added support for upload and image change codes so you can control who can upload or use options on pictures

backend.php

@@ -20,6 +20,9 @@ include_once(ROOT.DS.'inc'.DS.'core.php');
 
 $pm = new PictshareModel();
 
+if(UPLOAD_CODE!=false && !$pm->uploadCodeExists($_REQUEST['upload_code']))
+	exit(json_encode(array('status'=>'ERR','reason'=>'Wrong upload code provided')));
+
 if($_REQUEST['getimage'])
 {
 	$url = $_REQUEST['getimage'];

inc/core.php

@@ -66,6 +66,9 @@ function whatToDo($url)
         $el = strtolower($el);
         if(!$el) continue;
         
+        if(IMAGE_CHANGE_CODE!=false && substr($el,0,10)=='changecode')
+            $changecode = substr($el,11);
+        
         if(isImage($el))
             $data['hash']=$el;
         else if(isSize($el))
@@ -94,7 +97,7 @@ function whatToDo($url)
         render($vars);
     }
     else
-        renderImage($data);
+        renderImage($data,$changecode);
 }
 
 function isLegacyThumbnail($val)
@@ -164,7 +167,7 @@ function renderLegacyResized($path)
     renderResizedImage($size,$hash);
 }
 
-function renderImage($data)
+function renderImage($data,$changecode)
 {
     $hash = $data['hash'];
     $pm = new PictshareModel();
@@ -190,8 +193,12 @@ function renderImage($data)
             $im = imagecreatefromjpeg($path);
             if(!$cached)
             {
-                changeImage($im,$data);
-                imagejpeg($im,$cachepath,95);
+                if($pm->changeCodeExists($changecode))
+                {
+                    changeImage($im,$data);
+                    imagejpeg($im,$cachepath,95);
+                }
+                    
             }
             imagejpeg($im);
         break;
@@ -200,8 +207,11 @@ function renderImage($data)
             $im = imagecreatefrompng($path);
             if(!$cached)
             {
-                changeImage($im,$data);
-                imagepng($im,$cachepath,1);
+                if($pm->changeCodeExists($changecode))
+                {
+                    changeImage($im,$data);
+                    imagepng($im,$cachepath,1);
+                }
             }
             imagepng($im);
         break;

inc/example.config.inc.php

@@ -1,5 +1,17 @@
 <?php 
 
+//if set to a string, this string must be provided before upload.
+//you can set multiple codes by;separating;them;with;semicolons
+//if set to false, everybody can upload
+//for API uploads, the GET Variable 'upload_code' must be provided
+define('UPLOAD_CODE', false);
+
+//if set to a string, this string must be provided in the URL to use any options (filters, resizes, etc..)
+//you can set multiple codes by;separating;them;with;semicolons
+//if set to false, everybody can use options on all images
+//if image change code is not provided but the requested image (with options) already exists, it will render to the user just fine
+define('IMAGE_CHANGE_CODE', false);
+
 // shall we log all uploaders IP addresses?
 define('LOG_UPLOADER', true);
 

models/pictsharemodel.php

@@ -10,6 +10,10 @@ class PictshareModel extends Model
 	function renderUploadForm()
 	{
 		$maxfilesize = (int)(ini_get('upload_max_filesize'));
+		
+		if(UPLOAD_CODE!=false)
+			$upload_code_form = '<strong>'.$this->translate(20).': </strong><input class="input" type="password" name="upload_code" value="'.$_REQUEST['upload_code'].'"><div class="clear"></div>';
+		
 		return '
 		<div class="clear"></div>
 		<strong>'.$this->translate(0).': '.$maxfilesize.'MB / File</strong><br>
@@ -17,6 +21,7 @@ class PictshareModel extends Model
 		<br><br>
 		<FORM enctype="multipart/form-data" method="post">
 		<div id="formular">
+			'.$upload_code_form.'
 			<strong>'.$this->translate(4).': </strong><input class="input" type="file" name="pic[]" multiple><div class="clear"></div>
 			<div class="clear"></div><br>
 		</div>
@@ -126,8 +131,40 @@ class PictshareModel extends Model
 		return array('status'=>'OK','type'=>$type,'hash'=>$hash,'url'=>DOMAINPATH.$hash,'domain'=>DOMAINPATH);
 	}
 	
+	function uploadCodeExists($code)
+	{
+		if(strpos(UPLOAD_CODE,';'))
+		{
+			$codes = explode(';',UPLOAD_CODE);
+			foreach($codes as $ucode)
+				if($code==$ucode) return true;
+		}	
+		
+		if($code==UPLOAD_CODE) return true;
+		
+		return false;
+	}
+	
+	function changeCodeExists($code)
+	{
+		if(IMAGE_CHANGE_CODE===false) return true;
+		if(strpos(IMAGE_CHANGE_CODE,';'))
+		{
+			$codes = explode(';',IMAGE_CHANGE_CODE);
+			foreach($codes as $ucode)
+				if($code==$ucode) return true;
+		}
+		
+		if($code==IMAGE_CHANGE_CODE) return true;
+		
+		return false;
+	}
+
 	function ProcessUploads()
 	{
+		if(UPLOAD_CODE!=false && !$this->uploadCodeExists($_REQUEST['upload_code']))
+			return '<span class="error">' . $this->translate(21) . '</span>';
+		
 		$im = new Image();
 		$i = 0;
 		foreach ($_FILES["pic"]["error"] as $key => $error)
@@ -142,7 +179,6 @@ class PictshareModel extends Model
 				}
 			}
 		}
-		$html = new HTML();
 		
 		return $o;
 	}
@@ -206,6 +242,8 @@ class PictshareModel extends Model
 		    	$words[17] = 'Dieses Bild wurde '.$params[0].' mal von '.$params[1].' verschiedenen IPs gesehen und hat '.$params[2].' Traffic verursacht';
 		    	$words[18] = 'Dieses Bild wurde von folgenden Ländern aufgerufen: ';
 		    	$words[19] = $params[0].' Aufrufe aus '.$params[1];
+				$words[20] = 'Upload-Code';
+				$words[21] = 'Falscher Upload Code eingegeben. Upload abgebrochen';
 
 		    break;
 
@@ -230,6 +268,8 @@ class PictshareModel extends Model
 		    	$words[17] = 'Was seen '.$params[0].' times by '.$params[1].' unique IPs and produced '.$params[2].' traffic';
 		    	$words[18] = 'This picture was seen from the following countries: ';
 		    	$words[19] = $params[0].' views from '.$params[1];
+				$words[20] = 'Upload code';
+				$words[21] = 'Invalid upload code provided';
 		}
 
 		return $words[$index];