[uguu.git] / src / Classes / Upload.php

<?php

    /**
     * Uguu
     *
     * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
     *
     * This program is free software: you can redistribute it and/or modify
     * it under the terms of the GNU General Public License as published by
     * the Free Software Foundation, either version 3 of the License, or
     * (at your option) any later version.
     *
     * This program is distributed in the hope that it will be useful,
     * but WITHOUT ANY WARRANTY; without even the implied warranty of
     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     * GNU General Public License for more details.
     *
     * You should have received a copy of the GNU General Public License
     * along with this program.  If not, see <https://www.gnu.org/licenses/>.
     */

    namespace Pomf\Uguu\Classes;

    use Exception;

class Upload extends Response
{
    public array $FILE_INFO;
    public array $fingerPrintInfo;
    private mixed $Connector;

    /**
     * Takes an array of files, and returns an array of arrays containing the file's temporary name,
     * name, size, SHA1 hash, extension, and MIME type
     *
     * @param $files array The files array from the $_FILES superglobal.
     *
     * @return array An array of arrays.
     * @throws \Exception
     */
    public function reFiles(array $files): array
    {
        $this->Connector = new Connector();
        $this->Connector->setDB($this->Connector->DB);
        $result = [];
        $files = $this->diverseArray($files);
        foreach ($files as $file) {
            $hash = sha1_file($file['tmp_name']);
            $this->FILE_INFO = [
               'TEMP_NAME' => $file['tmp_name'],
               'NAME'      => strip_tags($file['name']),
               'SIZE'      => $file['size'],
               'SHA1'      => $hash,
               'EXTENSION' => $this->fileExtension($file),
               'MIME'      => $this->fileMIME($file),
            ];

            if ($this->Connector->CONFIG['ANTI_DUPE']) {
                $dupeResult = $this->Connector->antiDupe($hash);
                if ($dupeResult['result']) {
                    $this->FILE_INFO['NEW_NAME'] = $dupeResult['name'];
                }
            }

            if (!isset($this->FILE_INFO['NEW_NAME'])) {
                $this->FILE_INFO['NEW_NAME'] = $this->generateName($this->FILE_INFO['EXTENSION']);
            }

            $result[] = [
               $this->FILE_INFO['TEMP_NAME'],
               $this->FILE_INFO['NAME'],
               $this->FILE_INFO['SIZE'],
               $this->FILE_INFO['SHA1'],
               $this->FILE_INFO['EXTENSION'],
               $this->FILE_INFO['MIME'],
            ];
        }
        return $result;
    }

    /**
     * Takes an array of arrays and returns an array of arrays with the keys and values swapped
     *
     * @param $files array an array of arrays
     *
     * @return array ```
     * array:2 [▼
     *   0 => array:2 [▼
     *     'TEMP_NAME' => 'example'
     *     'NAME' => 'example'
     *     'SIZE' => 'example'
     *     'SHA1' => 'example'
     *     'EXTENSION' => 'example'
     *     'MIME' => 'example'
     *
     *   ]
     *   1 => array:2 [▼
     *     'TEMP_NAME' => 'example'
     *     'NAME' => 'example'
     *     'SIZE' => 'example'
     *     'SHA1' => 'example'
     *     'EXTENSION' => 'example'
     *     'MIME' => 'example'
     *   ]
     * ]
     * ```
     */
    public function diverseArray(array $files): array
    {
        $result = [];
        foreach ($files as $key1 => $value1) {
            foreach ($value1 as $key2 => $value2) {
                $result[$key2][$key1] = $value2;
            }
        }
        return $result;
    }

