Subversion Repositories sysadmin_scripts

Rev

Rev 125 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | Download | RSS feed

<?php

/*
 * script: upload_file.php
 * author: Rod Rodolico
 * date:   2022-06-04
 * use:    Upload a file and create an info file with parameters
 * 
 * Description:
 * This is a general purpose file upload script, the generalized form of upload_sysinfo_report.php which is used in the sysinfo
 * project.
 * 
 * Uploaded file is saved into STORAGE_PATH/upload_type, where upload_type is passed as a parameter. If no upload_type is specified, 
 * the file is stored in STORAGE_PATH.
 * 
 * A second file is then created by appending .info to the file. This file contains the contents of all parameters passed on the 
 * URL GET/POST (using $_REQUEST) in key:value format. Note that this is the exact file name with .info appended, so joe.info 
 * becomes joe.info.info
 * 
 * Three parameters have special meaning
 * file is the key looked for for the actual file contents
 * if filename is set, it is sanitized and used to store the file on disk. Otherwise, a random file name is created.
 * if upload_type is set, the file is stored in STORAGE_PATH/upload_type. Otherwise, STORAGE_PATH/ is used.
 * Both of these are sanitized by removing all non-alphanumeric/underscore characters. See function sanitize_filename
 * 
 * Example Usage:
 * http://url?upload_type=sysinfo&filename=joe.info&report_date=2016-04-01 13:11:04&client=My Client Name&hostname=server.example.com&serialnumber=dd-app-005&report=now is the time for all good men
 * Obviously, all values must be URL encoded
 * 
 * The file STORAGE_PATH/sysinfo/joe.info will be created with the file contents
 * The file STORAGE_PATH/sysinfo/joe.info.info will be created with the following contents
 * upload_type:sysinfo
 * filename:joe.info
 * report_date:2016-04-01 13:11:04
 * client:My Client Name
 * hostname:server.example.com
 * serialnumber:dd-app-005
 * report:now is the time for all good men
 * 
 * NOTE: if STORAGE_PATH/whatever doesn't exist, it is created as the web server user, with permissions 777
 * 
 * To create the storage directory manually, it must be writable by the web server user, ie if storing in storing it 
 * in ~/camp/sysinfo_reports, the following should be run as root
 * mkdir -p ~camp/sysinfo_reports/http
 * chown camp:www-data ~camp/sysinfo_reports/http
 * chmod 775 ~camp/sysinfo_reports/http
*/

define ( 'VERSION', '1.0' );
define ( 'BUILD_DATE', '2016-04-03' );
define ( 'STORAGE_PATH', '/home/camp/sysinfo_reports/unprocessed' ); 
define ( 'TESTING', false );

function sanitize_filename ( $filename, $allowed = 'a-zA-Z0-9-', $special_chars = '_', $replace_char = '-', $removeDups = true ) {
   $filename = str_replace( $allowed . $special_chars,$replace_char, $filename );
   if ( $removeDups )
      $filename = preg_replace( "/($replace_char)+/", $replace_char, $filename );
   return $filename;
}


$date = $_REQUEST['report_date'];
$client = $_REQUEST['client'];
$hostname = $_REQUEST['hostname'];
$serial = isset( $_REQUEST['serialnumber'] ) ? $_REQUEST['serialnumber'] : '';
$report = $_FILES['report'];

/* test data
$client = 'Roome Land Surveying';
$hostname = 'router.roome.local';
$date = '"2016-03-31 01:25:04"';
$serial = 'dd-app-040';
$report = 'A Report';
*/


function saveFile ( $filesHash, $targetPath, $filename, $info ) {
   if ( $filesHash['error'] )
      return false;
   // first, let's get a file name we can use
   if ( ! $filename ) {
      $filename = sanitize_filename( isset( $filesHash['name'] ? $filesHash['name'] : $filesHash['tmp_name']  );
      if ( ! $filename ) {
         $filename = uniqid( rand(), true )
   }
   $targetPath .= '/' . $filename;
   while ( file_exists( $targetPath ) ) {
      $targetPath .= '.1';
   }
   # Now, move the uploaded file
   move_uploaded_file( $filesHash['tmp_name'], $targetPath );
   $targetPath .= '.info';
   file_put_contents( $targetPath, $info );
   return true;
}


// file_put_contents( STORAGE_PATH . '/report.log', print_r( $report, true ) );

$path = STORAGE_PATH . isset( $_REQUEST['upload_type'] : '/' . sanitize_filename($_REQUEST['upload_type'])  );
$text = array;
foreach ( $_REQUEST as $key => $value ) {
   $text[] = $key . ':' $value;
}
$text = implode( "\n", $text );

foreach ( $_FILES as $key => $value ) {
   saveFile( 
      $value, 
      $path,
      isset( $_REQUEST['filename'] ) ? sanitize_filename( $_REQUEST['filename'] : '' ),
      $text
   );
}


?>