
|
|
|
|
|
$monthMin = $monthMax = intval($month);
|
|
|
|
|
$monthMin = $monthMin ?: 1;
|
|
|
|
|
$monthMax = $monthMax ?: 12;
|
|
|
|
|
$dayMin = $dayMax = intval($day);
|
|
|
|
|
$dayMin = $dayMin ?: 1;
|
|
|
|
|
$dayMax = $dayMax ?: intval(date('t', mktime(0, 0, 0, $monthMax, 1, $year)));
|
|
|
|
|
$timeMin = mktime(0, 0, 0, $monthMin, $dayMin, $yearMin);
|
|
|
|
|
$timeMax = mktime(0, 0, -1, $monthMax, $dayMax+1, $yearMax);
|
|
|
|
|
|
|
|
|
|
if ($key == 'date')
|
|
|
|
|
{
|
|
|
|
|
$dbQuery
|
|
|
|
|
->addSql('upload_date >= ?')
|
|
|
|
|
->and('upload_date <= ?')
|
|
|
|
|
->put($timeMin)
|
|
|
|
|
->put($timeMax);
|
|
|
|
|
}
|
|
|
|
|
elseif ($key == 'datemin')
|
|
|
|
|
{
|
|
|
|
|
$dbQuery
|
|
|
|
|
->addSql('upload_date >= ?')
|
|
|
|
|
->put($timeMin);
|
|
|
|
|
}
|
|
|
|
|
elseif ($key == 'datemax')
|
|
|
|
|
{
|
|
|
|
|
$dbQuery
|
|
|
|
|
->addSql('upload_date <= ?')
|
|
|
|
|
->put($timeMax);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
throw new Exception('Invalid key');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'fav':
|
|
|
|
|
case 'favs':
|
|
|
|
|
case 'favoritee':
|
|
|
|
|
case 'favoriter':
|
|
|
|
|
$dbQuery
|
|
|
|
|
->exists()
|
|
|
|
|
->open()
|
|
|
|
|
->select('1')
|
|
|
|
|
->from('favoritee')
|
|
|
|
|
->innerJoin('user')
|
|
|
|
|
->on('favoritee.user_id = user.id')
|
|
|
|
|
->where('post_id = post.id')
|
|
|
|
|
->and('user.name = ?')->put($val)
|
|
|
|
|
->close();
|
|
|
|
|
break;
|
|
|
|
|
|
2013-10-13 22:19:00 +02:00
|
|
|
case 'submit':
|
|
|
|
|
case 'upload':
|
2013-10-13 13:17:23 +02:00
|
|
|
case 'uploader':
|
|
|
|
|
case 'uploaded':
|
|
|
|
|
$dbQuery
|
|
|
|
|
->addSql('uploader_id = ')
|
|
|
|
|
->open()
|
|
|
|
|
->select('user.id')
|
|
|
|
|
->from('user')
|
|
|
|
|
->where('name = ?')->put($val)
|
|
|
|
|
->close();
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
throw new SimpleException('Unknown key "' . $key . '"');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$val = $token;
|
|
|
|
|
$dbQuery
|
|
|
|
|
->exists()
|
|
|
|
|
->open()
|
|
|
|
|
->select('1')
|
|
|
|
|
->from('post_tag')
|
|
|
|
|
->innerJoin('tag')
|
|
|
|
|
->on('post_tag.tag_id = tag.id')
|
|
|
|
|
->where('post_id = post.id')
|
|
|
|
|
->and('tag.name = ?')->put($val)
|
|
|
|
|
->close();
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-09 11:45:18 +02:00
|
|
|
//todo construct ORDER based on filers
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$countDbQuery = R::$f->begin();
|
2013-10-14 10:22:53 +02:00
|
|
|
$countDbQuery->select('COUNT(1)')->as('count');
|
2013-10-13 13:17:23 +02:00
|
|
|
$buildDbQuery($countDbQuery, $query);
|
2013-10-09 11:45:18 +02:00
|
|
|
$postCount = intval($countDbQuery->get('row')['count']);
|
|
|
|
|
$pageCount = ceil($postCount / $postsPerPage);
|
2013-10-13 22:20:06 +02:00
|
|
|
$page = max(1, min($pageCount, $page));
|
2013-10-09 11:45:18 +02:00
|
|
|
|
|
|
|
|
$searchDbQuery = R::$f->begin();
|
|
|
|
|
$searchDbQuery->select('*');
|
2013-10-13 13:17:23 +02:00
|
|
|
$buildDbQuery($searchDbQuery, $query);