    /**
     * Takes a file, checks if it's blacklisted, moves it to the file storage, and then logs it to the database
     *
     * @return array An array containing the hash, name, url, and size of the file.
     * @throws \Exception
     */
    public function uploadFile(): array
    {
        switch (true) {
            case $this->Connector->CONFIG['RATE_LIMIT']:
                $this->Connector->checkRateLimit($this->fingerPrintInfo);
                // Continue
            case $this->Connector->CONFIG['BLACKLIST_DB']:
                $this->Connector->checkFileBlacklist($this->FILE_INFO);
                // Continue
            case $this->Connector->CONFIG['FILTER_MODE'] && empty($this->FILE_INFO['EXTENSION']):
                $this->checkMimeBlacklist();
                // Continue
            case $this->Connector->CONFIG['FILTER_MODE'] && !empty($this->FILE_INFO['EXTENSION']):
                $this->checkMimeBlacklist();
                $this->checkExtensionBlacklist();
                // Continue
            case !$this->Connector->CONFIG['LOG_IP']:
                $this->fingerPrintInfo['ip'] = null;
                // Continue
        }
        if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) {
            throw new Exception('File storage path not accessible.', 500);
        }
        if (
            !move_uploaded_file(
                $this->FILE_INFO['TEMP_NAME'],
                $this->Connector->CONFIG['FILES_ROOT'] .
                $this->FILE_INFO['NEW_NAME'],
            )
        ) {
            throw new Exception('Failed to move file to destination', 500);
        }
        if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['NEW_NAME'], 0644)) {
            throw new Exception('Failed to change file permissions', 500);
        }


        $this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo);
        return [
           'hash' => $this->FILE_INFO['SHA1'],
           'name' => $this->FILE_INFO['NAME'],
           'url'  => $this->Connector->CONFIG['FILES_URL'] . '/' . $this->FILE_INFO['NEW_NAME'],
           'size' => $this->FILE_INFO['SIZE'],
        ];
    }

    /**
     * Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address,
     * user agent, and the amount of files being
     * uploaded
     *
     * @param $files_amount int The amount of files that are being uploaded.
     *
     * @throws \Exception
     */
    public function fingerPrint(int $files_amount): void
    {
        if (!empty($_SERVER['HTTP_USER_AGENT'])) {
            $USER_AGENT = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_ENCODED);
            $this->fingerPrintInfo = [
               'timestamp'    => time(),
               'useragent'    => $USER_AGENT,
               'ip'           => $_SERVER['REMOTE_ADDR'],
               'ip_hash'      => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT),
               'files_amount' => $files_amount,
            ];
        } else {
            throw new Exception('Invalid user agent.', 500);
        }
    }

    /**
     * Returns the MIME type of a file
     *
     * @param $file array The file to be checked.
     *
     * @return string The MIME type of the file.
     */
    public function fileMIME(array $file): string
    {
        $FILE_INFO = finfo_open(FILEINFO_MIME_TYPE);
        return finfo_file($FILE_INFO, $file['tmp_name']);
    }

    /**
     * It takes an array of strings, and returns the last two strings joined by a dot,
     * unless the last two strings are in the array of strings in the
     * `DOUBLE_DOTS_EXTENSIONS` config variable, in which case it returns the last string
     *
     * @param $extension array The extension of the file.
     *
     * @return string The last two elements of the array are joined together and returned.
     */
    public function doubleDotExtension(array $extension): string
    {
        $doubleDotArray = array_slice($extension, -2, 2);
        $doubleDot = strtolower(preg_replace('/[^a-zA-Z.]/', '', join('.', $doubleDotArray)));
        if (in_array($doubleDot, $this->Connector->CONFIG['DOUBLE_DOTS_EXTENSIONS'])) {
            return $doubleDot;
        } else {
            return end($extension);
        }
    }

    /**
     * Takes a file and returns the file extension
     *
     * @param $file array The file you want to get the extension from.
     *
     * @return string The file extension of the file.
     */
    public function fileExtension(array $file): string
    {
        $extension = explode('.', $file['name']);
        $dotCount = substr_count($file['name'], '.');
        return match ($dotCount) {
            0 => null,
            1 => end($extension),
            2 => $this->doubleDotExtension($extension)
        };
    }

    /**
     * > Check if the file's MIME type is in the blacklist
     *
     * @throws \Exception
     */
    public function checkMimeBlacklist(): void
    {
        if (in_array($this->FILE_INFO['MIME'], $this->Connector->CONFIG['BLOCKED_MIME'])) {
            throw new Exception('Filetype not allowed.', 415);
        }
    }

    /**
     * > Check if the file extension is in the blacklist
     *
     * @throws \Exception
     */
    public function checkExtensionBlacklist(): void
    {
        if (in_array($this->FILE_INFO['EXTENSION'], $this->Connector->CONFIG['BLOCKED_EXTENSIONS'])) {
            throw new Exception('Filetype not allowed.', 415);
        }
    }

