diff options
Diffstat (limited to 'public/emotes')
| -rw-r--r-- | public/emotes/index.php | 24 | ||||
| -rw-r--r-- | public/emotes/rate.php | 2 | ||||
| -rw-r--r-- | public/emotes/setmanip.php | 2 | ||||
| -rw-r--r-- | public/emotes/upload.php | 23 |
4 files changed, 22 insertions, 29 deletions
diff --git a/public/emotes/index.php b/public/emotes/index.php index 3491ab8..2c2cff7 100644 --- a/public/emotes/index.php +++ b/public/emotes/index.php @@ -61,7 +61,7 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag array_push($emotes, new Emote( $row["id"], $row["code"], - $row["ext"], + "webp", intval(strtotime($row["created_at"])), $uploader, $row["is_in_user_set"], @@ -73,7 +73,7 @@ function display_list_emotes(PDO &$db, string $search, string $sort_by, int $pag return $emotes; } -function display_emote(PDO &$db, int $id) +function display_emote(PDO &$db, string $id) { $stmt = $db->prepare("SELECT e.*, COALESCE(COUNT(r.rate), 0) as total_rating, COALESCE(ROUND(AVG(r.rate), 2), 0) AS average_rating @@ -89,7 +89,7 @@ function display_emote(PDO &$db, int $id) $emote = new Emote( $row["id"], $row["code"], - $row["ext"], + "webp", intval(strtotime($row["created_at"])), $row["uploaded_by"], false, @@ -130,14 +130,14 @@ $total_pages = 0; $search = "%" . ($_GET["q"] ?? "") . "%"; $sort_by = $_GET["sort_by"] ?? ""; -if ($id == "" || !is_numeric($id)) { +if (empty($id)) { $emotes = display_list_emotes($db, $search, $sort_by, $page, $limit); $stmt = $db->prepare("SELECT COUNT(*) FROM emotes WHERE code LIKE ? AND visibility = 1"); $stmt->execute([$search]); $total_emotes = $stmt->fetch()[0]; $total_pages = ceil($total_emotes / $limit); } else { - $emote = display_emote($db, intval($id)); + $emote = display_emote($db, $id); } if (CLIENT_REQUIRES_JSON) { @@ -180,14 +180,14 @@ if (CLIENT_REQUIRES_JSON) { <?php echo $emote != null ? "Emote - " . $emote->get_code() : "$total_emotes Emotes - Page $page/$total_pages" ?> </div> <?php - if (empty($emotes)) { ?> + if ($emote != null) { ?> <div class="box content"> <div class="emote-showcase"> - <img src="/static/userdata/emotes/<?php echo $emote->get_id() . '/' . '1x.' . $emote->get_ext() ?>" + <img src="/static/userdata/emotes/<?php echo $emote->get_id() ?>/1x.webp" alt="<?php echo $emote->get_code() ?>"> - <img src="/static/userdata/emotes/<?php echo $emote->get_id() . '/' . '2x.' . $emote->get_ext() ?>" + <img src="/static/userdata/emotes/<?php echo $emote->get_id() ?>/2x.webp" alt="<?php echo $emote->get_code() ?>"> - <img src="/static/userdata/emotes/<?php echo $emote->get_id() . '/' . '3x.' . $emote->get_ext() ?>" + <img src="/static/userdata/emotes/<?php echo $emote->get_id() ?>/3x.webp" alt="<?php echo $emote->get_code() ?