|
2013-10-12 10:46:15 +02:00
|
|
|
$searchDbQuery->orderBy('id DESC');
|
2013-10-09 11:45:18 +02:00
|
|
|
$searchDbQuery->limit('?')->put($postsPerPage);
|
|
|
|
|
$searchDbQuery->offset('?')->put(($page - 1) * $postsPerPage);
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-09 11:45:18 +02:00
|
|
|
$posts = $searchDbQuery->get();
|
|
|
|
|
$this->context->transport->page = $page;
|
|
|
|
|
$this->context->transport->postCount = $postCount;
|
|
|
|
|
$this->context->transport->pageCount = $pageCount;
|
2013-10-07 20:44:14 +02:00
|
|
|
$this->context->transport->posts = $posts;
|
2013-10-05 19:24:08 +02:00
|
|
|
}
|
|
|
|
|
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
/**
|
|
|
|
|
* @route /favorites
|
|
|
|
|
* @route /favorites/{page}
|
|
|
|
|
* @validate page \d*
|
|
|
|
|
*/
|
|
|
|
|
public function favoritesAction($page = 1)
|
|
|
|
|
{
|
|
|
|
|
$this->listAction('favmin:1', $page);
|
|
|
|
|
$this->context->viewName = 'post-list';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-10-05 19:24:08 +02:00
|
|
|
/**
|
|
|
|
|
* @route /post/upload
|
|
|
|
|
*/
|
|
|
|
|
public function uploadAction()
|
|
|
|
|
{
|
2013-10-07 00:44:17 +02:00
|
|
|
$this->context->stylesheets []= 'upload.css';
|
|
|
|
|
$this->context->scripts []= 'upload.js';
|
2013-10-05 21:22:28 +02:00
|
|
|
$this->context->subTitle = 'upload';
|
2013-10-07 00:44:17 +02:00
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::UploadPost);
|
|
|
|
|
|
2013-10-13 13:33:34 +02:00
|
|
|
if (!empty($_FILES['file']['name']))
|
2013-10-07 00:44:17 +02:00
|
|
|
{
|
2013-10-13 12:28:16 +02:00
|
|
|
/* file contents */
|
|
|
|
|
$suppliedFile = $_FILES['file'];
|
|
|
|
|
self::handleUploadErrors($suppliedFile);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* file details */
|
2013-10-09 01:17:25 +02:00
|
|
|
$mimeType = mime_content_type($suppliedFile['tmp_name']);
|
2013-10-12 12:38:49 +02:00
|
|
|
$imageWidth = null;
|
|
|
|
|
$imageHeight = null;
|
2013-10-09 01:17:25 +02:00
|
|
|
switch ($mimeType)
|
2013-10-07 00:44:17 +02:00
|
|
|
{
|
|
|
|
|
case 'image/gif':
|
|
|
|
|
case 'image/png':
|
|
|
|
|
case 'image/jpeg':
|
|
|
|
|
$postType = PostType::Image;
|
2013-10-12 12:38:49 +02:00
|
|
|
list ($imageWidth, $imageHeight) = getimagesize($suppliedFile['tmp_name']);
|
2013-10-07 00:44:17 +02:00
|
|
|
break;
|
|
|
|
|
case 'application/x-shockwave-flash':
|
|
|
|
|
$postType = PostType::Flash;
|
2013-10-12 12:38:49 +02:00
|
|
|
list ($imageWidth, $imageHeight) = getimagesize($suppliedFile['tmp_name']);
|
2013-10-07 00:44:17 +02:00
|
|
|
break;
|
|
|
|
|
default:
|
2013-10-09 01:17:25 +02:00
|
|
|
throw new SimpleException('Invalid file type "' . $mimeType . '"');
|
2013-10-07 00:44:17 +02:00
|
|
|
}
|
|
|
|
|
|
2013-10-09 12:36:14 +02:00
|
|
|
$fileHash = md5_file($suppliedFile['tmp_name']);
|
|
|
|
|
$duplicatedPost = R::findOne('post', 'file_hash = ?', [$fileHash]);
|
|
|
|
|
if ($duplicatedPost !== null)
|
|
|
|
|
throw new SimpleException('Duplicate upload');
|
2013-10-07 00:44:17 +02:00
|
|