    /**
     * Generates a random string of characters, checks if it exists in the database,
     * and if it does, it generates another one
     *
     * @param $extension string The file extension.
     * @param $hash      string The hash of the file.
     *
     * @return string A string
     * @throws \Exception
     */
    public function generateName(string $extension): string
    {
        do {
            if ($this->Connector->CONFIG['FILES_RETRIES'] === 0) {
                throw new Exception('Gave up trying to find an unused name!', 500);
            }
            $NEW_NAME = '';
            $count = strlen($this->Connector->CONFIG['ID_CHARSET']);
            while ($this->Connector->CONFIG['NAME_LENGTH']--) {
                $NEW_NAME .= $this->Connector->CONFIG['ID_CHARSET'][mt_rand(0, $count - 1)];
            }
            if (!empty($extension)) {
                $NEW_NAME .= '.' . $extension;
            }
        } while ($this->Connector->dbCheckNameExists($NEW_NAME) > 0);
            return $NEW_NAME;
    }
}
Commit	Line	Data
e480c0e5	1	<?php
f0b5e51c	2
e480c0e5	3	/**
cec6349e	4	* Uguu
8f7f8840	5	*
cec6349e	6	* @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
8f7f8840	7	*
cec6349e GJ	8	* This program is free software: you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, either version 3 of the License, or
	11	* (at your option) any later version.
8f7f8840	12	*
cec6349e GJ	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
8f7f8840	17	*
cec6349e GJ	18	* You should have received a copy of the GNU General Public License
cec6349e GJ	19	* along with this program. If not, see <https://www.gnu.org/licenses/>.
8f7f8840	20	*/
f0b5e51c	21
f059e2cf	22	namespace Pomf\Uguu\Classes;
f0b5e51c	23
cec6349e	24	use Exception;
f0b5e51c GJ	25
	26	class Upload extends Response
	27	{
	28	public array $FILE_INFO;
	29	public array $fingerPrintInfo;
	30	private mixed $Connector;
	31
	32	/**
	33	* Takes an array of files, and returns an array of arrays containing the file's temporary name,
	34	* name, size, SHA1 hash, extension, and MIME type
	35	*
	36	* @param $files array The files array from the $_FILES superglobal.
	37	*
	38	* @return array An array of arrays.
	39	* @throws \Exception
	40	*/
	41	public function reFiles(array $files): array
e480c0e5	42	{
f0b5e51c GJ	43	$this->Connector = new Connector();
	44	$this->Connector->setDB($this->Connector->DB);
	45	$result = [];
	46	$files = $this->diverseArray($files);
	47	foreach ($files as $file) {
	48	$hash = sha1_file($file['tmp_name']);
	49	$this->FILE_INFO = [
	50	'TEMP_NAME' => $file['tmp_name'],
	51	'NAME' => strip_tags($file['name']),
	52	'SIZE' => $file['size'],
	53	'SHA1' => $hash,
	54	'EXTENSION' => $this->fileExtension($file),
	55	'MIME' => $this->fileMIME($file),
	56	];
	57
	58	if ($this->Connector->CONFIG['ANTI_DUPE']) {
	59	$dupeResult = $this->Connector->antiDupe($hash);
	60	if ($dupeResult['result']) {
	61	$this->FILE_INFO['NEW_NAME'] = $dupeResult['name'];
	62	}
	63	}
	64
	65	if (!isset($this->FILE_INFO['NEW_NAME'])) {
	66	$this->FILE_INFO['NEW_NAME'] = $this->generateName($this->FILE_INFO['EXTENSION']);
cec6349e	67	}
f0b5e51c GJ	68
	69	$result[] = [
	70	$this->FILE_INFO['TEMP_NAME'],
	71	$this->FILE_INFO['NAME'],
	72	$this->FILE_INFO['SIZE'],
	73	$this->FILE_INFO['SHA1'],
	74	$this->FILE_INFO['EXTENSION'],
	75	$this->FILE_INFO['MIME'],
	76	];
e480c0e5	77	}
f0b5e51c GJ	78	return $result;
	79	}
	80
	81	/**
	82	* Takes an array of arrays and returns an array of arrays with the keys and values swapped
	83	*
