2023-04-09 11:58:09 +01:00
|
|
|
<?php
|
2023-07-05 00:52:36 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* DO NOT TOUCH!!!!!!!!
|
|
|
|
*/
|
2023-04-09 11:58:09 +01:00
|
|
|
$before = microtime(true); // Start time of the script
|
2023-07-05 00:52:36 +01:00
|
|
|
$defaultSecretKey = "set me"; // The default secret key
|
2023-04-12 03:09:53 +01:00
|
|
|
header('Content-type:application/json;charset=utf-8'); // Set the response content type to JSON
|
2023-04-09 12:21:39 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Configuration
|
|
|
|
*/
|
2023-07-05 01:49:59 +01:00
|
|
|
|
|
|
|
if (getenv('DOCKER')) { // If the script is running in a Docker container
|
|
|
|
$uploadSecrets = explode(",", getenv('UPLOAD_SECRETS')); // The upload secrets
|
|
|
|
$uploadDir = getenv('UPLOAD_DIR'); // The upload directory
|
|
|
|
$useRandomFileNames = getenv('USE_RANDOM_FILE_NAMES'); // Use random file names instead of the original file name
|
2023-07-05 16:09:58 +01:00
|
|
|
$fileNameLength = getenv('FILE_NAME_LENGTH'); // The length of the random file name
|
2023-07-05 01:49:59 +01:00
|
|
|
$shouldConvertToWebp = getenv('SHOULD_CONVERT_TO_WEBP'); // Should the script convert images to webp?
|
|
|
|
$webpQuality = getenv('WEBP_QUALITY'); // The quality of the webp image (0-100)
|
|
|
|
$webpThreadhold = getenv('WEBP_THREADHOLD'); // The minimum file size for converting to webp (in bytes)
|
2023-07-05 01:08:00 +01:00
|
|
|
} else {
|
2023-07-05 01:49:59 +01:00
|
|
|
/**
|
|
|
|
* !!!
|
|
|
|
* USE THIS IF YOU ARE NOT USING DOCKER
|
|
|
|
* !!!
|
|
|
|
*/
|
|
|
|
$uploadSecrets = array("set me"); // The upload secrets
|
|
|
|
$uploadDir = "./"; // The upload directory
|
|
|
|
$useRandomFileNames = false; // Use random file names instead of the original file name
|
2023-07-05 16:09:58 +01:00
|
|
|
$fileNameLength = 8; // The length of the random file name
|
2023-07-05 01:49:59 +01:00
|
|
|
$shouldConvertToWebp = true; // Should the script convert images to webp?
|
|
|
|
$webpQuality = 95; // The quality of the webp image (0-100)
|
|
|
|
$webpThreadhold = 1048576; // 1MB - The minimum file size for converting to webp (in bytes)
|
2023-07-05 01:08:00 +01:00
|
|
|
}
|
2023-04-09 11:58:09 +01:00
|
|
|
|
|
|
|
/**
|
2023-04-09 19:26:35 +01:00
|
|
|
* Check if the given secret is valid
|
2023-04-09 11:58:09 +01:00
|
|
|
*/
|
2023-04-09 19:41:52 +01:00
|
|
|
function checkSecret($secret): bool
|
2023-04-09 17:30:23 +01:00
|
|
|
{
|
2023-04-09 19:25:01 +01:00
|
|
|
global $uploadSecrets;
|
2023-04-09 19:41:52 +01:00
|
|
|
return isset($secret) && in_array($secret, $uploadSecrets);
|
2023-04-09 11:58:09 +01:00
|
|
|
}
|
|
|
|
|
2023-04-09 12:17:17 +01:00
|
|
|
/**
|
|
|
|
* Generate a random string
|
|
|
|
*/
|
2023-04-09 17:30:23 +01:00
|
|
|
function generateRandomString($length = 10): string
|
|
|
|
{
|
2023-04-09 12:17:17 +01:00
|
|
|
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
|
|
|
|
$charactersLength = strlen($characters);
|
|
|
|
