| 1 | <?php |
| 2 | |
| 3 | require_once __DIR__ . '/db.php'; |
| 4 | require_once __DIR__ . '/auth.php'; |
| 5 | require_once __DIR__ . '/uuid.php'; |
| 6 | |
| 7 | if ($_SERVER['REQUEST_METHOD'] === 'POST') { |
| 8 | $user = check_auth(); |
| 9 | $db = get_db(); |
| 10 | $db->exec('BEGIN TRANSACTION'); |
| 11 | $post_id = uuid_v4(); |
| 12 | $post_time = time(); |
| 13 | $images = $_FILES['image']; |
| 14 | $num_files = count($images['name']); |
| 15 | for ($i = 0; $i < $num_files; $i++) { |
| 16 | $name = $images['name'][$i]; |
| 17 | $mime_type = $images['type'][$i]; |
| 18 | $tmp_file = $images['tmp_name'][$i]; |
| 19 | $error = $images['error'][$i]; |
| 20 | if($error != '0') { |
| 21 | http_response_code(400); |
| 22 | die('Upload error'); |
| 23 | } |
| 24 | $size = $images['size'][$i]; |
| 25 | |
| 26 | // imagemagick manip code |
| 27 | $img = new Imagick($tmp_file); |
| 28 | // no compression |
| 29 | $img->setImageCompressionQuality(100); |
| 30 | $profiles = $img->getImageProfiles("icc", true); |
| 31 | $exif_orientation = $img->getImageOrientation(); |
| 32 | |
| 33 | // STRIP EXIF DATA |
| 34 | $img->stripImage(); |
| 35 | |
| 36 | // REAPPLY EXIF DATA |
| 37 | if($exif_orientation === imagick::ORIENTATION_BOTTOMRIGHT) { |
| 38 | $img->rotateImage("#000", 180); |
| 39 | } elseif ($exif_orientation === imagick::ORIENTATION_RIGHTTOP) { |
| 40 | $img->rotateImage("#000", 90); |
| 41 | } elseif ($exif_orientation === imagick::ORIENTATION_LEFTBOTTOM) { |
| 42 | $img->rotateImage("#000", -90); |
| 43 | } |
| 44 | $img->setImageOrientation(imagick::ORIENTATION_TOPLEFT); |
| 45 | if(!empty($profiles)) { |
| 46 | // keep ICC for quality |
| 47 | $img->profileImage('icc', $profiles['icc']); |
| 48 | } |
| 49 | |
| 50 | $file_b64 = base64_encode($img->getImageBlob()); |
| 51 | $pic_id = uuid_v4(); |
| 52 | $upload_stmt = $db->prepare('INSERT into pics values (:id, :post_id, :mime_type, :b64_bytes)'); |
| 53 | $upload_stmt->bindValue(':id', $pic_id); |
| 54 | $upload_stmt->bindValue(':post_id', $post_id); |
| 55 | $upload_stmt->bindValue(':mime_type', $mime_type); |
| 56 | $upload_stmt->bindValue(':b64_bytes', $file_b64); |
| 57 | $upload_stmt->execute(); |
| 58 | |
| 59 | echo "<img src='data:{$mime_type};base64,{$file_b64}' alt='$name'/>"; |
| 60 | } |
| 61 | |
| 62 | $post_stmt = $db->prepare('INSERT into posts VALUES(:id, :user, :time)'); |
| 63 | $post_stmt->bindValue(':id', $post_id); |
| 64 | $post_stmt->bindValue(':user', $user); |
| 65 | $post_stmt->bindValue(':time', $post_time); |
| 66 | |
| 67 | $comment_stmt = $db->prepare('INSERT into comments VALUES (:id, :post_id, :body)'); |
| 68 | $comment_stmt->bindValue(':id', uuid_v4()); |
| 69 | $comment_stmt->bindValue(':post_id', $post_id); |
| 70 | $comment_stmt->bindValue(':body', $_POST['comment'] ?? ''); |
| 71 | $comment_stmt->execute(); |
| 72 | $post_stmt->execute(); |
| 73 | |
| 74 | $db->exec('COMMIT'); |
| 75 | } else { |
| 76 | echo ' |
| 77 | <html> |
| 78 | <body> |
| 79 | <form enctype="multipart/form-data" method="POST" action="upload"> |
| 80 | <label>Pick Images:<input type="file" id="upload" name="image[]" multiple> |
| 81 | </input></label> |
| 82 | <br/> |
| 83 | <textarea id="comment" name="comment" placeholder="Title/comment your post"></textarea> |
| 84 | <br/> |
| 85 | <input type="submit" value="Upload"/> |
| 86 | </form> |
| 87 | </body> |
| 88 | </html> |
| 89 | '; |
| 90 | } |