james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/shish/shimmie2 into develop

Browse Source
This commit is contained in:
Shish 2015-01-24 16:44:33 +00:00
commit b47e4aacb1
1 changed files with 65 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

130
ext/ouroboros_api/main.php
View File

@ -123,7 +123,7 @@ class _SafeOuroborosImage
* Post tags * Post tags
* @var string * @var string
*/ */
public $tags = ''; public $tags = 'tagme';
/** /**
* Flag if the post has child posts * Flag if the post has child posts
* @var bool * @var bool
@ -265,13 +265,18 @@ class OuroborosPost extends _SafeOuroborosImage
/** /**
* Initialize an OuroborosPost for creation * Initialize an OuroborosPost for creation
* Mainly just acts as a wrapper and validation layer * Mainly just acts as a wrapper and validation layer
* @TODO implement more validation from OuroborosAPI * @param array $post
* @param array $post * @param string $md5
*/ */
public function __construct(array $post) public function __construct(array $post, $md5 = '')
{ {
if (array_key_exists('tags', $post)) { if (array_key_exists('tags', $post)) {
$this->tags = $post['tags']; $this->tags = Tag::implode(
array_map(
array('Tag', 'sanitise'),
Tag::explode(urldecode($post['tags']))
)
);
} }
if (array_key_exists('file', $post)) { if (array_key_exists('file', $post)) {
if (!is_null($post['file'])) { if (!is_null($post['file'])) {
@ -290,22 +295,46 @@ class OuroborosPost extends _SafeOuroborosImage
$this->rating = $post['rating']; $this->rating = $post['rating'];
} }
if (array_key_exists('source', $post)) { if (array_key_exists('source', $post)) {
$this->file_url = $post['source']; $this->file_url = filter_var(
urldecode($post['source']),
FILTER_SANITIZE_URL
);
} }
if (array_key_exists('sourceurl', $post)) { if (array_key_exists('sourceurl', $post)) {
$this->source = $post['sourceurl']; $this->source = filter_var(
urldecode($post['sourceurl']),
FILTER_SANITIZE_URL
);
} }
if (array_key_exists('description', $post)) { if (array_key_exists('description', $post)) {
$this->description = $post['description']; $this->description = filter_var(
$post['description'],
FILTER_SANITIZE_STRING
);
} }
if (array_key_exists('is_rating_locked', $post)) { if (array_key_exists('is_rating_locked', $post)) {
assert(
$post['is_rating_locked'] == 'true' ||
$post['is_rating_locked'] == 'false' ||
$post['is_rating_locked'] == '1' ||
$post['is_rating_locked'] == '0'
);
$this->is_rating_locked = $post['is_rating_locked']; $this->is_rating_locked = $post['is_rating_locked'];
} }
if (array_key_exists('is_note_locked', $post)) { if (array_key_exists('is_note_locked', $post)) {
assert(
$post['is_note_locked'] == 'true' ||
$post['is_note_locked'] == 'false' ||
$post['is_note_locked'] == '1' ||
$post['is_note_locked'] == '0'
);
$this->is_note_locked = $post['is_note_locked']; $this->is_note_locked = $post['is_note_locked'];
} }
if (array_key_exists('parent_id', $post)) { if (array_key_exists('parent_id', $post)) {
$this->parent_id = $post['parent_id']; $this->parent_id = filter_var(
$post['parent_id'],
FILTER_SANITIZE_NUMBER_INT
);
} }
} }
} }
@ -330,6 +359,7 @@ class OuroborosAPI extends Extension
{ {
private $event; private $event;
private $type; private $type;
const HEADER_HTTP_200 = 'OK'; const HEADER_HTTP_200 = 'OK';
const MSG_HTTP_200 = 'Request was successful'; const MSG_HTTP_200 = 'Request was successful';
@ -365,6 +395,7 @@ class OuroborosAPI extends Extension
const ERROR_POST_CREATE_MD5 = 'MD5 mismatch'; const ERROR_POST_CREATE_MD5 = 'MD5 mismatch';
const ERROR_POST_CREATE_DUPE = 'Duplicate'; const ERROR_POST_CREATE_DUPE = 'Duplicate';
const OK_POST_CREATE_UPDATE = 'Updated';
public function onPageRequest(PageRequestEvent $event) public function onPageRequest(PageRequestEvent $event)
{ {
@ -384,50 +415,9 @@ class OuroborosAPI extends Extension
if ($event->page_matches('post')) { if ($event->page_matches('post')) {
if ($this->match('create')) { if ($this->match('create')) {
// Create // Create
