failed-galleries/php-gallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-01-29 17:28:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Moved all image controlls to one file

Browse source 
Added option to add tags on upload
Working on .env support
This commit is contained in:
Michał 2022-09-09 11:41:41 +00:00
parent b6dc491257
commit 3847020ae7
11 changed files with 349 additions and 283 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.env Normal file
View file

@ -0,0 +1 @@
TEST='This is a test string'

79
Gallery/GetEnv.php Normal file
View file

@ -0,0 +1,79 @@
<?php
namespace Gallery;
class GetEnv {
protected $path;
public function __construct(string $path)
{
if(!file_exists($path)) {
throw new \InvalidArgumentException(sprintf('%s does not exist', $path));
}
$this->path = $path;
}
public function load() :void
{
if (!is_readable($this->path)) {
throw new \RuntimeException(sprintf('%s file is not readable', $this->path));
}
$lines = file($this->path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) {
continue;
}
list($name, $value) = explode('=', $line, 2);
$name = trim($name);
$value = trim($value);
if (!array_key_exists($name, $_SERVER) && !array_key_exists($name, $_ENV)) {
putenv(sprintf('%s=%s', $name, $value));
$_ENV[$name] = $value;
$_SERVER[$name] = $value;
}
}
}
}
namespace Aaa;
class GetEnv {
protected $path;
public function __construct(string $path)
{
if(!file_exists($path)) {
throw new \InvalidArgumentException(sprintf('%s does not exist', $path));
}
$this->path = $path;
}
public function load() :void
{
if (!is_readable($this->path)) {
throw new \RuntimeException(sprintf('%s file is not readable', $this->path));
}
$lines = file($this->path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) {
continue;
}
list($name, $value) = explode('=', $line, 2);
$name = trim($name);
$value = trim($value);
if (!array_key_exists($name, $_SERVER) && !array_key_exists($name, $_ENV)) {
putenv(sprintf('%s=%s', $name, $value));
$_ENV[$name] = $value;
$_SERVER[$name] = $value;
}
}
}
}

73
app/image/delete_image.php
View file

@ -1,73 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
// nice uwu

52
app/image/edit_author.php
View file

@ -1,52 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

71
app/image/edit_description.php
View file

@ -1,71 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

76
app/image/edit_tags.php
View file

@ -1,76 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Tag cleaning
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

247
app/image/image.php Normal file
View file

@ -0,0 +1,247 @@
<?php
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Required to format tags correctly
include "../format/string_to_tags.php";
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
if (isset($_POST['submit_delete'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
if (isset($_POST['submit_description'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Tags
|-------------------------------------------------------------
| This is so garbage lmfao
|-------------------------------------------------------------
*/
if (isset($_POST['submit_tags'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
if (isset($_POST['submit_author'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

10
app/image/upload_image.php
View file

@ -9,6 +9,8 @@
session_start();
// Include server connection
include "../server/conn.php";
// Required to format tags correctly before upload
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) {
if (isset($_SESSION['id'])) {
@ -21,6 +23,9 @@ if (isset($_POST['submit'])) {
$image_newname = "IMG_".$_SESSION["username"]."_".round(microtime(true)).".".$file_type;
$image_path = $dir.$image_newname;
// Clean tags
$tags = tag_clean(trim($_POST['tags']));
// Allowed file types
$allowed_types = array('jpg', 'jpeg', 'png', 'webp');
if (in_array($file_type, $allowed_types)) {
@ -40,16 +45,17 @@ if (isset($_POST['submit'])) {
}
// Prepare sql for destruction and filtering the sus
$sql = "INSERT INTO swag_table (imagename, alt, author) VALUES (?, ?, ?)";
$sql = "INSERT INTO swag_table (imagename, alt, tags, author) VALUES (?, ?, ?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind the smelly smelly
mysqli_stmt_bind_param($stmt, "sss", $param_image_name, $param_alt_text, $param_user_id);
mysqli_stmt_bind_param($stmt, "ssss", $param_image_name, $param_alt_text, $param_tags, $param_user_id);
// Setting up parameters
$param_image_name = $image_newname;
$param_alt_text = $_POST['alt'];
$param_user_id = $_SESSION['id'];
$param_tags = $tags;
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {

3
app/settings/user_settings.json
View file

@ -22,7 +22,8 @@
"The weather is dry",
"Need me a man 👀",
"Gods die too.",
"Eat hotchip and lie"
"Eat hotchip and lie",
"The world will not be destroyed by those who do evil, but by those who watch them and do nothing."
],
"license":"GPL 3.0",
"database": {

16
image.php
View file

@ -251,9 +251,9 @@
$("#deleteConfirm").submit(function(event) {
event.preventDefault();
var deleteSubmit = $("#deleteSubmit").val();
$("#sniffle").load("app/image/delete_image.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
submit: deleteSubmit
submit_delete: deleteSubmit
});
});
});
@ -285,10 +285,10 @@
event.preventDefault();
var descriptionInput = $("#descriptionInput").val();
var descriptionSubmit = $("#descriptionSubmit").val();
$("#sniffle").load("app/image/edit_description.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: descriptionInput,
submit: descriptionSubmit
submit_description: descriptionSubmit
});
});
});
@ -321,10 +321,10 @@
event.preventDefault();
var tagsInput = $("#tagsInput").val();
var tagsSubmit = $("#tagsSubmit").val();
$("#sniffle").load("app/image/edit_tags.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: tagsInput,
submit: tagsSubmit
submit_tags: tagsSubmit
});
});
});
@ -355,10 +355,10 @@
event.preventDefault();
var authorInput = $("#authorInput").val();
var authorSubmit = $("#authorSubmit").val();
$("#sniffle").load("app/image/edit_author.php", {
$("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>,
input: authorInput,
submit: authorSubmit
submit_author: authorSubmit
});
});
});

4
upload.php
View file

@ -22,6 +22,9 @@
var alt = $("#alt").val();
formData.append("alt", alt);
// Get ALT
var tags = $("#tags").val();
formData.append("tags", tags);
// Submit data
var submit = $("#submit").val();
formData.append("submit", submit);
@ -71,6 +74,7 @@
<form id="uploadSubmit" class="flex-down between" method="POST" enctype="multipart/form-data">
<input id="image" class="btn btn-neutral" type="file" placeholder="select image UwU">
<textarea id="alt" class="btn btn-neutral" placeholder="Description/Alt for image" rows="3"></textarea>
<textarea id="tags" class="btn btn-neutral" placeholder="Tags, seperated by white-space" rows="3"></textarea>
<br>
<button id="submit" class="btn btn-good" type="submit"><img class="svg" src="assets/icons/upload.svg">Upload Image</button>
</form>