First commit.

3 files changed, 103 insertions, 0 deletions

diff --git a/lib/image/delete.php b/lib/image/delete.php
new file mode 100644
index 0000000..e6716ec
--- /dev/null
+++ b/lib/image/delete.php
@@ -0,0 +1,21 @@
+<?php
+
+require("lib/conf/image.php");
+
+$title = "Delete an image";
+
+if (count($args) < 3) header("location: index.php");
+$id = intval($args[2]);
+
+$info = mysql_fetch_assoc(sql("SELECT * FROM images WHERE id = $id"));
+
+if ($info["owner"] == $user["id"]) {
+	token_validate("Do you really want to delete this image ?", "image");
+	unlink($savedir . $id . "-min." . $info["extension"]);
+	unlink($savedir . $id . "." . $info["extension"]);
+	sql("DELETE FROM images WHERE id = $id");
+	header("location: image");
+} else {
+	$error = "You cannot delete this image.";
+}
+require("tpl/general/empty.php");
diff --git a/lib/image/index.php b/lib/image/index.php
new file mode 100644
index 0000000..01c0928
--- /dev/null
+++ b/lib/image/index.php
@@ -0,0 +1,23 @@
+<?php
+
+require("lib/conf/image.php");
+
+$title = "Image upload";
+
+$images = array();
+$files = sql("SELECT * FROM images WHERE owner = " . $user['id']);
+while ($img = mysql_fetch_assoc($files)) $images[] = $img;
+
+if (count($images) >= $quota && $user['priv'] < $min_priv_for_no_quota) {
+	$error = "You have already exceeded your quota of $quota uploadable images.";
+	$can_upload = false;
+} else if ($user['priv'] < $apps['image']['upload']) {
+	$error = "You don't have the rights to upload images.";
+	$can_upload = false;
+} else {
+	$can_upload = true;
+}
+
+$can_delete = ($user['priv'] >= $apps['image']['delete'] && $user['id'] != 0);
+
+require("tpl/image/index.php");
diff --git a/lib/image/upload.php b/lib/image/upload.php
new file mode 100644
index 0000000..812295f
--- /dev/null
+++ b/lib/image/upload.php
@@ -0,0 +1,59 @@
+<?php
+
+$title = "Upload an image";
+
+require("lib/conf/image.php");
+
+$number = mysql_fetch_assoc(sql("SELECT count(*) AS count FROM images WHERE owner = " . $user['id']));
+assert_error($number['count'] < $quota || $user['priv'] >= $min_priv_for_no_quota || $user['id'] == 0,
+	"You have already exceeded your upload quota.");
+
+if (isset($_FILES['image'])) {
+	if ($_FILES['image']['error'] != 0) {
+		$error = "Sorry, an error occurred while uploading your file. Try with a smaller one.";
+		require("tpl/image/upload.php");
+	}
+	$origname = strtolower(basename($_FILES['image']['name']));
+	if (preg_match("#\.png$#",$origname)) {
+		$type = "png";
+	} elseif (preg_match("#\.gif$#",$origname)) {
+		$type = "gif";
+	} elseif (preg_match("#\.jpg$#",$origname) or preg_match("#\.jpeg$#",$origname)) {
+		$type = "jpg";
+	} else {
+		$error = "Sorry, we only accept GIF, PNG and JPEG images.";
+		require("tpl/image/upload.php");
+	}
+	sql("INSERT INTO images(owner, extension) VALUES(" . $user['id'] . ", '$type')");
+	$id = mysql_insert_id();
+	$filen = $savedir . $id . "." . $type;
+	$minin = $savedir . $id . "-min." . $type;
+	if (!copy($_FILES['image']['tmp_name'], $filen)) {
+		$error = "An internal error occurred. You might want to try again later.";
+		sql("DELETE FROM images WHERE id = $id");
+		require("tpl/image/upload.php");
+	}
+
+	if ($type == "png")
+		$source = imagecreatefrompng($filen); 
+	elseif ($type == "jpg")
+		$source = imagecreatefromjpeg($filen);
+	elseif ($type == "gif")
+		$source = imagecreatefromgif($filen);
+	$l = imagesx($source);
+	$h = imagesy($source);
+	$l2 = $miniature_width;
+	$h2 = $l2 * $h / $l;
+	$mini = imagecreatetruecolor($l2, $h2);
+	imagecopyresampled($mini, $source, 0, 0, 0, 0, $l2, $h2, $l, $h);
+	if ($type == "png")
+		imagepng($mini, $minin);
+	elseif ($type == "jpg")
+		imagejpeg($mini, $minin);
+	elseif ($type == "gif")
+		imagegif($mini, $minin);
+	$message = "Your image has been uploaded successfully.";
+	require("tpl/image/upload-ok.php");
+} else {
+	require("tpl/image/upload.php");
+}