diff --git a/boot.php b/boot.php index 03689bde4..491c182fa 100644 --- a/boot.php +++ b/boot.php @@ -6,7 +6,7 @@ ini_set('pcre.backtrack_limit', 250000); define ( 'FRIENDIKA_VERSION', '2.2.990' ); define ( 'DFRN_PROTOCOL_VERSION', '2.21' ); -define ( 'DB_UPDATE_VERSION', 1056 ); +define ( 'DB_UPDATE_VERSION', 1057 ); define ( 'EOL', "
\r\n" ); define ( 'ATOM_TIME', 'Y-m-d\TH:i:s\Z' ); diff --git a/database.sql b/database.sql index d9cd016f0..6f4704a22 100644 --- a/database.sql +++ b/database.sql @@ -527,6 +527,7 @@ CREATE TABLE IF NOT EXISTS `mailacct` ( CREATE TABLE IF NOT EXISTS `attach` ( `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `uid` INT NOT NULL , +`hash` CHAR(64) NOT NULL, `filetype` CHAR( 64 ) NOT NULL , `filesize` INT NOT NULL , `data` LONGBLOB NOT NULL , diff --git a/include/attach.php b/include/attach.php new file mode 100644 index 000000000..ca53081d9 --- /dev/null +++ b/include/attach.php @@ -0,0 +1,80 @@ + 'text/plain', + 'htm' => 'text/html', + 'html' => 'text/html', + 'php' => 'text/html', + 'css' => 'text/css', + 'js' => 'application/javascript', + 'json' => 'application/json', + 'xml' => 'application/xml', + 'swf' => 'application/x-shockwave-flash', + 'flv' => 'video/x-flv', + + // images + 'png' => 'image/png', + 'jpe' => 'image/jpeg', + 'jpeg' => 'image/jpeg', + 'jpg' => 'image/jpeg', + 'gif' => 'image/gif', + 'bmp' => 'image/bmp', + 'ico' => 'image/vnd.microsoft.icon', + 'tiff' => 'image/tiff', + 'tif' => 'image/tiff', + 'svg' => 'image/svg+xml', + 'svgz' => 'image/svg+xml', + + // archives + 'zip' => 'application/zip', + 'rar' => 'application/x-rar-compressed', + 'exe' => 'application/x-msdownload', + 'msi' => 'application/x-msdownload', + 'cab' => 'application/vnd.ms-cab-compressed', + + // audio/video + 'mp3' => 'audio/mpeg', + 'qt' => 'video/quicktime', + 'mov' => 'video/quicktime', + 'ogg' => 'application/ogg', + + // adobe + 'pdf' => 'application/pdf', + 'psd' => 'image/vnd.adobe.photoshop', + 'ai' => 'application/postscript', + 'eps' => 'application/postscript', + 'ps' => 'application/postscript', + + // ms office + 'doc' => 'application/msword', + 'rtf' => 'application/rtf', + 'xls' => 'application/vnd.ms-excel', + 'ppt' => 'application/vnd.ms-powerpoint', + + + // open office + 'odt' => 'application/vnd.oasis.opendocument.text', + 'ods' => 'application/vnd.oasis.opendocument.spreadsheet', + ); + + if(strpos($filename,'.') !== false) { + $ext = strtolower(array_pop(explode('.',$filename))); + if (array_key_exists($ext, $mime_types)) { + return $mime_types[$ext]; + } + } + elseif (function_exists('finfo_open')) { + $finfo = finfo_open(FILEINFO_MIME); + $mimetype = finfo_file($finfo, $filename); + finfo_close($finfo); + return $mimetype; + } + else { + return 'application/octet-stream'; + } +}} + diff --git a/mod/wall_attach.php b/mod/wall_attach.php new file mode 100644 index 000000000..b539171cf --- /dev/null +++ b/mod/wall_attach.php @@ -0,0 +1,105 @@ +argc > 1) { + $nick = $a->argv[1]; + $r = q("SELECT * FROM `user` WHERE `nickname` = '%s' AND `blocked` = 0 LIMIT 1", + dbesc($nick) + ); + if(! count($r)) + return; + + } + else + return; + + $can_post = false; + $visitor = 0; + + $page_owner_uid = $r[0]['uid']; + $page_owner_nick = $r[0]['nickname']; + $community_page = (($r[0]['page-flags'] == PAGE_COMMUNITY) ? true : false); + + if((local_user()) && (local_user() == $page_owner_uid)) + $can_post = true; + else { + if($community_page && remote_user()) { + $r = q("SELECT `uid` FROM `contact` WHERE `blocked` = 0 AND `pending` = 0 AND `id` = %d AND `uid` = %d LIMIT 1", + intval(remote_user()), + intval($page_owner_uid) + ); + if(count($r)) { + $can_post = true; + $visitor = remote_user(); + } + } + } + + if(! $can_post) { + notice( t('Permission denied.') . EOL ); + killme(); + } + + if(! x($_FILES,'userfile')) + killme(); + + $src = $_FILES['userfile']['tmp_name']; + $filename = basename($_FILES['userfile']['name']); + $filesize = intval($_FILES['userfile']['size']); + + $maxfilesize = get_config('system','maxfilesize'); + + if(($maxfilesize) && ($filesize > $maxfilesize)) { + notice( sprintf(t('File exceeds size limit of %d'), $maxfilesize) . EOL); + @unlink($src); + return; + } + + $filedata = @file_get_contents($src); + + $mimetype = mime_content_type($src); + $hash = random_string(); + $created = datetime_convert(); +dbg(1); + $r = q("INSERT INTO `attach` ( `uid`, `hash`, `filetype`, `filesize`, `data`, `created`, `edited`, `allow_cid`, `allow_gid`,`deny_cid`, `deny_gid` ) + VALUES ( %d, '%s', '%s', %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s' ) ", + intval($page_owner_uid), + dbesc($hash), + dbesc($mimetype), + intval($filesize), + dbesc($filedata), + dbesc($created), + dbesc($created), + dbesc('<' . $page_owner_uid . '>'), + dbesc(''), + dbesc(''), + dbesc('') + ); + + @unlink($src); + + if(! $r) { + echo ( t('File upload failed.') . EOL); + killme(); + } + + $r = q("SELECT `id` FROM `attach` WHERE `uid` = %d AND `created` = '%s' AND `hash` = '%s' LIMIT 1", + intval($page_owner_uid), + dbesc($created), + dbesc($hash) + ); + + if(! count($r)) { + echo ( t('File upload failed.') . EOL); + killme(); + } + + echo '

[attachment]' . $r[0]['id'] . '[/attachment]' . '
'; + + killme(); + // NOTREACHED +} diff --git a/mod/wall_upload.php b/mod/wall_upload.php index f7638b730..bd6b80562 100644 --- a/mod/wall_upload.php +++ b/mod/wall_upload.php @@ -53,7 +53,7 @@ function wall_upload_post(&$a) { $maximagesize = get_config('system','maximagesize'); if(($maximagesize) && ($filesize > $maximagesize)) { - notice( sprintf(t('Image exceeds size limit of %d'), $maximagesize) . EOL); + echo sprintf( t('Image exceeds size limit of %d'), $maximagesize) . EOL; @unlink($src); return; } diff --git a/update.php b/update.php index 603b93b63..cf2c763fd 100644 --- a/update.php +++ b/update.php @@ -486,4 +486,9 @@ function update_1054() { function update_1055() { q("ALTER TABLE `profile` ADD `hidewall` TINYINT( 1 ) NOT NULL DEFAULT '0' AFTER `hide-friends` "); -} \ No newline at end of file +} + +function update_1056() { + q("ALTER TABLE `attach` ADD `hash` CHAR( 64 ) NOT NULL AFTER `uid` "); +} + diff --git a/view/jot-header.tpl b/view/jot-header.tpl index 3057618b2..77e5bc4bc 100644 --- a/view/jot-header.tpl +++ b/view/jot-header.tpl @@ -79,6 +79,18 @@ tinyMCE.init({ } } ); + var file_uploader = new window.AjaxUpload( + 'wall-file-upload', + { action: 'wall_attach/$nickname', + name: 'userfile', + onSubmit: function(file,ext) { $('#profile-rotator').show(); }, + onComplete: function(file,response) { + tinyMCE.execCommand('mceInsertRawHTML',false,response); + $('#profile-rotator').hide(); + } + } + ); + $('#contact_allow, #contact_deny, #group_allow, #group_deny').change(function() { var selstr; $('#contact_allow option:selected, #contact_deny option:selected, #group_allow option:selected, #group_deny option:selected').each( function() { diff --git a/view/jot.tpl b/view/jot.tpl index 0c9883b11..e2dd6d960 100644 --- a/view/jot.tpl +++ b/view/jot.tpl @@ -23,6 +23,10 @@
+
+
+
+ diff --git a/view/theme/duepuntozero/style.css b/view/theme/duepuntozero/style.css index 79a298d43..f202e9ff5 100644 --- a/view/theme/duepuntozero/style.css +++ b/view/theme/duepuntozero/style.css @@ -226,8 +226,10 @@ div.wall-item-content-wrapper.shiny { #profile-link, #profile-title, #wall-image-upload, +#wall-file-upload, #profile-upload-wrapper, #wall-image-upload-div, +#wall-file-upload-div, .hover, .focus { cursor: pointer; } @@ -1136,7 +1138,10 @@ input#dfrn-url { float: left; margin-left: 30px; } - +#profile-attach-wrapper { + float: left; + margin-left: 30px; +} #profile-rotator { float: left; margin-left: 30px;