james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' of github.com:shish/shimmie2

Browse Source
This commit is contained in:
Shish 2012-06-26 20:24:58 +01:00
commit 19ca8b7b9f
7 changed files with 94 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ext/home/main.php
View File

@ -72,7 +72,7 @@ class Home extends Extension {
$main_links = '[url=site://post/list]Posts[/url] [url=site://comment/list]Comments[/url] [url=site://tags]Tags[/url]';
if(class_exists("Pools")) {$main_links .= ' [url=site://pools]Pools[/url]';}
if(class_exists("Wiki")) {$main_links .= ' [url=site://wiki]Wiki[/url]';}
$main_links .= ' [url=site://ext_doc]>>[/url]';
$main_links .= ' [url=site://ext_doc]Documentation[/url]';
}
$main_links = format_text($main_links);
$main_text = $config->get_string('home_text');

BIN
ext/oekaki/chibipaint.jar
View File

Binary file not shown.

71
ext/oekaki/main.php
View File

@ -10,42 +10,10 @@ class Oekaki extends Extension {
global $user, $page;
if($event->page_matches("oekaki")) {
if(!$user->can("create_image")) {
$this->theme->display_permission_denied();
}
if($user->can("create_image")) {
if($event->get_arg(0) == "create") {
$this->theme->display_page();
}
if($event->get_arg(0) == "upload") {
// FIXME: this allows anyone to upload anything to /data ...
// hardcoding the ext to .png should stop the obvious exploit,
// but more checking may be wise
if(isset($_FILES["picture"])) {
header('Content-type: text/plain');
$file = $_FILES['picture']['name'];
$ext = (strpos($file, '.') === FALSE) ? '' : substr($file, strrpos($file, '.'));
$uploadname = $_SERVER['REMOTE_ADDR'] . "." . time();
$uploadfile = data_path('oekaki_unclaimed/'.$uploadname);
log_info("oekaki", "Uploading file [$uploadname]");
$success = TRUE;
if (isset($_FILES["chibifile"]))
$success = $success && move_uploaded_file($_FILES['chibifile']['tmp_name'], $uploadfile . ".chi");
// hardcode the ext, so nobody can upload "foo.php"
$success = $success && move_uploaded_file($_FILES['picture']['tmp_name'], $uploadfile . ".png"); # $ext);
if ($success) {
echo "CHIBIOK\n";
} else {
echo "CHIBIERROR\n";
}
}
else {
echo "CHIBIERROR No Data\n";
}
$this->theme->display_block();
}
if($event->get_arg(0) == "claim") {
// FIXME: move .chi to data/oekaki/$ha/$hash mirroring images and thumbs
@ -77,13 +45,44 @@ class Oekaki extends Extension {
}
}
}
if($event->get_arg(0) == "upload") {
// FIXME: this allows anyone to upload anything to /data ...
// hardcoding the ext to .png should stop the obvious exploit,
// but more checking may be wise
if(isset($_FILES["picture"])) {
header('Content-type: text/plain');
$file = $_FILES['picture']['name'];
$ext = (strpos($file, '.') === FALSE) ? '' : substr($file, strrpos($file, '.'));
$uploadname = $_SERVER['REMOTE_ADDR'] . "." . time();
$uploadfile = data_path('oekaki_unclaimed/'.$uploadname);
log_info("oekaki", "Uploading file [$uploadname]");
$success = TRUE;
if (isset($_FILES["chibifile"]))
$success = $success && move_uploaded_file($_FILES['chibifile']['tmp_name'], $uploadfile . ".chi");
// hardcode the ext, so nobody can upload "foo.php"
$success = $success && move_uploaded_file($_FILES['picture']['tmp_name'], $uploadfile . ".png"); # $ext);
if ($success) {
echo "CHIBIOK\n";
} else {
echo "CHIBIERROR\n";
}
}
else {
echo "CHIBIERROR No Data\n";
}
}
}
}
// FIXME: "edit this image" button on existing images?
function onPostListBuilding(PostListBuildingEvent $event) {
global $user, $page;
global $user;
if($user->can("create_image")) {
$this->theme->display_block($page);
$this->theme->display_block();
}
}
}

18
ext/oekaki/readme.txt
View File

@ -1,6 +1,24 @@
ChibiPaint
Original version of ChibiPaint:
Copyright (c) 2006-2008 Marc Schefer
http://www.chibipaint.com/
Some icons taken from the GNU Image Manipulation Program.
Art contributors: http://git.gnome.org/browse/gimp/tree/AUTHORS
Lapo Calamandrei
Paul Davey
Alexia Death
Aurore Derriennic
Tuomas Kuosmanen
Karl La Rocca
Andreas Nilsson
Ville Pätsi
Mike Schaeffer
Carol Spears
Jakub Steiner
William Szilveszter
This file is part of ChibiPaint.

