OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	01/07/2025 11:50:15 AM	rwxr-xr-x
📁 PHPMailer	-	05/19/2025 10:07:22 AM	rwxr-xr-x
📄 backup-navbar.php	27.29 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 backupnavbar.php	21.23 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 blockAccount.php	2.23 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 bnavbar.php	35.82 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 bottom_navbar.php	6.18 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 common.js	46.89 KB	01/07/2025 11:50:18 AM	rw-r--r--
📄 config.php	9.38 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 db_config.php	3.43 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 db_connect.php	293 bytes	05/19/2025 10:07:22 AM	rw-r--r--
📄 delete_account.php	3.5 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 edit_post.php	2.23 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 footer.php	1.25 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 function.php	20.12 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 go_backbar.php	4.01 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 handler.php	3.46 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 indexFooter.php	597 bytes	05/19/2025 10:07:22 AM	rw-r--r--
📄 mail.php	2.67 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 navbar.php	24.1 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 process_data.php	3.87 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 readert_validate.logged.php	481 bytes	05/19/2025 10:07:22 AM	rw-r--r--
📄 report_account.php	1.42 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 report_stream.php	2.08 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 savePost.php	2.38 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 siginupProcess.php	5.24 KB	05/19/2025 10:07:22 AM	rw-r--r--
📁 simplepie	-	05/19/2025 10:07:22 AM	rwxr-xr-x
📄 stream_post_handler.php	3.68 KB	05/19/2025 10:07:22 AM	rw-r--r--
📄 validate.logged.php	1.01 KB	05/19/2025 10:07:22 AM	rw-r--r--

Editing: stream_post_handler.php

<?php
include './assets/php/db_connect.php';
include './inc/config.php';
include './assets/php/validate.logged.php';
include './assets/php/function.php';

// Set content type to JSON for AJAX response
header('Content-Type: application/json');

// Initialize the response
$response = [
    'status' => 'error',
    'message' => 'There was an issue with the request.',
    'data' => []
];

// Check if the form was submitted via POST
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Collect the content from the form
    $content = isset($_POST['content']) ? trim($_POST['content']) : null;
    $media_url = null;

// Check for file upload
    if (isset($_FILES['media']) && $_FILES['media']['error'] === UPLOAD_ERR_OK) {
        $upload_dir = 'uploads/';  // Directory where the files will be stored
        $file_name = basename($_FILES['media']['name']);
        $file_ext = strtolower(pathinfo($file_name, PATHINFO_EXTENSION));
        
        // Generate a unique file name using the user ID and timestamp
        $timestamp = time();
        $unique_name = 'user_' . $timestamp . '.' . $file_ext;

// Allowed file extensions
        $allowed_extensions = ['jpg', 'jpeg', 'png', 'gif', 'mp4', 'avi', 'mov'];

if (in_array($file_ext, $allowed_extensions)) {
            $media_url = $upload_dir . $unique_name;

// Check if the upload directory exists and is writable
            if (!is_dir($upload_dir) || !is_writable($upload_dir)) {
                $response['message'] = 'Error: Upload directory is not writable.';
                echo json_encode($response);
                exit;
            }

// Move the uploaded file
            if (move_uploaded_file($_FILES['media']['tmp_name'], $media_url)) {
                $response['data'][] = ['media_upload' => 'File uploaded successfully.'];
            } else {
                $response['message'] = 'Error: Failed to upload the file.';
                echo json_encode($response);
                exit;
            }
        } else {
            $response['message'] = 'Error: Invalid file type. Only images and videos are allowed.';
            echo json_encode($response);
            exit;
        }
    } else {
        $response['message'] = 'No file uploaded.';
    }

// Process meta data
    $jsonMetaData = [];
    $inputFields = ['hiddenTitle', 'hiddenDesc', 'hiddenUrl', 'hiddenImage', 'hiddenDomain', 'hiddenYTLink'];
    foreach ($inputFields as $field) {
        if (isset($_POST[$field])) {
            $jsonMetaData[$field] = $_POST[$field];
        }
    }

// Encode the meta data as JSON
    $jsonString = !empty($jsonMetaData) ? json_encode($jsonMetaData) : null;

// If either content or media is present, proceed with database insertion
    if ($content || $media_url) {
        // Assuming you have the database connection already set up
        $stmt = $conn->prepare("INSERT INTO reader_stream (userId, chat, mediaPath, metadata) VALUES (?, ?, ?, ?)");
        $stmt->bind_param("isss", $gUserId, $content, $media_url, $jsonString);

if ($stmt->execute()) {
            $response['status'] = 'success';
            $response['message'] = 'Post submitted successfully.';
            $response['data'][] = ['database' => 'Post inserted into the database.'];
        } else {
            $response['message'] = 'Error: Failed to insert post into database.';
        }

$stmt->close();
    } else {
        $response['message'] = "The message can't be empty.";
    }
} else {
    $response['message'] = 'Invalid request method. Please use POST.';
}

echo json_encode($response);  // Output the response as JSON
?>