|
|
|
|
|
|
do
|
|
|
|
|
{
|
|
|
|
|
$name = md5(mt_rand() . uniqid());
|
2013-10-09 19:25:56 +02:00
|
|
|
$path = $this->config->main->filesPath . DS . $name;
|
2013-10-07 00:44:17 +02:00
|
|
|
}
|
|
|
|
|
while (file_exists($path));
|
|
|
|
|
|
|
|
|
|
|
2013-10-13 21:05:01 +02:00
|
|
|
/* safety */
|
|
|
|
|
$suppliedSafety = intval(InputHelper::get('safety'));
|
|
|
|
|
if (!in_array($suppliedSafety, PostSafety::getAll()))
|
|
|
|
|
throw new SimpleException('Invalid safety type "' . $suppliedSafety . '"');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* tags */
|
2013-10-13 22:20:06 +02:00
|
|
|
$suppliedTags = trim(InputHelper::get('tags'));
|
|
|
|
|
$suppliedTags = preg_split('/[,;\s]+/', $suppliedTags);
|
|
|
|
|
$suppliedTags = array_filter($suppliedTags, function($x) { return $x != ''; });
|
2013-10-13 21:05:01 +02:00
|
|
|
$suppliedTags = array_unique($suppliedTags);
|
|
|
|
|
foreach ($suppliedTags as $tag)
|
|
|
|
|
if (!preg_match('/^[a-zA-Z0-9_-]+$/i', $tag))
|
|
|
|
|
throw new SimpleException('Invalid tag "' . $tag . '"');
|
|
|
|
|
if (empty($suppliedTags))
|
|
|
|
|
throw new SimpleException('No tags set');
|
|
|
|
|
|
|
|
|
|
$dbTags = [];
|
|
|
|
|
foreach ($suppliedTags as $tag)
|
|
|
|
|
{
|
|
|
|
|
$dbTag = R::findOne('tag', 'name = ?', [$tag]);
|
|
|
|
|
if (!$dbTag)
|
|
|
|
|
{
|
|
|
|
|
$dbTag = R::dispense('tag');
|
|
|
|
|
$dbTag->name = $tag;
|
|
|
|
|
R::store($dbTag);
|
|
|
|
|
}
|
|
|
|
|
$dbTags []= $dbTag;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
/* db storage */
|
2013-10-07 00:44:17 +02:00
|
|
|
$dbPost = R::dispense('post');
|
|
|
|
|
$dbPost->type = $postType;
|
|
|
|
|
$dbPost->name = $name;
|
2013-10-09 12:36:14 +02:00
|
|
|
$dbPost->orig_name = basename($suppliedFile['name']);
|
|
|
|
|
$dbPost->file_hash = $fileHash;
|
2013-10-12 12:38:49 +02:00
|
|
|
$dbPost->file_size = filesize($suppliedFile['tmp_name']);
|
2013-10-09 01:17:25 +02:00
|
|
|
$dbPost->mime_type = $mimeType;
|
2013-10-07 00:44:17 +02:00
|
|
|
$dbPost->safety = $suppliedSafety;
|
2013-10-13 12:28:16 +02:00
|
|
|
$dbPost->hidden = false;
|
2013-10-07 20:44:14 +02:00
|
|
|
$dbPost->upload_date = time();
|
2013-10-12 12:38:49 +02:00
|
|
|
$dbPost->image_width = $imageWidth;
|
|
|
|
|
$dbPost->image_height = $imageHeight;
|
2013-10-12 14:53:47 +02:00
|
|
|
$dbPost->uploader = $this->context->user;
|
|
|
|
|
$dbPost->ownFavoritee = [];
|
|
|
|
|
$dbPost->sharedTag = $dbTags;
|
2013-10-07 00:44:17 +02:00
|
|
|
|
|
|
|
|
move_uploaded_file($suppliedFile['tmp_name'], $path);
|
|
|
|
|
R::store($dbPost);
|
|
|
|
|
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
2013-10-05 19:24:08 +02:00
|
|
|
}
|
|
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @route /post/edit/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function editAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
R::preload($post, ['uploader' => 'user']);
|
|
|
|
|
$edited = false;
|
|
|
|
|
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* safety */
|
|
|
|
|
$suppliedSafety = InputHelper::get('safety');
