serverSaveFile.php

<?php
/**
 * Author: Peter Dragicevic [[email protected]]
 * Authors-Website: https://petschko.org/
 * Date: 10.07.2019
 * Time: 15:38
 *
 * Notes: -
 */

namespace Petschko\Deviantart\Tools;

header('Access-Control-Allow-Origin "*"');

// Settings
$outputDir = '.' . DIRECTORY_SEPARATOR . 'DA-Save' . DIRECTORY_SEPARATOR;
$debug = true;

/**
 * Saves the File on a specific location on the Server
 *
 * @param string $targetFile - Save-Path of the File
 * @param string $sourceUrl - Source-File URL
 * @return int|false - Number of bytes written or false on error
 */
function saveFile($targetFile, $sourceUrl) {
	return file_put_contents($targetFile, file_get_contents($sourceUrl));
}

/**
 * Sanitizes the string for a filesystem
 *
 * @param string $name - Original string (Filename or Dirname)
 * @return false|string - Sanitized string or false on regex error
 */
function sanitizeFileSystemName($name) {
	$name = str_replace(array('?', ':', ';', '<', '>', '{', '}', '#', '~', '+', '*', '|', '\\', '$', '&', '=', 'ยง', '%'), '', $name);
	return mb_ereg_replace('/[^A-Za-z0-9_\-\(\)]/', '', trim(str_replace(array(' ', '/'), '_', $name)));
}

/**
 * Handles a given dir and creates/check if its writeable and such stuff
 *
 * @param string $dirname - Path to check
 */
function handleDir($dirname) {
	global $outputDir;
	global $debug;

	if(! file_exists($dirname)) {
		if(! is_writable($outputDir))
			die('Error: Output dir "' . $outputDir . '" is not write-able on Server');

		// Create directory
		if(mkdir($dirname)){
			if($debug)
				error_log('Created directory on Server: "' . $dirname . '"', E_USER_NOTICE);
		} else
			die('Error: Couldn\'t create the directory "' . $dirname . '"...');
	} else if(! is_dir($dirname))
		die('Error: the current sub-dir is not a directory, it\'s a file...');
}

/**
 * Handles an save file from Post-Request
 */
function saveFileFromPostRequest() {
	global $debug;
	global $outputDir;

	$artistName = null;
	$imageTitle = null;
	$downloadUri = null;
	$sortInsideDirs = null;
	$saveLocation = $outputDir;
	$ext = null;

	// Get all POST vars
	if(isset($_POST['artist']))
		$artistName = $_POST['artist'];
	if(isset($_POST['imageTitle']))
		$imageTitle = $_POST['imageTitle'];
	if(isset($_POST['url']))
		$downloadUri = $_POST['url'];
	if(isset($_POST['directoryTreeByArtists']))
		$sortInsideDirs = (bool) $_POST['directoryTreeByArtists'];

	// Check for missing values
	if(! $artistName || ! $imageTitle || ! $downloadUri || $sortInsideDirs === null) {
		if($debug)
			error_log(
				'Warning: Missing values: Artistname is "' . $artistName . '" | Image-Title is "' . $imageTitle . '" | DownloadUri is "' . $downloadUri . '" | Sort inside dirs is ' . (($sortInsideDirs === null) ? 'not given' : 'given (ok)')
			);

		die('Error: Missing POST values, please provide all information for the Server to handle the file...');
	}

	if($sortInsideDirs) {
		$saveLocation .= basename(sanitizeFileSystemName($artistName)) . DIRECTORY_SEPARATOR;

		handleDir($saveLocation);
	}

	if(preg_match('/\.png/i', $downloadUri))
		$ext = 'png';
	else if(preg_match('/\.jpe?g/i', $downloadUri))
		$ext = 'jpg';
	else if(preg_match('/\.gif/i', $downloadUri))
		$ext = 'gif';

	if(! $ext)
		die('Error: No File-Extension found on URI "' . $downloadUri . '"...');

	// Check if server can write on that dir
	if(! is_writable($saveLocation))
		die('Error: Save-Location "' . $saveLocation . '" is not write-able on Server');

	// Create filename
	$saveLocation .= basename(sanitizeFileSystemName($imageTitle) . '_' . sanitizeFileSystemName($artistName) . '.' . $ext);

	if(saveFile($saveLocation, $downloadUri))
		die('1'); // Success
	else
		die('Error: Was not able to save the given file...');
}

saveFileFromPostRequest();