44
ext/oekaki/theme.php
View File

@ -1,4 +1,8 @@
<?php
// FIXME: Move all the stuff that handles size input to main.php
// FIXME: Move default canvas size to config file; changeable in board config
// While we're here, add maximum and minimum image sizes in config
// Maybe allow the resolution limiter extension to have a say in this
class OekakiTheme extends Themelet {
public function display_page() {
@ -7,29 +11,55 @@ class OekakiTheme extends Themelet {
$base_href = get_base_href();
$http_base = make_http($base_href);
$oekW = $config->get_int("oekaki_width", 400);
$oekH = $config->get_int("oekaki_height", 400);
if(isset($_POST['oekW']) && isset($_POST['oekH'])) {
$oekW = int_escape($_POST['oekW']);
$oekH = int_escape($_POST['oekH']);
}
$html = "
<applet archive='$base_href/ext/oekaki/chibipaint.jar' code='chibipaint.ChibiPaint.class' width='800' height='600'>
<param name='canvasWidth' value='400' />
<param name='canvasHeight' value='300' />
<param name='canvasWidth' value='".$oekW."' />
<param name='canvasHeight' value='".$oekH."' />
<param name='postUrl' value='".make_http(make_link("oekaki/upload"))."' />
<param name='exitUrl' value='".make_http(make_link("oekaki/claim"))."' />
<param name='exitUrlTarget' value='_self' />
JAVA NOT SUPPORTED! <!-- alternative content for users who don't have Java installed -->
JAVA NOT INSTALLED :(<!-- alternative content for users who don't have Java installed -->
</applet>
";
# <param name='loadImage' value='http://yourserver/oekaki/pictures/168.png' />
# <param name='loadChibiFile' value='http://yourserver/oekaki/pictures/168.chi' />
// FIXME: prevent oekaki block from collapsing on click in cerctain themes. This causes canvas reset
$page->set_title("Oekaki");
$page->set_heading("Oekiaki");
$page->set_heading("Oekaki");
$page->add_block(new NavBlock());
$page->add_block(new Block("Oekaki", $html, "main", 20));
}
public function display_block() {
global $page;
$page->add_block(new Block(null, "<a href='".make_link("oekaki/create")."'>Open Oekaki</a>", "left", 21)); // upload is 20
global $config, $page;
//FIXME: input field alignment could be done more elegantly, without inline styling
//FIXME: autocomplete='off' seems to be an invalid HTML tag
$oekW = $config->get_int("oekaki_width", 400);
$oekH = $config->get_int("oekaki_height", 400);
if(isset($_POST['oekW']) && isset($_POST['oekH'])) {
$oekW = int_escape($_POST['oekW']);
$oekH = int_escape($_POST['oekH']);
}
$page->add_block(new Block("Oekaki",
"
<form form enctype='multipart/form-data' action='".make_link("oekaki/create")."' method='POST'>
<input autocomplete='off' style='width: auto;' name='oekW' type='text' size='3' value='".$oekW."'/>".
"x".
"<input autocomplete='off' style='width: auto;' name='oekH' type='text' size='3' value='".$oekH."'/>".
"<input autocomplete='off' type='submit' value='Create!' />
</form>
"
, "left", 21)); // upload is 20
}
}
?>

2
ext/setup/style.css
View File

@ -13,7 +13,7 @@
-moz-column-break-inside: avoid;
-webkit-column-break-inside: avoid;
text-align: center;
width: 100%;
width: 90%;
}
.setupblock TEXTAREA {
width: 100%;

2
ext/upload/theme.php
View File

@ -313,7 +313,7 @@ class UploadTheme extends Themelet {
for($i=0; $i<$upload_count; $i++) {
if($i == 0) $style = ""; // "style='display:visible'";
else $style = "style='display:none'";
$upload_list .= "<input id='data$i' name='data$i' $style onchange=\"$('#data".($i+1)."').show()\" type='file'>\n";
$upload_list .= "<input id='data$i' name='data$i' $style onchange=\"$('#data".($i+1)."').show()\" size='16' type='file'>\n";
}
$max_size = $config->get_int('upload_size');
$max_kb = to_shorthand_int($max_size);