36 lines
931 B
PHP
36 lines
931 B
PHP
<?PHP
|
|
declare(strict_types = 1);
|
|
require_once __DIR__ . "/../functions/functions.php";
|
|
|
|
if (empty($_FILES)) {
|
|
throw new MDFileDoesNotExist("No file uploaded");
|
|
}
|
|
|
|
$targetpart = basename($_FILES['uploaded']['name']);
|
|
$target = __DIR__ . "/../csv/" . $targetpart;
|
|
|
|
// TODO: File name needs to be sanitized, or tmp name used
|
|
|
|
if (session_status() != PHP_SESSION_ACTIVE) {
|
|
session_start();
|
|
}
|
|
|
|
if (validateAntiCsrfToken() === false) {
|
|
throw new MDWrongCsrfTokenException();
|
|
}
|
|
|
|
//This is our size condition
|
|
if ($_FILES['uploaded']['size'] > 40000000) {
|
|
echo "Your file is too large.<br>";
|
|
return;
|
|
}
|
|
|
|
//Here we check that $ok was not set to 0 by an error
|
|
//If everything is ok we try to upload it
|
|
if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
|
|
echo "Sorry, there was a problem uploading your file.";
|
|
return;
|
|
}
|
|
|
|
header("Location: index3.php?fnam=" . basename($_FILES['uploaded']['name']));
|