OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	06/17/2025 10:17:24 AM	rwxrwxr-x
📁 assets	-	05/19/2025 10:07:13 AM	rwxr-xr-x
📄 checkSession.php	1.52 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 follow_action.php	1.7 KB	05/19/2025 10:07:13 AM	rw-r--r--
📁 genai	-	05/19/2025 10:07:13 AM	rwxr-xr-x
📁 inc	-	05/19/2025 10:07:13 AM	rwxr-xr-x
📄 index.php	54.5 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 logInCheck.php	4.41 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 logout.php	1.14 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 new-page-copy.php	10.89 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 new-page.php	10.63 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 new_my_collection.php	52.1 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 process_data.php	5.02 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 sign-in.php	34.79 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 signInProcess.php	14.06 KB	05/19/2025 10:07:13 AM	rw-r--r--
📄 stream.php	70.38 KB	05/19/2025 10:07:13 AM	rw-r--r--

Editing: process_data.php

<?php
include './assets/php/validate.logged.php';
include './assets/php/function.php';
include './assets/php/db_config.php';

// Set content type to JSON for AJAX response
header('Content-Type: application/json');

// Initialize the response
$response = [
    'status' => 'error',
    'message' => 'There was an issue with the request.',
    'data' => []
];

// Check if the form was submitted via POST
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Collect the content from the form
    $content = isset($_POST['content']) ? trim($_POST['content']) : null;
    $media_urls = [];
    $visibility = isset($_POST['visibility']) ? $_POST['visibility'] : 'private'; // Default to 'private'

// Validate visibility input (either 'public' or 'private')
    if (!in_array($visibility, ['public', 'private'])) {
        $response['message'] = 'Invalid visibility value. It must be either "public" or "private".';
        echo json_encode($response);
        exit;
    }

// Check for file uploads
    if (isset($_FILES['media']) && is_array($_FILES['media']['name'])) {
        // Loop through all uploaded files
        for ($i = 0; $i < count($_FILES['media']['name']); $i++) {
            $file_name = basename($_FILES['media']['name'][$i]);
            $file_tmp_name = $_FILES['media']['tmp_name'][$i];
            $file_error = $_FILES['media']['error'][$i];
            $file_ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));

// Check for upload errors
            if ($file_error === UPLOAD_ERR_OK) {
                // Define upload directory
                $upload_dir = 'uploads/';
                $timestamp = time();
                $unique_name = 'user_' . $timestamp . '_' . $i . '.' . $file_ext;

// Allowed file extensions
                $allowed_extensions = ['jpg', 'jpeg', 'png', 'gif', 'mp4', 'avi', 'mov'];

// Validate file extension
                if (in_array($file_ext, $allowed_extensions)) {
                    $media_url = $upload_dir . $unique_name;
                    if (move_uploaded_file($file_tmp_name, $media_url)) {
                        $media_urls[] = $media_url; // Store the uploaded media URL
                        if (count($media_urls) > 4) {
                            $response['message'] = 'You can add up to 4 images at a time.';
                            echo json_encode($response);
                            exit;
                        }
                    } else {
                        $response['message'] = 'Error: Failed to upload file ' . $file_name;
                        echo json_encode($response);
                        exit;
                    }
                } else {
                    $response['message'] = 'Error: Invalid file type for file ' . $file_name;
                    echo json_encode($response);
                    exit;
                }
            } else {
                $response['message'] = 'Error: Upload error with file ' . $file_name;
                echo json_encode($response);
                exit;
            }
        }
    } else {
        $response['message'] = 'No files uploaded.';
        // echo json_encode($response);
        // exit;
    }

// Process meta data
    $jsonMetaData = [];
    $inputFields = [
        'hiddenTitle' => 'metaTitle',
        'hiddenDesc' => 'metaDesc',
        'hiddenUrl' => 'metaUrl',
        'hiddenImage' => 'metaImage',
        'hiddenDomain' => 'metaDomain',
        'hiddenYTLink' => 'youtubeLink'
    ];
    foreach ($inputFields as $field => $attribute) {
        if (isset($_POST[$field])) {
            $jsonMetaData[$attribute] = $_POST[$field];
        }
    }

// Encode the meta data as JSON
    $jsonString = !empty($jsonMetaData) ? json_encode($jsonMetaData) : null;

// If either content or media is present, proceed with database insertion
    if ($content || !empty($media_urls)) {
        // Assuming you have the database connection already set up
        $stmt = $readerdb->prepare("INSERT INTO reader_stream (userId, chat, mediaPath, metadata, visibility) VALUES (?, ?, ?, ?, ?)");
        $media_url = implode(',', $media_urls);  // Store multiple media URLs as a comma-separated string
        $stmt->bind_param("issss", $gUserId, $content, $media_url, $jsonString, $visibility);

if ($stmt->execute()) {
            $response['status'] = 'success';
            $response['message'] = 'Post submitted successfully.';
            $response['data'][] = ['database' => 'Post inserted into the database.'];
        } else {
            $response['message'] = 'Error: Failed to insert post into database.';
            $response['error'] = $stmt->error;  // Capture and display the SQL error
        }

$stmt->close();
    } else {
        $response['message'] = "The message can't be empty.";
    }
} else {
    $response['message'] = 'Invalid request method. Please use POST.';
}

echo json_encode($response);  // Output the response as JSON