diff options
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | design/database.sql | 7 | ||||
-rw-r--r-- | htdocs/new-post.php | 25 | ||||
-rw-r--r-- | htdocs/postimages.php | 55 | ||||
-rw-r--r-- | htdocs/postings.php | 9 | ||||
-rw-r--r-- | htdocs/src/Post.inc.php | 69 | ||||
-rw-r--r-- | htdocs/src/PostIterator.inc.php | 2 | ||||
-rw-r--r-- | htdocs/src/config.inc.php | 5 |
8 files changed, 150 insertions, 23 deletions
@@ -1,3 +1,4 @@ **.swp htdocs/emails.log tags +uploads/ diff --git a/design/database.sql b/design/database.sql index 6bb34da..b79316c 100644 --- a/design/database.sql +++ b/design/database.sql @@ -59,6 +59,13 @@ CREATE TABLE post ( UNIQUE KEY(secretid) ); +CREATE TABLE image ( + id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, + post_id INTEGER UNSIGNED NOT NULL, + + PRIMARY KEY(id) +); + CREATE TABLE user ( id INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, name VARCHAR(60) NOT NULL, diff --git a/htdocs/new-post.php b/htdocs/new-post.php index b4dd6ad..7112a8c 100644 --- a/htdocs/new-post.php +++ b/htdocs/new-post.php @@ -138,7 +138,8 @@ function finish_post() { ); $error = ''; - $values = array(); + $values = array('title' => '', 'description' => '', + 'email' => '', 'email2' => ''); foreach ($required as $field => $desc) { if (!isset($_POST[$field]) or trim($_POST[$field]) == '') { $error .= "<p>$desc is a required field.</p>"; @@ -188,9 +189,11 @@ function handle_images() { function finish_images() { $post = $_SESSION['newpost']; - if (isset($_FILES['images']) and is_array($_FILES['images'])) { - foreach ($_FILES['images'] as $file) { - $post->addImage($file['tmp_name']); + if (isset($_FILES['images'])) { + foreach ($_FILES["images"]["error"] as $key => $error) { + if ($error == UPLOAD_ERR_OK) { + $post->addImage($_FILES['images']['tmp_name'][$key]); + } } } @@ -223,21 +226,25 @@ require_once "src/footer.inc.php"; function render_form($error="") { - global $values; + + $title = isset($_POST['title']) ? $_POST['title'] : ''; + $description = isset($_POST['description']) ? $_POST['description'] : ''; + $email = isset($_POST['email']) ? $_POST['email'] : ''; + $email2 = isset($_POST['email2']) ? $_POST['email2'] : ''; if ($error != '') { echo "<div class=\"errorbox\">$error</div>"; } - echo "<p><label>Title: <input type=\"text\" name=\"title\" value=\"${_POST[title]}\" /></label></p>"; + echo "<p><label>Title: <input type=\"text\" name=\"title\" value=\"$title\" /></label></p>"; echo "<p><label for=\"desc\">Description:</label></p>"; echo "<p><textarea name=\"description\" id=\"desc\" rows=\"10\"" - . " cols=\"80\">${_POST[description]}</textarea></p>"; + . " cols=\"80\">$description</textarea></p>"; - echo "<p><label>Email Address: <input type=\"text\" name=\"email\" value=\"${_POST[email]}\" />" + echo "<p><label>Email Address: <input type=\"text\" name=\"email\" value=\"$email\" />" . "</label>"; - echo " <label>Confirm Email: <input type=\"text\" name=\"email2\" value=\"${_POST[email2]}\" />" + echo " <label>Confirm Email: <input type=\"text\" name=\"email2\" value=\"$email2\" />" . "</label></p>" . "<p>Your email address will only be visible to our moderators.</p>"; diff --git a/htdocs/postimages.php b/htdocs/postimages.php new file mode 100644 index 0000000..375e8d7 --- /dev/null +++ b/htdocs/postimages.php @@ -0,0 +1,55 @@ +<?php + +/* Foursquare Community Site + * + * Copyright (C) 2011 Foursquare Church. + * + * Developers: Jesse Morgan <jmorgan@foursquarestaff.com> + * + */ + +require_once "src/base.inc.php"; + +// Make sure we had a path info +if (!isset($_SERVER['PATH_INFO'])) { + errorNotFound(); +} + +// Clean up the id in the path info. +$id = substr($_SERVER['PATH_INFO'], 1); + +if (!is_numeric($id)) { + errorNotFound(); +} + +// Get the post. +$post = Post::getByImage($id); + +if (!$post or + (!isset($_SESSION['currentUser']) and $post->getStage() != 'approved')) { + errorNotFound(); +} + +// Check if file exists. +$file = $CONFIG['uploads'] . "/$id"; + +if (!file_exists($file)) { + echo $file; + errorNotFound(); +} + +// Output the file +$info = getimagesize($file); +header('Content-Type: ' . $info['mime']); +header('Content-Transfer-Encoding: binary'); +header('Content-Length: ' . filesize($file)); +readfile($file); +exit; + +function errorNotFound() { + header("HTTP/1.0 404 Not Found"); + exit; +} + +?> + diff --git a/htdocs/postings.php b/htdocs/postings.php index 5c3dd55..7550e18 100644 --- a/htdocs/postings.php +++ b/htdocs/postings.php @@ -50,9 +50,16 @@ if (isset($_GET['moderate'])) { echo "<h2>". $post->getName() ."</h2>"; -echo "<p>". $post->getDescription() ."