|
|
@ -1,114 +1,116 @@
|
|
|
|
<?php
|
|
|
|
<?php
|
|
|
|
//Imeji Uploader Core Code -- Version 2.0 (revision 49) (Migrations Phase 1)
|
|
|
|
// Imeji Uploader Core Code -- Version 2.1 (revision 54) (Uploader Filename Randomizer Algorithm Update)
|
|
|
|
$imejicoreversion = "Icarus_Imeji_V2_Droploader_r49_S_p1";
|
|
|
|
//
|
|
|
|
|
|
|
|
// Core Variables. Don't change unless you know what you're doing.
|
|
|
|
|
|
|
|
$imejicoreversion = "Icarus_Imeji_V2.1_Droploader_r54";
|
|
|
|
$target_dir = "public/";
|
|
|
|
$target_dir = "public/";
|
|
|
|
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
|
|
|
|
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
|
|
|
|
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
|
|
|
|
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
|
|
|
|
$uploadOk = 1;
|
|
|
|
$uploadOk = 1;
|
|
|
|
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
|
|
|
|
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
|
|
|
|
// Check if image file is a actual image or fake image
|
|
|
|
// Check if uploaded image file is a actual image or fake image with masked extension.
|
|
|
|
if(isset($_POST["submit"])) {
|
|
|
|
if(isset($_POST["submit"])) {
|
|
|
|
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
|
|
|
|
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
|
|
|
|
if($check !== false) {
|
|
|
|
if($check !== false) {
|
|
|
|
//echo "File is an image - " . $check["mime"] . ".";
|
|
|
|
|
|
|
|
$uploadOk = 1;
|
|
|
|
$uploadOk = 1;
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
//echo "File is not an image.";
|
|
|
|
|
|
|
|
$uploadOk = 0;
|
|
|
|
$uploadOk = 0;
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Check if file already exists
|
|
|
|
// Check whether a file with the same name already exists on server or not for security reasons.
|
|
|
|
if (file_exists($target_file)) {
|
|
|
|
if (file_exists($target_file)) {
|
|
|
|
//echo "Sorry, file already exists.";
|
|
|
|
|
|
|
|
$uploadOk = 0;
|
|
|
|
$uploadOk = 0;
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Check file size (Currently Max 6MB)
|
|
|
|
// Check file size. (Imeji Standard Max is 6MB)
|
|
|
|
if ($_FILES["fileToUpload"]["size"] > 6291456) {
|
|
|
|
if ($_FILES["fileToUpload"]["size"] > 6291456) {
|
|
|
|
//echo "Sorry, your file is too large. (Max is 6MB)";
|
|
|
|
|
|
|
|
$uploadOk = 0;
|
|
|
|
$uploadOk = 0;
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Allow certain file formats
|
|
|
|
// Allow only certain file formats.
|
|
|
|
// Fixed uppercase rejection bug in 1.1a
|
|
|
|
// 1.1a -- Fixed uppercase rejection bug and allows them.
|
|
|
|
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
|
|
|
|
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
|
|
|
|
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
|
|
|
|
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
|
|
|
|
&& $imageFileType != "gif" && $imageFileType != "svg"
|
|
|
|
&& $imageFileType != "gif" && $imageFileType != "svg"
|
|
|
|
&& $imageFileType != "GIF" && $imageFileType != "SVG" ) {
|
|
|
|
&& $imageFileType != "GIF" && $imageFileType != "SVG" ) {
|
|
|
|
//echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
|
|
|
|
|
|
|
|
$uploadOk = 0;
|
|
|
|
$uploadOk = 0;
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Check if $uploadOk is set to 0 by an error
|
|
|
|
// Check if $uploadOk is set to 0 by an error, if so go to failure condition.
|
|
|
|
if ($uploadOk == 0) {
|
|
|
|
if ($uploadOk == 0) {
|
|
|
|
//echo "Sorry, your file could not be uploaded.";
|
|
|
|
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
// if everything is ok, try to upload file
|
|
|
|
// If everything is ok, try to upload file.
