drag and drop

1. <?php
2. /**
3. * OpenSource-SocialNetwork
4. *
5. * @package (openteknik.com).ossn
6. * @author OSSN Core Team <info@opensource-socialnetwork.com>
7. * @copyright (C) OpenTeknik LLC
8. * @license General Public Licence http://opensource-socialnetwork.com/licence
9. * @link http://www.opensource-socialnetwork.com/licence
10. */
11. if (isset($_COOKIE['ossn_user_wall_privacy'])) {
12. $privacy = $_COOKIE['ossn_user_wall_privacy'];
13. } else {
14. $privacy = OSSN_FRIENDS;
15. }
16. ossn_load_external_js('places.min');
17. ossn_load_external_js('jquery.tokeninput');
18. ?>
19. <div class="tabs-input">
20. <div class="wall-tabs">
21. <?php
22. echo ossn_view_menu('wall/container/user', 'wall/menus/container');
23. ?>
24. </div>
25. </div>
26. <div class="ossn-wall-container-data ossn-wall-container-data-post" data-type="post">
27. <textarea placeholder="<?php echo ossn_print('wall:post:container'); ?>" name="post"></textarea>
28.  
29.  
30.  
31.  
32.  
33.  
34.  
35.  
36.  
37.  
38.  
39.  
40.  
41. <?php
42. /* By Oros
43. * 2013-08-31
44. * update : 2016-08-05
45. * Licence Public Domaine
46. */
47.  
48. if(is_file('config.php')){
49. include 'config.php';
50. }else{
51. /* Default config file */
52. @file_put_contents('config.php', <<<EOF
53. <?php
54. // Default path where you upload files
55. \$upload_folder="./upload/";
56.  
57. // You can use multi-folders for uploading your files with :
58. // \$upload_folders=array(URL_KEY1=>PATH1, URL_KEY2=>PATH2,...);
59. // Example :
60. // \$upload_folders=array(
61. // "bob"=>"./photo_bob/", // URL : http://.../tiny_DnDUp/?f=bob
62. // "alice"=>"./photo_alice/" // URL : http://.../tiny_DnDUp/?f=alice
63. // );
64. \$upload_folders=array("upload"=>"\$upload_folder");
65.  
66. // Contents of the default htaccess for upload_folder
67. \$default_htaccess="Options -ExecCGI
68. # -Indexes
69. RemoveHandler .php .phtml .php3 .php4 .php5 .html .htm .js
70. RemoveType .php .phtml .php3 .php4 .php5 .html .htm .js
71. php_flag engine off
72. AddType text/plain .php .phtml .php3 .php4 .php5 .html .htm .js";
73.  
74. // HTML contents of the default index.html for upload_folder.
75. // If empty, then it doesn't create index.html.
76. \$default_index="";
77.  
78. // Height of preview pictures
79. \$preview_height="400px";
80.  
81. // Max size for a file
82. \$files_max_size=ini_get('upload_max_filesize');
83. // In your PHP conf, you should have upload_max_filesize > post_max_size !
84. // Example of value :
85. // \$files_max_size="2M";
86. // \$files_max_size="1G";
87.  
88. \$not_allowed_chars=array("..", "/", "\\\\", "\\n", "\\r", "\\0", "<", ">");
89. \$not_allowed_files=array("", ".", "..", ".htaccess", "index.html", "index.php");
90.  
91. // https://www.iana.org/assignments/media-types/media-types.xhtml
92. \$allowed_file_types=array('image/png', 'image/jpeg', 'image/gif');
93. //\$allowed_file_types=null; // == allow all files
94. ?>
95. EOF
96. ) or die("Can't create config.php (please check folder permissions)");
97. echo "Setup done. Now you can edit config.php and reload this page.";
98. exit();
99. }
100.  
101. $files_max_size_val = trim($files_max_size);
102. $last = strtolower($files_max_size_val[strlen($files_max_size_val)-1]);
103. $files_max_size_val=(int)$files_max_size_val;
104. switch($last) { case 'g': $files_max_size_val *= 1024; case 'm': $files_max_size_val *= 1024; case 'k': $files_max_size_val *= 1024; }
105.  
106. $folder_key="";
107. if(!empty($_GET) && !empty($_GET['f'])){
108. if(isset($upload_folders[$_GET['f']])){
109. $upload_folder=$upload_folders[$_GET['f']];
110. $folder_key="&f=".$_GET['f'];
111. }
112. }
113.  
