Galleries/PHPGallery
1
0
Fork 0
mirror of https://github.com/Fluffy-Bean/image-gallery.git synced 2025-06-05 18:03:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Moved all image controlls to one file

Browse source 
Added option to add tags on upload
Working on .env support
This commit is contained in:
Michał Gdula 2022-09-09 11:41:41 +00:00
parent b6dc491257
commit 3847020ae7
11 changed files with 349 additions and 283 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.env Normal file
View file

@ -0,0 +1 @@
TEST='This is a test string'

79
Gallery/GetEnv.php Normal file
View file

@ -0,0 +1,79 @@
<?php
namespace Gallery;
class GetEnv {
protected $path;
public function __construct(string $path)
{
if(!file_exists($path)) {
throw new \InvalidArgumentException(sprintf('%s does not exist', $path));
}
$this->path = $path;
}
public function load() :void
{
if (!is_readable($this->path)) {
throw new \RuntimeException(sprintf('%s file is not readable', $this->path));
}
$lines = file($this->path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) {
continue;
}
list($name, $value) = explode('=', $line, 2);
$name = trim($name);
$value = trim($value);
if (!array_key_exists($name, $_SERVER) && !array_key_exists($name, $_ENV)) {
putenv(sprintf('%s=%s', $name, $value));
$_ENV[$name] = $value;
$_SERVER[$name] = $value;
}
}
}
}
namespace Aaa;
class GetEnv {
protected $path;
public function __construct(string $path)
{
if(!file_exists($path)) {
throw new \InvalidArgumentException(sprintf('%s does not exist', $path));
}
$this->path = $path;
}
public function load() :void
{
if (!is_readable($this->path)) {
throw new \RuntimeException(sprintf('%s file is not readable', $this->path));
}
$lines = file($this->path, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
foreach ($lines as $line) {
if (strpos(trim($line), '#') === 0) {
continue;
}
list($name, $value) = explode('=', $line, 2);
$name = trim($name);
$value = trim($value);
if (!array_key_exists($name, $_SERVER) && !array_key_exists($name, $_ENV)) {
putenv(sprintf('%s=%s', $name, $value));
$_ENV[$name] = $value;
$_SERVER[$name] = $value;
}
}
}
}

73
app/image/delete_image.php
View file

@ -1,73 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', '<?php echo $root_dir; ?>assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
// nice uwu

52
app/image/edit_author.php
View file

@ -1,52 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
if (isset($_POST['submit'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

71
app/image/edit_description.php
View file

@ -1,71 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

76
app/image/edit_tags.php
View file

@ -1,76 +0,0 @@
<?php
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Tag cleaning
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