>"> </div> </div> @@ -200,14 +200,14 @@ if (CLIENT_REQUIRES_JSON) { $added = false; if (isset($_SESSION["user_emote_set_id"])) { - $stmt = $db->prepare("SELECT id, name FROM emote_set_contents WHERE emote_set_id = ? AND emote_id = ?"); + $stmt = $db->prepare("SELECT id, code FROM emote_set_contents WHERE emote_set_id = ? AND emote_id = ?"); $stmt->execute([$_SESSION["user_emote_set_id"], $emote->get_id()]); $added = false; if ($row = $stmt->fetch()) { $added = true; - $emote_current_name = $row["name"] ?? $emote->get_code(); + $emote_current_name = $row["code"] ?? $emote->get_code(); } } @@ -419,7 +419,7 @@ if (CLIENT_REQUIRES_JSON) { echo '<img src="/static/img/icons/yes.png" class="emote-check" />'; } - echo '<img src="/static/userdata/emotes/' . $e->get_id() . '/2x.' . $e->get_ext() . '" alt="' . $e->get_code() . '"/>'; + echo '<img src="/static/userdata/emotes/' . $e->get_id() . '/2x.webp" alt="' . $e->get_code() . '"/>'; echo '<h1>' . $e->get_code() . '</h1>'; echo '<p>' . ($e->get_uploaded_by() == null ? (ANONYMOUS_DEFAULT_NAME . "*") : $e->get_uploaded_by()["username"]) . '</p>'; echo '</a>'; diff --git a/public/emotes/rate.php b/public/emotes/rate.php index 2f63d7c..1e8eb67 100644 --- a/public/emotes/rate.php +++ b/public/emotes/rate.php @@ -18,7 +18,7 @@ if (isset($_SESSION["user_role"]) && !$_SESSION["user_role"]["permission_rate"]) exit; } -$id = intval(str_safe($_POST["id"] ?? "0", 10)); +$id = str_safe($_POST["id"] ?? "0", 32); $rate = intval(str_safe($_POST["rate"] ?? "0", 2)); if ($id == 0 || $rate == 0) { diff --git a/public/emotes/setmanip.php b/public/emotes/setmanip.php index 8b43b54..8b0f085 100644 --- a/public/emotes/setmanip.php +++ b/public/emotes/setmanip.php @@ -109,7 +109,7 @@ switch ($action) { $value = null; } - $stmt = $db->prepare("UPDATE emote_set_contents SET name = ? WHERE emote_set_id = ? AND emote_id = ?"); + $stmt = $db->prepare("UPDATE emote_set_contents SET code = ? WHERE emote_set_id = ? AND emote_id = ?"); $stmt->execute([$value, $emote_set_id, $emote_id]); $db = null; diff --git a/public/emotes/upload.php b/public/emotes/upload.php index 137e29b..89abf44 100644 --- a/public/emotes/upload.php +++ b/public/emotes/upload.php @@ -225,6 +225,11 @@ if (is_null(list($mime, $ext) = get_mime_and_ext($image["tmp_name"]))) { exit; } +$notes = str_safe($_POST["notes"] ?? "", EMOTE_COMMENT_MAX_LENGTH); +if (empty($notes)) { + $notes = null; +} + $visibility = clamp(intval($_POST["visibility"], EMOTE_VISIBILITY_DEFAULT), 0, 2); if (MOD_EMOTES_APPROVE && $visibility == 1 && EMOTE_VISIBILITY_DEFAULT != 1) { @@ -234,21 +239,9 @@ if (MOD_EMOTES_APPROVE && $visibility == 1 && EMOTE_VISIBILITY_DEFAULT != 1) { // creating a new emote record $db = new PDO(DB_URL, DB_USER, DB_PASS); -$stmt = $db->prepare("INSERT INTO emotes(code, mime, ext, uploaded_by, visibility) VALUES (?, ?, ?, ?, ?)"); -$stmt->execute([$code, $mime, $ext, $uploaded_by, $visibility]); - -$id = $db->lastInsertId(); - -if ($id == 0) { - $db = null; - http_response_code(500); - echo json_encode([ - "status_code" => 500, - "message" => "Failed to create an emote record", - "data" => null - ]); - exit; -} +$id = bin2hex(random_bytes(16)); +$stmt = $db->prepare("INSERT INTO emotes(id, code, notes, uploaded_by, visibility) VALUES (?, ?, ?, ?, ?)"); +$stmt->execute([$id, $code, $notes, $uploaded_by, $visibility]); $path = "../static/userdata/emotes/$id"; |