First version, for githup; UNSTABLE, DO NOT USE!
This commit is contained in:
Fabio Herzig
4
www/intern/scripts/audiofiles-uploads/.user.ini
Normal file
4
www/intern/scripts/audiofiles-uploads/.user.ini
Normal file
@@ -0,0 +1,4 @@
|
||||
upload_max_filesize = 50M
|
||||
post_max_size = 55M
|
||||
max_execution_time = 120
|
||||
max_input_time = 120
|
||||
142
www/intern/scripts/audiofiles-uploads/ajax_audiofile_upload.php
Normal file
142
www/intern/scripts/audiofiles-uploads/ajax_audiofile_upload.php
Normal file
@@ -0,0 +1,142 @@
|
||||
<?php
|
||||
|
||||
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
|
||||
|
||||
$isTrainer =
|
||||
isset($_SESSION['access_granted_trainer'], $_SESSION['passcodetrainer_id']) &&
|
||||
$_SESSION['access_granted_trainer'] === true &&
|
||||
(int)$_SESSION['passcodetrainer_id'] > 0;
|
||||
|
||||
$isWkLeitung =
|
||||
isset($_SESSION['access_granted_wk_leitung'], $_SESSION['passcodewk_leitung_id']) &&
|
||||
$_SESSION['access_granted_wk_leitung'] === true &&
|
||||
(int)$_SESSION['passcodewk_leitung_id'] > 0;
|
||||
|
||||
if (!$isTrainer && !$isWkLeitung) {
|
||||
http_response_code(403);
|
||||
exit;
|
||||
}
|
||||
|
||||
// Allow large uploads and enough memory for GD processing
|
||||
ini_set('memory_limit', '256M');
|
||||
ini_set('max_execution_time', '120');
|
||||
|
||||
|
||||
|
||||
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
|
||||
|
||||
|
||||
if (!isset($_FILES['music_file']) || $_FILES['music_file']['error'] !== UPLOAD_ERR_OK) {
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Keine Musik' . $_FILES['music_file']['error'] ?? 'NO ERROR KNOWN'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$type = ($isTrainer) ? 'tr' : 'wkl';
|
||||
|
||||
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
|
||||
|
||||
if ($data['success'] === false){
|
||||
echo json_encode(['success' => false, 'message' => $data['message']]);
|
||||
exit;
|
||||
}
|
||||
|
||||
require $baseDir . '/../scripts/db/db-tables.php';
|
||||
require $baseDir . '/../scripts/db/db-functions.php';
|
||||
|
||||
$saveDir = '/files/music/';
|
||||
|
||||
$normalDir = $saveDir;
|
||||
|
||||
$uploadDir = $baseDir . $saveDir;
|
||||
|
||||
$maxLengthMusic = db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['maxLengthMusic']);
|
||||
|
||||
if (!is_dir($uploadDir)) {
|
||||
mkdir($uploadDir, 0755, true);
|
||||
}
|
||||
|
||||
|
||||
$tmpPath = $_FILES['music_file']['tmp_name'];
|
||||
$originalName = $_FILES['music_file']['name'];
|
||||
$extension = strtolower(pathinfo($originalName, PATHINFO_EXTENSION));
|
||||
|
||||
$allowedExt = ['mp3', 'wav', 'ogg'];
|
||||
if (!in_array($extension, $allowedExt, true)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Falsches Format (Endung)']);
|
||||
http_response_code(422);
|
||||
exit;
|
||||
}
|
||||
|
||||
$finfo = new finfo(FILEINFO_MIME_TYPE);
|
||||
$mimeType = $finfo->file($tmpPath);
|
||||
$allowedMime = ['audio/mpeg', 'audio/wav', 'audio/x-wav', 'audio/ogg', 'application/ogg'];
|
||||
|
||||
if (!in_array($mimeType, $allowedMime, true)) {
|
||||
echo json_encode(['success' => false, 'message' => 'Dateiinhalt ist kein gültiges Audio']);
|
||||
http_response_code(422);
|
||||
exit;
|
||||
}
|
||||
|
||||
|
||||
$filename = uniqid('userupload_', true) . '.' . $extension;
|
||||
$destination = $uploadDir . $filename;
|
||||
$normalPath = $normalDir . $filename;
|
||||
|
||||
|
||||
if (!move_uploaded_file($tmpPath, $destination)) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($isTrainer && $maxLengthMusic !== null && intval($maxLengthMusic) !== 0) {
|
||||
require $baseDir . '/../composer/vendor/autoload.php';
|
||||
|
||||
$getID3 = new getID3;
|
||||
$fileInfo = $getID3->analyze($destination);
|
||||
|
||||
if (empty($fileInfo['playtime_seconds'])) {
|
||||
http_response_code(400);
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Fehler beim Bestimmen der Musiklänge'
|
||||
]);
|
||||
exit;
|
||||
}
|
||||
|
||||
$duration = (float) $fileInfo['playtime_seconds'];
|
||||
|
||||
if ($duration > intval($maxLengthMusic)) {
|
||||
unlink($destination);
|
||||
echo json_encode([
|
||||
'success' => false,
|
||||
'message' => 'Musik zu lange (über ' . intval($maxLengthMusic) . ' Sekunden)'
|
||||
]);
|
||||
http_response_code(422);
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$sql = "INSERT INTO $tableAudiofiles (`file_name`,`file_path`) VALUES (?, ?)";
|
||||
|
||||
$stmt = $mysqli->prepare($sql);
|
||||
$stmt->bind_param("ss", $originalName, $normalPath);
|
||||
|
||||
if (!$stmt->execute()) {
|
||||
http_response_code(500);
|
||||
exit;
|
||||
}
|
||||
|
||||
$id = $mysqli->insert_id;
|
||||
|
||||
$stmt->close();
|
||||
|
||||
echo json_encode([
|
||||
'success' => true,
|
||||
'id' => $id,
|
||||
'filename' => $originalName,
|
||||
'filepath' => $normalPath
|
||||
]);
|
||||
Reference in New Issue
Block a user