Home Explore Help
Sign In
biheng
/
uppy
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
uppy
/
examples
/
php-xhr
/
server.php

server.php 2.6 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. <?php
    2. 

  2. ini_set('display_errors', 1);
    3. 

  3. ini_set('display_startup_errors', 1);
    4. 

  4. error_reporting(E_ALL);
    5. 

  5. 

  6. // Get the maximum upload file size
    7. 

  7. $max_size = ini_get('upload_max_filesize');
    8. 

  8. 

  9. if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    10. 

  10.     if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
    11. 

  11.         header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT');
    12. 

  12.     }
    13. 

  13.     //Make sure you remove those you do not want to support
    14. 

  14.     header('Access-Control-Allow-Origin: *');
    15. 

  15. 

  16.     if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
    17. 

  17.         header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
    18. 

  18.     }
    19. 

  19. 

  20.     //Just exit with 200 OK with the above headers for OPTIONS method
    21. 

  21.     exit(0);
    22. 

  22. }
    23. 

  23. 

  24. if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_FILES["file"])) {
    25. 

  25.     $target_dir = __DIR__ . DIRECTORY_SEPARATOR . 'uploads';
    26. 

  26.     $file_name = basename($_FILES['file']['name']);
    27. 

  27.     $file_size = $_FILES['file']['size'];
    28. 

  28.     $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;
    29. 

  29. 

  30.     // Validate file size
    31. 

  31.     if ($file_size > $max_size) {
    32. 

  32.         header('Access-Control-Allow-Origin: *');
    33. 

  33.         header('Content-type: application/json');
    34. 

  34.         $data = ['message' => 'File size exceeds the maximum allowed size of ' . $max_size . '.'];
    35. 

  35.         http_response_code(400);
    36. 

  36.         echo json_encode($data);
    37. 

  37.         exit;
    38. 

  38.     }
    39. 

  39. 

  40.     // Sanitize file name to prevent directory traversal attacks
    41. 

  41.     $file_name = preg_replace('/[^a-zA-Z0-9._-]/', '', $file_name);
    42. 

  42.     $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;
    43. 

  43. 

  44.     try {
    45. 

  45.         if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
    46. 

  46.             header('Access-Control-Allow-Origin: *');
    47. 

  47.             header('Content-type: application/json');
    48. 

  48.             $data = ['url' => $target_file, 'message' => 'The file ' . $file_name . ' has been uploaded.'];
    49. 

  49.             http_response_code(201);
    50. 

  50.             echo json_encode($data);
    51. 

  51.         } else {
    52. 

  52.             throw new Exception('Unable to move the uploaded file to its final location:' . $target_file);
    53. 

  53.         }
    54. 

  54. 

  55.     } catch (\Throwable $th) {
    56. 

  56.         header('Access-Control-Allow-Origin: *');
    57. 

  57.         header('Content-type: application/json');
    58. 

  58.         $data = ['message' => 'Sorry, there was an error uploading your file.', 'error' => $th->getMessage()];
    59. 

  59.         http_response_code(400);
    60. 

  60.         echo json_encode($data);
    61. 

  61.     }
    62. 

  62. } else {
    63. 

  63.     header('Access-Control-Allow-Origin: *');
    64. 

  64.     header('Content-type: application/json');
    65. 

  65.     $data = ['message' => 'Please upload a file.'];
    66. 

  66.     http_response_code(400);
    67. 

  67.     echo json_encode($data);
    68. 

  68. }
    69.