]>
jfr.im git - uguu.git/blob - static/php/includes/Upload.class.php
5 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 require_once 'Core.namespace.php';
24 use Core\Database
as Database
;
25 use Core\Settings
as Settings
;
30 public static string $FILE_NAME;
31 public static mixed $FILE_EXTENSION;
32 public static string $FILE_MIME;
33 public static string $SHA1;
34 public static string $NEW_NAME;
35 public static string $NEW_NAME_FULL;
36 public static mixed $IP;
38 public static string $FILE_SIZE;
39 public static string $TEMP_FILE;
42 public static function reFiles($files): array
45 $files = self
::diverseArray($files);
47 foreach ($files as $file) {
48 self
::$FILE_NAME = strip_tags($file['name']);
49 self
::$FILE_SIZE = $file['size'];
50 self
::$TEMP_FILE = $file['tmp_name'];
51 self
::$SHA1 = sha1_file(self
::$TEMP_FILE);
52 $result[] = [self
::$FILE_NAME, self
::$FILE_SIZE, self
::$TEMP_FILE, self
::$SHA1];
57 public static function diverseArray($files): array
61 foreach ($files as $key1 => $value1) {
62 foreach ($value1 as $key2 => $value2) {
63 $result[$key2][$key1] = $value2;
72 public static function uploadFile(): array
74 Settings
::loadConfig();
77 if (Settings
::$BLACKLIST_DB) {
78 Database
::checkFileBlacklist();
81 if (Settings
::$FILTER_MODE) {
82 self
::checkMimeBlacklist();
83 if(!is_null(self
::$FILE_EXTENSION)){
84 self
::checkExtensionBlacklist();
88 if (Settings
::$ANTI_DUPE) {
92 if (!Settings
::$ANTI_DUPE) {
96 if (!is_dir(Settings
::$FILES_ROOT)) {
97 throw new Exception('File storage path not accessible.', 500);
100 if (!move_uploaded_file(self
::$TEMP_FILE, Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL)) {
101 throw new Exception('Failed to move file to destination', 500);
104 if (!chmod(Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL, 0644)) {
105 throw new Exception('Failed to change file permissions', 500);
108 Database
::newIntoDB();
110 if (Settings
::$SSL) {
111 $preURL = 'https://';
117 'hash' => self
::$SHA1,
118 'name' => self
::$FILE_NAME,
119 'url' => $preURL . Settings
::$URL . '/' . rawurlencode(self
::$NEW_NAME_FULL),
120 'size' => self
::$FILE_SIZE
124 public static function fileInfo()
126 if (isset($_FILES['files'])) {
127 $finfo = finfo_open(FILEINFO_MIME_TYPE
);
128 self
::$FILE_MIME = finfo_file($finfo, self
::$TEMP_FILE);
131 $extension = explode('.', self
::$FILE_NAME);
132 if(substr_count(self
::$FILE_NAME, '.') > 0) {
133 self
::$FILE_EXTENSION = $extension[count($extension)-1];
135 self
::$FILE_EXTENSION = null;
138 if (Settings
::$LOG_IP) {
139 self
::$IP = $_SERVER['REMOTE_ADDR'];
149 public static function checkMimeBlacklist()
151 if (in_array(self
::$FILE_MIME, Settings
::$BLOCKED_MIME)) {
152 throw new Exception('Filetype not allowed.', 415);
157 * Check if file extension is blacklisted
158 * if it does throw an exception.
162 public static function checkExtensionBlacklist()
164 if (in_array(self
::$FILE_EXTENSION, Settings
::$BLOCKED_EXTENSIONS)) {
165 throw new Exception('Filetype not allowed.', 415);
172 public static function generateName()
175 if (Settings
::$FILES_RETRIES === 0) {
176 throw new Exception('Gave up trying to find an unused name!', 500);
179 self
::$NEW_NAME = '';
180 for ($i = 0; $i < Settings
::$NAME_LENGTH; ++
$i) {
181 self
::$NEW_NAME .= Settings
::$ID_CHARSET[mt_rand(0, strlen(Settings
::$ID_CHARSET))];
184 self
::$NEW_NAME_FULL = self
::$NEW_NAME;
186 if (!is_null(self
::$FILE_EXTENSION)) {
187 self
::$NEW_NAME_FULL .= '.' . self
::$FILE_EXTENSION;
190 } while (Database
::dbCheckNameExists() > 0);