Changeset 8483


Ignore:
Timestamp:
Jan 7, 2011, 12:03:31 AM (10 years ago)
Author:
rub
Message:

Server upload

Location:
extensions/FacebookPlug/Server
Files:
11 added
5 edited

Legend:

Unmodified
Added
Removed
  • extensions/FacebookPlug/Server/include/common.php

    r8425 r8483  
    2121defined('FACEBOOKPLUG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR);
    2222
     23@set_magic_quotes_runtime(false); // Disable magic_quotes_runtime
     24
     25//
     26// addslashes to vars if magic_quotes_gpc is off this is a security
     27// precaution to prevent someone trying to break out of a SQL statement.
     28//
     29if( !@get_magic_quotes_gpc() )
     30{
     31  function sanitize_mysql_kv(&$v, $k)
     32  {
     33    $v = addslashes($v);
     34  }
     35  if( is_array( $_GET ) )
     36  {
     37    array_walk_recursive( $_GET, 'sanitize_mysql_kv' );
     38  }
     39  if( is_array( $_POST ) )
     40  {
     41    array_walk_recursive( $_POST, 'sanitize_mysql_kv' );
     42  }
     43  if( is_array( $_COOKIE ) )
     44  {
     45    array_walk_recursive( $_COOKIE, 'sanitize_mysql_kv' );
     46  }
     47}
     48if ( !empty($_SERVER["PATH_INFO"]) )
     49{
     50  $_SERVER["PATH_INFO"] = addslashes($_SERVER["PATH_INFO"]);
     51}
     52
    2353require_once(FACEBOOKPLUG_ROOT_PATH . 'include/constants.php');
    2454require_once(FACEBOOKPLUG_ROOT_PATH . 'include/constants_secret.php');
     
    3262include(FACEBOOKPLUG_ROOT_PATH . 'include/config_default.php');
    3363
     64// Log on db
     65fbp_db_log();
     66
    3467// Init Facebook
    3568$facebook = new Facebook(array(
     
    3972));
    4073
    41 //~ print_r($_COOKIE);
    42 
    43 
    44 function d($d)
    45 {
    46   echo '<pre>';
    47   print_r($d);
    48   echo '</pre>';
    49 }
    50 
    5174$session = $facebook->getSession();
     75//~ var_dump($session);
    5276// Session based graph API call.
    5377if (! $session)
     
    5882    (
    5983      //ici on demande les permissions email, publication sur le mur, et changement du status
    60       'req_perms' => 'email,publish_stream,status_update',
     84      //'req_perms' => 'email,publish_stream,status_update',
     85      'req_perms' => 'publish_stream',
     86      'display' => 'popup',
     87      'cancel_url' => 'http://'.$_SERVER['HTTP_HOST'].'/'.FBP_VERSION.'/cancel.php'
    6188    ));
    6289  header( 'Request-URI: '.$url );
  • extensions/FacebookPlug/Server/include/config_default.php

    r8425 r8483  
    2020
    2121// Temporay upload directory
    22 $conf['local_upload_dir'] = dirname(dirname(__FILE__)).'/tmp/_upload';
     22//~ $conf['local_upload_dir'] = dirname(dirname(__FILE__)).'/tmp/_upload';
     23$conf['local_upload_dir'] = '/web/piwigo/tmp/_upload';
    2324
    24 // picture_ext : file extensions for picture file, must be a subset of
    25 // file_ext
    26 $conf['picture_ext'] = array('jpg','JPG','jpeg','JPEG',
    27                              'png','PNG','gif','GIF');
    28 
     25//From http://developers.facebook.com/docs/reference/rest/photos.upload/
     26// *GIF *JPG *PNG *PSD *TIFF *JP2 *IFF *WBMP *XBM
     27$conf['available_upload_ext'] = array('GIF', 'JPG', 'PNG', 'PSD', 'TIFF', 'JP2', 'IFF', 'WBMP', 'XBM');
    2928
    3029?>
  • extensions/FacebookPlug/Server/include/constants.php

