X-Git-Url: https://git.sesse.net/?p=pr0n;a=blobdiff_plain;f=perl%2FSesse%2Fpr0n%2FWebDAV.pm;h=3f896453db054d764a526166f483f36abfaf7f4b;hp=28ad780e0db2551aa6f80f1ebf2c5d4ebec8c11d;hb=b6bd6e25455bb5748b1516df9c4487f85ed65bad;hpb=6249c675acd3466bd808fb5d830027f7b9be5a9b

diff --git a/perl/Sesse/pr0n/WebDAV.pm b/perl/Sesse/pr0n/WebDAV.pm
index 28ad780..3f89645 100644
--- a/perl/Sesse/pr0n/WebDAV.pm
+++ b/perl/Sesse/pr0n/WebDAV.pm
@@ -3,7 +3,7 @@ use strict;
 use warnings;
 
 use Sesse::pr0n::Common qw(error dberror);
-use Digest::SHA1;
+use Digest::SHA;
 use MIME::Base64;
 use Apache2::Request;
 use Apache2::Upload;
@@ -11,7 +11,7 @@ use Apache2::Upload;
 sub handler {
 	my $r = shift;
 	my $dbh = Sesse::pr0n::Common::get_dbh();
-	
+			
 	$r->headers_out->{'DAV'} = "1,2";
 
 	# We only handle depth=0, depth=1 (cf. the RFC)
@@ -368,7 +368,7 @@ EOF
 		} else {
 			# check if we have a "shadow file" for this
 			if (defined($autorename) && $autorename eq "autorename/") {
-				my $ref = $dbh->selectrow_hashref('SELECT id FROM shadow_files WHERE host=? AND event=? AND filename=? AND expires_at > now()',
+				my $ref = $dbh->selectrow_hashref('SELECT id FROM shadow_files WHERE vhost=? AND event=? AND filename=? AND expires_at > now()',
 					undef, $r->get_server_name, $event, $filename);
 				if (defined($ref)) {
 				 	($fname, $size, $mtime) = Sesse::pr0n::Common::stat_image_from_id($r, $ref->{'id'});
@@ -405,6 +405,9 @@ EOF
 		
 		my ($event, $autorename, $filename) = ($1, $2, $3);
 		my $size = $r->headers_in->{'content-length'};
+		if (!defined($size)) {
+			$size = $r->headers_in->{'x-expected-entity-length'};
+		}
 		my $orig_filename = $filename;
 
 		# Remove evil characters
@@ -423,11 +426,11 @@ EOF
 		# gnome-vfs and mac os x love to make zero-byte files,
 		# make them happy
 		# 
-		if ($r->headers_in->{'content-length'} == 0) {
+		if ($size == 0 || $filename =~ /^\.(_|DS_Store)/) {
 			$dbh->do('DELETE FROM fake_files WHERE expires_at <= now() OR (event=? AND vhost=? AND filename=?);',
 				undef, $event, $r->get_server_name, $filename)
 				or dberror($r, "Couldn't prune fake_files");
-			$dbh->do('INSERT INTO fake_files (vhost,event,filename,expires_at) VALUES (?,?,?,now() + interval \'30 seconds\');',
+			$dbh->do('INSERT INTO fake_files (vhost,event,filename,expires_at) VALUES (?,?,?,now() + interval \'1 day\');',
 				undef, $r->get_server_name, $event, $filename)
 				or dberror($r, "Couldn't add file");
 			$r->content_type('text/plain; charset="utf-8"');
@@ -436,7 +439,7 @@ EOF
 			$r->log->info("Fake upload of $event/$filename");
 			return Apache2::Const::OK;
 		}
-
+			
 		# Get the new ID
 		my $ref = $dbh->selectrow_hashref("SELECT NEXTVAL('imageid_seq') AS id;");
 		my $newid = $ref->{'id'};
@@ -445,13 +448,18 @@ EOF
 		}
 		
 		# Autorename if we need to
-		if (defined($autorename) && $autorename eq "autorename/") {
-			my $ref = $dbh->selectrow_hashref("SELECT COUNT(*) AS numfiles FROM images WHERE vhost=? AND event=? AND filename=?",
-				undef, $r->get_server_name, $event, $filename)
-				or dberror($r, "Couldn't check for existing files");
-			if ($ref->{'numfiles'} > 0) {
+		$ref = $dbh->selectrow_hashref("SELECT COUNT(*) AS numfiles FROM images WHERE vhost=? AND event=? AND filename=?",
+		                               undef, $r->get_server_name, $event, $filename)
+			or dberror($r, "Couldn't check for existing files");
+		if ($ref->{'numfiles'} > 0) {
+			if (defined($autorename) && $autorename eq "autorename/") {
 				$r->log->info("Renaming $filename to $newid.jpeg");
 				$filename = "$newid.jpeg";
+			} else {
+				$r->status(403);
+				$r->content_type('text/plain; charset=utf-8');
+				$r->print("File $filename already exists in event $event, cannot overwrite");
+				return Apache2::Const::OK;
 			}
 		}
 		
