Ready to create posts

RestControllers/postsController.php

@@ -36,4 +36,280 @@ class postsController {
 		return $posts;
 	}
 
+	/**
+	 * Create a post
+	 * 
+	 * @url POST /posts/create
+	 */
+	public function createPost(){
+
+		user_login_required(); //Need login
+
+		//Get the kind of page
+		if(!isset($_POST['kind-page']) || !isset($_POST['kind-id']))
+			Rest_fatal_error(400, "Please specify the kind of target page and its ID !");
+		
+		//Make the kind of page match with one of those locally stored
+		switch($_POST['kind-page']){
+			
+			//In case of user
+			case "user":
+
+				//Get the values
+				$kind_page = Posts::PAGE_KIND_USER;
+				$kind_page_id = getPostUserID('kind-id');
+
+				//Check if user is allowed to create post on user page
+				if(!CS::get()->components->user->canCreatePosts(userID, $kind_page_id))
+					Rest_fatal_error(401, "You are not allowed to create post on this page !");
+
+				break;
+			
+			//Unsupported kind of page
+			default:
+				Rest_fatal_error(500, "Unsupported kind of page !");
+		}
+
+		//Get the kind of post
+		if(!isset($_POST['kind']))
+			Rest_fatal_error(400, "Please specify the kind of post !");
+		$kind = $_POST['kind'];
+
+		//Get the content of the post
+		if(!isset($_POST['content']))
+			Rest_fatal_error(400, "Please specify the content of the post !");
+		$content = $_POST['content'];
+
+		//Check the security of the content
+		if(!checkHTMLstring($content))
+			Rest_fatal_error(400, "Your request has been rejected because it has been considered as unsecure !");
+
+		//Get the visibility of the post
+		if(!isset($_POST['visibility']))
+			Rest_fatal_error(400, "Please specify the visibility of the post !");
+		switch($_POST['visibility']){
+			case "private":
+				$visibility = Posts::VISIBILITY_USER;
+				break;
+			
+			case "friends":
+				$visibility = Posts::VISIBILITY_FRIENDS;
+				break;
+			
+			case "public":
+				$visibility = Posts::VISIBILITY_PUBLIC;
+				break;
+			
+			default:
+				Rest_fatal_error(500, "Unrecognized visibility level for the post !");
+				break;
+		}
+
+		//Act differently depending of the post content
+		//For text post
+		if($kind === Posts::POST_KIND_TEXT){
+
+			//The post content must be valid
+			if(!check_string_before_insert($content))
+				Rest_fatal_error(400, "Specified post content invalid !");
+
+		}
+
+		//For image posts
+		else if($kind === Posts::POST_KIND_IMAGE){
+
+			//Check if it is a valid file
+			if(!check_post_file("image"))
+				Rest_fatal_error(400, "An error occured while receiving image !");
+
+			//Generate target file name
+			$target_userdata_folder = prepareFileCreation(userID, "imgpost");
+			$target_file_path = $target_userdata_folder.generateNewFileName(path_user_data($target_userdata_folder, true), "png");
+			$target_file_sys_path = path_user_data($target_file_path, true);
+
+			//Try to resize, convert image and put it in its new location
+			if(!reduce_image($_FILES['image']["tmp_name"], $target_file_sys_path, 2000, 2000, "image/png")){
+				//Returns error
+				Rest_fatal_error(500, "Couldn't resize sent image !");
+			}
+
+			//Save image information
+			$file_type = "image/png";
+			$file_size = filesize($target_file_sys_path);
+			$file_path = $target_file_path;
+		}
+
+		//For YouTube posts
+		else if($kind === Posts::POST_KIND_YOUTUBE){
+
+			//Check if Youtube ID was specified
+			if(!isset($_POST['youtube_id']))
+				Rest_fatal_error(400, "Please specify the Youtube video ID in your request !");
+			$youtube_id = $_POST['youtube_id'];
+
+			//Check the video ID
+			if(!check_youtube_id($youtube_id))
+				Rest_fatal_error(400, "Specified YouTube video ID is invalid !");
+			
+			//Save video informations
+			$file_path = $youtube_id;
+		}
+
+
+		//For personnal movies posts
+		else if($kind === Posts::POST_KIND_MOVIE){
+
+			//Get movie ID
+			$movieID = getPostMovieID("movieID");
+
+			//Check if the current user is the owner the movie or not
+			if(userID != CS::get()->components->movies->get_owner($movieID))
+				Rest_fatal_error(400, "You are not allowed to use this movie in your posts !");
+			
+			//Save movie informations
+			$video_id = $movieID;
+		}
+
+		//For weblinks
+		else if($kind === Posts::POST_KIND_WEBLINK){
+
+			//Check if we have a valid url
+			if(!check_post_url("url"))
+				Rest_fatal_error(400, "Invalid URL specified with request !");
+			$url = $_POST['url'];
+
+			//Get informations about the webpage
+			$page_infos = URLAnalyzer::analyze($url, 15);
+
+			//Save URL informations
+			$link_url = $url;
