Browse Source

changes

remotes/r4jeshwar/master
Go Johansson 5 months ago
parent
commit
044a28cd25
  1. 3
      .gitignore
  2. 2
      Makefile
  3. 0
      static/img/grills/10.png
  4. 0
      static/img/grills/11.png
  5. 0
      static/img/grills/12.png
  6. 0
      static/img/grills/13.png
  7. 0
      static/img/grills/14.png
  8. 0
      static/img/grills/15.png
  9. 0
      static/img/grills/16.png
  10. 0
      static/img/grills/17.png
  11. 0
      static/img/grills/18.png
  12. 0
      static/img/grills/19.png
  13. 0
      static/img/grills/2.png
  14. 0
      static/img/grills/20.png
  15. 0
      static/img/grills/3.png
  16. 0
      static/img/grills/4.png
  17. 0
      static/img/grills/5.png
  18. 0
      static/img/grills/6.png
  19. 0
      static/img/grills/7.png
  20. 0
      static/img/grills/8.png
  21. 0
      static/img/grills/9.png
  22. 37
      static/php/api.php
  23. 43
      static/php/grill.php
  24. 195
      static/php/includes/Core.namespace.php
  25. 200
      static/php/includes/Upload.class.php
  26. 290
      static/php/upload.php

3
.gitignore vendored

@ -1,2 +1,3 @@
.DS_Store
**/.DS_Store
node_modules
dist/

2
Makefile

@ -25,7 +25,7 @@ htmlmin:
installdirs:
mkdir -p $(DESTDIR)/ $(DESTDIR)/img
ifneq (,$(findstring php,$(MODULES)))
mkdir -p $(DESTDIR)/classes $(DESTDIR)/includes
mkdir -p $(DESTDIR)/includes
endif
ifneq (,$(findstring moe,$(MODULES)))
mkdir -p $(DESTDIR)/moe/{css,fonts,includes,js,login,panel/css/font,panel/css/images,register,templates}

