Browse Source

added proper file uploads

Kyle Farwell 2 years ago
parent
commit
385f046278
4 changed files with 95 additions and 42 deletions
  1. 0 1
      TODO
  2. 8 18
      apps/posts/app.rc
  3. 10 19
      apps/posts/edit.tpl
  4. 77 4
      bin/cgilib.rc

+ 0 - 1
TODO

@@ -1,3 +1,2 @@
1 1
 * fix tag overflow when there are many tags at small horizontal resolutions
2
-* add proper file uploads
3 2
 * improve trending tag algorithm

+ 8 - 18
apps/posts/app.rc

@@ -35,24 +35,14 @@ fn posts_init {
35 35
         touch -t $date $postd/tags
36 36
 
37 37
         if(! ~ '' $"post_arg_file) {
38
-            # strip ?args and #anchors
39
-            if(basename $post_arg_file | grep -s '\?')
40
-                post_arg_file=`{basename -d $post_arg_file}^/`{basename $post_arg_file |
41
-                                sed 's/\?.*//'}
42
-            if(basename $post_arg_file | grep -s '#')
43
-                post_arg_file=`{basename -d $post_arg_file}^/`{basename $post_arg_file |
44
-                                sed 's/#.*//'}
45
-
46
-            if(~ `{wget --spider $post_arg_file >[2=1] | grep '^Length:' |
47
-                   sed 's/Length: //; s/ \(.*//' |
48
-                   awk '{print ($1 < '$filesizelimit')}'} 1) {
49
-                ext=`{basename $post_arg_file |
50
-                      sed 's/.*\.(.*)$/\1/; s/[^a-zA-Z0-9]//g'}
51
-                wget -O $postd/file.$ext $post_arg_file
52
-                exiftool '-all=' '-overwrite_original' $postd/file.$ext
53
-                echo $ext > $postd/filetype
54
-                touch -t $date $postd/file.* $postd/filetype
55
-            }
38
+            ext=`{basename $post_arg_file |
39
+                  sed 's/.*\.(.*)$/\1/; s/[^a-zA-Z0-9]//g'}
40
+            mv /tmp/werc_file.*.data $postd/file.$ext
41
+            dprint $postd^file.$ext
42
+            dprint `{ls $postd^file.$ext}
43
+            exiftool '-all=' -overwrite_original -q $postd^file.$ext
44
+            echo $ext > $postd/filetype
45
+            touch -t $date $postd/file.* $postd/filetype
56 46
         }
57 47
 
58 48
         if(! ~ '' $"post_arg_password) {

+ 10 - 19
apps/posts/edit.tpl

@@ -1,7 +1,7 @@
1 1
 % if(~ $#posts_users_only 0 || check_user $groups_allowed_posts) {
2 2
 <noscript>
3 3
   <div>
4
-    <form action="" method="POST">
4
+    <form action="" method="POST" enctype="multipart/form-data">
5 5
       <div class="input-field">
6 6
         <textarea name="comment" id="comment" class="materialize-textarea validate" required="" length="%($charlimit%)" maxlength="%($charlimit%)"></textarea>
7 7
         <label for="comment">Message</label>
@@ -12,19 +12,15 @@
12 12
         <label for="tags">Tags (comma separated)</label>
13 13
       </div>
14 14
 
15
-      <!-- <div class="input-field file-field">
15
+      <div class="input-field file-field">
16 16
         <div class="btn pink">
17
+          <i class="mdi mdi-attachment left"></i>
17 18
           <span>File</span>
18
-          <input type="file">
19
+          <input type="file" name="file">
19 20
         </div>
20 21
         <div class="file-path-wrapper">
21
-          <input class="file-path validate" type="text">
22
+          <input class="file-path validate" type="text" placeholder="<%(`{echo $filesizelimit | humanize}%)">
22 23
         </div>
23
-      </div> -->
24
-
25
-      <div class="input-field">
26
-        <input type="text" placeholder="https://example.com/image.png" name="file" id="file">
27
-        <label for="file">Attachment (<%(`{echo $filesizelimit | humanize}%))</label>
28 24
       </div>
29 25
 
30 26
       <div class="input-field">
@@ -39,7 +35,7 @@
39 35
 </noscript>
40 36
 
41 37
 <div id="modalpost" class="yesscript modal">
42
-  <form action="" method="POST" onsubmit="$('#postprog').show()">
38
+  <form action="" method="POST" enctype="multipart/form-data" onsubmit="$('#postprog').show()">
43 39
     <div class="modal-content">
44 40
       <div class="input-field">
45 41
         <textarea name="comment" id="comment" class="materialize-textarea validate" required="" length="%($charlimit%)" maxlength="%($charlimit%)"></textarea>
@@ -75,20 +71,15 @@
75 71
       </script>
76 72
       <br /><a onclick="toggleAdvanced()" class="waves-effect btn-flat" style="padding: 0 0.75rem">Advanced <i class="mdi mdi-chevron-down" id="advancedArrow"></i></a>
77 73
       <div id="advanced">
78
-        <!-- <div class="input-field file-field">
74
+        <div class="input-field file-field">
79 75
           <div class="btn pink">
76
+            <i class="mdi mdi-attachment left"></i>
80 77
             <span>File</span>
81
-            <input type="file">
78
+            <input type="file" name="file">
82 79
           </div>
83 80
           <div class="file-path-wrapper">
84
-            <input class="file-path validate" type="text">
81
+            <input class="file-path validate" type="text" placeholder="<%(`{echo $filesizelimit | humanize}%)">
85 82
           </div>
86
-        </div> -->
87
-
88
-        <br /><br />
89
-        <div class="input-field">
90
-          <input type="text" placeholder="https://example.com/image.png" name="file" id="file">
91
-          <label for="file">Attachment (<%(`{echo $filesizelimit | humanize}%))</label>
92 83
         </div>
93 84
 