	84	* @param $files array an array of arrays
	85	*
	86	* @return array ```
	87	* array:2 [▼
	88	* 0 => array:2 [▼
	89	* 'TEMP_NAME' => 'example'
	90	* 'NAME' => 'example'
	91	* 'SIZE' => 'example'
	92	* 'SHA1' => 'example'
	93	* 'EXTENSION' => 'example'
	94	* 'MIME' => 'example'
	95	*
	96	* ]
	97	* 1 => array:2 [▼
	98	* 'TEMP_NAME' => 'example'
	99	* 'NAME' => 'example'
	100	* 'SIZE' => 'example'
	101	* 'SHA1' => 'example'
	102	* 'EXTENSION' => 'example'
	103	* 'MIME' => 'example'
	104	* ]
	105	* ]
	106	* ```
	107	*/
	108	public function diverseArray(array $files): array
	109	{
	110	$result = [];
	111	foreach ($files as $key1 => $value1) {
	112	foreach ($value1 as $key2 => $value2) {
	113	$result[$key2][$key1] = $value2;
cec6349e	114	}
e480c0e5	115	}
f0b5e51c GJ	116	return $result;
	117	}
	118
	119	/**
	120	* Takes a file, checks if it's blacklisted, moves it to the file storage, and then logs it to the database
	121	*
	122	* @return array An array containing the hash, name, url, and size of the file.
	123	* @throws \Exception
	124	*/
	125	public function uploadFile(): array
	126	{
	127	switch (true) {
	128	case $this->Connector->CONFIG['RATE_LIMIT']:
cec6349e	129	$this->Connector->checkRateLimit($this->fingerPrintInfo);
f0b5e51c GJ	130	// Continue
f0b5e51c GJ	131	case $this->Connector->CONFIG['BLACKLIST_DB']:
cec6349e	132	$this->Connector->checkFileBlacklist($this->FILE_INFO);
f0b5e51c GJ	133	// Continue
f0b5e51c GJ	134	case $this->Connector->CONFIG['FILTER_MODE'] && empty($this->FILE_INFO['EXTENSION']):
cec6349e	135	$this->checkMimeBlacklist();
f0b5e51c GJ	136	// Continue
f0b5e51c GJ	137	case $this->Connector->CONFIG['FILTER_MODE'] && !empty($this->FILE_INFO['EXTENSION']):
cec6349e GJ	138	$this->checkMimeBlacklist();
cec6349e GJ	139	$this->checkExtensionBlacklist();
f0b5e51c GJ	140	// Continue
f0b5e51c GJ	141	case !$this->Connector->CONFIG['LOG_IP']:
cec6349e	142	$this->fingerPrintInfo['ip'] = null;
f0b5e51c GJ	143	// Continue
	144	}
	145	if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) {
	146	throw new Exception('File storage path not accessible.', 500);
	147	}
	148	if (
	149	!move_uploaded_file(
	150	$this->FILE_INFO['TEMP_NAME'],
	151	$this->Connector->CONFIG['FILES_ROOT'] .
	152	$this->FILE_INFO['NEW_NAME'],
	153	)
	154	) {
	155	throw new Exception('Failed to move file to destination', 500);
	156	}
	157	if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['NEW_NAME'], 0644)) {
	158	throw new Exception('Failed to change file permissions', 500);
	159	}
	160
	161
	162
	163	$this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo);
	164	return [
	165	'hash' => $this->FILE_INFO['SHA1'],
	166	'name' => $this->FILE_INFO['NAME'],
	167	'url' => $this->Connector->CONFIG['FILES_URL'] . '/' . $this->FILE_INFO['NEW_NAME'],
	168	'size' => $this->FILE_INFO['SIZE'],
	169	];
	170	}
	171
	172	/**
	173	* Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address,
	174	* user agent, and the amount of files being
	175	* uploaded
	176	*
	177	* @param $files_amount int The amount of files that are being uploaded.
	178	*
	179	* @throws \Exception
	180	*/
	181	public function fingerPrint(int $files_amount): void
	182	{
	183	if (!empty($_SERVER['HTTP_USER_AGENT'])) {
	184	$USER_AGENT = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_ENCODED);
	185	$this->fingerPrintInfo = [
	186	'timestamp' => time(),
	187	'useragent' => $USER_AGENT,
	188	'ip' => $_SERVER['REMOTE_ADDR'],
	189	'ip_hash' => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT),
	190	'files_amount' => $files_amount,
cec6349e	191	];
