From e7884f24364a826eaae272be403d3333ca602acf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=B0=8F=E5=B0=8F=E7=99=BD=E5=93=A6?= Date: Sun, 30 Nov 2025 13:06:45 +0000 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E8=87=B3?= =?UTF-8?q?=20/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- upload.php | 400 ++++++++++++++++++++++++++++++++++++++++++++++++ verify.php | 175 +++++++++++++++++++++ view-image.php | 404 +++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 979 insertions(+) create mode 100644 upload.php create mode 100644 verify.php create mode 100644 view-image.php diff --git a/upload.php b/upload.php new file mode 100644 index 0000000..fe45bd3 --- /dev/null +++ b/upload.php @@ -0,0 +1,400 @@ +query("SELECT * FROM tags ORDER BY name"); + $allTags = $stmt->fetchAll(PDO::FETCH_ASSOC); +} catch(PDOException $e) { + $allTags = []; +} + +$error = ''; +$success = ''; +$uploadResults = []; + +if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_FILES['images'])) { + $is_public = isset($_POST['is_public']) ? 1 : 0; + $uploadedFiles = $_FILES['images']; + + $fileCount = count($uploadedFiles['name']); + $successCount = 0; + $errorCount = 0; + + for ($i = 0; $i < $fileCount; $i++) { + if ($uploadedFiles['error'][$i] === UPLOAD_ERR_NO_FILE) continue; + + $title = trim($_POST['titles'][$i] ?? ''); + $file_tags = $_POST['tags'][$i] ?? []; + $file = [ + 'name' => $uploadedFiles['name'][$i], + 'type' => $uploadedFiles['type'][$i], + 'tmp_name' => $uploadedFiles['tmp_name'][$i], + 'error' => $uploadedFiles['error'][$i], + 'size' => $uploadedFiles['size'][$i] + ]; + + + if (empty($title)) $title = pathinfo($file['name'], PATHINFO_FILENAME); + + if ($file['error'] !== UPLOAD_ERR_OK) { + $uploadResults[] = ['success' => false, 'filename' => $file['name'], 'message' => t('upload_failed')]; + $errorCount++; + continue; + } + + if ($file['size'] > MAX_FILE_SIZE) { + $uploadResults[] = ['success' => false, 'filename' => $file['name'], 'message' => t('max_size') . ': 5MB']; + $errorCount++; + continue; + } + + $file_extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); + if (!in_array($file_extension, ALLOWED_TYPES)) { + $uploadResults[] = ['success' => false, 'filename' => $file['name'], 'message' => t('supported_formats') . ': JPG, PNG, GIF, WebP']; + $errorCount++; + continue; + } + + + $filename = uniqid() . '_' . time() . '.' . $file_extension; + $upload_path = 'uploads/' . $filename; + + if (move_uploaded_file($file['tmp_name'], $upload_path)) { + try { + $stmt = $pdo->prepare("INSERT INTO images (user_id, title, filename, is_public, file_size, mime_type) VALUES (?, ?, ?, ?, ?, ?)"); + $stmt->execute([$_SESSION['user_id'], $title, $filename, $is_public, $file['size'], $file['type']]); + + $image_id = $pdo->lastInsertId(); + $tagNames = []; + + + if (!empty($file_tags)) { + foreach ($file_tags as $tag_id) { + $stmt = $pdo->prepare("INSERT INTO image_tags (image_id, tag_id) VALUES (?, ?)"); + $stmt->execute([$image_id, $tag_id]); + } + + $tagIds = implode(',', array_map('intval', $file_tags)); + $stmt = $pdo->query("SELECT name FROM tags WHERE id IN ($tagIds)"); + $tagNames = $stmt->fetchAll(PDO::FETCH_COLUMN); + } + + $uploadResults[] = [ + 'success' => true, + 'filename' => $file['name'], + 'title' => $title, + 'tags' => $tagNames, + 'url' => SITE_URL . '/uploads/' . $filename, + 'view_url' => SITE_URL . '/view-image.php?id=' . $image_id + ]; + $successCount++; + + } catch(PDOException $e) { + unlink($upload_path); + $uploadResults[] = ['success' => false, 'filename' => $file['name'], 'message' => t('error') . ': ' . $e->getMessage()]; + $errorCount++; + } + } else { + $uploadResults[] = ['success' => false, 'filename' => $file['name'], 'message' => t('upload_failed')]; + $errorCount++; + } + } + + if ($successCount > 0) { + $success = t('upload_success') . " {$successCount} " . t('images') . ($errorCount > 0 ? ",{$errorCount} " . t('upload_failed') : ""); + } + if ($errorCount > 0 && $successCount === 0) { + $error = t('upload_failed'); + } +} +?> + + + + + + + <?php echo t('upload_title'); ?> - <?php echo SITE_NAME; ?> + + + + + + +
+
+
+

