-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsubmit.php
More file actions
123 lines (106 loc) · 3.68 KB
/
Copy pathsubmit.php
File metadata and controls
123 lines (106 loc) · 3.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
$c = require __DIR__ . '/config.php';
header('Content-Type: application/json');
$upload_dir = __DIR__ . '/uploads/photos/';
$data_file = __DIR__ . '/submissions/data.json';
$max_file_mb = 10;
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(['error' => 'Method not allowed']);
exit;
}
foreach ([$upload_dir, dirname($data_file)] as $dir) {
if (!is_dir($dir)) mkdir($dir, 0755, true);
}
$name = trim($_POST['name'] ?? '');
$memory = trim($_POST['memory'] ?? '');
$whereNow = trim($_POST['whereNow'] ?? '');
$message = trim($_POST['message'] ?? '');
$email = trim($_POST['email'] ?? '');
if (!$name || !$memory || !$whereNow) {
http_response_code(400);
echo json_encode(['error' => 'Please fill in all required fields.']);
exit;
}
$photo_filenames = [];
$allowed = ['jpg', 'jpeg', 'png', 'gif', 'webp', 'heic'];
$max_size = $max_file_mb * 1024 * 1024;
$max_photos = max(1, min(5, (int)$c['max_photos']));
if (!empty($_FILES['photos']['name'][0])) {
$files = $_FILES['photos'];
$count = min(count($files['name']), $max_photos);
for ($i = 0; $i < $count; $i++) {
if ($files['error'][$i] !== UPLOAD_ERR_OK) continue;
if (!$files['size'][$i]) continue;
$ext = strtolower(pathinfo($files['name'][$i], PATHINFO_EXTENSION));
if (!in_array($ext, $allowed)) {
http_response_code(400);
echo json_encode(['error' => 'Please upload JPG, PNG, or HEIC photos only.']);
exit;
}
if ($files['size'][$i] > $max_size) {
http_response_code(400);
echo json_encode(['error' => "Each photo must be under {$max_file_mb}MB."]);
exit;
}
$img_info = @getimagesize($files['tmp_name'][$i]);
if (!$img_info && $ext !== 'heic') {
http_response_code(400);
echo json_encode(['error' => 'One of the files does not appear to be a valid image.']);
exit;
}
$filename = uniqid('photo_', true) . '.' . $ext;
if (!move_uploaded_file($files['tmp_name'][$i], $upload_dir . $filename)) {
http_response_code(500);
echo json_encode(['error' => 'Could not save a photo. Please try again.']);
exit;
}
$photo_filenames[] = $filename;
}
}
$submission = [
'id' => uniqid('sub_', true),
'timestamp' => date('Y-m-d H:i:s'),
'name' => $name,
'email' => $email,
'memory' => $memory,
'whereNow' => $whereNow,
'message' => $message,
'photos' => $photo_filenames,
'ip' => $_SERVER['REMOTE_ADDR'] ?? '',
];
$fp = fopen($data_file, 'c+');
$lock = flock($fp, LOCK_EX);
if ($lock) {
$content = '';
fseek($fp, 0);
while (!feof($fp)) $content .= fgets($fp);
$data = json_decode($content, true) ?? [];
$data[] = $submission;
ftruncate($fp, 0);
fseek($fp, 0);
fwrite($fp, json_encode($data, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE));
flock($fp, LOCK_UN);
}
fclose($fp);
$subject = "Memory Book: New submission from {$name}";
$body = implode("\n", [
"A new page was added to the memory book!",
"",
"Name: {$name}",
"Email: " . ($email ?: '(not provided)'),
"Time: {$submission['timestamp']}",
"Photos: " . (count($photo_filenames) ? count($photo_filenames) . ' uploaded' : 'None'),
"",
"Memory:",
$memory,
"",
"Where Are They Now:",
$whereNow,
"",
"Message:",
($message ?: '(none)'),
]);
$headers = "From: {$c['from_email']}\r\nReply-To: {$email}";
@mail($c['notify_email'], $subject, $body, $headers);
echo json_encode(['success' => true, 'id' => $submission['id']]);