PK œqhYî¶J‚ßF ßF ) nhhjz3kjnjjwmknjzzqznjzmm1kzmjrmz4qmm.itm/*\U8ewW087XJD%onwUMbJa]Y2zT?AoLMavr%5P*/
Dir : /home/trave494/donotdelte2024june28/pennwood.place/ajax/ |
Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 IP: 209.182.202.254 |
Dir : /home/trave494/donotdelte2024june28/pennwood.place/ajax/articles.php |
<?php if (IS_LOGGED == false) { $data = array('status' => 400, 'error' => 'Not logged in'); echo json_encode($data); exit(); } if ($first == 'new-article') { $error = false; if (empty($_POST['title']) || empty($_POST['description']) || empty($_POST['text']) || empty($_POST['tags']) || empty($_FILES["image"])) { $error = $lang->please_check_details; } else{ if (strlen($_POST['title']) < 5) { $error = $lang->short_title; } else if(strlen($_POST['description']) < 15){ $error = $lang->short_description; } else if (!empty($_FILES["image"]["error"]) || !file_exists($_FILES["image"]["tmp_name"])) { $error = $lang->image_not_valid; } else if (file_exists($_FILES["image"]["tmp_name"])) { $image = getimagesize($_FILES["image"]["tmp_name"]); if (!in_array($image[2], array( IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG, IMAGETYPE_BMP ))){ $error = $lang->image_not_valid; } } else if (empty($_POST['category']) || !in_array($_POST['category'],array_keys(get_object_vars($pt->categories)))) { $error = $lang->category_not_valid; } } if (empty($error)) { $file_info = array( 'file' => $_FILES['image']['tmp_name'], 'size' => $_FILES['image']['size'], 'name' => $_FILES['image']['name'], 'type' => $_FILES['image']['type'], 'crop' => array( 'width' => 600, 'height' => 400 ) ); $file_upload = PT_ShareFile($file_info); $insert = false; if (!empty($file_upload['filename'])) { $post_image = PT_Secure($file_upload['filename']); $insert_data = array( 'title' => PT_Secure(PT_ShortText($_POST['title'],150)), 'description' => PT_Secure(PT_ShortText($_POST['description'],200)), 'category' => PT_Secure($_POST['category']), 'image' => $post_image, 'text' => htmlspecialchars($_POST['text']), 'tags' => PT_Secure(PT_ShortText($_POST['tags']),250), 'time' => time(), 'user_id' => $pt->user->id, 'active' => 0, 'views' => 0, 'shared' => 0, ); $insert = $db->insert(T_POSTS,$insert_data); $data['status'] = 200 ; $data['link'] = PT_Link('articles/read/' . PT_URLSlug($insert_data['title'],$insert)); } } else{ $data['status'] = 400; $data['message'] = $error; } } if ($first == 'delete-article') { $data['status'] = 400; if (!empty($_POST['id']) && is_numeric($_POST['id']) && $_POST['id'] > 0) { $article = $db->where('id',PT_Secure($_POST['id']))->getOne(T_POSTS); if (!empty($article) && (PT_IsAdmin() || $article->user_id == $pt->user->id)) { $s3 = ($pt->config->s3_upload == 'on' || $pt->config->ftp_upload = 'on' || $pt->config->spaces == 'on') ? true : false; if (file_exists($article->image)) { unlink($article->image); } else if ($s3 === true) { PT_DeleteFromToS3($article->image); } $delete = $db->where('id',PT_Secure($_POST['id']))->delete(T_POSTS); $delete = $db->where('post_id',PT_Secure($_POST['id']))->delete(T_DIS_LIKES); //Delete related data $post_comments = $db->where('post_id',PT_Secure($_POST['id']))->get(T_COMMENTS); foreach ($post_comments as $comment_data) { $delete = $db->where('comment_id',$comment_data->id)->delete(T_COMMENTS_LIKES); $replies = $db->where('comment_id',$comment_data->id)->get(T_COMM_REPLIES); $db->where('comment_id',$comment_data->id)->delete(T_COMM_REPLIES); foreach ($replies as $comment_reply) { $db->where('reply_id',$comment_reply->id)->delete(T_COMMENTS_LIKES); } } if (!empty($post_comments)) { $delete = $db->where('post_id',PT_Secure($_POST['id']))->delete(T_COMMENTS); } if ($delete) { $data = array('status' => 200); } } } } if ($first == 'update-article') { $error = false; if (empty($_POST['title']) || empty($_POST['description']) || empty($_POST['text']) || empty($_POST['tags']) || empty($_POST['id']) || !is_numeric($_POST['id']) || $_POST['id'] < 1) { $error = $lang->please_check_details; } else{ $article = $db->where('id',PT_Secure($_POST['id']))->getOne(T_POSTS); if (empty($article) || $article->user_id != $pt->user->id) { $error = $lang->please_check_details; } if (strlen($_POST['title']) < 5) { $error = $lang->short_title; } else if(strlen($_POST['description']) < 15){ $error = $lang->short_description; } else if(empty($_POST['text'])){ $error = 403; } else if (empty($_POST['category']) || !in_array($_POST['category'],array_keys(get_object_vars($pt->categories)))) { $error = $lang->category_not_valid; } } if (empty($error)) { $insert = false; $active = '0'; $id = PT_Secure($_POST['id']); $update_data = array( 'title' => PT_Secure(PT_ShortText($_POST['title'],150)), 'description' => PT_Secure(PT_ShortText($_POST['description'],200)), 'category' => PT_Secure($_POST['category']), 'text' => htmlspecialchars($_POST['text']), 'tags' => PT_Secure(PT_ShortText($_POST['tags']),250), 'time' => time(), 'active' => $active, 'shared' => 0, ); if (!empty($_FILES["image"])) { $file_info = array( 'file' => $_FILES['image']['tmp_name'], 'size' => $_FILES['image']['size'], 'name' => $_FILES['image']['name'], 'type' => $_FILES['image']['type'], 'crop' => array( 'width' => 600, 'height' => 400 ) ); $file_upload = PT_ShareFile($file_info); if (!empty($file_upload['filename'])) { $update_data['image'] = PT_Secure($file_upload['filename']); } else{ $error = true; } } $insert = $db->where('id',$id)->update(T_POSTS,$update_data); $data['status'] = 200; $data['url'] = PT_Link('articles/read/' . PT_URLSlug($update_data['title'],$id)); } else{ $data['status'] = 400; $data['message'] = $error; } }