0
static/img/10.png → static/img/grills/10.png

Before

Width:  |  Height:  |  Size: 29 KiB

After

Width:  |  Height:  |  Size: 29 KiB

0
static/img/11.png → static/img/grills/11.png

Before

Width:  |  Height:  |  Size: 46 KiB

After

Width:  |  Height:  |  Size: 46 KiB

0
static/img/12.png → static/img/grills/12.png

Before

Width:  |  Height:  |  Size: 76 KiB

After

Width:  |  Height:  |  Size: 76 KiB

0
static/img/13.png → static/img/grills/13.png

Before

Width:  |  Height:  |  Size: 33 KiB

After

Width:  |  Height:  |  Size: 33 KiB

0
static/img/14.png → static/img/grills/14.png

Before

Width:  |  Height:  |  Size: 73 KiB

After

Width:  |  Height:  |  Size: 73 KiB

0
static/img/15.png → static/img/grills/15.png

Before

Width:  |  Height:  |  Size: 76 KiB

After

Width:  |  Height:  |  Size: 76 KiB

0
static/img/16.png → static/img/grills/16.png

Before

Width:  |  Height:  |  Size: 228 KiB

After

Width:  |  Height:  |  Size: 228 KiB

0
static/img/17.png → static/img/grills/17.png

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

0
static/img/18.png → static/img/grills/18.png

Before

Width:  |  Height:  |  Size: 36 KiB

After

Width:  |  Height:  |  Size: 36 KiB

0
static/img/19.png → static/img/grills/19.png

Before

Width:  |  Height:  |  Size: 47 KiB

After

Width:  |  Height:  |  Size: 47 KiB

0
static/img/2.png → static/img/grills/2.png

Before

Width:  |  Height:  |  Size: 65 KiB

After

Width:  |  Height:  |  Size: 65 KiB

0
static/img/20.png → static/img/grills/20.png

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

0
static/img/3.png → static/img/grills/3.png

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 56 KiB

0
static/img/4.png → static/img/grills/4.png

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 13 KiB

0
static/img/5.png → static/img/grills/5.png

Before

Width:  |  Height:  |  Size: 20 KiB

After

Width:  |  Height:  |  Size: 20 KiB

0
static/img/6.png → static/img/grills/6.png

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 28 KiB

0
static/img/7.png → static/img/grills/7.png

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 28 KiB

0
static/img/8.png → static/img/grills/8.png

Before

Width:  |  Height:  |  Size: 47 KiB

After

Width:  |  Height:  |  Size: 47 KiB

0
static/img/9.png → static/img/grills/9.png

Before

Width:  |  Height:  |  Size: 28 KiB

After

Width:  |  Height:  |  Size: 28 KiB

37
static/php/api.php

@ -1,37 +0,0 @@
<?php
/*
* Uguu
*
* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
require_once 'includes/Upload.class.php';
use Core\Response as Response;
if (isset($_FILES['files'])) {
$uploads = (new Upload())->reFiles($_FILES['files']);
foreach ($uploads as $upload) {
$res[] = (new Upload())->uploadFile($upload);
}
if (isset($res)) {
(new Response())->returnSuccess($res);
} else {
(new Response())->returnError(400, 'No input file(s)', 'N/A');
}
}

43
static/php/grill.php

@ -1,24 +1,25 @@
<?php
/*
* Uguu
*
* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
// Array of image paths, feel free to add/remove to/from this list
$images = array(
'img/2.png',
'img/3.png',
'img/4.png',
'img/5.png',
'img/6.png',
'img/7.png',
'img/8.png',
'img/9.png',
'img/10.png',
'img/11.png',
'img/12.png',
'img/13.png',
'img/14.png',
'img/15.png',
);
require_once 'includes/Core.namespace.php';
// Redirect to a random image from the above array using status code "303 See Other"
if (headers_sent() === false) {
header('Location: '.$images[array_rand($images)], true, 303);
}
use Core\cuteGrills as cuteGrills;
cuteGrills::showGrills();

195
static/php/includes/Core.namespace.php

@ -0,0 +1,195 @@
<?php
/*
* Uguu
*
* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
