diff options
| author | Horus3 | 2014-10-05 22:00:36 +0200 |
|---|---|---|
| committer | Horus3 | 2014-10-05 22:00:36 +0200 |
| commit | 1851c3a180eafb4563a9f6e4dd40fcc5e925896a (patch) | |
| tree | 7e3f2c85b7297bdeaf34fac2faf8424908c8bde5 /foto/upload.php | |
| parent | 80fb01db10054baf2c4c6e70a677e429fe5c34ee (diff) | |
| download | jungegemeinde-1851c3a180eafb4563a9f6e4dd40fcc5e925896a.tar.gz | |
Experimental support for image uploading.
Diffstat (limited to 'foto/upload.php')
| -rw-r--r-- | foto/upload.php | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/foto/upload.php b/foto/upload.php new file mode 100644 index 0000000..e8d1549 --- /dev/null +++ b/foto/upload.php @@ -0,0 +1,57 @@ +<?php + +if ( ! isset($_FILES["images"]) || $_SERVER["REQUEST_METHOD"] != "POST" ){ + exit; +} +lredirect("gallery"); + +if ( ! isset($_POST["gallery"]) || ! preg_match("/[0-9]+/", $_POST["gallery"]) ) + exit; + +//$extension = array("jpeg", "jpg", "png", "gif"); +$extension = array("jpeg", "jpg", "png", "gif", "webm", "mp4", "avi", "mkv"); +$count = 0; +$message = array(); +define("IMAGE_MAXSIZE", "2000"); +define("IMAGE_PATH", ABSPATH . "/../images/"); + +foreach($_FILES["images"]["tmp_name"] as $f => $tmp_name ){ + if ( $_FILES["images"]["error"][$f] == 4 ) + // no file was uploaded + continue; + + if ( $_FILES["images"]["error"][$f] != 0 ){ + continue; + } + if ( $_FILES["images"]["size"][$f] > IMAGE_MAXSIZE ){ + $message[$count] = $_FILES["images"]["name"][$f] . " is too large!"; + $count++; + continue; + } elseif ( ! in_array( pathinfo($_FILES["images"]["name"][$f], PATHINFO_EXTENSION), $extension ) ){ + $message[$count] = $_FILES["images"]["name"][$f] . " - Extension not allowed!"; + $count++; + continue; + } + $hash = hash_file("md5", $tmp_name); + + $sql = $db->prepare("INSERT INTO " . DBPREFIX . "image (id, gallery, name, desc, owner, mime, size, hash, time) VALUES (NULL, %s, %s, %s, %d, %s, %d, %s, %d);", $_POST["gallery"], $_FILES["images"]["name"][$f], "", $_SESSION["userid"], $_FILES["images"]["mime"][$f], $_FILES["images"]["size"][$f], $hash, time()); + + if ( ! file_exists(IMAGE_PATH . $hash . ".gz") ){ + move_uploaded_file($tmp_name, IMAGE_PATH . $hash); + + $gzfile = IMAGE_PATH . $hash . ".gz"; + $fp = gzopen($gzfile, "w9"); + + if ( ! gzwrite($fp, file_get_contents(IMAGE_PATH . $hash)) ) + exit; + + if ( ! gzclose($fp) ) + exit; + + if ( ! unlink(IMAGE_PATH . $hash) ) + exit; + } + + if ( ! $db->doQuery($sql) ) + exit; +} |