aboutsummaryrefslogtreecommitdiff
path: root/Neutron-trunk/api/admin/galery_publish_photo.php
blob: a4c9628f406e411b764eab7d1e2f28827ed6054a (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

<?php require_once "../../resources/private/relative.php"; getRelativeDetails("api"); ?>
<?php

require_once $_SERVER['DOCUMENT_ROOT'] . "/api/lang/processor.php";

if (isset($_COOKIE['_NEUTRON_ADMIN_TOKEN']) && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != ".." && $_COOKIE['_NEUTRON_ADMIN_TOKEN'] != "/") {
    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/tokens/" . $_COOKIE['_NEUTRON_ADMIN_TOKEN'])) {

    } else {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
        if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
        } else {
            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
        }
    }
} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang['api']['token']);
    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log")) {
        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log") . date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
    } else {
        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/system.log", date("d/m/Y H:i:s") . " - APIDENY/" . $_SERVER['REQUEST_METHOD'] . " - " . $_SERVER['REQUEST_URI'] . " - " . $_SERVER['HTTP_USER_AGENT'] . "\n\n");
    }
}

function gen_uuid() {
    return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
        // 32 bits for "time_low"
        mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ),

        // 16 bits for "time_mid"
        mt_rand( 0, 0xffff ),

        // 16 bits for "time_hi_and_version",
        // four most significant bits holds version number 4
        mt_rand( 0, 0x0fff ) | 0x4000,

        // 16 bits, 8 bits for "clk_seq_hi_res",
        // 8 bits for "clk_seq_low",
        // two most significant bits holds zero and one for variant DCE1.1
        mt_rand( 0, 0x3fff ) | 0x8000,

        // 48 bits for "node"
        mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
    );
}

$uuid = gen_uuid();

if (isset($_POST['category'])) {
    if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/categories/" . $_POST['category'])) {

    } else {
        if ($_POST['category'] != "unclassed") {
            require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["catinvalid"]);
        }
    }
} else {
    require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["catnone"]);
}

if (isset($_FILES['file'])) {
    if ($_FILES['file']['error'] == 1) {
        $maxsize = ini_get('upload_max_filesize');
        if ($maxsize > 1000) {
            if ($maxsize > 1000000) {
                $maxsizestr = round($maxsize / 1000000, 2) . " " . $lang["sizes"]["mib"];
            } else {
                $maxsizestr = round($maxsize / 1000, 2) . " " . $lang["sizes"]["kib"];
            }
        } else {
            $maxsizestr = $maxsize . " " . $lang["sizes"]["bytes"];
        }
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filesize"] . " ({$maxsizestr})");
    }
    if ($_FILES['file']['error'] == 2) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileform"]);
    }
    if ($_FILES['file']['error'] == 3) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileincomplete"]);
    }
    if ($_FILES['file']['error'] == 4) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filenotfound"]);
    }
    if ($_FILES['file']['error'] == 6) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filenotempdir"]);
    }
    if ($_FILES['file']['error'] == 7) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["filewriteerror"]);
    }
    if ($_FILES['file']['error'] == 8) {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($lang["api"]["fileint"]);
    }
    if ($_FILES['file']['type'] != "image/png" && $_FILES['file']['type'] != "image/jpeg" && $_FILES['file']['type'] != "image/gif") {
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit($file["api"]["filemime"] . " " . strtoupper(str_ireplace("image/", "", $_FILES['file']['type'])) . ".");
    }
    if ($_FILES['file']['error'] == 0) {
        // if (/*!*//* <-- Fonction de test, décommentez le "!" pour forcer l'affichage de ce message */file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/pictures/" . $uuid)) {
        //     echo("Vous êtes tombé sur une erreur très rare, bravo à vous !\n\nPrenez rapidement ce message en capture d'écran et transmettez le aux développeurs de Neutron.\n\nVous pouvez leur donner cette adresse de galerie Neutron comme preuve :\nmpcms-gallery://" . $uuid . "@");
        //     if (isset($_SERVER['HTTP_HOST'])) {
        //         echo($_SERVER['HTTP_HOST']);
        //     } else {
        //         if (isset($_SERVER['SERVER_NAME'])) {
        //             echo($_SERVER['SERVER_NAME']);
        //         } else {
        //             echo("unknown");
        //         }
        //     }
        //     echo("\n\nVotre site doit être publiquement accessible et vous ne devez pas avoir modifié Neutron pour que votre trouvaille soit référencée.");
        //     exit;
        // }
        imagejpeg(imagecreatefromstring(file_get_contents($_FILES['file']['tmp_name'])), $_SERVER['DOCUMENT_ROOT'] . "/resources/upload/" . $uuid . ".jpg");
        file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/galery/pictures/" . $uuid, "/resources/upload/" . $uuid . ".jpg" . "|" . $_POST['category']);
        unlink($_FILES['file']['tmp_name']);
        if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/picdb.json")) {
            file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/data/webcontent/picdb.json", "{\"" . $_POST['category'] . "\":[\"" . $uuid . "\"]}");
        }
        require $_SERVER['DOCUMENT_ROOT'] . "/api/electrode/quit.php";quit("ok");
    }
}
© Floofi Systems, Some rights reserved. Powered by cgit.