From e8d9af1f6176f4c16db4ed4548992157c0d4a49e Mon Sep 17 00:00:00 2001
From: Ken Fallon <ken@fallon.ie>
Date: Mon, 17 Nov 2025 16:39:26 +0100
Subject: [PATCH] Added notes to each error.

---
 hub/upload_confirm.php | 121 +++++++++++++++++++++--------------------
 1 file changed, 61 insertions(+), 60 deletions(-)

diff --git a/hub/upload_confirm.php b/hub/upload_confirm.php
index 67599c7..5df771d 100755
--- a/hub/upload_confirm.php
+++ b/hub/upload_confirm.php
@@ -1,5 +1,5 @@
 <?php
-# request.php > request_confirm.php > upload.php > upload_confirm.php 
+# request.php > request_confirm.php > upload.php > upload_confirm.php
 
 ## Recent Changes
 # TODO disabled the max notes check. We need to re-enable after we get a feel for the max length
@@ -24,7 +24,7 @@ logextra( "Got reservations" );
 if ($total > 150 ) {
   # This seems to indicate that we are under an attack as we never get 5 shows in the one day from different hosts.
   # A host doing bulk upload will need to do them one by one
-  naughty("88fe2bc11a90f9f9ab9bdcc8a82d7401");
+  naughty("88fe2bc11a90f9f9ab9bdcc8a82d7401 Too many shows waiting - uploads have been suspended.");
 }
 logextra( "No bulk upload" );
 // // // print '<pre>';
@@ -34,12 +34,12 @@ logextra( "No bulk upload" );
 
 
 if ( $_SERVER['REQUEST_METHOD'] !== 'POST' ) {
-  naughty("29e9019c9615f755aec834000892ee9e"); 
+  naughty("29e9019c9615f755aec834000892ee9e, Wrong request method");
 }
 logextra( "It is a POST" );
 
 if ( empty($_SERVER["REMOTE_ADDR"]) ) {
-  naughty("abb147a251e8db132dafa93d98f8487f");
+  naughty("abb147a251e8db132dafa93d98f8487f Missing remote IP address");
 }
 else {
   $ip = $_SERVER["REMOTE_ADDR"];
@@ -51,7 +51,7 @@ if (count($_POST) !== 15) {
 if (count($_POST) !== 17) {
     # 19 is for mosaic
     # if this reports 0 is could be that the max upload is not set correctly in php.ini.
-    naughty("7a994999b40e3dc2e3eecfdc36a78d23 ".count($_POST) );
+    naughty("7a994999b40e3dc2e3eecfdc36a78d23 Incorrect number of POST entries".count($_POST) );
   }
 }
 logextra( "Correct number of POST entries" );
@@ -60,7 +60,7 @@ if ( isset( $_POST['key'] ) and strlen( $_POST['key'] ) ===  45  and strlen( htm
   $db_key = htmlspecialchars( stripslashes( strip_tags( $_POST['key'] ) ) );
 }
 else {
-  naughty("2fb4c4e05f0e8f37a5b47565cfb863f5");
+  naughty("2fb4c4e05f0e8f37a5b47565cfb863f5 Field lengths are not correct");
 }
 logextra( "Field lengths are correct" );
 
@@ -70,7 +70,7 @@ $db = mysqli_fetch_array($result, MYSQLI_ASSOC);
 logextra( "Getting this reservation from the db" );
 
 if ( empty($db["ip"]) or $db["key"] != $db_key ) {
-  naughty("3162941738512bfdb1d21f288ee7cdb4");
+  naughty("3162941738512bfdb1d21f288ee7cdb4 Could not find this reservation from the db for \"$ip\" and \"$db_key\". Are you using the correct link, or did your ip address change ?");
 }
 else {
   $db_ip = $db['ip'];
@@ -82,32 +82,32 @@ else {
 logextra( "Found this reservation from the db" );
 