namespace Core {
use PDO;
use Upload as Upload;
class Settings
{
public static mixed $DB;
public static string $DB_MODE;
public static string $DB_PATH;
public static string $DB_USER;
public static string $DB_PASS;
public static bool $LOG_IP;
public static bool $ANTI_DUPE;
public static bool $BLACKLIST_DB;
public static bool $FILTER_MODE;
public static string $FILES_ROOT;
public static int $FILES_RETRIES;
public static bool $SSL;
public static string $URL;
public static int $NAME_LENGTH;
public static string $ID_CHARSET;
public static array $DOUBLE_DOTS;
public static array $BLOCKED_EXTENSIONS;
public static array $BLOCKED_MIME;
public function __construct()
{
$settings_array = json_decode(file_get_contents('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json'), true);
self::$DB_MODE = $settings_array['DB_MODE'];
self::$DB_PATH = $settings_array['DB_PATH'];
self::$DB_USER = $settings_array['DB_USER'];
self::$DB_PASS = $settings_array['DB_PASS'];
self::$LOG_IP = $settings_array['LOG_IP'];
self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
self::$FILTER_MODE = $settings_array['FILTER_MODE'];
self::$FILES_ROOT = $settings_array['FILES_ROOT'];
self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
self::$SSL = $settings_array['SSL'];
self::$URL = $settings_array['URL'];
self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
self::$ID_CHARSET = $settings_array['ID_CHARSET'];
self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
self::$DOUBLE_DOTS = array($settings_array['DOUBLE_DOTS']);
}
}
class cuteGrills
{
public static array $GRILLS;
public function __construct()
{
self::$GRILLS = array_slice(scandir('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist/img/grills/'), 2);
}
public static function showGrills()
{
if (!headers_sent()) {
header('Location: ' . self::$GRILLS[array_rand(self::$GRILLS)], true, 303);
}
}
}
class Response
{
public function returnError($code, $message, $filename): bool|string
{
http_response_code($code);
header('Content-Type: application/json; charset=UTF-8');
self::cleanAndDie();
return json_encode(array(
'success' => false,
'file' => $filename,
'code' => $code,
'description' => $message
), JSON_FORCE_OBJECT);
}
public function cleanAndDie()
{
Settings::$DB = null;
}
public function returnSuccess($files): bool|string
{
http_response_code('200');
header('Content-Type: application/json; charset=UTF-8');
return json_encode(array(
'success' => true,
'files' => $files
), JSON_PRETTY_PRINT);
}
}
class Database
{
public function __construct()
{
Settings::$DB = new PDO(
Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
Settings::$DB_PASS
);
}
public function dbCheckNameExists()
{
$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
$q->bindValue(':name', Upload::$NEW_NAME_FULL);
$q->execute();
return $q->fetchColumn();
}
public function checkFileBlacklist()
{
$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
(new Response())->returnError('415', 'File blacklisted!', Upload::$FILE_NAME);
}
}
public function antiDupe(): ?array
{
$q = Settings::$DB->prepare(
'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
);
$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
return array(
'hash' => Upload::$SHA1,
'name' => Upload::$FILE_NAME,
'url' => Settings::$URL . rawurlencode($result['filename']),
'size' => Upload::$FILE_SIZE
);
}
return [];
}
public function newIntoDB()
{
$q = Settings::$DB->prepare(
'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
'VALUES (:hash, :orig, :name, :size, :date, :ip)'
);
$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
$q->bindValue(':date', time(), PDO::PARAM_STR);
$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
$q->execute();
}
}
}