$randomString = '';
|
2023-07-05 00:44:51 +01:00
|
|
|
|
2023-04-09 12:17:17 +01:00
|
|
|
for ($i = 0; $i < $length; $i++) {
|
2023-07-05 00:44:51 +01:00
|
|
|
// Shuffle the characters array
|
|
|
|
$shuffledCharacters = str_shuffle($characters);
|
|
|
|
$randomIndex = random_int(0, $charactersLength - 1);
|
|
|
|
$randomString .= $shuffledCharacters[$randomIndex];
|
2023-04-09 12:17:17 +01:00
|
|
|
}
|
2023-07-05 00:44:51 +01:00
|
|
|
|
2023-04-09 12:17:17 +01:00
|
|
|
return $randomString;
|
|
|
|
}
|
|
|
|
|
2023-04-09 17:36:53 +01:00
|
|
|
/**
|
|
|
|
* Get the time taken to execute the script
|
|
|
|
*/
|
|
|
|
function getTimeTaken()
|
|
|
|
{
|
|
|
|
global $before;
|
|
|
|
return round(microtime(true) - $before, 3) . "ms";
|
|
|
|
}
|
|
|
|
|
2023-04-09 11:58:09 +01:00
|
|
|
/**
|
|
|
|
* Return a JSON response
|
|
|
|
*/
|
2023-04-09 17:30:23 +01:00
|
|
|
function returnJson($data): void
|
|
|
|
{
|
|
|
|
echo (json_encode($data));
|
2023-04-09 11:58:09 +01:00
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
2023-04-09 12:21:39 +01:00
|
|
|
try {
|
2023-04-09 19:41:52 +01:00
|
|
|
$secret = $_POST['secret']; // The secret key
|
2023-04-09 12:21:39 +01:00
|
|
|
$file = $_FILES['sharex']; // The uploaded file
|
2023-04-09 11:58:09 +01:00
|
|
|
|
2023-04-09 12:21:39 +01:00
|
|
|
// Check if the token is valid
|
2023-04-09 19:41:52 +01:00
|
|
|
if (!checkSecret($secret)) {
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'ERROR',
|
2023-04-09 17:37:56 +01:00
|
|
|
'url' => 'Invalid or missing upload secret',
|
2023-04-09 17:36:53 +01:00
|
|
|
// Remove this if you don't want to show the support URL
|
2023-04-09 17:31:08 +01:00
|
|
|
'support' => "For support, visit - https://git.fascinated.cc/Fascinated/sharex-php-uploader",
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 12:21:39 +01:00
|
|
|
die();
|
|
|
|
}
|
2023-04-09 11:58:09 +01:00
|
|
|
|
2023-07-05 00:41:33 +01:00
|
|
|
// Check if the secret is the default one, and if so, tell the user to change it
|
2023-07-05 00:52:36 +01:00
|
|
|
if ($secret == $defaultSecretKey) {
|
2023-07-05 00:41:33 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'ERROR',
|
|
|
|
'url' => 'You need to set your upload secret in the configuration section of the upload.php file',
|
|
|
|
'timeTaken' => getTimeTaken()
|
|
|
|
));
|
|
|
|
die();
|
|
|
|
}
|
|
|
|
|
2023-04-09 12:21:39 +01:00
|
|
|
// Check if the file was uploaded
|
|
|
|
if (!isset($file)) {
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'ERROR',
|
2023-04-09 17:37:56 +01:00
|
|
|
'url' => 'No file was uploaded',
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 12:21:39 +01:00
|
|
|
die();
|
|
|
|
}
|
2023-04-09 11:58:09 +01:00
|
|
|
|
2023-04-09 16:51:05 +01:00
|
|
|
$target_file = preg_replace("/[^A-Za-z0-9_.]/", '', $_FILES["sharex"]["name"]); // Remove unwanted characters
|
2023-04-09 12:21:39 +01:00
|
|
|
$fileType = pathinfo($target_file, PATHINFO_EXTENSION); // File extension (e.g. png, jpg, etc.)