@@ -468,17 +476,16 @@ EOF
 					
 				$dbh->do('INSERT INTO images (id,vhost,event,uploadedby,takenby,filename) VALUES (?,?,?,?,?,?)',
 					undef, $newid, $r->get_server_name, $event, $user, $takenby, $filename);
-				$dbh->do('UPDATE events SET last_update=CURRENT_TIMESTAMP WHERE vhost=? AND event=?',
-					undef, $r->get_server_name, $event);
+				Sesse::pr0n::Common::purge_cache($r, "/$event/");
 
 				# Now save the file to disk
+				Sesse::pr0n::Common::ensure_disk_location_exists($r, $newid);	
 				$fname = Sesse::pr0n::Common::get_disk_location($r, $newid);
 				open NEWFILE, ">$fname"
 					or die "$fname: $!";
 
 				my $buf;
-				my $content_length = $r->headers_in->{'content-length'};
-				if ($r->read($buf, $content_length)) {
+				if ($r->read($buf, $size)) {
 					print NEWFILE $buf or die "write($fname): $!";
 				}
 
@@ -490,8 +497,10 @@ EOF
 
 				# Make cache while we're at it.
 				# Don't do it for the resource forks Mac OS X loves to upload :-(
-				if ($filename !~ /^\._/) {
-					Sesse::pr0n::Common::ensure_cached($r, $filename, $newid, undef, undef, 1, 80, 64, 320, 256, -1, -1);
+				if ($filename !~ /^\.(_|DS_Store)/) {
+					# FIXME: Ideally we'd want to ensure cache of -1x-1 here as well (for NEFs), but that would
+					# preclude mipmapping in its current form.
+					Sesse::pr0n::Common::ensure_cached($r, $filename, $newid, undef, undef, "nobox", 1, 80, 64, 320, 256);
 				}
 				
 				# OK, we got this far, commit
@@ -507,12 +516,12 @@ EOF
 			}
 		}
 
-		# Insert a `shadow file' we can stat the next 30 secs
+		# Insert a `shadow file' we can stat the next day or so
 		if (defined($autorename) && $autorename eq "autorename/") {
 			$dbh->do('DELETE FROM shadow_files WHERE expires_at <= now() OR (vhost=? AND event=? AND filename=?);',
 				undef, $r->get_server_name, $event, $filename)
 				or dberror($r, "Couldn't prune shadow_files");
-			$dbh->do('INSERT INTO shadow_files (vhost,event,filename,id,expires_at) VALUES (?,?,?,?,now() + interval \'30 seconds\');',
+			$dbh->do('INSERT INTO shadow_files (vhost,event,filename,id,expires_at) VALUES (?,?,?,?,now() + interval \'1 day\');',
 				undef, $r->get_server_name, $event, $orig_filename, $newid)
 				or dberror($r, "Couldn't add shadow file");
 			$r->log->info("Added shadow entry for $event/$filename");
@@ -525,129 +534,6 @@ EOF
 		return Apache2::Const::OK;
 	}
 	
