From a5beff7868ab63bf4ec752a1102f8da033c66b28 Mon Sep 17 00:00:00 2001 From: Khurshid Alam <89677621+kmkalam24@users.noreply.github.com> Date: Sun, 22 Jan 2023 15:02:01 +0600 Subject: [PATCH] Update Security --- core/config.php | 33 ++++++++++-- core/functions.php | 125 +++++++++++++++++++-------------------------- 2 files changed, 80 insertions(+), 78 deletions(-) diff --git a/core/config.php b/core/config.php index 7804f22..18aff37 100644 --- a/core/config.php +++ b/core/config.php @@ -50,21 +50,44 @@ $_SETTINGS["MAX_UPLOAD_SIZE"] = 8; /** - * Define allowed mime type. + * Define allowed extension and mime type. * * Can be seen common mime type here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types/Common_types * or * https://www.iana.org/assignments/media-types/media-types.xhtml * */ + // Vaild image type for upload. must be in lower case -$_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"] = array("jpeg", "jpg", "png"); +$_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"] = array( + "jpeg" => array("image/jpeg"), + "jpg" => array("image/jpeg"), + "png" => array("image/png") +); // Valid document type for upload. must be in lower case -$_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"] = array("pdf", "msword", "vnd.openxmlformats-officedocument.wordprocessingml.document", "vnd.ms-excel", "vnd.openxmlformats-officedocument.spreadsheetml.sheet"); - +$_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"] = array( + "pdf" => array("application/pdf"), + "doc" => array("application/msword"), + "docx" => array("vnd.openxmlformats-officedocument.wordprocessingml.document"), + "xls" => array("application/vnd.ms-excel"), + "xlsx" => array("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet") +); // Valid audio type for upload -$_SETTINGS["VALID_AUDIO_TYPE_FOR_UPLOAD"] = array("mpeg", "ogg", "opus", "aac", "wav", "webm"); +$_SETTINGS["VALID_AUDIO_TYPE_FOR_UPLOAD"] = array( + "oga" => array("audio/ogg"), + "opus" => array("audio/opus"), + "wav" => array("audio/wav"), + "weba" => array("audio/webm") +); + +// Valid video type for upload +$_SETTINGS["VALID_VIDEO_TYPE_FOR_UPLOAD"] = array( + "mpeg" => array("video/mpeg"), + "ogv" => array("video/ogg"), + "webm" => array("video/webm"), + "mp4" => array("video/mp4") +); // Page title variable. All page title will be included here $_SETTINGS["PAGE_TITLE"] = array(); diff --git a/core/functions.php b/core/functions.php index bff1914..b4b2bd2 100644 --- a/core/functions.php +++ b/core/functions.php @@ -1464,7 +1464,8 @@ function save_deleted_date($table, $data) { * @param string $location Optional. Where the uploaded file has stored. Default is db and return an blob string * */ -function easyUpload( + + function easyUpload( array $file, string $location="db", string $newFileName="", @@ -1480,8 +1481,9 @@ function easyUpload( global $_SETTINGS; - $type = strtolower($type); - $extensionName = strtolower(explode("/", $file["type"])[1]); + $mimeType = strtolower($file["type"]); + $extension = explode(".", $file["name"]); + $extension = end($extension); $maxUploadSize = $_SETTINGS["MAX_UPLOAD_SIZE"] * 1024 * 1024; @@ -1489,100 +1491,77 @@ function easyUpload( return "The file is exceeded the max upload size ({$_SETTINGS["MAX_UPLOAD_SIZE"]} MB)"; } - $validExtensionForUpload = []; + $validFileForUpload = []; switch($type) { - case "image": $validExtensionForUpload = $_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"]; break; - case "document": $validExtensionForUpload = $_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"]; break; - case "video": $validExtensionForUpload = $_SETTINGS["VALID_VIDEO_TYPE_FOR_UPLOAD"]; break; - case "audio": $validExtensionForUpload = $_SETTINGS["VALID_AUDIO_TYPE_FOR_UPLOAD"]; break; - case "program": $validExtensionForUpload = $_SETTINGS["VALID_PROGRAM_TYPE_FOR_UPLOAD"]; break; - case 'all': $validExtensionForUpload = array_merge($_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"], $_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"]); break; - } - - if(!in_array($extensionName, $validExtensionForUpload)) { - - $validExtensionNameList = join(", ", $validExtensionForUpload); - - return "Invalid {$type} type. Only {$validExtensionNameList} {$type} type are allowed to upload"; + case "image": $validFileForUpload = $_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"]; break; + case "document": $validFileForUpload = $_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"]; break; + case "video": $validFileForUpload = $_SETTINGS["VALID_VIDEO_TYPE_FOR_UPLOAD"]; break; + case "audio": $validFileForUpload = $_SETTINGS["VALID_AUDIO_TYPE_FOR_UPLOAD"]; break; + case "program": $validFileForUpload = $_SETTINGS["VALID_PROGRAM_TYPE_FOR_UPLOAD"]; break; + case 'all': $validFileForUpload = array_merge($_SETTINGS["VALID_IMAGE_TYPE_FOR_UPLOAD"], $_SETTINGS["VALID_DOCUMENT_TYPE_FOR_UPLOAD"]); break; } - /** - * If location is set to db then return the image as blob string - * Otherwise save the image in the desired location - */ - if($location == "db") { - - return array ( - "success" => true, - "imageType" => $file["type"], - "blobString" => file_get_contents($file["tmp_name"]) - ); - } else { - - $uploadDir = DIR_UPLOAD . $location; + // Validate both file extension and mime type + if( isset( $validFileForUpload[$extension] ) AND in_array( $mimeType, $validFileForUpload[$extension] ) ) { - if(!is_dir($uploadDir) && !mkdir($uploadDir, 0777, true)) { - return "Error creating directory"; - } - - // If newFileName is not empty then change the file name by given - $file_name = rand().$file["name"]; - if(!empty($newFileName)) { - - $file_extension = explode(".", $file_name); - $file_extension = end($file_extension); - $file_name = $newFileName . "." . $file_extension; - - } - - - if(move_uploaded_file($file["tmp_name"], $uploadDir ."/" . $file_name )) { + /** + * If location is set to db then return the image as blob string + * Otherwise save the image in the desired location + */ + if($location == "db") { + return array ( - "success" => true, - "fileName" => $file_name + "success" => true, + "imageType" => $file["type"], + "blobString" => file_get_contents($file["tmp_name"]) ); } else { + + $uploadDir = DIR_UPLOAD . $location; - return "Can not upload the file"; + if(!is_dir($uploadDir) && !mkdir($uploadDir, 0777, true)) { + return "Error creating directory"; + } - } + // If newFileName is not empty then change the file name by given + $file_name = rand().$file["name"]; + if(!empty($newFileName)) { - /* - //upload code here - $data=file_get_contents($_FILES[$fileInputName]["tmp_name"]); + $file_extension = explode(".", $file_name); + $file_extension = end($file_extension); + $file_name = $newFileName . "." . $file_extension; - //upload webp - imagewebp(imagecreatefromstring($data),$location.$uploadedFileName.".webp",75); + } - //upload orginal image - switch($type){ + if(move_uploaded_file($file["tmp_name"], $uploadDir ."/" . $file_name )) { - case "jpeg": imagejpeg(imagecreatefromstring($data),$location.$uploadedFileName.".jpeg",75); - imagejpeg(imagescale(imagecreatefromstring($data), 200, 200), $location.$uploadedFileName."_thumb.jpeg",80); - - break; - case "png": imagepng(imagecreatefromstring($data),$location.$uploadedFileName.".png",75); - imagepng(imagescale(imagecreatefromstring($data), 200, 200), $location.$uploadedFileName."_thumb.png",80); - break; - default: imagejpeg(imagecreatefromstring($data),$location.$uploadedFileName.".jpg",75); - imagejpeg(imagescale(imagecreatefromstring($data), 200, 200), $location.$uploadedFileName."_thumb.jpg",80); - break; + return array ( + "success" => true, + "fileName" => $file_name + ); + + } else { + + return "Can not upload the file"; + + } } - //upload webp thumb - imagewebp(imagescale(imagecreatefromstring($data), 200, 200), $location.$uploadedFileName."_thumb.webp",80); - - */ + } else { - } + return "Invalid {$type} type."; // Only {$validExtensionNameList} {$type} type are allowed to upload"; + } + } + + function easyUpload_back( string $fileInputName, string $type="image",