|
|
|
|
|
if ($suppliedSafety !== null)
|
|
|
|
|
{
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostSafety, $secondary);
|
|
|
|
|
$suppliedSafety = intval($suppliedSafety);
|
|
|
|
|
if (!in_array($suppliedSafety, PostSafety::getAll()))
|
|
|
|
|
throw new SimpleException('Invalid safety type "' . $suppliedSafety . '"');
|
|
|
|
|
$post->safety = $suppliedSafety;
|
|
|
|
|
$edited = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* tags */
|
2013-10-13 22:20:06 +02:00
|
|
|
$suppliedTags = trim(InputHelper::get('tags'));
|
2013-10-13 12:28:16 +02:00
|
|
|
if ($suppliedTags !== null)
|
|
|
|
|
{
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostTags, $secondary);
|
|
|
|
|
$currentToken = self::serializeTags($post);
|
|
|
|
|
if (InputHelper::get('tags-token') != $currentToken)
|
|
|
|
|
throw new SimpleException('Someone else has changed the tags in the meantime');
|
|
|
|
|
|
2013-10-13 22:20:06 +02:00
|
|
|
$suppliedTags = preg_split('/[,;\s]+/', $suppliedTags);
|
|
|
|
|
$suppliedTags = array_filter($suppliedTags, function($x) { return $x != ''; });
|
2013-10-13 12:28:16 +02:00
|
|
|
$suppliedTags = array_unique($suppliedTags);
|
|
|
|
|
foreach ($suppliedTags as $tag)
|
|
|
|
|
if (!preg_match('/^[a-zA-Z0-9_-]+$/i', $tag))
|
|
|
|
|
throw new SimpleException('Invalid tag "' . $tag . '"');
|
|
|
|
|
if (empty($suppliedTags))
|
|
|
|
|
throw new SimpleException('No tags set');
|
|
|
|
|
|
|
|
|
|
$dbTags = [];
|
|
|
|
|
foreach ($suppliedTags as $tag)
|
|
|
|
|
{
|
|
|
|
|
$dbTag = R::findOne('tag', 'name = ?', [$tag]);
|
|
|
|
|
if (!$dbTag)
|
|
|
|
|
{
|
|
|
|
|
$dbTag = R::dispense('tag');
|
|
|
|
|
$dbTag->name = $tag;
|
|
|
|
|
R::store($dbTag);
|
|
|
|
|
}
|
|
|
|
|
$dbTags []= $dbTag;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$post->sharedTag = $dbTags;
|
|
|
|
|
$edited = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* thumbnail */
|
2013-10-13 13:33:34 +02:00
|
|
|
if (!empty($_FILES['thumb']['name']))
|
2013-10-13 12:28:16 +02:00
|
|
|
{
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::EditPostThumb, $secondary);
|
|
|
|
|
$suppliedFile = $_FILES['thumb'];
|
|
|
|
|
self::handleUploadErrors($suppliedFile);
|
|
|
|
|
|
|
|
|
|
$mimeType = mime_content_type($suppliedFile['tmp_name']);
|
|
|
|
|
if (!in_array($mimeType, ['image/gif', 'image/png', 'image/jpeg']))
|
|
|
|
|
throw new SimpleException('Invalid thumbnail type "' . $mimeType . '"');
|
|
|
|
|
list ($imageWidth, $imageHeight) = getimagesize($suppliedFile['tmp_name']);
|
|
|
|
|
if ($imageWidth != $this->config->browsing->thumbWidth)
|
|
|
|
|
throw new SimpleException('Invalid thumbnail width (should be ' . $this->config->browsing->thumbWidth . ')');
|
|
|
|
|
if ($imageWidth != $this->config->browsing->thumbHeight)
|
|
|
|
|
throw new SimpleException('Invalid thumbnail width (should be ' . $this->config->browsing->thumbHeight . ')');
|
|
|
|
|
|
|
|
|
|
$path = $this->config->main->thumbsPath . DS . $post->name;
|
|
|
|
|
