]>
jfr.im git - uguu.git/blob - src/Classes/Upload.php
79d7ab437b660277738fc51939808dce8a53ded0
6 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation, either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 namespace Pomf\Uguu\Classes
;
26 class Upload
extends Response
28 public array $FILE_INFO;
29 public array $fingerPrintInfo;
30 private mixed $Connector;
33 * Takes an array of files, and returns an array of arrays containing the file's temporary name,
34 * name, size, SHA1 hash, extension, and MIME type
36 * @param $files array The files array from the $_FILES superglobal.
38 * @return array An array of arrays.
41 public function reFiles(array $files): array
43 $this->Connector
= new Connector();
44 $this->Connector
->setDB($this->Connector
->DB
);
46 $files = $this->diverseArray($files);
47 foreach ($files as $file) {
48 $hash = sha1_file($file['tmp_name']);
50 'TEMP_NAME' => $file['tmp_name'],
51 'NAME' => strip_tags($file['name']),
52 'SIZE' => $file['size'],
54 'EXTENSION' => $this->fileExtension($file),
55 'MIME' => $this->fileMIME($file),
58 if ($this->Connector
->CONFIG
['ANTI_DUPE']) {
59 $dupeResult = $this->Connector
->antiDupe($hash);
60 if ($dupeResult['result']) {
61 $this->FILE_INFO
['NEW_NAME'] = $dupeResult['name'];
65 if (!isset($this->FILE_INFO
['NEW_NAME'])) {
66 $this->FILE_INFO
['NEW_NAME'] = $this->generateName($this->FILE_INFO
['EXTENSION']);
70 $this->FILE_INFO
['TEMP_NAME'],
71 $this->FILE_INFO
['NAME'],
72 $this->FILE_INFO
['SIZE'],
73 $this->FILE_INFO
['SHA1'],
74 $this->FILE_INFO
['EXTENSION'],
75 $this->FILE_INFO
['MIME'],
82 * Takes an array of arrays and returns an array of arrays with the keys and values swapped
84 * @param $files array an array of arrays
89 * 'TEMP_NAME' => 'example'
93 * 'EXTENSION' => 'example'
98 * 'TEMP_NAME' => 'example'
100 * 'SIZE' => 'example'
101 * 'SHA1' => 'example'
102 * 'EXTENSION' => 'example'
103 * 'MIME' => 'example'
108 public function diverseArray(array $files): array
111 foreach ($files as $key1 => $value1) {
112 foreach ($value1 as $key2 => $value2) {
113 $result[$key2][$key1] = $value2;
120 * Takes a file, checks if it's blacklisted, moves it to the file storage, and then logs it to the database
122 * @return array An array containing the hash, name, url, and size of the file.
125 public function uploadFile(): array
128 case $this->Connector
->CONFIG
['RATE_LIMIT']:
130 $this->Connector
->checkRateLimit(
131 $this->fingerPrintInfo
,
132 (int) $this->Connector
->CONFIG
['RATE_LIMIT_TIMEOUT'],
133 (int) $this->Connector
->CONFIG
['RATE_LIMIT_FILES']
136 throw new Exception('Rate limit, please wait ' . $this->Connector
->CONFIG
['RATE_LIMIT_TIMEOUT'] .
137 ' seconds before uploading again.', 500);
140 case $this->Connector
->CONFIG
['BLACKLIST_DB']:
141 $this->Connector
->checkFileBlacklist($this->FILE_INFO
);
143 case $this->Connector
->CONFIG
['FILTER_MODE'] && empty($this->FILE_INFO
['EXTENSION']):
144 $this->checkMimeBlacklist();
146 case $this->Connector
->CONFIG
['FILTER_MODE'] && !empty($this->FILE_INFO
['EXTENSION']):
147 $this->checkMimeBlacklist();
148 $this->checkExtensionBlacklist();
151 if (!is_dir($this->Connector
->CONFIG
['FILES_ROOT'])) {
152 throw new Exception('File storage path not accessible.', 500);
156 $this->FILE_INFO
['TEMP_NAME'],
157 $this->Connector
->CONFIG
['FILES_ROOT'] .