 if ( empty($db_email) ) {
-  naughty("457bf84c726d1cbbd381933e3a08b2ac");
+  naughty("457bf84c726d1cbbd381933e3a08b2ac did not find a email \"$db_email\" in the db.");
 }
 logextra( "Got an email $db_email" );
 
 if ( strtotime($db['timestamp']) >=  $_SERVER["REQUEST_TIME"] ) {
-  naughty("00ad965f523b5c2ade071eb20d3618b5");
+  naughty("00ad965f523b5c2ade071eb20d3618b5 The Timestamp is too old");
 }
-logextra( "Timestamp is not to old" );
+logextra( "Timestamp is not too old" );
 
 if ( strtotime($db['timestamp']) >=  ( $_SERVER["REQUEST_TIME"] ) + 1800 ) {
-  naughty("7570026fd11fc31ac0cada3e1dae4d0b");
+  naughty("7570026fd11fc31ac0cada3e1dae4d0b The Timestamp is too young");
 }
 logextra( "Timestamp is not to young" );
 
 if ( empty($_POST["title"]) or strlen($_POST["title"]) > 100 ) {
-  naughty("32831f22fb96d02ce819127d558d28a2");
+  naughty("32831f22fb96d02ce819127d558d28a2 The Title length is not less than 100");
 }
 logextra( "Title length is OK" );
 
 if ( empty($_POST["summary"]) or strlen( $_POST["summary"]) > 200 or strlen(str_replace('\\', '', $_POST["summary"])) > 100 ) {
-  naughty("ecfcc4c12bf4319d412d66fd2e239249");
+  naughty("ecfcc4c12bf4319d412d66fd2e239249 The summary length is not between 100 and 200");
 }
 logextra( "Summary length is OK" );
 
 if ( empty($_POST["shownotes_format"]) ) {
-  naughty("a8345484b7a4ebad5af54937a3b2e26b");
+  naughty("a8345484b7a4ebad5af54937a3b2e26b The Shownotes are missing");
 }
 logextra( "Shownotes are not missing" );
 
@@ -117,40 +117,40 @@ if ( !(
     strcmp($_POST["shownotes_format"], "Markdown_GitHub") === 0 or
     strcmp($_POST["shownotes_format"], "Markdown_Pandoc") === 0 or
     strcmp($_POST["shownotes_format"], "restructured_text") === 0 or
-    strcmp($_POST["shownotes_format"], "txt2tags") === 0 ) 
+    strcmp($_POST["shownotes_format"], "txt2tags") === 0 )
     ) {
-  naughty("b5609bad7edd70d76d75652fb0592ec4 " . $_POST["shownotes_format"] . " " . strcmp($_POST["shownotes_format"], "."));  
+  naughty("b5609bad7edd70d76d75652fb0592ec4 " . $_POST["shownotes_format"] . " " . strcmp($_POST["shownotes_format"], ". The shownotes_format is not OK"));
 }
 logextra( "shownotes_format is set OK" );
 
 if ( empty($_POST["explicit"]) ) {
-  naughty("39cc8812b02607d613c6a7ba7e789f2c");
+  naughty("39cc8812b02607d613c6a7ba7e789f2c The explicit flag is missing");
 }
 logextra( "explicit exists" );
 
 if ( strcmp($_POST["explicit"], "Yes") !== 0 ) {
   logextra( "" );
 if ( strcmp($_POST["explicit"], "Clean") !== 0 ) {
-    naughty("198ab3b8af59ffba12c335239bde2876");
+    naughty("198ab3b8af59ffba12c335239bde2876 The explicit flsg is not Yes or Clean");
   }
 }
 logextra( "explicit is either Yes or Clean" );
 
 if ( empty($_POST["license"]) or strlen($_POST["license"]) < 4 or strlen($_POST["license"]) > 11 ) {
-  naughty("194c24ff7396901c0ccc42fb21344683");
+  naughty("194c24ff7396901c0ccc42fb21344683 The license length is not correct");
 }
 logextra( "license length is fine" );
 
