View GitHub Repository blogoc

Schedule Inspection
Subscribe
Passed
Push — Showing-Posts ( fc2dfc...4009ed )
by Stone
02:08
created
Status
Category
Toggle Patches
App/Controllers/Ajax/ImageUpload.php 1 patch
Spacing   +11 added lines, -11 removed lines patch added patch discarded remove patch 
@@ -3,13 +3,13 @@  discard block
 
 block discarded – undo
3 3
4 4 
 use Core\AjaxController;
5 5
6 
-class ImageUpload extends AjaxController{
6 
+class ImageUpload extends AjaxController {
7 7 
     /**
8 8 
      * @var string the image upload folder, must be writable
9 9 
      */
10 10 
     private $imageFolder = "uploaded_images/";
11 11
12 
-    public function tinymceUpload(){
12 
+    public function tinymceUpload() {
13 13
14 14 
         //image uploader for tinymce
15 15 
 //grabbed from https://www.codexworld.com/tinymce-upload-image-to-server-using-php/
 
@@ -23,36 +23,36 @@  discard block
 
 block discarded – undo
23 23 
         $temp = $this->container->getRequest()->getUploadedFiles();
24 24
25 25 
         //need to clean up
26 
-        if(is_uploaded_file($temp['tmp_name'])){
27 
-            if(isset($_SERVER['HTTP_ORIGIN'])){
26 
+        if (is_uploaded_file($temp['tmp_name'])) {
27 
+            if (isset($_SERVER['HTTP_ORIGIN'])) {
28 28 
                 // Same-origin requests won't set an origin. If the origin is set, it must be valid.
29 
-                if(in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)){
30 
-                    header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
31 
-                }else{
29 
+                if (in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)) {
30 
+                    header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']);
31 
+                }else {
32 32 
                     header("HTTP/1.1 403 Origin Denied");
33 33 
                     return;
34 34 
                 }
35 35 
             }
36 36
37 37 
             // Sanitize input
38 
-            if(preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])){
38 
+            if (preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])) {
39 39 
                 header("HTTP/1.1 400 Invalid file name.");
40 40 
                 return;
41 41 
             }
42 42
43 43 
             // Verify extension
44 
-            if(!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))){
44 
+            if (!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))) {
45 45 
                 header("HTTP/1.1 400 Invalid extension.");
46 46 
                 return;
47 47 
             }
48 48
49 49 
             // Accept upload if there was no origin, or if it is an accepted origin
50 
-            $filetowrite = $this->imageFolder . $temp['name'];
50 
+            $filetowrite = $this->imageFolder.$temp['name'];
51 51 
             move_uploaded_file($temp['tmp_name'], $filetowrite);
52 52
53 53 
             // Respond to the successful upload with JSON.
54 54 
             echo json_encode(array('location' => $filetowrite));
55 
-        } else {
55 
+        }else {
56 56 
             // Notify editor that the upload failed
57 57 
             header("HTTP/1.1 500 Server Error");
58 58 
         }
Please login to merge, or discard this patch.