Cyclone-Team/e949
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Продолжение переписывания

Browse Source
This commit is contained in:
Shr3dd3r
2023-11-03 02:38:51 +03:00
parent 12143c148d
commit a573faf5a1
7 changed files with 236 additions and 144 deletions
Download Patch File Download Diff File Expand all files Collapse all files

151
api/post/create.php
View File

@ -3,28 +3,31 @@
// Includes
require_once("../_auth.php");
require_once("../_utils.php");
require_once("../_errorslist.php");
require_once("../_types.php");
require_once("../user/index.php");
// Functions
/*
* FUNCTION
* Check if image size properties are valid
*/
function ImageSizeIsValid ($x, $y) {
function Post_ImgResIsValid ($x, $y): bool {
global $Config;
return ($x <= $Config["media"]["max_pic_res"]["x"])
&& ($y <= $Config["media"]["max_pic_res"]["y"])
&& (GetRatio($x, $y) <= $Config["media"]["max_pic_res"]["ratio"]);
&& (Utils_GetRatio($x, $y) <= $Config["media"]["max_pic_res"]["ratio"]);
}
/*
* FUNCTION
* Create preview version of image
*/
function Post_CreatePreviewFromImage ($src, $dst) {
function Post_CreatePreviewFromImage ($src, $dst): ReturnT {
$img = null;
// Reading image from source path
@ -36,18 +39,20 @@ function Post_CreatePreviewFromImage ($src, $dst) {
$img = imagecreatefrompng($src);
break;
default:
throw new Exception("invalid mime type");
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "invalid mime type");
}
// Saving it as LQ JPEG
imagejpeg($img, $dst, 30);
return new ReturnT(data: true);
}
/*
* FUNCTION
* Store image
*/
function Post_StoreImage ($path, $preview = true) {
function Post_StoreImage ($path, $preview = true): ReturnT {
global $Config;
// Paths
@ -60,37 +65,105 @@ function Post_StoreImage ($path, $preview = true) {
if ($Config["media"]["previews_enabled"] && $preview) {
$previewDir = "../../" . $Config["media"]["prevs_path"];
$previewPath = JoinPaths($previewDir, $fileName . ".jpg");
Post_CreatePreviewFromImage($path, $previewPath);
$res = Post_CreatePreviewFromImage($path, $previewPath);
if ($res.IsError())
return $res;
}
move_uploaded_file($path, $targetPath);
return new ReturnT(data: true);
}
/*
* FUNCTION
* Create single publication
*/
function Post_Create (
int $author_id,
string $tags,
string $pic_path,
?string $title = null,
?string $prev_path = null,
bool $comms_enabled = false,
bool $edit_lock = false
): ReturnT {
$result = null;
// Author ID should exist
if (!User_IDExist($author_id))
return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "specified user id does not exist");
// Performing SQL query
$s = $db->prepare("INSERT INTO posts (author_id,comment_section_id,tags,title,pic_path,preview_path,comments_enabled,edit_lock) VALUES (?,?,?,?,?,?,?,?)");
$s->bind_param("ssssssss", $author_id, null, $tags, $title, $pic_path, $prev_path, $comms_enabled, $edit_lock);
if ($s->execute() === false)
return new ReturnT(err_code: E_DBE_INSERTFAIL, err_desc: "failed to create post record in DB");
return new ReturnT(data: $result);
}
// Methods
/*
* METHOD
* Create single publication
*/
function Post_Create ($author, $tags, $pic_path, $title = null, $prev_path = null, $comms_enabled = false, $edit_lock = false): ReturnT {
global $db;
function Post_Create_Method (array $req, array $files): ReturnT {
global $db, $Config, $LOGGED_IN, $THIS_USER;
$result = null;
$author_id = $THIS_USER;
$tags = null;
$pic_path = null;
$title = null;
$prev_path = null;
$comms_enabled = false;
// Check post params
// Author ID should exist
if (!User_IDExist($author))
// TODO
// Input sanity checks
// Performing SQL query
$s = $db->prepare("INSERT INTO posts (author_id,comment_section_id,tags,title,pic_path,preview_path,comments_enabled,edit_lock) VALUES (?,?,?,?,?,?,?,?)");
$s->bind_param("ssssssss", $author, null, $tags, $title, $pic_path, $prev_path, $comms_enabled, $edit_lock);
// Check if user is authenticated
if (!$LOGGED_IN)
return new ReturnT(err_code: E_AUT_NOTAUTHED, err_desc: "you must be logged in to create posts");
if ($s->execute() !== true) {
return new ReturnT(null, 601, "failed to create post record in DB");
}
// Check if there are necessary input
if (!(isset($req["tags"]) && isset($files["pic"])))
return new ReturnT(err_code: E_UIN_INSUFARGS, err_desc: "tags and picture are necessary");
return new ReturnT($result);
// TODO: add rate-limiting, instead of this
// Check user role
if (User_HasRole($THIS_USER, "newbie").GetData())
return new ReturnT(err_code: E_ACS_INSUFROLE, err_desc: "newbies cant create posts");
// Check image properties
// If size is too large
if ($files["pic"]["size"] > $Config["media"]["max_pic_size"])
return new ReturnT(err_code: E_UIN_FILE2LARGE, err_desc: "picture size is too large");
$TmpFilePath = $_FILES["pic"]["tmp_name"];
$Ext = strtolower(pathinfo($TmpFilePath, PATHINFO_EXTENSION));
// If file extension is not in list of allowed
if (!in_array($Ext, $Config["media"]["allowed_exts"]))
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "picture extension is invalid");
// If file mime type is not in list of allowed
if (!in_array(mime_content_type($TmpFilePath), $Config["media"]["allowed_mimetypes"]))
return new ReturnT(err_code: E_UIN_FILETYPE, err_desc: "picture mime type is invalid");
// Check if resolution is bigger than allowed or have unacceptable aspect ratio
list($SzX, $SzY, $Type, $Attr) = getimagesize($TmpFilePath);
if (!Post_ImgResIsValid($SzX, $SzY))
return new ReturnT(err_code: E_UIN_IMGBADRES, err_desc: "image with that resolution or aspect ratio cant be accepted");
// Copy picture to storage folder
$res = Post_StoreImage($TmpFilePath, $Config["media"]["previews_enabled"]);
if ($res.IsError())
return $res;
// TODO
// Actions
return Post_Create($author_id, $tags, $pic_path, $title, $prev_path, $comms_enabled, false);
}
@ -98,43 +171,7 @@ function Post_Create ($author, $tags, $pic_path, $title = null, $prev_path = nul
if (ThisFileIsRequested(__FILE__)) {
require_once("../_json.php");
// Check if there are necessary input
if (!(isset($_POST["tags"]) && isset($_FILES["pic"])))
ReturnJSONError($Err_RDP_InvalidArgs, "not enough arguments");
// TODO: add rate-limiting, instead of this
// Check user privs
if (User_HasRole($THIS_USER, "newbie"))
ReturnJSONError($Err_DP_NotEnoughRole, "newbies cant create posts");
// Check image properties
// If size is too large
if ($_FILES["pic"]["size"] > $Config["media"]["max_pic_size"])
ReturnJSONError($Err_DP_FileTooLarge, "picture is too large");
$TmpFilePath = $_FILES["pic"]["tmp_name"];
$Ext = strtolower(pathinfo($TmpFilePath, PATHINFO_EXTENSION));
// If file extension is not in list of allowed
if (in_array($Ext, $Config["media"]["allowed_exts"]))
ReturnJSONError($Err_DP_FileWrongType, "file extension is invalid");
// If file mime type is not in list of allowed
if (in_array(mime_content_type($TmpFilePath), $Config["media"]["allowed_mimetypes"]))
ReturnJSONError($Err_DP_FileWrongType, "file mime type is invalid");
// Check if resolution is bigger than allowed or have unacceptable aspect ratio
list($SzX, $SzY, $Type, $Attr) = getimagesize($TmpFilePath);
if (!Post_ImageIsValid($SzX, $SzY))
ReturnJSONError($Err_DP_ImageWrongRes, "image with that resolution or aspect ratio cant be accepted");
// TODO: delete image if unacceptable
// Copy picture to storage folder
Post_StoreImage($TmpFilePath, $Config)
// Create post
//$success = Post_Create(
// TODO: cleanup if bad result
}
?>

