Changeset 8483
- Timestamp:
- Jan 7, 2011, 12:03:31 AM (13 years ago)
- Location:
- extensions/FacebookPlug/Server
- Files:
-
- 11 added
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/FacebookPlug/Server/include/common.php
r8425 r8483 21 21 defined('FACEBOOKPLUG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR); 22 22 23 @set_magic_quotes_runtime(false); // Disable magic_quotes_runtime 24 25 // 26 // addslashes to vars if magic_quotes_gpc is off this is a security 27 // precaution to prevent someone trying to break out of a SQL statement. 28 // 29 if( !@get_magic_quotes_gpc() ) 30 { 31 function sanitize_mysql_kv(&$v, $k) 32 { 33 $v = addslashes($v); 34 } 35 if( is_array( $_GET ) ) 36 { 37 array_walk_recursive( $_GET, 'sanitize_mysql_kv' ); 38 } 39 if( is_array( $_POST ) ) 40 { 41 array_walk_recursive( $_POST, 'sanitize_mysql_kv' ); 42 } 43 if( is_array( $_COOKIE ) ) 44 { 45 array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' ); 46 } 47 } 48 if ( !empty($_SERVER["PATH_INFO"]) ) 49 { 50 $_SERVER["PATH_INFO"] = addslashes($_SERVER["PATH_INFO"]); 51 } 52 23 53 require_once(FACEBOOKPLUG_ROOT_PATH . 'include/constants.php'); 24 54 require_once(FACEBOOKPLUG_ROOT_PATH . 'include/constants_secret.php'); … … 32 62 include(FACEBOOKPLUG_ROOT_PATH . 'include/config_default.php'); 33 63 64 // Log on db 65 fbp_db_log(); 66 34 67 // Init Facebook 35 68 $facebook = new Facebook(array( … … 39 72 )); 40 73 41 //~ print_r($_COOKIE);42 43 44 function d($d)45 {46 echo '<pre>';47 print_r($d);48 echo '</pre>';49 }50 51 74 $session = $facebook->getSession(); 75 //~ var_dump($session); 52 76 // Session based graph API call. 53 77 if (! $session) … … 58 82 ( 59 83 //ici on demande les permissions email, publication sur le mur, et changement du status 60 'req_perms' => 'email,publish_stream,status_update', 84 //'req_perms' => 'email,publish_stream,status_update', 85 'req_perms' => 'publish_stream', 86 'display' => 'popup', 87 'cancel_url' => 'http://'.$_SERVER['HTTP_HOST'].'/'.FBP_VERSION.'/cancel.php' 61 88 )); 62 89 header( 'Request-URI: '.$url ); -
extensions/FacebookPlug/Server/include/config_default.php
r8425 r8483 20 20 21 21 // Temporay upload directory 22 $conf['local_upload_dir'] = dirname(dirname(__FILE__)).'/tmp/_upload'; 22 //~ $conf['local_upload_dir'] = dirname(dirname(__FILE__)).'/tmp/_upload'; 23 $conf['local_upload_dir'] = '/web/piwigo/tmp/_upload'; 23 24 24 // picture_ext : file extensions for picture file, must be a subset of 25 // file_ext 26 $conf['picture_ext'] = array('jpg','JPG','jpeg','JPEG', 27 'png','PNG','gif','GIF'); 28 25 //From http://developers.facebook.com/docs/reference/rest/photos.upload/ 26 // *GIF *JPG *PNG *PSD *TIFF *JP2 *IFF *WBMP *XBM 27 $conf['available_upload_ext'] = array('GIF', 'JPG', 'PNG', 'PSD', 'TIFF', 'JP2', 'IFF', 'WBMP', 'XBM'); 29 28 30 29 ?> -
extensions/FacebookPlug/Server/include/constants.php
r8425 r8483 19 19 // +-----------------------------------------------------------------------+ 20 20 21 //This defines ares on constants_secret.php 21 22 //define('FACEBOOK_APP_ID', '***'); 22 23 //define('FACEBOOK_SECRET', '***'); 24 25 //~ define('FBP_BASE', '***'); 26 //~ define('FBP_USER', '***'); 27 //~ define('FBP_PASSWORD', '***'); 28 //~ define('FBP_HOST', '***'); 23 29 //This defines ares on constants_secret.php 30 31 define('FBP_VERSION', basename(dirname(dirname(__FILE__)))); 32 24 33 ?> -
