2018-09-17 11:25:56 +02:00
|
|
|
<?php
|
2018-07-31 15:58:23 +02:00
|
|
|
|
|
|
|
|
class Uploader
|
|
|
|
|
{
|
|
|
|
|
public function handle($files, $dir)
|
|
|
|
|
{
|
|
|
|
|
if (is_array($files['upfile']['error'])) {
|
2017-03-07 09:38:47 +01:00
|
|
|
throw new RuntimeException('Invalid parameters.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch ($files['upfile']['error']) {
|
|
|
|
|
case UPLOAD_ERR_OK:
|
|
|
|
|
break;
|
|
|
|
|
case UPLOAD_ERR_NO_FILE:
|
|
|
|
|
throw new RuntimeException('No file sent.');
|
|
|
|
|
case UPLOAD_ERR_INI_SIZE:
|
|
|
|
|
throw new RuntimeException('Exceeded INI filesize limit.');
|
|
|
|
|
case UPLOAD_ERR_FORM_SIZE:
|
|
|
|
|
throw new RuntimeException('Exceeded form filesize limit.');
|
|
|
|
|
default:
|
|
|
|
|
throw new RuntimeException('Unknown errors.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$finfo = new finfo(FILEINFO_MIME_TYPE);
|
|
|
|
|
if (false === $ext = array_search(
|
2018-07-31 15:58:23 +02:00
|
|
|
$finfo->file($files['upfile']['tmp_name']),
|
|
|
|
|
array(
|
|
|
|
|
'pdf' => 'application/pdf',
|
|
|
|
|
'zip' => 'application/zip',
|
|
|
|
|
'rar' => 'application/rar'
|
|
|
|
|
),
|
|
|
|
|
true
|
|
|
|
|
)) {
|
2017-03-07 09:38:47 +01:00
|
|
|
throw new RuntimeException('Invalid file format.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$name = basename($files['upfile']['name']);
|
2018-07-31 15:58:23 +02:00
|
|
|
$name = preg_replace('/[^\x20-\x7E]/', '', $name);
|
|
|
|
|
if ($name != ".htaccess") {
|
2017-03-07 09:38:47 +01:00
|
|
|
if (!move_uploaded_file(
|
|
|
|
|
$files['upfile']['tmp_name'],
|
|
|
|
|
$dir . $name)) {
|
|
|
|
|
throw new RuntimeException('Failed to move uploaded file.');
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
throw new RuntimeException('Invalid filename.');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $name;
|
|
|
|
|
}
|
|
|
|
|
}
|
2018-07-31 15:58:23 +02:00
|
|
|
|
2017-03-07 09:38:47 +01:00
|
|
|
?>
|
