API tools faq
paste
Advertisement
viperswebdesign

File Uploading - Convert Mime

viperswebdesign
Nov 20th, 2019
422
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.30 KB | None | 0 0
raw download clone embed print report
  1. require_once( 'db.php' );
  2. require_once( 'functions.php' );
  3.  
  4. header( 'Content-Type: application/json' );
  5.  
  6. session_start();
  7.  
  8. if ( !isset( $_SESSION[ 'uid' ] ) ) {
  9.   print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'You got logged out. <a href="./auth" target="_blank">Login</a> (new tab), come back to this page and tap the "upload" button again', 'code' => 0 ) ) );
  10.   exit();
  11. }
  12.  
  13. $title = trim( $_POST[ 'uploadtitle' ] );
  14. $tags = trim( $_POST[ 'uploadtags' ], ',' );
  15. $description = trim( $_POST[ 'uploaddesc' ] );
  16.  
  17. // title
  18. if ( $title == '' ) {
  19.   print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'Title is required', 'code' => 0 ) ) );
  20.   exit();
  21. } else {
  22.   $title = filter_var( $title, FILTER_SANITIZE_STRING );
  23. }
  24.  
  25. // tags
  26. if ( $tags == '' ) {
  27.   print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'Some tags are required', 'code' => 0 ) ) );
  28.   exit();
  29. } else {
  30.   $tags = preg_replace( '/\,\s+\,?/', ',', $tags );
  31.   $tagArray = explode( ',', $tags );
  32.   if ( count( $tagArray ) < 2 ) {
  33.     print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Must have at least 2 tags', 'code' => 0 ) ) );
  34.     exit();
  35.   } elseif ( count( $tagArray ) > 5 ) {
  36.     print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Maximum of 5 tags', 'code' => 0 ) ) );
  37.     exit();
  38.   } elseif ( !preg_match( '/^[a-z\,]+$/i', $tags ) ) {
  39.     print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'With the exception of commas as a delimiter, letters only', 'code' => 0 ) ) );
  40.     exit();
  41.   } else {
  42.     $tags = strtolower( filter_var( $tags, FILTER_SANITIZE_STRING ) );
  43.   }
  44. }
  45.  
  46. // pics
  47. if ( !isset( $_FILES[ 'uploadimg' ] ) && count( $_FILES[ 'uploadimg' ][ 'name' ] ) < 1 ) {
  48.   print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'At least 1 image is needed', 'code' => 0 ) ) );
  49.   exit();
  50. }
  51.  
  52. // description
  53. if ( $description == '' ) {
  54.   $description = NULL;
  55. } else {
  56.   if ( strlen( $description ) > 250 ) {
  57.     print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Your description exceeds 100 characters', 'code' => 0 ) ) );
  58.     exit();
  59.   } else {
  60.     $description = filter_var( $description, FILTER_SANITIZE_STRING );
  61.   }
  62. }
  63.  
  64. $poststmt = $dbh->prepare( "INSERT INTO `posts` (`user`, `title`, `tags`, `description`, `posted_at`) VALUES (?, ?, ?, ?, ?)" );
  65. $poststmt->bindParam( 1, $_SESSION[ 'uid' ] );
  66. $poststmt->bindParam( 2, $title );
  67. $poststmt->bindParam( 3, $tags );
  68. $poststmt->bindParam( 4, $description );
  69. $poststmt->bindParam( 5, time() );
  70.  
  71. if ( $poststmt->execute() ) {
  72.   $postLastID = $dbh->lastInsertId();
  73.  
  74.   $delinfostmt = $dbh->prepare( "DELETE FROM posts WHERE `postID`=?" );
  75.   $delinfostmt->bindParam( 1, $postLastID );
  76.  
  77.   $gallery_folder = BASE_URL . 'bd1b0b95/';
  78.   $downloadable_path = $gallery_folder . 'b9e16937/';
  79.   $watermark_path = $gallery_folder . '5d19d377/';
  80.  
  81.   $img_counter = 0;
  82.  
  83.   $picturestmt = $dbh->prepare( "INSERT INTO `pictures` (`user`, `post`, `original`, `watermarked`, `size`, `type`, `width`, `height`, `pic_lat`, `pic_lng`, `taken_at`, `uploaded_at`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" );
  84.  