move_uploaded_file($suppliedFile['tmp_name'], $path);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/* db storage */
|
|
|
|
|
if ($edited)
|
|
|
|
|
R::store($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @route /post/hide/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function hideAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::HidePost, $secondary);
|
|
|
|
|
$post->hidden = true;
|
|
|
|
|
R::store($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @route /post/unhide/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function unhideAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::HidePost, $secondary);
|
|
|
|
|
$post->hidden = false;
|
|
|
|
|
R::store($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @route /post/delete/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function deleteAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
$secondary = $post->uploader->id == $this->context->user->id ? 'own' : 'all';
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::DeletePost, $secondary);
|
|
|
|
|
//remove stuff from auxiliary tables
|
|
|
|
|
$post->ownFavoritee = [];
|
|
|
|
|
$post->sharedTag = [];
|
|
|
|
|
R::store($post);
|
|
|
|
|
R::trash($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-10-12 14:53:47 +02:00
|
|
|
/**
|
|
|
|
|
* @route /post/add-fav/{id}
|
|
|
|
|
* @route /post/fav-add/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function addFavoriteAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
R::preload($post, ['favoritee' => 'user']);
|
|
|
|
|
|
|
|
|
|
if (!$this->context->loggedIn)
|
|
|
|
|
throw new SimpleException('Not logged in');
|
|
|
|
|
|
|
|
|
|
foreach ($post->via('favoritee')->sharedUser as $fav)
|
|
|
|
|
if ($fav->id == $this->context->user->id)
|
|
|
|
|
throw new SimpleException('Already in favorites');
|
|
|
|
|
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::FavoritePost);
|
|
|
|
|
$post->link('favoritee')->user = $this->context->user;
|
|
|
|
|
R::store($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @route /post/rem-fav/{id}
|
|
|
|
|
* @route /post/fav-rem/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function remFavoriteAction($id)
|
|
|
|
|
{
|
|
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
R::preload($post, ['favoritee' => 'user']);
|
|
|
|
|
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::FavoritePost);
|
|
|
|
|
if (!$this->context->loggedIn)
|
|
|
|
|
throw new SimpleException('Not logged in');
|
|
|
|
|
|
|
|
|
|
$finalKey = null;
|
|
|
|
|
foreach ($post->ownFavoritee as $key => $fav)
|
|
|
|
|
if ($fav->user->id == $this->context->user->id)
|
|
|
|
|
$finalKey = $key;
|
|
|
|
|
|
|
|
|
|
if ($finalKey === null)
|
|
|
|
|
throw new SimpleException('Not in favorites');
|
|
|
|
|
|
|
|
|
|
unset ($post->ownFavoritee[$key]);
|
|
|
|
|
R::store($post);
|
|
|
|
|
$this->context->transport->success = true;
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
|
2013-10-05 19:24:08 +02:00
|
|
|
/**
|
2013-10-07 20:44:14 +02:00
|
|
|
* Action that decorates the page containing the post.