    r8425 r8483  
    1919// +-----------------------------------------------------------------------+
    2020
     21//This defines ares on constants_secret.php
    2122//define('FACEBOOK_APP_ID', '***');
    2223//define('FACEBOOK_SECRET', '***');
     24
     25//~ define('FBP_BASE', '***');
     26//~ define('FBP_USER', '***');
     27//~ define('FBP_PASSWORD', '***');
     28//~ define('FBP_HOST', '***');
    2329//This defines ares on constants_secret.php
     30
     31define('FBP_VERSION', basename(dirname(dirname(__FILE__))));
     32
    2433?>
  • extensions/FacebookPlug/Server/include/functions.php

    r8425 r8483  
    1919// +-----------------------------------------------------------------------+
    2020
     21defined('FACEBOOKPLUG_ROOT_PATH') or trigger_error('Hacking attempt!', E_USER_ERROR);
     22
    2123function fbp_mkdir($dir)
    2224{
     
    179181}
    180182
     183/**
     184 * Return basename of the current script
     185 * Copy from Piwigo application
     186 * Lower case convertion is applied on return value
     187 * Return value is without file extention ".php"
     188 *
     189 * @param void
     190 *
     191 * @return script basename
     192 */
     193function fbp_script_basename()
     194{
     195  global $conf;
     196
     197  foreach (array('SCRIPT_NAME', 'SCRIPT_FILENAME', 'PHP_SELF') as $value)
     198  {
     199    if (!empty($_SERVER[$value]))
     200    {
     201      $filename = strtolower($_SERVER[$value]);
     202      $basename = basename($filename, '.php');
     203      if (!empty($basename))
     204      {
     205        return $basename;
     206      }
     207    }
     208  }
     209  return '';
     210}
     211
     212function  fbp_db_query($query)
     213{
     214  $result = mysql_query($query);
     215  if (!$result)
     216  {
     217    die('Invalid query: [mysql error '.mysql_errno().'] '.mysql_error()."\n".$query);
     218  }
     219}
     220
     221function fbp_db_log()
     222
     223  $link = @mysql_connect(FBP_HOST, FBP_USER, FBP_PASSWORD);
     224  if (!$link)
     225  {
     226    die("Can't connect to server");
     227  }
     228  if (!mysql_select_db(FBP_BASE, $link))
     229  {
     230    die('Connection to server succeed, but it was impossible to connect to database');
     231  }
     232
     233  fbp_db_query('set names "utf8"');
     234
     235  fbp_db_query("
     236insert into
     237  FBP_HISTORY
     238(
     239  VERSION,
     240  SCRIPT_NAME,
     241  IP,
     242  IMAGE_URL,
     243  PICTURE_URL,
     244  GALLERY_TITLE,
     245  PICTURE_TITLE
     246)
     247values
     248(
     249  '".mysql_real_escape_string(FBP_VERSION)."',
     250  '".mysql_real_escape_string(fbp_script_basename())."',
     251  '".mysql_real_escape_string($_SERVER['REMOTE_ADDR'])."',
     252  '".mysql_real_escape_string(@$_GET['u'])."',
     253  '".mysql_real_escape_string(@$_GET['pu'])."',
     254  '".mysql_real_escape_string(@$_GET['gt'])."',
     255  '".mysql_real_escape_string(@$_GET['pt'])."'
     256);
     257");
     258}
     259
    181260?>
  • extensions/FacebookPlug/Server/upload_photo.php

