|
<?php |
|
header('Content-Type: application/json'); |
|
|
|
|
|
$allowed_types = ['image/jpeg', 'image/png', 'image/gif', 'image/webp']; |
|
$max_size = 20 * 1024 * 1024; |
|
|
|
try { |
|
|
|
$upload_dir = __DIR__ . '/uploads/images/'; |
|
if (!is_dir($upload_dir)) { |
|
|
|
if (!mkdir($upload_dir, 0755, true)) { |
|
throw new Exception('无法创建上传目录,请检查权限'); |
|
} |
|
|
|
|
|
$htaccess = $upload_dir . '.htaccess'; |
|
if (!file_exists($htaccess)) { |
|
$htaccess_content = "Options -Indexes\n"; |
|
$htaccess_content .= "DirectoryIndex 403.html\n"; |
|
$htaccess_content .= "AddType text/plain .php\n"; |
|
$htaccess_content .= "AddType text/plain .html\n"; |
|
$htaccess_content .= "AddType text/plain .htm\n"; |
|
$htaccess_content .= "AddType text/plain .htaccess\n"; |
|
file_put_contents($htaccess, $htaccess_content); |
|
} |
|
|
|
|
|
$index_html = $upload_dir . 'index.html'; |
|
if (!file_exists($index_html)) { |
|
file_put_contents($index_html, '<!DOCTYPE html><html><head><title>403 Forbidden</title></head><body><h1>403 Forbidden</h1></body></html>'); |
|
} |
|
|
|
|
|
$forbidden_page = $upload_dir . '403.html'; |
|
if (!file_exists($forbidden_page)) { |
|
file_put_contents($forbidden_page, '<!DOCTYPE html><html><head><title>403 Forbidden</title></head><body><h1>403 Forbidden</h1><p>Access to this directory is forbidden.</p></body></html>'); |
|
} |
|
} |
|
|
|
if (!isset($_FILES['image'])) { |
|
throw new Exception('没有收到图片文件'); |
|
} |
|
|
|
$file = $_FILES['image']; |
|
|
|
|
|
if ($file['error'] !== UPLOAD_ERR_OK) { |
|
throw new Exception('文件上传错误: ' . $file['error']); |
|
} |
|
|
|
|
|
if (!in_array($file['type'], $allowed_types)) { |
|
throw new Exception('不支持的文件类型'); |
|
} |
|
|
|
|
|
if ($file['size'] > $max_size) { |
|
throw new Exception('文件大小超过限制'); |
|
} |
|
|
|
|
|
$extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); |
|
$filename = uniqid() . '_' . bin2hex(random_bytes(8)) . '.' . $extension; |
|
|
|
|
|
$filepath = $upload_dir . $filename; |
|
if (!move_uploaded_file($file['tmp_name'], $filepath)) { |
|
throw new Exception('文件保存失败'); |
|
} |
|
|
|
|
|
chmod($filepath, 0644); |
|
|
|
|
|
$images_htaccess = $upload_dir . '.htaccess'; |
|
if (!file_exists($images_htaccess)) { |
|
$cache_rules = " |
|
<IfModule mod_expires.c> |
|
ExpiresActive On |
|
ExpiresByType image/jpg \"access plus 1 year\" |
|
ExpiresByType image/jpeg \"access plus 1 year\" |
|
ExpiresByType image/gif \"access plus 1 year\" |
|
ExpiresByType image/png \"access plus 1 year\" |
|
ExpiresByType image/webp \"access plus 1 year\" |
|
</IfModule> |
|
|
|
<IfModule mod_headers.c> |
|
<FilesMatch \"\.(jpg|jpeg|png|gif|webp)$\"> |
|
Header set Cache-Control \"public, max-age=31536000\" |
|
</FilesMatch> |
|
</IfModule> |
|
|
|
Options -Indexes |
|
DirectoryIndex 403.html |
|
AddType text/plain .php |
|
AddType text/plain .html |
|
AddType text/plain .htm |
|
AddType text/plain .htaccess |
|
"; |
|
file_put_contents($images_htaccess, $cache_rules); |
|
} |
|
|
|
|
|
echo json_encode([ |
|
'success' => true, |
|
'url' => '/uploads/images/' . $filename |
|
]); |
|
|
|
} catch (Exception $e) { |
|
error_log('Image upload error: ' . $e->getMessage()); |
|
http_response_code(400); |
|
echo json_encode([ |
|
'success' => false, |
|
'message' => $e->getMessage() |
|
]); |
|
} |
|
|