// @TODO Should move the validation logic into OuroborosPost instead?
if ($user->can("create_image")) { if ($user->can("create_image")) {
$post = array(
'tags' => !empty($_REQUEST['post']['tags']) ? Tag::implode(
array_map(
array('Tag', 'sanitise'),
Tag::explode(urldecode($_REQUEST['post']['tags']))
)
) : 'tagme',
'file' => !empty($_REQUEST['post']['file']) ? filter_var(
$_REQUEST['post']['file'],
FILTER_UNSAFE_RAW
) : null,
'rating' => !empty($_REQUEST['post']['rating']) ? filter_var(
$_REQUEST['post']['rating'],
FILTER_SANITIZE_NUMBER_INT
) : 'q',
'source' => !empty($_REQUEST['post']['source']) ? filter_var(
urldecode($_REQUEST['post']['source']),
FILTER_SANITIZE_URL
) : null,
'sourceurl' => !empty($_REQUEST['post']['sourceurl']) ? filter_var(
urldecode($_REQUEST['post']['sourceurl']),
FILTER_SANITIZE_URL
) : '',
'description' => !empty($_REQUEST['post']['description']) ? filter_var(
$_REQUEST['post']['description'],
FILTER_SANITIZE_STRING
) : '',
'is_rating_locked' => !empty($_REQUEST['post']['is_rating_locked']) ? filter_var(
$_REQUEST['post']['is_rating_locked'],
FILTER_SANITIZE_NUMBER_INT
) : false,
'is_note_locked' => !empty($_REQUEST['post']['is_note_locked']) ? filter_var(
$_REQUEST['post']['is_note_locked'],
FILTER_SANITIZE_NUMBER_INT
) : false,
'parent_id' => !empty($_REQUEST['post']['parent_id']) ? filter_var(
$_REQUEST['post']['parent_id'],
FILTER_SANITIZE_NUMBER_INT
) : null,
);
$md5 = !empty($_REQUEST['md5']) ? filter_var($_REQUEST['md5'], FILTER_SANITIZE_STRING) : null; $md5 = !empty($_REQUEST['md5']) ? filter_var($_REQUEST['md5'], FILTER_SANITIZE_STRING) : null;
$this->postCreate(new OuroborosPost($post), $md5); $this->postCreate(new OuroborosPost($_REQUEST['post']), $md5);
} else { } else {
$this->sendResponse(403, 'You cannot create new posts'); $this->sendResponse(403, 'You cannot create new posts');
} }
@ -500,7 +490,8 @@ class OuroborosAPI extends Extension
protected function postCreate(OuroborosPost $post, $md5 = '') protected function postCreate(OuroborosPost $post, $md5 = '')
{ {
global $page, $config, $user; global $page, $config, $user;
if (!empty($md5)) { $handler = $config->get_string("upload_collision_handler");
if (!empty($md5) && !($handler == 'merge')) {
$img = Image::by_hash($md5); $img = Image::by_hash($md5);
if (!is_null($img)) { if (!is_null($img)) {
$this->sendResponse(420, self::ERROR_POST_CREATE_DUPE); $this->sendResponse(420, self::ERROR_POST_CREATE_DUPE);
@ -542,8 +533,22 @@ class OuroborosAPI extends Extension
if (!empty($meta['hash'])) { if (!empty($meta['hash'])) {
$img = Image::by_hash($meta['hash']); $img = Image::by_hash($meta['hash']);
if (!is_null($img)) { if (!is_null($img)) {
$this->sendResponse(420, self::ERROR_POST_CREATE_DUPE); $handler = $config->get_string("upload_collision_handler");
return; if($handler == "merge") {
$merged = array_merge(Tag::explode($post->tags), $img->get_tag_array());
send_event(new TagSetEvent($img, $merged));
// This is really the only thing besides tags we should care
if(isset($meta['source'])){
send_event(new SourceSetEvent($img, $meta['source']));
}
$this->sendResponse(200, self::OK_POST_CREATE_UPDATE . ' ID: ' . $img->id);
return;
}
else {
$this->sendResponse(420, self::ERROR_POST_CREATE_DUPE);
return;
}
} }
} }
$meta['extension'] = pathinfo($meta['filename'], PATHINFO_EXTENSION); $meta['extension'] = pathinfo($meta['filename'], PATHINFO_EXTENSION);
@ -573,17 +578,12 @@ class OuroborosAPI extends Extension
protected function postShow($id = null) protected function postShow($id = null)
{ {
if (!is_null($id)) { if (!is_null($id)) {
$image = Image::by_id($id); $post = new _SafeOuroborosImage(Image::by_id($id));
if ( ! $image instanceof Image) { $this->sendData('post', $post);
$this->sendResponse(404, 'ID not found'); } else {
} else { $this->sendResponse(424, 'ID is mandatory');
$post = new _SafeOuroborosImage($image); }
$this->sendData('post', $post); }
}
} else {
$this->sendResponse(424, 'ID is mandatory');
}
}
/** /**
* Wrapper for getting a list of posts * Wrapper for getting a list of posts