From 70001610f11eeb246a26467602e0568dcc5c32ba Mon Sep 17 00:00:00 2001
From: Tobias Herre <tobias.herre@wikimedia.de>
Date: Thu, 25 Nov 2021 01:12:01 +0100
Subject: [PATCH] Enabled jpg/png/tiff/gif uploads.

---
 upload.php | 44 ++++++++++++++++++++++++++++++++++++++------
 1 file changed, 38 insertions(+), 6 deletions(-)

diff --git a/upload.php b/upload.php
index 23bba7b..1d77d6f 100644
--- a/upload.php
+++ b/upload.php
@@ -4,7 +4,6 @@ session_start();
 #error_log("Here is upload.php");
 include "config.php";
 
-file_put_contents("/tmp/log.txt", "uploadder\n", FILE_APPEND | LOCK_EX);
 
 function xvar_dump ($x)	{
 	ob_start();
@@ -12,9 +11,31 @@ function xvar_dump ($x)	{
 	return  ob_get_clean();
 }
 
+$fff = xvar_dump($_FILES);
+file_put_contents("/tmp/log.txt", "uploader\n", FILE_APPEND | LOCK_EX);
+file_put_contents("/tmp/log.txt", "$fff\n", FILE_APPEND | LOCK_EX);
+
+
+if (!count($_FILES)){
+	file_put_contents("/tmp/log.txt", "ERRORZWEIK\n", FILE_APPEND | LOCK_EX);
+
+	$jo = array(
+		"type" => "error" 
+	);
+	$j = json_encode ($jo);
+	echo $j;
+	$x = xvar_dump($j);
+	file_put_contents("/tmp/log.txt", "$j\n", FILE_APPEND | LOCK_EX);
+	file_put_contents("/tmp/log.txt", "$x\n", FILE_APPEND | LOCK_EX);
+
+	return;
+}
+
+
 $jo = array();
 
 foreach ($_FILES as $key=>$files){
+	file_put_contents("/tmp/log.txt", "MIME: tester\n", FILE_APPEND | LOCK_EX);
 
 	for ($i=0; $i < count($files['name']); $i++){
 		$tmpname = $files['tmp_name'][$i];
@@ -33,18 +54,26 @@ foreach ($_FILES as $key=>$files){
 			);
 
 			file_put_contents("/tmp/log.txt", "file-$key-$i\n", FILE_APPEND | LOCK_EX);
-			file_put_contents("/tmp/log.txt", $files['name'][$i], FILE_APPEND | LOCK_EX);
+			file_put_contents("/tmp/log.txt", $files['name'][$i]."\n", FILE_APPEND | LOCK_EX);
 
 			$_SESSION['files'][$tmpname]['content']=file_get_contents($tmpname);
 			$_SESSION['files'][$tmpname]['row']=$_GET['row'];
 
-		}else if ($ft == "image/jpeg") {
+		}else if (
+			$ft == "image/jpeg" || 
+			$ft == "image/png"  ||
+			$ft == "image/tiff" ||
+			$ft == "image/bmp" ||
+			$ft == "image/gif" 
+
+		){
 			$jo ["file-$key-$i"] = array(
 				"url" => "url.txt",
 				"name" => $files['name'][$i],
 				"id" => $tmpname,
 				"size" => sprintf("%0.1fK",$files['size'][$i]/1024.0)
 			);
+			file_put_contents("/tmp/log.txt", "BILD detected\n", FILE_APPEND | LOCK_EX);
 			file_put_contents("/tmp/log.txt", "file-$key-$i\n", FILE_APPEND | LOCK_EX);
 			file_put_contents("/tmp/log.txt", $files['name'][$i], FILE_APPEND | LOCK_EX);
 			$tmpfname = tempnam("/tmp", "FOO");
@@ -55,10 +84,9 @@ foreach ($_FILES as $key=>$files){
 
 			$_SESSION['files'][$tmpname]['content']=file_get_contents($tmpfname);
 			$_SESSION['files'][$tmpname]['row']=$_GET['row'];
-		#	unlink ($tmpfname);
+			unlink ($tmpfname);
 
-		}
-		else {
+		}else {
 			file_put_contents("/tmp/log.txt", "ERRORZWEIK\n", FILE_APPEND | LOCK_EX);
 
 			$jo = array(
@@ -66,6 +94,10 @@ foreach ($_FILES as $key=>$files){
 			);
 			$j = json_encode ($jo);
 			echo $j;
+			$x = xvar_dump($j);
+			file_put_contents("/tmp/log.txt", "$j\n", FILE_APPEND | LOCK_EX);
+			file_put_contents("/tmp/log.txt", "$x\n", FILE_APPEND | LOCK_EX);
+
 			return;
 		}