X-Git-Url: https://jfr.im/git/uguu.git/blobdiff_plain/5156099cd16b66eff742032ee5740857f2247464..6b16f63c835e995ba0b97e6b3fa0d78a3ce68c9c:/static/php/includes/Upload.class.php

diff --git a/static/php/includes/Upload.class.php b/static/php/includes/Upload.class.php
index 15ba8f6..31bb2d1 100644
--- a/static/php/includes/Upload.class.php
+++ b/static/php/includes/Upload.class.php
@@ -39,7 +39,7 @@ class Upload
     public static string $TEMP_FILE;
 
 
-    public function reFiles($files): array
+    public static function reFiles($files): array
     {
         $result = [];
         $files = self::diverseArray($files);
@@ -48,12 +48,13 @@ class Upload
             self::$FILE_NAME = $file['name'];
             self::$FILE_SIZE = $file['size'];
             self::$TEMP_FILE = $file['tmp_name'];
-            $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE];
+            self::$SHA1 = sha1_file(self::$TEMP_FILE);
+            $result[] = [self::$FILE_NAME, self::$FILE_SIZE, self::$TEMP_FILE, self::$SHA1];
         }
         return $result;
     }
 
-    public function diverseArray($files): array
+    public static function diverseArray($files): array
     {
         $result = [];
 
@@ -68,16 +69,27 @@ class Upload
     /**
      * @throws Exception
      */
-    public function uploadFile(): array
+    public static function uploadFile(): array
     {
-        (new Settings())->loadConfig();
+        Settings::loadConfig();
+        self::fileInfo();
 
-        if (Settings::$ANTI_DUPE) {
-            (new Database())->antiDupe();
+        if (Settings::$BLACKLIST_DB) {
+            Database::checkFileBlacklist();
         }
 
-        (new Upload())->generateName();
+        if (Settings::$FILTER_MODE) {
+            self::checkMimeBlacklist();
+            self::checkExtensionBlacklist();
+        }
 
+        if (Settings::$ANTI_DUPE) {
+            Database::antiDupe();
+        }
+
+        if (!Settings::$ANTI_DUPE) {
+            self::generateName();
+        }
 
         if (!is_dir(Settings::$FILES_ROOT)) {
             throw new Exception('File storage path not accessible.', 500);
@@ -91,7 +103,7 @@ class Upload
             throw new Exception('Failed to change file permissions', 500);
         }
 
-        (new Database())->newIntoDB();
+        Database::newIntoDB();
 
         if (Settings::$SSL) {
             $preURL = 'https://';
@@ -107,46 +119,13 @@ class Upload
         ];
     }
 
-    /**
-     * @throws Exception
-     */
-    public function generateName(): string
-    {
-        (new Upload())->fileInfo();
-
-        do {
-            if (Settings::$FILES_RETRIES === 0) {
-                throw new Exception('Gave up trying to find an unused name!', 500);
-            }
-
-            self::$NEW_NAME = '';
-            for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
-                self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
-            }
-
-            if (isset(self::$FILE_EXTENSION) && self::$FILE_EXTENSION !== '') {
-                self::$NEW_NAME_FULL = self::$NEW_NAME . '.' . self::$FILE_EXTENSION;
-            }
-
-            if (Settings::$BLACKLIST_DB) {
-                (new Database())->checkFileBlacklist();
-            }
-
-            if (Settings::$FILTER_MODE) {
-                self::checkMimeBlacklist();
-                self::checkExtensionBlacklist();
-            }
-        } while ((new Database())->dbCheckNameExists() > 0);
-
-        return self::$NEW_NAME_FULL;
-    }
-
-    public function fileInfo()
+    public static function fileInfo()
     {
         if (isset($_FILES['files'])) {
-            self::$SHA1 = sha1_file(self::$TEMP_FILE);
             $finfo = finfo_open(FILEINFO_MIME_TYPE);
             self::$FILE_MIME = finfo_file($finfo, self::$TEMP_FILE);
+            $extension = explode('.', self::$FILE_NAME, 2);
+            self::$FILE_EXTENSION = $extension['1'];
             finfo_close($finfo);
 
             if (Settings::$LOG_IP) {
@@ -154,21 +133,13 @@ class Upload
             } else {
                 self::$IP = '0';
             }
-
-            foreach (Settings::$DOUBLE_DOTS as $DDOT) {
-                if (stripos(strrev(self::$FILE_NAME), $DDOT) === 0) {
-                    self::$FILE_EXTENSION = strrev($DDOT);
-                } else {
-                    self::$FILE_EXTENSION = pathinfo(self::$FILE_NAME, PATHINFO_EXTENSION);
-                }
-            }
         }
     }
 
     /**
      * @throws Exception
      */
-    public function checkMimeBlacklist()
+    public static function checkMimeBlacklist()
     {
         if (in_array(self::$FILE_MIME, Settings::$BLOCKED_MIME)) {
             throw new Exception('Filetype not allowed.', 415);
@@ -176,12 +147,37 @@ class Upload
     }
 
     /**
+     * Check if file extension is blacklisted
+     * if it does throw an exception.
+     *
      * @throws Exception
      */
-    public function checkExtensionBlacklist()
+    public static function checkExtensionBlacklist()
     {
         if (in_array(self::$FILE_EXTENSION, Settings::$BLOCKED_EXTENSIONS)) {
             throw new Exception('Filetype not allowed.', 415);
         }
     }
-}
+
+    /**
+     * @throws Exception
+     */
+    public static function generateName()
+    {
+        do {
+            if (Settings::$FILES_RETRIES === 0) {
+                throw new Exception('Gave up trying to find an unused name!', 500);
+            }
+
+            self::$NEW_NAME = '';
+            for ($i = 0; $i < Settings::$NAME_LENGTH; ++$i) {
+                self::$NEW_NAME .= Settings::$ID_CHARSET[mt_rand(0, strlen(Settings::$ID_CHARSET))];
+            }
+
+            if (isset(self::$FILE_EXTENSION)) {
+                self::$NEW_NAME_FULL = self::$NEW_NAME;
+                self::$NEW_NAME_FULL .= '.' . self::$FILE_EXTENSION;
+            }
+        } while (Database::dbCheckNameExists() > 0);
+    }
+}
\ No newline at end of file