Subversion Repositories sysadmin_scripts

Rev

Go to most recent revision | Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
123 rodolico 1
<?php
2
 
3
/*
4
 * script: upload_file.php
5
 * author: Rod Rodolico
6
 * date:   2022-06-04
7
 * use:    Upload a file and create an info file with parameters
8
 * 
9
 * Description:
10
 * This is a general purpose file upload script, the generalized form of upload_sysinfo_report.php which is used in the sysinfo
11
 * project.
12
 * 
13
 * Uploaded file is saved into STORAGE_PATH/upload_type, where upload_type is passed as a parameter. If no upload_type is specified, 
14
 * the file is stored in STORAGE_PATH.
15
 * 
16
 * A second file is then created by appending .info to the file. This file contains the contents of all parameters passed on the 
17
 * URL GET/POST (using $_REQUEST) in key:value format. Note that this is the exact file name with .info appended, so joe.info 
18
 * becomes joe.info.info
19
 * 
20
 * Three parameters have special meaning
21
 * file is the key looked for for the actual file contents
22
 * if filename is set, it is sanitized and used to store the file on disk. Otherwise, a random file name is created.
23
 * if upload_type is set, the file is stored in STORAGE_PATH/upload_type. Otherwise, STORAGE_PATH/ is used.
24
 * Both of these are sanitized by removing all non-alphanumeric/underscore characters. See function sanitize_filename
25
 * 
26
 * Example Usage:
27
 * http://url?upload_type=sysinfo&filename=joe.info&report_date=2016-04-01 13:11:04&client=My Client Name&hostname=server.example.com&serialnumber=dd-app-005&report=now is the time for all good men
28
 * Obviously, all values must be URL encoded
29
 * 
30
 * The file STORAGE_PATH/sysinfo/joe.info will be created with the file contents
31
 * The file STORAGE_PATH/sysinfo/joe.info.info will be created with the following contents
32
 * upload_type:sysinfo
33
 * filename:joe.info
34
 * report_date:2016-04-01 13:11:04
35
 * client:My Client Name
36
 * hostname:server.example.com
37
 * serialnumber:dd-app-005
38
 * report:now is the time for all good men
39
 * 
40
 * NOTE: if STORAGE_PATH/whatever doesn't exist, it is created as the web server user, with permissions 777
41
 * 
42
 * To create the storage directory manually, it must be writable by the web server user, ie if storing in storing it 
43
 * in ~/camp/sysinfo_reports, the following should be run as root
44
 * mkdir -p ~camp/sysinfo_reports/http
45
 * chown camp:www-data ~camp/sysinfo_reports/http
46
 * chmod 775 ~camp/sysinfo_reports/http
47
*/
48
 
49
define ( 'VERSION', '1.0' );
50
define ( 'BUILD_DATE', '2016-04-03' );
125 rodolico 51
define ( 'STORAGE_PATH', '/srv/camp/reports' ); 
123 rodolico 52
 
53
function sanitize_filename ( $filename, $allowed = 'a-zA-Z0-9-', $special_chars = '_', $replace_char = '-', $removeDups = true ) {
54
   $filename = str_replace( $allowed . $special_chars,$replace_char, $filename );
55
   if ( $removeDups )
56
      $filename = preg_replace( "/($replace_char)+/", $replace_char, $filename );
57
   return $filename;
58
}
59
 
60
 
61
function saveFile ( $filesHash, $targetPath, $filename, $info ) {
62
   if ( $filesHash['error'] )
125 rodolico 63
      return "Error in filesHash " . $filesHash[error];
123 rodolico 64
   // first, let's get a file name we can use
65
   if ( ! $filename ) {
125 rodolico 66
      $filename = sanitize_filename( isset( $filesHash['name'] ) ? $filesHash['name'] : $filesHash['tmp_name']  );
123 rodolico 67
      if ( ! $filename ) {
125 rodolico 68
         $filename = uniqid( rand(), true );
69
      }
123 rodolico 70
   }
71
   $targetPath .= '/' . $filename;
72
   while ( file_exists( $targetPath ) ) {
73
      $targetPath .= '.1';
74
   }
75
   # Now, move the uploaded file
125 rodolico 76
   if ( move_uploaded_file( $filesHash['tmp_name'], $targetPath ) ) {
77
      $targetPath .= '.info';
78
      file_put_contents( $targetPath, $info );
79
   } else {
80
      return "could not save file $targetPath";
81
   }
82
   return 'Ok';
123 rodolico 83
}
84
 
85
 
86
// file_put_contents( STORAGE_PATH . '/report.log', print_r( $report, true ) );
87
 
125 rodolico 88
 
89
$path = STORAGE_PATH;
90
if ( isset( $_REQUEST['upload_type'] ) ) {
91
   $path .= '/' . sanitize_filename( $_REQUEST['upload_type'] );
92
}
93
 
94
if ( ! is_dir( $path ) ) {
95
   mkdir( $path, 0777, true );
96
}
97
 
98
$text = array();
123 rodolico 99
foreach ( $_REQUEST as $key => $value ) {
125 rodolico 100
   $text[] = $key . ':' . $value;
123 rodolico 101
}
102
$text = implode( "\n", $text );
103
foreach ( $_FILES as $key => $value ) {
125 rodolico 104
   print saveFile( 
123 rodolico 105
      $value, 
106
      $path,
125 rodolico 107
      isset( $_REQUEST['filename'] ) ? sanitize_filename( $_REQUEST['filename'] ) : '',
123 rodolico 108
      $text
109
   );
110
}
111
 
112
 
113
?>