114. if(!file_exists($upload_folder)){
115. @mkdir($upload_folder) or die("Need to create $upload_folder with writing permission !");
116. }
117. if(!empty($default_htaccess) && !file_exists($upload_folder.".htaccess")){
118. file_put_contents($upload_folder.".htaccess", $default_htaccess);
119. }
120. if(!empty($default_index) && !file_exists($upload_folder."index.html")){
121. file_put_contents($upload_folder."index.html",$default_index);
122. }
123. if(!empty($_GET) && isset($_GET['up'])){
124. header('content-type: application/json');
125. if(!empty($_FILES)){
126. $r=array();
127. foreach ($_FILES as $file) {
128. $name=$file['name'];
129. foreach ($not_allowed_chars as $char) {
130. if(strpos(strtolower($name), $char)!==false){
131. $r['err'][]="File name not allowed!";
132. echo json_encode($r);
133. exit();
134. }
135. }
136. if(empty($allowed_file_types) || in_array(strtolower($file['type']), $allowed_file_types)){
137. if(!in_array(strtolower($name), $not_allowed_files)){
138. if(move_uploaded_file($file['tmp_name'], $upload_folder.$name)){
139. $r['ok'][]=$name;
140. }else{
141. $r['err'][]="0_o for $name";
142. }
143. }else{
144. $r['err'][]="File $name not allowed!";
145. }
146. }else{
147. $r['err'][]="Bad file type for $name";
148. }
149. }
150. echo json_encode($r);
151. }else{
152. echo json_encode(array("error"));
153. }
154. }else{
155. ?>
156. <!DOCTYPE html>
157. <html lang="en">
158. <head>
159. <meta charset="utf-8">
160. <meta name="viewport" content="width=620">
161.  
162. <style>
163. #dropZone{position:relative;top:0px;border:0px dashed #fff;min-height:5px;margin:0px auto;background-color:rgba(255,255,255,0.4);}
164. #dropZone.hover{border:10px dashed #0c0;min-height:200px}
165. #dropZone img{margin:10px auto;}
166. .file{margin:0;border:1px solid #C9C9C9;background:-moz-linear-gradient(center top,#F5F5F5 0px,#E9E9E9 100%) repeat scroll 0 0 transparent;border-radius:3px 3px 3px 3px;display:inline-block;padding:100px 20px 0;height:200px;vertical-align:text-bottom;text-align:center;max-width:200px;word-wrap:break-word;}
167. a{display:inline;text-decoration:none;}
168. a:hover{color: #000;}
169. #uploadedset{border:10px solid #ccc;min-height:50px;margin:20px auto;background-color:#EEEEEE;}
170. progress{width:100%;}
171. progress:after{content:'%';}
172. progress[value]{-webkit-appearance:none;-moz-appearance:none;appearance:none;border:none;background-color:#eee;border-radius:2px;box-shadow:0 2px 5px rgba(0,0,0,0.25) inset;}
173. .fail{background:#c00;padding:2px;color:#fff;}
174. .hidden{display:none !important;}
175. #logo_drop{position:absolute;width:100%;text-align:center;top:0px;margin-top:0px;margin-bottom:0px;font-size:15em;z-index:-1;}
176. #input_file{position:absolute;width:100%;height:100%;text-align:center;top:0px;margin-top:0px;margin-bottom:0px;opacity:0;cursor:pointer;z-index:100}
177. a img{border:none;}
178. .aah{font-size:2em;}
179. </style>
180. </head>
181. <body>
182. <section id="wrapper">
183. <header>
184.  
185. </header>
186. <article>
187. <noscript><p class="fail">Javascript is blocked <span class="aah">😱</span></p></noscript>
188. <p id="upload" class="hidden"><label>Drag & drop not supported <span class="aah">😱</span></label></p>
189. <p id="filereader" class="hidden">File API & FileReader API not supported <span class="aah">😱</span></p>
190. <p id="formdata" class="hidden">XHR2's FormData is not supported <span class="aah">😱</span></p>
191. <p id="progress" class="hidden">XHR2's upload progress isn't supported <span class="aah">😱</span></p>
192. <p id="IE" class="hidden">Please don't use Internet Explorer. It's a big shit ! <a href="https://www.mozilla.org/">Firefox</a> is better.</p>
193.  
194. <div id="progress_contener"></div>
195. <fieldset id="dropZone"><legend></legend><p id="logo_drop">⎗</p></fieldset>
196.  
