API tools faq
paste
Advertisement
osteth

upload binary to php via curl

osteth
Mar 6th, 2016
184
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.53 KB | None | 0 0
raw download clone embed print report
  1. ## send command
  2.  curl -i -X POST -H "Content-Type: multipart/form-data" -F "uploaded-file=@FILE_TO_UPLOAD" ADDRESS_OF_SERVER_SIDE_PHP_PAGE
  3.  
  4.  
  5. ## Server Side PHP page
  6.  
  7. <?php
  8. header('Content-Type: text/plain; charset=utf-8');
  9. $maxFileSize = 10000000;
  10.  
  11. $allowedFileExtensions = array
  12. (
  13.     'jpg' => 'image/jpeg',
  14.     'png' => 'image/png',
  15.     'gif' => 'image/gif',
  16. );
  17.  
  18. $allowAllExtensions = true;
  19.  
  20. $uploadPath = "/test/";
  21.  
  22. try
  23. {
  24.    
  25.     // Undefined | Multiple Files | $_FILES Corruption Attack
  26.     // If this request falls under any of them, treat it invalid.
  27.     if (!isset($_FILES['uploaded-file']['error']) || is_array($_FILES['uploaded-file']['error']))
  28.     {
  29.         throw new RuntimeException('Invalid parameters.');
  30.     }
  31.  
  32.     // Check $_FILES['uploaded-file']['error'] value.
  33.     switch ($_FILES['uploaded-file']['error'])
  34.     {
  35.         case UPLOAD_ERR_OK:
  36.             break;
  37.         case UPLOAD_ERR_NO_FILE:
  38.             throw new RuntimeException('Blank or no file sent');
  39.         case UPLOAD_ERR_INI_SIZE:
  40.         case UPLOAD_ERR_FORM_SIZE:
  41.             throw new RuntimeException('File size limit exceeded');
  42.         default:
  43.             throw new RuntimeException('Something');
  44.     }
  45.  
  46.     // Don't rely on PHP config to correctly enforce file sizes - we all know php's reputation
  47.     if ($_FILES['uploaded-file']['size'] > $maxFileSize)
  48.     {
  49.         throw new RuntimeException('File size limit exceeded');
  50.     }
  51.  
  52.     // DO NOT TRUST $_FILES['uploaded-file']['mime'] VALUE !!
  53.     // Check MIME Type by yourself.
  54.     $finfo = new finfo(FILEINFO_MIME_TYPE);
  55.     $extension = array_search( $finfo->file($_FILES['uploaded-file']['tmp_name']),$allowedFileExtensions, true );
  56.  //    if (false === $extension || $allowAllExtensions == false)
  57.    // {
  58.      //   throw new RuntimeException('File extension not allowed');
  59.     //}
  60.  
  61.     // You should name it uniquely.
  62.     $fullPath = $uploadPath . $_SERVER['REMOTE_ADDR'] . "/";
  63.     $fileName = $_FILES['uploaded-file']['name'];
  64.     preg_replace("/..\//", "", $fileName);
  65.    
  66.     mkdir($fullPath, 0666, true);
  67.     $date = date_create();
  68.     $newFileName = $fullPath . date_format($date, 'Y-m-d H:i:s') . $fileName;
  69.     $fileMoveWorked = move_uploaded_file($_FILES['uploaded-file']['tmp_name'], $newFileName);
  70.    
  71.     if ($fileMoveWorked == false)
  72.     {
  73.         throw new RuntimeException("Couldn't save the file");
  74.     }
  75.  
  76.     echo 'HURRAY THE FILE SAVED';
  77.  
  78. } catch (RuntimeException $e) {
  79.  
  80.     echo "Exception thrown: " . $e->getMessage();
  81.  
  82. }
  83.  
  84. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!