���� JFIF �� � ( %"1"%)+...383,7(-.-
![]() Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkeweb2/code/admin/tinymce_upload/ |
<?php if (isset($_FILES['file'])) { $file = $_FILES['file']; $webPath = isSecureImageUpload($file); echo json_encode(['location' => $webPath]); } else { http_response_code(400); echo json_encode(['error' => 'No file uploaded.']); } function isSecureImageUpload($file) { // 1. Check for upload errors if ($file['error'] !== UPLOAD_ERR_OK) { return false; // Upload failed } // 2. Check file size (adjust as needed) $maxFileSize = 2 * 1024 * 1024; // 2MB if ($file['size'] > $maxFileSize) { return false; // File too large } // 3. Check MIME type (using both file info and getimagesize) $allowedMimeTypes = ['image/jpeg', 'image/png', 'image/gif', 'image/webp']; $fileInfo = finfo_open(FILEINFO_MIME_TYPE); $mimeType = finfo_file($fileInfo, $file['tmp_name']); finfo_close($fileInfo); if (!in_array($mimeType, $allowedMimeTypes)) { return false; // Invalid MIME type } // 4. Double-check image dimensions/type using getimagesize $imageInfo = @getimagesize($file['tmp_name']); // Suppress warnings with @ if ($imageInfo === false || !in_array($imageInfo['mime'], $allowedMimeTypes)) { return false; // Not a valid image or incorrect type } // 5. Generate a secure, unique filename $extension = pathinfo($file['name'], PATHINFO_EXTENSION); $safeFilename = uniqid('img_', true) . '.' . strtolower($extension); // 6. Define the target directory (ensure it exists and is writable) $foler = 'upload/editor/'.date('Y').'/'.date('m'); if(!is_dir($foler)) { mkdir($foler, 0755, true); } $targetDirectory = $foler.'/'; // Change this! // 7. Prevent directory traversal attacks $targetPath = $targetDirectory . basename($safeFilename); // 8. Move the uploaded file if (!move_uploaded_file($file['tmp_name'], $targetPath)) { return false; // Failed to move file } // 9. Return the safe filename or full path return $targetPath; // or $targetPath, as needed } ?>