skip to Main Content

I have this code for upload images , When i try to use burpsuite to see what happens ,
i can see response from this code showing the location of folder where its uploaded ,
how i can hide this from the response , so the customer cant see where is the files been uploaded in the server,
also how i can fix , stop the upload php files ? when i change the method to . Content-Type: php/image
, the file is uploaded with end of .php
is there any fix for this code?

thanks!

 <?php
    ini_set('display_errors', 0);
    ini_set('error_reporting',0);
    include "query_requests.php";

    function dd($data)
    {
        var_dump($data);
        die();
    }
    


    $target_dir = "uploads2/";
    $target_file = $target_dir . basename($_FILES["uploadfile"]["name"]);
    $id = $_GET['id'];
    $imgName=$id.".".explode('/',$_FILES['uploadfile']["type"])[1];
    $imgID = $_GET['imgID'];
    $_SESSION['imgext']=explode('/',$_FILES['uploadfile']["type"])[1];
    $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
    $target_file = $target_dir . $id."_pic".".".explode('/',$_FILES['uploadfile']["type"])[1];

    if(file_exists($target_file)) {
        chmod($target_file,0755); //Change the file permissions if allowed
        unlink($target_file); //remove the file
    }
    $uploadOk = 1;
    if (isset($_POST["submit"])) {
        $check = getimagesize($_FILES["uploadfile"]["tmp_name"]);
        if ($check !== false) {
            echo "File is an image - " . $check["mime"] . ".";
            $uploadOk = 1;
        } else {
            echo "File is not an image.";
            $uploadOk = 0;
        }
    }

    $size = $_FILES["uploadfile"]["size"];

    if( strcmp($imageFileType,"jpg") == 0  || strcmp($imageFileType,"png") == 0 || strcmp($imageFileType,"jpeg") == 0){


    } else{
        exit(json_encode(array('success' => false, 'msg' => "", 'ext' =>
$imageFileType, 'size' => $size)));

    }
    if ($uploadOk == 0) {
        echo "Sorry, your file was not uploaded.";

    } else {

        $imagetype = $_FILES['uploadfile']["type"];

        if (move_uploaded_file($_FILES["uploadfile"]["tmp_name"], $target_file)) {
            $path = realpath($target_file);
            $curl = curl_init();
   
            curl_setopt_array($curl, array(
                CURLOPT_URL => 'http://',
                CURLOPT_RETURNTRANSFER => true,
                CURLOPT_ENCODING => '',
                CURLOPT_MAXREDIRS => 10,
                CURLOPT_TIMEOUT => 0,
                CURLOPT_FOLLOWLOCATION => true,
                CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
                CURLOPT_CUSTOMREQUEST => 'POST',
                CURLOPT_HTTPHEADER => array(''),
                CURLOPT_POSTFIELDS => array('Image' => new CURLFile($path, $_FILES['uploadfile']["type"], $imgName)),

            ));


            $response = curl_exec($curl);
            $resDec=json_decode($response,1);
            $ident='';
            if($resDec['responseCode']==0){
                $ident=str_replace(' ','',$resDec['results']['id']);
                $ident=trim($ident);
            }

            $imageType=$_FILES["uploadfile"]["type"];
            $condition = " random_id=:random_id ";
            $bind = array('random_id' =>$_GET['id']);

            $identity = findFirst('idintities', $condition, $bind)->fetch();
            if($identity){
                update(array('random_id'=>$id,'json_info'=>$response,'id_num'=>$ident,'img_ext'=>$imageType),$condition,$bind,'idintities');

            }else{
                insertRequest(array('random_id'=>$id,'json_info'=>$response,'id_num'=>$ident,'img_ext'=>$imageType),'idintities');

            }

            $validId = $imgID == $ident ? 1: 0;

      echo json_encode(array('success' => true, 'size' => $size, 'target' => $target_file, 'validId' => $validId, 'info' => $resDec));

        } else {
        
            exit(json_encode(array('success' => false, 'msg' => ""Sorry, there was an error uploading your file.", 'size' => $size)));


        }

    }
?> 

code part of html to upload file image ,

 (progressBar = document.getElementById("progressBar")), (progressOuter = document.getElementById("progressOuter")), (msgBox = document.getElementById("msgBox"));
            var identValid = true;
            var btn = document.getElementById("uploadBtn");
            var uploader = new ss.SimpleUpload({
                button: btn,
                url: "upload.php?id=",
                name: "uploadfile",
                multipart: true,
                hoverClass: "hover",
                focusClass: "focus",
                responseType: "json",
                startXHR: function () {
                    progressOuter.style.display = "block";
                    this.setProgressBar(progressBar);
                },

