]>
jfr.im git - uguu.git/blob - src/Classes/Upload.php
5 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
25 class Upload
extends Response
27 public array $FILE_INFO;
28 public array $fingerPrintInfo;
29 private mixed $Connector;
32 * Takes an array of files, and returns an array of arrays containing the file's temporary name, name, size, SHA1 hash, extension, and MIME type
34 * @param $files array The files array from the $_FILES superglobal.
36 * @return array An array of arrays.
39 public function reFiles(array $files):array
41 $this->Connector
= new Connector();
42 $this->Connector
->setDB($this->Connector
->DB
);
44 $files = $this->diverseArray($files);
45 foreach ($files as $file) {
46 $hash = sha1_file($file['tmp_name']);
48 'TEMP_NAME' => $file['tmp_name'],
49 'NAME' => strip_tags($file['name']),
50 'SIZE' => $file['size'],
52 'EXTENSION' => $this->fileExtension($file),
53 'MIME' => $this->fileMIME($file),
54 'NEW_NAME' => $this->generateName($this->fileExtension($file), $hash),
57 $this->FILE_INFO
['TEMP_NAME'],
58 $this->FILE_INFO
['NAME'],
59 $this->FILE_INFO
['SIZE'],
60 $this->FILE_INFO
['SHA1'],
61 $this->FILE_INFO
['EXTENSION'],
62 $this->FILE_INFO
['MIME'],
69 * Takes an array of arrays and returns an array of arrays with the keys and values swapped
71 * @param $files array an array of arrays
76 * 'TEMP_NAME' => 'example'
80 * 'EXTENSION' => 'example'
85 * 'TEMP_NAME' => 'example'
89 * 'EXTENSION' => 'example'
95 public function diverseArray(array $files):array
98 foreach ($files as $key1 => $value1) {
99 foreach ($value1 as $key2 => $value2) {
100 $result[$key2][$key1] = $value2;
107 * Takes a file, checks if it's blacklisted, moves it to the file storage, and then logs it to the database
109 * @return array An array containing the hash, name, url, and size of the file.
112 public function uploadFile():array
114 if ($this->Connector
->CONFIG
['RATE_LIMIT']) {
115 $this->Connector
->checkRateLimit($this->fingerPrintInfo
);
117 if ($this->Connector
->CONFIG
['BLACKLIST_DB']) {
118 $this->Connector
->checkFileBlacklist($this->FILE_INFO
);
120 if ($this->Connector
->CONFIG
['FILTER_MODE'] && empty($this->FILE_INFO
['EXTENSION'])) {
121 $this->checkMimeBlacklist();
123 if ($this->Connector
->CONFIG
['FILTER_MODE'] && !empty($this->FILE_INFO
['EXTENSION'])) {
124 $this->checkMimeBlacklist();
125 $this->checkExtensionBlacklist();
127 if (!is_dir($this->Connector
->CONFIG
['FILES_ROOT'])) {
128 throw new Exception('File storage path not accessible.', 500);
132 $this->FILE_INFO
['TEMP_NAME'],
133 $this->Connector
->CONFIG
['FILES_ROOT'] .
134 $this->FILE_INFO
['NEW_NAME'],
137 throw new Exception('Failed to move file to destination', 500);
139 if (!chmod($this->Connector
->CONFIG
['FILES_ROOT'] . $this->FILE_INFO
['NEW_NAME'], 0644)) {
140 throw new Exception('Failed to change file permissions', 500);
142 if (!$this->Connector
->CONFIG
['LOG_IP']) {
143 $this->fingerPrintInfo
['ip'] = null;
145 $this->Connector
->newIntoDB($this->FILE_INFO
, $this->fingerPrintInfo
);
147 'hash' => $this->FILE_INFO
['SHA1'],
148 'name' => $this->FILE_INFO
['NAME'],
149 'url' => $this->Connector
->CONFIG
['FILES_URL'] . '/' . $this->FILE_INFO
['NEW_NAME'],
150 'size' => $this->FILE_INFO
['SIZE'],
155 * Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address, user agent, and the amount of files being
158 * @param $files_amount int The amount of files that are being uploaded.
162 public function fingerPrint(int $files_amount):void
164 if (!empty($_SERVER['HTTP_USER_AGENT'])) {
165 $USER_AGENT = filter_var($_SERVER['HTTP_USER_AGENT'], FILTER_SANITIZE_ENCODED
);
166 $this->fingerPrintInfo
= [
167 'timestamp' => time(),
168 'useragent' => $USER_AGENT,
169 'ip' => $_SERVER['REMOTE_ADDR'],
170 'ip_hash' => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT),
171 'files_amount' => $files_amount,
174 throw new Exception('Invalid user agent.', 500);
179 * Returns the MIME type of a file
181 * @param $file array The file to be checked.
183 * @return string The MIME type of the file.
185 public function fileMIME(array $file):string
187 $FILE_INFO = finfo_open(FILEINFO_MIME_TYPE
);
188 return finfo_file($FILE_INFO, $file['tmp_name']);
192 * Takes a file and returns the file extension
194 * @param $file array The file you want to get the extension from.
196 * @return ?string The file extension of the file.
198 public function fileExtension(array $file):?string
200 $extension = explode('.', $file['name']);
201 if (substr_count($file['name'], '.') > 0) {
202 return end($extension);
209 * > Check if the file's MIME type is in the blacklist
213 public function checkMimeBlacklist():void
215 if (in_array($this->FILE_INFO
['MIME'], $this->Connector
->CONFIG
['BLOCKED_MIME'])) {
216 throw new Exception('Filetype not allowed.', 415);
221 * > Check if the file extension is in the blacklist
225 public function checkExtensionBlacklist():void
227 if (in_array($this->FILE_INFO
['EXTENSION'], $this->Connector
->CONFIG
['BLOCKED_EXTENSIONS'])) {
228 throw new Exception('Filetype not allowed.', 415);
233 * Generates a random string of characters, checks if it exists in the database, and if it does, it generates another one
235 * @param $extension string The file extension.
236 * @param $hash string The hash of the file.
238 * @return string A string
241 public function generateName(string $extension, string $hash):string
243 if ($this->Connector
->antiDupe($hash)) {
245 if ($this->Connector
->CONFIG
['FILES_RETRIES'] === 0) {
246 throw new Exception('Gave up trying to find an unused name!', 500);
249 for ($i = 0; $i < $this->Connector
->CONFIG
['NAME_LENGTH']; ++
$i) {
250 $NEW_NAME .= $this->Connector
->CONFIG
['ID_CHARSET']
251 [mt_rand(0, strlen($this->Connector
->CONFIG
['ID_CHARSET']))];
253 if (!empty($extension)) {
254 $NEW_NAME .= '.' . $extension;
256 } while ($this->Connector
->dbCheckNameExists($NEW_NAME) > 0);
259 return $this->Connector
->antiDupe($hash);