]>
jfr.im git - uguu.git/blob - static/php/includes/Upload.class.php
5 * @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 require_once 'Core.namespace.php';
24 use Core\Database
as Database
;
25 use Core\Response
as Response
;
26 use Core\Settings
as Settings
;
30 public static string $FILE_NAME;
31 public static string $FILE_EXTENSION;
32 public static string $FILE_MIME;
33 public static string $SHA1;
34 public static int $FILE_SIZE;
35 public static string $NEW_NAME;
36 public static string $NEW_NAME_FULL;
37 public static string $IP;
45 public function uploadFile($file): array
47 if (Settings
::$ANTI_DUPE) {
48 (new Database())->antiDupe();
51 self
::generateName($file);
53 if (!move_uploaded_file($file->tempfile
, Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL)) {
54 (new Response())->returnError('500', 'Failed to move file to destination', self
::$FILE_NAME);
57 if (!chmod(Settings
::$FILES_ROOT . self
::$NEW_NAME_FULL, 0644)) {
58 (new Response())->returnError('500', 'Failed to change file permissions', self
::$FILE_NAME);
61 (new Database())->newIntoDB();
64 'hash' => self
::$SHA1,
65 'name' => self
::$FILE_NAME,
66 'url' => Settings
::$URL . rawurlencode(self
::$NEW_NAME_FULL),
67 'size' => self
::$FILE_SIZE
76 public function generateName($file): string
78 self
::fileInfo($file);
81 // Iterate until we reach the maximum number of retries
82 if (Settings
::$FILES_RETRIES === 0) {
83 (new Response())->returnError('500', 'Gave up trying to find an unused name', self
::$FILE_NAME);
86 for ($i = 0; $i < Settings
::$NAME_LENGTH; ++
$i) {
87 self
::$NEW_NAME .= Settings
::$ID_CHARSET[mt_rand(0, strlen(Settings
::$ID_CHARSET))];
90 // Add the extension to the file name
91 if (isset(self
::$FILE_EXTENSION) && self
::$FILE_EXTENSION !== '') {
92 self
::$NEW_NAME_FULL = self
::$NEW_NAME . '.' . self
::$FILE_EXTENSION;
95 // Check if the file hash is blacklisted
96 if (Settings
::$BLACKLIST_DB) {
97 (new Database())->checkFileBlacklist();
100 // Check if extension or mime is blacklisted
101 if (Settings
::$FILTER_MODE) {
102 self
::checkMimeBlacklist();
103 self
::checkExtensionBlacklist();
105 } while ((new Database())->dbCheckNameExists() > 0);
107 return self
::$NEW_NAME_FULL;
115 public function fileInfo($file)
117 if (isset($_FILES['files'])) {
118 self
::$FILE_NAME = $file->name
;
119 self
::$SHA1 = sha1_file($file->tempfile
);
120 self
::$FILE_SIZE = $file->size
;
121 $finfo = finfo_open(FILEINFO_MIME_TYPE
);
122 self
::$FILE_MIME = finfo_file($finfo, $file->tempfile
);
125 if (Settings
::$LOG_IP) {
126 self
::$IP = $_SERVER['REMOTE_ADDR'];
130 // Check if extension is a double-dot extension and, if true, override $ext
131 foreach (Settings
::$DOUBLE_DOTS as $ddot) {
132 if (stripos(strrev(self
::$FILE_NAME), $ddot) === 0) {
133 self
::$FILE_EXTENSION = strrev($ddot);
135 self
::$FILE_EXTENSION = pathinfo($file->name
, PATHINFO_EXTENSION
);
144 public function checkMimeBlacklist()
146 if (in_array(self
::$FILE_MIME, Settings
::$BLOCKED_MIME)) {
147 (new Response())->returnError('415', 'Filetype not allowed!', self
::$FILE_NAME);
154 protected function checkExtensionBlacklist()
156 if (in_array(self
::$FILE_EXTENSION, Settings
::$BLOCKED_EXTENSIONS)) {
157 (new Response())->returnError('415', 'Filetype not allowed!', self
::$FILE_NAME);
166 public function reFiles($files): array
169 $files = self
::diverseArray($files);
171 foreach ($files as $file) {
173 $f->name
= $file['name'];
174 $f->mime
= $file['type'];
175 $f->size
= $file['size'];
176 $f->tempfile
= $file['tmp_name'];
177 $f->error
= $file['error'];
188 public function diverseArray($files): array
192 foreach ($files as $key1 => $value1) {
193 foreach ($value1 as $key2 => $value2) {
194 $result[$key2][$key1] = $value2;