upload.php

   1 <?php
   2
   3 require_once __DIR__ . '/db.php';
   4 require_once __DIR__ . '/auth.php';
   5 require_once __DIR__ . '/uuid.php';
   6
   7 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
   8   $user = check_auth();
   9   $db = get_db();
  10   $db->exec('BEGIN TRANSACTION');
  11   $post_id = uuid_v4();
  12   $post_time = time();
  13   $images = $_FILES['image'];
  14   $num_files = count($images['name']);
  15   for ($i = 0; $i < $num_files; $i++) {
  16     $name = $images['name'][$i];
  17     $mime_type = $images['type'][$i];
  18     $tmp_file = $images['tmp_name'][$i];
  19     $error = $images['error'][$i];
  20     if($error != '0') {
  21       http_response_code(400);
  22       die('Upload error');
  23     }
  24     $size = $images['size'][$i];
  25
  26     // imagemagick manip code
  27     $img = new Imagick($tmp_file);
  28     // no compression
  29     $img->setImageCompressionQuality(100);
  30     $profiles = $img->getImageProfiles("icc", true);
  31     $exif_orientation = $img->getImageOrientation();
  32
  33     // STRIP EXIF DATA
  34     $img->stripImage();
  35
  36     // REAPPLY EXIF DATA
  37     if($exif_orientation === imagick::ORIENTATION_BOTTOMRIGHT) {
  38       $img->rotateImage("#000", 180);
  39     } elseif ($exif_orientation === imagick::ORIENTATION_RIGHTTOP) {
  40       $img->rotateImage("#000", 90);
  41     } elseif ($exif_orientation === imagick::ORIENTATION_LEFTBOTTOM) {
  42       $img->rotateImage("#000", -90);
  43     }
  44     $img->setImageOrientation(imagick::ORIENTATION_TOPLEFT);
  45     if(!empty($profiles)) {
  46       // keep ICC for quality
  47       $img->profileImage('icc', $profiles['icc']);
  48     }
  49
  50     $file_b64 = base64_encode($img->getImageBlob());
  51     $pic_id = uuid_v4();
  52     $upload_stmt = $db->prepare('INSERT into pics values (:id, :post_id, :mime_type, :b64_bytes)');
  53     $upload_stmt->bindValue(':id', $pic_id);
  54     $upload_stmt->bindValue(':post_id', $post_id);
  55     $upload_stmt->bindValue(':mime_type', $mime_type);
  56     $upload_stmt->bindValue(':b64_bytes', $file_b64);
  57     $upload_stmt->execute();
  58
  59     echo "<img src='data:{$mime_type};base64,{$file_b64}' alt='$name'/>";
  60   }
  61
  62   $post_stmt = $db->prepare('INSERT into posts VALUES(:id, :user, :time)');
  63   $post_stmt->bindValue(':id', $post_id);
  64   $post_stmt->bindValue(':user', $user);
  65   $post_stmt->bindValue(':time', $post_time);
  66
  67   $comment_stmt = $db->prepare('INSERT into comments VALUES (:id, :post_id, :body)');
  68   $comment_stmt->bindValue(':id', uuid_v4());
  69   $comment_stmt->bindValue(':post_id', $post_id);
  70   $comment_stmt->bindValue(':body', $_POST['comment'] ?? '');
  71   $comment_stmt->execute();
  72   $post_stmt->execute();
  73
  74   $db->exec('COMMIT');
  75 } else {
  76 echo '
  77   <html>
  78     <body>
  79       <form enctype="multipart/form-data" method="POST" action="upload">
  80         <label>Pick Images:<input type="file" id="upload" name="image[]" multiple>
  81         </input></label>
  82         <br/>
  83         <textarea id="comment" name="comment" placeholder="Title/comment your post"></textarea>
  84         <br/>
  85         <input type="submit" value="Upload"/>
  86       </form>
  87     </body>
  88   </html>
  89 ';
  90 }