-
Notifications
You must be signed in to change notification settings - Fork 1
/
upload.php
100 lines (100 loc) · 3.37 KB
/
upload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
<head>
<title>
<?php
include 'config.php';
echo "$title";
?>
</title>
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="favorite icon" href="favicon.png" />
</title>
</head>
<body id="upload">
<?php
$link = mysql_connect($mysql_host, $mysql_user, $mysql_password) or die('Could not connect: ' . mysql_error());
mysql_select_db($mysql_database) or die('Could not select database');
?>
<div id="header">
<span style="font-size: 25px; font-weight: bold"><?php echo "$title"; ?></span>
<div id="navbar">
<a href="index.php">Home</a>
<a href="search.php?s=new">Newest</a>
<a href="upload.php">Upload</a>
<a href="about.php">About</a>
</div>
</div>
<div id="sidebar">
<form action="search.php" method="get">
<div id="searcharea">
<input id="searchbox" name="q" size="22" type="text"
<?php
if(isset($_GET['q']))
echo "value=\"$_GET[q]\"";
?>/><br />
<input id="searchbutton" type="submit" value="Search" />
</div>
</form>
</div>
<div id="content">
<?php
if(!(isset($_FILES['file']) && isset($_POST['tags']))) {
?>
<form enctype="multipart/form-data" action="upload.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value=3000000 />
File: <input name="file" type="file" /><br />
Tags:<br /><textarea name="tags" rows="10" cols="40" /></textarea><br />
<input type="submit" value="Upload" /><br />
</form>
<?php
}
else {
if($_FILES['file']['error'] != 0) {
if($_FILES['file']['error'] == 2)
echo "File too big.";
else
echo "Error uploading file, try again.";
}
else {
$allowed_filetypes = array("gif", "jpg", "jpeg", "png");
$name = $_FILES['file']['name'];
$ext = strtolower(pathinfo($name)['extension']);
if(!in_array($ext, $allowed_filetypes))
echo "Unsupported filetype";
else {
$tags = $_POST['tags'];
echo "<br />\n";
$filename = md5_file($_FILES['file']['tmp_name']) . "$ext";
$result = mysql_query("SELECT `filename` FROM `minibooru` WHERE `filename` = '$filename'") or die(mysql_error());
if(mysql_fetch_array($result))
echo "Duplicate file entry detected\n";
else {
if(!(is_writable($imagedir) && is_writable("thumbs")))
$filename = "";
if($filename && $filename != "" && move_uploaded_file($_FILES['file']['tmp_name'], "$imagedir/$filename")) {
list($width, $height, $type, $attr) = getimagesize("$imagedir/$filename");
$newa = preg_split('/\s+/', $tags);
$newa = array_unique($newa);
sort($newa);
$tags = implode(" ", $newa);
$query = "INSERT INTO `minibooru`
VALUES ( '$filename', ' $tags ', $width, $height, NOW() )";
mysql_query($query) or die(mysql_error());
$image = new Imagick("$imagedir/$filename");
$image->thumbnailImage(200, 200, true);
$image->writeImage("thumbs/$filename");
echo "File uploaded and added to database successfully\n";
}
else {
echo "Could not move file to $imagedir or create thumbnail in thumbs/";
}
}
}
}
}
?>
</div>
</div>
</body>
</html>