94 85
         <div class="input-field">

+ 77 - 4
bin/cgilib.rc

@@ -22,10 +22,7 @@ fn perm_redirect { http_redirect $1 '301 Moved Permanantly' }
22 22
 fn post_redirect { http_redirect $1 '303 See Other' }
23 23
 
24 24
 
25
-# Note: should check if content type is application/x-www-form-urlencoded?
26
-# Should compare with http://www.shelldorado.com/scripts/cmds/urlgetopt.txt
27
-fn load_post_args {
28
-    if(~ $REQUEST_METHOD POST && ~ $#post_args 0) {
25
+fn x-www-form-urlencoded {
29 26
         ifs='&
30 27
 '       for(pair in `{cat}) {
31 28
             ifs='=' { pair=`{echo -n $pair} }
@@ -34,6 +31,82 @@ fn load_post_args {
34 31
             ifs=() { $n=`{echo -n $pair(2)|urldecode|tr -d '
'} }
35 32
         }
36 33
         pair=()
34
+}
35
+
36
+fn multipart-form-data {
37
+    cdd=`{pwd}
38
+    if(~ $#upload_dir 0)
39
+        upload_dir = /tmp
40
+    cd $upload_dir
41
+    post_args = ()
42
+    ifs='
43
+'
44
+    #frmprefix = werc_^`{date | tr ' :' '__'} ^.$pid
45
+    frmprefix = werc_file
46
+    split -e `{echo -n $CONTENT_TYPE | sed 's/.*=//'} -f $frmprefix^.
47
+    for(upload in $frmprefix.*) {
48
+        process-mime-part < $upload
49
+        rm -f $upload
50
+    }
51
+    cd $cdd
52
+}
53
+
54
+fn add_post_arg {
55
+    flag p +
56
+    for(a in $post_args)
57
+        ~ $1 $a && flag p -
58
+    if(flag p)
59
+        post_args=($post_args $1)
60
+}
61
+
62
+fn process-mime-part {
63
+    ifs='
64
+'
65
+    meta = `{awk ' { s+=length+1} /Content/ { print } /^.$/ {exit } END { print s} ' $upload }
66
+    if(~ $meta *Content-Disp*) {
67
+        skip=$meta($#meta)
68
+        n = post_arg_^`{echo $meta | awk '  /Content-Disp/ { sub(/.* name="/, ""); sub(/".*/, ""); print } ' |tr -cd 'a-zA-Z0-9_'}
69
+        add_post_arg $n
70
+        b = `{ls -l $upload | awk -v 's=-'$skip ' { s+=$6; s-=2; printf "%d\n%d", s/512, s % 512} '}
71
+        {
72
+            if(! ~ $skip 0)
73
+                dd -bs $skip -count 1 > /dev/null
74
+            if(! ~ $b(1) 0)
75
+                dd -bs 512 -count $b(1)
76
+            if(! ~ $b(2) 0)
77
+                dd -bs $b(2) -count 1
78
+        } >[2] /dev/null | {
79
+            if(~ $meta *'Content-Disposition: form-data'*'filename="'*) {
80
+                f = `{echo $meta | awk '  /Content-Disp/ { sub(/.*filename="/, ""); sub(/".*/, ""); print } ' }
81
+                if(! ~ $#f 0) {
82
+                    $n = ($$n $f)
83
+                    n = $n^_filename
84
+                    $n = ($$n $upload.data)
85
+                    add_post_arg $n
86
+                    ifs=$nl
87
+                    cat > $upload.data
88
+                }
89
+            }
90
+            if not {
91
+                ifs=()
92
+                #v=`{cat | tr -d ^M}
93
+                v=`{cat}
94
+                $n = ($$n $v)
95
+            }
96
+        }
97
+    }
98
+}
99
+
100
+fn load_post_args {
101
+    if(~ $REQUEST_METHOD POST && ~ $#post_args 0) {
102
+        switch(`{echo $CONTENT_TYPE | sed 's/;.*//'}) {
103
+            case application/x-www-form-urlencoded
104
+                x-www-form-urlencoded
105
+            case multipart/form-data
106
+                multipart-form-data
107
+            case *
108
+                dprint unhandled "$CONTENT_TYPE"
109
+        }
37 110
     }
38 111
     if not
39 112
         status='No POST or post args already loaded'