|
|
|
|
@ -72,13 +72,29 @@ class Upload
|
|
|
|
|
public function uploadFile(): array |
|
|
|
|
{ |
|
|
|
|
(new Settings())->loadConfig(); |
|
|
|
|
(new Upload())->fileInfo(); |
|
|
|
|
|
|
|
|
|
if (Settings::$ANTI_DUPE) { |
|
|
|
|
(new Database())->antiDupe(); |
|
|
|
|
if (Settings::$BLACKLIST_DB) { |
|
|
|
|
(new Database())->checkFileBlacklist(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
(new Upload())->generateName(); |
|
|
|
|
if (Settings::$FILTER_MODE) { |
|
|
|
|
self::checkMimeBlacklist(); |
|
|
|
|
self::checkExtensionBlacklist(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (Settings::$ANTI_DUPE) { |
|
|
|
|
$result = (new Database())->antiDupe(); |
|
|
|
|
if (isset($result)) { |
|
|
|
|
self::$NEW_NAME_FULL = $result; |
|
|
|
|
} else { |
|
|
|
|
(new Upload())->generateName(); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!Settings::$ANTI_DUPE) { |
|
|
|
|
(new Upload())->generateName(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!is_dir(Settings::$FILES_ROOT)) { |
|
|
|
|
throw new Exception('File storage path not accessible.', 500); |
|
|
|
|
@ -107,12 +123,13 @@ class Upload
|
|
|
|
|
'size' => self::$FILE_SIZE |
|
|
|
|
]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
public function fileInfo() |
|
|
|
|
{ |
|
|
|
|
if (isset($_FILES['files'])) { |
|
|
|
|
$finfo = finfo_open(FILEINFO_MIME_TYPE); |
|
|
|
|
self::$FILE_MIME = finfo_file($finfo, self::$TEMP_FILE); |
|
|
|
|
$extension = explode('.',self::$FILE_NAME,2); |
|
|
|
|
$extension = explode('.', self::$FILE_NAME, 2); |
|
|
|
|
self::$FILE_EXTENSION = $extension['1']; |
|
|
|
|
finfo_close($finfo); |
|
|
|
|
|
|
|
|
|
@ -123,13 +140,32 @@ class Upload
|
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @throws Exception |
|
|
|
|
*/ |
|
|
|
|
public function generateName(): string |
|
|
|
|
public function checkMimeBlacklist() |
|
|
|
|
{ |
|
|
|
|
(new Upload())->fileInfo(); |
|
|
|
|
if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) { |
|
|
|
|
throw new Exception('Filetype not allowed.', 415); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @throws Exception |
|
|
|
|
*/ |
|
|
|
|
public function checkExtensionBlacklist() |
|
|
|
|
{ |
|
|
|
|
if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) { |
|
|
|
|
throw new Exception('Filetype not allowed.', 415); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @throws Exception |
|
|
|
|
*/ |
|
|
|
|
public function generateName(): string |
|
|
|
|
{ |
|
|
|
|
do { |
|
|
|
|
if (Settings::$FILES_RETRIES === 0) { |
|
|
|
|
throw new Exception('Gave up trying to find an unused name!', 500); |
|
|
|
|
@ -140,41 +176,12 @@ class Upload
|
|
|
|
|
self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if(isset(self::$FILE_EXTENSION)){ |
|
|
|
|
if (isset(self::$FILE_EXTENSION)) { |
|
|
|
|
self::$NEW_NAME_FULL = self::$NEW_NAME; |
|
|
|
|
self::$NEW_NAME_FULL .= '.'.self::$FILE_EXTENSION; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (Settings::$BLACKLIST_DB) { |
|
|
|
|
(new Database())->checkFileBlacklist(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (Settings::$FILTER_MODE) { |
|
|
|
|
self::checkMimeBlacklist(); |
|
|
|
|
self::checkExtensionBlacklist(); |
|
|
|
|
self::$NEW_NAME_FULL .= '.' . self::$FILE_EXTENSION; |
|
|
|
|
} |
|
|
|
|
} while ((new Database())->dbCheckNameExists() > 0); |
|
|
|
|
|
|
|
|
|
return self::$NEW_NAME_FULL; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @throws Exception |
|
|
|
|
*/ |
|
|
|
|
public function checkMimeBlacklist() |
|
|
|
|
{ |
|
|
|
|
if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) { |
|
|
|
|
throw new Exception('Filetype not allowed.', 415); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @throws Exception |
|
|
|
|
*/ |
|
|
|
|
public function checkExtensionBlacklist() |
|
|
|
|
{ |
|
|
|
|
if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) { |
|
|
|
|
throw new Exception('Filetype not allowed.', 415); |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
} |
