@@ -3,13 +3,13 @@ discard block |
||
3 | 3 | |
4 | 4 | use Core\AjaxController; |
5 | 5 | |
6 | -class ImageUpload extends AjaxController{ |
|
6 | +class ImageUpload extends AjaxController { |
|
7 | 7 | /** |
8 | 8 | * @var string the image upload folder, must be writable |
9 | 9 | */ |
10 | 10 | private $imageFolder = "uploaded_images/"; |
11 | 11 | |
12 | - public function tinymceUpload(){ |
|
12 | + public function tinymceUpload() { |
|
13 | 13 | |
14 | 14 | //image uploader for tinymce |
15 | 15 | //grabbed from https://www.codexworld.com/tinymce-upload-image-to-server-using-php/ |
@@ -23,36 +23,36 @@ discard block |
||
23 | 23 | $temp = $this->container->getRequest()->getUploadedFiles(); |
24 | 24 | |
25 | 25 | //need to clean up |
26 | - if(is_uploaded_file($temp['tmp_name'])){ |
|
27 | - if(isset($_SERVER['HTTP_ORIGIN'])){ |
|
26 | + if (is_uploaded_file($temp['tmp_name'])) { |
|
27 | + if (isset($_SERVER['HTTP_ORIGIN'])) { |
|
28 | 28 | // Same-origin requests won't set an origin. If the origin is set, it must be valid. |
29 | - if(in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)){ |
|
30 | - header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); |
|
31 | - }else{ |
|
29 | + if (in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)) { |
|
30 | + header('Access-Control-Allow-Origin: '.$_SERVER['HTTP_ORIGIN']); |
|
31 | + }else { |
|
32 | 32 | header("HTTP/1.1 403 Origin Denied"); |
33 | 33 | return; |
34 | 34 | } |
35 | 35 | } |
36 | 36 | |
37 | 37 | // Sanitize input |
38 | - if(preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])){ |
|
38 | + if (preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])) { |
|
39 | 39 | header("HTTP/1.1 400 Invalid file name."); |
40 | 40 | return; |
41 | 41 | } |
42 | 42 | |
43 | 43 | // Verify extension |
44 | - if(!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))){ |
|
44 | + if (!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))) { |
|
45 | 45 | header("HTTP/1.1 400 Invalid extension."); |
46 | 46 | return; |
47 | 47 | } |
48 | 48 | |
49 | 49 | // Accept upload if there was no origin, or if it is an accepted origin |
50 | - $filetowrite = $this->imageFolder . $temp['name']; |
|
50 | + $filetowrite = $this->imageFolder.$temp['name']; |
|
51 | 51 | move_uploaded_file($temp['tmp_name'], $filetowrite); |
52 | 52 | |
53 | 53 | // Respond to the successful upload with JSON. |
54 | 54 | echo json_encode(array('location' => $filetowrite)); |
55 | - } else { |
|
55 | + }else { |
|
56 | 56 | // Notify editor that the upload failed |
57 | 57 | header("HTTP/1.1 500 Server Error"); |
58 | 58 | } |