  85.   foreach ( $_FILES[ 'uploadimg' ][ 'tmp_name' ] as $key => $tmp_name ) {
  86.     // get basic file information
  87.     $filename = $_FILES[ 'uploadimg' ][ 'name' ][ $key ];
  88.     $filesize = $_FILES[ 'uploadimg' ][ 'size' ][ $key ];
  89.     $filetype = $_FILES[ 'uploadimg' ][ 'type' ][ $key ];
  90.     $filetemp = $_FILES[ 'uploadimg' ][ 'tmp_name' ][ $key ];
  91.  
  92.     // basic extension validation
  93.     $allowed_ext = array( 'jpeg', 'jpg', 'JPEG', 'JPG' );
  94.     $file_ext = strtolower( pathinfo( $filename, PATHINFO_EXTENSION ) );
  95.     if ( !in_array( $file_ext, $allowed_ext ) ) {
  96.       print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'The extension of `' . $file_ext . '` not allowed with file: ' . $filename, 'code' => 0 ) ) );
  97.       if ( $img_counter == 0 ) {
  98.         $delinfostmt->execute();
  99.       }
  100.       exit();
  101.     }
  102.  
  103.     $exif = exif_read_data( $filetemp, 0, true );
  104.  
  105.     // really read the file "blob" signature validation ("obnoxious sibling")
  106.     if ( $exif[ 'FILE' ][ 'FileType' ] != 2 ) {
  107.       print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' is not a real `' . $file_ext . '` image', 'code' => 0 ) ) );
  108.       if ( $img_counter == 0 ) {
  109.         $delinfostmt->execute();
  110.       }
  111.       exit();
  112.     }
  113.  
  114.     if ( empty( $exif[ 'GPS' ][ 'GPSLatitude' ] ) && empty( $exif[ 'GPS' ][ 'GPSLongitude' ] ) ) {
  115.       print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' is not Geo-Tagged, and cannot be uploaded.', 'code' => 0 ) ) );
  116.       if ( $img_counter == 0 ) {
  117.         $delinfostmt->execute();
  118.       }
  119.       exit();
  120.     }
  121.  
  122.     if ( empty( $exif[ 'EXIF' ][ 'DateTimeOriginal' ] ) ) {
  123.       print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' can\'t be uploaded because it doesn\'t have a timestamp.', 'code' => 0 ) ) );
  124.       if ( $img_counter == 0 ) {
  125.         $delinfostmt->execute();
  126.       }
  127.       exit();
  128.     }
  129.  
  130.     $filetemp = imagecreatefromjpeg( $filetemp );
  131.     if ( !empty( $exif[ 'IFD0' ][ 'Orientation' ] ) && in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 2, 3, 4, 5, 6, 7, 8 ] ) ) {
  132.       if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 3, 4 ] ) ) {
  133.         $filetemp = imagerotate( $filetemp, 180, 0 );
  134.         $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
  135.         $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
  136.       }
  137.       if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 5, 6 ] ) ) {
  138.         $filetemp = imagerotate( $filetemp, -90, 0 );
  139.         $upload_file_width = $exif[ 'COMPUTED' ][ 'Height' ];
  140.         $upload_file_height = $exif[ 'COMPUTED' ][ 'Width' ];
  141.       }
  142.       if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 7, 8 ] ) ) {
  143.         $filetemp = imagerotate( $filetemp, 90, 0 );
  144.         $upload_file_width = $exif[ 'COMPUTED' ][ 'Height' ];
  145.         $upload_file_height = $exif[ 'COMPUTED' ][ 'Width' ];
  146.       }
  147.       if ( in_array( $exif[ 'Orientation' ], [ 2, 5, 7, 4 ] ) ) {
  148.         imageflip( $filetemp, IMG_FLIP_HORIZONTAL );
  149.         $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
  150.         $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
  151.       }
  152.     } else {
  153.       $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
  154.       $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
  155.     }
  156.  
  157.     $getGPSLAT = getGps( $exif[ 'GPS' ][ 'GPSLatitude' ], $exif[ 'GPS' ][ 'GPSLatitudeRef' ] );
  158.     $getGPSLNG = getGps( $exif[ 'GPS' ][ 'GPSLongitude' ], $exif[ 'GPS' ][ 'GPSLongitudeRef' ] );
  159.  
