mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-11-27 15:59:29 +00:00
Ready to create posts
This commit is contained in:
parent
4c4d7b854e
commit
824c78d7d5
@ -36,4 +36,280 @@ class postsController {
|
||||
return $posts;
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a post
|
||||
*
|
||||
* @url POST /posts/create
|
||||
*/
|
||||
public function createPost(){
|
||||
|
||||
user_login_required(); //Need login
|
||||
|
||||
//Get the kind of page
|
||||
if(!isset($_POST['kind-page']) || !isset($_POST['kind-id']))
|
||||
Rest_fatal_error(400, "Please specify the kind of target page and its ID !");
|
||||
|
||||
//Make the kind of page match with one of those locally stored
|
||||
switch($_POST['kind-page']){
|
||||
|
||||
//In case of user
|
||||
case "user":
|
||||
|
||||
//Get the values
|
||||
$kind_page = Posts::PAGE_KIND_USER;
|
||||
$kind_page_id = getPostUserID('kind-id');
|
||||
|
||||
//Check if user is allowed to create post on user page
|
||||
if(!CS::get()->components->user->canCreatePosts(userID, $kind_page_id))
|
||||
Rest_fatal_error(401, "You are not allowed to create post on this page !");
|
||||
|
||||
break;
|
||||
|
||||
//Unsupported kind of page
|
||||
default:
|
||||
Rest_fatal_error(500, "Unsupported kind of page !");
|
||||
}
|
||||
|
||||
//Get the kind of post
|
||||
if(!isset($_POST['kind']))
|
||||
Rest_fatal_error(400, "Please specify the kind of post !");
|
||||
$kind = $_POST['kind'];
|
||||
|
||||
//Get the content of the post
|
||||
if(!isset($_POST['content']))
|
||||
Rest_fatal_error(400, "Please specify the content of the post !");
|
||||
$content = $_POST['content'];
|
||||
|
||||
//Check the security of the content
|
||||
if(!checkHTMLstring($content))
|
||||
Rest_fatal_error(400, "Your request has been rejected because it has been considered as unsecure !");
|
||||
|
||||
//Get the visibility of the post
|
||||
if(!isset($_POST['visibility']))
|
||||
Rest_fatal_error(400, "Please specify the visibility of the post !");
|
||||
switch($_POST['visibility']){
|
||||
case "private":
|
||||
$visibility = Posts::VISIBILITY_USER;
|
||||
break;
|
||||
|
||||
case "friends":
|
||||
$visibility = Posts::VISIBILITY_FRIENDS;
|
||||
break;
|
||||
|
||||
case "public":
|
||||
$visibility = Posts::VISIBILITY_PUBLIC;
|
||||
break;
|
||||
|
||||
default:
|
||||
Rest_fatal_error(500, "Unrecognized visibility level for the post !");
|
||||
break;
|
||||
}
|
||||
|
||||
//Act differently depending of the post content
|
||||
//For text post
|
||||
if($kind === Posts::POST_KIND_TEXT){
|
||||
|
||||
//The post content must be valid
|
||||
if(!check_string_before_insert($content))
|
||||
Rest_fatal_error(400, "Specified post content invalid !");
|
||||
|
||||
}
|
||||
|
||||
//For image posts
|
||||
else if($kind === Posts::POST_KIND_IMAGE){
|
||||
|
||||
//Check if it is a valid file
|
||||
if(!check_post_file("image"))
|
||||
Rest_fatal_error(400, "An error occured while receiving image !");
|
||||
|
||||
//Generate target file name
|
||||
$target_userdata_folder = prepareFileCreation(userID, "imgpost");
|
||||
$target_file_path = $target_userdata_folder.generateNewFileName(path_user_data($target_userdata_folder, true), "png");
|
||||
$target_file_sys_path = path_user_data($target_file_path, true);
|
||||
|
||||
//Try to resize, convert image and put it in its new location
|
||||
if(!reduce_image($_FILES['image']["tmp_name"], $target_file_sys_path, 2000, 2000, "image/png")){
