diff options
| author | Minteck <nekostarfan@gmail.com> | 2021-08-24 15:38:16 +0200 |
|---|---|---|
| committer | Minteck <nekostarfan@gmail.com> | 2021-08-24 15:38:16 +0200 |
| commit | 529ffcbfa97ab51a64a97f6dff08aeb2bc0cc105 (patch) | |
| tree | 8a50c30271b9b328cde0d907b1441f2dabdc341b /Neutron-trunk/api/admin/galery_publish_photo.php | |
| parent | 15e4724761c50b30803df1811a525c85058f70bf (diff) | |
| download | electrode-529ffcbfa97ab51a64a97f6dff08aeb2bc0cc105.tar.gz electrode-529ffcbfa97ab51a64a97f6dff08aeb2bc0cc105.tar.bz2 electrode-529ffcbfa97ab51a64a97f6dff08aeb2bc0cc105.zip | |
Update
Diffstat (limited to 'Neutron-trunk/api/admin/galery_publish_photo.php')
| -rw-r--r-- | Neutron-trunk/api/admin/galery_publish_photo.php | 120 |
1 files changed, 120 insertions, 0 deletions
diff --git a/Neutron-trunk/api/admin/galery_publish_photo.php b/Neutron-trunk/api/admin/galery_publish_photo.php new file mode 100644 index 0000000..a4c9628 --- /dev/null +++ b/Neutron-trunk/api/admin/galery_publish_photo.php @@ -0,0 +1,120 @@ +<?php require_once "../../resources/private/relative.php"; getRelativeDetails("api"); ?> +<?php + +require_once $_SERVER['DOCUMENT_ROOT'] . "/api/lang/processor.php"; + +if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/") { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $_COOKIE['_NEUTRON_ADMIN_TOKEN'])) { + + } else { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']); + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n"); + } else { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n"); + } + } +} else { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']); + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n"); + } else { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n"); + } +} + +function gen_uuid() { + return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x', + // 32 bits for "time_low" + mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), + + // 16 bits for "time_mid" + mt_rand( 0, 0xffff ), + + // 16 bits for "time_hi_and_version", + // four most significant bits holds version number 4 + mt_rand( 0, 0x0fff ) | 0x4000, + + // 16 bits, 8 bits for "clk_seq_hi_res", + // 8 bits for "clk_seq_low", + // two most significant bits holds zero and one for variant DCE1.1 + mt_rand( 0, 0x3fff ) | 0x8000, + + // 48 bits for "node" + mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ) + ); +} + +$uuid = gen_uuid(); + +if (isset($_POST['category'])) { + if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/categories/" . $_POST['category'])) { + + } else { + if ($_POST['category'] != "unclassed") { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["catinvalid"]); + } + } +} else { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["catnone"]); +} + +if (isset($_FILES['file'])) { + if ($_FILES['file']['error'] == 1) { + $maxsize = ini_get('upload_max_filesize'); + if ($maxsize > 1000) { + if ($maxsize > 1000000) { + $maxsizestr = round($maxsize / 1000000, 2) . " " . $lang["sizes"]["mib"]; + } else { + $maxsizestr = round($maxsize / 1000, 2) . " " . $lang["sizes"]["kib"]; + } + } else { + $maxsizestr = $maxsize . " " . $lang["sizes"]["bytes"]; + } + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filesize"] . " ({$maxsizestr})"); + } + if ($_FILES['file']['error'] == 2) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileform"]); + } + if ($_FILES['file']['error'] == 3) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileincomplete"]); + } + if ($_FILES['file']['error'] == 4) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filenotfound"]); + } + if ($_FILES['file']['error'] == 6) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filenotempdir"]); + } + if ($_FILES['file']['error'] == 7) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filewriteerror"]); + } + if ($_FILES['file']['error'] == 8) { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileint"]); + } + if ($_FILES['file']['type'] != "image/png" && $_FILES['file']['type'] != "image/jpeg" && $_FILES['file']['type'] != "image/gif") { + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($file["api"]["filemime"] . " " . strtoupper(str_ireplace("image/", "", $_FILES['file']['type'])) . "."); + } + if ($_FILES['file']['error'] == 0) { + // if (/*!*//* <-- Fonction de test, décommentez le "!" pour forcer l'affichage de ce message */file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/pictures/" . $uuid)) { + // echo("Vous êtes tombé sur une erreur très rare, bravo à vous !\n\nPrenez rapidement ce message en capture d'écran et transmettez le aux développeurs de Neutron.\n\nVous pouvez leur donner cette adresse de galerie Neutron comme preuve :\nmpcms-gallery://" . $uuid . "@"); + // if (isset($_SERVER['HTTP_HOST'])) { + // echo($_SERVER['HTTP_HOST']); + // } else { + // if (isset($_SERVER['SERVER_NAME'])) { + // echo($_SERVER['SERVER_NAME']); + // } else { + // echo("unknown"); + // } + // } + // echo("\n\nVotre site doit être publiquement accessible et vous ne devez pas avoir modifié Neutron pour que votre trouvaille soit référencée."); + // exit; + // } + imagejpeg(imagecreatefromstring(file_get_contents($_FILES['file']['tmp_name'])), $_SERVER['DOCUMENT_ROOT'] . "/resources/upload/" . $uuid . ".jpg"); + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/pictures/" . $uuid, "/resources/upload/" . $uuid . ".jpg" . "|" . $_POST['category']); + unlink($_FILES['file']['tmp_name']); + if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/picdb.json")) { + file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/picdb.json", "{\"" . $_POST['category'] . "\":[\"" . $uuid . "\"]}"); + } + require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok"); + } +}
\ No newline at end of file |