158 $this->FILE_INFO
['NEW_NAME'],
161 throw new Exception('Failed to move file to destination', 500);
163 if (!chmod($this->Connector
->CONFIG
['FILES_ROOT'] . $this->FILE_INFO
['NEW_NAME'], 0644)) {
164 throw new Exception('Failed to change file permissions', 500);
169 $this->Connector
->newIntoDB($this->FILE_INFO
, $this->fingerPrintInfo
);
171 'hash' => $this->FILE_INFO
['SHA1'],
172 'name' => $this->FILE_INFO
['NAME'],
173 'url' => 'https://' . $this->Connector
->CONFIG
['FILE_DOMAIN'] . '/' . $this->FILE_INFO
['NEW_NAME'],
174 'size' => $this->FILE_INFO
['SIZE'],
179 * Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address,
180 * user agent, and the amount of files being
183 * @param $files_amount int The amount of files that are being uploaded.
187 public function fingerPrint(int $files_amount): void
189 if (!empty($_SERVER['HTTP_USER_AGENT'])) {
190 $USER_AGENT = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_ENCODED
);
192 if ($this->Connector
->CONFIG
['LOG_IP']) {
193 $ip = $_SERVER['REMOTE_ADDR'];
195 $this->fingerPrintInfo
= [
196 'timestamp' => time(),
197 'useragent' => $USER_AGENT,
199 'ip_hash' => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT),
200 'files_amount' => $files_amount,
203 throw new Exception('Invalid user agent.', 500);
208 * Returns the MIME type of a file
210 * @param $file array The file to be checked.
212 * @return string The MIME type of the file.
214 public function fileMIME(array $file): string
216 $FILE_INFO = finfo_open(FILEINFO_MIME_TYPE
);
217 return finfo_file($FILE_INFO, $file['tmp_name']);
221 * It takes an array of strings, and returns the last two strings joined by a dot,
222 * unless the last two strings are in the array of strings in the
223 * `DOUBLE_DOTS_EXTENSIONS` config variable, in which case it returns the last string
225 * @param $extension array The extension of the file.
227 * @return string The last two elements of the array are joined together and returned.
229 public function doubleDotExtension(array $extension): string
231 $doubleDotArray = array_slice($extension, -2, 2);
232 $doubleDot = strtolower(preg_replace('/[^a-zA-Z.]/', '', join('.', $doubleDotArray)));
233 if (in_array($doubleDot, $this->Connector
->CONFIG
['DOUBLE_DOTS_EXTENSIONS'])) {
236 return end($extension);
241 * Takes a file and returns the file extension
243 * @param $file array The file you want to get the extension from.
245 * @return string The file extension of the file.
247 public function fileExtension(array $file): string
249 $extension = explode('.', $file['name']);
250 $dotCount = substr_count($file['name'], '.');
251 return match ($dotCount) {
253 1 => end($extension),
254 2 => $this->doubleDotExtension($extension)
259 * > Check if the file's MIME type is in the blacklist
263 public function checkMimeBlacklist(): void
265 if (in_array($this->FILE_INFO
['MIME'], $this->Connector
->CONFIG
['BLOCKED_MIME'])) {
266 throw new Exception('Filetype not allowed.', 415);
271 * > Check if the file extension is in the blacklist
275 public function checkExtensionBlacklist(): void
277 if (in_array($this->FILE_INFO
['EXTENSION'], $this->Connector
->CONFIG
['BLOCKED_EXTENSIONS'])) {
278 throw new Exception('Filetype not allowed.', 415);
283 * Generates a random string of characters, checks if it exists in the database,
284 * and if it does, it generates another one
286 * @param $extension string The file extension.
288 * @return string A string
291 public function generateName(string $extension): string
294 if ($this->Connector
->CONFIG
['FILES_RETRIES'] === 0) {
295 throw new Exception('Gave up trying to find an unused name!', 500);
298 $count = strlen($this->Connector
->CONFIG
['ID_CHARSET']);
299 while ($this->Connector
->CONFIG
['NAME_LENGTH']--) {
300 $NEW_NAME .= $this->Connector
->CONFIG
['ID_CHARSET'][mt_rand(0, $count - 1)];
302 if (!empty($extension)) {
303 $NEW_NAME .= '.' . $extension;
305 } while ($this->Connector
->dbCheckNameExists($NEW_NAME));