includes/core.php

   1 <?php
   2 //Loading configuration file
   3 require_once "config.php";
   4
   5 //Saving the file on the server
   6 function save_file ($file, $name, $arg, $type){
   7     //Generate name depending on arg
   8     switch($arg){
   9         case 'random':
  10             $ext = pathinfo($file.$name, PATHINFO_EXTENSION);
  11             $ext = strtolower($ext);
  12             verify_extension($ext, $type);
  13             $file_name = gen_name('random', $ext);
  14             while(file_exists(CONFIG_FILES_PATH.$file_name)){
  15               $file_name = gen_name('random', $ext);
  16             }
  17             break;
  18         case 'custom_original':
  19             $name = stripslashes(str_replace('/', '', $name));
  20             $name = strip_tags(preg_replace('/\s+/', '', $name));
  21                 $file_name = gen_name('custom_original', $name);
  22                 $ext = pathinfo($file_name, PATHINFO_EXTENSION);
  23                 $ext = strtolower($ext);
  24                 verify_extension($ext, $type);
  25             while(file_exists(CONFIG_FILES_PATH.$file_name)){
  26                 $file_name = gen_name('custom_original', $name);
  27             }
  28             break;
  29     }
  30     //Move the file to the above location with said filename
  31     move_uploaded_file($file,CONFIG_FILES_PATH.$file_name);
  32     //Check if html or plain text should be returned
  33     if($type==='tool'){
  34     //Return url+filename to the user (plain text)
  35     if(CONFIG_SUBUPLOAD_URL_ENABLED == "true"){
  36     echo CONFIG_SUBUPLOAD_URL.'/'.urlencode($file_name);
  37     }else{
  38     echo CONFIG_ROOT_URL.'/files/'.urlencode($file_name);
  39     }
  40     exit(0);
  41     }elseif($type==='normal'){
  42     //Return url+filename to the user (HTML)
  43     $n=urlencode($file_name);
  44     include_once(CONFIG_ROOT_PATH.'upload-done.php');
  45     exit(0);
  46     }
  47 }
  48
  49 #Generate a random name for the uploaded file
  50 function gen_name($arg, $in){
  51     $chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
  52     $name = '';
  53     for ($i = 0; $i < CONFIG_RANDOM_LENGTH; $i++) {
  54     $name .= $chars[mt_rand(0, 60)];
  55         }
  56     switch($arg){
  57         case 'random':
  58             if($in){
  59                 return $name.'.'.$in;
  60             }
  61             return $name;
  62             break;
  63         case 'custom_original':
  64             return $name.'_'.$in;
  65             break;
  66     }
  67 }
  68
  69 //Verify that the extension is allowed
  70 function verify_extension($ext, $type){
  71     if(CONFIG_EXTENSION_BLOCKING_MODE === "WHITELIST") {
  72         $allowed = in_array($ext, unserialize(CONFIG_ALLOWED_EXTENSIONS));
  73     }else{
  74         $allowed = !in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS));
  75     }
  76
  77     if(!$allowed){
  78         if($type==='normal'){
  79             include_once(CONFIG_ROOT_PATH.'error_meow.php');
  80             exit(0);
  81         }else{
  82             exit('File type not allowed.');
  83         }
  84     }
  85 }