]>
jfr.im git - uguu.git/blob - static/php/includes/Upload.class.php
5 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 require_once 'Core.namespace.php';
24 use Core\Database
as Database
;
25 use Core\Settings
as Settings
;
30 public static string $FILE_NAME;
31 public static string $FILE_EXTENSION;
32 public static string $FILE_MIME;
33 public static string $SHA1;
34 public static string $NEW_NAME;
35 public static string $NEW_NAME_FULL;
36 public static string $IP;
38 public static string $FILE_SIZE;
39 public static string $TEMP_FILE;
42 public function reFiles($files): array
45 $files = self
::diverseArray($files);
47 foreach ($files as $file) {
48 self
::$FILE_NAME = $file['name'];
49 self
::$FILE_SIZE = $file['size'];
50 self
::$TEMP_FILE = $file['tmp_name'];
51 $result[] = [self
::$FILE_NAME, self
::$FILE_SIZE, self
::$TEMP_FILE];
56 public function diverseArray($files): array
60 foreach ($files as $key1 => $value1) {
61 foreach ($value1 as $key2 => $value2) {
62 $result[$key2][$key1] = $value2;
71 public function uploadFile(): array
73 (new Settings())->loadConfig();
75 if (Settings
::$ANTI_DUPE) {
76 (new Database())->antiDupe();
79 (new Upload())->generateName();
82 if (!is_dir(Settings
::$FILES_ROOT)) {
83 throw new Exception('File storage path not accessible.', 500);
86 if (!move_uploaded_file(self
::$TEMP_FILE, Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL)) {
87 throw new Exception('Failed to move file to destination', 500);
90 if (!chmod(Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL, 0644)) {
91 throw new Exception('Failed to change file permissions', 500);
94 (new Database())->newIntoDB();
103 'hash' => self
::$SHA1,
104 'name' => self
::$FILE_NAME,
105 'url' => $preURL . Settings
::$URL . '/' . rawurlencode(self
::$NEW_NAME_FULL),
106 'size' => self
::$FILE_SIZE
109 public function fileInfo()
111 if (isset($_FILES['files'])) {
112 self
::$SHA1 = sha1_file(self
::$TEMP_FILE);
113 $finfo = finfo_open(FILEINFO_MIME_TYPE
);
114 self
::$FILE_MIME = finfo_file($finfo, self
::$TEMP_FILE);
115 $extension = explode('.',self
::$FILE_NAME,2);
116 self
::$FILE_EXTENSION = $extension['1'];
119 if (Settings
::$LOG_IP) {
120 self
::$IP = $_SERVER['REMOTE_ADDR'];
129 public function generateName(): string
131 (new Upload())->fileInfo();
134 if (Settings
::$FILES_RETRIES === 0) {
135 throw new Exception('Gave up trying to find an unused name!', 500);
138 self
::$NEW_NAME = '';
139 for ($i = 0; $i < Settings
::$NAME_LENGTH; ++
$i) {
140 self
::$NEW_NAME .= Settings
::$ID_CHARSET[mt_rand(0, strlen(Settings
::$ID_CHARSET))];
143 if(isset(self
::$FILE_EXTENSION)){
144 self
::$NEW_NAME_FULL = self
::$NEW_NAME;
145 self
::$NEW_NAME_FULL .= '.'.self
::$FILE_EXTENSION;
148 if (Settings
::$BLACKLIST_DB) {
149 (new Database())->checkFileBlacklist();
152 if (Settings
::$FILTER_MODE) {
153 self
::checkMimeBlacklist();
154 self
::checkExtensionBlacklist();
156 } while ((new Database())->dbCheckNameExists() > 0);
158 return self
::$NEW_NAME_FULL;
164 public function checkMimeBlacklist()
166 if (in_array(self
::$FILE_MIME, Settings
::$BLOCKED_MIME)) {
167 throw new Exception('Filetype not allowed.', 415);
174 public function checkExtensionBlacklist()
176 if (in_array(self
::$FILE_EXTENSION, Settings
::$BLOCKED_EXTENSIONS)) {
177 throw new Exception('Filetype not allowed.', 415);