2

Answers


  1. Here’s how you can add the check into your code:

    $uploadOk = 1;
    if (isset($_POST["submit"])) {
        $check = getimagesize($_FILES["uploadfile"]["tmp_name"]);
        if ($check !== false) {
            echo "File is an image - " . $check["mime"] . ".";
            $uploadOk = 1;
        } else {
            echo "File is not an image.";
            $uploadOk = 0;
        }
        $filename = $_FILES['video_file']['name'];
        $ext = pathinfo($filename, PATHINFO_EXTENSION);
        if ($ext == 'php') {
            echo 'error: You should not upload PHP files.';
            $uploadOk = 0;
        }
    }
    

    Please note that this code only looks at the extension of the file that was uploaded. Extensions can be changed, so they don’t necessarily reflect the content of the file.

    Login or Signup to reply.
  2. You have so many issues with your code I do not know where to begin.
    And you need to clarify what it is you are trying to do

    You should show your upload HTML.

    The following is an app where the user uploads an image, the image is converted to a webp image and transmitted to a PHP script and saved as a .webp image.

    The HTML

    <form action="upload.php" method="post" enctype="multipart/form-data">
    Upload an Image from your device <br>
    <input type="file" name="image1[]" multiple accept="image/png, image/jpeg, image/gif, image/webp" /><br>
    <button type="submit">Upload Image(s)</button>
    

    The upload.php

    if( is_uploaded_file($_FILES['image1']['tmp_name']) || !($_FILES['image1']['error'] !== UPLOAD_ERR_OK)){
    
      $save = false;
      switch(strtolower($_FILES['image1']['type'])){
      case 'image/jpeg':
        $image = @imagecreatefromjpeg($_FILES['image1']['tmp_name']);
        if ($image !== false){$save = true;break;}
      case 'image/png':
        $image = @imagecreatefrompng($_FILES['image1']['tmp_name']);
        if ($image !== false){$save = true;break;}
      case 'image/gif':
        $image = @imagecreatefromgif($_FILES['image1']['tmp_name']);
        if ($image !== false){$save = true;break;}
      case 'image/webp':
        $image = @imagecreatefromwebp($_FILES['image1']['tmp_name']);
        if ($image !== false){$save = true;break;}
      default:
        $img = @getimagesize($_FILES['image1']['tmp_name']);
        switch(strtolower($img['mime'])){
        case 'image/jpeg':
          $image = @imagecreatefromjpeg($_FILES['image1']['tmp_name']);
          if ($image !== false){$save = true;break;}
        case 'image/png':
          $image = @imagecreatefrompng($_FILES['image1']['tmp_name']);
          if ($image !== false){$save = true;break;}
        case 'image/gif':
          $image = @imagecreatefromgif($_FILES['image1']['tmp_name']);
          if ($image !== false){$save = true;break;}
        default:
          $filename = $_FILES['image1']['name'];
          $ext = substr($filename,-3);
          switch(strtolower($ext)){
          case 'jpg':
            $image = @imagecreatefromjpeg($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
          case 'ebp':
            $image = @imagecreatefromwebp($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
          case 'gif':
            $image = @imagecreatefromgif($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
          case 'png':
            $image = @imagecreatefrompng($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
          default:
            $image = @imagecreatefromjpeg($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
            $image = @imagecreatefrompng($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
            $image = @imagecreatefromgif($_FILES['image1']['tmp_name']);
            if ($image !== false){$save = true;break;}
          }
        }
        if($save){imagewebp($image, $filename,70);}
        $post= base64_encode($image);
        $curl = curl_init($url);
        $request = array();
        $request[] = "Content-Type: text/plain" ;
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
        curl_setopt($ch, CURLOPT_HTTPHEADER, $request);
        curl_setopt($ch, CURLOPT_ENCODING,"");
    
        curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
        curl_setopt($ch, CURLOPT_TIMEOUT,10);
        curl_setopt($ch, CURLOPT_FAILONERROR,true);
        curl_setopt($ch, CURLOPT_ENCODING,"");
    
        $response = curl_exec($ch);
        echo $response;
    

    The receiving script ($url)

    $base64 = file_get_contents('php://input');
    $image = base64_decode($base64);
    $filename = 'image.webp';
    file_put_contents($filename,$image)
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search