|
2013-10-05 19:24:08 +02:00
|
|
|
* @route /post/{id}
|
|
|
|
|
*/
|
2013-10-07 20:44:14 +02:00
|
|
|
public function viewAction($id)
|
2013-10-05 19:24:08 +02:00
|
|
|
{
|
2013-10-12 14:53:47 +02:00
|
|
|
$post = self::locatePost($id);
|
|
|
|
|
R::preload($post, ['favoritee' => 'user', 'uploader' => 'user', 'tag']);
|
2013-10-12 10:46:15 +02:00
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
if ($post->hidden)
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, 'hidden');
|
2013-10-07 23:17:33 +02:00
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost);
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, PostSafety::toString($post->safety));
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
$buildNextPostQuery = function($dbQuery, $id, $next)
|
|
|
|
|
{
|
|
|
|
|
$dbQuery->select('id')
|
|
|
|
|
->from('post')
|
|
|
|
|
->where($next ? 'id > ?' : 'id < ?')
|
|
|
|
|
->put($id);
|
|
|
|
|
if (!PrivilegesHelper::confirm($this->context->user, Privilege::ListPosts, 'hidden'))
|
|
|
|
|
$dbQuery->andNot('hidden');
|
|
|
|
|
$dbQuery->orderBy($next ? 'id asc' : 'id desc')
|
|
|
|
|
->limit(1);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
$prevPostQuery = R::$f->begin();
|
|
|
|
|
$buildNextPostQuery($prevPostQuery, $id, false);
|
|
|
|
|
$prevPost = $prevPostQuery->get('row');
|
|
|
|
|
|
|
|
|
|
$nextPostQuery = R::$f->begin();
|
|
|
|
|
$buildNextPostQuery($nextPostQuery, $id, true);
|
|
|
|
|
$nextPost = $nextPostQuery->get('row');
|
|
|
|
|
|
2013-10-12 14:53:47 +02:00
|
|
|
$favorite = false;
|
|
|
|
|
if ($this->context->loggedIn)
|
|
|
|
|
foreach ($post->ownFavoritee as $fav)
|
|
|
|
|
if ($fav->user->id == $this->context->user->id)
|
|
|
|
|
$favorite = true;
|
|
|
|
|
|
2013-10-12 10:46:15 +02:00
|
|
|
$dbQuery = R::$f->begin();
|
|
|
|
|
$dbQuery->select('tag.name, COUNT(1) AS count');
|
|
|
|
|
$dbQuery->from('tag');
|
|
|
|
|
$dbQuery->innerJoin('post_tag');
|
|
|
|
|
$dbQuery->on('tag.id = post_tag.tag_id');
|
|
|
|
|
$dbQuery->where('tag.id IN (' . R::genSlots($post->sharedTag) . ')');
|
|
|
|
|
foreach ($post->sharedTag as $tag)
|
|
|
|
|
$dbQuery->put($tag->id);
|
|
|
|
|
$dbQuery->groupBy('tag.id');
|
|
|
|
|
$rows = $dbQuery->get();
|
|
|
|
|
$this->context->transport->tagDistribution = [];
|
|
|
|
|
foreach ($rows as $row)
|
|
|
|
|
$this->context->transport->tagDistribution[$row['name']] = $row['count'];
|
|
|
|
|
|
2013-10-09 21:58:57 +02:00
|
|
|
$this->context->stylesheets []= 'post-view.css';
|
2013-10-12 14:53:47 +02:00
|
|
|
$this->context->scripts []= 'post-view.js';
|
2013-10-07 20:44:14 +02:00
|
|
|
$this->context->subTitle = 'showing @' . $post->id;
|
2013-10-12 14:53:47 +02:00
|
|
|
$this->context->favorite = $favorite;
|
2013-10-07 20:44:14 +02:00
|
|
|
$this->context->transport->post = $post;
|
2013-10-13 12:28:16 +02:00
|
|
|
$this->context->transport->prevPostId = $prevPost ? $prevPost['id'] : null;
|
|
|
|
|
$this->context->transport->nextPostId = $nextPost ? $nextPost['id'] : null;
|
|
|
|
|
$this->context->transport->tagsToken = self::serializeTags($post);
|
2013-10-07 20:44:14 +02:00
|
|
|
}
|
|
|
|
|
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Action that renders the thumbnail of the requested file and sends it to user.
