45 lines
1.7 KiB
PHP
Executable File
45 lines
1.7 KiB
PHP
Executable File
<?php
|
|
require_once __DIR__ . '/includes/session_check.php';
|
|
require_once __DIR__ . '/config/config.php'; // Needed for the url() function
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['file'])) {
|
|
$target_dir = __DIR__ . "/galeria/";
|
|
// Sanitize the filename to prevent security issues
|
|
$filename = preg_replace('/[^a-zA-Z0-9._-]_/', '_', basename($_FILES["file"]["name"]));
|
|
$target_file = $target_dir . $filename;
|
|
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
|
|
|
|
// Basic security checks
|
|
$check = getimagesize($_FILES["file"]["tmp_name"]);
|
|
if($check === false) {
|
|
echo json_encode(['error' => 'El archivo no es una imagen válida.']);
|
|
exit();
|
|
}
|
|
|
|
// Allow certain file formats
|
|
$allowed_types = ['jpg', 'png', 'jpeg', 'gif', 'webp'];
|
|
if(!in_array($imageFileType, $allowed_types)) {
|
|
echo json_encode(['error' => 'Formato de archivo no permitido. Solo se aceptan JPG, PNG, GIF, WEBP.']);
|
|
exit();
|
|
}
|
|
|
|
// Check if file already exists
|
|
if (file_exists($target_file)) {
|
|
echo json_encode(['error' => 'Ya existe un archivo con este nombre. Por favor, cambia el nombre del archivo o sube uno diferente.']);
|
|
exit();
|
|
}
|
|
|
|
// Try to upload file
|
|
if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
|
|
// Use the url() helper to create the full, correct URL
|
|
$file_url = url('galeria/' . $filename);
|
|
echo json_encode(['url' => $file_url]);
|
|
} else {
|
|
echo json_encode(['error' => 'Error al mover el archivo subido.']);
|
|
}
|
|
} else {
|
|
echo json_encode(['error' => 'Solicitud no válida.']);
|
|
}
|
|
?>
|