From c6fdfaf20bbc88be7ada245c358cce0331c41532 Mon Sep 17 00:00:00 2001 From: ilotterytea Date: Wed, 10 Dec 2025 00:09:43 +0500 Subject: feat: upload emote with URL --- emotes/upload.php | 33 +++++++++++++++++++++++++++++++-- lib/config.php | 3 ++- system/config.php | 5 +++++ 3 files changed, 38 insertions(+), 3 deletions(-) diff --git a/emotes/upload.php b/emotes/upload.php index d931c05..54d5a15 100644 --- a/emotes/upload.php +++ b/emotes/upload.php @@ -28,6 +28,9 @@ $db = new PDO(CONFIG['database']['url'], CONFIG['database']['user'], CONFIG['dat function abort_upload(string $path, PDO $db, string $id) { + if (isset($image, $image['manually_downloaded'])) { + unlink($image['tmp_name']); + } $stmt = $db->prepare("DELETE FROM emotes WHERE id = ?"); $stmt->execute([$id]); $db = null; @@ -396,11 +399,37 @@ if ($is_manual && !isset($_FILES["file-1x"], $_FILES["file-2x"], $_FILES["file-3 exit; } -if (!$is_manual && !isset($_FILES["file"])) { +if ( + !$is_manual && + !isset($_FILES["file"]) && + (!isset($_POST['file']) && CONFIG['emote']['urlupload']) +) { generate_alert("/emotes/upload.php", "No file set"); exit; } +// downloading a file +$image = $_FILES["file"] ?? null; +if (!$image && isset($_POST["file"]) && CONFIG['emote']['urlupload']) { + $path = '/tmp/' . generate_random_string(16); + + $ch = curl_init($_POST["file"]); + $fp = fopen($path, 'wb'); + + curl_setopt($ch, CURLOPT_FILE, $fp); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); + + curl_exec($ch); + + curl_close($ch); + fclose($fp); + + $image = [ + 'tmp_name' => $path, + 'manually_downloaded' => true + ]; +} + $code = str_safe($_POST["code"] ?? "", CONFIG['emote']['maxnamelength']); if ($code == "" || !preg_match(CONFIG['emote']['nameregex'], $code)) { @@ -460,7 +489,6 @@ if ($is_manual) { exit; } } else { - $image = $_FILES["file"]; // resizing the image if ($err = create_image_bundle($image["tmp_name"], $path, $max_width, $max_height)) { generate_alert("/emotes/upload.php", "Error occurred while processing images ($err)", 500); @@ -471,6 +499,7 @@ if ($is_manual) { if (CONFIG['emote']['storeoriginal']) { $ext = get_file_extension($image["tmp_name"]) ?? ""; move_uploaded_file($image["tmp_name"], "$path/original.$ext"); + unlink($image["tmp_name"]); } } diff --git a/lib/config.php b/lib/config.php index 1c6797d..b182d3a 100644 --- a/lib/config.php +++ b/lib/config.php @@ -25,7 +25,8 @@ $cfg = [ 'maxcommentlength' => 100, 'maxsizex' => 128, 'maxsizey' => 128, - 'storeoriginal' => true + 'storeoriginal' => true, + 'urlupload' => true ], 'rating' => [ 'enable' => true, diff --git a/system/config.php b/system/config.php index 4144b93..8e1879d 100644 --- a/system/config.php +++ b/system/config.php @@ -140,6 +140,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { > + + Allow emote upload with URL + > + Default uploader name