TwoTalesDev/4WDCSA.co.za
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a66382661dc258b97f7af175578837bb8e664c69
4WDCSA.co.za/src/processors/save_album.php
twotalesanimation a66382661d Fixed some bugs
2025-12-13 19:25:47 +02:00

184 lines
6.3 KiB
PHP
Raw Blame History

<?php
$rootPath = dirname(dirname(__DIR__));
require_once($rootPath . '/src/config/env.php');
require_once($rootPath . '/src/config/session.php');
require_once($rootPath . '/src/config/connection.php');
require_once($rootPath . '/src/config/functions.php');
if (!isset($_SESSION['user_id']) || $_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(403);
exit('Forbidden');
}
// Validate CSRF token
if (!isset($_POST['csrf_token']) || !validateCSRFToken($_POST['csrf_token'])) {
http_response_code(400);
exit('Invalid request');
}
$title = trim($_POST['title'] ?? '');
$description = trim($_POST['description'] ?? '');
$user_id = $_SESSION['user_id'];
// Validate inputs
if (empty($title) || !validateName($title)) {
$conn->close();
http_response_code(400);
echo json_encode(['error' => 'Album title is required and must be valid']);
exit;
}
if (!empty($description) && strlen($description) > 500) {
$conn->close();
http_response_code(400);
echo json_encode(['error' => 'Description must be 500 characters or less']);
exit;
}
// Create album directory
$album_id = null;
$cover_image = null;
try {
// Start transaction
$conn->begin_transaction();
// Insert album record
$stmt = $conn->prepare("INSERT INTO photo_albums (user_id, title, description, created_at, updated_at) VALUES (?, ?, ?, NOW(), NOW())");
$stmt->bind_param("iss", $user_id, $title, $description);
$stmt->execute();
$album_id = $conn->insert_id;
$stmt->close();
// Create album directory
$albumDir = $rootPath . '/assets/uploads/gallery/' . $album_id;
if (!file_exists($albumDir)) {
mkdir($albumDir, 0777, true);
}
// Handle cover image upload
$coverImagePath = null;
if (isset($_FILES['cover_image']) && $_FILES['cover_image']['error'] === UPLOAD_ERR_OK) {
$maxSize = 5 * 1024 * 1024; // 5MB
$fileName = $_FILES['cover_image']['name'];
$fileTmpName = $_FILES['cover_image']['tmp_name'];
$fileSize = $_FILES['cover_image']['size'];
// Validate file extension
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
$allowedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
if (!in_array($ext, $allowedExtensions)) {
throw new Exception('Invalid cover image file type. Allowed: jpg, jpeg, png, gif, webp');
}
if ($fileSize > $maxSize) {
throw new Exception('Cover image file too large (max 5MB)');
}
// Generate unique filename
$ext = pathinfo($fileName, PATHINFO_EXTENSION);
$newFileName = 'cover_' . uniqid() . '.' . $ext;
$filePath = $albumDir . '/' . $newFileName;
$coverImagePath = '/assets/uploads/gallery/' . $album_id . '/' . $newFileName;
if (!move_uploaded_file($fileTmpName, $filePath)) {
throw new Exception('Failed to upload cover image');
}
// Update cover image in album record
$updateCover = $conn->prepare("UPDATE photo_albums SET cover_image = ? WHERE album_id = ?");
$updateCover->bind_param("si", $coverImagePath, $album_id);
$updateCover->execute();
$updateCover->close();
}
// Handle photo uploads
if (isset($_FILES['photos']) && $_FILES['photos']['error'][0] === UPLOAD_ERR_OK) {
$maxSize = 5 * 1024 * 1024; // 5MB
$displayOrder = 1;
$firstPhoto = true;
for ($i = 0; $i < count($_FILES['photos']['name']); $i++) {
if ($_FILES['photos']['error'][$i] !== UPLOAD_ERR_OK) {
continue;
}
$fileName = $_FILES['photos']['name'][$i];
$fileTmpName = $_FILES['photos']['tmp_name'][$i];
$fileSize = $_FILES['photos']['size'][$i];
// Validate file extension
$ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION));
$allowedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
if (!in_array($ext, $allowedExtensions)) {
throw new Exception('Invalid file type: ' . $fileName . '. Allowed: jpg, jpeg, png, gif, webp');
}
if ($fileSize > $maxSize) {
throw new Exception('File too large: ' . $fileName);
}
// Generate unique filename
$ext = pathinfo($fileName, PATHINFO_EXTENSION);
$newFileName = uniqid('photo_') . '.' . $ext;
$filePath = $albumDir . '/' . $newFileName;
$relativePath = '/assets/uploads/gallery/' . $album_id . '/' . $newFileName;
if (!move_uploaded_file($fileTmpName, $filePath)) {
throw new Exception('Failed to upload: ' . $fileName);
}
// Set first photo as cover if no cover image was uploaded
if ($firstPhoto && !$coverImagePath) {
$updateCover = $conn->prepare("UPDATE photo_albums SET cover_image = ? WHERE album_id = ?");
$updateCover->bind_param("si", $relativePath, $album_id);
$updateCover->execute();
$updateCover->close();
$firstPhoto = false;
}
// Insert photo record
$caption = $fileName; // Default caption is filename
$photoStmt = $conn->prepare("INSERT INTO photos (album_id, file_path, caption, display_order, created_at) VALUES (?, ?, ?, ?, NOW())");
$photoStmt->bind_param("issi", $album_id, $relativePath, $caption, $displayOrder);
$photoStmt->execute();
$photoStmt->close();
$displayOrder++;
}
}
// Commit transaction
$conn->commit();
$conn->close();
// Redirect to view album
header('Location: view_album?id=' . $album_id);
exit;
} catch (Exception $e) {
// Rollback on error
$conn->rollback();
$conn->close();
// Clean up partially uploaded files
if ($album_id) {
$albumDir = $rootPath . '/assets/uploads/gallery/' . $album_id;
if (is_dir($albumDir)) {
array_map('unlink', glob($albumDir . '/*'));
rmdir($albumDir);
}
// Delete album record (will cascade delete photos)
$conn->query("DELETE FROM photo_albums WHERE album_id = " . intval($album_id));
}
http_response_code(400);
echo json_encode(['error' => $e->getMessage()]);
exit;
}
?>
Reference in New Issue View Git Blame Copy Permalink