From 52a29aefa3c0b8c8042638cadc86c4362c5b4f8b Mon Sep 17 00:00:00 2001 From: kj_sh604 Date: Mon, 16 Mar 2026 13:53:01 -0400 Subject: refactor: src/upload.php --- src/upload.php | 66 ---------------------------------------------------------- 1 file changed, 66 deletions(-) delete mode 100644 src/upload.php (limited to 'src/upload.php') diff --git a/src/upload.php b/src/upload.php deleted file mode 100644 index 62db139..0000000 --- a/src/upload.php +++ /dev/null @@ -1,66 +0,0 @@ - 'Method not allowed']); - exit; -} - -if (!isset($_FILES['image']) || $_FILES['image']['error'] !== UPLOAD_ERR_OK) { - $code = $_FILES['image']['error'] ?? 'unknown'; - http_response_code(400); - echo json_encode(['error' => "Upload failed (code: $code)"]); - exit; -} - -$file = $_FILES['image']; -$allowed = [ - 'image/png', 'image/jpeg', 'image/gif', - 'image/webp', 'image/svg+xml', 'image/bmp', -]; - -$finfo = finfo_open(FILEINFO_MIME_TYPE); -$mime = finfo_file($finfo, $file['tmp_name']); -finfo_close($finfo); - -if (!in_array($mime, $allowed, true)) { - http_response_code(400); - echo json_encode(['error' => "Invalid file type: $mime"]); - exit; -} - -$ext = match ($mime) { - 'image/png' => 'png', - 'image/jpeg' => 'jpg', - 'image/gif' => 'gif', - 'image/webp' => 'webp', - 'image/svg+xml' => 'svg', - 'image/bmp' => 'bmp', - default => 'bin', -}; - -/* generate safe filename */ -$basename = pathinfo($file['name'], PATHINFO_FILENAME); -$basename = preg_replace('/[^a-zA-Z0-9_-]/', '_', $basename); -$basename = substr($basename, 0, 64); -$filename = $basename . '_' . bin2hex(random_bytes(4)) . '.' . $ext; - -$uploadDir = __DIR__ . '/uploads'; -if (!is_dir($uploadDir)) { - mkdir($uploadDir, 0755, true); -} - -$dest = $uploadDir . '/' . $filename; -if (!move_uploaded_file($file['tmp_name'], $dest)) { - http_response_code(500); - echo json_encode(['error' => 'Failed to save file']); - exit; -} - -echo json_encode([ - 'filename' => $filename, - 'url' => 'uploads/' . $filename, -]); -- cgit v1.2.3