200
static/php/includes/Upload.class.php

@ -0,0 +1,200 @@
<?php
/*
* Uguu
*
* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
require_once 'Core.namespace.php';
use Core\Database as Database;
use Core\Response as Response;
use Core\Settings as Settings;
class Upload
{
public static string $FILE_NAME;
public static string $FILE_EXTENSION;
public static string $FILE_MIME;
public static string $SHA1;
public static int $FILE_SIZE;
public static string $NEW_NAME;
public static string $NEW_NAME_FULL;
public static string $IP;
public mixed $file;
/**
* @param $file
*
* @return array
*/
public function uploadFile($file): array
{
if (Settings::$ANTI_DUPE) {
(new Database())->antiDupe();
}
self::generateName($file);
if (!move_uploaded_file($file->tempfile, Settings::$FILES_ROOT . self::$NEW_NAME_FULL)) {
(new Response())->returnError('500', 'Failed to move file to destination', self::$FILE_NAME);
}
if (!chmod(Settings::$FILES_ROOT . self::$NEW_NAME_FULL, 0644)) {
(new Response())->returnError('500', 'Failed to change file permissions', self::$FILE_NAME);
}
(new Database())->newIntoDB();
return array(
'hash' => self::$SHA1,
'name' => self::$FILE_NAME,
'url' => Settings::$URL . rawurlencode(self::$NEW_NAME_FULL),
'size' => self::$FILE_SIZE
);
}
/**
* @param $file
*
* @return string
*/
public function generateName($file): string
{
self::fileInfo($file);
do {
// Iterate until we reach the maximum number of retries
if (Settings::$FILES_RETRIES === 0) {
(new Response())->returnError('500', 'Gave up trying to find an unused name', self::$FILE_NAME);
}
for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
}
// Add the extension to the file name
if (isset(self::$FILE_EXTENSION) && self::$FILE_EXTENSION !== '') {
self::$NEW_NAME_FULL = self::$NEW_NAME . '.' . self::$FILE_EXTENSION;
}
// Check if the file hash is blacklisted
if (Settings::$BLACKLIST_DB) {
(new Database())->checkFileBlacklist();
}
// Check if extension or mime is blacklisted
if (Settings::$FILTER_MODE) {
self::checkMimeBlacklist();
self::checkExtensionBlacklist();
}
} while ((new Database())->dbCheckNameExists() > 0);
return self::$NEW_NAME_FULL;
}
/**
* @param $file
*
* @return void
*/
public function fileInfo($file)
{
if (isset($_FILES['files'])) {
self::$FILE_NAME = $file->name;
self::$SHA1 = sha1_file($file->tempfile);
self::$FILE_SIZE = $file->size;
$finfo = finfo_open(FILEINFO_MIME_TYPE);
self::$FILE_MIME = finfo_file($finfo, $file->tempfile);
finfo_close($finfo);
if (Settings::$LOG_IP) {
self::$IP = $_SERVER['REMOTE_ADDR'];
} else {
self::$IP = null;
}
// Check if extension is a double-dot extension and, if true, override $ext
foreach (Settings::$DOUBLE_DOTS as $ddot) {
if (stripos(strrev(self::$FILE_NAME), $ddot) === 0) {
self::$FILE_EXTENSION = strrev($ddot);
} else {
self::$FILE_EXTENSION = pathinfo($file->name, PATHINFO_EXTENSION);
}
}
}
}
/**
* @return void
*/
public function checkMimeBlacklist()
{
if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) {
(new Response())->returnError('415', 'Filetype not allowed!', self::$FILE_NAME);
}
}
/**
* @return void
*/
protected function checkExtensionBlacklist()
{
if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) {
(new Response())->returnError('415', 'Filetype not allowed!', self::$FILE_NAME);
}
}
/**
* @param $files
*
* @return array
*/
public function reFiles($files): array
{
$result = [];
$files = self::diverseArray($files);
foreach ($files as $file) {
$f = $this->file;
$f->name = $file['name'];
$f->mime = $file['type'];
$f->size = $file['size'];
$f->tempfile = $file['tmp_name'];
$f->error = $file['error'];
$result[] = $f;
}
return $result;
}
/**
* @param $files
*
* @return array
*/
public function diverseArray($files): array
{
$result = [];
foreach ($files as $key1 => $value1) {
foreach ($value1 as $key2 => $value2) {
$result[$key2][$key1] = $value2;
}
}
return $result;
}
}

