Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- require_once( 'db.php' );
- require_once( 'functions.php' );
- header( 'Content-Type: application/json' );
- session_start();
- if ( !isset( $_SESSION[ 'uid' ] ) ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'You got logged out. <a href="./auth" target="_blank">Login</a> (new tab), come back to this page and tap the "upload" button again', 'code' => 0 ) ) );
- exit();
- }
- $title = trim( $_POST[ 'uploadtitle' ] );
- $tags = trim( $_POST[ 'uploadtags' ], ',' );
- $description = trim( $_POST[ 'uploaddesc' ] );
- // title
- if ( $title == '' ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'Title is required', 'code' => 0 ) ) );
- exit();
- } else {
- $title = filter_var( $title, FILTER_SANITIZE_STRING );
- }
- // tags
- if ( $tags == '' ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'Some tags are required', 'code' => 0 ) ) );
- exit();
- } else {
- $tags = preg_replace( '/\,\s+\,?/', ',', $tags );
- $tagArray = explode( ',', $tags );
- if ( count( $tagArray ) < 2 ) {
- print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Must have at least 2 tags', 'code' => 0 ) ) );
- exit();
- } elseif ( count( $tagArray ) > 5 ) {
- print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Maximum of 5 tags', 'code' => 0 ) ) );
- exit();
- } elseif ( !preg_match( '/^[a-z\,]+$/i', $tags ) ) {
- print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'With the exception of commas as a delimiter, letters only', 'code' => 0 ) ) );
- exit();
- } else {
- $tags = strtolower( filter_var( $tags, FILTER_SANITIZE_STRING ) );
- }
- }
- // pics
- if ( !isset( $_FILES[ 'uploadimg' ] ) && count( $_FILES[ 'uploadimg' ][ 'name' ] ) < 1 ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => 'At least 1 image is needed', 'code' => 0 ) ) );
- exit();
- }
- // description
- if ( $description == '' ) {
- $description = NULL;
- } else {
- if ( strlen( $description ) > 250 ) {
- print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'Your description exceeds 100 characters', 'code' => 0 ) ) );
- exit();
- } else {
- $description = filter_var( $description, FILTER_SANITIZE_STRING );
- }
- }
- $poststmt = $dbh->prepare( "INSERT INTO `posts` (`user`, `title`, `tags`, `description`, `posted_at`) VALUES (?, ?, ?, ?, ?)" );
- $poststmt->bindParam( 1, $_SESSION[ 'uid' ] );
- $poststmt->bindParam( 2, $title );
- $poststmt->bindParam( 3, $tags );
- $poststmt->bindParam( 4, $description );
- $poststmt->bindParam( 5, time() );
- if ( $poststmt->execute() ) {
- $postLastID = $dbh->lastInsertId();
- $delinfostmt = $dbh->prepare( "DELETE FROM posts WHERE `postID`=?" );
- $delinfostmt->bindParam( 1, $postLastID );
- $gallery_folder = BASE_URL . 'bd1b0b95/';
- $downloadable_path = $gallery_folder . 'b9e16937/';
- $watermark_path = $gallery_folder . '5d19d377/';
- $img_counter = 0;
- $picturestmt = $dbh->prepare( "INSERT INTO `pictures` (`user`, `post`, `original`, `watermarked`, `size`, `type`, `width`, `height`, `pic_lat`, `pic_lng`, `taken_at`, `uploaded_at`) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)" );
- foreach ( $_FILES[ 'uploadimg' ][ 'tmp_name' ] as $key => $tmp_name ) {
- // get basic file information
- $filename = $_FILES[ 'uploadimg' ][ 'name' ][ $key ];
- $filesize = $_FILES[ 'uploadimg' ][ 'size' ][ $key ];
- $filetype = $_FILES[ 'uploadimg' ][ 'type' ][ $key ];
- $filetemp = $_FILES[ 'uploadimg' ][ 'tmp_name' ][ $key ];
- // basic extension validation
- $allowed_ext = array( 'jpeg', 'jpg', 'JPEG', 'JPG' );
- $file_ext = strtolower( pathinfo( $filename, PATHINFO_EXTENSION ) );
- if ( !in_array( $file_ext, $allowed_ext ) ) {
- print( json_encode( array( 'status' => 'warning', 'alertMsg' => 'The extension of `' . $file_ext . '` not allowed with file: ' . $filename, 'code' => 0 ) ) );
- if ( $img_counter == 0 ) {
- $delinfostmt->execute();
- }
- exit();
- }
- $exif = exif_read_data( $filetemp, 0, true );
- // really read the file "blob" signature validation ("obnoxious sibling")
- if ( $exif[ 'FILE' ][ 'FileType' ] != 2 ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' is not a real `' . $file_ext . '` image', 'code' => 0 ) ) );
- if ( $img_counter == 0 ) {
- $delinfostmt->execute();
- }
- exit();
- }
- if ( empty( $exif[ 'GPS' ][ 'GPSLatitude' ] ) && empty( $exif[ 'GPS' ][ 'GPSLongitude' ] ) ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' is not Geo-Tagged, and cannot be uploaded.', 'code' => 0 ) ) );
- if ( $img_counter == 0 ) {
