{
public static string $FILE_NAME;
- public static string $FILE_EXTENSION;
+ public static mixed $FILE_EXTENSION;
public static string $FILE_MIME;
public static string $SHA1;
public static string $NEW_NAME;
public static string $NEW_NAME_FULL;
- public static string $IP;
+ public static mixed $IP;
public static string $FILE_SIZE;
public static string $TEMP_FILE;
- public function reFiles($files): array
+ public static function reFiles($files): array
{
$result = [];
$files = self::diverseArray($files);
foreach ($files as $file) {
- self::$FILE_NAME = $file['name'];
+ self::$FILE_NAME = strip_tags($file['name']);
self::$FILE_SIZE = $file['size'];
self::$TEMP_FILE = $file['tmp_name'];
- $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE];
+ self::$SHA1 = sha1_file(self::$TEMP_FILE);
+ $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE, self::$SHA1];
}
return $result;
}
- public function diverseArray($files): array
+ public static function diverseArray($files): array
{
$result = [];
/**
* @throws Exception
*/
- public function uploadFile(): array
+ public static function uploadFile(): array
{
- (new Settings())->loadConfig();
+ Settings::loadConfig();
+ self::fileInfo();
- if (Settings::$ANTI_DUPE) {
- (new Database())->antiDupe();
+ if (Settings::$BLACKLIST_DB) {
+ Database::checkFileBlacklist();
}
- (new Upload())->generateName();
+ if (Settings::$FILTER_MODE) {
+ self::checkMimeBlacklist();
+ if(!is_null(self::$FILE_EXTENSION)){
+ self::checkExtensionBlacklist();
+ }
+ }
+
+ if (Settings::$ANTI_DUPE) {
+ Database::antiDupe();
+ }
+ if (!Settings::$ANTI_DUPE) {
+ self::generateName();
+ }
if (!is_dir(Settings::$FILES_ROOT)) {
throw new Exception('File storage path not accessible.', 500);
throw new Exception('Failed to change file permissions', 500);
}
- (new Database())->newIntoDB();
+ Database::newIntoDB();
if (Settings::$SSL) {
$preURL = 'https://';
];
}
- /**
- * @throws Exception
- */
- public function generateName(): string
+ public static function getIP()
{
- (new Upload())->fileInfo();
-
- do {
- if (Settings::$FILES_RETRIES === 0) {
- throw new Exception('Gave up trying to find an unused name!', 500);
- }
-
- self::$NEW_NAME = '';
- for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
- self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
- }
-
- if (isset(self::$FILE_EXTENSION) && self::$FILE_EXTENSION !== '') {
- self::$NEW_NAME_FULL = self::$NEW_NAME . '.' . self::$FILE_EXTENSION;
- }
-
- if (Settings::$BLACKLIST_DB) {
- (new Database())->checkFileBlacklist();
- }
-
- if (Settings::$FILTER_MODE) {
- self::checkMimeBlacklist();
- self::checkExtensionBlacklist();
- }
- } while ((new Database())->dbCheckNameExists() > 0);
-
- return self::$NEW_NAME_FULL;
+ if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
+ self::$IP = $_SERVER['HTTP_CLIENT_IP'];
+ }
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ self::$IP = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ }
+ if (!isset(self::$IP)) {
+ self::$IP = $_SERVER['REMOTE_ADDR'];
+ }
}
- public function fileInfo()
+ public static function fileInfo()
{
if (isset($_FILES['files'])) {
- self::$SHA1 = sha1_file(self::$TEMP_FILE);
$finfo = finfo_open(FILEINFO_MIME_TYPE);
self::$FILE_MIME = finfo_file($finfo, self::$TEMP_FILE);
finfo_close($finfo);
- if (Settings::$LOG_IP) {
- self::$IP = $_SERVER['REMOTE_ADDR'];
+ $extension = explode('.', self::$FILE_NAME);
+ if(substr_count(self::$FILE_NAME, '.') > 0) {
+ self::$FILE_EXTENSION = $extension[count($extension)-1];
} else {
- self::$IP = '0';
+ self::$FILE_EXTENSION = null;
}
- foreach (Settings::$DOUBLE_DOTS as $DDOT) {
- if (stripos(strrev(self::$FILE_NAME), $DDOT) === 0) {
- self::$FILE_EXTENSION = strrev($DDOT);
- } else {
- self::$FILE_EXTENSION = pathinfo(self::$FILE_NAME, PATHINFO_EXTENSION);
- }
+ if (Settings::$LOG_IP) {
+ self::getIP();
+ } else {
+ self::$IP = null;
}
}
}
/**
* @throws Exception
*/
- public function checkMimeBlacklist()
+ public static function checkMimeBlacklist()
{
if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) {
throw new Exception('Filetype not allowed.', 415);
}
/**
+ * Check if file extension is blacklisted
+ * if it does throw an exception.
+ *
* @throws Exception
*/
- public function checkExtensionBlacklist()
+ public static function checkExtensionBlacklist()
{
if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) {
throw new Exception('Filetype not allowed.', 415);
}
}
-}
+
+ /**
+ * @throws Exception
+ */
+ public static function generateName()
+ {
+ do {
+ if (Settings::$FILES_RETRIES === 0) {
+ throw new Exception('Gave up trying to find an unused name!', 500);
+ }
+
+ self::$NEW_NAME = '';
+ for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
+ self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
+ }
+
+ self::$NEW_NAME_FULL = self::$NEW_NAME;
+
+ if (!is_null(self::$FILE_EXTENSION)) {
+ self::$NEW_NAME_FULL .= '.' . self::$FILE_EXTENSION;
+ }
+
+ } while (Database::dbCheckNameExists() > 0);
+ }
+}
\ No newline at end of file
projects / uguu.git / blobdiff