f0b5e51c GJ	192	} else {
f0b5e51c GJ	193	throw new Exception('Invalid user agent.', 500);
e480c0e5	194	}
f0b5e51c GJ	195	}
	196
	197	/**
	198	* Returns the MIME type of a file
	199	*
	200	* @param $file array The file to be checked.
	201	*
	202	* @return string The MIME type of the file.
	203	*/
	204	public function fileMIME(array $file): string
	205	{
	206	$FILE_INFO = finfo_open(FILEINFO_MIME_TYPE);
	207	return finfo_file($FILE_INFO, $file['tmp_name']);
	208	}
	209
	210	/**
	211	* It takes an array of strings, and returns the last two strings joined by a dot,
	212	* unless the last two strings are in the array of strings in the
	213	* `DOUBLE_DOTS_EXTENSIONS` config variable, in which case it returns the last string
	214	*
	215	* @param $extension array The extension of the file.
	216	*
	217	* @return string The last two elements of the array are joined together and returned.
	218	*/
	219	public function doubleDotExtension(array $extension): string
	220	{
	221	$doubleDotArray = array_slice($extension, -2, 2);
	222	$doubleDot = strtolower(preg_replace('/[^a-zA-Z.]/', '', join('.', $doubleDotArray)));
	223	if (in_array($doubleDot, $this->Connector->CONFIG['DOUBLE_DOTS_EXTENSIONS'])) {
	224	return $doubleDot;
	225	} else {
	226	return end($extension);
e480c0e5	227	}
f0b5e51c GJ	228	}
	229
	230	/**
	231	* Takes a file and returns the file extension
	232	*
	233	* @param $file array The file you want to get the extension from.
	234	*
	235	* @return string The file extension of the file.
	236	*/
	237	public function fileExtension(array $file): string
	238	{
	239	$extension = explode('.', $file['name']);
	240	$dotCount = substr_count($file['name'], '.');
	241	return match ($dotCount) {
	242	0 => null,
	243	1 => end($extension),
	244	2 => $this->doubleDotExtension($extension)
	245	};
	246	}
	247
	248	/**
	249	* > Check if the file's MIME type is in the blacklist
	250	*
	251	* @throws \Exception
	252	*/
	253	public function checkMimeBlacklist(): void
	254	{
	255	if (in_array($this->FILE_INFO['MIME'], $this->Connector->CONFIG['BLOCKED_MIME'])) {
	256	throw new Exception('Filetype not allowed.', 415);
e480c0e5	257	}
f0b5e51c GJ	258	}
	259
	260	/**
	261	* > Check if the file extension is in the blacklist
	262	*
	263	* @throws \Exception
	264	*/
	265	public function checkExtensionBlacklist(): void
	266	{
	267	if (in_array($this->FILE_INFO['EXTENSION'], $this->Connector->CONFIG['BLOCKED_EXTENSIONS'])) {
	268	throw new Exception('Filetype not allowed.', 415);
e480c0e5	269	}
f0b5e51c GJ	270	}
	271
	272	/**
	273	* Generates a random string of characters, checks if it exists in the database,
	274	* and if it does, it generates another one
	275	*
	276	* @param $extension string The file extension.
	277	* @param $hash string The hash of the file.
	278	*
	279	* @return string A string
	280	* @throws \Exception
	281	*/
	282	public function generateName(string $extension): string
	283	{
	284	do {
	285	if ($this->Connector->CONFIG['FILES_RETRIES'] === 0) {
	286	throw new Exception('Gave up trying to find an unused name!', 500);
cec6349e	287	}
f0b5e51c GJ	288	$NEW_NAME = '';
	289	$count = strlen($this->Connector->CONFIG['ID_CHARSET']);
	290	while ($this->Connector->CONFIG['NAME_LENGTH']--) {
	291	$NEW_NAME .= $this->Connector->CONFIG['ID_CHARSET'][mt_rand(0, $count - 1)];
cec6349e	292	}
f0b5e51c GJ	293	if (!empty($extension)) {
f0b5e51c GJ	294	$NEW_NAME .= '.' . $extension;
cec6349e	295	}
f0b5e51c GJ	296	} while ($this->Connector->dbCheckNameExists($NEW_NAME) > 0);
f0b5e51c GJ	297	return $NEW_NAME;
e480c0e5	298	}
f0b5e51c	299	}