IcarusImeji-Caddy/upload.php

<?php
//Imeji Uploader Core Code -- Version 1.3 (Uploader Filename Randomizer Algorithm Update)
$imejicoreversion = "imeji_v1.3_0";
$target_dir = "public/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
        header('Location: ./failed.php');
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
    header('Location: ./failed.php');
}
// Check file size (Currently Max 6MB)
if ($_FILES["fileToUpload"]["size"] > 6291456) {
    echo "Sorry, your file is too large. (Max is 6MB)";
    $uploadOk = 0;
    header('Location: ./failed.php');
}
// Allow certain file formats
// Fixed uppercase rejection bug in 1.1a
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
&& $imageFileType != "gif" && $imageFileType != "svg"
&& $imageFileType != "GIF" && $imageFileType != "SVG" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
    header('Location: ./failed.php');
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file could not be uploaded.";
    header('Location: ./failed.php');
// if everything is ok, try to upload file
} else {
    // 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
    // 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
    // 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
    $characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
    $random_string_length = 10;
    $randomFilename = '';
    for ($i = 0; $i < $random_string_length; $i++) {
      $randomFilename .= $characters[rand(0, strlen($characters) - 1)];
    }
    // Day-base identifiers (Implemented in v1.3_0)
    if (date('D') == 'Sun') {
        $dayId = 'Q';
    } else if (date('D') == 'Mon') {
        $dayId = 'a';
    } else if (date('D') == 'Tue') {
        $dayId = 'z';
    } else if (date('D') == 'Wed') {
        $dayId = '2';
    } else if (date('D') == 'Thu') {
        $dayId = 'W';
    } else if (date('D') == 'Fri') {
        $dayId = 's';
    } else if (date('D') == 'Sat') {
        $dayId = 'x';
    } else {
        $dayId = '0';
    }
    // Hour-base identifiers (Implemented in v1.3_0)
    if ((date('H') >= '00') && (date('H') <= '05')) {
        $hourId = '3';
    } else if ((date('H') >= '06') && (date('H') <= '11')) {
        $hourId = 'E';
    } else if ((date('H') >= '12') && (date('H') <= '17')) {
        $hourId = 'd';
    } else if ((date('H') >= '18') && (date('H') <= '23')) {
        $hourId = 'C';
    } else {
        $hourId = 'z';
    }
    //$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
    //$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
    //$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
    $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
    $newtarget = $target_dir . $newfilename;
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
        chmod("$newtarget", 0775); // Set read and write permissions if file
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
        $uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
        //$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
        file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
        header('Location: https://i.yandols.xyz/' . $newfilename);
        //header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
        //header('Location: ../imeji/' . $newtarget); --changed as of v0.7
        //header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
    } else {
        echo "Sorry, there was a problem uploading your file.";
        header('Location: ./failed.php');
    }
}
?>