2021-10-27 13:36:58 +00:00
|
|
|
|
<?php
|
2022-04-29 08:47:23 +00:00
|
|
|
|
|
|
|
|
|
|
namespace Verot\Upload;
|
|
|
|
|
|
|
2023-03-08 18:42:50 +00:00
|
|
|
|
require_once __DIR__ . '/../app/function.php';
|
|
|
|
|
|
require_once APP_ROOT . '/app/class.upload.php';
|
2021-10-27 13:36:58 +00:00
|
|
|
|
require_once APP_ROOT . '/config/api_key.php';
|
|
|
|
|
|
|
2023-03-04 09:06:56 +00:00
|
|
|
|
// 允许跨域 https://stackoverflow.com/questions/8719276/cross-origin-request-headerscors-with-php-headers
|
|
|
|
|
|
header("Access-Control-Max-Age: 3600");
|
|
|
|
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
|
|
header("Access-Control-Allow-Credentials: true");
|
|
|
|
|
|
header("Access-Control-Allow-Methods: PUT, POST, GET, OPTIONS, DELETE");
|
|
|
|
|
|
header("Access-Control-Allow-Headers: X-Requested-With, Content-Type, Origin, Cache-Control, Pragma, Authorization, Accept, Accept-Encoding");
|
2021-10-27 13:36:58 +00:00
|
|
|
|
|
2022-05-09 06:37:58 +00:00
|
|
|
|
// 无文件
|
|
|
|
|
|
if (empty($_FILES['image'])) {
|
|
|
|
|
|
exit(json_encode(
|
|
|
|
|
|
array(
|
|
|
|
|
|
"result" => "failed",
|
|
|
|
|
|
"code" => 204,
|
|
|
|
|
|
"message" => "没有选择上传的文件",
|
|
|
|
|
|
)
|
|
|
|
|
|
));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-01-19 17:55:20 +00:00
|
|
|
|
// 黑/白IP名单上传
|
|
|
|
|
|
if ($config['check_ip']) {
|
|
|
|
|
|
if (checkIP(null, $config['check_ip_list'], $config['check_ip_model'])) {
|
2022-05-09 06:37:58 +00:00
|
|
|
|
// 上传错误 code:205 未授权IP
|
2022-01-19 17:55:20 +00:00
|
|
|
|
exit(json_encode(array(
|
|
|
|
|
|
"result" => "failed",
|
2022-05-09 06:37:58 +00:00
|
|
|
|
"code" => 205,
|
2022-01-19 17:55:20 +00:00
|
|
|
|
"message" => "黑名单内或白名单外用户不允许上传",
|
|
|
|
|
|
)));
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2022-05-09 06:37:58 +00:00
|
|
|
|
|
2023-02-01 14:20:33 +00:00
|
|
|
|
// 根据IP限制游客每日上传数量
|
2023-02-04 02:55:33 +00:00
|
|
|
|
if ($config['ip_upload_counts'] > 0 && !is_who_login('status')) {
|
2023-02-15 03:47:00 +00:00
|
|
|
|
if (false == get_ip_upload_log_counts(real_ip())) {
|
|
|
|
|
|
exit(json_encode(
|
|
|
|
|
|
array(
|
|
|
|
|
|
"result" => "failed",
|
|
|
|
|
|
"code" => 403,
|
|
|
|
|
|
"message" => sprintf("游客限制每日上传 %d 张", $config['ip_upload_counts']),
|
|
|
|
|
|
)
|
|
|
|
|
|
));
|
2023-02-01 14:20:33 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2022-04-11 05:35:48 +00:00
|
|
|
|
$token = preg_replace('/[\W]/', '', $_POST['token']); // 获取Token并过滤非字母数字,删除空格;
|
|
|
|
|
|
|
|
|
|
|
|
// 检查api合法性
|
|
|
|
|
|
check_api($token);
|
|
|
|
|
|
$tokenID = $tokenList[$token]['id'];
|
|
