Optional: Allow uploading by URL
This commit is contained in:
parent
a7a93ece3d
commit
0de0bc6ceb
@ -1314,6 +1314,6 @@
|
|||||||
// is the absolute maximum, because MySQL cannot handle table names greater than 64 characters.
|
// is the absolute maximum, because MySQL cannot handle table names greater than 64 characters.
|
||||||
$config['board_regex'] = '[0-9a-zA-Z$_\x{0080}-\x{FFFF}]{1,58}';
|
$config['board_regex'] = '[0-9a-zA-Z$_\x{0080}-\x{FFFF}]{1,58}';
|
||||||
|
|
||||||
// Complex regular expression to catch URLs.
|
// Regex for URLs.
|
||||||
$config['url_regex'] = '/' . '(https?|ftp):\/\/' . '(([\w\-]+\.)+[a-zA-Z]{2,6}|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})' . '(:\d+)?' . '(\/([\w\-~.#\/?=&;:+%!*\[\]@$\'()+,|\^]+)?)?' . '/';
|
$config['url_regex'] = '@^(?i)\b((?:[a-z][\w-]+:(?:/{1,3}|[a-z0-9%])|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}/)(?:[^\s()<>]+|\(([^\s()<>]+|(\([^\s()<>]+\)))*\))+(?:\(([^\s()<>]+|(\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:\'".,<>?«»“”‘’]))$@';
|
||||||
|
|
||||||
|
45
post.php
45
post.php
@ -268,6 +268,46 @@ if (isset($_POST['delete'])) {
|
|||||||
$_POST['subject'] = '';
|
$_POST['subject'] = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($config['allow_upload_by_url'] && isset($_POST['file_url']) && !empty($_POST['file_url'])) {
|
||||||
|
$post['file_url'] = $_POST['file_url'];
|
||||||
|
if (!preg_match($config['url_regex'], $post['file_url']))
|
||||||
|
error($config['error']['invalidimg']);
|
||||||
|
|
||||||
|
|
||||||
|
$post['extension'] = strtolower(mb_substr($post['file_url'], mb_strrpos($post['file_url'], '.') + 1));
|
||||||
|
if (!in_array($post['extension'], $config['allowed_ext']) && !in_array($post['extension'], $config['allowed_ext_files']))
|
||||||
|
error($config['error']['unknownext']);
|
||||||
|
|
||||||
|
$post['file_tmp'] = tempnam($config['tmp'], 'url');
|
||||||
|
register_shutdown_function('unlink', $post['file_tmp']);
|
||||||
|
|
||||||
|
$fp = fopen($post['file_tmp'], 'w');
|
||||||
|
|
||||||
|
$curl = curl_init();
|
||||||
|
curl_setopt($curl, CURLOPT_URL, $post['file_url']);
|
||||||
|
curl_setopt($curl, CURLOPT_FAILONERROR, true);
|
||||||
|
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);
|
||||||
|
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 5);
|
||||||
|
curl_setopt($curl, CURLOPT_TIMEOUT, 15);
|
||||||
|
curl_setopt($curl, CURLOPT_USERAGENT, 'Tinyboard');
|
||||||
|
curl_setopt($curl, CURLOPT_BINARYTRANSFER, true);
|
||||||
|
curl_setopt($curl, CURLOPT_FILE, $fp);
|
||||||
|
|
||||||
|
if (curl_exec($curl) === false)
|
||||||
|
error($config['error']['nomove']);
|
||||||
|
|
||||||
|
curl_close($curl);
|
||||||
|
|
||||||
|
fclose($fp);
|
||||||
|
|
||||||
|
$_FILES['file'] = array(
|
||||||
|
'name' => basename($post['file_url']),
|
||||||
|
'tmp_name' => $post['file_tmp'],
|
||||||
|
'error' => 0,
|
||||||
|
'size' => filesize($post['file_tmp'])
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
// Check for a file
|
// Check for a file
|
||||||
if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
|
if ($post['op'] && !isset($post['no_longer_require_an_image_for_op'])) {
|
||||||
if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
|
if (!isset($_FILES['file']['tmp_name']) || $_FILES['file']['tmp_name'] == '' && $config['force_image_op'])
|
||||||
@ -545,7 +585,10 @@ if (isset($_POST['delete'])) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($dont_copy_file) || !$dont_copy_file) {
|
if (!isset($dont_copy_file) || !$dont_copy_file) {
|
||||||
if (!@move_uploaded_file($upload, $post['file']))
|
if (isset($post['file_tmp'])) {
|
||||||
|
if (!@rename($upload, $post['file']))
|
||||||
|
error($config['error']['nomove']);
|
||||||
|
} elseif (!@move_uploaded_file($upload, $post['file']))
|
||||||
error($config['error']['nomove']);
|
error($config['error']['nomove']);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -175,7 +175,7 @@ function dopost(form) {
|
|||||||
saved[document.location] = form.elements['body'].value;
|
saved[document.location] = form.elements['body'].value;
|
||||||
sessionStorage.body = JSON.stringify(saved);
|
sessionStorage.body = JSON.stringify(saved);
|
||||||
|
|
||||||
return form.elements['body'].value != "" || form.elements['file'].value != "";
|
return form.elements['body'].value != "" || form.elements['file'].value != "" || (form.elements.file_url && form.elements['file_url'].value != "");
|
||||||
}
|
}
|
||||||
|
|
||||||
function citeReply(id) {
|
function citeReply(id) {
|
||||||
|
@ -73,6 +73,13 @@
|
|||||||
</th>
|
</th>
|
||||||
<td>
|
<td>
|
||||||
<input type="file" name="file">
|
<input type="file" name="file">
|
||||||
|
{% if config.allow_upload_by_url %}
|
||||||
|
<br>
|
||||||
|
<div style="float:none;text-align:left">
|
||||||
|
<label for="file_url">{% trans %}Or URL{% endtrans %}</label>:
|
||||||
|
<input style="display:inline" type="text" id="file_url" name="file_url" size="35">
|
||||||
|
</div>
|
||||||
|
{% endif %}
|
||||||
{{ antibot.html() }}
|
{{ antibot.html() }}
|
||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
|
Loading…
Reference in New Issue
Block a user