<?php
function logError($msg)
{
file_put_contents('../upload_log.txt', $msg . PHP_EOL, FILE_APPEND | LOCK_EX);
}
function fatalError($code, $msg)
{
// clear the old headers
header_remove();
// set the actual code
http_response_code($code);
// set the header to make sure cache is forced
header("Cache-Control: no-transform,public,max-age=300,s-maxage=900");
header('Content-Type: text/plain; charset=utf-8');
echo $msg;
logError($msg);
exit();
}
// replace this with a more secure password
$password = "photos";
// folder in which to store uploaded images
$destdir = "../gallery_uploads";
$id = $_POST["id"];
$request = $_POST["request"];
$filename = $_POST["filename"];
$chksum = $_POST["md5"];
$key = $_POST["key"];
// check client authentication string is correct
$localKey = "breeze" . $id . $password . $filename . $chksum;
if (sha1($localKey) != $key) {
fatalError(401, "Not authorized $key, " . sha1($localKey) . " id=$id, filename=$filename");
}
if ($request == "get_status")
{
// check whether file already exists on the server
$destFile = "$destdir/$filename";
$arr = array('exists' => file_exists($destFile), 'filename' => $filename);
fatalError(400, json_encode($arr));
}
else if ($request != "upload")
{
// check whether it is an upload request
fatalError(400, "Invalid request: $request");
}
try {
// Undefined | Multiple Files | $_FILES Corruption Attack
// If this request falls under any of them, treat it invalid.
if (!isset($_FILES['fileToUpload']['error']) || is_array($_FILES['fileToUpload']['error'])) {
fatalError(400, "Invalid parameters");
}
// Check $_FILES['fileToUpload']['error'] value.
switch ($_FILES['fileToUpload']['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
fatalError(400, 'No file sent');
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
fatalError(400, 'Exceeded form file size limit');
default:
fatalError(400, 'Unknown error');
}
// Check MIME type
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($_FILES['fileToUpload']['tmp_name']);
if (false === array_search(
$mimeType,
array(
'image/jpeg',
'image/gif',
'video/mp4',
'video/quicktime',
'text/xml',
)
)) {
fatalError(400, "Unexpected MIME type: " . $mimeType);
}
$srcFile = $_FILES["fileToUpload"]["tmp_name"];
// check file is JPEG, GIF, MP4 or XML
$fileType = strtolower(pathinfo($filename,PATHINFO_EXTENSION));
if ($fileType != "jpg" && $fileType != "gif" && $fileType != "mp4" && $fileType != "xml" ) {
fatalError(400, "File type not allowed");
}
// check MD5 checksum matches uploaded file
if (strcasecmp(md5_file($_FILES["fileToUpload"]["tmp_name"]), $chksum) != 0) {
fatalError(400, "MD5 checksum incorrect");
}
// read filename and dir from $filename and create dir if it doesn't already exist
[ 'basename' => $basename, 'dirname' => $dirname ] = pathinfo($filename);
$destFile = "$destdir/$basename";
if (strlen($dirname) > 0)
{
$dir = "$destdir/$dirname";
if (!file_exists($dir)) {
mkdir($dir, 0777, true);
}
if (file_exists($dir)) {
$destFile = "$dir/$basename";
}
}
// move the uploaded file to the upload folder
if (move_uploaded_file($srcFile, $destFile)) {
header('Content-Type: text/plain; charset=utf-8');
echo "File: $destFile";
} else {
logError("move_uploaded_file($srcFile, $destFile) failed");
fatalError(400, "Error copying file to upload folder: $destFile");
}
} catch (RuntimeException $e) {
fatalError(400, $e->getMessage());
}
?>