request_confirm.php > upload.php > upload_confirm.php require "/home/hpr/php/include.php"; if ( $_SERVER['REQUEST_METHOD'] !== 'GET' and empty($_SERVER["REMOTE_ADDR"]) and count($_GET) !== 1 ) { call412("9a77e4ab24410cbf68a3a05ba97221e4"); } if ( isset( $_GET['key'] ) and strlen( $_GET['key'] ) === 45 and strlen( htmlspecialchars( stripslashes( strip_tags( $_GET['key'] ) ) ) ) === 45 and ctype_xdigit( $_GET['key'] ) ) { $key = htmlspecialchars( stripslashes( strip_tags( $_GET['key'] ) ) ); } else { if ( isset( $_GET['delete'] ) and strlen( $_GET['delete'] ) === 45 and strlen( htmlspecialchars( stripslashes( strip_tags( $_GET['delete'] ) ) ) ) === 45 and ctype_xdigit( $_GET['delete'] ) ) { $key = htmlspecialchars( stripslashes( strip_tags( $_GET['delete'] ) ) ); } else { call412("e8ac90fc2a8996e5fb7a83e73e636e80"); } } $ip = $_SERVER["REMOTE_ADDR"]; $query = "select * FROM reservations WHERE reservations.ip = '$ip' AND reservations.key = '$key' "; $result = mysqli_query($connection, $query); if($result === FALSE) { call412("91432866e3c9c36a9c4884345d578761"); } $db = mysqli_fetch_array($result, MYSQLI_ASSOC); if ( empty($db) or empty( $db['timestamp'] ) or empty( $db['key'] ) or empty( $db['ep_num'] ) or empty( $db['ep_date'] ) or empty( $db['email'] ) ) { call412("b019bd29c1fe5b756e4b620a5428f730"); } else { $db_timestamp = $db['timestamp']; $db_key = $db['key']; $email_padded = formatemail($db['email']); $email = unformatemail($db['email']); $ep_num = $db['ep_num']; $ep_date = $db['ep_date']; $db_ip = $db['ip']; } // User selects delete if ( isset( $_GET['delete'] ) ) { $query = "DELETE FROM reservations WHERE reservations.ip = '$ip' AND reservations.key = '$key' "; $result = mysqli_query($connection, $query); if($result === FALSE) { call412("35a7f4e80ecba8284049e9d6261ae523"); } else { header( "Location: https://" . $_SERVER['SERVER_NAME'] . "/calendar.php" ) ; $dir_structure = "/home/hpr/upload/" . strtotime($db_timestamp) . "_${ep_num}_${ep_date}_${db_key}/"; rrmdir("$dir_structure"); exit; } } // Set the show to verified so that we can remove the temporary lock $status = strtotime("now") . ".EMAIL_LINK_CLICKED." . date('Y-m-d\TH:i:s\Z'); $query = "UPDATE reservations SET `verified` = '1', `status` = 'EMAIL_LINK_CLICKED' WHERE `ip` = '$db_ip' AND `timestamp` = '$db_timestamp' AND `key` = '$db_key'"; $result = mysqli_query($connection, $query ); if(!isset($result)) { naughty("066c518314f0d3b1ad3e4af60fcf36ce"); } // Display host information /* */ $ip = $_SERVER["REMOTE_ADDR"]; # TODO need to add the email for new hosts $query = "SELECT * FROM hosts WHERE hosts.email = '$email' OR hosts.email = '$email_padded'"; $result = mysqli_query($connection, $query); if($result === FALSE) { call412("5cb513b590ab5859bf7603b79402a5cb"); } $db = mysqli_fetch_array($result, MYSQLI_ASSOC); if ( empty($db) or empty( $db['hostid'] ) or empty( $db['host'] ) or empty( $db['email'] ) ) { $hostid = "0"; $host = ""; $profile = ""; $license = "CC-BY-SA"; $local_image = 0; $status = "Please fill in some information about yourself."; } else { $hostid = $db['hostid']; $host = $db['host']; $profile = $db['profile']; $license = $db['license']; $local_image = $db['local_image']; $email_padded = formatemail($db['email']); $email = unformatemail($db['email']); $status = "Please confirm or change the following information about yourself."; } $image_url = "./images/hosts/${hostid}.png"; if ( !file_exists( $image_url )) { $image_url = 'https://secure.gravatar.com/avatar/' . md5($email) . '.png&d=404'; } // Main $body="give"; //$body="index_full"; include 'header.html'; ?>

Uploading to the Reserve Queue.\n"; } else { echo "

Uploading hpr${ep_num} for release on ${ep_date}

\n"; } ?>

You can fill in information about yourself and your show below. Please see the help page for more information.

Host Email (" target="_blank">?):
Image: (" target="_blank">?)
"; if ( $local_image === 1 ) { echo "Image previously uploaded"; } else { echo "Image sourced from gravatar"; } ?>
Upload your photo/avatar here:
Name/Handle: (" target="_blank">?)
Your Default license: (" target="_blank">?)
Profile: (" target="_blank">?)

Please fill in some information about this episode

Title(*) (" target="_blank">?):
Summary(*) (" target="_blank">?):
Theme: (" target="_blank">?) Please do not add a theme to your show: See Policy Decision for more information.
Explicit: (" target="_blank">?) Is the show Explicit ?: Yes No. If in doubt please select Yes. See iTunes for more information.
License: (" target="_blank">?) See https://creativecommons.org/licenses/ for more information.
Notes(*) (" target="_blank">?):
Format: (" target="_blank">?) What format if any did you just use in the show notes above ?
Series: (" target="_blank">?) "; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { printf(""); } mysqli_free_result($result); ?>
Tags: (" target="_blank">?)
Add a list of comma separated tags.
If you can provide tags for your show that would be appreciated; you are certainly the best judge of what makes good tags, but if not then a volunteer will add them later.
Upload Method: (" target="_blank">?) You have the choice of the following upload options:

1. Upload now via this browser: (" target="_blank">?)

2. Provide a url we we can directly download it from: (" target="_blank">?)
This must be accessable using a curl or wget command.
Please avoid services that require login or downloading via a browser.

3. Upload via an alternative method: If you wish to send a show using another method then please discuss it with the HPR Volunteer at admin@hackerpublicradio.org.

4. Reserve a slot: Leave upload option 1 and 2 empty if you have received prior approval for a reservation from the Community via the HPR Mailing List to either:

  • Reserve the show now and upload media later.
  • Send physical media by the postal service or deliver in person.
    Make sure you plan in enough time to deliver your media.
"; ?> "; ?>
This will take a long time, leave the browser running. You will get an email once the upload is complete. \nDelete this reservation for the Reserve Queue.\n

\n"; } else { echo "

\nDelete this reservation for hpr${ep_num} on ${ep_date}.\n

\n"; } ?>