personal-website/docs/www/fileupload.php
Zeftax 6529fd2d90 fileupload print protocol
helps when directly pasting uploaded images as <img> src
2024-06-23 23:00:57 +02:00

54 lines
1.6 KiB
PHP

<?php
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
include_once($COMMONS."/header.php");
// If the user does not have the 1000 0000 permission,
// throw a 403: Forbidden error.
if (!isset($_COOKIE["PHPSESSID"]) ||
!(bool)($_SESSION["current_user"]->permissions & 128)) {
header($_SERVER["SERVER_PROTOCOL"]." 403 Forbidden", true, 403);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/403.php");
include_once($COMMONS."/footer.php");
die();
}
display_header("Upload a file.");
if(isset($_POST["submit"])) {
$uploadDir = '/srv/http/assets/upload/';
$firstDir = bin2hex(random_bytes(16));
$secondDir = bin2hex(random_bytes(16));
$filename = bin2hex(random_bytes(16));
$extension = pathinfo($_FILES['userfile']['name'], PATHINFO_EXTENSION);;
$combinedPath = $firstDir."/".$secondDir."/".$filename.".".$extension;
mkdir($uploadDir.$firstDir, 0774);
mkdir($uploadDir.$firstDir."/".$secondDir, 0774);
echo "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'],
$uploadDir.$combinedPath)) {
echo "File is valid, and was successfully uploaded.\n";
printf("location: https://assets.zdenekborovec.cz/upload/%s",
$combinedPath);
} else {
echo "File upload failed.\n";
}
echo "</pre>";
}
?>
<!-- The data encoding type, enctype, MUST be specified as below -->
<form method="post" enctype="multipart/form-data" action="<?php
htmlspecialchars($_SERVER["PHP_SELF"]); ?>">
<!-- Name of input element determines name in $_FILES array -->
<label for="userfile">Send this file:</label>
<input name="userfile" type="file">
<input name="submit" type="submit" value="Send File">
</form>
<?php
include_once($COMMONS."/footer.php");
?>