 if ( !(
-    strcmp($_POST["license"], "CC-BY-SA") === 0 or 
-    strcmp($_POST["license"], "CC-BY-NC-SA") === 0 or 
-    strcmp($_POST["license"], "CC-BY-NC-ND") === 0 or 
-    strcmp($_POST["license"], "CC-0") === 0 or 
-    strcmp($_POST["license"], "CC-BY-NC") === 0 or 
-    strcmp($_POST["license"], "CC-BY") === 0 or 
-    strcmp($_POST["license"], "Other") === 0 ) 
+    strcmp($_POST["license"], "CC-BY-SA") === 0 or
+    strcmp($_POST["license"], "CC-BY-NC-SA") === 0 or
+    strcmp($_POST["license"], "CC-BY-NC-ND") === 0 or
+    strcmp($_POST["license"], "CC-0") === 0 or
+    strcmp($_POST["license"], "CC-BY-NC") === 0 or
+    strcmp($_POST["license"], "CC-BY") === 0 or
+    strcmp($_POST["license"], "Other") === 0 )
     ) {
-  naughty("f5609bad7edd70d76d75652fb0592ec4");  
+  naughty("f5609bad7edd70d76d75652fb0592ec4 The license is has an invalid value");
 }
 logextra( "license is a valid value" );
 
@@ -164,60 +164,61 @@ $notes_length = strlen($_POST["notes"]);
 logextra( "Notes are $notes_length long." );
 
 if ( ( empty($_POST["series"]) and ($_POST["series"] != 0 ) ) or (strlen($_POST["series"]) > 3 ) ) {
-  naughty("f1c83b57821d562f66246d975ef28994");
+  naughty("f1c83b57821d562f66246d975ef28994 The Series is either missing, zero or greater than 3 in length");
 }
+logextra( "The Series exists and is less than 3 but not zero" );
 $series = $_POST["series"];
 $result_series = mysqli_query($connection, "SELECT name FROM miniseries WHERE id='$series'");
 logextra( "Series id is in the correct range" );
 if (!isset($result_series)) {
-  naughty("27457bada69cbc352af762bdf649e905");
+  naughty("27457bada69cbc352af762bdf649e905 The Series id is not in the correct range");
 }
 $data=mysqli_fetch_assoc($result_series);
 $series_name = $data['name'];
 logextra( "Series has been found" );
 
 if ( !empty($_POST["tags"]) and strlen($_POST["tags"]) > 100 ) {
-  naughty("49a69b565acecf9d2a96aacc73aec5aa");
+  naughty("49a69b565acecf9d2a96aacc73aec5aa The tags are missing or greate than 100 long");
 }
 logextra( "Tags are the correct length" );
 
 if ( empty($_POST["host_name"]) or strlen($_POST["host_name"]) > 40 ) {
-  naughty("626eae845e0a448be0544775ab5e4dc4");
+  naughty("626eae845e0a448be0544775ab5e4dc4 The hostname is missing or greater than 40 long");
 }
 logextra( "host_name is set and correct length" );
 
 if ( strlen($_POST["host_profile"]) > 2000 ) {
-  naughty("f69ec5999e0a02def5a110489401347f");
+  naughty("f69ec5999e0a02def5a110489401347f The Host profile exceeds 2000");
 }
 logextra( "host_profile is correct length" );
 
 if ( empty($_POST["host_license"]) or strlen($_POST["host_license"]) < 4 or strlen($_POST["host_license"]) > 11 ) {
-  naughty("f2816b32e97be090a96ceabdc9230c9c");
+  naughty("f2816b32e97be090a96ceabdc9230c9c The host license length is not correct");
 }
-logextra( "host_license is in the correct range" );
+logextra( "host_license is in the correct range " );
 
