X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/43e650373b89d2fb7ce1d580dccc10ed46dd7fa7..a257ef8b6e9d435938803471bd655be9d9734370:/upload.inc.php
diff --git a/upload.inc.php b/upload.inc.php
index c578a2d..ff4ecd3 100644
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -1,4 +1,10 @@
'Toegewezen aan',
+ 'subject' => 'Onderwerp',
+];
+
function userupload($input, $target = NULL, $filename = NULL)
{
switch ($input['error']) {
@@ -27,6 +33,9 @@ function userupload($input, $target = NULL, $filename = NULL)
$target .= $input['name'];
}
+ if (file_exists($target)) {
+ throw new Exception("bestandsnaam al aanwezig op $target");
+ }
if (!@move_uploaded_file($input['tmp_name'], $target)) {
throw new Exception("bestand kon niet worden opgeslagen in $target");
}
@@ -37,3 +46,104 @@ function userupload($input, $target = NULL, $filename = NULL)
}
return $target;
}
+
+function messagehtml($input)
+{
+ # convert user textarea post to formatted html
+ global $User;
+ if (empty($input)) {
+ return;
+ }
+ if ($User and $User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
+ return $input; # allow html input as is if privileged
+ }
+ $markup = [
+ '{<((?:\w+:|/).+?)>}' => '<$1>', # unescape link entities
+ '{<(?:https?://)?([^>\s|]+)>}' => '<$1 $1>', # unnamed link
+ '{<([^>\s|]+)[\s|]([^>]+)>}' => '$2', # hyperlink
+ "/\r\n?/" => "\n", # unix newlines
+ "/ +\n/" => "
", # trailing spaces for hard line break
+ "/^[-*] (.*)$\n?/m" => '
$1
\n", # paragraph + "{^(
$1
', # monospace
+ ];
+ return preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
+}
+
+function createcomment($input, &$Issue = NULL)
+{
+ # insert user message as database issue/reply
+ global $User, $Db, $Page, $journalcol;
+
+ $reply = [];
+ if (isset($input['reply']) and $body = $input['reply']) {
+ $reply['raw'] = $body;
+ $reply['message'] = messagehtml($body);
+ }
+ if (isset($input['announce'])) {
+ $reply['announced'] = !!$input['announce'];
+ }
+ if ($_FILES and !empty($_FILES['image'])) {
+ $target = 'data/upload';
+ if (!file_exists($target)) {
+ throw new Exception("er is geen uploadmap aanwezig op $target");
+ }
+ $target .= '/' . $User->login;
+ if ($result = userupload($_FILES['image'], $target)) {
+ $reply['raw'] .= "/$result";
+ if (preg_match('(^image/)', $_FILES['image']['type'])) {
+ $reply['message'] .= sprintf('