197. </article>
198.  
199. </section>
200.  
201. <script type="text/javascript">
202. //<![CDATA[
203. if( navigator.appName == "Microsoft Internet Explorer"){ document.getElementById('IE').className="fail";}
204. var dropZone = document.getElementById('dropZone'),
205. tests = {
206. filereader:typeof FileReader != 'undefined',
207. formdata:!!window.FormData,
208. progress:"upload" in new XMLHttpRequest
209. },
210. imgType = {
211. 'image/png':true,
212. 'image/jpeg':true,
213. 'image/gif':true
214. },
215. allowedFileTypes = { <?php
216. foreach ($allowed_file_types as $type) {
217. echo "'$type':true,";
218. } ?> },
219. files_id = {};
220.  
221. "filereader formdata progress".split(' ').forEach(function (api) {
222. if (tests[api] === false) {
223. document.getElementById(api).className = 'fail';
224. } else {
225. document.getElementById(api).className = 'hidden';
226. }
227. });
228.  
229. function name_to_id(name){
230. return "f_"+name.replace(".","").replace(" ","").replace("'","").replace('"',"").replace("<","").replace("/","");
231. }
232.  
233. function preview(file) {
234. if(files_id[file.name]){
235. // if reupload
236. document.getElementById(files_id[file.name]).remove();
237. }
238. var file_name = name_to_id(file.name);
239. if (tests.filereader === true && imgType[file.type.toLowerCase()] === true) {
240. var reader = new FileReader();
241. reader.onload = function (event) {
242. dropZone.insertAdjacentHTML('beforeend','<img id="'+file_name+'" src="'+event.target.result+'" height="<?php echo $preview_height; ?>" alt=""/>');
243. };
244. reader.readAsDataURL(file);
245. } else {
246. dropZone.insertAdjacentHTML('beforeend', '<p class="file" id="'+file_name+'">' + file.name+'</p>');
247. }
248. files_id[file.name] = name_to_id(file.name);
249. }
250.  
251. function read(files) {
252. var formData = tests.formdata ? new FormData() : null;
253. var size_to_up=0;
254. var not_allowed_files={};
255. var too_big_files=[];
256. for (var i = 0; i < files.length; i++) {
257. if (Object.keys(allowedFileTypes).length === 0 || allowedFileTypes[files[i].type] === true) {
258. if(files[i]['size'] > <?php echo $files_max_size_val; ?> ){
259. too_big_files.push(files[i].name);
260. }else{
261. size_to_up+=files[i]['size'];
262. if(size_to_up > <?php echo $files_max_size_val; ?>){
263. send(tests, formData);
264. var formData = tests.formdata ? new FormData() : null;
265. size_to_up=files[i]['size'];
266. }
267. if (tests.formdata) {
268. formData.append('file'+i, files[i]);
269. }
270. preview(files[i]);
271. }
272. }else{
273. not_allowed_files[files[i].name]=files[i].type;
274. }
275. }
276. if(size_to_up>0){
277. send(tests, formData);
278. }
279. if(Object.keys(not_allowed_files).length > 0){
280. var msg="Not allowed files :";
281. for( k in not_allowed_files){
282. msg+="\n"+k+" ("+not_allowed_files[k]+")";
283. }
284. alert(msg);
285. }
286. if(too_big_files.length > 0){
287. alert("Files who are too big (><?php echo trim($files_max_size); ?>) : "+too_big_files.join(', '));
288. }
289. }
290.  
291. var upload = function(progress_id){
292. return function (event) {
293. progress=document.getElementById(progress_id);
294. if (progress!= null && event.lengthComputable) {
295. var complete = (event.loaded / event.total * 100 | 0);
296. progress.value = progress.innerHTML = complete;
297. }
298. };
299. }
300.  
301. function move_f(id_name, name, t){
302. t=t-1;
303. if(document.getElementById(id_name) != undefined) {
304. var link = document.createElement('a');
305. link.href='<?php echo $upload_folder; ?>'+name;
306. link.id='a_'+id_name;
307. link.appendChild( document.getElementById(id_name));
308. document.getElementById('uploaded').insertBefore(link, document.getElementById('uploaded').firstChild);
309. }else{
310. if(t>0){
311. setTimeout(function(){move_f(id_name, name,t);}, 1000); // because some times, the preview is not finish to load
312. }
313. }
314. }
315.  
