[bottom]

'.bmp', 'image/gif' => '.gif', 'image/jpeg' => '.jpg', 'image/pjpeg' => '.jpg', 'image/png' => '.png' ]; // Validate and move the uploaded image file, if necessary if(!empty($img['tmp_name'])) { if ((($img['type'] == 'image/gif') || ($img['type'] == 'image/jpeg') || ($img['type'] == 'image/pjpeg') || ($img['type'] == 'image/png') || ($img['type'] == 'image/bmp')) && ($img['size'] > 0) && ($img['size'] <= MAX_FILE_SIZE)) { if($img['error'] == 0) { // Move the file to the target upload folder $target = UPLOAD_PATH . time() . $extensions[$img['type']]; if(!move_uploaded_file($img['tmp_name'], $target)) { // The new image file move failed, so delete the temporary file and return an error @unlink($img['tmp_name']); return 'Sorry, there was a problem uploading your image.'; } } } else { // The new picture file is not valid, so delete the temporary file and return an error @unlink($img['tmp_name']); return "Your picture must be a PNG, GIF, JPEG, or BMP image file no greater than {MM_MAXFILESIZE >> 10} KiB."; } } if(empty($comment) && empty($target)) return 'You must include an image and/or a comment'; if($save_cookie) { $uid = $_COOKIE['uid']; if(empty($uid)) { $uid = sha1(time() . $img['tmp_name'] . $_SERVER['REMOTE_ADDR'] . UID_SALT); setcookie("uid", $uid, 0x7FFFFFFF); } } // Add post to database $query = "INSERT INTO posts (user_id, name, comment, img) VALUES ($1, $2, $3, $4)"; $params = [ empty($uid) ? NULL : $uid, empty($name) ? 'Anonymous' : htmlspecialchars($name), empty($comment) ? NULL : htmlspecialchars($comment), empty($target) ? NULL : basename($target) ]; webhook($params[1], $params[2], 'http://' . $_SERVER['SERVER_NAME'] . dirname($_SERVER['PHP_SELF']) . '/' . $target); // Send to discord for moderation pg_query_params($query, $params) or die('Query failed: ' . pg_last_error()); return ""; // Success, no error } function quote_link($match) { $query = "SELECT post_id FROM posts WHERE post_id=$1"; $result = pg_query_params($query, [$match[1]]) or die('Query failed: ' . pg_last_error()); $row_count = pg_num_rows($result); pg_free_result($result); if($row_count > 0) return "{$match[0]}"; else return "{$match[0]}"; } function show_posts() { $show_delete = FALSE; $query = 'SELECT post_id, user_id, name, comment, img, TO_CHAR(post_time, \'YYYY-MM-DD HH24:MI (TZ)\') AS post_time FROM posts'; $result = pg_query($query) or die('Query failed: ' . pg_last_error()); // Clean up old posts $row_count = pg_num_rows($result); if($row_count > MAX_POSTS) { for($i = 0; $i < $row_count - MAX_POSTS; $i++) { $row = pg_fetch_array($result); cleanup($row['post_id']); } } echo '
'; while ($row = pg_fetch_array($result)) { echo "
"; echo ''; if((!empty($row['user_id']) && ($row['user_id'] == $_COOKIE['uid'])) || $_COOKIE['uid'] == ADMIN_ID) { echo ' '; $show_delete = TRUE; } echo "{$row['name']} {$row['post_time']} "; echo "#{$row['post_id']}"; echo ''; if($row['img']){ echo ''; echo '' . $row['img'] . ''; echo ''; } $comment = $row['comment']; $comment = preg_replace('/^>[^>].*/m', "$0", $comment); $comment = preg_replace_callback('/>>\s*(\d+)/', quote_link, $comment); $comment = str_replace("\n", "
", $comment); echo "

$comment

"; echo '
'; } if($show_delete) echo '

'; echo '
'; } function cleanup($id, $force = FALSE) { $query = "SELECT user_id, img FROM posts WHERE post_id=$1"; $result = pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error()); $row = pg_fetch_array($result); pg_free_result($result); if($force || $row['user_id'] == $_COOKIE['uid'] || $_COOKIE['uid'] == ADMIN_ID) { unlink(UPLOAD_PATH . $row['img']); $query = "DELETE FROM posts WHERE post_id=$1"; pg_query_params($query, [$id]) or die('Query failed: ' . pg_last_error()); } } function webhook($name, $message, $img) { $data = [ 'username' => $name, 'embeds' => [ [ 'title' => "New Post", 'url' => 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . '#bottom', 'description' => $message, 'image' => [ 'url' => $img ] ] ] ]; $curl = curl_init(DISCORD_WEBHOOK); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_HTTPHEADER, array("Content-Type: application/json")); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($data)); curl_exec($curl); $status = curl_getinfo($curl, CURLINFO_HTTP_CODE); curl_close($curl); if($status != 204) die("Error: Sending webhook failed with status $status."); } require_once('appvars.php'); require_once('connectvars.php'); $err = ""; // Connect to the database $dbc = pg_connect("host=$DB_HOST dbname=$DB_NAME user=$DB_USER password=$DB_PASSWORD") or die('Could not connect: ' . pg_last_error()); if($_POST['submit'] == 'Post') { // Grab the data from the POST $name = trim($_POST['name']); $comment = trim($_POST['comment']); $img = $_FILES['img']; $save_cookie = isset($_POST['save_cookie']); $err = post($name, $comment, $img, $save_cookie); } else if($_POST['submit'] == 'Delete' && !empty($_COOKIE['uid'])) { foreach($_POST['delete'] as $id) { cleanup($id); } } show_posts(); pg_free_result($result); pg_close($dbc); ?>
New Post
/> (Allows deleting your own posts)
$err"; ?>

Old posts are automatically deleted once there are more than 50, anything inappropriate will be deleted.

[top] [reload]

Valid XHTML 1.0 Transitional