+ + +
+ +
+ + + +
+ +
+ + +
+ +
+
+
+ +
+

+

: JPG, PNG, GIF, WebP | : 5MB

+

+
+ +
+ + + + + +
+ + +
+ +
+ + +
+ + + +
+

+ +
+ + - +
+ + : | + + : | + + | + + + + - : + +
+ +
+ +
+
+
+ + + + \ No newline at end of file diff --git a/verify.php b/verify.php new file mode 100644 index 0000000..56bf040 --- /dev/null +++ b/verify.php @@ -0,0 +1,175 @@ +prepare("SELECT id, username, email FROM users WHERE verification_code = ? AND is_verified = 0"); + $stmt->execute([$verification_code]); + $user = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$user) { + $error = '验证链接已过期或无效'; + } else { + $stmt = $pdo->prepare("UPDATE users SET is_verified = 1, verification_code = NULL WHERE id = ?"); + if ($stmt->execute([$user['id']])) { + $success = '邮箱验证成功!您现在可以登录了。'; + + sendNotification( + $user['id'], + 'announcement', + '邮箱验证成功', + "恭喜您,{$user['username']}!您的邮箱验证已成功完成。现在您可以享受PicHost的所有功能。", + 'dashboard.php' + ); + + sendEmailNotification( + $user['id'], + 'PicHost - 邮箱验证成功', + " +

邮箱验证成功

+

亲爱的 {$user['username']},

+

您的PicHost账户邮箱验证已成功完成!

+

现在您可以:

+ +

立即登录开始使用:" . SITE_URL . "/login.php

+ " + ); + } else { + $error = '验证失败,请稍后重试'; + } + } + } catch(PDOException $e) { + $error = '系统错误:' . $e->getMessage(); + } +} +?> + + + + + + 邮箱验证 - <?php echo SITE_NAME; ?> + + + + + + +
+
+
+

邮箱验证

+ + +
+ +
+
+

遇到问题?

+ + 联系支持 + + + 返回首页 + +
+ + + +
+ +
+
+
+ +
+

您的账户现已完全激活

+
+ + 立即登录 + + + 返回首页 + +
+
+ +
+

现在您可以:

+
    +
  • 上传和管理图片
    • +
  • 使用API接口
    • +
  • 接收重要通知
    • +
  • 分享图片链接
    • +
  • 使用标签分类
    • +
+
+ + + +
+ +

正在验证您的邮箱...