  160.     // time to add the string: "pixuniverse.com | session[username]" watermark
  161.     $fontsize = 5;
  162.     $wm_str = '(c) ' . $_SESSION[ 'un' ] . ' | Pixuniverse.com';
  163.  
  164.     $wm_png = BASE_URL . 'assets/img/pu_watermark.png';
  165.  
  166.     $wm_png = imagecreatefrompng( $wm_png );
  167.  
  168.     // clone the uploaded image
  169.     $cloned_filetemp = imagescale( $filetemp, 550 );
  170.  
  171.     // get displayed image dimensions
  172.     $clonedimg_w = imagesx( $cloned_filetemp );
  173.     $clonedimg_h = imagesy( $cloned_filetemp );
  174.  
  175.     $wmstr_w = imagefontwidth( $fontsize ) * strlen( $wm_str );
  176.     $wmstr_h = imagefontheight( $fontsize );
  177.  
  178.     $txtPosX = $clonedimg_w - $wmstr_w - 10;
  179.     $txtPosY = $clonedimg_h - $wmstr_h - 10;
  180.  
  181.     // font color r, g, b
  182.     $fontcolor = imagecolorallocate( $cloned_filetemp, 33, 150, 255 );
  183.  
  184.     imagecopyresampled( $cloned_filetemp, $filetemp, 0, 0, 0, 0, $clonedimg_w, $clonedimg_h, $upload_file_width, $upload_file_height );
  185.  
  186.     imagestring( $cloned_filetemp, $fontsize, $txtPosX, $txtPosY, $wm_str, $fontcolor );
  187.  
  188.     $wm_png = imagescale( $wm_png, $clonedimg_w, $clonedimg_h );
  189.  
  190.     imagecopy( $cloned_filetemp, $wm_png, 0, 0, 0, 0, imagesx( $wm_png ), imagesy( $wm_png ) );
  191.  
  192.     // rename images before upload
  193.     $newfilename = rand( 100, 999 ) . '_' . $key . '-' . time() . '.png';
  194.     $wm_filename = 'wm_' . $key . hash( 'crc32b', $newfilename ) . rand( 100, 999 ) . '.png';
  195.  
  196.     $original_path = $downloadable_path . $_SESSION[ 'un' ] . DIRECTORY_SEPARATOR . $newfilename;
  197.     $stamped_path = $watermark_path . $_SESSION[ 'un' ] . DIRECTORY_SEPARATOR . $wm_filename;
  198.  
  199.     imagepng( $filetemp, $original_path );
  200.  
  201.     imagepng( $cloned_filetemp, $stamped_path );
  202.  
  203.     // destroy image caches
  204.     imagedestroy( $wm_png );
  205.     imagedestroy( $filetemp );
  206.     imagedestroy( $cloned_filetemp );
  207.  
  208.     $img_counter += 1;
  209.  
  210.     // save info to database
  211.     $picturestmt->bindParam( 1, $_SESSION[ 'uid' ] );
  212.     $picturestmt->bindParam( 2, $postLastID );
  213.     $picturestmt->bindParam( 3, $original_path );
  214.     $picturestmt->bindParam( 4, $stamped_path );
  215.     $picturestmt->bindParam( 5, $exif[ 'FILE' ][ 'FileSize' ] );
  216.     $picturestmt->bindParam( 6, $exif[ 'FILE' ][ 'MimeType' ] );
  217.     $picturestmt->bindParam( 7, $upload_file_width );
  218.     $picturestmt->bindParam( 8, $upload_file_height );
  219.     $picturestmt->bindParam( 9, $getGPSLAT );
  220.     $picturestmt->bindParam( 10, $getGPSLNG );
  221.     $picturestmt->bindParam( 11, DateTime::createFromFormat( 'Y:m:d H:i:s e', $exif[ 'EXIF' ][ 'DateTimeOriginal' ] . ' ' . fetchTimezoneBy( $getGPSLAT, $getGPSLNG ) )->format( 'U' ) );
  222.     $picturestmt->bindParam( 12, time() );
  223.     $picturestmt->execute();
  224.   }
  225.  
  226.   print( json_encode( array( 'status' => 'success', 'alertMsg' => 'All pictures have been uploaded', 'code' => 1 ) ) );
  227.   exit();
  228. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!