kalipso/racalmas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
69e5d0e4c6b824e74e7ed110cc8728515996d98c
racalmas/website/agenda/planung/imageUpload.cgi

416 lines
11 KiB
Perl
Executable File
Raw Blame History

#! /usr/bin/perl
use warnings "all";
use strict;
use Data::Dumper;
use Apache2::Request;
use Apache2::Upload;
delete $INC{CGI};
require 'CGI.pm';
use Date::Calc;
use Time::Local;
use Image::Magick;
use Image::Magick::Square;
use config;
use auth;
use uac;
use studios;
use template;
use images;
binmode STDOUT, ":utf8";
my $r = shift;
my $cgi = undef;
my $config = config::get('../config/config.cgi');
our $debug = $config->{system}->{debug};
my $base_dir = $config->{locations}->{base_dir};
my $tmp_dir = '/var/tmp';
my $upload_limit = 2048*1000;
#binmode STDOUT, ":utf8";
#binmode STDOUT, ":encoding(UTF-8)";
my $params = {};
my $upload = undef;
my $error = '';
#get image from multiform before anything else
if (defined $r){
#Apache2::Request
# print "Content-type:text/html; charset=UTF-8; \n\n<br><br><br>Apache2::Request<br>\n";
my $apr = Apache2::Request->new($r, POST_MAX => $upload_limit, TEMP_DIR => $tmp_dir);
#copy params to hash
my $body=$apr->body();
if (defined $body){
for my $key (keys %$body){
# print "$key=".$apr->param($key)."<br>\n";
$params->{scalar($key)}=scalar($apr->param($key));# unless ($key eq'image');
}
}
# print Dumper($params);
# print Dumper($apr);
my $status = $apr->parse;
# print "Status:$status<br>";
$status='' if ($status=~/missing input data/i);
if ($status=~/limit/i){
$error= $status;
}else{
$upload = $apr->upload('image') if (defined $params->{image});
}
#dont get params parsed
# $CGI::POST_MAX = $upload_limit;
# $CGI::TMPDIRECTORY=$tmp_dir;
$cgi=new CGI();
# my %params=$cgi->Vars();
# $params=\%params;
# $error=$cgi->cgi_error()||$error;
}else{
#CGI fallback
# print "Content-type:text/html; charset=UTF-8; \n\n<br><br><br>CGI<br>\n";
$CGI::POST_MAX = $upload_limit;
$CGI::TMPDIRECTORY=$tmp_dir;
$cgi=new CGI();
$error=$cgi->cgi_error()||$error;
my %params=$cgi->Vars();
$params=\%params;
}
print "Content-type:text/html; charset=UTF-8;\n\n";
my ($user,$expires) = auth::get_user($cgi, $config);
return if ((!defined $user) || ($user eq ''));
my $user_presets=uac::get_user_presets($config, {
user => $user,
project_id => $params->{project_id},
studio_id => $params->{studio_id}
});
$params->{default_studio_id}=$user_presets->{studio_id};
$params->{studio_id}=$params->{default_studio_id} if ((!(defined $params->{action}))||($params->{action}eq'')||($params->{action}eq'login'));
$params->{project_id}=$user_presets->{project_id} if ((!(defined $params->{action}))||($params->{action}eq'')||($params->{action}eq'login'));
my $request={
url => $ENV{QUERY_STRING}||'',
params => {
original => $params,
checked => check_params($params),
},
};
$request = uac::prepare_request($request, $user_presets);
$params = $request->{params}->{checked};
return unless defined uac::check($config, $params, $user_presets);
my $permissions=$request->{permissions};
$params->{action} ='' unless (defined $params->{action});
if($permissions->{create_image} ne '1'){
uac::permissions_denied("create image");
return 0;
}
my $file_info= undef;
if ($error ne ''){
if ($error=~/limit/){
$params->{error}.="Image size is limited to ".int($upload_limit/1000000)." MB!"
. "Please make it smaller and try again!";
}else{
$params->{error}.="Error:'$error'";
}
}elsif ($params->{action}eq'upload'){
$file_info=upload_file($config, $cgi, $upload, $user);
$params->{error}.=$file_info->{error};
$params=update_database($config, $params, $file_info, $user) if ($params->{error} eq'');
}
print STDERR $params->{error}."\n" if defined $params->{error};
my $out='';
template::process('print', $params->{template}, $params);
print $cgi->cgi_error() if defined $cgi;
#return;
return if($params->{action} eq '');
if ($params->{error} eq''){
print qq{
<div id="output">success</div>
<div id="message">
$params->{action_result}
{{thumbs//$params->{filename}}}
<button onclick="selectThisImage('$params->{filename}')">assign to event</button>
</div>
<div id="upload_image_id">$params->{image_id}</div>
<div id="upload_image_filename">$params->{filename}</div>
<div id="upload_image_title">$params->{name}</div>
<div id="upload_image_link">{{thumbs//$params->{filename}}}</div>
};
}else{
print qq{
<div id="output">failed</div>
<div id="message">$params->{error}</div>
};
}
sub upload_file{
my $config = shift;
my $cgi = shift;
my $upload = shift;
my $user = shift;
my $result = get_filename($cgi, $upload);
return $result if ($result->{error} ne '');
my $file = $result->{fh};
my $filename = $result->{filename};
$result=check_filename($filename);
print STDERR $result."\n";
return $result if ($result->{error} ne '');
my $extension=$result->{extension}||'';
#read file from handle
my $data;
my $content='';
print STDERR $file."\n";
#unless (-e $file){}
binmode $file;
while(read $file,$data,1024) {
$content.=$data;
}
#set filename to MD5 from content
my $md5_filename=Digest::MD5::md5_base64($content);