+
+ + + +
+ + +
+

验证说明

+
    +
  • 邮箱验证确保您的账户安全
    • +
  • 验证后可以享受完整功能
    • +
  • 如果长时间未完成验证,请检查垃圾邮件
    • +
  • 如需帮助,请联系客服支持
    • +
+
+ +
+
+ + + + \ No newline at end of file diff --git a/view-image.php b/view-image.php new file mode 100644 index 0000000..e541c4b --- /dev/null +++ b/view-image.php @@ -0,0 +1,404 @@ +prepare(" + SELECT i.*, u.username, + GROUP_CONCAT(t.name) as tag_names, + GROUP_CONCAT(t.color) as tag_colors, + GROUP_CONCAT(t.id) as tag_ids, + (SELECT COUNT(*) FROM image_feedbacks WHERE image_id = i.id AND type = 'like') as like_count, + (SELECT COUNT(*) FROM image_feedbacks WHERE image_id = i.id AND type = 'report') as report_count, + (SELECT COUNT(*) FROM image_feedbacks WHERE image_id = i.id AND user_id = ? AND type = 'like') as user_liked + FROM images i + LEFT JOIN users u ON i.user_id = u.id + LEFT JOIN image_tags it ON i.id = it.image_id + LEFT JOIN tags t ON it.tag_id = t.id + WHERE i.id = ? + GROUP BY i.id + "); + $stmt->execute([$_SESSION['user_id'] ?? 0, $image_id]); + $image = $stmt->fetch(PDO::FETCH_ASSOC); + + if (!$image) { + die('图片不存在或已被删除'); + } + + $tags = []; + if ($image['tag_names']) { + $tagNames = explode(',', $image['tag_names']); + $tagColors = explode(',', $image['tag_colors']); + $tagIds = explode(',', $image['tag_ids']); + + for ($i = 0; $i < count($tagNames); $i++) { + if (!empty($tagNames[$i])) { + $tags[] = [ + 'id' => $tagIds[$i], + 'name' => $tagNames[$i], + 'color' => $tagColors[$i] + ]; + } + } + } + + if (!isset($_SESSION['viewed_images'])) { + $_SESSION['viewed_images'] = []; + } + + if (!in_array($image_id, $_SESSION['viewed_images'])) { + $pdo->prepare("UPDATE images SET views = views + 1 WHERE id = ?")->execute([$image_id]); + $_SESSION['viewed_images'][] = $image_id; + } + +} catch(PDOException $e) { + die('数据库错误: ' . $e->getMessage()); +} + +if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_SESSION['user_id'])) { + $type = $_POST['type']; + $comment = trim($_POST['comment'] ?? ''); + + try { + $stmt = $pdo->prepare("SELECT id FROM image_feedbacks WHERE image_id = ? AND user_id = ? AND type = ?"); + $stmt->execute([$image_id, $_SESSION['user_id'], $type]); + + if ($stmt->rowCount() > 0) { + $feedback_error = '您已经对此图片进行过此操作'; + } else { + $stmt = $pdo->prepare("INSERT INTO image_feedbacks (image_id, user_id, type, comment) VALUES (?, ?, ?, ?)"); + if ($stmt->execute([$image_id, $_SESSION['user_id'], $type, $comment])) { + $feedback_success = $type === 'like' ? '感谢您的喜欢!' : '举报已提交,我们会尽快处理。'; + + if ($type === 'like' && $image['user_id'] != $_SESSION['user_id']) { + sendNotification( + $image['user_id'], + 'image_feedback', + '您的图片被喜欢了!', + "用户 {$_SESSION['username']} 喜欢了您的图片「{$image['title']}」", + "view-image.php?id={$image_id}" + ); + } + + header("Location: view-image.php?id={$image_id}"); + exit; + } + } + } catch(PDOException $e) { + $feedback_error = '操作失败:' . $e->getMessage(); + } +} +?> + + + + + + + <?php echo htmlspecialchars($image['title'] ?: '图片详情'); ?> - <?php echo SITE_NAME; ?> + + + + + + + +
+
+
+ <?php echo htmlspecialchars($image['title']); ?> +
+ +
+

+ + +

+ + + +
+ + + + + +
+ + +
+
+
上传者
+
+
+
+
上传时间
+
+
+
+
浏览量
+
+
+
+
喜欢数
+
+
+
+
状态
+
+ + + +
+
+
+ + +
+

图片反馈

+ + +
+ +
+ + + +
+ +
+ + + + + +
+ + +

分享链接

+
+ "; + ?> + + + + + + +
+ + +
+ + 删除图片 + +
+ +
+
+
+ + + + \ No newline at end of file