    r8425 r8483  
    2323require_once 'include/common.php';
    2424
    25 // Check argument
    26 !empty($_GET['filename']) or trigger_error('Missing argument!', E_USER_ERROR);
     25?>
     26<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
     27<html>
     28<head>
     29  <script type="text/javascript" src="http://code.jquery.com/jquery-1.4.4.min.js"></script>
     30</head>
     31<body>
     32  <center>
     33    <div id="loading"><img src="./image/image_85486.gif" alt="Loading"></div>
     34    <div id="infos">
     35      <img src="./image/infos.png" alt="Infos">
     36      <a id ="info_a" href="" onclick="window.open(this.href); return false;">
     37        <img src="<?php echo addslashes($_GET['u']) ?>" alt="Image" style="height:50px">
     38      </a>
     39    </div>
     40    <div id="errors">
     41        <img src="./image/errors.png" alt="Error">
     42        <textearea id="error_result"></textearea>
     43    </div>
     44  </center>
     45 
     46  <script type="text/javascript">
     47    $(document).ready(function () {
     48      $("#errors").hide();
     49      $("#infos").hide();
     50      $.get(
     51      './do_upload_photo.php',
     52      {u:"<?php echo addslashes($_GET['u']) ?>", pu: "<?php echo addslashes($_GET['pu']) ?>", pt: "<?php echo addslashes($_GET['pt']) ?>", gt: "<?php echo addslashes($_GET['gt']) ?>"},
     53      function(data) {
     54        $("#loading").hide();
     55        is_ok = ! isNaN(data);
     56        if (is_ok)
     57        {
     58          div_id = "#infos";
     59          fb_photo_page = 'http://www.facebook.com/photo.php?fbid='+data;
     60          $('#info_a').attr('href', fb_photo_page);
     61        }
     62        else
     63        {
     64          div_id = "#errors";
     65          $('#error_result').html(data);
     66        }
     67        $(div_id).show();
     68        $(div_id).fadeOut(3000, function ()
     69          {
     70            if (is_ok) { window.open(fb_photo_page); }
     71            window.close();
     72          });
     73      });
     74  });
     75  </script>
     76<!-- google-analytics -->
     77<script type="text/javascript">
     78  var _gaq = _gaq || [];
     79  _gaq.push(['_setAccount', 'UA-2272624-7']);
     80  _gaq.push(['_trackPageview']);
    2781
    28 /*try
    29 {
    30   //~ $fbme = null;
    31   $uid = $facebook->getUser();
    32   $fbme = $facebook->api('/me');
     82  (function() {
     83    var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true;
     84    ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
     85    var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
     86  })();
    3387
    34   $param  =   array(
    35      'method'  => 'users.getinfo',
    36      //~ 'uids'       => $fbme['id'],
    37      'uids'       => $uid,
    38      'fields'     => 'name,current_location,profile_url',
    39      'callback'  => ''
    40   );
    41   $userInfo   =   $facebook->api($param);
    42   d($userInfo);
    43 }
    44 catch (FacebookApiException $e)
    45 {
    46   d($e);
    47 }*/
    48 
    49 fbp_mkdir($conf['local_upload_dir']);
    50 
    51   //~ try {
    52         //~ $statusUpdate = $facebook->api('/me/feed', 'post', array('message'=> $fbme['name'].' a mis à jour son status par Piwigo en test sur FB', 'cb' => ''));
    53         //~ echo "Status mis à jour";
    54   //~ } catch (FacebookApiException $e) {
    55         //~ d($e);
    56   //~ }
    57 
    58   //~ try {
    59         //~ $result = $facebook->api('/me/albums', 'post', array('name' => 'Piwigo', 'message'=> 'Test'));
    60         //~ d($result);
    61         //~ echo "Album créé";
    62   //~ } catch (FacebookApiException $e) {
    63         //~ d($e);
    64   //~ }
    65 
    66   $filename = $_GET['filename'];
    67   $local_filename = $conf['local_upload_dir'].'/'.basename($filename);
    68 
    69   @unlink($local_filename);
    70 
    71   @set_time_limit(0);
    72 
    73   //~ copy($filename, $local_filename);
    74   if ($handle = @fopen($local_filename, 'wb') and fbp_fetchRemote($filename, $handle))
    75   {
    76     fclose($handle);
    77   }
    78 
    79   if (is_file($local_filename))
    80   {
    81     try
    82     {
    83       $facebook->setFileUploadSupport(true);
    84       //~ $result = $facebook->api('/me/photos', 'post', array('source' => '@./tmp/_upload/'.basename($local_filename)));
    85       $result = $facebook->api('/me/photos', 'post', array('source' => '@'.$local_filename));
    86       //~ d($result);
    87       unlink($local_filename);
    88      }
    89      catch (FacebookApiException $e)
    90      {
    91       d($e);
    92      }
    93 
    94   }
    95   else
    96   {
    97     trigger_error('$filename not uploaded', E_USER_ERROR);
    98   }
    99 
    100   // check extension
    101   // changer le nom de l'image
    102 
    103 ?>
     88</script>
     89<!-- google-analytics -->
     90</body>
     91</html>
Note: See TracChangeset for help on using the changeset viewer.