<?php	  
/*
PHP Image Dump
Copyright (C) 2007  Vidar Løkken <vidarlo@freakforum.nu>

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  */
session_start();
include('init.php'); //Includes some db-config and some vital paths.
$id = "";
$error = "";
/*
The following block decides the timeout before uploading a new picture. A logged in user might be set to a different timeout than a anonymous user.
 */
if (isset($_SESSION['uid'])) {
  if (isset($_COOKIE['last']) && $_COOKIE['last'] >= time()+10) {
    die("-99"); // -99 generates client side warning of time not expired.
  }
} else {
  if (isset($_COOKIE['last']) && $_COOKIE['last'] >= time()+60) {
    die("-99");
  }
}

/*
This block checks whetever the file is bigger than y bytes. If it's bigger than y bytes, return a -2 error, which should generate appropriate client side error.

Same goes if PHP generates a '2' in the files-array.
 */
if (filesize($_FILES['userfile']['tmp_name'] >= '1500000') || $_FILES['userfile']['error'] === '2') {
  die("-2");
} elseif ($_FILES['userfile']['error'] != '0') {
  die("-1"); //If the file is zero bytes, we considder it missing and throw an error.
  $error = "No file has been uploaded.";
}

if (isset($_FILES['userfile']['name'])) { //Do we really have a file, or just a blank form?
  $path=md5(time()); //Name of the file. md5() of time should be uniq.
  $uploadfile = $uploaddir.$path; //Relative path from here to file.
  $code = substr($path,0,5);
  if (file_exists($uploadfile)) { //Is the filename in use? If so, die.
    die("-3");
  }
  /*
Ok, now we've checked some metadata about the file, and if we've came this far, we considder it OK. The next thing then is to move the uploaded file to it's location, generated above. This is done below.
   */
  if (move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
    strip_tags($name);
    $date=time(); //What time was this file uploaded? Used later on.
    $size = getimagesize($uploadfile); 
    $ratio = $size[0]/$size[1];
    /*
     Now, using getimagesize is quite clever. It returns quite a lot of info about the image, including size and mime type. You could probably use other functions too, but then you'd have to use one to get image size and one to get mime.
WARNING: Mime-type in the $_FILES-array is client supplied, and can thus be modified by the client as they see fit. Thus I considder it unclean.
     */
    $mime=$size['mime'];
    if (!strstr($mime,"image/")) { 
      //All images I've came across begins with image/ in the mime type.
      unlink($uploadfile);
      die("Ser ikkje ut som et bilde! FY!");
      //Die and spew out a error message.
    } elseif ($mime === 'image/bmp') { 
      /*
       If we have a bmp image, we convert it to png. BMP takes lots of space, and png yields exactly the same (i.e lossless) quality for 1/10-1/100 of the space.
       */
      $cmd = "/usr/bin/convert $uploadfile png:$uploadfile"; //Command to run.
      $mime = 'image/png'; //We know the mime-type when *we* convert it. No need to check.
      exec($cmd);
    }
    /*
Ok, so we've established that we've got a image, and we might even have converted it into a more suitable format. So, why not create a thumbnail, *if* the original image is more than 450px? Also, if $size returns zero, we try to generate a thumb, because some images break the getimagesize()-call.
     */
    
    if ($size[0] >= '450' || $size[0] === '0') { 
      $cmd = "/usr/bin/convert -resize 450x300 $uploadfile $uploadfile".".jpg";
      //That syntax for convert ensures that we get max. 300px in height, and 450px in width, whichever fits best.
      exec($cmd);
    } elseif ($size[0] <= '450') { //If image is less than 450px width, let's only make a JPG.
      $cmd = "/usr/bin/convert $uploadfile $uploadfile".".jpg";
      exec($cmd);
    }
    $db = new dbcon();
    $fname = mysql_real_escape_string($fname,$db->link); //fname is the file name supplied by the client, thus unclean.
    /*
     Below we make a simple choice. If the user is logged inn, we want to add the picture to his uid. Therefor there is two different queries.
     */
    
    if (isset($_SESSION['uid'])) { //Member version
      $sql = "INSERT INTO `%sfiles` (`ratio`,`code`,`owner`, `filename`, `mime` , `path`, `date`, `ip`) VALUES ('$ratio','$code','$_SESSION[uid]','$fname','$mime','$path','$date','$_SERVER[REMOTE_ADDR]')";
    } else { //Non-member version
      $sql = "INSERT INTO `%sfiles` (`ratio`,`code`,`views`, `filename`, `mime` , `path`, `date`, `ip`) VALUES ('$ratio','$code','0','$fname','$mime','$path','$date','$_SERVER[REMOTE_ADDR]')";
    }
    $db->query($sql);
    $id = mysql_insert_id($db->link);
    setcookie("last",time(),time()+30); //Add a cookie to keep track of abuse.
    
    echo "{";
	echo				"error: '" . $error . "',\n";
	if ($simpleurl) {
	echo				"msg: '" . $id . "'\n";
	} else {
	  echo				"msg: '" . $id . "x" . $code . "'\n";
	}
    echo "}";
  }
}
?>