diff --git a/app/image.class.php b/app/image.class.php index 769a37f..a28bfb2 100755 --- a/app/image.class.php +++ b/app/image.class.php @@ -93,44 +93,23 @@ class Image $imgt($old_image, $source_path); } - public static function upload($name, $data){ - ini_set('memory_limit', '128M'); - - $photo = null; - $ext = null; - - if($data){ - preg_match('/^data\:image\/(jpe?g|png|gif)\;base64,(.*)$/', $data, $m); - - if(!$m){ - throw new Exception("Invalid file."); - } - - $ext = $m[1]; - if($ext == "jpeg") $ext = "jpg"; - - // Decode photo - $photo = base64_decode($m[2]); - } - - if($_FILES){ - $photo = file_get_contents($_FILES["file"]["tmp_name"]); - $name = $_FILES['file']['name']; - $ext = pathinfo($name, PATHINFO_EXTENSION); - } - - if(!$_FILES && !$data){ + public static function upload(){ + if(!$_FILES){ throw new Exception("No file."); } - + // Create MD5 - $md5 = md5($photo); + $md5 = md5_file($_FILES['file']['tmp_name']); // Find duplicate if($d = DB::get_instance()->query("SELECT `path`, `thumb` FROM `images` WHERE `md5` = ? AND `status` = 1 LIMIT 1", $md5)->first()){ return $d; } + // Get metadata + $name = $_FILES['file']['name']; + $ext = pathinfo($name, PATHINFO_EXTENSION); + // Save to DB $id = DB::get_instance()->query( "INSERT INTO `images` ". @@ -145,13 +124,18 @@ class Image $thumb = 't/'.$name; // Save path - if(false === file_put_contents($path, $photo)){ + if(!move_uploaded_file($_FILES['file']['tmp_name'], $path)){ DB::get_instance()->query("UPDATE `images` SET `status` = 0 WHERE `id` = ?", $id); throw new Exception("Can't write to image folders `i` and `t`."); } // Create thumb - self::thumb($path, $thumb); + if(!self::thumb($path, $thumb)){ + DB::get_instance()->query("UPDATE `images` SET `status` = 0 WHERE `id` = ?", $id); + unlink($path); + unlink($thumb); + throw new Exception("File is not image."); + } // Save to DB DB::get_instance()->query("UPDATE `images` SET `path` = ?, `thumb` = ?, `status` = 1 WHERE `id` = ?", $path, $thumb, $id); diff --git a/config.ini b/config.ini index 5b145fa..44f9537 100755 --- a/config.ini +++ b/config.ini @@ -38,6 +38,6 @@ pass = demo [system] system_name = blog -version = 1.17 +version = 1.18 debug = true logs = false \ No newline at end of file diff --git a/static/scripts/app.js b/static/scripts/app.js index 39e1e75..35dbe5b 100755 --- a/static/scripts/app.js +++ b/static/scripts/app.js @@ -519,21 +519,24 @@ $.fn.apply_edit = function(data){ autosize($(modal.find(".e_text"))); },0); - var file_data = modal.find(".photo_upload"); - $(file_data).change(function(){ + var upload_image = function(file) { + if(file.type.match(/image/) === null){ + $("body").error_msg("Only images can be uploaded."); + return ; + } + var form_data = new FormData(); - form_data.append('file', file_data[0].files[0]); - + form_data.append('file', file); + add_content_loading(); - $.ajax({ - dataType: 'json', - url: 'ajax.php?action=upload_image', + $.post({ + dataType: "json", + url: "ajax.php?action=upload_image", cache: false, contentType: false, processData: false, data: form_data, - type: 'post', success: function(data){ if(data.error){ $("body").error_msg(data.msg); @@ -544,6 +547,11 @@ $.fn.apply_edit = function(data){ add_content("image", data); } }); + } + + var file_data = modal.find(".photo_upload"); + $(file_data).change(function(){ + upload_image(file_data[0].files[0]); }); if(data.feeling){ @@ -621,45 +629,8 @@ $.fn.apply_edit = function(data){ // Drag & Drop modal.find(".drop_space").filedrop({ - callback : function(file) { - if(file.size > 5000000){ - $("body").error_msg("File is bigger than 5MB."); - return ; - } - - if(file.type != 'image/png' && file.type != 'image/jpg' && file.type != 'image/gif' && file.type != 'image/jpeg' ){ - $("body").error_msg("Only images can be uploaded."); - return ; - } - - var reader = new FileReader() - reader.onload = function(event) { - add_content_loading(); - - // Parse image - $.post({ - dataType: "json", - url: "ajax.php", - data: { - action: "upload_image", - name: file.name, - data: event.target.result - }, - success: function(data){ - if(data.error){ - $("body").error_msg(data.msg); - remove_content(); - return ; - } - - add_content("image", data); - } - }); - } - reader.readAsDataURL(file); - } - }) - + callback: upload_image + }); }); };