316. function onreadystatechange(xhr, progress_id){
317. return function(){
318. if(xhr.readyState == 4){
319. progress=document.getElementById(progress_id);
320. progress.value = progress.innerHTML = 100;
321. var files = JSON.parse(xhr.responseText);
322. if(files != '' && files.ok != undefined) {
323. for (var i = 0; i < files.ok.length; i++) {
324. var id_name = name_to_id(files.ok[i]);
325. if(id_name != ''){
326. move_f(id_name, files.ok[i],10);
327. }
328. }
329. }
330. if(files != '' && files.err != undefined) {
331. for (var i = 0; i < files.err.length; i++) {
332. var name = name_to_id(files.err[i]);
333. if(name != '' && document.getElementById(name) != undefined) {
334. document.getElementById(name).remove();
335. }
336. }
337. }
338. progress.remove();
339. }
340. };
341. }
342.  
343. function send(tests, formData){
344. if (tests.formdata) {
345. formData.append('up', 1);
346. var xhr = new XMLHttpRequest();
347. xhr.open('POST', 'index.php?up<?php echo $folder_key; ?>');
348. var progress_id="progress_"+new Date().getTime();
349. document.getElementById('progress_contener').innerHTML += '<progress id="'+progress_id+'" max="100" value="0">0</progress>';
350. if (tests.progress) {
351. xhr.upload.onprogress = upload(progress_id);
352. xhr.onreadystatechange = onreadystatechange(xhr, progress_id);
353. }
354. xhr.send(formData);
355. }
356. }
357.  
358. function clear_uploaded_list(){
359. document.getElementById('uploaded').innerHTML="";
360. }
361.  
362. var upload_infos_is_show=false;
363. function show_upload_infos(){
364. if(upload_infos_is_show){
365. // hidden
366. document.getElementById('upload_infos_btn').innerHTML="Show upload infos";
367. document.getElementById('upload_infos').className="hidden";
368. }else{
369. // show
370. document.getElementById('upload_infos_btn').innerHTML="Hide upload infos";
371. document.getElementById('upload_infos').className="";
372. }
373. upload_infos_is_show=!upload_infos_is_show;
374. }
375.  
376. if ('draggable' in document.createElement('span')) {
377. dropZone.ondragover = function () { this.className = 'hover'; return false; };
378. dropZone.ondragend = function () { this.className = ''; return false; };
379. dropZone.ondrop = function (e) {
380. this.className = '';
381. e.preventDefault();
382. read(e.dataTransfer.files);
383. };
384. } else {
385. document.getElementById('upload').className = 'fail';
386. }
387. document.getElementById('input_file').onchange = function () { read(this.files); };
388. //]]>
389. </script>
390. </body>
391. </html><?php } ?>
392.  
393.  
394.  
395.  
396.  
397.  
398.  
399.  
400.  
401.  
402.  
403.  
404.  
405.  
406.  
407.  
408.  
409.  
410.  
411.  
412.  
413.  
414.  
415.  
416.  
417.  
418. <div id="ossn-wall-friend" style="display:none;">
419. <input type="text" placeholder="<?php echo ossn_print('tag:friends'); ?>" name="friends" id="ossn-wall-friend-input" />
420. </div>
421. <div id="ossn-wall-location" style="display:none;">
422. <input type="text" placeholder="<?php echo ossn_print('enter:location'); ?>" name="location" id="ossn-wall-location-input" />
423. </div>
424. <div id="ossn-wall-photo" style="display:none;">
425. <input type="file" name="ossn_photo" />
426. </div>
427. <div class="controls">
428. <?php
429. echo ossn_view_menu('wall/container/controls/user', 'wall/menus/container_controls');
430. ?>
431. </div>
432. <div class='ossn-wall-post-button-container'>
433. <div class="ossn-loading ossn-hidden"></div>
434. <input class="btn btn-primary ossn-wall-post" type="submit" value="<?php echo ossn_print('post'); ?>" />
435. </div>
436. <div class="ossn-wall-privacy">
437. <span><i class="ossn-wall-privacy-lock fa fa-lock"></i><span class=""><?php echo ossn_print('privacy'); ?></span></span>
438. </div>
439. <input type="hidden" value="<?php echo $params['user']->guid; ?>" name="wallowner"/>
440. <input type="hidden" name="privacy" id="ossn-wall-privacy" value="<?php echo $privacy; ?>"/>
441. </div>
442.