 if ( !(
-    strcmp($_POST["host_license"], "CC-BY-SA") === 0 or 
-    strcmp($_POST["host_license"], "CC-BY-NC-SA") === 0 or 
-    strcmp($_POST["host_license"], "CC-BY-NC-ND") === 0 or 
-    strcmp($_POST["host_license"], "CC-0") === 0 or 
-    strcmp($_POST["host_license"], "CC-BY-NC") === 0 or 
-    strcmp($_POST["host_license"], "CC-BY") === 0 or 
-    strcmp($_POST["host_license"], "Other") === 0 ) 
+    strcmp($_POST["host_license"], "CC-BY-SA") === 0 or
+    strcmp($_POST["host_license"], "CC-BY-NC-SA") === 0 or
+    strcmp($_POST["host_license"], "CC-BY-NC-ND") === 0 or
+    strcmp($_POST["host_license"], "CC-0") === 0 or
+    strcmp($_POST["host_license"], "CC-BY-NC") === 0 or
+    strcmp($_POST["host_license"], "CC-BY") === 0 or
+    strcmp($_POST["host_license"], "Other") === 0 )
     ) {
-  naughty("978a18fa8558f3180897429e63d6ae55");  
+  naughty("978a18fa8558f3180897429e63d6ae55 The show license is has an invalid value");
 }
 logextra( "host_license is a predfined value" );
 
 if ( empty($_POST["hostid"]) and $_POST["hostid"] != 0 ) {
-  naughty("277dc98d43e7840d9f296cce1bc3ec2c");
+  naughty("277dc98d43e7840d9f296cce1bc3ec2c The hostid is missing or is 0");
 }
 logextra( "hostid exists and is not 0" );
 
 $result = mysqli_query($connection, 'SELECT MAX(hostid) as max FROM hosts;');
 
 if (!isset($result)) {
-  naughty("93fcc22d0c5ee3fac35e6d658db76059");
+  naughty("93fcc22d0c5ee3fac35e6d658db76059 Failed to retrieve the max host from db");
 }
 $data=mysqli_fetch_assoc($result);
 $maxhost = $data['max'];
@@ -227,21 +228,21 @@ logextra( "retrieved the max host from db" );
 $hostid = $_POST["hostid"];
 logextra( "" );
 if ( (strval(intval($hostid)) != strval($hostid)) or ( intval($hostid) < 0 ) or ( intval($hostid) > $maxhost ) ){
-  naughty("a0f6cae871b85cb66f85d7ed5e91d1bb");
+  naughty("a0f6cae871b85cb66f85d7ed5e91d1bb The host id is not an int, or the range is not correct");
 }
 logextra( "host id is int, and in the correct range" );
 
 if ( !empty($_POST["url"]) and strlen($_POST["url"]) > 1024 ) {
-  naughty("6d4f180c49ff9b9154bd80070ec2c1f3");
+  naughty("6d4f180c49ff9b9154bd80070ec2c1f3 The url is not set or is not the correct length");
 }
 logextra( "The url is set and the correct length" );
 
 if ( !empty($_POST["url"]) ) {
   if ( filter_var($_POST["url"], FILTER_VALIDATE_URL) === false ) {
-      naughty("9c307efe37146015a35e2d928c2c0f69");
+      naughty("9c307efe37146015a35e2d928c2c0f69 The url has been altered");
     }
     else {
-      $url = htmlspecialchars(filter_var($_POST["url"], FILTER_VALIDATE_URL)); 
+      $url = htmlspecialchars(filter_var($_POST["url"], FILTER_VALIDATE_URL));
     }
 }
 logextra( "The url has not been altered" );
@@ -249,17 +250,17 @@ logextra( "The url has not been altered" );
 $dir_structure = "/home/hpr/upload/" . strtotime($db_timestamp) . "_${ep_num}_${ep_date}_${db_key}/";
 
 if ( file_exists( $dir_structure ) ) {
-  naughty("d4250c369bd81b27cdc53d0d53321ecd");
+  naughty("d4250c369bd81b27cdc53d0d53321ecd There is an error with the upload dir");
 }
 logextra( "The upload dir seems fine $dir_structure" );
 
 if (!mkdir($dir_structure, 0777, true)) {
-  naughty("804c4be123ca0327840b76bf4f8eb19e");
+  naughty("804c4be123ca0327840b76bf4f8eb19e The upload directory could not be created");
 }
 
