We use cookies to ensure you get the best experience on our website
Halaman utama Jelajahi Bantuan
Daftar Masuk
0ct0pu5
/
XBackBone
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: db483bb53e
Ranting Tag
XBackBone
/
app
/
Controllers
/
UploadController.php

UploadController.php 6.6 KB
Riwayat Mentahan

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218 
  1. <?php
    2. 

  2. 

  3. namespace App\Controllers;
    4. 

  4. 

  5. use App\Database\Queries\UserQuery;
    6. 

  6. use App\Exceptions\ValidationException;
    7. 

  7. use Exception;
    8. 

  8. use Psr\Http\Message\ResponseInterface as Response;
    9. 

  9. use Psr\Http\Message\ServerRequestInterface as Request;
    10. 

  10. use Psr\Http\Message\UploadedFileInterface;
    11. 

  11. 

  12. class UploadController extends Controller
    13. 

  13. {
    14. 

  14.     private $json = [
    15. 

  15.         'message' => null,
    16. 

  16.         'version' => PLATFORM_VERSION,
    17. 

  17.     ];
    18. 

  18. 

  19.     /**
    20. 

  20.      * @param  Response  $response
    21. 

  21.      *
    22. 

  22.      * @return Response
    23. 

  23.      * @throws \Twig\Error\LoaderError
    24. 

  24.      * @throws \Twig\Error\RuntimeError
    25. 

  25.      * @throws \Twig\Error\SyntaxError
    26. 

  26.      */
    27. 

  27.     public function uploadWebPage(Response $response): Response
    28. 

  28.     {
    29. 

  29.         return view()->render($response, 'upload/web.twig');
    30. 

  30.     }
    31. 

  31. 

  32.     /**
    33. 

  33.      * @param  Request  $request
    34. 

  34.      * @param  Response  $response
    35. 

  35.      * @return Response
    36. 

  36.      * @throws Exception
    37. 

  37.      */
    38. 

  38.     public function uploadWeb(Request $request, Response $response): Response
    39. 

  39.     {
    40. 

  40.         if ($this->config['maintenance']) {
    41. 

  41.             $this->json['message'] = 'Endpoint under maintenance.';
    42. 

  42. 

  43.             return json($response, $this->json, 503);
    44. 

  44.         }
    45. 

  45. 

  46.         try {
    47. 

  47.             $file = $this->validateFile($request, $response);
    48. 

  48. 

  49.             $user = make(UserQuery::class)->get($request, $this->session->get('user_id'));
    50. 

  50. 

  51.             $this->validateUser($request, $response, $file, $user);
    52. 

  52.         } catch (ValidationException $e) {
    53. 

  53.             return $e->response();
    54. 

  54.         }
    55. 

  55. 

  56.         if (!$this->updateUserQuota($request, $user->id, $file->getSize())) {
    57. 

  57.             $this->json['message'] = 'User disk quota exceeded.';
    58. 

  58. 

  59.             return json($response, $this->json, 507);
    60. 

  60.         }
    61. 

  61. 

  62.         try {
    63. 

  63.             $response = $this->saveMedia($response, $file, $user);
    64. 

  64.             $this->setSessionQuotaInfo($user->current_disk_quota + $file->getSize(), $user->max_disk_quota);
    65. 

  65.         } catch (Exception $e) {
    66. 

  66.             $this->updateUserQuota($request, $user->id, $file->getSize(), true);
    67. 

  67.             throw $e;
    68. 

  68.         }
    69. 

  69. 

  70.         return $response;
    71. 

  71.     }
    72. 

  72. 

  73.     /**
    74. 

  74.      * @param  Request  $request
    75. 

  75.      * @param  Response  $response
    76. 

  76.      *
    77. 

  77.      * @return Response
    78. 

  78.      * @throws Exception
    79. 

  79.      */
    80. 

  80.     public function uploadEndpoint(Request $request, Response $response): Response
    81. 

  81.     {
    82. 

  82.         if ($this->config['maintenance']) {
    83. 

  83.             $this->json['message'] = 'Endpoint under maintenance.';
    84. 

  84. 

  85.             return json($response, $this->json, 503);
    86. 

  86.         }
    87. 

  87. 

  88.         try {
    89. 

  89.             $file = $this->validateFile($request, $response);
    90. 

  90.         } catch (ValidationException $e) {
    91. 

  91.             return $e->response();
    92. 

  92.         }
    93. 

  93. 

  94.         if (param($request, 'token') === null) {
    95. 

  95.             $this->json['message'] = 'Token not specified.';
    96. 

  96. 

  97.             return json($response, $this->json, 400);
    98. 

  98.         }
    99. 

  99. 

  100.         $user = $this->database->query('SELECT * FROM `users` WHERE `token` = ? LIMIT 1', param($request, 'token'))->fetch();
    101. 

  101. 

  102.         if (!$user) {
    103. 

  103.             $this->json['message'] = 'Token specified not found.';
    104. 

  104. 

  105.             return json($response, $this->json, 404);
    106. 

  106.         }
    107. 

  107. 

  108.         try {
    109. 

  109.             $this->validateUser($request, $response, $file, $user);
    110. 

  110.         } catch (ValidationException $e) {
    111. 

  111.             return $e->response();
    112. 

  112.         }
    113. 

  113. 

  114.         if (!$this->updateUserQuota($request, $user->id, $file->getSize())) {
    115. 

  115.             $this->json['message'] = 'User disk quota exceeded.';
    116. 

  116. 

  117.             return json($response, $this->json, 507);
    118. 

  118.         }
    119. 

  119. 

  120.         try {
    121. 

  121.             $response = $this->saveMedia($response, $file, $user);
    122. 

  122.         } catch (Exception $e) {
    123. 

  123.             $this->updateUserQuota($request, $user->id, $file->getSize(), true);
    124. 

  124.             throw $e;
    125. 

  125.         }
    126. 

  126.         return $response;
    127. 

  127.     }
    128. 

  128. 

  129.     /**
    130. 

  130.      * @param  Request  $request
    131. 

  131.      * @param  Response  $response
    132. 

  132.      * @return UploadedFileInterface
    133. 

  133.      * @throws ValidationException
    134. 

  134.      */
    135. 

  135.     protected function validateFile(Request $request, Response $response)
    136. 

  136.     {
    137. 

  137.         if ($request->getServerParams()['CONTENT_LENGTH'] > stringToBytes(ini_get('post_max_size'))) {
    138. 

  138.             $this->json['message'] = 'File too large (post_max_size too low?).';
    139. 

  139. 

  140.             throw new ValidationException(json($response, $this->json, 400));
    141. 

  141.         }
    142. 

  142. 

  143.         $file = array_values($request->getUploadedFiles());
    144. 

  144.         /** @var UploadedFileInterface|null $file */
    145. 

  145.         $file = $file[0] ?? null;
    146. 

  146. 

  147.         if ($file === null) {
    148. 

  148.             $this->json['message'] = 'Request without file attached.';
    149. 

  149. 

  150.             throw new ValidationException(json($response, $this->json, 400));
    151. 

  151.         }
    152. 

  152. 

  153.         if ($file->getError() === UPLOAD_ERR_INI_SIZE) {
    154. 

  154.             $this->json['message'] = 'File too large (upload_max_filesize too low?).';
    155. 

  155. 

  156.             throw new ValidationException(json($response, $this->json, 400));
    157. 

  157.         }
    158. 

  158. 

  159.         return $file;
    160. 

  160.     }
    161. 

  161. 

  162.     /**
    163. 

  163.      * @param  Request  $request
    164. 

  164.      * @param  Response  $response
    165. 

  165.      * @param  UploadedFileInterface  $file
    166. 

  166.      * @param $user
    167. 

  167.      * @return void
    168. 

  168.      * @throws ValidationException
    169. 

  169.      */
    170. 

  170.     protected function validateUser(Request $request, Response $response, UploadedFileInterface $file, $user)
    171. 

  171.     {
    172. 

  172.         if (!$user->active) {
    173. 

  173.             $this->json['message'] = 'Account disabled.';
    174. 

  174. 

  175.             throw new ValidationException(json($response, $this->json, 401));
    176. 

  176.         }
    177. 

  177.     }
    178. 

  178. 

  179. 

  180.     /**
    181. 

  181.      * @param  Response  $response
    182. 

  182.      * @param  UploadedFileInterface  $file
    183. 

  183.      * @param $user
    184. 

  184.      * @return Response
    185. 

  185.      * @throws \League\Flysystem\FileExistsException
    186. 

  186.      */
    187. 

  187.     protected function saveMedia(Response $response, UploadedFileInterface $file, $user)
    188. 

  188.     {
    189. 

  189.         do {
    190. 

  190.             $code = humanRandomString();
    191. 

  191.         } while ($this->database->query('SELECT COUNT(*) AS `count` FROM `uploads` WHERE `code` = ?', $code)->fetch()->count > 0);
    192. 

  192. 

  193.         $published = 1;
    194. 

  194.         if ($this->getSetting('hide_by_default') === 'on') {
    195. 

  195.             $published = 0;
    196. 

  196.         }
    197. 

  197. 

  198.         $fileInfo = pathinfo($file->getClientFilename());
    199. 

  199.         $storagePath = "$user->user_code/$code.$fileInfo[extension]";
    200. 

  200. 

  201.         $this->storage->writeStream($storagePath, $file->getStream()->detach());
    202. 

  202. 

  203.         $this->database->query('INSERT INTO `uploads`(`user_id`, `code`, `filename`, `storage_path`, `published`) VALUES (?, ?, ?, ?, ?)', [
    204. 

  204.             $user->id,
    205. 

  205.             $code,
    206. 

  206.             $file->getClientFilename(),
    207. 

  207.             $storagePath,
    208. 

  208.             $published,
    209. 

  209.         ]);
    210. 

  210. 

  211.         $this->json['message'] = 'OK';
    212. 

  212.         $this->json['url'] = urlFor("/{$user->user_code}/{$code}.{$fileInfo['extension']}");
    213. 

  213. 

  214.         $this->logger->info("User $user->username uploaded new media.", [$this->database->getPdo()->lastInsertId()]);
    215. 

  215. 

  216.         return json($response, $this->json, 201);
    217. 

  217.     }
    218. 

  218. }
    219.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5