247
app/image/image.php Normal file
View file

@ -0,0 +1,247 @@
<?php
session_start();
// Include server connection
include "../server/conn.php";
// Include required checks
include "get_image_info.php";
include "image_privilage.php";
// Required to format tags correctly
include "../format/string_to_tags.php";
/*
|-------------------------------------------------------------
| Delete image
|-------------------------------------------------------------
| This is the scarries code I written. I hate writing anything
| like this, please help
|-------------------------------------------------------------
*/
if (isset($_POST['submit_delete'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Delete from table
$sql = "DELETE FROM swag_table WHERE id = ?";
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "i", $param_id);
// Setting parameters
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
// See if image is in the directory
if (is_file("../../images/".$image_array['imagename'])) {
unlink("../../images/".$image_array['imagename']);
}
// Delete thumbnail if exitsts
if (is_file("../../images/thumbnails/".$image_array['imagename'])) {
unlink("../../images/thumbnails/".$image_array['imagename']);
}
// TP user to the homepage with a success message
?>
<script>
window.location.replace("index.php?del=true&id=<?php echo $_POST['id']; ?>");
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie', 'The image failed to delete off of the servers, contact Fluffy about his terrible programming', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Description
|-------------------------------------------------------------
| This script took probably over 24hours to write, mostly
| because of my stupidity. But it (mostly) works now which is
| good. Reason for all the includes and session_start is due
| to the need of checking if the person owns the image. If this
| check is not done, someone could come by and just edit the
| Jquery code on the front-end and change the image ID. Which
| isnt too great :p
|-------------------------------------------------------------
*/
if (isset($_POST['submit_description'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET alt=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_alt, $param_id);
// Setting parameters
$param_alt = $_POST['input'];
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Description has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to edit this image.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Tags
|-------------------------------------------------------------
| This is so garbage lmfao
|-------------------------------------------------------------
*/
if (isset($_POST['submit_tags'])) {
// Get all image info
$image_array = get_image_info($conn, $_POST['id']);
// If user owns image or has the ID of 1
if (image_privilage($image_array['author']) || $_SESSION['id'] == 1) {
// Clean input
$tags_string = tag_clean(trim($_POST['input']));
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET tags=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_tags, $param_id);
// Setting parameters
$param_tags = $tags_string;
$param_id = $_POST['id'];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'Tags have been modified successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Error :c', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
} else {
?>
<script>
sniffleAdd('Denied', 'It seems that you do not have the right permitions to modify tags here.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
/*
|-------------------------------------------------------------
| Edit Author
|-------------------------------------------------------------
| If this has security problems I'm so fucked
|-------------------------------------------------------------
*/
if (isset($_POST['submit_author'])) {
// If user has the ID of 1
if ($_SESSION['id'] == 1) {
// getting ready forSQL asky asky
$sql = "UPDATE swag_table SET author=? WHERE id=?";
// Checking if databse is doing ok
if ($stmt = mysqli_prepare($conn, $sql)) {
mysqli_stmt_bind_param($stmt, "si", $param_author, $param_id);
// Setting parameters
$param_author = $_POST['input'];
$param_id = $_POST["id"];
// Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) {
?>
<script>
sniffleAdd('Success!!!', 'The Author has been updated successfully! You may need to refresh the page to see the new information.', 'var(--green)', 'assets/icons/check.svg');
flyoutClose();
</script>
<?php
} else {
?>
<script>
sniffleAdd('Oopsie....', 'An error occured on the servers', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}
} else {
?>
<script>
sniffleAdd('Denied', 'Sussy wussy.', 'var(--red)', 'assets/icons/cross.svg');
flyoutClose();
</script>
<?php
}
}

10
app/image/upload_image.php
View file

@ -9,6 +9,8 @@
session_start(); session_start();
// Include server connection // Include server connection
include "../server/conn.php"; include "../server/conn.php";
// Required to format tags correctly before upload
include "../format/string_to_tags.php";
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
if (isset($_SESSION['id'])) { if (isset($_SESSION['id'])) {
@ -21,6 +23,9 @@ if (isset($_POST['submit'])) {
$image_newname = "IMG_".$_SESSION["username"]."_".round(microtime(true)).".".$file_type; $image_newname = "IMG_".$_SESSION["username"]."_".round(microtime(true)).".".$file_type;
$image_path = $dir.$image_newname; $image_path = $dir.$image_newname;
// Clean tags
$tags = tag_clean(trim($_POST['tags']));
// Allowed file types // Allowed file types
$allowed_types = array('jpg', 'jpeg', 'png', 'webp'); $allowed_types = array('jpg', 'jpeg', 'png', 'webp');
if (in_array($file_type, $allowed_types)) { if (in_array($file_type, $allowed_types)) {
@ -40,16 +45,17 @@ if (isset($_POST['submit'])) {
} }
// Prepare sql for destruction and filtering the sus // Prepare sql for destruction and filtering the sus
$sql = "INSERT INTO swag_table (imagename, alt, author) VALUES (?, ?, ?)"; $sql = "INSERT INTO swag_table (imagename, alt, tags, author) VALUES (?, ?, ?, ?)";
if ($stmt = mysqli_prepare($conn, $sql)) { if ($stmt = mysqli_prepare($conn, $sql)) {
// Bind the smelly smelly // Bind the smelly smelly
mysqli_stmt_bind_param($stmt, "sss", $param_image_name, $param_alt_text, $param_user_id); mysqli_stmt_bind_param($stmt, "ssss", $param_image_name, $param_alt_text, $param_tags, $param_user_id);
// Setting up parameters // Setting up parameters
$param_image_name = $image_newname; $param_image_name = $image_newname;
$param_alt_text = $_POST['alt']; $param_alt_text = $_POST['alt'];
$param_user_id = $_SESSION['id']; $param_user_id = $_SESSION['id'];
$param_tags = $tags;
// Attempt to execute the prepared statement // Attempt to execute the prepared statement
if (mysqli_stmt_execute($stmt)) { if (mysqli_stmt_execute($stmt)) {

