[uguu.git] / includes / core.php

<?php
//Loading configuration file
require_once "config.php";

//Saving the file on the server
function save_file ($file, $name, $arg, $type){
    //Generate name depending on arg
    switch($arg){
        case 'random':
            $ext = pathinfo($file.$name, PATHINFO_EXTENSION);
            $ext = strtolower($ext);
            verify_extension($ext, $type);
            $file_name = gen_name('random', $ext);
            while(file_exists(CONFIG_FILES_PATH.$file_name)){
              $file_name = gen_name('random', $ext);
            }
            break;
        case 'custom_original':
            $name = stripslashes(str_replace('/', '', $name));
            $name = strip_tags(preg_replace('/\s+/', '', $name));
                $file_name = gen_name('custom_original', $name);
                $ext = pathinfo($file_name, PATHINFO_EXTENSION);
                $ext = strtolower($ext);
                verify_extension($ext, $type);
            while(file_exists(CONFIG_FILES_PATH.$file_name)){
                $file_name = gen_name('custom_original', $name);
            }
            break;
    }
    //Move the file to the above location with said filename
    move_uploaded_file($file,CONFIG_FILES_PATH.$file_name);
    //Check if html or plain text should be returned
    if($type==='tool'){
    //Return url+filename to the user (plain text)
    if(CONFIG_SUBUPLOAD_URL_ENABLED == "true"){
    echo CONFIG_SUBUPLOAD_URL.'/'.urlencode($file_name);
    }else{
    echo CONFIG_ROOT_URL.'/files/'.urlencode($file_name);
    }
    exit(0);
    }elseif($type==='normal'){
    //Return url+filename to the user (HTML)
    $n=urlencode($file_name);
    include_once(CONFIG_ROOT_PATH.'upload-done.php');
    exit(0);
    }
}

#Generate a random name for the uploaded file
function gen_name($arg, $in){
    $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
    $name = '';
    for ($i = 0; $i < CONFIG_RANDOM_LENGTH; $i++) {
    $name .= $chars[mt_rand(0, 60)];
        }
    switch($arg){
        case 'random':
            return $name.'.'.$in;
            break;
        case 'custom_original':
            return $name.'_'.$in;
            break;
    }
}

//Verify that the extension is allowed
function verify_extension($ext, $type){
    if(CONFIG_EXTENSION_BLOCKING_MODE === "WHITELIST") {
        $allowed = in_array($ext, unserialize(CONFIG_ALLOWED_EXTENSIONS));
    }else{
        $allowed = !in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS));
    }

    if(!$allowed){
        if($type==='normal'){
            include_once(CONFIG_ROOT_PATH.'error_meow.php');
            exit(0);
        }else{
            exit('File type not allowed.');
        }
    }
}
Commit	Line	Data
a7f8ccab	1	<?php
2f98035a PAB	2	//Loading configuration file
	3	require_once "config.php";
	4
	5	//Saving the file on the server
b5352106	6	function save_file ($file, $name, $arg, $type){
9e80f78f GJ	7	//Generate name depending on arg
	8	switch($arg){
	9	case 'random':
	10	$ext = pathinfo($file.$name, PATHINFO_EXTENSION);
e7112627	11	$ext = strtolower($ext);
e17b3539	12	verify_extension($ext, $type);
9e80f78f	13	$file_name = gen_name('random', $ext);
2f98035a PAB	14	while(file_exists(CONFIG_FILES_PATH.$file_name)){
2f98035a PAB	15	$file_name = gen_name('random', $ext);
9e80f78f GJ	16	}
	17	break;
	18	case 'custom_original':
a70886b3	19	$name = stripslashes(str_replace('/', '', $name));
9e80f78f	20	$name = strip_tags(preg_replace('/\s+/', '', $name));
e7112627 GJ	21	$file_name = gen_name('custom_original', $name);
	22	$ext = pathinfo($file_name, PATHINFO_EXTENSION);
	23	$ext = strtolower($ext);
e17b3539	24	verify_extension($ext, $type);
2f98035a	25	while(file_exists(CONFIG_FILES_PATH.$file_name)){
9e80f78f GJ	26	$file_name = gen_name('custom_original', $name);
	27	}
	28	break;
	29	}
	30	//Move the file to the above location with said filename
2f98035a	31	move_uploaded_file($file,CONFIG_FILES_PATH.$file_name);
2a13cb35 GJ	32	//Check if html or plain text should be returned
	33	if($type==='tool'){
	34	//Return url+filename to the user (plain text)
48028348 GJ	35	if(CONFIG_SUBUPLOAD_URL_ENABLED == "true"){
	36	echo CONFIG_SUBUPLOAD_URL.'/'.urlencode($file_name);
	37	}else{
2f98035a	38	echo CONFIG_ROOT_URL.'/files/'.urlencode($file_name);
48028348	39	}
2a13cb35 GJ	40	exit(0);
	41	}elseif($type==='normal'){
	42	//Return url+filename to the user (HTML)
	43	$n=urlencode($file_name);
2f98035a	44	include_once(CONFIG_ROOT_PATH.'upload-done.php');
2a13cb35 GJ	45	exit(0);
2a13cb35 GJ	46	}
9e80f78f	47	}
2f98035a PAB	48
2f98035a PAB	49	#Generate a random name for the uploaded file
9e80f78f	50	function gen_name($arg, $in){
2f98035a	51	$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
9e80f78f	52	$name = '';
2f98035a PAB	53	for ($i = 0; $i < CONFIG_RANDOM_LENGTH; $i++) {
2f98035a PAB	54	$name .= $chars[mt_rand(0, 60)];
9e80f78f GJ	55	}
	56	switch($arg){
	57	case 'random':
	58	return $name.'.'.$in;
	59	break;
	60	case 'custom_original':
	61	return $name.'_'.$in;
	62	break;
	63	}
	64	}
e17b3539 L	65
	66	//Verify that the extension is allowed
	67	function verify_extension($ext, $type){
7bc98e88	68	if(CONFIG_EXTENSION_BLOCKING_MODE === "WHITELIST") {
e17b3539 L	69	$allowed = in_array($ext, unserialize(CONFIG_ALLOWED_EXTENSIONS));
	70	}else{
	71	$allowed = !in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS));
	72	}
	73
	74	if(!$allowed){
	75	if($type==='normal'){
	76	include_once(CONFIG_ROOT_PATH.'error_meow.php');
	77	exit(0);
	78	}else{
	79	exit('File type not allowed.');
	80	}
	81	}
	82	}