77
api/post/index.php
View File

@ -2,11 +2,18 @@
require_once("../_auth.php");
require_once("../_utils.php");
require_once("../_errorslist.php");
require_once("../_types.php");
// Increment number of views for post
function Post_AddView ($id) {
// Functions
/*
* FUNCTION
* Increment number of views for post
*/
function Post_AddView (int $id): ReturnT {
global $db;
$s = $db->prepare("UPDATE posts SET views = views + 1 WHERE id = ?");
@ -14,14 +21,17 @@ function Post_AddView ($id) {
$s->execute();
$d = $s->get_result()->fetch_assoc();
if (!(bool)$d) {
require_once("../_json.php");
ReturnJSONError($Err_Int_Unexpected, "failed to increment number of views");
}
if (!(bool)$d)
return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "failed to increment number of views");
return new ReturnT(data: true);
}
// Get single publication by ID
function Post_GetByID ($id) {
/*
* FUNCTION
* Get post information by ID
*/
function Post_GetByID (int $id): ReturnT {
global $db;
$result = array();
@ -31,9 +41,8 @@ function Post_GetByID ($id) {
$s->execute();
$d = $s->get_result()->fetch_assoc();
if (!(bool)$d) {
return null;
}
if (!(bool)$d)
return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "failed to get post");
$result["id"] = $d["id"];
$result["author_id"] = $d["author_id"];
@ -49,29 +58,49 @@ function Post_GetByID ($id) {
$result["preview_path"] = $d["preview_path"];
$result["edit_lock"] = $d["edit_lock"];
Post_AddView($id); // TODO: add rate-limit or completely rework
$r = Post_AddView($id); // TODO: add rate-limit or completely rework
if ($r.IsError())
return $r;
return $result;
return new ReturnT(data: $result);
}
if (ThisFileIsRequested(__FILE__)) {
require_once("../_json.php");
// Methods
if (isset($_REQUEST["id"])) {
if (!ctype_digit($_REQUEST["id"]))
ReturnJSONError($Err_RDP_InvalidID, "id must be numeric");
$UserID = intval($_REQUEST["id"]);
/*
* METHOD
* Get post information by ID
*/
function Post_GetByID_Method (array $req) {
// Input sanity checks
$PostID = null;
if (isset($req["id"])) {
if (!ctype_digit($req["id"]))
return new ReturnT(err_code: E_UIN_BADARGS, "id must be numeric");
$PostID = intval($req["id"]);
} else {
ReturnJSONError($Err_RDP_InvalidID, "id must be specified");
return new ReturnT(err_code: E_UIN_INSUFARGS, "id must be specified");
}
$ResponseData = Post_GetByID($_REQUEST["id"]);
if ($ResponseData)
ReturnJSONData($ResponseData);
// Actions
return Post_GetByID($PostID);
}
if (Utils_ThisFileIsRequested(__FILE__)) {
require_once("../_json.php");
$result = Post_GetByID_Method($_REQUEST);
if ($result->IsError())
$result->ThrowJSONError();
else
ReturnJSONError($Err_DP_IDNotFound, "wrong id");
JSON_ReturnData($result->GetData());
}
?>