external-repos/pictshare
1
0
Fork 0
mirror of https://github.com/HaschekSolutions/pictshare.git synced 2025-11-11 10:46:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
pictshare/api/geturl.php
Chris 2388f68d5d preparations for dynamic data directories
2023-11-02 23:20:05 +01:00

128 lines
3.9 KiB
PHP
Raw Permalink Blame History

<?php
// basic path definitions
define('DS', DIRECTORY_SEPARATOR);
define('ROOT', dirname(__FILE__).'/..');
header('Content-Type: application/json; charset=utf-8');
//loading default settings if exist
if(!file_exists(ROOT.DS.'inc'.DS.'config.inc.php'))
exit('Rename /inc/example.config.inc.php to /inc/config.inc.php first!');
include_once(ROOT.DS.'inc'.DS.'config.inc.php');
//loading core and controllers
include_once(ROOT . DS . 'inc' . DS. 'core.php');
//load external things if existing
if(file_exists(ROOT.'/lib/vendor/autoload.php'))
require ROOT.'/lib/vendor/autoload.php';
loadAllContentControllers();
// check if client has permission to upload
executeUploadPermission();
// check write permissions first
if(!isFolderWritable(getDataDir()))
exit(json_encode(array('status'=>'err','reason'=>'Data directory not writable')));
else if(!isFolderWritable(ROOT.DS.'tmp'))
exit(json_encode(array('status'=>'err','reason'=>'Temp directory not writable')));
$hash = sanatizeString(trim($_REQUEST['hash']))?sanatizeString(trim($_REQUEST['hash'])):false;
$url = trim($_REQUEST['url']);
if(checkURLForPrivateIPRange($url))
exit(json_encode(array('status'=>'err','reason'=>'Private IP range')));
if(!$url || !startsWith($url, 'http'))
exit(json_encode(array('status'=>'err','reason'=>'Invalid URL')));
//@todo: let user decide max upload size via config and set php_ini var
else if(remote_filesize($url)*0.000001 > 20)
exit(json_encode(array('status'=>'err','reason'=>'File too big. 20MB max')));
$name = basename($url);
$tmpfile = ROOT.DS.'tmp'.DS.$name;
$context = stream_context_create(
array(
"http" => array(
"follow_location" => false,
),
)
);
file_put_contents($tmpfile,file_get_contents($url, false, $context));
$type = getTypeOfFile($tmpfile);
//check for duplicates
$sha1 = sha1_file($tmpfile);
$ehash = sha1Exists($sha1);
if($ehash && file_exists(getDataDir().DS.$ehash.DS.$ehash))
exit(json_encode(array('status'=>'ok','hash'=>$ehash,'filetype'=>$type,'url'=>getURL().$ehash)));
//cross check filetype for controllers
//
//image?
if(in_array($type,(new ImageController)->getRegisteredExtensions()))
{
$answer = (new ImageController())->handleUpload($tmpfile,$hash);
}
//or, a text
else if($type=='text')
{
$answer = (new TextController())->handleUpload($tmpfile,$hash);
}
//or, a video
else if(in_array($type,(new VideoController)->getRegisteredExtensions()))
{
$answer = (new VideoController())->handleUpload($tmpfile,$hash);
}
if(!$answer)
$answer = array('status'=>'err','reason'=>'Unsupported filetype','filetype'=>$type);
if($answer['hash'] && $answer['status']=='ok')
{
$answer['filetype'] = $type;
//add this sha1 to the list
addSha1($answer['hash'],$sha1);
if(getDeleteCodeOfHash($answer['hash']))
{
$answer['delete_code'] = getDeleteCodeOfHash($answer['hash']);
$answer['delete_url'] = getURL().'delete_'.getDeleteCodeOfHash($answer['hash']).'/'.$answer['hash'];
}
storageControllerUpload($answer['hash']);
}
if($answer['hash'] && $answer['status']=='ok')
{
//add this sha1 to the list
addSha1($answer['hash'],$sha1);
if(getDeleteCodeOfHash($answer['hash']))
{
$answer['delete_code'] = getDeleteCodeOfHash($answer['hash']);
$answer['delete_url'] = getURL().'delete_'.getDeleteCodeOfHash($answer['hash']).'/'.$answer['hash'];
}
storageControllerUpload($answer['hash']);
}
echo json_encode($answer);
function remote_filesize($url) {
static $regex = '/^Content-Length: *+\K\d++$/im';
if (!$fp = @fopen($url, 'rb'))
return false;
if (
isset($http_response_header) &&
preg_match($regex, implode("\n", $http_response_header), $matches)
)
return (int)$matches[0];
return strlen(stream_get_contents($fp));
}
Reference in New Issue View Git Blame Copy Permalink