<?php

/*
fileshare.php - post files from sharex or similar
ed <irc.rizon.net>, MIT-licensed, 2020-09-08
https://ocv.me/dev/fileshare.txt

sharex » destinations » custom uploader settings »
  method: POST
  URL: https://foo.bar/fileshare.php
  Body: Form data (multipart/form-data)
  File form name: hunter2
*/


if (isset($_GET['sauce']))
    die(highlight_file(__FILE__));


(require_once('.fileshare-config.php')) or die('need .fileshare-config.php');
/* example config file ************************************************
<?php
$users = array(
    "hunter2", "/srv/w/ocv.me/i/", "https://ocv.me/i/",
    "fgsfds",  "/home/foo/pics/",  "https://cool.site/ss/"
);
**********************************************************************/


//print_r($_REQUEST);
//file_put_contents("/dev/shm/sharex_dump", print_r($_REQUEST, true ));


$usr = 0;
#print_r($_FILES);
foreach (range(0, count($users), 3) as $i)
{
    if (isset($_FILES[$users[$i]]))
    {
        $usr = $users[$i+0];
        $dir = $users[$i+1];
        $url = $users[$i+2];
        break;
    }
}
if ($usr === 0)
    die('nofup');

$err = $_FILES[$usr]['error'];
if ($err !== UPLOAD_ERR_OK)
    die('fup error: '.$err);

$fh = $_FILES[$usr];
$name = $fh['name'];
$name = trim($name, "./\\ \t\r\n");
$dest = $dir . basename($fh['name']);

if (preg_match('/\.(png|jpg|jpeg|gif|bmp|txt|mp3|ogg|opus|aac|m4a|mp4|mkv|zip|rar|7z|gz|tgz|bz|tbz|xz|txz|webm)$/i', $name) !== 1)
    die('nope');

if (move_uploaded_file($fh['tmp_name'], $dest))
    echo "$url$name";


/*POST /i/fileshare.php HTTP/1.1
Content-Type: multipart/form-data; boundary=--------------------8d0e2aab570c2d8
User-Agent: ShareX 8.5.0
Host: ocv.me:18125
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 104716
Connection: Close

----------------------8d0e2aab570c2d8
Content-Disposition: form-data; name="asdf"; filename="2014-01-18_21-23-47.png"
Content-Type: image/png

<89>PNG...*/

1