]> jfr.im git - uguu.git/blob - static/php/includes/Upload.class.php
projects / uguu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
refactoring
[uguu.git] / static / php / includes / Upload.class.php
1 <?php
2 /*
3 * Uguu
4 *
5 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
6 *
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20
21
22 require_once 'Core.namespace.php';
23
24 use Core\Database as Database;
25 use Core\Settings as Settings;
26
27 class Upload
28 {
29
30 public static string $FILE_NAME;
31 public static mixed $FILE_EXTENSION;
32 public static string $FILE_MIME;
33 public static string $SHA1;
34 public static string $NEW_NAME;
35 public static string $NEW_NAME_FULL;
36 public static mixed $IP;
37
38 public static string $FILE_SIZE;
39 public static string $TEMP_FILE;
40
41
42 public static function reFiles($files): array
43 {
44 $result = [];
45 $files = self::diverseArray($files);
46
47 foreach ($files as $file) {
48 self::$FILE_NAME = strip_tags($file['name']);
49 self::$FILE_SIZE = $file['size'];
50 self::$TEMP_FILE = $file['tmp_name'];
51 self::$SHA1 = sha1_file(self::$TEMP_FILE);
52 $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE, self::$SHA1];
53 }
54 return $result;
55 }
56
57 public static function diverseArray($files): array
58 {
59 $result = [];
60
61 foreach ($files as $key1 => $value1) {
62 foreach ($value1 as $key2 => $value2) {
63 $result[$key2][$key1] = $value2;
64 }
65 }
66 return $result;
67 }
68
69 /**
70 * @throws Exception
71 */
72 public static function uploadFile(): array
73 {
74 Settings::loadConfig();
75 self::fileInfo();
76
77 if (Settings::$BLACKLIST_DB) {
78 Database::checkFileBlacklist();
79 }
80
81 if (Settings::$FILTER_MODE) {
82 self::checkMimeBlacklist();
83 if(!is_null(self::$FILE_EXTENSION)){
84 self::checkExtensionBlacklist();
85 }
86 }
87
88 if (Settings::$ANTI_DUPE) {
89 Database::antiDupe();
90 }
91
92 if (!Settings::$ANTI_DUPE) {
93 self::generateName();
94 }
95
96 if (!is_dir(Settings::$FILES_ROOT)) {
97 throw new Exception('File storage path not accessible.', 500);
98 }
99
100 if (!move_uploaded_file(self::$TEMP_FILE, Settings::$FILES_ROOT . self::$NEW_NAME_FULL)) {
101 throw new Exception('Failed to move file to destination', 500);
102 }
103
104 if (!chmod(Settings::$FILES_ROOT . self::$NEW_NAME_FULL, 0644)) {
105 throw new Exception('Failed to change file permissions', 500);
106 }
107
108 Database::newIntoDB();
109
110 if (Settings::$SSL) {
111 $preURL = 'https://';
112 } else {
113 $preURL = 'http://';
114 }
115
116 return [
117 'hash' => self::$SHA1,
118 'name' => self::$FILE_NAME,
119 'url' => $preURL . Settings::$URL . '/' . rawurlencode(self::$NEW_NAME_FULL),
120 'size' => self::$FILE_SIZE
121 ];
122 }
123
124 public static function fileInfo()
125 {
126 if (isset($_FILES['files'])) {
127 $finfo = finfo_open(FILEINFO_MIME_TYPE);
128 self::$FILE_MIME = finfo_file($finfo, self::$TEMP_FILE);
129 finfo_close($finfo);
130
131 $extension = explode('.', self::$FILE_NAME);
132 if(substr_count(self::$FILE_NAME, '.') > 0) {
133 self::$FILE_EXTENSION = $extension[count($extension)-1];
134 } else {
135 self::$FILE_EXTENSION = null;
136 }
137
138 if (Settings::$LOG_IP) {
139 self::$IP = $_SERVER['REMOTE_ADDR'];
140 } else {
141 self::$IP = null;
142 }
143 }
144 }
145
146 /**
147 * @throws Exception
148 */
149 public static function checkMimeBlacklist()
150 {
151 if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) {
152 throw new Exception('Filetype not allowed.', 415);
153 }
154 }
155
156 /**
157 * Check if file extension is blacklisted
158 * if it does throw an exception.
159 *
160 * @throws Exception
161 */
162 public static function checkExtensionBlacklist()
163 {
164 if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) {
165 throw new Exception('Filetype not allowed.', 415);
166 }
167 }
168
169 /**
170 * @throws Exception
171 */
172 public static function generateName()
173 {
174 do {
175 if (Settings::$FILES_RETRIES === 0) {
176 throw new Exception('Gave up trying to find an unused name!', 500);
177 }
178
179 self::$NEW_NAME = '';
180 for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
181 self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
182 }
183
184 self::$NEW_NAME_FULL = self::$NEW_NAME;
185
186 if (!is_null(self::$FILE_EXTENSION)) {
187 self::$NEW_NAME_FULL .= '.' . self::$FILE_EXTENSION;
188 }
189
190 } while (Database::dbCheckNameExists() > 0);
191 }
192 }
Image host (fork of https://github.com/nokonoko/Uguu)