/* @param string UGUU_DB_PASS Database password */
define('UGUU_DB_PASS', 'NULL');
-/** Log IP of uploads */
+/**
+ * @param boolean Log IP of uploads
+ */
define('LOG_IP', false);
-/** Dont upload a file already in the DB */
+/**
+ * @param boolean anti-dupe
+ */
define('ANTI_DUPE', false);
/*
define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary', 'image/svg+xml']));
/**
- * Filter mode: whitelist (true) or blacklist (false).
- *
- * @param bool $FILTER_MODE mime type filter mode
+ * Whitelist or blacklist mode
+ * @param boolean blacklist (false) | whitelist (true)
*/
-$FILTER_MODE = false;
+define('CONFIG_FILTER_MODE', false);
+
/**
* Double dot file extensions.
*
$name .= '.'.$ext;
}
- //Check if MIME is blacklisted
- if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
- http_response_code(415);
- exit(0);
- }
- //Check if EXT is blacklisted
- if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
- http_response_code(415);
- exit(0);
+ // Check if file is whitelisted or blacklisted
+ switch (CONFIG_FILTER_MODE) {
+
+ case false:
+ //check if MIME is blacklisted
+ if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
+ http_response_code(415);
+ exit(0);
+ }
+ //Check if EXT is blacklisted
+ if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
+ http_response_code(415);
+ exit(0);
+ }
+ break;
+
+ case true:
+ //Check if MIME is whitelisted
+ if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
+ http_response_code(415);
+ exit(0);
+ }
+ //Check if EXT is whitelisted
+ if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
+ http_response_code(415);
+ exit(0);
+ }
+ break;
}
// Check if a file with the same name does already exist in the database
function uploadFile($file)
{
global $db;
- global $FILTER_MODE;
- global $FILTER_MIME;
// Handle file errors
if ($file->error) {