Many improvements to the server #4
41
upload.php
41
upload.php
@ -3,6 +3,7 @@
|
|||||||
/**
|
/**
|
||||||
* DO NOT TOUCH!!!!!!!!
|
* DO NOT TOUCH!!!!!!!!
|
||||||
*/
|
*/
|
||||||
|
$SCRIPT_VERSION = "0.1.0"; // The version of the script
|
||||||
$before = microtime(true); // Start time of the script
|
$before = microtime(true); // Start time of the script
|
||||||
$defaultSecretKey = "set me"; // The default secret key
|
$defaultSecretKey = "set me"; // The default secret key
|
||||||
header('Content-type:application/json;charset=utf-8'); // Set the response content type to JSON
|
header('Content-type:application/json;charset=utf-8'); // Set the response content type to JSON
|
||||||
@ -80,19 +81,38 @@ function returnJson($data): void
|
|||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Log to nginx
|
||||||
|
*/
|
||||||
|
function logToNginx($message): void
|
||||||
|
{
|
||||||
|
error_log($message);
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$secret = $_POST['secret']; // The secret key
|
$secret = $_POST['secret']; // The secret key
|
||||||
$file = $_FILES['sharex']; // The uploaded file
|
$file = $_FILES['sharex']; // The uploaded file
|
||||||
|
|
||||||
|
// Page to show if someone visits the upload page
|
||||||
|
if (!$secret && !$file) {
|
||||||
|
returnJson(array(
|
||||||
|
'status' => 'OK',
|
||||||
|
'url' => 'Welcome to the ShareX PHP Uploader! v' . $SCRIPT_VERSION,
|
||||||
|
// Remove this if you don't want to show the support URL
|
||||||
|
'support' => "For support, visit - https://git.fascinated.cc/Fascinated/sharex-php-uploader",
|
||||||
|
'timeTaken' => getTimeTaken()
|
||||||
|
));
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
// Check if the token is valid
|
// Check if the token is valid
|
||||||
if (!checkSecret($secret)) {
|
if (!checkSecret($secret)) {
|
||||||
returnJson(array(
|
returnJson(array(
|
||||||
'status' => 'ERROR',
|
'status' => 'ERROR',
|
||||||
'url' => 'Invalid or missing upload secret',
|
'url' => 'Invalid or missing upload secret',
|
||||||
// Remove this if you don't want to show the support URL
|
|
||||||
'support' => "For support, visit - https://git.fascinated.cc/Fascinated/sharex-php-uploader",
|
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted with an invalid secret key: " . $secret);
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -103,6 +123,7 @@ try {
|
|||||||
'url' => 'You need to set your upload secret in the configuration section of the upload.php file',
|
'url' => 'You need to set your upload secret in the configuration section of the upload.php file',
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted with the default secret key");
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -113,23 +134,26 @@ try {
|
|||||||
'url' => 'No file was uploaded',
|
'url' => 'No file was uploaded',
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted without providing a file");
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
$target_file = preg_replace("/[^A-Za-z0-9_.]/", '', $_FILES["sharex"]["name"]); // Remove unwanted characters
|
$originalFileName = preg_replace("/[^A-Za-z0-9_.]/", '', $_FILES["sharex"]["name"]); // Remove unwanted characters
|
||||||
$fileType = pathinfo($target_file, PATHINFO_EXTENSION); // File extension (e.g. png, jpg, etc.)
|
$fileType = pathinfo($originalFileName, PATHINFO_EXTENSION); // File extension (e.g. png, jpg, etc.)
|
||||||
|
$fileSize = $_FILES["sharex"]["size"]; // File size in bytes
|
||||||
|
|
||||||
// Check if the file already exists
|
// Check if the file already exists
|
||||||
if (file_exists($uploadDir . $target_file)) {
|
if (file_exists($uploadDir . $originalFileName)) {
|
||||||
returnJson(array(
|
returnJson(array(
|
||||||
'status' => 'ERROR',
|
'status' => 'ERROR',
|
||||||
'url' => 'File already exists',
|
'url' => 'File already exists',
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted with a file that already exists: " . $originalFileName);
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
$finalName = $target_file; // The final name of the file
|
$finalName = $originalFileName; // The final name of the file
|
||||||
if ($useRandomFileNames) { // Generate a random file name if enabled
|
if ($useRandomFileNames) { // Generate a random file name if enabled
|
||||||
$finalName = generateRandomString($fileNameLength) . "." . $fileType;
|
$finalName = generateRandomString($fileNameLength) . "." . $fileType;
|
||||||
}
|
}
|
||||||
@ -155,6 +179,8 @@ try {
|
|||||||
$image->clear();
|
$image->clear();
|
||||||
$image->destroy();
|
$image->destroy();
|
||||||
|
|
||||||
|
$fileSize = filesize($webp_file); // Update the file size
|
||||||
|
|
||||||
// Update the final filename
|
// Update the final filename
|
||||||
$finalName = $webp_file;
|
$finalName = $webp_file;
|
||||||
$needsToBeSaved = false;
|
$needsToBeSaved = false;
|
||||||
@ -169,6 +195,7 @@ try {
|
|||||||
'url' => 'Failed to save file. Check the permissions of the upload directory.',
|
'url' => 'Failed to save file. Check the permissions of the upload directory.',
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted but the file could not be saved: " . $finalName);
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -177,6 +204,7 @@ try {
|
|||||||
'url' => $finalName,
|
'url' => $finalName,
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was successful. original id: $originalFileName, final id: $finalName, size: $fileSize");
|
||||||
die();
|
die();
|
||||||
} catch (Exception $e) { // Handle any errors
|
} catch (Exception $e) { // Handle any errors
|
||||||
returnJson(array(
|
returnJson(array(
|
||||||
@ -184,5 +212,6 @@ try {
|
|||||||
'url' => $e->getMessage(),
|
'url' => $e->getMessage(),
|
||||||
'timeTaken' => getTimeTaken()
|
'timeTaken' => getTimeTaken()
|
||||||
));
|
));
|
||||||
|
logToNginx("An upload was attempted but an error occurred: " . $e->getMessage());
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user