|
|
|
|
|
2021-10-27 13:36:58 +00:00
|
|
|
|
$handle = new Upload($_FILES['image'], 'zh_CN');
|
|
|
|
|
|
|
|
|
|
|
|
if ($handle->uploaded) {
|
|
|
|
|
|
// 允许上传的mime类型
|
2023-03-03 17:57:30 +00:00
|
|
|
|
if ($config['allowed'] === 1) {
|
|
|
|
|
|
$handle->allowed = array('image/*');
|
|
|
|
|
|
}
|
2023-03-04 05:52:50 +00:00
|
|
|
|
|
|
|
|
|
|
// 检查svg是否存在script和a标签代码
|
2023-03-03 17:57:30 +00:00
|
|
|
|
if ($handle->file_src_name_ext === 'svg') {
|
|
|
|
|
|
$svg = file_get_contents($handle->file_src_pathname);
|
2023-03-04 05:52:50 +00:00
|
|
|
|
if (preg_match('/<script[\s\S]*?<\/script>/', $svg) || stripos($svg, 'href=')) {
|
2023-03-03 17:57:30 +00:00
|
|
|
|
exit(json_encode(
|
|
|
|
|
|
array(
|
|
|
|
|
|
"result" => "failed",
|
|
|
|
|
|
"code" => 205,
|
|
|
|
|
|
"message" => "请勿上传非法文件",
|
|
|
|
|
|
)
|
|
|
|
|
|
));
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
2023-03-04 05:52:50 +00:00
|
|
|
|
|
2021-10-27 13:36:58 +00:00
|
|
|
|
// 文件命名
|
2022-05-03 05:00:40 +00:00
|
|
|
|
$handle->file_new_name_body = imgName($handle->file_src_name_body);
|
|
|
|
|
|
// 添加Token ID
|
|
|
|
|
|
$handle->file_name_body_add = '-' . $tokenID;
|
2021-10-27 13:36:58 +00:00
|
|
|
|
// 最大上传限制
|
2023-01-21 03:56:00 +00:00
|
|
|
|
$handle->file_max_size = $config['maxSize'];
|
2021-10-27 13:36:58 +00:00
|
|
|
|
// 最大宽度
|
|
|
|
|
|
$handle->image_max_width = $config['maxWidth'];
|
|
|
|
|
|
// 最大高度
|
|
|
|
|
|
$handle->image_max_height = $config['maxHeight'];
|
|
|
|
|
|
// 最小宽度
|
|
|
|
|
|
$handle->image_min_width = $config['minWidth'];
|
|
|
|
|
|
// 最小高度
|
|
|
|
|
|
$handle->image_min_height = $config['minHeight'];
|
2023-01-21 03:56:00 +00:00
|
|
|
|
// 2023-01-06 转换图片为指定格式 只转换非webp格式和非动态图片
|
2023-01-26 04:32:04 +00:00
|
|
|
|
if ($handle->file_src_name_ext !== 'webp' && !isGifAnimated($handle->file_src_pathname)) {
|
2023-01-21 03:56:00 +00:00
|
|
|
|
$handle->image_convert = $config['imgConvert'];
|
2022-03-10 15:40:15 +00:00
|
|
|
|
}
|
2023-01-21 03:56:00 +00:00
|
|
|
|
// 2023-01-06 PNG 图像的压缩级别,介于 1(快速但大文件)和 9(慢但较小文件)之间
|
|
|
|
|
|
$handle->png_compression = 9 - round($config['compress_ratio'] / 11.2);
|
|
|
|
|
|
// WEBP 图像的压缩质量 1-100
|
|
|
|
|
|
$handle->webp_quality = $config['compress_ratio'];
|
|
|
|
|
|
// JPEG 图像的压缩质量 1-100
|
|
|
|
|
|
$handle->jpeg_quality = $config['compress_ratio'];
|
2021-10-27 13:36:58 +00:00
|
|
|
|
|
2022-05-03 05:00:40 +00:00
|
|
|
|
/* 等比例缩减图片 放到前端了*/
|
|
|
|
|
|
/*
|
|
|
|
|
|
if ($config['imgRatio']) {
|
|
|
|
|
|
$handle->image_resize = true;
|
|
|
|
|
|
$handle->image_x = $config['image_x'];
|
|
|
|
|
|