|
|
|
|
|
* @route /post/thumb/{id}
|
|
|
|
|
*/
|
|
|
|
|
public function thumbAction($id)
|
|
|
|
|
{
|
|
|
|
|
$this->context->layoutName = 'layout-file';
|
2013-10-12 14:53:47 +02:00
|
|
|
$post = self::locatePost($id);
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost);
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::ViewPost, PostSafety::toString($post->safety));
|
|
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
$path = $this->config->main->thumbsPath . DS . $post->name;
|
2013-10-08 23:02:31 +02:00
|
|
|
if (!file_exists($path))
|
|
|
|
|
{
|
2013-10-09 23:46:22 +02:00
|
|
|
$srcPath = $this->config->main->filesPath . DS . $post->name;
|
2013-10-08 23:02:31 +02:00
|
|
|
$dstPath = $path;
|
|
|
|
|
$dstWidth = $this->config->browsing->thumbWidth;
|
|
|
|
|
$dstHeight = $this->config->browsing->thumbHeight;
|
|
|
|
|
|
2013-10-13 12:28:16 +02:00
|
|
|
switch ($post->mime_type)
|
2013-10-08 23:02:31 +02:00
|
|
|
{
|
|
|
|
|
case 'image/jpeg':
|
|
|
|
|
$srcImage = imagecreatefromjpeg($srcPath);
|
|
|
|
|
break;
|
|
|
|
|
case 'image/png':
|
|
|
|
|
$srcImage = imagecreatefrompng($srcPath);
|
|
|
|
|
break;
|
|
|
|
|
case 'image/gif':
|
|
|
|
|
$srcImage = imagecreatefromgif($srcPath);
|
|
|
|
|
break;
|
|
|
|
|
case 'application/x-shockwave-flash':
|
2013-10-09 19:25:56 +02:00
|
|
|
$path = $this->config->main->mediaPath . DS . 'img' . DS . 'thumb-swf.png';
|
2013-10-08 23:02:31 +02:00
|
|
|
break;
|
|
|
|
|
default:
|
2013-10-09 19:25:56 +02:00
|
|
|
$path = $this->config->main->mediaPath . DS . 'img' . DS . 'thumb.png';
|
2013-10-08 23:02:31 +02:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isset($srcImage))
|
|
|
|
|
{
|
|
|
|
|
switch ($this->config->browsing->thumbStyle)
|
|
|
|
|
{
|
|
|
|
|
case 'outside':
|
|
|
|
|
$dstImage = ThumbnailHelper::cropOutside($srcImage, $dstWidth, $dstHeight);
|
|
|
|
|
break;
|
|
|
|
|
case 'inside':
|
|
|
|
|
$dstImage = ThumbnailHelper::cropInside($srcImage, $dstWidth, $dstHeight);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
throw new SimpleException('Unknown thumbnail crop style');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
imagepng($dstImage, $dstPath);
|
|
|
|
|
imagedestroy($srcImage);
|
|
|
|
|
imagedestroy($dstImage);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!is_readable($path))
|
|
|
|
|
throw new SimpleException('Thumbnail file is not readable');
|
|
|
|
|
|
2013-10-13 14:01:07 +02:00
|
|
|
$ttl = 60 * 60 * 24 * 3;
|
2013-10-08 23:02:31 +02:00
|
|
|
\Chibi\HeadersHelper::set('Pragma', 'public');
|
2013-10-13 14:01:07 +02:00
|
|
|
\Chibi\HeadersHelper::set('Cache-Control', 'public, max-age=' . $ttl);
|
|
|
|
|
\Chibi\HeadersHelper::set('Expires', gmdate('D, d M Y H:i:s \G\M\T', time() + $ttl));
|
2013-10-08 23:02:31 +02:00
|
|
|
|
|
|
|
|
$this->context->transport->mimeType = 'image/png';
|
|
|
|
|
$this->context->transport->filePath = $path;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-10-07 20:44:14 +02:00
|
|
|
/**
|
|
|
|
|
* Action that renders the requested file itself and sends it to user.