+			$link_title = isset($page_infos["title"]) ? $page_infos["title"] : null;
+			$link_description = isset($page_infos["description"]) ? $page_infos["description"] : null;
+			$link_image = isset($page_infos["image"]) ? $page_infos["image"] : null;
+		}
+
+		//For PDFs
+		else if($kind === Posts::POST_KIND_PDF){
+
+			//Check if it is a valid file
+			if(!check_post_file("pdf"))
+				Rest_fatal_error(400, "An error occured while receiving pdf !");
+
+			//Check file type
+			if($_FILES['pdf']['type'] != "application/pdf")
+				Rest_fatal_error(400, "The file sent is not a PDF !");
+			
+			//Generate target file name
+			$target_userdata_folder = prepareFileCreation(userID, "post_pdf");
+			$target_file_path = $target_userdata_folder.generateNewFileName(path_user_data($target_userdata_folder, true), "pdf");
+			$target_file_sys_path = path_user_data($target_file_path, true);
+
+			//Try to move the file to its final location
+			if(!move_uploaded_file($_FILES["pdf"]["tmp_name"], $target_file_sys_path))
+				Rest_fatal_error(500, "Could save the PDF !");
+
+			//Save pdf information
+			$file_type = "application/pdf";
+			$file_size = filesize($target_file_sys_path);
+			$file_path = $target_file_path;
+		}
+
+		//For countdown timer
+		else if($kind === Posts::POST_KIND_COUNTDOWN){
+
+			//Get end timestamp
+			$time_end = getPostTimeStamp("time-end");
+
+		}
+
+		//For survey
+		else if($kind === Posts::POST_KIND_SURVEY){
+
+			//Process the question
+			if(!isset($_POST['question']))
+				Rest_fatal_error(400, "Please specify the question of the survey !");
+			$question = $_POST['question'];
+
+			//Check the length of the question
+			if(strlen($question) < 5)
+				Rest_fatal_error(400, "Please specify a valid question for the survey !");
+
+			//Process the answers
+			if(!isset($_POST['answers']))
+				Rest_fatal_error(400, "Please specify the ansers of the survey !");
+			$str_answers = $_POST["answers"];
+			
+			//Process the ansers
+			$answers = explode("<>", $str_answers);
+
+			//Remove empty questions and make other secure to insert
+			foreach($answers as $num=>$val){
+				if($val == "" || $val == " ")
+					unset($answers[$num]);
+				else
+					$answers[$num] = removeHTMLnodes($val);
+			}
+
+			//Check the minimum number of question is valid
+			if(count($answers) < 2)
+				Rest_fatal_error(400, "Please specify at least two valid answers for the survey !");
+
+			//Save informations about the survey
+			$survey_question = removeHTMLnodes($question);
+			$survey_answers = $answers;
+		}
+
+		//The content type is not supported
+		else {
+			Rest_fatal_error(500, "This kind of post is not supported !");
+		}
+
+		//Create the post
+		$postID = CS::get()->components->posts->create(
+			
+			//Informations about the kind of page
+			$kind_page,
+			$kind_page_id,
+
+			//Generic informations about the post
+			userID,
+			$content,
+			$visibility,
+			$kind,
+
+			//Specific informations about the post
+			//Posts with files
+			isset($file_size) ? $file_size : 0,
+			isset($file_type) ? $file_type : null,
+			isset($file_path) ? $file_path : null,
+
+			//For video post
+			isset($video_id) ? $video_id : 0,
+
+			//For countdown post
+			isset($time_end) ? $time_end : 0,
+
+			//For weblink posts
+			isset($link_url) ? $link_url : null,
+			isset($link_title) ? $link_title : null,
+			isset($link_description) ? $link_description : null,
+			isset($link_image) ? $link_image : null,
+
+			//For survey posts
+			isset($survey_question) ? $survey_question : null,
+			isset($survey_answers) ? $survey_answers : array()
+		);
+
+		//Check for errors
+		if($postID < 0)
+			Rest_fatal_error(400, "Couldn't create post !");
+
+		//Success
+		return array(
+			"success" => "The post has been created !",
+			"postID" => $postID
+		);
+
+	}
+
 }

classes/components/posts.php

@@ -244,6 +244,22 @@ class Posts {
 
 	}
 
+	/**
+	 * Create a post
+	 * 
+	 * @param toCome
+	 * @return int The ID of the created post or -1 in case of failure
+	 */
+	public function create(string $kind_page, int $kind_id, int $userID, string $content, 
+							int $visibility, string $kind, int $file_size = 0, 
+							string $file_type = null, string $file_path = null, int $videoID = 0, 
+							int $time_end = 0, string $link_url = null, string $link_title = null,
+							string $link_description = null, string $link_image = null, string $survey_question = null,
+							array $survey_answers = array()) : int {
+
+		return -1;
+	}
+
 	/**
 	 * Fetch a single post from the database
 	 *