Add PHPDocs generated by ChatGPT,

add additional clarification to some functions,
add addNewsComment function and API, currently untested and not implemented in the client,
fix a bunch of stuff that PHPStorm pointed out

lib/upload.php

@@ -1,6 +1,12 @@
 <?php
-
-function makePathSafe($userInput): string
+/**
+ * Sanitizes user input to be used as a part of a file path to prevent security vulnerabilities such as directory traversal.
+ *
+ * @param string $userInput The input string to be sanitized.
+ * @return string Returns a safe string where only alphanumeric characters, underscores, and hyphens are retained.
+ *                Special characters and potential path traversal payloads are removed or replaced.
+ */
+function makePathSafe(string $userInput): string
 {
     // Keep only alphanumeric characters, underscores, and hyphens
     $safeString = preg_replace('/[^\w\-]/', '', $userInput);
@@ -17,7 +23,12 @@ function makePathSafe($userInput): string
     // Limit length for safety
     return substr($safeString, 0, 255);
 }
-
+/**
+ * Automatically rotates an image based on its EXIF data to adjust its orientation.
+ *
+ * @param Imagick $imagick An Imagick object representing the image to be rotated.
+ * @return void
+ */
 function autoRotateImage(Imagick $imagick): void {
     // Get the current orientation of the image
     try {
@@ -42,7 +53,11 @@ function autoRotateImage(Imagick $imagick): void {
     }
 
 }
-
+/**
+ * Processes the global $_FILES array to normalize the structure and filter out any files with errors.
+ *
+ * @return array Returns an array of files that are ready for further processing, structured uniformly.
+ */
 function getIncomingFiles(): array
 {
     $files = $_FILES;
@@ -67,7 +82,16 @@ function getIncomingFiles(): array
     }
     return $files3;
 }
-
+/**
+ * Saves file metadata in the database.
+ * This creates the only record of the file existing.
+ *
+ * @param string $filePath The path where the file is stored.
+ * @param string $fileType The MIME type of the file.
+ * @param int $width The width of the image file.
+ * @param int $height The height of the image file.
+ * @return bool Returns true if the file metadata was successfully saved to the database, false otherwise.
+ */
 function saveUploadedFileInDatabase(string $filePath, string $fileType, int $width, int $height): bool
 {
     global $mysqli;
@@ -78,8 +102,14 @@ function saveUploadedFileInDatabase(string $filePath, string $fileType, int $wid
     $stmt->close();
     return $stat;
 }
-
-function doImageUpload($inFile, $outFile): bool
+/**
+ * Handles the uploading process of an image, including its conversion to webp format, rotation based on orientation, and saving.
+ *
+ * @param string $inFile The temporary file path of the uploaded file.
+ * @param string $outFile The target file path where the processed image should be saved.
+ * @return bool Returns true if the file was successfully processed and saved, false otherwise.
+ */
+function doImageUpload(string $inFile, string $outFile): bool
 {
     // Create Imagick object
     $width = 0;
@@ -96,15 +126,22 @@ function doImageUpload($inFile, $outFile): bool
     } catch (ImagickException) {
     }
 
-    // Check if the reencoding was successful
+    // Check if the reencoding was successful, if yes, save into the database.
     if (file_exists($outFile)) {
         return saveUploadedFileInDatabase($outFile, 'image/webp', $width, $height);
     } else {
         return false;
     }
 }
+/**
+ * Retrieves a list of files from the database, optionally filtered to include only files uploaded by the current user.
+ * Access to an unfiltered list (files of all users) is only available to moderators.
+ *
+ * @param bool $onlyMine Whether to retrieve only files uploaded by the logged-in user. If false, files from all users are returned if the user is a moderator.
+ * @return array Returns an array containing file data along with a status message.
+ */
 
-function listFiles($onlyMine = true): array
+function listFiles(bool $onlyMine = true): array
 {
     $output = ["Status" => "Success"];
     require_once "lib/account.php";
@@ -156,6 +193,12 @@ function listFiles($onlyMine = true): array
     return $output;
 
 }
+/**
+ * Processes incoming files from the $_FILES global (after processed by getIncomingFiles), performs checks, and attempts to upload a file based on its type.
+ * Currently only supports valid image files.
+ *
+ * @return array Returns an array indicating the success or failure ('Status' key) of the file processing operations.
+ */
 
 function parseIncomingFiles(): array
 {
@@ -183,8 +226,15 @@ function parseIncomingFiles(): array
     }
     return $output;
 }
+/**
+ * Generates a file path for uploading based on the type of the file, the ID of the uploader and the date and time of uploading.
+ *
+ * @param string $type The type of the file, typically used to categorize the file.
+ * @param string $filename The base name of the file, used in generating the final path.
+ * @return string Returns the full path for storing the file or an empty string if the type is not recognized.
+ */
 
-function getUploadPath($type = "unknown", $filename = "hehe"): string
+function getUploadPath(string $type = "unknown", string $filename = "hehe"): string
 {
     $type = makePathSafe($type);
     $id = makePathSafe($_SESSION["ID"]);
@@ -202,6 +252,15 @@ function getUploadPath($type = "unknown", $filename = "hehe"): string
         return "";
     }
 }
+/**
+ * Checks if a file with a given ID exists in the database and does permission checks.
+ * Access is granted to only the user's files, in order to access all files the onlyMine parameter
+ * must be false and the user must be a moderator.
+ *
+ * @param int $fileId The ID of the file to check.
+ * @param bool $onlyMine Whether to limit the search to files uploaded by the logged-in user.
+ * @return bool|string Returns the path of the file if it exists and meets the criteria, false otherwise.
+ */
 
 function fileExists(int $fileId, bool $onlyMine = true): bool|string
 {
@@ -230,7 +289,14 @@ function fileExists(int $fileId, bool $onlyMine = true): bool|string
         return false;
     }
 }
-
+/**
+ * Adds a file to a specified group, if the user created the group or creates a new group if
+ * a group with a specified ID does not exist yet
+ *
+ * @param int $groupId The ID of the group to which the file should be added.
+ * @param int $fileId The ID of the file to add to the group.
+ * @return array Returns an associative array with a 'Status' key indicating success or failure.
+ */
 function addToGroup(int $groupId, int $fileId): array
 {
     $output = ["Status" => "Fail"];
@@ -253,16 +319,22 @@ function addToGroup(int $groupId, int $fileId): array
     }
     return $output;
 }
-
+/**
+ * Deletes a file entry from the database and the file system, a user can only delete his own files,
+ * except when he is a moderator, in that case he can delete all files.
+ *
+ * @param int $fileID The ID of the file to be deleted.
+ * @return array Returns an array with a 'Status' key indicating the success or failure of the deletion operation.
+ */
 function deleteFile(int $fileID): array
 {
     global $mysqli;
     $out = ["Status" => "Fail"];
     if (isLoggedIn()) {
-        $file_location = fileExists($fileID, !isAdmin());
-        $query = !isAdmin() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
+        $file_location = fileExists($fileID, !isModerator());
+        $query = !isModerator() ? 'DELETE FROM Files WHERE ID = ? AND UploadedBy = ?' : 'DELETE FROM Files WHERE ID = ?';
         $stmtDelete = $mysqli->prepare($query);
-        if (!isAdmin()) {
+        if (!isModerator()) {
             $stmtDelete->bind_param('ii', $fileID, $_SESSION['ID']);
         } else {
             $stmtDelete->bind_param('i', $fileID);