$valueArr) { if (is_array($valueArr)) { // file input "multiple" foreach ($valueArr as $i => $value) { $filesByInput[$i][$key] = $value; } } else { // -> string, normal file input $filesByInput[] = $infoArr; break; } } $files2 = array_merge($files2, $filesByInput); } $files3 = []; foreach ($files2 as $file) { // let's filter empty & errors if (!$file['error']) $files3[] = $file; } return $files3; } function saveUploadedFileInDatabase($filePath, $fileType): bool { global $mysqli; $stmt = $mysqli->prepare("INSERT INTO Files (Path, Type, UploadedBy, UploadedAt) VALUES (?, ?, ?, NOW())"); $stmt->bind_param("ssi", $filePath, $fileType, $_SESSION["ID"]); $stmt->execute(); $stat = $stmt->affected_rows > 0; $stmt->close(); return $stat; } function doImageUpload($inFile, $outFile): bool { // Create Imagick object try { $imagick = new Imagick($inFile); $imagick->setImageFormat('webp'); $imagick->stripImage(); $imagick->writeImage($outFile); $imagick->destroy(); } catch (ImagickException $e) { } // Check if the reencoding was successful if (file_exists($outFile)) { return saveUploadedFileInDatabase($outFile, 'image/webp'); } else { return false; } } function listFiles($onlyMine = true): array { $output = ["Status" => "Fail"]; require_once "lib/account.php"; if (($onlyMine && isLoggedIn()) || (!$onlyMine && isModerator())) { global $mysqli; $query = "SELECT ID, Path, Type, UploadedAt, UploadedBy FROM Files"; if ($onlyMine) { $query .= " WHERE UploadedBy = ?"; } $stmt = $mysqli->prepare($query); if ($onlyMine) { $stmt->bind_param("i", $_SESSION["ID"]); } $id = 0; $path = ""; $type = ""; $uploadedAt = ""; $uploadedBy = 0; $stmt->bind_result($id, $path, $type, $uploadedAt, $uploadedBy); $stmt->execute(); // Fetch the results into the bound variables while ($stmt->fetch()) { $files[] = [ 'ID' => $id, 'Path' => $path, 'Type' => $type, 'UploadedAt' => $uploadedAt, 'UploadedBy' => $uploadedBy, ]; } // Check if any results were fetched if (!empty($files)) { $output["Status"] = "Success"; $output["Files"] = $files; } $stmt->close(); } return $output; } function parseIncomingFiles(): array { $incomingFiles = getIncomingFiles(); $success = true; print_r($incomingFiles); foreach ($incomingFiles as $incomingFile) { if ($incomingFile["error"] == 0 && is_file($incomingFile["tmp_name"])) { $type = explode("/", $incomingFile["type"]); if ($type[0] == "image") { echo "Adding " . $incomingFile["name"]; $imgFname = pathinfo($incomingFile["name"], PATHINFO_FILENAME); $uploadPath = getUploadPath("image", $imgFname); echo "uppa " . $uploadPath; if (!empty($uploadPath)) { if (!doImageUpload($incomingFile["tmp_name"], $uploadPath)) { $success = false; } } else { $success = false; } } } } $output = ["Status" => "Fail"]; if ($success) { $output["Status"] = "Success"; } return $output; } function getUploadPath($type = "unknown", $filename = "hehe"): string { $type = makePathSafe($type); $id = makePathSafe($_SESSION["ID"]); $date = makePathSafe(date("Y/m/d")); $filename = makePathSafe($filename); $extension = match ($type) { 'image' => 'webp', default => 'dummy', }; if ($extension != "dummy") { $basepath = "uploads/$type/$id/$date"; mkdir($basepath, 755, true); return $basepath . "/$filename.$extension"; } else { return ""; } } function fileExists(int $fileId, bool $onlyMine = true): bool|string { if(!$fileId) { return false; } global $mysqli; if (!$onlyMine && !isAdmin()) { $onlyMine = true; } $query = $onlyMine ? 'SELECT ID, Path FROM Files WHERE ID = ? AND UploadedBy = ?' : 'SELECT ID, Path FROM Files WHERE ID = ?'; $stmtfileexists = $mysqli->prepare($query); if ($onlyMine) { $stmtfileexists->bind_param('ii', $fileId, $_SESSION['id']); } else { $stmtfileexists->bind_param('i', $fileId); } $filePath = ""; $id = 0; $stmtfileexists->bind_result($id, $filePath); $stmtfileexists->execute(); if ($stmtfileexists->num_rows > 0){ return $filePath; } else { echo $stmtfileexists->error; echo $query; return false; } } function addToGroup(int $groupId, int $fileId): array { $output = ["Status" => "Fail"]; if (!$groupId || !$fileId) { return $output; } global $mysqli; $stmtcheck = $mysqli->prepare('SELECT ID FROM FileGroups WHERE CreatorID != ? AND ID = ?'); $stmtcheck->bind_param('ii', $_SESSION['id'], $groupId); $stmtcheck->execute(); if ($stmtcheck->affected_rows == 0) { if (fileExists($fileId, false)) { $stmtadd = $mysqli->prepare('INSERT INTO FileGroups (FileID, CreatorID, ID) VALUES (?, ?, ?)'); $stmtadd->bind_param('iii', $fileId, $_SESSION['id'], $groupId); $stmtadd->execute(); if ($stmtadd->affected_rows > 0) { $output["Status"] = "Success"; } } } return $output; } function getImageURL(int $imageFileID) :string { global $mysqli; $path = ""; $stmtget = $mysqli->prepare('SELECT Path FROM Files WHERE ID = ?'); $stmtget->bind_param('i', $imageFileID); $stmtget->execute(); $stmtget->bind_result($path); $stmtget->fetch(); return $path; } function deleteFile(int $fileID) :string { $out = ["Status" => "Fail"]; $file_location = fileExists($fileID, false); if ($file_location){ if(unlink($file_location)) { $out['Status'] = 'Success'; } } return $out; }