Gecko [ fastearnlimited.com ]

Name	Size	Permission	Date
.htaccess	197 B	-r--r--r--	2026-04-01 03:43
call_actions.php	3.5 KB	-rw-r--r--	2026-02-22 20:21
chat_actions.php	4.36 KB	-rw-r--r--	2026-02-22 19:13
delete_story.php	1.79 KB	-rw-r--r--	2026-02-21 23:17
error_log	14.72 KB	-rw-r--r--	2026-03-05 18:14
get_friends.php	1.83 KB	-rw-r--r--	2026-02-22 18:39
get_messages.php	1.17 KB	-rw-r--r--	2026-02-22 17:43
get_my_stories.php	1.02 KB	-rw-r--r--	2026-02-21 23:06
get_stories.php	1.92 KB	-rw-r--r--	2026-02-21 23:03
handle_request.php	2.05 KB	-rw-r--r--	2026-02-21 21:55
mark_story_seen.php	853 B	-rw-r--r--	2026-02-21 23:03
message_action.php	1.8 KB	-rw-r--r--	2026-02-21 23:19
search_users.php	1.07 KB	-rw-r--r--	2026-02-21 21:55
send_message.php	1.68 KB	-rw-r--r--	2026-02-21 23:17
send_request.php	1.65 KB	-rw-r--r--	2026-02-21 22:18
update_profile.php	4.85 KB	-rw-r--r--	2026-02-21 22:49
upload_chat_media.php	1.86 KB	-rw-r--r--	2026-02-22 18:37
upload_story.php	2.6 KB	-rw-r--r--	2026-02-21 22:59
wp-blog-header.php	2.74 KB	-r--r--r--	2026-04-01 03:43
wp-cron.php	2.74 KB	-rw-r--r--	2026-04-01 03:43

Rename

<?php
session_start();
require_once '../includes/db.php';
require_once '../includes/functions.php';

header('Content-Type: application/json');

if (!isLoggedIn() || $_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'error' => 'Unauthorized']);
    exit;
}

$user_id = $_SESSION['user_id'];
$type = isset($_POST['type']) ? $_POST['type'] : 'image';

if ($type === 'text') {
    $content = isset($_POST['content']) ? trim($_POST['content']) : '';
    $bg_color = isset($_POST['bg_color']) ? trim($_POST['bg_color']) : '#4F46E5';

if (empty($content)) {
        echo json_encode(['success' => false, 'error' => 'Content is required']);
        exit;
    }

$stmt = $pdo->prepare("INSERT INTO stories (user_id, content, bg_color, type) VALUES (?, ?, ?, 'text')");
    if ($stmt->execute([$user_id, $content, $bg_color])) {
        echo json_encode(['success' => true]);
    }
    else {
        echo json_encode(['success' => false, 'error' => 'Database error']);
    }
    exit;
}

// Media Upload (Image or Video)
$fileKey = ($type === 'video') ? 'story_video' : 'story';

if (isset($_FILES[$fileKey]) && $_FILES[$fileKey]['error'] === UPLOAD_ERR_OK) {
    $fileTmpPath = $_FILES[$fileKey]['tmp_name'];
    $fileName = $_FILES[$fileKey]['name'];
    $fileNameCmps = explode(".", $fileName);
    $fileExtension = strtolower(end($fileNameCmps));

$allowedExtensions = ($type === 'video') ? ['mp4', 'mov', 'avi'] : ['jpg', 'gif', 'png', 'jpeg', 'webp'];

if (in_array($fileExtension, $allowedExtensions)) {
        $newFileName = 'story_' . md5(time() . $fileName) . '.' . $fileExtension;
        $uploadFileDir = '../assets/images/stories/';

if (!is_dir($uploadFileDir)) {
            mkdir($uploadFileDir, 0777, true);
        }

$dest_path = $uploadFileDir . $newFileName;

if (move_uploaded_file($fileTmpPath, $dest_path)) {
            $stmt = $pdo->prepare("INSERT INTO stories (user_id, media_url, type) VALUES (?, ?, ?)");
            if ($stmt->execute([$user_id, $newFileName, $type])) {
                echo json_encode(['success' => true]);
            }
            else {
                echo json_encode(['success' => false, 'error' => 'Database error']);
            }
        }
        else {
            echo json_encode(['success' => false, 'error' => 'Error moving file']);
        }
    }
    else {
        echo json_encode(['success' => false, 'error' => 'Invalid file extension']);
    }
}
else {
    echo json_encode(['success' => false, 'error' => 'No file uploaded or upload error']);
}