|
2013-10-07 23:17:33 +02:00
|
|
|
* @route /post/retrieve/{name}
|
2013-10-07 20:44:14 +02:00
|
|
|
*/
|
2013-10-07 23:17:33 +02:00
|
|
|
public function retrieveAction($name)
|
2013-10-07 20:44:14 +02:00
|
|
|
{
|
|
|
|
|
$this->context->layoutName = 'layout-file';
|
2013-10-13 13:38:24 +02:00
|
|
|
$post = self::locatePost($name, true);
|
2013-10-13 13:37:18 +02:00
|
|
|
R::preload($post, ['tag']);
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-07 23:17:33 +02:00
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::RetrievePost);
|
|
|
|
|
PrivilegesHelper::confirmWithException($this->context->user, Privilege::RetrievePost, PostSafety::toString($post->safety));
|
2013-10-07 20:44:14 +02:00
|
|
|
|
2013-10-09 19:25:56 +02:00
|
|
|
$path = $this->config->main->filesPath . DS . $post->name;
|
2013-10-07 20:44:14 +02:00
|
|
|
if (!file_exists($path))
|
|
|
|
|
throw new SimpleException('Post file does not exist');
|
|
|
|
|
if (!is_readable($path))
|
|
|
|
|
throw new SimpleException('Post file is not readable');
|
|
|
|
|
|
2013-10-13 13:37:18 +02:00
|
|
|
$ext = substr($post->orig_name, strrpos($post->orig_name, '.') + 1);
|
|
|
|
|
if (strpos($post->orig_name, '.') === false)
|
|
|
|
|
$ext = '.dat';
|
|
|
|
|
$fn = sprintf('%s_%s_%s.%s',
|
|
|
|
|
$this->config->main->title,
|
|
|
|
|
$post->id, join(',', array_map(function($tag) { return $tag->name; }, $post->sharedTag)),
|
|
|
|
|
$ext);
|
|
|
|
|
$fn = preg_replace('/[[:^print:]]/', '', $fn);
|
|
|
|
|
|
2013-10-13 14:01:07 +02:00
|
|
|
$ttl = 60 * 60 * 24;
|
|
|
|
|
\Chibi\HeadersHelper::set('Pragma', 'public');
|
|
|
|
|
\Chibi\HeadersHelper::set('Cache-Control', 'public, max-age=' . $ttl);
|
|
|
|
|
\Chibi\HeadersHelper::set('Expires', gmdate('D, d M Y H:i:s \G\M\T', time() + $ttl));
|
|
|
|
|
|
2013-10-13 13:37:18 +02:00
|
|
|
$this->context->transport->customFileName = $fn;
|
2013-10-07 20:44:14 +02:00
|
|
|
$this->context->transport->mimeType = $post->mimeType;
|
|
|
|
|
$this->context->transport->filePath = $path;
|
2013-10-05 12:55:03 +02:00
|
|
|
}
|
|
|
|
|
}
|