extensions/FacebookPlug/Server/include/functions.php
r8425 r8483 19 19 // +-----------------------------------------------------------------------+ 20 20 21 defined('FACEBOOKPLUG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR); 22 21 23 function fbp_mkdir($dir) 22 24 { … … 179 181 } 180 182 183 /** 184 * Return basename of the current script 185 * Copy from Piwigo application 186 * Lower case convertion is applied on return value 187 * Return value is without file extention ".php" 188 * 189 * @param void 190 * 191 * @return script basename 192 */ 193 function fbp_script_basename() 194 { 195 global $conf; 196 197 foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value) 198 { 199 if (!empty($_SERVER[$value])) 200 { 201 $filename = strtolower($_SERVER[$value]); 202 $basename = basename($filename, '.php'); 203 if (!empty($basename)) 204 { 205 return $basename; 206 } 207 } 208 } 209 return ''; 210 } 211 212 function fbp_db_query($query) 213 { 214 $result = mysql_query($query); 215 if (!$result) 216 { 217 die('Invalid query: [mysql error '.mysql_errno().'] '.mysql_error()."\n".$query); 218 } 219 } 220 221 function fbp_db_log() 222 { 223 $link = @mysql_connect(FBP_HOST, FBP_USER, FBP_PASSWORD); 224 if (!$link) 225 { 226 die("Can't connect to server"); 227 } 228 if (!mysql_select_db(FBP_BASE, $link)) 229 { 230 die('Connection to server succeed, but it was impossible to connect to database'); 231 } 232 233 fbp_db_query('set names "utf8"'); 234 235 fbp_db_query(" 236 insert into 237 FBP_HISTORY 238 ( 239 VERSION, 240 SCRIPT_NAME, 241 IP, 242 IMAGE_URL, 243 PICTURE_URL, 244 GALLERY_TITLE, 245 PICTURE_TITLE 246 ) 247 values 248 ( 249 '".mysql_real_escape_string(FBP_VERSION)."', 250 '".mysql_real_escape_string(fbp_script_basename())."', 251 '".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."', 252 '".mysql_real_escape_string(@$_GET['u'])."', 253 '".mysql_real_escape_string(@$_GET['pu'])."', 254 '".mysql_real_escape_string(@$_GET['gt'])."', 255 '".mysql_real_escape_string(@$_GET['pt'])."' 256 ); 257 "); 258 } 259 181 260 ?> -
extensions/FacebookPlug/Server/upload_photo.php
r8425 r8483 23 23 require_once 'include/common.php'; 24 24 25 // Check argument 26 !empty($_GET['filename']) or trigger_error('Missing argument!', E_USER_ERROR); 25 ?> 26 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> 27 <html> 28 <head> 29 <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.4.min.js"></script> 30 </head> 31 <body> 32 <center> 33 <div id="loading"><img src="./image/image_85486.gif" alt="Loading"></div> 34 <div id="infos"> 35 <img src="./image/infos.png" alt="Infos"> 36 <a id ="info_a" href="" onclick="window.open(this.href); return false;"> 37 <img src="<?php echo addslashes($_GET['u']) ?