From e4c59ba7f0d2ba043dfe54d0c7e0a58cbff59115 Mon Sep 17 00:00:00 2001 From: Fluffy-Bean Date: Tue, 27 Sep 2022 14:10:08 +0000 Subject: [PATCH] Custom upload and file_exists checking --- app/image/group.php | 2 +- app/image/upload_image.php | 113 +++++++++++++++++++++++++++++-------- app/required.php | 6 +- app/settings/manifest.json | 8 ++- app/settings/settings.php | 5 +- group.php | 17 +++--- 6 files changed, 111 insertions(+), 40 deletions(-) diff --git a/app/image/group.php b/app/image/group.php index f6d1b1d..17119c7 100644 --- a/app/image/group.php +++ b/app/image/group.php @@ -125,7 +125,7 @@ if (isset($_POST['title_submit'])) { */ if (isset($_POST['new_group_submit'])) { if ($user_info->is_loggedin()) { - $group_name = $_SESSION['username']."\'s Group"; + $group_name = "New Group"; $sql = "INSERT INTO groups (group_name, author, image_list) VALUES('$group_name', '".$_SESSION['id']."', '')"; mysqli_query($conn, $sql); diff --git a/app/image/upload_image.php b/app/image/upload_image.php index 18a519e..5574974 100644 --- a/app/image/upload_image.php +++ b/app/image/upload_image.php @@ -10,6 +10,7 @@ session_start(); // Include server connection include dirname(__DIR__)."/server/conn.php"; include dirname(__DIR__)."/app.php"; +include dirname(__DIR__)."/settings/settings.php"; use App\Make; @@ -17,23 +18,95 @@ $make_stuff = new Make(); if (isset($_POST['submit'])) { if (isset($_SESSION['id'])) { + $error = 0; + // Root paths - $dir = "../../images/"; - $thumb_dir = $dir."thumbnails/"; - $preview_dir = $dir."previews/"; + $dir = "../../images/"; + $thumb_dir = $dir."thumbnails/"; + $preview_dir = $dir."previews/"; - // File name updating - $file_type = pathinfo($dir.$_FILES['image']['name'],PATHINFO_EXTENSION); - $image_newname = "IMG_".$_SESSION["username"]."_".round(microtime(true)).".".$file_type; - $image_path = $dir.$image_newname; + $file_type = pathinfo($dir.$_FILES['image']['name'],PATHINFO_EXTENSION); - // Clean tags - $tags = $make_stuff->tags(trim($_POST['tags'])); + $tags = $make_stuff->tags(trim($_POST['tags'])); - // Allowed file types - $allowed_types = array('jpg', 'jpeg', 'png', 'webp'); - if (in_array($file_type, $allowed_types)) { - // Move file to server + // Check filetype + $allowed_types = array('jpg', 'jpeg', 'png', 'webp'); + if (!in_array($file_type, $allowed_types)) { + ?> + + Uploaders username + {{userid}} -> Uploaders ID + + {{time}} -> microtime of upload + {{date}} -> date of upload + + {{filename}} -> takes original filename + {{autoinc}} -> checks if file with name already exists + if so it adds a number on the end of it + + "foo" -> Text is accepted between templates + */ + + $name_template = $upload_conf['rename_to']; + + $name_template = str_replace('{{username}}', $_SESSION["username"], $name_template); + $name_template = str_replace('{{userid}}', $_SESSION["id"], $name_template); + + $name_template = str_replace('{{time}}', round(microtime(true)), $name_template); + $name_template = str_replace('{{date}}', date("Y-m-d"), $name_template); + + $name_template = str_replace('{{filename}}', pathinfo($dir.$_FILES['image']['name'],PATHINFO_FILENAME), $name_template); + + if (str_contains($name_template, "{{autoinc}}")) { + $autoinc = 0; + $autoinc_tmp_name = str_replace('{{autoinc}}', $autoinc, $name_template).".".$file_type; + + while (is_file($dir.$autoinc_tmp_name)) { + $autoinc += 1; + $autoinc_tmp_name = str_replace('{{autoinc}}', $autoinc, $name_template).".".$file_type; + } + + $name_template = str_replace('{{autoinc}}', $autoinc, $name_template); + } + + $image_newname = $name_template.".".$file_type; + $image_path = $dir.$image_newname; + + // Check for conflicting names, as the config could be setup wrong + if (is_file($image_path)) { + ?> + + + + @@ -91,12 +164,6 @@ if (isset($_POST['submit'])) { - - diff --git a/app/required.php b/app/required.php index cba2be3..4d52474 100644 --- a/app/required.php +++ b/app/required.php @@ -3,10 +3,10 @@ require_once dirname(__DIR__)."/app/server/conn.php"; require_once dirname(__DIR__)."/app/app.php"; require_once dirname(__DIR__)."/app/settings/settings.php"; -ini_set('post_max_size', $user_settings['upload_max']."M"); -ini_set('upload_max_filesize', ($user_settings['upload_max'] + 1)."M"); +ini_set('post_max_size', $upload_conf['max_filesize']."M"); +ini_set('upload_max_filesize', ($upload_conf['upload_max'] + 1)."M"); -if ($user_settings['is_testing'] == "true") { +if ($user_settings['is_testing'] == true) { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ERROR | E_PARSE | E_NOTICE); diff --git a/app/settings/manifest.json b/app/settings/manifest.json index 25be4d5..1c84162 100644 --- a/app/settings/manifest.json +++ b/app/settings/manifest.json @@ -26,6 +26,10 @@ "license":"GPL 3.0", "version": "22.09.26", "user_name": "[your name]", - "is_testing": "true", - "upload_max": "32" + "is_testing": true, + "upload": { + "max_filesize": "32", + "rename_on_upload": true, + "rename_to": "IMG_{{username}}_{{time}}" + } } \ No newline at end of file diff --git a/app/settings/settings.php b/app/settings/settings.php index b315fa7..30bedff 100644 --- a/app/settings/settings.php +++ b/app/settings/settings.php @@ -8,5 +8,6 @@ | the default background and accent colour |------------------------------------------------------------- */ -$user_import = file_get_contents(__DIR__."/manifest.json"); -$user_settings = json_decode($user_import, true); \ No newline at end of file +$user_import = file_get_contents(__DIR__."/manifest.json"); +$user_settings = json_decode($user_import, true); +$upload_conf = $user_settings["upload"]; \ No newline at end of file diff --git a/group.php b/group.php index 79c38f6..c184c2f 100644 --- a/group.php +++ b/group.php @@ -19,6 +19,14 @@ $_SESSION['err'] = "You followed a broken link"; } } + if (isset($_SESSION['err'])) { + ?> + + @@ -159,15 +167,6 @@ } echo ""; - } else { - if (isset($_SESSION['err'])) { - ?> - -