File: /var/www/html/uploadElements.php
<?php
include("includes/limittext.php");
include('Connections/videoondemand.php');
require("DbSql2.inc.php");
require("NewsSql2.inc.php");
$db = new NewsSQL();
//////////////
// Settings //
//////////////
// Content type
/**
* Main directory for uploaded files
*/
define('UPLOAD_FOLDER', 'v/uploads/gthumbs/');
/**
* File input's name
*/
define('INPUT_NAME', 'file');
/**
* Accepted extensions
*/
define('ACCEPT', 'jpg,jpeg,png,gif');
/**
* Uploaded file's mode
*/
define('FILE_MODE', 0775);
/**
* Created directories' mod
*/
define('DIR_MODE', 0775);
/**
* Allow creating nested directories
*/
define('MKDIR_RECURSIVE', 1);
/**
* Exception handler for throws
*/
function exception_handler($exception) {
header('HTTP/1.0 500 Internal Server Error');
echo json_encode(array(
'error' => true,
'message' => $e->getMessage()
));
}
set_exception_handler('exception_handler');
////////////
// Errors //
////////////
$errors = array(
'empty_input' => 'File not received.',
'permission_denied' => 'Unable to move file, check permissions.',
'invalid_file_type' => 'Invalid file type (Accepted types: '. ACCEPT .').',
UPLOAD_ERR_INI_SIZE => 'The uploaded file exceeds the upload_max_filesize '.
'directive in php.ini.',
UPLOAD_ERR_FORM_SIZE => 'The uploaded file exceeds the MAX_FILE_SIZE directive '.
'that was specified in the HTML form.',
UPLOAD_ERR_PARTIAL => 'The uploaded file was only partially uploaded.',
UPLOAD_ERR_NO_FILE => 'No file was uploaded.',
UPLOAD_ERR_NO_TMP_DIR => 'Missing a temporary folder.',
UPLOAD_ERR_CANT_WRITE => 'Failed to write file to disk.',
UPLOAD_ERR_EXTENSION => 'A PHP extension stopped the file upload. PHP does not '.
'provide a way to as certain which extension caused the '.
'file upload to stop. Examining the list of loaded '.
'extensions with phpinfo() may help.'
);
///////////////
// Execution //
///////////////
// File
$file = ! empty($_FILES[INPUT_NAME])
? $_FILES[INPUT_NAME]
: null;
// Check file
if (is_null($file)) {
throw new Exception($errors['empty_input']);
}
// Check errors
if ($file['error'] !== UPLOAD_ERR_OK) {
throw new Exception( $errors[ $file['error'] ] );
}
// Folder name for this upload
$folder = ! empty($_POST['folder'])
? $_POST['folder'] . DIRECTORY_SEPARATOR
: '';
// Root directory name
$dir = UPLOAD_FOLDER . $folder;
// File parameters
$info = pathinfo($file['name']);
$ext = $info['extension'] ? '.' . $info['extension'] : '';
$name = $info['filename'];
// Check file types
if ( ACCEPT AND ! in_array($info['extension'], explode(',', ACCEPT)) ) {
throw new Exception($errors['invalid_file_type']);
}
// Mkdir if dir does not exists
if ( ! file_exists($dir) ) {
$old_umask = umask(0);
$result = @mkdir($dir, DIR_MODE, !!MKDIR_RECURSIVE);
umask($old_umask);
if ( ! $result ) {
throw new Exception($errors['permission_denied']);
}
}
// Find a unique file name
$i = 1;
$tmp = $name . '-' . $date = md5(date('D, d M Y H:i:s'));
while (file_exists($dir . $tmp . $ext)) {
$tmp = $name . '-' . $date = md5(date('D, d M Y H:i:s')).$i;
$i++;
}
$filename = $dir . $tmp . $ext;
// Move the file
$result = @move_uploaded_file($file['tmp_name'], $filename);
header('Content-Type: application/json');
if ( ! $result ) {
throw new Exception($errors['permission_denied']);
}
$catalogid = $_GET["catalogid"];
$themeid = $_GET["themeid"];
$type = $_GET["type"];
$themeid = $db->base64url_decode($themeid);
$addfile = $db->addGraphicLayer($catalogid ,$themeid,$filename,$siteaddress2);
$old_umask = umask(0);
chmod($filename, FILE_MODE);
umask($old_umask);
/* $catalogid = $_GET["catalogid"];
$themeid = $_GET["themeid"];
$themeid = $db->base64url_decode($themeid);
$addfile = $db->updateLayer($catalogid,$filename,$themeid); */
// Response
echo json_encode(array(
'file' => $siteaddress3.$filename,
'name' => $tmp . $ext,
'ext' => $ext,
'message' => 'File saved',
'error' => false
));