|
||||
//Returns error
|
||||
Rest_fatal_error(500, "Couldn't resize sent image !");
|
||||
}
|
||||
|
||||
//Save image information
|
||||
$file_type = "image/png";
|
||||
$file_size = filesize($target_file_sys_path);
|
||||
$file_path = $target_file_path;
|
||||
}
|
||||
|
||||
//For YouTube posts
|
||||
else if($kind === Posts::POST_KIND_YOUTUBE){
|
||||
|
||||
//Check if Youtube ID was specified
|
||||
if(!isset($_POST['youtube_id']))
|
||||
Rest_fatal_error(400, "Please specify the Youtube video ID in your request !");
|
||||
$youtube_id = $_POST['youtube_id'];
|
||||
|
||||
//Check the video ID
|
||||
if(!check_youtube_id($youtube_id))
|
||||
Rest_fatal_error(400, "Specified YouTube video ID is invalid !");
|
||||
|
||||
//Save video informations
|
||||
$file_path = $youtube_id;
|
||||
}
|
||||
|
||||
|
||||
//For personnal movies posts
|
||||
else if($kind === Posts::POST_KIND_MOVIE){
|
||||
|
||||
//Get movie ID
|
||||
$movieID = getPostMovieID("movieID");
|
||||
|
||||
//Check if the current user is the owner the movie or not
|
||||
if(userID != CS::get()->components->movies->get_owner($movieID))
|
||||
Rest_fatal_error(400, "You are not allowed to use this movie in your posts !");
|
||||
|
||||
//Save movie informations
|
||||
$video_id = $movieID;
|
||||
}
|
||||
|
||||
//For weblinks
|
||||
else if($kind === Posts::POST_KIND_WEBLINK){
|
||||
|
||||
//Check if we have a valid url
|
||||
if(!check_post_url("url"))
|
||||
Rest_fatal_error(400, "Invalid URL specified with request !");
|
||||
$url = $_POST['url'];
|
||||
|
||||
//Get informations about the webpage
|
||||
$page_infos = URLAnalyzer::analyze($url, 15);
|
||||
|
||||
//Save URL informations
|
||||
$link_url = $url;
|
||||
$link_title = isset($page_infos["title"]) ? $page_infos["title"] : null;
|
||||
$link_description = isset($page_infos["description"]) ? $page_infos["description"] : null;
|
||||
$link_image = isset($page_infos["image"]) ? $page_infos["image"] : null;
|
||||
}
|
||||
|
||||
//For PDFs
|
||||
else if($kind === Posts::POST_KIND_PDF){
|
||||
|
||||
//Check if it is a valid file
|
||||
if(!check_post_file("pdf"))
|
||||
Rest_fatal_error(400, "An error occured while receiving pdf !");
|
||||
|
||||
//Check file type
|
||||
if($_FILES['pdf']['type'] != "application/pdf")
|
||||
Rest_fatal_error(400, "The file sent is not a PDF !");
|
||||
|
||||
//Generate target file name
|
||||
$target_userdata_folder = prepareFileCreation(userID, "post_pdf");
|
||||
$target_file_path = $target_userdata_folder.generateNewFileName(path_user_data($target_userdata_folder, true), "pdf");
|
||||
$target_file_sys_path = path_user_data($target_file_path, true);
|
||||
|
||||
//Try to move the file to its final location
|
||||
if(!move_uploaded_file($_FILES["pdf"]["tmp_name"], $target_file_sys_path))
|
||||
Rest_fatal_error(500, "Could save the PDF !");
|
||||
|
||||
//Save pdf information
|
||||
$file_type = "application/pdf";
|
||||
$file_size = filesize($target_file_sys_path);
|
||||
$file_path = $target_file_path;
|
||||
}
|
||||
|
||||
//For countdown timer
|
||||
else if($kind === Posts::POST_KIND_COUNTDOWN){
|
||||
|
||||
//Get end timestamp
|
||||
$time_end = getPostTimeStamp("time-end");
|
||||
|
||||
}
|
||||
|
||||
//For survey
|
||||
else if($kind === Posts::POST_KIND_SURVEY){
|
||||
|
||||
//Process the question
|
||||
if(!isset($_POST['question']))
|
||||
Rest_fatal_error(400, "Please specify the question of the survey !");
|
||||
$question = $_POST['question'];
|
||||
|
||||
//Check the length of the question
|
||||
if(strlen($question) < 5)
|
||||
Rest_fatal_error(400, "Please specify a valid question for the survey !");
|
||||
|
||||
//Process the answers
|
||||
if(!isset($_POST['answers']))
|
||||
Rest_fatal_error(400, "Please specify the ansers of the survey !");
|
||||
$str_answers = $_POST["answers"];
|
||||
|
||||
//Process the ansers
|
||||
$answers = explode("<>", $str_answers);
|
||||
|
||||
//Remove empty questions and make other secure to insert
|
||||
foreach($answers as $num=>$val){
|
||||
if($val == "" || $val == " ")
|
||||
unset($answers[$num]);
|
||||
else
|
||||
$answers[$num] = removeHTMLnodes($val);
|
||||
}
|
||||
|
||||
//Check the minimum number of question is valid
|
||||
if(count($answers) < 2)
|
||||
Rest_fatal_error(400, "Please specify at least two valid answers for the survey !");
|
||||
|
||||
//Save informations about the survey
|
||||
$survey_question = removeHTMLnodes($question);
|
||||
$survey_answers = $answers;
|
||||
}
|
||||
|
||||
//The content type is not supported
|
||||
else {
|
||||
Rest_fatal_error(500, "This kind of post is not supported !");
|
||||
}
|
||||
|
||||
//Create the post
|
||||
$postID = CS::get()->components->posts->create(
|
||||
|
||||
//Informations about the kind of page
|
||||
$kind_page,
|
||||
$kind_page_id,
|
||||
|
||||
//Generic informations about the post
|
||||
userID,
|
||||
$content,
|
||||
$visibility,
|
||||
$kind,
|
||||
|
||||
//Specific informations about the post
|
||||
//Posts with files
|
||||
isset($file_size) ? $file_size : 0,
|
||||
isset($file_type) ? $file_type : null,
|
||||
isset($file_path) ? $file_path : null,
|
||||
|
||||
//For video post
|
||||
isset($video_id) ? $video_id : 0,
|
||||
|
||||
//For countdown post
|
||||
isset($time_end) ? $time_end : 0,
|
||||
|
||||
//For weblink posts
|
||||
isset($link_url) ? $link_url : null,
|
||||
isset($link_title) ? $link_title : null,
|
||||
isset($link_description) ? $link_description : null,
|
||||
isset($link_image) ? $link_image : null,
|
||||
|
||||
//For survey posts
|
||||
isset($survey_question) ? $survey_question : null,
|
||||
isset($survey_answers) ? $survey_answers : array()
|
||||
);
|
||||
|
||||
//Check for errors
|
||||
if($postID < 0)
|
||||
Rest_fatal_error(400, "Couldn't create post !");
|
||||
|
||||
//Success
|
||||
return array(
|
||||
"success" => "The post has been created !",
|
||||
"postID" => $postID
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
@ -244,6 +244,22 @@ class Posts {
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a post
|
||||
*
|
||||
* @param toCome
|
||||
* @return int The ID of the created post or -1 in case of failure
|
||||
*/
|
||||
public function create(string $kind_page, int $kind_id, int $userID, string $content,
|
||||
int $visibility, string $kind, int $file_size = 0,
|
||||
string $file_type = null, string $file_path = null, int $videoID = 0,
|
||||
int $time_end = 0, string $link_url = null, string $link_title = null,
|
||||
string $link_description = null, string $link_image = null, string $survey_question = null,
|
||||
array $survey_answers = array()) : int {
|
||||
|
||||
return -1;
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetch a single post from the database
|
||||
*
|
||||
|
Loading…
Reference in New Issue
Block a user