--- /dev/null
+pics.db
+pics.tar
+pics.tgz
--- /dev/null
+Requirements:
+- php7.3+
+- php-imagick
+- sqlite3
--- /dev/null
+<?php
+
+require_once 'db.php';
+
+function check_auth() {
+ if (!isset($_SERVER['PHP_AUTH_USER'])) {
+ header('WWW-Authenticate: Basic realm="My Realm"');
+ header('HTTP/1.0 401 Unauthorized');
+ die("You hit cancel");
+ }
+ $db = get_db();
+ $authStmt = $db->prepare('select count(*) as count, username from users where username = :username AND password = :password;');
+ $authStmt->bindValue(':username', $_SERVER['PHP_AUTH_USER']);
+ $authStmt->bindValue(':password', $_SERVER['PHP_AUTH_PW']);
+ $result = $authStmt->execute();
+ if ($result->fetchArray()[0] != 1) {
+ unauthorized_die();
+ }
+ return $_SERVER['PHP_AUTH_USER'];
+}
+
+function unauthorized_die() {
+ header('Location: unauthorized.php');
+ die('Unauthorized');
+}
+
--- /dev/null
+<?php
+
+function get_db($db_name = 'pics.db') {
+ $db = new SQLite3($db_name);
+ $db->exec('PRAGMA journal_mode=WAL;');
+ return $db;
+}
+
--- /dev/null
+<html>
+<a href='upload.php'>Upload</a>
+<?php
+
+require_once __DIR__ . '/db.php';
+
+$db = get_db();
+$pics = $db->query('SELECT * from pics');
+while ($pic = $pics->fetchArray()) {
+ $mime_type = $pic['MIME_TYPE'];
+ $file_b64 = $pic['PIC_B64'];
+ $name = $pic['ID'];
+
+ echo "<img src='data:{$mime_type};base64,{$file_b64}' alt='$name'/>";
+}
+echo '<p>done with pics</p>';
+?>
+<div>footer</div>
+</html>
--- /dev/null
+#!/bin/bash
+
+sqlite3 /opt/pics/pics.db "$(cat ./sql/*)"
--- /dev/null
+CREATE TABLE users (
+ username TEXT NOT NULL UNIQUE,
+ password TEXT NOT NULL
+);
--- /dev/null
+CREATE TABLE posts (
+ ID TEXT PRIMARY KEY,
+ USERNAME TEXT NOT NULL,
+ TIMESTAMP INT NOT NULL,
+ FOREIGN KEY(username) references users(username)
+);
+CREATE TABLE pics (
+ ID TEXT PRIMARY KEY,
+ POST_ID TEXT NOT NULL,
+ MIME_TYPE TEXT NOT NULL,
+ PIC_B64 TEXT NOT NULL,
+ FOREIGN KEY(POST_ID) references posts(id)
+);
+CREATE TABLE comments (
+ ID TEXT PRIMARY KEY,
+ POST_ID TEXT NOT NULL,
+ BODY TEXT NOT NULL,
+ FOREIGN KEY(POST_ID) references posts(id)
+);
--- /dev/null
+<?php
+
+header('HTTP/1.0 401 Unauthorized');
+die('Unauthorized');
--- /dev/null
+<?php
+
+require_once __DIR__ . '/db.php';
+require_once __DIR__ . '/auth.php';
+require_once __DIR__ . '/uuid.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+ $user = check_auth();
+ $db = get_db();
+ $db->exec('BEGIN TRANSACTION');
+ $post_id = uuid_v4();
+ $post_time = time();
+ $images = $_FILES['image'];
+ $num_files = count($images['name']);
+ for ($i = 0; $i < $num_files; $i++) {
+ $name = $images['name'][$i];
+ $mime_type = $images['type'][$i];
+ $tmp_file = $images['tmp_name'][$i];
+ $error = $images['error'][$i];
+ $size = $images['size'][$i];
+ // strip EXIF
+ $img = new Imagick($tmp_file);
+ // keep ICC for quality
+ $profiles = $img->getImageProfiles("icc", true);
+ $img->stripImage();
+ if(!empty($profiles)) {
+ $img->profileImage('icc', $profiles['icc']);
+ }
+
+ $file_b64 = base64_encode($img->getImageBlob());
+ $pic_id = uuid_v4();
+ $upload_stmt = $db->prepare('INSERT into pics values (:id, :post_id, :mime_type, :b64_bytes)');
+ $upload_stmt->bindValue(':id', $pic_id);
+ $upload_stmt->bindValue(':post_id', $post_id);
+ $upload_stmt->bindValue(':mime_type', $mime_type);
+ $upload_stmt->bindValue(':b64_bytes', $file_b64);
+ $upload_stmt->execute();
+
+ echo "<img src='data:{$mime_type};base64,{$file_b64}' alt='$name'/>";
+ }
+
+ $post_stmt = $db->prepare('INSERT into posts VALUES(:id, :user, :time)');
+ $post_stmt->bindValue(':id', $post_id);
+ $post_stmt->bindValue(':user', $user);
+ $post_stmt->bindValue(':time', $post_time);
+ $post_stmt->execute();
+
+ $db->exec('COMMIT');
+} else {
+echo '
+ <html>
+ <body>
+ <form enctype="multipart/form-data" method="POST" action="upload.php">
+ <label>Pick Images:<input type="file" id="upload" name="image[]" multiple>
+ </input></label>
+ <br/>
+ <textarea id="comment" name="comment">Title/comment your post</textarea>
+ <br/>
+ <input type="submit" value="Upload"/>
+ </form>
+ </body>
+ </html>
+';
+}
--- /dev/null
+<?php
+
+// sourced from symfony/uuid-polyfill
+/*
+ Copyright (c) 2018-2019 Fabien Potencier
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy
+ of this software and associated documentation files (the "Software"), to deal
+ in the Software without restriction, including without limitation the rights
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ copies of the Software, and to permit persons to whom the Software is furnished
+ to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in all
+ copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ THE SOFTWARE.
+ */
+
+function uuid_v4() {
+ $uuid = bin2hex(random_bytes(16));
+ return sprintf('%08s-%04s-4%03s-%04x-%012s',
+ substr($uuid, 0, 8),
+ substr($uuid, 8, 4),
+ substr($uuid, 13, 3),
+ hexdec(substr($uuid, 16, 4)) & 0x3fff | 0x8000,
+ substr($uuid, 20, 12)
+ );
+}
projects / pics.git / commitdiff