>" alt="Image" style="height:50px"> 38 </a> 39 </div> 40 <div id="errors"> 41 <img src="./image/errors.png" alt="Error"> 42 <textearea id="error_result"></textearea> 43 </div> 44 </center> 45 46 <script type="text/javascript"> 47 $(document).ready(function () { 48 $("#errors").hide(); 49 $("#infos").hide(); 50 $.get( 51 './do_upload_photo.php', 52 {u:"<?php echo addslashes($_GET['u']) ?>", pu: "<?php echo addslashes($_GET['pu']) ?>", pt: "<?php echo addslashes($_GET['pt']) ?>", gt: "<?php echo addslashes($_GET['gt']) ?>"}, 53 function(data) { 54 $("#loading").hide(); 55 is_ok = ! isNaN(data); 56 if (is_ok) 57 { 58 div_id = "#infos"; 59 fb_photo_page = 'http://www.facebook.com/photo.php?fbid='+data; 60 $('#info_a').attr('href', fb_photo_page); 61 } 62 else 63 { 64 div_id = "#errors"; 65 $('#error_result').html(data); 66 } 67 $(div_id).show(); 68 $(div_id).fadeOut(3000, function () 69 { 70 if (is_ok) { window.open(fb_photo_page); } 71 window.close(); 72 }); 73 }); 74 }); 75 </script> 76 <!-- google-analytics --> 77 <script type="text/javascript"> 78 var _gaq = _gaq || []; 79 _gaq.push(['_setAccount', 'UA-2272624-7']); 80 _gaq.push(['_trackPageview']); 27 81 28 /*try 29 { 30 //~ $fbme = null;31 $uid = $facebook->getUser();32 $fbme = $facebook->api('/me');82 (function() { 83 var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; 84 ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; 85 var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); 86 })(); 33 87 34 $param = array( 35 'method' => 'users.getinfo', 36 //~ 'uids' => $fbme['id'], 37 'uids' => $uid, 38 'fields' => 'name,current_location,profile_url', 39 'callback' => '' 40 ); 41 $userInfo = $facebook->api($param); 42 d($userInfo); 43 } 44 catch (FacebookApiException $e) 45 { 46 d($e); 47 }*/ 48 49 fbp_mkdir($conf['local_upload_dir']); 50 51 //~ try { 52 //~ $statusUpdate = $facebook->api('/me/feed', 'post', array('message'=> $fbme['name'].' a mis à jour son status par Piwigo en test sur FB', 'cb' => '')); 53 //~ echo "Status mis à jour"; 54 //~ } catch (FacebookApiException $e) { 55 //~ d($e); 56 //~ } 57 58 //~ try { 59 //~ $result = $facebook->api('/me/albums', 'post', array('name' => 'Piwigo', 'message'=> 'Test')); 60 //~ d($result); 61 //~ echo "Album créé"; 62 //~ } catch (FacebookApiException $e) { 63 //~ d($e); 64 //~ } 65 66 $filename = $_GET['filename']; 67 $local_filename = $conf['local_upload_dir'].'/'.basename($filename); 68 69 @unlink($local_filename); 70 71 @set_time_limit(0); 72 73 //~ copy($filename, $local_filename); 74 if ($handle = @fopen($local_filename, 'wb') and fbp_fetchRemote($filename, $handle)) 75 { 76 fclose($handle); 77 } 78 79 if (is_file($local_filename)) 80 { 81 try 82 { 83 $facebook->setFileUploadSupport(true); 84 //~ $result = $facebook->api('/me/photos', 'post', array('source' => '@./tmp/_upload/'.basename($local_filename))); 85 $result = $facebook->api('/me/photos', 'post', array('source' => '@'.$local_filename)); 86 //~ d($result); 87 unlink($local_filename); 88 } 89 catch (FacebookApiException $e) 90 { 91 d($e); 92 } 93 94 } 95 else 96 { 97 trigger_error('$filename not uploaded', E_USER_ERROR); 98 } 99 100 // check extension 101 // changer le nom de l'image 102 103 ?> 88 </script> 89 <!-- google-analytics --> 90 </body> 91 </html>
Note: See TracChangeset
for help on using the changeset viewer.