WKVS_gitea/WKVS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a51fd9dbebc85d50d4ddeadbcb401fc3d8b75765
WKVS/www/intern/scripts/audiofiles-uploads/ajax_audiofile_upload.php
Fabio Herzig a51fd9dbeb First version, for githup; UNSTABLE, DO NOT USE!
2026-04-12 21:25:44 +02:00

143 lines
3.7 KiB
PHP
Raw Blame History

<?php
if (session_status() !== PHP_SESSION_ACTIVE) session_start();
$isTrainer =
isset($_SESSION['access_granted_trainer'], $_SESSION['passcodetrainer_id']) &&
$_SESSION['access_granted_trainer'] === true &&
(int)$_SESSION['passcodetrainer_id'] > 0;
$isWkLeitung =
isset($_SESSION['access_granted_wk_leitung'], $_SESSION['passcodewk_leitung_id']) &&
$_SESSION['access_granted_wk_leitung'] === true &&
(int)$_SESSION['passcodewk_leitung_id'] > 0;
if (!$isTrainer && !$isWkLeitung) {
http_response_code(403);
exit;
}
// Allow large uploads and enough memory for GD processing
ini_set('memory_limit', '256M');
ini_set('max_execution_time', '120');
if (!isset($baseDir)) $baseDir = $_SERVER['DOCUMENT_ROOT'];
if (!isset($_FILES['music_file']) || $_FILES['music_file']['error'] !== UPLOAD_ERR_OK) {
echo json_encode([
'success' => false,
'message' => 'Keine Musik' . $_FILES['music_file']['error'] ?? 'NO ERROR KNOWN'
]);
exit;
}
$type = ($isTrainer) ? 'tr' : 'wkl';
$data = include $baseDir . '/../scripts/db/db-verbindung-script.php';
if ($data['success'] === false){
echo json_encode(['success' => false, 'message' => $data['message']]);
exit;
}
require $baseDir . '/../scripts/db/db-tables.php';
require $baseDir . '/../scripts/db/db-functions.php';
$saveDir = '/files/music/';
$normalDir = $saveDir;
$uploadDir = $baseDir . $saveDir;
$maxLengthMusic = db_get_var($mysqli, "SELECT `value` FROM $tableVar WHERE `name` = ?", ['maxLengthMusic']);
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
$tmpPath = $_FILES['music_file']['tmp_name'];
$originalName = $_FILES['music_file']['name'];
$extension = strtolower(pathinfo($originalName, PATHINFO_EXTENSION));
$allowedExt = ['mp3', 'wav', 'ogg'];
if (!in_array($extension, $allowedExt, true)) {
echo json_encode(['success' => false, 'message' => 'Falsches Format (Endung)']);
http_response_code(422);
exit;
}
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($tmpPath);
$allowedMime = ['audio/mpeg', 'audio/wav', 'audio/x-wav', 'audio/ogg', 'application/ogg'];
if (!in_array($mimeType, $allowedMime, true)) {
echo json_encode(['success' => false, 'message' => 'Dateiinhalt ist kein gültiges Audio']);
http_response_code(422);
exit;
}
$filename = uniqid('userupload_', true) . '.' . $extension;
$destination = $uploadDir . $filename;
$normalPath = $normalDir . $filename;
if (!move_uploaded_file($tmpPath, $destination)) {
http_response_code(500);
exit;
}
if ($isTrainer && $maxLengthMusic !== null && intval($maxLengthMusic) !== 0) {
require $baseDir . '/../composer/vendor/autoload.php';
$getID3 = new getID3;
$fileInfo = $getID3->analyze($destination);
if (empty($fileInfo['playtime_seconds'])) {
http_response_code(400);
echo json_encode([
'success' => false,
'message' => 'Fehler beim Bestimmen der Musiklänge'
]);
exit;
}
$duration = (float) $fileInfo['playtime_seconds'];
if ($duration > intval($maxLengthMusic)) {
unlink($destination);
echo json_encode([
'success' => false,
'message' => 'Musik zu lange (über ' . intval($maxLengthMusic) . ' Sekunden)'
]);
http_response_code(422);
exit;
}
}
$sql = "INSERT INTO $tableAudiofiles (`file_name`,`file_path`) VALUES (?, ?)";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("ss", $originalName, $normalPath);
if (!$stmt->execute()) {
http_response_code(500);
exit;
}
$id = $mysqli->insert_id;
$stmt->close();
echo json_encode([
'success' => true,
'id' => $id,
'filename' => $originalName,
'filepath' => $normalPath
]);
Reference in New Issue View Git Blame Copy Permalink