290
static/php/upload.php

@ -1,281 +1,37 @@
<?php
/**
* Handles POST uploads, generates filenames, moves files around and commits
* uploaded metadata to database.
*/
require_once 'classes/Response.class.php';
require_once 'classes/UploadException.class.php';
require_once 'classes/UploadedFile.class.php';
require_once 'includes/database.inc.php';
/**
* Generates a random name for the file, retrying until we get an unused one.
/*
* Uguu
*
* @param UploadedFile $file
* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
*
* @return string
*/
function generateName($file)
{
global $db;
global $doubledots;
// We start at N retries, and --N until we give up
$tries = UGUU_FILES_RETRIES;
$length = UGUU_FILES_LENGTH;
//Get EXT
$ext = pathinfo($file->name, PATHINFO_EXTENSION);
//Get MIME
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type_mime = finfo_file($finfo, $file->tempfile);
finfo_close($finfo);
// Check if extension is a double-dot extension and, if true, override $ext
$revname = strrev($file->name);
foreach ($doubledots as $ddot) {
if (stripos($revname, $ddot) === 0) {
$ext = strrev($ddot);
}
}
do {
// Iterate until we reach the maximum number of retries
if ($tries-- === 0) {
http_response_code(500);
throw new Exception(
'Gave up trying to find an unused name',
500
); // HTTP status code "500 Internal Server Error"
}
$chars = ID_CHARSET;
$name = '';
for ($i = 0; $i < $length; ++$i) {
$name .= $chars[mt_rand(0, strlen($chars))];
}
// Add the extension to the file name
if (isset($ext) && $ext !== '') {
$name .= '.'.$ext;
}
// Check if the file is blacklisted
if(BLACKLIST_DB){
$q = $db->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
http_response_code(415);
throw new Exception(
'File blacklisted!',
415
);
exit(0);
}
}
// Check if file is whitelisted or blacklisted
switch (CONFIG_FILTER_MODE) {
case false:
//check if MIME is blacklisted
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
http_response_code(415);
throw new Exception(
'File type not allowed!',
415
);
exit(0);
}
//Check if EXT is blacklisted
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
http_response_code(415);
throw new Exception(
'File type not allowed!',
415
);
exit(0);
}
break;
case true:
//Check if MIME is whitelisted
if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
http_response_code(415);
throw new Exception(
'File type not allowed!',
415
);
exit(0);
}
//Check if EXT is whitelisted
if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
http_response_code(415);
throw new Exception(
'File type not allowed!',
415
);
exit(0);
}
break;
}
// Check if a file with the same name does already exist in the database
$q = $db->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
$q->bindValue(':name', $name, PDO::PARAM_STR);
$q->execute();
$result = $q->fetchColumn();
// If it does, generate a new name
} while ($result > 0);
return $name;
}
/**
* Handles the uploading and db entry for a file.
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* @param UploadedFile $file
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* @return array
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
function uploadFile($file)
{
global $db;
// Handle file errors
if ($file->error) {
throw new UploadException($file->error);
}
//fixes a bug
$lol = $file->getSha1();
// Check if a file with the same hash and size (a file which is the same)
// does already exist in the database; if it does, return the proper link
// and data. PHP deletes the temporary file just uploaded automatically.
if(ANTI_DUPE){
$q = $db->prepare('SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)');
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->execute();
$result = $q->fetch();
if ($result['count'] > 0) {
return [
'hash' => $file->getSha1(),
'name' => $file->name,
'url' => UGUU_URL.rawurlencode($result['filename']),
'size' => $file->size,
];
}
}
// Generate a name for the file
$newname = generateName($file);
require_once 'includes/Upload.class.php';
// Store the file's full file path in memory
$uploadFile = UGUU_FILES_ROOT.$newname;
use Core\Response as Response;
// Attempt to move it to the static directory
if (!move_uploaded_file($file->tempfile, $uploadFile)) {
http_response_code(500);
throw new Exception(
'Failed to move file to destination',
500
); // HTTP status code "500 Internal Server Error"
}
if (isset($_FILES['files'])) {
$uploads = (new Upload())->reFiles($_FILES['files']);
// Need to change permissions for the new file to make it world readable
if (!chmod($uploadFile, 0644)) {
http_response_code(500);
throw new Exception(
'Failed to change file permissions',
500
); // HTTP status code "500 Internal Server Error"
foreach ($uploads as $upload) {
$res[] = (new Upload())->uploadFile($upload);
}
// Log IP
if(LOG_IP){
$ip = $_SERVER['REMOTE_ADDR'];
if (isset($res)) {
(new Response())->returnSuccess($res);
} else {
$ip = null;
}
// Common parameters binding
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ip) VALUES (:hash, :orig, :name, :size, :date, :ip)');
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
$q->bindValue(':orig', strip_tags($file->name), PDO::PARAM_STR);
$q->bindValue(':name', $newname, PDO::PARAM_STR);
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
$q->bindValue(':date', time(), PDO::PARAM_STR);
$q->bindValue(':ip', $ip, PDO::PARAM_STR);
$q->execute();
return [
'hash' => $file->getSha1(),
'name' => $file->name,
'url' => UGUU_URL.rawurlencode($newname),
'size' => $file->size,
];
}
/**
* Reorder files array by file.
*
* @return array
*/
function diverseArray($files)
{
$result = [];
foreach ($files as $key1 => $value1) {
foreach ($value1 as $key2 => $value2) {
$result[$key2][$key1] = $value2;
}
}
return $result;
}
/**
* Reorganize the $_FILES array into something saner.
*
* @return array
*/
function refiles($files)
{
$result = [];
$files = diverseArray($files);
foreach ($files as $file) {
$f = new UploadedFile();
$f->name = $file['name'];
$f->mime = $file['type'];
$f->size = $file['size'];
$f->tempfile = $file['tmp_name'];
$f->error = $file['error'];
$result[] = $f;
}
return $result;
}
$type = isset($_GET['output']) ? $_GET['output'] : 'json';
$response = new Response($type);
if (isset($_FILES['files'])) {
$uploads = refiles($_FILES['files']);
try {
foreach ($uploads as $upload) {
$res[] = uploadFile($upload);
}
$response->send($res);
} catch (Exception $e) {
$response->error($e->getCode(), $e->getMessage());
(new Response())->returnError(400, 'No input file(s)', 'N/A');
}
} else {
$response->error(400, 'No input file(s)');
}
}
Loading…
Cancel
Save