[19804] | 1 | <?php |
---|
| 2 | defined('URLUPLOADER_PATH') or die('Hacking attempt!'); |
---|
| 3 | |
---|
| 4 | function urluploader_ws_add_methods($arr) |
---|
| 5 | { |
---|
| 6 | global $conf; |
---|
| 7 | $service = &$arr[0]; |
---|
| 8 | |
---|
| 9 | $service->addMethod( |
---|
| 10 | 'pwg.images.addRemote', |
---|
| 11 | 'ws_images_addRemote', |
---|
| 12 | array( |
---|
| 13 | 'file_url' => array(), |
---|
| 14 | 'category' => array(), |
---|
| 15 | 'name' => array('default' => null), |
---|
| 16 | 'level' => array( |
---|
| 17 | 'default' => 0, |
---|
| 18 | 'maxValue' => $conf['available_permission_levels'] |
---|
| 19 | ), |
---|
[20407] | 20 | 'url_in_comment' => array('default' => true), |
---|
[19804] | 21 | ), |
---|
[26387] | 22 | 'Add image from remote URL.', |
---|
| 23 | null, |
---|
| 24 | array('admin_only'=>true) |
---|
[19804] | 25 | ); |
---|
| 26 | } |
---|
| 27 | |
---|
| 28 | function ws_images_addRemote($params, &$service) |
---|
| 29 | { |
---|
| 30 | global $conf; |
---|
| 31 | |
---|
| 32 | if (!is_admin()) |
---|
| 33 | { |
---|
| 34 | return new PwgError(401, 'Access denied'); |
---|
| 35 | } |
---|
| 36 | |
---|
[26387] | 37 | load_language('plugin.lang', URLUPLOADER_PATH); |
---|
| 38 | |
---|
[19804] | 39 | $params = array_map('trim', $params); |
---|
| 40 | |
---|
| 41 | $allowed_extensions = array('jpg','jpeg','png','gif'); |
---|
| 42 | $allowed_mimes = array('image/jpeg', 'image/png', 'image/gif'); |
---|
| 43 | |
---|
| 44 | // check empty url |
---|
| 45 | if (empty($params['file_url'])) |
---|
| 46 | { |
---|
[26387] | 47 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('File URL is empty')); |
---|
[19804] | 48 | } |
---|
| 49 | // check remote url |
---|
| 50 | if (!url_is_remote($params['file_url'])) |
---|
| 51 | { |
---|
[26387] | 52 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file URL')); |
---|
[19804] | 53 | } |
---|
| 54 | // check file extension |
---|
| 55 | if (!in_array(strtolower(get_extension($params['file_url'])), $allowed_extensions)) |
---|
| 56 | { |
---|
[26387] | 57 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); |
---|
[19804] | 58 | } |
---|
| 59 | |
---|
| 60 | // download file |
---|
| 61 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
---|
| 62 | |
---|
| 63 | $temp_filename = $conf['data_location'].basename($params['file_url']); |
---|
| 64 | $file = fopen($temp_filename, 'w+'); |
---|
| 65 | $result = fetchRemote($params['file_url'], $file); |
---|
| 66 | fclose($file); |
---|
| 67 | |
---|
| 68 | // download failed ? |
---|
| 69 | if (!$result) |
---|
| 70 | { |
---|
| 71 | @unlink($temp_filename); |
---|
[26387] | 72 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('Unable to download file')); |
---|
[19804] | 73 | } |
---|
| 74 | // check mime-type |
---|
| 75 | if (!in_array(get_mime($temp_filename, $allowed_mimes[0]), $allowed_mimes)) |
---|
| 76 | { |
---|
| 77 | @unlink($temp_filename); |
---|
[26387] | 78 | return new PwgError(WS_ERR_INVALID_PARAM, l10n('Invalid file type')); |
---|
[19804] | 79 | } |
---|
| 80 | |
---|
| 81 | // add photo |
---|
| 82 | include_once(PHPWG_ROOT_PATH.'admin/include/functions_upload.inc.php'); |
---|
| 83 | |
---|
| 84 | $image_id = add_uploaded_file( |
---|
| 85 | $temp_filename, |
---|
| 86 | basename($temp_filename), |
---|
| 87 | array($params['category']), |
---|
| 88 | $params['level'] |
---|
| 89 | ); |
---|
| 90 | |
---|
[20407] | 91 | $updates = array(); |
---|
[19804] | 92 | if (!empty($params['name'])) |
---|
| 93 | { |
---|
[20407] | 94 | $updates['name'] = $params['name']; |
---|
[19804] | 95 | } |
---|
[20407] | 96 | if ($params['url_in_comment']=='true') |
---|
| 97 | { |
---|
| 98 | $url = parse_url($params['file_url']); |
---|
| 99 | $url = $url['scheme'].'://'.$url['host']; |
---|
| 100 | $updates['comment'] = '<a href="'. $url . '">'. $url .'</a>'; |
---|
| 101 | } |
---|
[19804] | 102 | |
---|
[20407] | 103 | single_update( |
---|
| 104 | IMAGES_TABLE, |
---|
| 105 | $updates, |
---|
| 106 | array('id' => $image_id) |
---|
| 107 | ); |
---|
[19804] | 108 | |
---|
[20407] | 109 | |
---|
[19804] | 110 | // return infos |
---|
| 111 | $query = ' |
---|
| 112 | SELECT id, name, permalink |
---|
| 113 | FROM '.CATEGORIES_TABLE.' |
---|
| 114 | WHERE id = '.$params['category'].' |
---|
| 115 | ;'; |
---|
| 116 | $category = pwg_db_fetch_assoc(pwg_query($query)); |
---|
| 117 | |
---|
| 118 | $url_params = array( |
---|
| 119 | 'image_id' => $image_id, |
---|
| 120 | 'section' => 'categories', |
---|
| 121 | 'category' => $category, |
---|
| 122 | ); |
---|
| 123 | |
---|
| 124 | $query = ' |
---|
| 125 | SELECT id, path |
---|
| 126 | FROM '.IMAGES_TABLE.' |
---|
| 127 | WHERE id = '.$image_id.' |
---|
| 128 | ;'; |
---|
| 129 | $image_infos = pwg_db_fetch_assoc(pwg_query($query)); |
---|
| 130 | |
---|
| 131 | return array( |
---|
| 132 | 'image_id' => $image_id, |
---|
| 133 | 'url' => make_picture_url($url_params), |
---|
| 134 | 'thumbnail_url' => preg_replace('#^'.PHPWG_ROOT_PATH.'#', './', DerivativeImage::thumb_url($image_infos)), |
---|
| 135 | ); |
---|
| 136 | } |
---|