$handle->image_y = $config['image_y'];
|
|
|
|
|
|
// 如果调整后的图像大于原始图像,则取消调整大小,以防止放大
|
|
|
|
|
|
$handle->image_no_enlarging = true;
|
|
|
|
|
|
}
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
// 默认目录
|
|
|
|
|
|
$Img_path = config_path();
|
|
|
|
|
|
|
|
|
|
|
|
if ($config['token_path_status'] == 1) {
|
|
|
|
|
|
$Img_path = config_path($tokenID . date('/Y/m/d/'));
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2021-10-27 13:36:58 +00:00
|
|
|
|
// 存储图片路径:images/201807/
|
2022-05-03 05:00:40 +00:00
|
|
|
|
$handle->process(APP_ROOT . $Img_path);
|
2021-10-27 13:36:58 +00:00
|
|
|
|
|
|
|
|
|
|
// 图片完整相对路径:/i/2021/05/03/k88e7p.jpg
|
|
|
|
|
|
if ($handle->processed) {
|
|
|
|
|
|
header('Content-type:text/json');
|
2023-01-21 03:56:00 +00:00
|
|
|
|
|
2022-05-03 11:14:46 +00:00
|
|
|
|
// 图片相对路径
|
|
|
|
|
|
$pathIMG = $Img_path . $handle->file_dst_name;
|
|
|
|
|
|
// 图片访问网址
|
2022-05-03 05:00:40 +00:00
|
|
|
|
$imageUrl = rand_imgurl() . $pathIMG;
|
2022-05-03 11:14:46 +00:00
|
|
|
|
// 后续处理地址
|
|
|
|
|
|
$processUrl = $config['domain'] . $pathIMG;
|
2022-01-17 19:13:56 +00:00
|
|
|
|
|
2022-05-03 05:00:40 +00:00
|
|
|
|
// 隐藏config文件中的path目录,需要搭配网站设置
|
|
|
|
|
|
if ($config['hide_path'] == 1) {
|
|
|
|
|
|
$imageUrl = str_replace($config['path'], '/', $imageUrl);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 源图保护 key值是由crc32加密的hide_key
|
|
|
|
|
|
if ($config['hide'] == 1) {
|
2023-03-08 18:42:50 +00:00
|
|
|
|
$imageUrl = $config['domain'] . '/app/hide.php?key=' . urlHash($pathIMG, 0, crc32($config['hide_key']));
|
2022-05-03 05:00:40 +00:00
|
|
|
|
}
|
2022-03-14 09:52:21 +00:00
|
|
|
|
|
2023-02-26 15:52:28 +00:00
|
|
|
|
// 删除文件链接
|
2022-01-27 09:25:46 +00:00
|
|
|
|
if ($config['show_user_hash_del']) {
|
2023-03-08 18:42:50 +00:00
|
|
|
|
$delUrl = $config['domain'] . '/app/del.php?hash=' . urlHash($pathIMG, 0);
|
2022-01-17 19:13:56 +00:00
|
|
|
|
} else {
|
2023-01-21 03:56:00 +00:00
|
|
|
|
$delUrl = "Admin closed user delete";
|
2022-01-17 19:13:56 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2023-01-29 22:15:24 +00:00
|
|
|
|
// 当设置访问生成缩略图时自动生成 2022-12-30 修正 2023-01-30
|
2023-03-08 18:42:50 +00:00
|
|
|
|
$handleThumb = $config['domain'] . '/app/thumb.php?img=' . $pathIMG;
|
2023-01-21 03:56:00 +00:00
|
|
|
|
if ($config['thumbnail'] == 2) {
|
2022-12-29 18:58:26 +00:00
|
|
|
|
// 自定义缩略图长宽
|
|
|
|
|
|
$handle->image_resize = true;
|
2023-01-26 04:32:04 +00:00
|
|
|
|
$handle->image_x = $config['thumbnail_w'];
|
|
|
|
|
|
$handle->image_y = $config['thumbnail_h'];
|
2022-12-29 18:58:26 +00:00
|
|
|
|
