97 lines
3.3 KiB
PHP
Executable File
97 lines
3.3 KiB
PHP
Executable File
<?php
|
|
/**
|
|
* upload_document.php
|
|
* الغرض: رفع صورة وثيقة فقط وإرجاع رابطها (بدون ذكاء صناعي)
|
|
*/
|
|
|
|
require_once __DIR__ . '/../../connect.php';
|
|
|
|
$driverId = trim((string) filterRequest("driver_id"));
|
|
$type = trim((string) filterRequest("type"));
|
|
|
|
// ✅ التحقق من الحقول الاختيارية
|
|
if ($driverId === "") { $driverId = "unknown"; }
|
|
if ($type === "") { $type = "generic"; }
|
|
|
|
// ✅ التحقق من ملف الصورة
|
|
if (!isset($_FILES['image']) || $_FILES['image']['error'] !== UPLOAD_ERR_OK) {
|
|
error_log("Upload error: Image not provided or upload failed.");
|
|
jsonError("Image upload failed");
|
|
exit;
|
|
}
|
|
|
|
$file = $_FILES['image'];
|
|
|
|
// ✅ السماح بالامتدادات الشائعة + فحص MIME الحقيقي
|
|
$allowedExt = ['jpg', 'jpeg', 'png'];
|
|
$extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
|
|
if (!in_array($extension, $allowedExt, true)) {
|
|
error_log("Unsupported file extension: $extension");
|
|
jsonError("Unsupported file type");
|
|
exit;
|
|
}
|
|
|
|
// فحص نوع المحتوى الفعلي (أكثر أماناً)
|
|
$finfo = new finfo(FILEINFO_MIME_TYPE);
|
|
$mime = $finfo->file($file['tmp_name']) ?: 'application/octet-stream';
|
|
$allowedMime = ['image/jpeg', 'image/png'];
|
|
if (!in_array($mime, $allowedMime, true)) {
|
|
error_log("Unsupported MIME type: $mime");
|
|
jsonError("Unsupported image MIME type");
|
|
exit;
|
|
}
|
|
|
|
// (اختياري) حد أقصى للحجم 10MB
|
|
$maxBytes = 10 * 1024 * 1024;
|
|
if ($file['size'] > $maxBytes) {
|
|
error_log("Image too large: {$file['size']} bytes");
|
|
jsonError("Image too large (max 10MB)");
|
|
exit;
|
|
}
|
|
|
|
// 📁 مسارات الحفظ
|
|
$uploadDir = "../uploads/documents/";
|
|
if (!is_dir($uploadDir)) {
|
|
if (!mkdir($uploadDir, 0755, true) && !is_dir($uploadDir)) {
|
|
error_log("Failed to create upload directory: $uploadDir");
|
|
jsonError("Server error: cannot create upload directory");
|
|
exit;
|
|
}
|
|
}
|
|
|
|
|
|
$baseName = "driver_{$type}_{$driverId}";
|
|
$uniqueName = $baseName . "." . $extension;
|
|
$uploadPath = $uploadDir . $uniqueName;
|
|
|
|
// ⬆️ نقل الملف
|
|
if (!move_uploaded_file($file['tmp_name'], $uploadPath)) {
|
|
error_log("Failed to move uploaded file to $uploadPath");
|
|
jsonError("Failed to move uploaded image");
|
|
exit;
|
|
}
|
|
|
|
// 🔒 منع التنفيذ لو رُفع PHP بالخطأ
|
|
@chmod($uploadPath, 0644);
|
|
|
|
// 🌐 توليد BASE_URL آمن (يدعم ENV أو يعتمد على المضيف الحالي)
|
|
if (!defined('BASE_URL')) {
|
|
$APP_BASE_URL = rtrim(getenv('APP_BASE_URL') ?: '', '/');
|
|
if ($APP_BASE_URL === '') {
|
|
$scheme = isset($_SERVER['REQUEST_SCHEME']) ? $_SERVER['REQUEST_SCHEME'] : ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http');
|
|
$host = $_SERVER['HTTP_HOST'] ?? 'localhost';
|
|
define('BASE_URL', $scheme . '://' . $host);
|
|
} else {
|
|
define('BASE_URL', $APP_BASE_URL);
|
|
}
|
|
}
|
|
|
|
// ⚙️ مسار الرابط العام (عدّل المسار حسب نشر مشروعك)
|
|
$publicPath = "/siro/auth/uploads/documents/" . $uniqueName;
|
|
$imageUrl = rtrim(BASE_URL, '/') . $publicPath;
|
|
|
|
// ✅ نتيجة نهائية: فقط رابط الصورة وبعض البيانات المفيدة
|
|
printSuccess([
|
|
$imageUrl,
|
|
|
|
]); |