Skip to content
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 36 additions & 23 deletions api/newPost.php
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,21 @@
$postImage = $_FILES["postImage"];

$imageHash = hash_file("sha256", $postImage["tmp_name"]);
$fileExtension = "png";
$fileExtension = pathinfo($postImage["name"], PATHINFO_EXTENSION);
$uniqueFileName = $imageHash . "." . $fileExtension;

$target_file = $_SERVER['DOCUMENT_ROOT'] . "/" . TARGET_UPLOAD_PATH . $uniqueFileName;
// normalize filesystem target directory and URL
$docRoot = rtrim($_SERVER['DOCUMENT_ROOT'], "/\\");
$uploadPath = trim(TARGET_UPLOAD_PATH, "/\\");
$targetDirFs = $docRoot . DIRECTORY_SEPARATOR . $uploadPath;
if (!is_dir($targetDirFs)) {
mkdir($targetDirFs, 0755, true);
}
$target_file = $targetDirFs . DIRECTORY_SEPARATOR . $uniqueFileName;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$fileUrl = TARGET_UPLOAD_DIR . $uniqueFileName;

$fileUrl = rtrim(TARGET_UPLOAD_DIR, "/\\") . '/' . rawurlencode($uniqueFileName);

$check = getimagesize($postImage["tmp_name"]);

Expand All @@ -50,22 +57,30 @@

if ($uploadOk == 0) {
echo "<br>Sorry, the file was not uploaded.<br>";
exit();
} else {
// Resize the uploaded image
$resizedImage = imagecreatefromstring(file_get_contents($postImage["tmp_name"]));
$newWidth = POST_IMAGE_WIDTH; // Adjust this value as needed
$aspectRatio = imagesx($resizedImage) / imagesy($resizedImage);
$newHeight = $newWidth / $aspectRatio;
if ($newHeight > ($newWidth * 3)){
$newHeight = $newWidth * 3;
}
$resizedImage = imagescale($resizedImage, $newWidth, $newHeight);
imagejpeg($resizedImage, $target_file);
imagedestroy($resizedImage);

if($resizedImage == false){
echo "error with resizing image.";
exit();
// If the uploaded file is a GIF, move it as-is to preserve animation
if (strtolower($fileExtension) === 'gif') {
if (!move_uploaded_file($postImage['tmp_name'], $target_file)) {
echo "Error saving uploaded GIF file.<br>";
exit();
}
} else {
// Resize the uploaded image using GD for non-GIF formats
$resizedImage = imagecreatefromstring(file_get_contents($postImage["tmp_name"]));
$newWidth = POST_IMAGE_WIDTH; // Adjust this value as needed
$aspectRatio = imagesx($resizedImage) / imagesy($resizedImage);
$newHeight = $newWidth / $aspectRatio;
if ($newHeight > ($newWidth * 3)) {
$newHeight = $newWidth * 3;
}
$resizedImage = imagescale($resizedImage, $newWidth, $newHeight);
imagejpeg($resizedImage, $target_file);
imagedestroy($resizedImage);

if ($resizedImage == false) {
echo "error with resizing image.";
}
}

$PostContent .= "<br></br> <img class='postImg' src='$fileUrl' alt='$uniqueFileName'/>";
Expand All @@ -75,16 +90,15 @@
$db = new Database();


$sanitizedPostContent = strip_tags($PostContent, implode('', ALLOWED_POST_BALISE));

$sanitizedPostContent = strip_tags($PostContent, implode('', ALLOWED_POST_BALISES));
// transform content link into html <a>
$url = "/http(s)?:\/\/([\w-]+\.)+[\w-]+(\/[\w\- .\/?%&=]*)?/";
$sanitizedPostContent = preg_replace($url, "<a target='_blank' href='$0'>$0</a>", $sanitizedPostContent);


$cleanPostContent = $db->escapeStrings($sanitizedPostContent);

if (strlen(strip_tags($PostContent)) < 2 || strlen(strip_tags($PostContent)) > MAX_POSTS_LENGTH) {
if (strlen(strip_tags($PostContent)) > MAX_POSTS_LENGTH) {
echo "Error with post length <br>";
echo strlen($PostContent);
exit();
Expand All @@ -97,4 +111,3 @@
$db->query($insertNewPostSqlPrompt);

header('Location: ../index.php?p=home');
?>
4 changes: 2 additions & 2 deletions api/saveSettings.php
Original file line number Diff line number Diff line change
Expand Up @@ -86,11 +86,11 @@
$fileExtension = "png";
$uniqueFileName = "pp_$userId." . $fileExtension;

$target_file = $_SERVER['DOCUMENT_ROOT'] . "/" . TARGET_UPLOAD_DIR . $uniqueFileName;
$target_file = $_SERVER['DOCUMENT_ROOT'] . "/" . TARGET_UPLOAD_PATH . $uniqueFileName;
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));

$fileUrl = $fullDomain . "/" . TARGET_UPLOAD_DIR . $uniqueFileName;
$fileUrl = $fullDomain . "/" . TARGET_UPLOAD_PATH . $uniqueFileName;

$check = getimagesize($profilePict["tmp_name"]);

Expand Down
2 changes: 1 addition & 1 deletion api/utils/database.php
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ class Database {

private $conn;
public function __construct() {
include_once(dirname(__FILE__) . "/../../config.php");
include_once(dirname(__FILE__) . "/../config.php");
$this->conn = new mysqli(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);

if ($this->conn->connect_error) {
Expand Down
Loading