Passed
Push — Showing-Posts ( fc2dfc...4009ed )
by Stone
02:08
created
App/Controllers/Ajax/ImageUpload.php 1 patch
Spacing   +11 added lines, -11 removed lines patch added patch discarded remove patch
@@ -3,13 +3,13 @@  discard block
 block discarded – undo
3 3
 
4 4
 use Core\AjaxController;
5 5
 
6
-class ImageUpload extends AjaxController{
6
+class ImageUpload extends AjaxController {
7 7
     /**
8 8
      * @var string the image upload folder, must be writable
9 9
      */
10 10
     private $imageFolder = "uploaded_images/";
11 11
 
12
-    public function tinymceUpload(){
12
+    public function tinymceUpload() {
13 13
 
14 14
         //image uploader for tinymce
15 15
 //grabbed from https://www.codexworld.com/tinymce-upload-image-to-server-using-php/
@@ -23,36 +23,36 @@  discard block
 block discarded – undo
23 23
         $temp = $this->container->getRequest()->getUploadedFiles();
24 24
 
25 25
         //need to clean up
26
-        if(is_uploaded_file($temp['tmp_name'])){
27
-            if(isset($_SERVER['HTTP_ORIGIN'])){
26
+        if (is_uploaded_file($temp['tmp_name'])) {
27
+            if (isset($_SERVER['HTTP_ORIGIN'])) {
28 28
                 // Same-origin requests won't set an origin. If the origin is set, it must be valid.
29
-                if(in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)){
30
-                    header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
31
-                }else{
29
+                if (in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)) {
30
+                    header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
31
+                }else {
32 32
                     header("HTTP/1.1 403 Origin Denied");
33 33
                     return;
34 34
                 }
35 35
             }
36 36
 
37 37
             // Sanitize input
38
-            if(preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])){
38
+            if (preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])) {
39 39
                 header("HTTP/1.1 400 Invalid file name.");
40 40
                 return;
41 41
             }
42 42
 
43 43
             // Verify extension
44
-            if(!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))){
44
+            if (!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))) {
45 45
                 header("HTTP/1.1 400 Invalid extension.");
46 46
                 return;
47 47
             }
48 48
 
49 49
             // Accept upload if there was no origin, or if it is an accepted origin
50
-            $filetowrite = $this->imageFolder . $temp['name'];
50
+            $filetowrite = $this->imageFolder.$temp['name'];
51 51
             move_uploaded_file($temp['tmp_name'], $filetowrite);
52 52
 
53 53
             // Respond to the successful upload with JSON.
54 54
             echo json_encode(array('location' => $filetowrite));
55
-        } else {
55
+        }else {
56 56
             // Notify editor that the upload failed
57 57
             header("HTTP/1.1 500 Server Error");
58 58
         }
Please login to merge, or discard this patch.