yetangitu/Oinktube
1
0
Fork 0
mirror of https://github.com/DanielnetoDotCom/YouPHPTube synced 2025-10-03 09:49:28 +02:00
Code Issues Releases Wiki Activity

Start word filter

Browse source
This commit is contained in:
daniel 2018-09-16 21:28:40 -03:00
parent c5c68babec
commit 0071cbef2e
3 changed files with 67 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

12
objects/functions.php
View file

@ -1,4 +1,16 @@
<?php <?php
function forbiddenWords($text){
global $global;
if(empty($global['forbiddenWords'])){
return false;
}
foreach ($global['forbiddenWords'] as $value) {
if(preg_match("/{$value}/i", $text)){
return true;
}
}
return false;
}
function xss_esc($text){ function xss_esc($text){
return htmlspecialchars($text, ENT_QUOTES, 'UTF-8'); return htmlspecialchars($text, ENT_QUOTES, 'UTF-8');

5
objects/video.php
View file

@ -138,6 +138,11 @@ if (!class_exists('Video')) {
} }
$this->setTitle($global['mysqli']->real_escape_string(trim($this->title))); $this->setTitle($global['mysqli']->real_escape_string(trim($this->title)));
$this->setDescription($global['mysqli']->real_escape_string($this->description)); $this->setDescription($global['mysqli']->real_escape_string($this->description));
if(forbiddenWords($this->title) || forbiddenWords($this->description)){
return false;
}
$this->next_videos_id = intval($this->next_videos_id); $this->next_videos_id = intval($this->next_videos_id);
if (empty($this->next_videos_id)) { if (empty($this->next_videos_id)) {
$this->next_videos_id = 'NULL'; $this->next_videos_id = 'NULL';

34
view/mini-upload-form/upload.php
View file

@ -1,4 +1,5 @@
<?php <?php
global $global, $config; global $global, $config;
session_write_close(); session_write_close();
$obj = new stdClass(); $obj = new stdClass();
@ -6,8 +7,7 @@ $obj->error = true;
if (!isset($global['systemRootPath'])) { if (!isset($global['systemRootPath'])) {
require_once '../../videos/configuration.php'; require_once '../../videos/configuration.php';
} }
if (!User::canUpload()) if (!User::canUpload()) {
{
$obj->msg = "Only logged users can upload"; $obj->msg = "Only logged users can upload";
die(json_encode($obj)); die(json_encode($obj));
} }
@ -23,11 +23,9 @@ $allowed = array(
'webm' 'webm'
); );
if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0) if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0) {
{
$extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION); $extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);
if (!in_array(strtolower($extension) , $allowed)) if (!in_array(strtolower($extension), $allowed)) {
{
$obj->msg = "File extension error [{$_FILES['upl']['name']}], we allow only (" . implode(",", $allowed) . ")"; $obj->msg = "File extension error [{$_FILES['upl']['name']}], we allow only (" . implode(",", $allowed) . ")";
die(json_encode($obj)); die(json_encode($obj));
} }
@ -49,29 +47,25 @@ if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0)
$video->setDescription($_POST['description']); $video->setDescription($_POST['description']);
} }
if ($extension == "mp4") if ($extension == "mp4") {
{
$video->setType("video"); $video->setType("video");
} } else
else
if (($extension == "mp3") || ($extension == "ogg")) { if (($extension == "mp3") || ($extension == "ogg")) {
$video->setType("audio"); $video->setType("audio");
} }
$advancedCustom = YouPHPTubePlugin::getObjectDataIfEnabled("CustomizeAdvanced"); $advancedCustom = YouPHPTubePlugin::getObjectDataIfEnabled("CustomizeAdvanced");
if (empty($advancedCustom->makeVideosInactiveAfterEncode)) if (empty($advancedCustom->makeVideosInactiveAfterEncode)) {
{
// set active // set active
$video->setStatus('a'); $video->setStatus('a');
} } else {
else
{
$video->setStatus('i'); $video->setStatus('i');
} }
$id = $video->save(); $id = $video->save();
if ($id) {
/** /**
* This is when is using in a non uploaded movie * This is when is using in a non uploaded movie
*/ */
@ -79,17 +73,14 @@ if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0)
$tmp_name = $_FILES['upl']['tmp_name']; $tmp_name = $_FILES['upl']['tmp_name'];
$filenameMP4 = $filename . "." . $extension; $filenameMP4 = $filename . "." . $extension;
decideMoveUploadedToVideos($tmp_name, $filenameMP4); decideMoveUploadedToVideos($tmp_name, $filenameMP4);
if ((YouPHPTubePlugin::isEnabled("996c9afb-b90e-40ca-90cb-934856180bb9")) && ($extension == "mp4")) if ((YouPHPTubePlugin::isEnabled("996c9afb-b90e-40ca-90cb-934856180bb9")) && ($extension == "mp4")) {
{
require_once $global['systemRootPath'] . 'plugin/MP4ThumbsAndGif/MP4ThumbsAndGif.php'; require_once $global['systemRootPath'] . 'plugin/MP4ThumbsAndGif/MP4ThumbsAndGif.php';
$videoFileName = $video->getFilename(); $videoFileName = $video->getFilename();
MP4ThumbsAndGif::getImage($videoFileName, 'jpg'); MP4ThumbsAndGif::getImage($videoFileName, 'jpg');
MP4ThumbsAndGif::getImage($videoFileName, 'gif'); MP4ThumbsAndGif::getImage($videoFileName, 'gif');
} } else
else if ((YouPHPTubePlugin::isEnabled("916c9afb-css90e-26fa-97fd-864856180cc9")) && ($extension == "mp4")) {
if ((YouPHPTubePlugin::isEnabled("916c9afb-css90e-26fa-97fd-864856180cc9")) && ($extension == "mp4"))
{
require_once $global['systemRootPath'] . 'plugin/MP4ThumbsAndGifLocal/MP4ThumbsAndGifLocal.php'; require_once $global['systemRootPath'] . 'plugin/MP4ThumbsAndGifLocal/MP4ThumbsAndGifLocal.php';
$videoFileName = $video->getFilename(); $videoFileName = $video->getFilename();
@ -106,6 +97,7 @@ if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0)
YouPHPTubePlugin::afterNewVideo($video->getId()); YouPHPTubePlugin::afterNewVideo($video->getId());
die(json_encode($obj)); die(json_encode($obj));
} }
}
$obj->msg = "\$_FILES Error"; $obj->msg = "\$_FILES Error";
$obj->FILES = $_FILES; $obj->FILES = $_FILES;