3
app/settings/user_settings.json
View file

@ -22,7 +22,8 @@
"The weather is dry", "The weather is dry",
"Need me a man 👀", "Need me a man 👀",
"Gods die too.", "Gods die too.",
"Eat hotchip and lie" "Eat hotchip and lie",
"The world will not be destroyed by those who do evil, but by those who watch them and do nothing."
], ],
"license":"GPL 3.0", "license":"GPL 3.0",
"database": { "database": {

16
image.php
View file

@ -251,9 +251,9 @@
$("#deleteConfirm").submit(function(event) { $("#deleteConfirm").submit(function(event) {
event.preventDefault(); event.preventDefault();
var deleteSubmit = $("#deleteSubmit").val(); var deleteSubmit = $("#deleteSubmit").val();
$("#sniffle").load("app/image/delete_image.php", { $("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>, id: <?php echo $_GET['id']; ?>,
submit: deleteSubmit submit_delete: deleteSubmit
}); });
}); });
}); });
@ -285,10 +285,10 @@
event.preventDefault(); event.preventDefault();
var descriptionInput = $("#descriptionInput").val(); var descriptionInput = $("#descriptionInput").val();
var descriptionSubmit = $("#descriptionSubmit").val(); var descriptionSubmit = $("#descriptionSubmit").val();
$("#sniffle").load("app/image/edit_description.php", { $("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>, id: <?php echo $_GET['id']; ?>,
input: descriptionInput, input: descriptionInput,
submit: descriptionSubmit submit_description: descriptionSubmit
}); });
}); });
}); });
@ -321,10 +321,10 @@
event.preventDefault(); event.preventDefault();
var tagsInput = $("#tagsInput").val(); var tagsInput = $("#tagsInput").val();
var tagsSubmit = $("#tagsSubmit").val(); var tagsSubmit = $("#tagsSubmit").val();
$("#sniffle").load("app/image/edit_tags.php", { $("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>, id: <?php echo $_GET['id']; ?>,
input: tagsInput, input: tagsInput,
submit: tagsSubmit submit_tags: tagsSubmit
}); });
}); });
}); });
@ -355,10 +355,10 @@
event.preventDefault(); event.preventDefault();
var authorInput = $("#authorInput").val(); var authorInput = $("#authorInput").val();
var authorSubmit = $("#authorSubmit").val(); var authorSubmit = $("#authorSubmit").val();
$("#sniffle").load("app/image/edit_author.php", { $("#sniffle").load("app/image/image.php", {
id: <?php echo $_GET['id']; ?>, id: <?php echo $_GET['id']; ?>,
input: authorInput, input: authorInput,
submit: authorSubmit submit_author: authorSubmit
}); });
}); });
}); });

4
upload.php
View file

@ -22,6 +22,9 @@
var alt = $("#alt").val(); var alt = $("#alt").val();
formData.append("alt", alt); formData.append("alt", alt);
// Get ALT // Get ALT
var tags = $("#tags").val();
formData.append("tags", tags);
// Submit data
var submit = $("#submit").val(); var submit = $("#submit").val();
formData.append("submit", submit); formData.append("submit", submit);
@ -71,6 +74,7 @@
<form id="uploadSubmit" class="flex-down between" method="POST" enctype="multipart/form-data"> <form id="uploadSubmit" class="flex-down between" method="POST" enctype="multipart/form-data">
<input id="image" class="btn btn-neutral" type="file" placeholder="select image UwU"> <input id="image" class="btn btn-neutral" type="file" placeholder="select image UwU">
<textarea id="alt" class="btn btn-neutral" placeholder="Description/Alt for image" rows="3"></textarea> <textarea id="alt" class="btn btn-neutral" placeholder="Description/Alt for image" rows="3"></textarea>
<textarea id="tags" class="btn btn-neutral" placeholder="Tags, seperated by white-space" rows="3"></textarea>
<br> <br>
<button id="submit" class="btn btn-good" type="submit"><img class="svg" src="assets/icons/upload.svg">Upload Image</button> <button id="submit" class="btn btn-good" type="submit"><img class="svg" src="assets/icons/upload.svg">Upload Image</button>
</form> </form>