-	# Used by the XP publishing wizard -- largely the same as the code above
-	# but vastly simplified. Should we refactor?
-	if ($r->method eq "POST") {
-		my $apr = Apache2::Request->new($r);
-		my $client_size = $apr->param('size');
-		my $event = $apr->param('event');
-				
-		my $file = $apr->upload('image');
-		my $filename = $file->filename();
-		if ($client_size != $file->size()) {
-			$r->content_type('text/plain; charset="utf-8"');
-			$r->status(403);
-			$r->print("Client-size resizing detected; refusing automatically");
-
-			$r->log->info("Client-size resized upload of $event/$filename detected");
-			return Apache2::Const::OK;
-		}
-		
-		# Ugh, Windows XP seems to be sending this in... something that's not UTF-8, at least
-		my $takenby_given = Sesse::pr0n::Common::guess_charset($apr->param('takenby'));
-
-		if (defined($takenby_given) && $takenby_given !~ /^\s*$/ && $takenby_given !~ /[<>&]/ && length($takenby_given) <= 100) {
-			$takenby = $takenby_given;
-		}
-		
-		my $ne_id = Sesse::pr0n::Common::guess_charset($apr->param('neweventid'));
-		my $ne_date = Sesse::pr0n::Common::guess_charset($apr->param('neweventdate'));
-		my $ne_desc = Sesse::pr0n::Common::guess_charset($apr->param('neweventdesc'));
-		if (defined($ne_id)) {
-			# Trying to add a new event, let's see if it already exists
-			my $q = $dbh->prepare('SELECT COUNT(*) AS cnt FROM events WHERE event=? AND vhost=?')
-				or dberror($r, "Couldn't prepare event count");
-			$q->execute($ne_id, $r->get_server_name)
-				or dberror($r, "Couldn't execute event count");
-			my $ref = $q->fetchrow_hashref;
-
-			if ($ref->{'cnt'} == 0) {
-				my @errors = Sesse::pr0n::Common::add_new_event($dbh, $ne_id, $ne_date, $ne_desc, $r->get_server_name);
-				if (scalar @errors > 0) {
-					die "Couldn't add new event $ne_id: " . join(', ', @errors);
-				}
-			}
-
-			$event = $ne_id;
-		}
-
-		# Remove evil characters
-		if ($filename =~ /[^a-zA-Z0-9._-]/) {
-			$filename =~ tr/a-zA-Z0-9.-/_/c;
-		}
-		
-		# Get the new ID
-		my $ref = $dbh->selectrow_hashref("SELECT NEXTVAL('imageid_seq') AS id;");
-		my $newid = $ref->{'id'};
-		if (!defined($newid)) {
-			dberror($r, "Couldn't get new ID");
-		}
-		
-		# Autorename if we need to
-		{
-			my $ref = $dbh->selectrow_hashref("SELECT COUNT(*) AS numfiles FROM images WHERE vhost=? AND event=? AND filename=?",
-				undef, $r->get_server_name, $event, $filename)
-				or dberror($r, "Couldn't check for existing files");
-			if ($ref->{'numfiles'} > 0) {
-				$r->log->info("Renaming $filename to $newid.jpeg");
-				$filename = "$newid.jpeg";
-			}
-		}
-		
-		{
-			# Enable transactions and error raising temporarily
-			local $dbh->{AutoCommit} = 0;
-			local $dbh->{RaiseError} = 1;
-			my $fname;
-
-			# Try to insert this new file
-			eval {
-				$dbh->do('INSERT INTO images (id,vhost,event,uploadedby,takenby,filename) VALUES (?,?,?,?,?,?)',
-					undef, $newid, $r->get_server_name, $event, $user, $takenby, $filename);
-				$dbh->do('UPDATE events SET last_update=CURRENT_TIMESTAMP WHERE vhost=? AND event=?',
-					undef, $r->get_server_name, $event);
-
-				# Now save the file to disk
-				$fname = Sesse::pr0n::Common::get_disk_location($r, $newid);
-				open NEWFILE, ">$fname"
-					or die "$fname: $!";
-
-				my $buf;
-				$file->slurp($buf);
-				print NEWFILE $buf or die "write($fname): $!";
-				close NEWFILE or die "close($fname): $!";
-				
-				# Orient stuff correctly
-				system("/usr/bin/exifautotran", $fname) == 0
-					or die "/usr/bin/exifautotran: $!";
-
-				# Make cache while we're at it.
-				Sesse::pr0n::Common::ensure_cached($r, $filename, $newid, undef, undef, 1, 80, 64, 320, 256, -1, -1);
-				
-				# OK, we got this far, commit
-				$dbh->commit;
-
-				$r->log->notice("Successfully wrote $event/$filename to $fname");
-			};
-			if ($@) {
-				# Some error occurred, rollback and bomb out
-				$dbh->rollback;
-				error($r, "Transaction aborted because $@");
-				unlink($fname);
-		
-				$r->content_type('text/plain; charset="utf-8"');
-				$r->status(500);
-				$r->print("Error: $@");
-			}
-		}
-
-		$r->content_type('text/plain; charset="utf-8"');
-		$r->status(201);
-		$r->print("OK");
-
-		return Apache2::Const::OK;
-	}
-	
 	# Yes, we fake locks. :-)
 	if ($r->method eq "LOCK") {
 		if ($r->uri !~ m#^/webdav/upload/([a-zA-Z0-9-]+)/(autorename/)?([a-zA-Z0-9._-]+)$#) {
@@ -658,7 +544,8 @@ EOF
 		}
 
 		my ($event, $autorename, $filename) = ($1, $2, $3);
-		my $sha1 = Digest::SHA1::sha1_base64("/$event/$autorename/$filename");
+		$autorename = '' if (!defined($autorename));
+		my $sha1 = Digest::SHA::sha1_base64("/$event/$autorename$filename");
 
 		$r->status(200);
 		$r->content_type('text/xml; charset=utf-8');
@@ -705,7 +592,7 @@ EOF
 		$dbh->do('DELETE FROM images WHERE vhost=? AND event=? AND filename=?',
 			undef, $r->get_server_name, $event, $filename)
 			or dberror($r, "Couldn't remove file");
-		$dbh->do('UPDATE events SET last_update=CURRENT_TIMESTAMP WHERE vhost=? AND event=?',
+		$dbh->do('UPDATE last_picture_cache SET last_update=CURRENT_TIMESTAMP WHERE vhost=? AND event=?',
 			undef, $r->get_server_name, $event)
 			or dberror($r, "Couldn't invalidate cache");
 		$r->status(200);