summaryrefslogtreecommitdiff
path: root/lib/helpers.php
diff options
context:
space:
mode:
authorAaron Parecki <aaron@parecki.com>2017-08-17 09:13:15 -0700
committerAaron Parecki <aaron@parecki.com>2017-08-17 09:13:15 -0700
commitecb0724049e13deeb65d6c3b9510598d8ffb7ff5 (patch)
tree9963f02d8513b2f065aadf49a4516ba001ec3404 /lib/helpers.php
parent3de5d9345721385b7a8cdc11c82feaeb8ff94f6c (diff)
parent62f6a17c6b3fa666ad29b4564e7cf3455148e8a6 (diff)
Merge branch 'master' of github.com:aaronpk/Quill
Diffstat (limited to 'lib/helpers.php')
-rw-r--r--lib/helpers.php24
1 files changed, 14 insertions, 10 deletions
diff --git a/lib/helpers.php b/lib/helpers.php
index 6098501..bfd0629 100644
--- a/lib/helpers.php
+++ b/lib/helpers.php
@@ -5,7 +5,7 @@ if(isset(Config::$dbType) && Config::$dbType == 'sqlite') {
} else {
ORM::configure('mysql:host=' . Config::$dbHost . ';dbname=' . Config::$dbName);
ORM::configure('username', Config::$dbUsername);
- ORM::configure('password', Config::$dbPassword);
+ ORM::configure('password', Config::$dbPassword);
}
function render($page, $data) {
@@ -83,15 +83,15 @@ if(!function_exists('http_build_url')) {
}
}
-function micropub_post_for_user(&$user, $params, $file_path = NULL, $json = false) {
+function micropub_post_for_user(&$user, $params, $file = NULL, $json = false) {
// Now send to the micropub endpoint
- $r = micropub_post($user->micropub_endpoint, $params, $user->micropub_access_token, $file_path, $json);
+ $r = micropub_post($user->micropub_endpoint, $params, $user->micropub_access_token, $file, $json);
$user->last_micropub_response = substr(json_encode($r), 0, 1024);
$user->last_micropub_response_date = date('Y-m-d H:i:s');
// Check the response and look for a "Location" header containing the URL
- if($r['response'] && ($r['code'] == 201 || $r['code'] == 202)
+ if($r['response'] && ($r['code'] == 201 || $r['code'] == 202)
&& isset($r['headers']['Location'])) {
$r['location'] = $r['headers']['Location'][0];
$user->micropub_success = 1;
@@ -104,9 +104,9 @@ function micropub_post_for_user(&$user, $params, $file_path = NULL, $json = fals
return $r;
}
-function micropub_media_post_for_user(&$user, $file_path) {
+function micropub_media_post_for_user(&$user, $file) {
// Send to the media endpoint
- $r = micropub_post($user->micropub_media_endpoint, [], $user->micropub_access_token, $file_path, true, 'file');
+ $r = micropub_post($user->micropub_media_endpoint, [], $user->micropub_access_token, $file, true, 'file');
// Check the response and look for a "Location" header containing the URL
if($r['response'] && preg_match('/Location: (.+)/', $r['response'], $match)) {
@@ -118,11 +118,15 @@ function micropub_media_post_for_user(&$user, $file_path) {
return $r;
}
-function micropub_post($endpoint, $params, $access_token, $file_path = NULL, $json = false, $file_prop = 'photo') {
+function micropub_post($endpoint, $params, $access_token, $file = NULL, $json = false, $file_prop = 'photo') {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $endpoint);
curl_setopt($ch, CURLOPT_POST, true);
+ $file_path = $file['tmp_name'];
+ $file_content = file_get_contents($file_path) . self::EOL;
+ $filename = $file['name'];
+
// Send the access token in both the header and post body to support more clients
// https://github.com/aaronpk/Quill/issues/4
// http://indiewebcamp.com/irc/2015-02-14#t1423955287064
@@ -150,7 +154,7 @@ function micropub_post($endpoint, $params, $access_token, $file_path = NULL, $js
$mimetype = finfo_file($finfo, $file_path);
$multipart = new p3k\Multipart();
$multipart->addArray($params);
- $multipart->addFile($file_prop, $file_path, $mimetype);
+ $multipart->addFile($file_prop, $filename, $mimetype, $file_content);
$post = $multipart->data();
$httpheaders[] = 'Content-Type: ' . $multipart->contentType();
}
@@ -324,7 +328,7 @@ function validate_photo(&$file) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && count($_POST) < 1 ) {
throw new RuntimeException('File upload size exceeded.');
}
-
+
// Undefined | Multiple Files | $_FILES Corruption Attack
// If this request falls under any of them, treat it invalid.
if (
@@ -437,7 +441,7 @@ function sanitize_editor_html($html) {
$def->addElement('figure', 'Block', 'Optional: (figcaption, Flow) | (Flow, figcaption) | Flow', 'Common');
$def->addElement('figcaption', 'Inline', 'Flow', 'Common');
- // Allow data: URIs
+ // Allow data: URIs
$config->set('URI.AllowedSchemes', array('data' => true, 'http' => true, 'https' => true));
// Strip all classes from elements