$md5_filename=~s/[\/\+]/_/gi;
return process_image($config, $filename, $extension, $md5_filename, $content);
}
sub update_database{
my $config=shift;
my $params=shift;
my $file_info=shift;
my $user=shift;
$params->{upload_path} = $file_info->{upload_path};
$params->{upload_filename} = $file_info->{upload_filename};
$params->{filename} = $file_info->{filename};
$params->{thumb_path} = $file_info->{thumb_path};
$params->{image_path} = $file_info->{image_path};
$params->{icon_path} = $file_info->{icon_path};
$params->{local_media_url} = $config->{locations}->{local_media_url};
my $name=$params->{name}||'';
$name='neu' unless $params=~/\S/;
my $image={
filename => $params->{filename},
name => $params->{name}||'new',
description => $params->{description},
modified_by => $user,
project_id => $params->{project_id},
studio_id => $params->{studio_id}
};
#connect
$config->{access}->{write}=1;
my $dbh=db::connect($config);
my $entries=images::get($config, { filename => $image->{filename} } );
if ((defined $entries)&&(@$entries>0)){
images::update($dbh, $image);
my $entry=$entries->[0];
$params->{image_id}=$entry->{id};
}else{
$image->{created_by} = $user;
$params->{image_id}=images::insert($dbh, $image);
}
$config->{access}->{write}=0;
$params->{action_result}='done!';
return $params;
}
#get filename and filehandle from upload
sub get_filename{
my $cgi=shift;
my $upload=shift;
if (defined $upload){
# try apache2 module
my $filename=$upload->filename();
return {
filename => $filename,
fh => $upload->fh(),
error => ''
};
}
# fallback to CGI module
my $file = $cgi->param("image");
if ($file=~/\|/){
return { error => "is no file" };
}
my $file_info=$cgi->uploadInfo($file);
if (defined $file_info){
my $filename=$file_info->{'Content-Disposition'}||'';
if ($filename=~/filename=\"(.*?)\"/){
$filename=$1;
return {
filename => $filename,
fh => $file,
error => ''
};
}
}
#error
return {
error=>'Could not detect file name!'
};
}
sub check_filename{
my $filename=shift;
my @valid_extensions=('png', 'jpeg', 'jpg', 'gif', 'pdf', 'txt', 'bmp', 'ps', 'eps', 'wmf');
if($filename =~ /\.([a-zA-Z]{3,5})$/){
my $extension = lc $1;
unless(grep(/$extension/,@valid_extensions)) {
return {
error => 'Following file formats are supported: '.join(",",@valid_extensions).'!'
};
}
return{
extension => $extension,
error => ''
};
}else{
return {
error => 'Not matching file extension found! Supported are: '.join(",",@valid_extensions).'!'
};
}
}
sub process_image{
my $config = shift;
my $filename = shift;
my $extension = shift;
my $md5_filename = shift;
my $content = shift;
my $upload_path = $config->{locations}->{local_media_dir}.'upload/'.$md5_filename.'.'.$extension;
my $thumb_path = $config->{locations}->{local_media_dir}.'thumbs/'.$md5_filename.'.jpg';
my $icon_path = $config->{locations}->{local_media_dir}.'icons/'.$md5_filename.'.jpg';
my $image_path = $config->{locations}->{local_media_dir}.'images/'.$md5_filename.'.jpg';
#copy file to upload space
open DAT,'>'.$upload_path or return {error=> 'could not save image. '.$!." $upload_path"};
binmode DAT;
print DAT $content;
close DAT;
#write image
my $image = new Image::Magick;
$image->Read($upload_path);
my $x=$image->Get('width')||0;
my $y=$image->Get('height')||0;
if(($x==0) || ($y==0)){
return {error=>'Could not read image!'};
log::error($config, 'Cannot read image $filename!');
};
#set max size image
if ($x>0 && $y>0){
if ($x>$y){
$image->Resize(width=>'600', height=>int(600*$y/$x) );
}else{
$image->Resize(width=>int(600*$x/$y), height=>'600');
}
}
#$image->Normalize();
$image->Write('jpg:'.$image_path);
#write thumb
my $thumb=$image;
$thumb->Trim2Square;
$thumb->Resize(width=>150,height=>150);
$thumb->Write('jpg:'.$thumb_path);
my $icon=$image;
$icon->Trim2Square;
$icon->Resize(width=>25,height=>25);
$icon->Write('jpg:'.$icon_path);
unless(-e $thumb_path){
return {error=>'could not create thumb nail file!'};
}
unless(-e $icon_path){
return {error=>'could not create icon file!'};
}
unless(-e $image_path){
return {error=>'could not create image file!'};
}
return {
upload_filename =>$filename,
filename =>$md5_filename.'.jpg',
thumb_path =>$thumb_path,
icon_path =>$icon_path,
image_path =>$image_path,
error =>''
};
}
sub check_params{
my $params=shift;
my $checked={};
$checked->{template} = template::check($params->{template},'imageUpload');
#numeric values
for my $param ('project_id','studio_id','default_studio_id'){
if ((defined $params->{$param})&&($params->{$param}=~/^\d+$/)){
$checked->{$param}=$params->{$param};
}
}
if (defined $checked->{studio_id}){
$checked->{default_studio_id}=$checked->{studio_id};
}else{
$checked->{studio_id}=-1;
}
#string
for my $param ('debug','name','description'){
if ((defined $params->{$param}) && ($params->{$param}=~/^\s*(.+?)\s*$/)){
$checked->{$param}=$1;
}
}
#Words
for my $attr('action'){
if ((defined $params->{$attr}) && ($params->{$attr}=~/(\S+)/)){
$checked->{$attr}=$params->{$attr};
}
}
return $checked;
}
Reference in New Issue View Git Blame Copy Permalink