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
// 1.2a -- Changed some case-confusing characters such as I and O to web safe symbols.
|
|
|
|
// 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
|
|
|
|
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!$+*';
|
|
|
|
// 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
|
|
|
|
$random_string_length = 12;
|
|
|
|
// 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
|
|
|
|
|
|
|
|
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
|
|
|
|
|
|
|
|
$random_string_length = 11;
|
|
|
|
$randomFilename = '';
|
|
|
|
$randomFilename = '';
|
|
|
|
for ($i = 0; $i < $random_string_length; $i++) {
|
|
|
|
for ($i = 0; $i < $random_string_length; $i++) {
|
|
|
|
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
|
|
|
|
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
|
|
|
|
// Day-base identifiers (Implemented in v1.3_0)
|
|
|
|
//$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
|
|
|
|
if (date('D') == 'Sun') {
|
|
|
|
$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
|
|
|
|
$dayId = 'Q';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Mon') {
|
|
|
|
|
|
|
|
$dayId = 'a';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Tue') {
|
|
|
|
|
|
|
|
$dayId = 'z';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Wed') {
|
|
|
|
|
|
|
|
$dayId = '2';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Thu') {
|
|
|
|
|
|
|
|
$dayId = 'W';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Fri') {
|
|
|
|
|
|
|
|
$dayId = 's';
|
|
|
|
|
|
|
|
} else if (date('D') == 'Sat') {
|
|
|
|
|
|
|
|
$dayId = 'x';
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$dayId = '0';
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
// Hour-base identifiers (Implemented in v1.3_0 / Changed in v1.3_2)
|
|
|
|
|
|
|
|
if ((date('H') >= '00') && (date('H') <= '03')) {
|
|
|
|
|
|
|
|
$hourId = '3';
|
|
|
|
|
|
|
|
} else if ((date('H') >= '04') && (date('H') <= '07')) {
|
|
|
|
|
|
|
|
$hourId = 'E';
|
|
|
|
|
|
|
|
} else if ((date('H') >= '08') && (date('H') <= '11')) {
|
|
|
|
|
|
|
|
$hourId = 'd';
|
|
|
|
|
|
|
|
} else if ((date('H') >= '12') && (date('H') <= '15')) {
|
|
|
|
|
|
|
|
$hourId = '4';
|
|
|
|
|
|
|
|
} else if ((date('H') >= '16') && (date('H') <= '19')) {
|
|
|
|
|
|
|
|
$hourId = 'R';
|
|
|
|
|
|
|
|
} else if ((date('H') >= '20') && (date('H') <= '23')) {
|
|
|
|
|
|
|
|
$hourId = 'f';
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
$hourId = 'z';
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
// Finalize file upload and return output to user.
|
|
|
|
|
|
|
|
// Old line: $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v1.3, kept for instaneous rollback safety.
|
|
|
|
|
|
|
|
$newfilename = $dayId . $hourId . $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
|
|
|
|
$newtarget = $target_dir . $newfilename;
|
|
|
|
$newtarget = $target_dir . $newfilename;
|
|
|
|
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
|
|
|
|
|
|
|
|
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
|
|
|
|
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
|
|
|
|
chmod("$newtarget", 0775); // Set read and write permissions if file
|
|
|
|
chmod("$newtarget", 0775); // Set read and write permissions on file
|
|
|
|
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
|
|
|
|
|
|
|
|
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
|
|
|
|
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
|
|
|
|
//$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
|
|
|
|
|
|
|
|
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
|
|
|
|
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
|
|
|
|
//$respondingcode = http_response_code();
|
|
|
|
|
|
|
|
//return $respondingcode;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
//$droploaddata = header('Location: https://i.zxicar.us/' . $newfilename);
|
|
|
|
|
|
|
|
//$droploaddata = '{ "Location": "https://i.zxicar.us/' . $newfilename . '" }';
|
|
|
|
|
|
|
|
//header('Content-type: application/json');
|
|
|
|
|
|
|
|
//echo $droploaddata;
|
|
|
|
|
|
|
|
//return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
header('Content-type: application/json');
|
|
|
|
header('Content-type: application/json');
|
|
|
|
echo json_encode([
|
|
|
|
echo json_encode([
|
|
|
|
"location" => "https://i.yandols.xyz/{$newfilename}"
|
|
|
|
"location" => "https://i.yandols.xyz/{$newfilename}"
|
|
|
|
]);
|
|
|
|
]);
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
//header('Location: https://i.zxicar.us/' . $newfilename);
|
|
|
|
|
|
|
|
//return;
|
|
|
|
|
|
|
|
//header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
|
|
|
|
|
|
|
|
//header('Location: ../imeji/' . $newtarget); --changed as of v0.7
|
|
|
|
|
|
|
|
//header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
|
|
|
|
|
|
|
|
} else {
|
|
|
|
} else {
|
|
|
|
//echo "Sorry, there was a problem uploading your file.";
|
|
|
|
|
|
|
|
//header('Location: ./failed.php');
|
|
|
|
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
header('HTTP/1.1 400 Bad Request', true, 400);
|
|
|
|
http_response_code(400);
|
|
|
|
http_response_code(400);
|
|
|
|
//echo 400;
|
|
|
|
|
|
|
|
return;
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|