- $delinfostmt->execute();
- }
- exit();
- }
- if ( empty( $exif[ 'EXIF' ][ 'DateTimeOriginal' ] ) ) {
- print( json_encode( array( 'status' => 'danger', 'alertMsg' => $filename . ' can\'t be uploaded because it doesn\'t have a timestamp.', 'code' => 0 ) ) );
- if ( $img_counter == 0 ) {
- $delinfostmt->execute();
- }
- exit();
- }
- $filetemp = imagecreatefromjpeg( $filetemp );
- if ( !empty( $exif[ 'IFD0' ][ 'Orientation' ] ) && in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 2, 3, 4, 5, 6, 7, 8 ] ) ) {
- if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 3, 4 ] ) ) {
- $filetemp = imagerotate( $filetemp, 180, 0 );
- $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
- $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
- }
- if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 5, 6 ] ) ) {
- $filetemp = imagerotate( $filetemp, -90, 0 );
- $upload_file_width = $exif[ 'COMPUTED' ][ 'Height' ];
- $upload_file_height = $exif[ 'COMPUTED' ][ 'Width' ];
- }
- if ( in_array( $exif[ 'IFD0' ][ 'Orientation' ], [ 7, 8 ] ) ) {
- $filetemp = imagerotate( $filetemp, 90, 0 );
- $upload_file_width = $exif[ 'COMPUTED' ][ 'Height' ];
- $upload_file_height = $exif[ 'COMPUTED' ][ 'Width' ];
- }
- if ( in_array( $exif[ 'Orientation' ], [ 2, 5, 7, 4 ] ) ) {
- imageflip( $filetemp, IMG_FLIP_HORIZONTAL );
- $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
- $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
- }
- } else {
- $upload_file_width = $exif[ 'COMPUTED' ][ 'Width' ];
- $upload_file_height = $exif[ 'COMPUTED' ][ 'Height' ];
- }
- $getGPSLAT = getGps( $exif[ 'GPS' ][ 'GPSLatitude' ], $exif[ 'GPS' ][ 'GPSLatitudeRef' ] );
- $getGPSLNG = getGps( $exif[ 'GPS' ][ 'GPSLongitude' ], $exif[ 'GPS' ][ 'GPSLongitudeRef' ] );
- // time to add the string: "pixuniverse.com | session[username]" watermark
- $fontsize = 5;
- $wm_str = '(c) ' . $_SESSION[ 'un' ] . ' | Pixuniverse.com';
- $wm_png = BASE_URL . 'assets/img/pu_watermark.png';
- $wm_png = imagecreatefrompng( $wm_png );
- // clone the uploaded image
- $cloned_filetemp = imagescale( $filetemp, 550 );
- // get displayed image dimensions
- $clonedimg_w = imagesx( $cloned_filetemp );
- $clonedimg_h = imagesy( $cloned_filetemp );
- $wmstr_w = imagefontwidth( $fontsize ) * strlen( $wm_str );
- $wmstr_h = imagefontheight( $fontsize );
- $txtPosX = $clonedimg_w - $wmstr_w - 10;
- $txtPosY = $clonedimg_h - $wmstr_h - 10;
- // font color r, g, b
- $fontcolor = imagecolorallocate( $cloned_filetemp, 33, 150, 255 );
- imagecopyresampled( $cloned_filetemp, $filetemp, 0, 0, 0, 0, $clonedimg_w, $clonedimg_h, $upload_file_width, $upload_file_height );
- imagestring( $cloned_filetemp, $fontsize, $txtPosX, $txtPosY, $wm_str, $fontcolor );
- $wm_png = imagescale( $wm_png, $clonedimg_w, $clonedimg_h );
- imagecopy( $cloned_filetemp, $wm_png, 0, 0, 0, 0, imagesx( $wm_png ), imagesy( $wm_png ) );
- // rename images before upload
- $newfilename = rand( 100, 999 ) . '_' . $key . '-' . time() . '.png';
- $wm_filename = 'wm_' . $key . hash( 'crc32b', $newfilename ) . rand( 100, 999 ) . '.png';
- $original_path = $downloadable_path . $_SESSION[ 'un' ] . DIRECTORY_SEPARATOR . $newfilename;
- $stamped_path = $watermark_path . $_SESSION[ 'un' ] . DIRECTORY_SEPARATOR . $wm_filename;
- imagepng( $filetemp, $original_path );
- imagepng( $cloned_filetemp, $stamped_path );
- // destroy image caches
- imagedestroy( $wm_png );
- imagedestroy( $filetemp );
- imagedestroy( $cloned_filetemp );
- $img_counter += 1;
- // save info to database
- $picturestmt->bindParam( 1, $_SESSION[ 'uid' ] );
- $picturestmt->bindParam( 2, $postLastID );
- $picturestmt->bindParam( 3, $original_path );
- $picturestmt->bindParam( 4, $stamped_path );
- $picturestmt->bindParam( 5, $exif[ 'FILE' ][ 'FileSize' ] );
- $picturestmt->bindParam( 6, $exif[ 'FILE' ][ 'MimeType' ] );
- $picturestmt->bindParam( 7, $upload_file_width );
- $picturestmt->bindParam( 8, $upload_file_height );
- $picturestmt->bindParam( 9, $getGPSLAT );
- $picturestmt->bindParam( 10, $getGPSLNG );
- $picturestmt->bindParam( 11, DateTime::createFromFormat( 'Y:m:d H:i:s e', $exif[ 'EXIF' ][ 'DateTimeOriginal' ] . ' ' . fetchTimezoneBy( $getGPSLAT, $getGPSLNG ) )->format( 'U' ) );
- $picturestmt->bindParam( 12, time() );
- $picturestmt->execute();
- }
- print( json_encode( array( 'status' => 'success', 'alertMsg' => 'All pictures have been uploaded', 'code' => 1 ) ) );
- exit();
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement