svalavuo
/
website


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348
							<?php
/**
 * Image Upload Handler
 * Handles image uploads for the WYSIWYG editor
 */

// Start session
if (session_status() === PHP_SESSION_NONE) {
    session_start();
}

require_once '../includes/config.php';
require_once '../includes/database.php';
require_once '../includes/auth.php';

// Require authentication
$auth = new Auth();
$auth->requireAuth();

// Set headers for JSON response
header('Content-Type: application/json');

// Create uploads directory if it doesn't exist
$uploadsDir = '../uploads/images';
$thumbsDir = '../uploads/images/thumbs';
if (!file_exists($uploadsDir)) {
    mkdir($uploadsDir, 0755, true);
}
if (!file_exists($thumbsDir)) {
    mkdir($thumbsDir, 0755, true);
}

// Handle file upload
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['images'])) {
    $uploadedFiles = [];
    $errors = [];
    
    // Handle multiple files
    $files = $_FILES['images'];
    $fileCount = count($files['name']);
    
    for ($i = 0; $i < $fileCount; $i++) {
        if ($files['error'][$i] === UPLOAD_ERR_OK) {
            $file = [
                'name' => $files['name'][$i],
                'type' => $files['type'][$i],
                'tmp_name' => $files['tmp_name'][$i],
                'error' => $files['error'][$i],
                'size' => $files['size'][$i]
            ];
            
            // Validate file
            $validation = validateImageFile($file);
            if ($validation['valid']) {
                // Generate unique filename
                $extension = pathinfo($file['name'], PATHINFO_EXTENSION);
                $filename = uniqid() . '.' . $extension;
                $filepath = $uploadsDir . '/' . $filename;
                $thumbFilename = 'thumb_' . $filename;
                $thumbPath = $thumbsDir . '/' . $thumbFilename;
                
                // Move file to uploads directory
                if (move_uploaded_file($file['tmp_name'], $filepath)) {
                    // Generate thumbnail
                    $thumbnailGenerated = generateThumbnail($filepath, $thumbPath);
                    
                    // Save to database
                    $imageId = saveImageToDatabase($filename, $file['name'], $file['size'], $thumbFilename);
                    
                    if ($imageId) {
                        $uploadedFiles[] = [
                            'id' => $imageId,
                            'filename' => $filename,
                            'original_name' => $file['name'],
                            'size' => $file['size'],
                            'url' => '/uploads/images/' . $filename,
                            'thumbnail_url' => '/uploads/images/thumbs/' . $thumbFilename
                        ];
                    } else {
                        $errors[] = 'Failed to save ' . $file['name'] . ' to database';
                        unlink($filepath); // Remove uploaded file
                        if ($thumbnailGenerated) {
                            unlink($thumbPath); // Remove thumbnail if generated
                        }
                    }
                } else {
                    $errors[] = 'Failed to upload ' . $file['name'];
                }
            } else {
                $errors[] = $validation['error'];
            }
        } else {
            $errors[] = 'Error uploading file: ' . getUploadErrorMessage($files['error'][$i]);
        }
    }
    
    echo json_encode([
        'success' => empty($errors),
        'files' => $uploadedFiles,
        'errors' => $errors
    ]);
    exit;
}

// Handle GET request to fetch existing images
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
    $images = getExistingImages();
    echo json_encode([
        'success' => true,
        'images' => $images
    ]);
    exit;
}

// Handle DELETE request to remove image
if ($_SERVER['REQUEST_METHOD'] === 'DELETE' && isset($_GET['id'])) {
    $imageId = (int)$_GET['id'];
    $success = deleteImage($imageId);
    echo json_encode([
        'success' => $success
    ]);
    exit;
}

echo json_encode(['success' => false, 'error' => 'Invalid request']);

/**
 * Validate uploaded image file
 */
function validateImageFile($file) {
    // Check file size (20MB max)
    $maxSize = 20 * 1024 * 1024; // 20MB
    if ($file['size'] > $maxSize) {
        return ['valid' => false, 'error' => 'File too large. Maximum size is 20MB'];
    }
    
    // Check file type
    $allowedTypes = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
    if (!in_array($file['type'], $allowedTypes)) {
        return ['valid' => false, 'error' => 'Invalid file type. Only JPG, PNG, GIF, and WebP are allowed'];
    }
    
    // Check file extension
    $allowedExtensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
    $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
    if (!in_array($extension, $allowedExtensions)) {
        return ['valid' => false, 'error' => 'Invalid file extension'];
    }
    
    return ['valid' => true];
}

/**
 * Generate thumbnail for uploaded image
 */
function generateThumbnail($sourcePath, $destPath, $maxWidth = 300, $maxHeight = 200) {
    // Check if GD extension is available
    if (!extension_loaded('gd')) {
        error_log('GD extension not available for thumbnail generation');
        return false;
    }
    
    try {
        // Get image info
        $imageInfo = getimagesize($sourcePath);
        if (!$imageInfo) {
            return false;
        }
        
        $width = $imageInfo[0];
        $height = $imageInfo[1];
        $type = $imageInfo[2];
        
        // Calculate new dimensions
        $ratio = min($maxWidth / $width, $maxHeight / $height);
        $newWidth = (int)($width * $ratio);
        $newHeight = (int)($height * $ratio);
        
        // Create image resource based on type
        switch ($type) {
            case IMAGETYPE_JPEG:
                $source = imagecreatefromjpeg($sourcePath);
                break;
            case IMAGETYPE_PNG:
                $source = imagecreatefrompng($sourcePath);
                break;
            case IMAGETYPE_GIF:
                $source = imagecreatefromgif($sourcePath);
                break;
            default:
                return false;
        }
        
        if (!$source) {
            return false;
        }
        
        // Create new image
        $thumb = imagecreatetruecolor($newWidth, $newHeight);
        
        // Preserve transparency for PNG and GIF
        if ($type == IMAGETYPE_PNG || $type == IMAGETYPE_GIF) {
            imagealphablending($thumb, false);
            imagesavealpha($thumb, true);
            $transparent = imagecolorallocatealpha($thumb, 255, 255, 255, 127);
            imagefilledrectangle($thumb, 0, 0, $newWidth, $newHeight, $transparent);
        }
        
        // Resize image
        imagecopyresampled($thumb, $source, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height);
        
        // Save thumbnail
        $result = false;
        switch ($type) {
            case IMAGETYPE_JPEG:
                $result = imagejpeg($thumb, $destPath, 85);
                break;
            case IMAGETYPE_PNG:
                $result = imagepng($thumb, $destPath, 8);
                break;
            case IMAGETYPE_GIF:
                $result = imagegif($thumb, $destPath);
                break;
        }
        
        // Clean up
        imagedestroy($source);
        imagedestroy($thumb);
        
        return $result;
        
    } catch (Exception $e) {
        error_log('Error generating thumbnail: ' . $e->getMessage());
        return false;
    }
}

/**
 * Save image information to database
 */
function saveImageToDatabase($filename, $originalName, $size, $thumbnailFilename = null) {
    $db = Database::getInstance();
    
    try {
        $db->insert('images', [
            'filename' => $filename,
            'thumbnail_filename' => $thumbnailFilename,
            'original_name' => $originalName,
            'file_size' => $size,
            'uploaded_at' => date('Y-m-d H:i:s'),
            'uploaded_by' => $_SESSION['user_id'] ?? 1
        ]);
        
        return $db->lastInsertId();
    } catch (Exception $e) {
        error_log('Failed to save image to database: ' . $e->getMessage());
        return false;
    }
}

/**
 * Get existing images from database
 */
function getExistingImages() {
    $db = Database::getInstance();
    
    try {
        $images = $db->fetchAll("SELECT * FROM images ORDER BY uploaded_at DESC");
        
        $result = [];
        foreach ($images as $image) {
            // Use thumbnail if available, otherwise use original image
            $thumbnailUrl = $image['thumbnail_filename'] 
                ? '/uploads/images/thumbs/' . $image['thumbnail_filename']
                : '/uploads/images/' . $image['filename'];
                
            $result[] = [
                'id' => $image['id'],
                'filename' => $image['filename'],
                'thumbnail_filename' => $image['thumbnail_filename'],
                'original_name' => $image['original_name'],
                'size' => $image['file_size'],
                'url' => '/uploads/images/' . $image['filename'],
                'thumbnail_url' => $thumbnailUrl,
                'uploaded_at' => $image['uploaded_at']
            ];
        }
        
        return $result;
    } catch (Exception $e) {
        error_log('Failed to fetch images: ' . $e->getMessage());
        return [];
    }
}

/**
 * Delete image from database and filesystem
 */
function deleteImage($imageId) {
    $db = Database::getInstance();
    
    try {
        // Get image info
        $image = $db->fetch("SELECT * FROM images WHERE id = ?", [$imageId]);
        if (!$image) {
            return false;
        }
        
        // Delete from database
        $db->delete('images', 'id = ?', [$imageId]);
        
        // Delete file from filesystem
        $filepath = '../uploads/images/' . $image['filename'];
        if (file_exists($filepath)) {
            unlink($filepath);
        }
        
        return true;
    } catch (Exception $e) {
        error_log('Failed to delete image: ' . $e->getMessage());
        return false;
    }
}

/**
 * Get upload error message
 */
function getUploadErrorMessage($errorCode) {
    switch ($errorCode) {
        case UPLOAD_ERR_INI_SIZE:
            return 'The uploaded file exceeds the upload_max_filesize directive in php.ini';
        case UPLOAD_ERR_FORM_SIZE:
            return 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form';
        case UPLOAD_ERR_PARTIAL:
            return 'The uploaded file was only partially uploaded';
        case UPLOAD_ERR_NO_FILE:
            return 'No file was uploaded';
        case UPLOAD_ERR_NO_TMP_DIR:
            return 'Missing a temporary folder';
        case UPLOAD_ERR_CANT_WRITE:
            return 'Failed to write file to disk';
        case UPLOAD_ERR_EXTENSION:
            return 'A PHP extension stopped the file upload';
        default:
            return 'Unknown upload error';
    }
}
?>