1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
|
<?php
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/session.php";
require_once $_SERVER['DOCUMENT_ROOT'] . "/includes/functions.php";
global $_PROFILE; global $_USER;
$id = $_GET['id'] ?? null;
$uuid = uuid();
header("Content-Type: text/plain");
var_dump($_POST, $_FILES["file"], $uuid);
if (!isset($_FILES["file"])) {
header("Location: /upload/$id&error=unreceived");
die();
}
if ($_FILES["file"]["error"] !== 0) {
header("Location: /upload/$id&error=internal");
die();
}
if ($_FILES["file"]["type"] !== "image/png" && $_FILES["file"]["type"] !== "image/jpeg" && $_FILES["file"]["type"] !== "image/webp" && $_FILES["file"]["type"] !== "image/gif" && $_FILES["file"]["type"] !== "image/bmp" && $_FILES["file"]["type"] !== "image/avif") {
header("Location: /upload/$id&error=type");
die();
}
$im = imagecreate(1, 1);
switch ($_FILES["file"]["type"]) {
case "image/png":
$im = imagecreatefrompng($_FILES["file"]["tmp_name"]);
break;
case "image/jpeg":
$im = imagecreatefromjpeg($_FILES["file"]["tmp_name"]);
break;
case "image/webp":
$im = imagecreatefromwebp($_FILES["file"]["tmp_name"]);
break;
case "image/gif":
$im = imagecreatefromgif($_FILES["file"]["tmp_name"]);
break;
case "image/bmp":
$im = imagecreatefrombmp($_FILES["file"]["tmp_name"]);
break;
case "image/avif":
$im = imagecreatefromavif($_FILES["file"]["tmp_name"]);
break;
}
imagejpeg($im, $_SERVER['DOCUMENT_ROOT'] . "/uploads/" . $uuid . ".jpg");
file_put_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/data/requests/" . $uuid . ".json", pf_utf8_encode(json_encode([
"type" => "galleryupload",
"author" => $_USER,
"id" => $id,
"contents" => null,
"summary" => $_POST["summary"],
"date" => date('c')
])));
$config = json_decode(file_get_contents($_SERVER['DOCUMENT_ROOT'] . "/includes/email.json"), true);
file_get_contents('https://notifications.equestria.dev/delta', false, stream_context_create([
'http' => [
'method' => 'POST',
'header' =>
"Content-Type: text/plain\r\n" .
"Title: " . formatPonypush("New change request published") . "\r\n" .
"Priority: default\r\n" .
"Tags: requests\r\n" .
"Actions: view, Open change requests, https://delta.equestria.dev/admin/requests/, clear=true\r\n" .
"Authorization: Basic " . base64_encode($config["ntfyuser"] . ":" . $config["ntfypass"]),
'content' => formatPonypush($_PROFILE['first_name'] . " " . $_PROFILE["last_name"] . " published a request to upload an image to " . getNameFromId($id) . (isset($_POST["summary"]) && trim($_POST["summary"]) !== "" ? ": " . $_POST["summary"] : ""))
]
]));
$_PROFILE["requests"][$id . ":" . $uuid] = $uuid;
saveProfile();
header("Location: /upload/$id&success");
die();
|