|
2023-04-09 11:58:09 +01:00
|
|
|
|
2023-04-09 12:21:39 +01:00
|
|
|
// Check if the file already exists
|
|
|
|
if (file_exists($uploadDir . $target_file)) {
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'ERROR',
|
2023-04-09 17:37:56 +01:00
|
|
|
'url' => 'File already exists',
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 12:21:39 +01:00
|
|
|
die();
|
|
|
|
}
|
2023-04-09 12:05:53 +01:00
|
|
|
|
2023-04-09 12:21:39 +01:00
|
|
|
$finalName = $target_file; // The final name of the file
|
|
|
|
if ($useRandomFileNames) { // Generate a random file name if enabled
|
|
|
|
$finalName = generateRandomString($fileNameLength) . "." . $fileType;
|
|
|
|
}
|
2023-04-09 12:17:17 +01:00
|
|
|
|
2023-04-12 03:09:53 +01:00
|
|
|
$needsToBeSaved = true; // Whether the file needs to be saved
|
2023-04-09 19:41:52 +01:00
|
|
|
|
2023-04-12 03:09:53 +01:00
|
|
|
if ($shouldConvertToWebp) { // Convert the image to webp if applicable
|
|
|
|
if (in_array($fileType, array("png", "jpeg", "jpg")) && $_FILES["sharex"]["size"] > $webpThreadhold) {
|
|
|
|
$image = imagecreatefromstring(file_get_contents($_FILES["sharex"]["tmp_name"]));
|
|
|
|
$webp_file = pathinfo($finalName, PATHINFO_FILENAME) . ".webp";
|
|
|
|
imagewebp($image, $webp_file, $webpQuality); // Convert the image and save it
|
|
|
|
imagedestroy($image); // Free up memory
|
|
|
|
$finalName = $webp_file;
|
|
|
|
$needsToBeSaved = false;
|
|
|
|
}
|
2023-04-09 12:21:39 +01:00
|
|
|
}
|
2023-04-09 11:58:09 +01:00
|
|
|
|
2023-04-12 03:09:53 +01:00
|
|
|
if ($needsToBeSaved) { // Save the file if it has not been saved yet
|
2023-04-09 12:21:39 +01:00
|
|
|
// Move the file to the uploads folder
|
2023-04-09 19:41:52 +01:00
|
|
|
$success = move_uploaded_file($_FILES["sharex"]["tmp_name"], $uploadDir . $finalName);
|
|
|
|
if (!$success) {
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
2023-04-09 19:41:52 +01:00
|
|
|
'status' => 'ERROR',
|
|
|
|
'url' => 'Failed to save file. Check the permissions of the upload directory.',
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 17:40:37 +01:00
|
|
|
die();
|
2023-04-09 12:21:39 +01:00
|
|
|
}
|
2023-04-09 12:17:17 +01:00
|
|
|
}
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'OK',
|
2023-04-09 17:40:37 +01:00
|
|
|
'url' => $finalName,
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 16:54:20 +01:00
|
|
|
die();
|
2023-04-09 12:22:39 +01:00
|
|
|
} catch (Exception $e) { // Handle any errors
|
2023-04-09 17:30:23 +01:00
|
|
|
returnJson(array(
|
|
|
|
'status' => 'ERROR',
|
2023-04-09 17:37:56 +01:00
|
|
|
'url' => $e->getMessage(),
|
2023-04-09 17:36:53 +01:00
|
|
|
'timeTaken' => getTimeTaken()
|
2023-04-09 17:30:23 +01:00
|
|
|
));
|
2023-04-09 12:17:17 +01:00
|
|
|
die();
|
2023-04-09 11:58:09 +01:00
|
|
|
}
|