// 如果调整后的图像大于原始图像,则取消调整大小,以防止放大
|
|
|
|
|
|
$handle->image_no_enlarging = true;
|
|
|
|
|
|
$handle->file_new_name_body = date('Y_m_d_') . $handle->file_dst_name_body;
|
2023-01-29 22:15:24 +00:00
|
|
|
|
$handle->process(APP_ROOT . $config['path'] . 'cache/');
|
|
|
|
|
|
$handleThumb = $config['domain'] . $config['path'] . 'cache/' . $handle->file_dst_name;
|
2022-12-29 18:58:26 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 上传成功后返回json数据
|
2021-10-27 13:36:58 +00:00
|
|
|
|
$reJson = array(
|
2023-03-05 13:46:49 +00:00
|
|
|
|
"result" => "success",
|
|
|
|
|
|
"code" => 200,
|
|
|
|
|
|
"url" => $imageUrl,
|
|
|
|
|
|
"srcName" => $handle->file_src_name_body,
|
|
|
|
|
|
"thumb" => $handleThumb,
|
|
|
|
|
|
"del" => $delUrl,
|
|
|
|
|
|
"ID" => $tokenID, // 202-02-11 增加返回Token ID
|
|
|
|
|
|
// "memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
|
2021-10-27 13:36:58 +00:00
|
|
|
|
);
|
2022-01-03 00:14:18 +00:00
|
|
|
|
echo json_encode($reJson, JSON_UNESCAPED_UNICODE);
|
2021-10-27 13:36:58 +00:00
|
|
|
|
$handle->clean();
|
|
|
|
|
|
} else {
|
2022-05-09 06:37:58 +00:00
|
|
|
|
// 上传错误 code:206 客户端文件有问题
|
2021-10-27 13:36:58 +00:00
|
|
|
|
$reJson = array(
|
2023-03-05 13:46:49 +00:00
|
|
|
|
"result" => "failed",
|
|
|
|
|
|
"code" => 206,
|
|
|
|
|
|
"message" => $handle->error,
|
|
|
|
|
|
"memory" => getDistUsed(memory_get_peak_usage()), // 占用内存 2023-02-12
|
2023-02-28 15:47:41 +00:00
|
|
|
|
// 'log' => $handle->log, // 仅用作调试用
|
2021-10-27 13:36:58 +00:00
|
|
|
|
);
|
2023-01-30 16:05:15 +00:00
|
|
|
|
unset($handle);
|
|
|
|
|
|
header('Content-Type:application/json; charset=utf-8');
|
2022-01-02 12:12:16 +00:00
|
|
|
|
exit(json_encode($reJson, JSON_UNESCAPED_UNICODE));
|
2021-10-27 13:36:58 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2022-02-04 12:28:33 +00:00
|
|
|
|
/** 后续处理 */
|
|
|
|
|
|
// 使用fastcgi_finish_request操作
|
2023-03-08 16:38:24 +00:00
|
|
|
|
if (function_exists('fastcgi_finish_request')) fastcgi_finish_request();
|
|
|
|
|
|
// 同IP上传日志
|
|
|
|
|
|
@write_ip_upload_count_logs();
|
|
|
|
|
|
// 日志
|
|
|
|
|
|
@write_upload_logs($pathIMG, $handle->file_src_name, $handle->file_dst_pathname, $handle->file_src_size);
|
|
|
|
|
|
// 鉴黄
|
|
|
|
|
|
@process_checkImg($processUrl);
|
|
|
|
|
|
// 水印
|
|
|
|
|
|
@water($handle->file_dst_pathname);
|
|
|
|
|
|
// 压缩
|
|
|
|
|
|
@process_compress($handle->file_dst_pathname);
|
|
|
|
|
|
// 上传至其他位置
|
|
|
|
|
|
// @any_upload($pathIMG, APP_ROOT . $pathIMG, 'upload');
|
2022-02-13 08:14:46 +00:00
|
|
|
|
|
2021-10-27 13:36:58 +00:00
|
|
|
|
unset($handle);
|
|
|
|
|
|
}
|
