Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once WWW_ROOT . 'dao' . DS . 'ImageDAO.php';
- require_once WWW_ROOT . 'classes' . DS . 'Token.php';
- use PHPassLib\Hash\BCrypt;
- use Eventviva\ImageResize;
- //401 unauthorized
- //403 forbidden
- $base = '/api/images';
- $app->delete($base.'/{id}', function($request, $response, $args){
- // TODO
- $deleted = $imageDAO->delete($args['id']);
- if(empty($deleted)){
- $response = $response->withStatus(400);
- return $response;
- }
- $response->getBody()->write(json_encode(array()));
- return $response;
- });
- $app->get($base, function($request, $response, $args){
- $token = new Token();
- $token->setFromRequest($request);
- if(!$token->verify()){
- //401: unauthorized
- $response = $response->withStatus(401);
- return $response;
- }
- $query = $request->getQueryParams();
- if(empty($query) && !$token->isAdmin()){
- //403: forbidden
- $response = $response->withStatus(403);
- return $response;
- }
- $imageDAO = new ImageDAO();
- $data = array();
- if(!empty($query) && !empty($query['userid'])){
- if($token->sameUserId($query['userid']) && !$token->isAdmin()) {
- $response = $response->withStatus(403);
- return $response;
- }
- $data['images'] = $imageDAO->selectByUserId($query['userid']);
- } else {
- $data['images'] = $imageDAO->selectAll();
- }
- $response->getBody()->write(json_encode($data));
- return $response->withHeader('Content-Type','application/json');
- });
- $app->get($base.'/{id}', function($request, $response, $args){
- $imageDAO = new ImageDAO();
- $image = $imageDAO->selectById($args['id']);
- $response->getBody()->write(json_encode($image));
- return $response->withHeader('Content-Type','application/json');
- });
- $app->post($base, function($request, $response, $args){
- //Token van de request omzetten in een token die we kunnen gebruiken om te checken of de user correct is (rechten heeft)
- $token = new Token();
- $token->setFromRequest($request);
- if(!$token->verify()){
- $response = $response->withStatus(401);
- return $response;
- }
- $body = $request->getParsedBody();
- $file = $_FILES['file'];
- $errors = array();
- if(empty($file)){
- $errors[] = 'Please provide a file to upload';
- }
- if(empty($token->getUser()->id)){
- $errors[] = 'Please provide a userId';
- }
- if(!empty($errors)){
- $response->getBody()->write(json_encode(array('errors' => $errors)));
- $response = $response->withStatus(400);
- return $response;
- }
- $isImage = getimagesize($file['tmp_name']);
- if(!$isImage){
- $errors = array();
- $errors[] = 'File must be an image';
- $response->getBody()->write(json_encode(array('errors' => $errors)));
- $response = $response->withStatus(400);
- return $response;
- }
- $imageDAO = new ImageDAO();
- $ext = pathinfo($file['name'], PATHINFO_EXTENSION);
- $filename = $token->getUser()->id . '_' . uniqid() . '.' .$ext;
- $original = 'uploads' . DS . $filename;
- $thumb = 'uploads' . DS . 'th_' . $filename;
- $hash = md5_file($file['tmp_name']);
- $existing = $imageDAO->selectByHash($hash);
- //existing niet leeg? Afbeelding al geupload
- if(!empty($existing)){
- if($imageDAO->selectByHashAndUserId($hash, $token->getUser()->id)) {
- $errors = array();
- $errors[] = 'File already uploaded';
- $response->getBody()->write(json_encode(array('errors' => $errors)));
- $response = $response->withStatus(400);
- return $response;
- }
- $original = $existing[0]['original'];
- $thumb = $existing[0]['thumb'];
- $hash = $existing[0]['hash'];
- } else {
- $image = new ImageResize($file['tmp_name']);
- $image->crop(200, 200);
- $image->save(WWW_ROOT . DS . $thumb);
- move_uploaded_file($file['tmp_name'], WWW_ROOT . DS . $original);
- }
- $body['original'] = $original;
- $body['thumb'] = $thumb;
- $body['hash'] = $hash;
- $body['userId'] = $token->getUser()->id;
- $insertedImage = $imageDAO->insert($body);
- if(empty($insertedImage)){
- $errors = $imageDAO->getValidationErrors($body);
- $response->getBody()->write(json_encode(array('errors' => $errors)));
- $response = $response->withStatus(400);
- } else {
- $response->getBody()->write(json_encode($insertedImage));
- $response = $response->withStatus(201);
- }
- return $response->withHeader('Content-Type', 'application/json');
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement