Etusivu Tutki Apua
Kirjaudu sisään
biheng
/
uppy
1
0
Fork 0
Tiedostot Ongelmat 0 Pull-pyynnöt 0 Wiki
Selaa lähdekoodia

examples/php-xhr: Added filename sanitation and file size check before saving (#4432)

neuronet77 1 vuosi sitten
vanhempi
2b855ce1a7
commit
81ba34cac2
1 muutettua tiedostoa jossa 29 lisäystä ja 3 poistoa
Jaettu näkymä Näytä diff tilastot
  1. 29 3
      examples/php-xhr/server.php

+ 29 - 3
examples/php-xhr/server.php
Näytä tiedosto 

@@ -3,6 +3,9 @@ ini_set('display_errors', 1);
 
 ini_set('display_startup_errors', 1);
 
 error_reporting(E_ALL);
 
 
+// Get the maximum upload file size
 
+$max_size = ini_get('upload_max_filesize');
 
+
 
 if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
 
     if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
 
         header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT');
 
@@ -18,14 +21,31 @@ if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
 
     exit(0);
 
 }
 
 
-if ($_POST && !empty($_FILES["file"])) {
 
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_FILES["file"])) {
 
     $target_dir = __DIR__ . DIRECTORY_SEPARATOR . 'uploads';
 
-    $target_file = $target_dir . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);
 
+    $file_name = basename($_FILES['file']['name']);
 
+    $file_size = $_FILES['file']['size'];
 
+    $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;
 
+
 
+    // Validate file size
 
+    if ($file_size > $max_size) {
 
+        header('Access-Control-Allow-Origin: *');
 
+        header('Content-type: application/json');
 
+        $data = ['message' => 'File size exceeds the maximum allowed size of ' . $max_size . '.'];
 
+        http_response_code(400);
 
+        echo json_encode($data);
 
+        exit;
 
+    }
 
+
 
+    // Sanitize file name to prevent directory traversal attacks
 
+    $file_name = preg_replace('/[^a-zA-Z0-9._-]/', '', $file_name);
 
+    $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;
 
+
 
     try {
 
         if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
 
             header('Access-Control-Allow-Origin: *');
 
             header('Content-type: application/json');
 
-            $data = ['url' => $target_file, 'message' => 'The file ' . basename($_FILES['file']['name']) . ' has been uploaded.'];
 
+            $data = ['url' => $target_file, 'message' => 'The file ' . $file_name . ' has been uploaded.'];
 
             http_response_code(201);
 
             echo json_encode($data);
 
         } else {
 
@@ -39,4 +59,10 @@ if ($_POST && !empty($_FILES["file"])) {
 
         http_response_code(400);
 
         echo json_encode($data);
 
     }
 
+} else {
 
+    header('Access-Control-Allow-Origin: *');
 
+    header('Content-type: application/json');
 
+    $data = ['message' => 'Please upload a file.'];
 
+    http_response_code(400);
 
+    echo json_encode($data);
 
 }