[19804] | 1 | <?php |
---|
| 2 | defined('URLUPLOADER_PATH') or die('Hacking attempt!'); |
---|
| 3 | |
---|
| 4 | function urluploader_ws_add_methods($arr) |
---|
| 5 | { |
---|
| 6 | global $conf; |
---|
| 7 | $service = &$arr[0]; |
---|
| 8 | |
---|
| 9 | $service->addMethod( |
---|
| 10 | 'pwg.images.addRemote', |
---|
| 11 | 'ws_images_addRemote', |
---|
| 12 | array( |
---|
| 13 | 'file_url' => array(), |
---|
| 14 | 'category' => array(), |
---|
| 15 | 'name' => array('default' => null), |
---|
| 16 | 'level' => array( |
---|
| 17 | 'default' => 0, |
---|
| 18 | 'maxValue' => $conf['available_permission_levels'] |
---|
| 19 | ), |
---|
| 20 | ), |
---|
| 21 | 'Add image from remote URL.' |
---|
| 22 | ); |
---|
| 23 | } |
---|
| 24 | |
---|
| 25 | function ws_images_addRemote($params, &$service) |
---|
| 26 | { |
---|
| 27 | global $conf; |
---|
| 28 | |
---|
| 29 | if (!is_admin()) |
---|
| 30 | { |
---|
| 31 | return new PwgError(401, 'Access denied'); |
---|
| 32 | } |
---|
| 33 | |
---|
| 34 | $params = array_map('trim', $params); |
---|
| 35 | |
---|
| 36 | $allowed_extensions = array('jpg','jpeg','png','gif'); |
---|
| 37 | $allowed_mimes = array('image/jpeg', 'image/png', 'image/gif'); |
---|
| 38 | |
---|
| 39 | // check empty url |
---|
| 40 | if (empty($params['file_url'])) |
---|
| 41 | { |
---|
| 42 | return new PwgError(WS_ERR_INVALID_PARAM, 'File URL is empty'); |
---|
| 43 | } |
---|
| 44 | // check remote url |
---|
| 45 | if (!url_is_remote($params['file_url'])) |
---|
| 46 | { |
---|
| 47 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid file URL'); |
---|
| 48 | } |
---|
| 49 | // check file extension |
---|
| 50 | if (!in_array(strtolower(get_extension($params['file_url'])), $allowed_extensions)) |
---|
| 51 | { |
---|
| 52 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid file type'); |
---|
| 53 | } |
---|
| 54 | |
---|
| 55 | // download file |
---|
| 56 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
| 57 | |
---|
| 58 | $temp_filename = $conf['data_location'].basename($params['file_url']); |
---|
| 59 | $file = fopen($temp_filename, 'w+'); |
---|
| 60 | $result = fetchRemote($params['file_url'], $file); |
---|
| 61 | fclose($file); |
---|
| 62 | |
---|
| 63 | // download failed ? |
---|
| 64 | if (!$result) |
---|
| 65 | { |
---|
| 66 | @unlink($temp_filename); |
---|
| 67 | return new PwgError(WS_ERR_INVALID_PARAM, 'Unable to download file'); |
---|
| 68 | } |
---|
| 69 | // check mime-type |
---|
| 70 | if (!in_array(get_mime($temp_filename, $allowed_mimes[0]), $allowed_mimes)) |
---|
| 71 | { |
---|
| 72 | @unlink($temp_filename); |
---|
| 73 | return new PwgError(WS_ERR_INVALID_PARAM, 'Invalid file type'); |
---|
| 74 | } |
---|
| 75 | |
---|
| 76 | // add photo |
---|
| 77 | include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php'); |
---|
| 78 | |
---|
| 79 | $image_id = add_uploaded_file( |
---|
| 80 | $temp_filename, |
---|
| 81 | basename($temp_filename), |
---|
| 82 | array($params['category']), |
---|
| 83 | $params['level'] |
---|
| 84 | ); |
---|
| 85 | |
---|
| 86 | if (!empty($params['name'])) |
---|
| 87 | { |
---|
| 88 | single_update( |
---|
| 89 | IMAGES_TABLE, |
---|
| 90 | array('name'=>$params['name']), |
---|
| 91 | array('id' => $image_id) |
---|
| 92 | ); |
---|
| 93 | } |
---|
| 94 | |
---|
| 95 | |
---|
| 96 | // return infos |
---|
| 97 | $query = ' |
---|
| 98 | SELECT id, name, permalink |
---|
| 99 | FROM '.CATEGORIES_TABLE.' |
---|
| 100 | WHERE id = '.$params['category'].' |
---|
| 101 | ;'; |
---|
| 102 | $category = pwg_db_fetch_assoc(pwg_query($query)); |
---|
| 103 | |
---|
| 104 | $url_params = array( |
---|
| 105 | 'image_id' => $image_id, |
---|
| 106 | 'section' => 'categories', |
---|
| 107 | 'category' => $category, |
---|
| 108 | ); |
---|
| 109 | |
---|
| 110 | $query = ' |
---|
| 111 | SELECT id, path |
---|
| 112 | FROM '.IMAGES_TABLE.' |
---|
| 113 | WHERE id = '.$image_id.' |
---|
| 114 | ;'; |
---|
| 115 | $image_infos = pwg_db_fetch_assoc(pwg_query($query)); |
---|
| 116 | |
---|
| 117 | return array( |
---|
| 118 | 'image_id' => $image_id, |
---|
| 119 | 'url' => make_picture_url($url_params), |
---|
| 120 | 'thumbnail_url' => preg_replace('#^'.PHPWG_ROOT_PATH.'#', './', DerivativeImage::thumb_url($image_infos)), |
---|
| 121 | ); |
---|
| 122 | } |
---|
| 123 | |
---|
| 124 | ?> |
---|