</p>"; +echo "<p>Date: ". date('r', $post->getTimestamp()) ."</p>"; +echo "<p class=\"desc\">". + str_replace("\n", '<br />', $post->getDescription()) + ."</p>"; +foreach ($post->getImages() as $imgid) { + echo "<p><img src=\"". $GLOBALS['CONFIG']['urlroot'] + . "/postimages/$imgid\" /></p>"; +} require_once "src/footer.inc.php"; diff --git a/htdocs/src/Post.inc.php b/htdocs/src/Post.inc.php index 34230b2..c05cb7e 100644 --- a/htdocs/src/Post.inc.php +++ b/htdocs/src/Post.inc.php @@ -13,6 +13,7 @@ require_once "base.inc.php"; class Post { private $info; private $indatabase = false; + private $images; public function __construct($info=null) { @@ -24,6 +25,8 @@ class Post { } else { $this->indatabase = false; } + + $images = null; } public static function getById($id) { @@ -38,6 +41,12 @@ class Post { return Post::getPost($where); } + public static function getByImage($imgid) { + $where = "id=(SELECT post_id FROM image WHERE id='$imgid')"; + + return Post::getPost($where); + } + private static function getPost($where) { $query = "SELECT *, UNIX_TIMESTAMP(created) AS createdts FROM post WHERE $where"; @@ -150,6 +159,10 @@ class Post { return $this->info['created']; } + public function getTimestamp() { + return $this->info['createdts']; + } + public function getEmail() { return $this->info['email']; } @@ -186,24 +199,60 @@ class Post { return $this->info['location']; } - public function addImage($file) { - // TODO: Verify file type + public function getImages() { + if ($this->images == null) { + $this->loadImages(); + } - // TODO: Unique name for file. - $newfile = $GLOBALS['CONFIG']['uploads']; + return $this->images; + } - if (move_uploaded_file($file, $newfile)) { - return true; + public function addImage($file) { + // Verify file type + $info = @getimagesize($file); - } else { + if (!$info) { return false; } + + // TODO Verify image dimensions? + + // Get image id + $db = getDatabase(); + try { + $id = $db->insert('image', array('post_id' => $this->getId())); + $newfile = $GLOBALS['CONFIG']['uploads'] . "/$id"; + + if (move_uploaded_file($file, $newfile)) { + // Invalidate the image cache + $this->images = null; + + return true; + } + + } catch (Cif_Database_Exception $e) { + + } + + return false; + } + + private function loadImages() { + $query = "SELECT id FROM image WHERE post_id='". $this->getId() ."'"; + + $db = getDatabase(); + $imgs = $db->fetchAssocRows($query); + + $this->images = array(); + foreach ($imgs as $img) { + $this->images[] = $img['id']; + } } public function sendValidation() { $email = new Email($this->getEmail()); - $email->setSubject($GLOBAL['CONFIG']['sitetitle'] . " Email Validation"); + $email->setSubject($GLOBALS['CONFIG']['sitetitle'] . " Email Validation"); $url = $GLOBALS['CONFIG']['urlroot'] . '/validate.php?id=' . $this->getSecretId(); @@ -216,7 +265,7 @@ class Post { public function sendAcceptance() { $email = new Email($this->getEmail()); - $email->setSubject($GLOBAL['CONFIG']['sitetitle'] . " Posting Approved"); + $email->setSubject($GLOBALS['CONFIG']['sitetitle'] . " Posting Approved"); $email->appendMessage("Your posting titled ". $this->getName() ." has been approved by our moderation team.\n\n"); @@ -231,7 +280,7 @@ class Post { public function sendRejection($message='') { $email = new Email($this->getEmail()); - $email->setSubject($GLOBAL['CONFIG']['sitetitle'] . " Posting Rejected"); + $email->setSubject($GLOBALS['CONFIG']['sitetitle'] . " Posting Rejected"); $email->appendMessage("Your posting titled ". $this->getName() ." has been rejected by our moderation team.\n\n"); diff --git a/htdocs/src/PostIterator.inc.php b/htdocs/src/PostIterator.inc.php index cced79b..43c1a05 100644 --- a/htdocs/src/PostIterator.inc.php +++ b/htdocs/src/PostIterator.inc.php @@ -42,7 +42,7 @@ class PostIterator implements Iterator { } public function limit($limit) { - $this->limit = limit; + $this->limit = $limit; } public function rewind() { diff --git a/htdocs/src/config.inc.php b/htdocs/src/config.inc.php index 211a798..829c632 100644 --- a/htdocs/src/config.inc.php +++ b/htdocs/src/config.inc.php @@ -19,11 +19,12 @@ $CONFIG = array( 'sitetitle' => 'Foursquare Community', 'email_from' => 'community@myfoursquarechurch.com', - 'urlroot' => 'http://localhost/~jesse/p4s/community/htdocs', + 'urlroot' => '/~jesse/p4s/community/htdocs', 'root' => '/home/jesse/Development/p4square/community/htdocs', + 'uploads' => '/home/jesse/Development/p4square/community/uploads', 'debug' => true, - 'production' => false, + 'production' => true, ); set_include_path(get_include_path() . PATH_SEPARATOR . $CONFIG['root'].'/src'); |