 $shownote_file_json = "${dir_structure}/shownotes.json";
 if ( file_exists( $shownote_file_json ) ) {
-  naughty("85c8df74d172794c49233c1a94c299fd");
+  naughty("85c8df74d172794c49233c1a94c299fd The shownotes json file is missing");
 }
 logextra( "The shownotes json file exists $shownote_file_json" );
 
@@ -304,12 +305,12 @@ $shownote_file_json_length = strlen( json_encode( $show_data_json ) );
 logextra( "Wrote the shownotes which are $shownote_file_json_length long" );
 
 if ( !file_exists( $dir_structure ) ) {
-  naughty("a1534e6d525352dce7183a2e22862049");
+  naughty("a1534e6d525352dce7183a2e22862049 The dir_structure is missing");
 }
 logextra( "The dir_structure still exists" );
 
 if ( !file_exists( "$dir_structure/shownotes.json" ) ) {
-  naughty("3eb02d6b9ea801d4c5909b4fac0ccd96");
+  naughty("3eb02d6b9ea801d4c5909b4fac0ccd96 The shownotes.json is missing");
 }
 logextra( "shownotes.json still exists" );
 
@@ -318,7 +319,7 @@ $message="";
 if ( !empty($_FILES["host_photo"]["tmp_name"]) and !empty($_FILES["host_photo"]["type"]) and $_FILES["host_photo"]["error"] == 0 ) {
   list($type_main, $type_sub)= explode("/", $_FILES["host_photo"]["type"]);
   if ( empty($type_sub) or strlen($type_sub) > 4 ) {
-    naughty("c1381f1d2492f81074d8cb70c85f5fc8");
+    naughty("c1381f1d2492f81074d8cb70c85f5fc8 There was an issue with the upload");
   }
   else {
     $temp_photo = $_FILES["host_photo"]["tmp_name"];
@@ -350,7 +351,7 @@ else {
 
 You have chosen to upload the files separately from these show notes.
 
-If you wish to send a show using another method then please discuss 
+If you wish to send a show using another method then please discuss
 it with the HPR Volunteer at admin@hackerpublicradio.org
 
 ";
@@ -379,7 +380,7 @@ foreach($_FILES["media_files"]["tmp_name"] as $key => $val) {
 logextra( "All Files moved" );
 
 ########################################################
-// OK You convinced me. 
+// OK You convinced me.
 
 if ( $ep_num  == 9999 ) {
   $show_submitted = "RESERVE_SHOW_SUBMITTED";
@@ -400,12 +401,12 @@ if (mysqli_errno($connection)) {
 }
 logextra( "Updating the db to $show_submitted" );
 if (!isset($result)) {
-  naughty("76ec33229ca023336a2b1c649b0491f5");
+  naughty("76ec33229ca023336a2b1c649b0491f5 There was a problem updating the db");
 }
 
 $body="give";
 //$body="index_full";
-include 'header.php'; 
+include 'header.php';
 
 ?>
   <article>
@@ -430,7 +431,7 @@ include 'header.php';
 <?php
 logextra( "Sending email" );
 
-# TODO check for both url and file upload 
+# TODO check for both url and file upload
 
 use PHPMailer\PHPMailer\PHPMailer;
 use PHPMailer\PHPMailer\Exception;
@@ -442,7 +443,7 @@ require_once('/home/hpr/php/PHPMailer/SMTP.php');
 
 date_default_timezone_set('Etc/UTC');
 
-$mailer = new PHPMailer(true); 
+$mailer = new PHPMailer(true);
 $mailer->isSMTP();
 $mailer->Host = "$mailerHost";
 $mailer->SMTPAuth = true;