| | 1 | <?php |
| | 2 | /* |
| | 3 | * Uguu |
| | 4 | * |
| | 5 | * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se> |
| | 6 | * |
| | 7 | * This program is free software: you can redistribute it and/or modify |
| | 8 | * it under the terms of the GNU General Public License as published by |
| | 9 | * the Free Software Foundation, either version 3 of the License, or |
| | 10 | * (at your option) any later version. |
| | 11 | * |
| | 12 | * This program is distributed in the hope that it will be useful, |
| | 13 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| | 14 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| | 15 | * GNU General Public License for more details. |
| | 16 | * |
| | 17 | * You should have received a copy of the GNU General Public License |
| | 18 | * along with this program. If not, see <https://www.gnu.org/licenses/>. |
| | 19 | */ |
| | 20 | |
| | 21 | |
| | 22 | require_once 'Core.namespace.php'; |
| | 23 | |
| | 24 | use Core\Database as Database; |
| | 25 | use Core\Settings as Settings; |
| | 26 | |
| | 27 | class Upload |
| | 28 | { |
| | 29 | |
| | 30 | public static string $FILE_NAME; |
| | 31 | public static string $FILE_EXTENSION; |
| | 32 | public static string $FILE_MIME; |
| | 33 | public static string $SHA1; |
| | 34 | public static string $NEW_NAME; |
| | 35 | public static string $NEW_NAME_FULL; |
| | 36 | public static string $IP; |
| | 37 | |
| | 38 | public static string $FILE_SIZE; |
| | 39 | public static string $TEMP_FILE; |
| | 40 | |
| | 41 | |
| | 42 | public function reFiles($files): array |
| | 43 | { |
| | 44 | $result = []; |
| | 45 | $files = self::diverseArray($files); |
| | 46 | |
| | 47 | foreach ($files as $file) { |
| | 48 | self::$FILE_NAME = $file['name']; |
| | 49 | self::$FILE_SIZE = $file['size']; |
| | 50 | self::$TEMP_FILE = $file['tmp_name']; |
| | 51 | self::$SHA1 = sha1_file(self::$TEMP_FILE); |
| | 52 | $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE, self::$SHA1]; |
| | 53 | } |
| | 54 | return $result; |
| | 55 | } |
| | 56 | |
| | 57 | public function diverseArray($files): array |
| | 58 | { |
| | 59 | $result = []; |
| | 60 | |
| | 61 | foreach ($files as $key1 => $value1) { |
| | 62 | foreach ($value1 as $key2 => $value2) { |
| | 63 | $result[$key2][$key1] = $value2; |
| | 64 | } |
| | 65 | } |
| | 66 | return $result; |
| | 67 | } |
| | 68 | |
| | 69 | /** |
| | 70 | * @throws Exception |
| | 71 | */ |
| | 72 | public function uploadFile(): array |
| | 73 | { |
| | 74 | (new Settings())->loadConfig(); |
| | 75 | |
| | 76 | if (Settings::$ANTI_DUPE) { |
| | 77 | (new Database())->antiDupe(); |
| | 78 | } |
| | 79 | |
| | 80 | (new Upload())->generateName(); |
| | 81 | |
| | 82 | |
| | 83 | if (!is_dir(Settings::$FILES_ROOT)) { |
| | 84 | throw new Exception('File storage path not accessible.', 500); |
| | 85 | } |
| | 86 | |
| | 87 | if (!move_uploaded_file(self::$TEMP_FILE, Settings::$FILES_ROOT . self::$NEW_NAME_FULL)) { |
| | 88 | throw new Exception('Failed to move file to destination', 500); |
| | 89 | } |
| | 90 | |
| | 91 | if (!chmod(Settings::$FILES_ROOT . self::$NEW_NAME_FULL, 0644)) { |
| | 92 | throw new Exception('Failed to change file permissions', 500); |
| | 93 | } |
| | 94 | |
| | 95 | (new Database())->newIntoDB(); |
| | 96 | |
| | 97 | if (Settings::$SSL) { |
| | 98 | $preURL = 'https://'; |
| | 99 | } else { |
| | 100 | $preURL = 'http://'; |
| | 101 | } |
| | 102 | |
| | 103 | return [ |
| | 104 | 'hash' => self::$SHA1, |
| | 105 | 'name' => self::$FILE_NAME, |
| | 106 | 'url' => $preURL . Settings::$URL . '/' . rawurlencode(self::$NEW_NAME_FULL), |
| | 107 | 'size' => self::$FILE_SIZE |
| | 108 | ]; |
| | 109 | } |
| | 110 | public function fileInfo() |
| | 111 | { |
| | 112 | if (isset($_FILES['files'])) { |
| | 113 | $finfo = finfo_open(FILEINFO_MIME_TYPE); |
| | 114 | self::$FILE_MIME = finfo_file($finfo, self::$TEMP_FILE); |
| | 115 | $extension = explode('.',self::$FILE_NAME,2); |
| | 116 | self::$FILE_EXTENSION = $extension['1']; |
| | 117 | finfo_close($finfo); |
| | 118 | |
| | 119 | if (Settings::$LOG_IP) { |
| | 120 | self::$IP = $_SERVER['REMOTE_ADDR']; |
| | 121 | } else { |
| | 122 | self::$IP = '0'; |
| | 123 | } |
| | 124 | } |
| | 125 | } |
| | 126 | /** |
| | 127 | * @throws Exception |
| | 128 | */ |
| | 129 | public function generateName(): string |
| | 130 | { |
| | 131 | (new Upload())->fileInfo(); |
| | 132 | |
| | 133 | do { |
| | 134 | if (Settings::$FILES_RETRIES === 0) { |
| | 135 | throw new Exception('Gave up trying to find an unused name!', 500); |
| | 136 | } |
| | 137 | |
| | 138 | self::$NEW_NAME = ''; |
| | 139 | for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) { |
| | 140 | self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))]; |
| | 141 | } |
| | 142 | |
| | 143 | if(isset(self::$FILE_EXTENSION)){ |
| | 144 | self::$NEW_NAME_FULL = self::$NEW_NAME; |
| | 145 | self::$NEW_NAME_FULL .= '.'.self::$FILE_EXTENSION; |
| | 146 | } |
| | 147 | |
| | 148 | if (Settings::$BLACKLIST_DB) { |
| | 149 | (new Database())->checkFileBlacklist(); |
| | 150 | } |
| | 151 | |
| | 152 | if (Settings::$FILTER_MODE) { |
| | 153 | self::checkMimeBlacklist(); |
| | 154 | self::checkExtensionBlacklist(); |
| | 155 | } |
| | 156 | } while ((new Database())->dbCheckNameExists() > 0); |
| | 157 | |
| | 158 | return self::$NEW_NAME_FULL; |
| | 159 | } |
| | 160 | |
| | 161 | /** |
| | 162 | * @throws Exception |
| | 163 | */ |
| | 164 | public function checkMimeBlacklist() |
| | 165 | { |
| | 166 | if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) { |
| | 167 | throw new Exception('Filetype not allowed.', 415); |
| | 168 | } |
| | 169 | } |
| | 170 | |
| | 171 | /** |
| | 172 | * @throws Exception |
| | 173 | */ |
| | 174 | public function checkExtensionBlacklist() |
| | 175 | { |
| | 176 | if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) { |
| | 177 | throw new Exception('Filetype not allowed.', 415); |
| | 178 | } |
| | 179 | } |
| | 180 | } |
projects / uguu.git / blame_incremental