PostERG/posterg-formulaire
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
763ad7d72236658d662060806b4ca4de1f14860e
posterg-formulaire/formulaire.php
Pontoporeia 763ad7d722 rewrite v0.8
2023-05-02 12:15:28 +02:00

103 lines
3.3 KiB
PHP
Raw Blame History

<?php // formulaire.php
// Configure error reporting
ini_set('display_errors', 0);
ini_set('log_errors', 1);
ini_set('error_log', 'error.log');
require_once 'vendor/autoload.php';
use Symfony\Component\Yaml\Yaml;
use Behat\Transliterator\Transliterator;
// Define variables
$yamlFolder = "data/yaml/";
$date = date("Y-m-d");
// Sanitize input data
$auteurice = filter_var($_POST["auteurice"], FILTER_SANITIZE_STRING);
$annee = filter_var($_POST["année"], FILTER_SANITIZE_NUMBER_INT);
$mail = filter_var($_POST["mail"], FILTER_SANITIZE_EMAIL);
$titre = filter_var($_POST["titre"], FILTER_SANITIZE_STRING);
$tag = filter_var($_POST["tag"], FILTER_SANITIZE_STRING);
$promoteurice = filter_var($_POST["promoteurice"], FILTER_SANITIZE_STRING);
$problematique = filter_var($_POST["problématique"], FILTER_SANITIZE_STRING);
$resume = filter_var($_POST["résumé"], FILTER_SANITIZE_STRING);
$orientation = filter_var($_POST["orientation"], FILTER_SANITIZE_STRING);
$ap = filter_var($_POST["ap"], FILTER_SANITIZE_STRING);
$files = $_FILES["files"];
$uploadedFiles = [];
// Create necessary directories
$memoireFolder = "data/content/{$annee}/{$auteurice}/";
if (!file_exists($yamlFolder)) {
mkdir($yamlFolder, 0755, true);
}
if (!file_exists($memoireFolder)) {
mkdir($memoireFolder, 0755, true);
}
$targetDir = $memoireFolder;
// Generate unique file name
$uniqueId = time() . "_" . rand(1000, 9999);
$sanitizedAuteurice = Transliterator::transliterate($auteurice);
$uniqueFileName = $sanitizedAuteurice . "_" . $date . "_" . $uniqueId;
// Define security constraints
$allowedMimeTypes = ['image/jpeg', 'image/png', 'application/pdf'];
$allowedExtensions = ['jpg', 'jpeg', 'png', 'pdf'];
$maxFileSize = 5 * 1024 * 1024; // 5 MB
// Process uploaded files
if (is_array($files["name"])) {
for ($i = 0; $i < count($files["name"]); $i++) {
// Check MIME type and file extension
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mimeType = $finfo->file($files["tmp_name"][$i]);
$fileExtension = pathinfo($files["name"][$i], PATHINFO_EXTENSION);
if (!in_array($mimeType, $allowedMimeTypes) || !in_array($fileExtension, $allowedExtensions)) {
echo "Invalid file type or extension: " . $files["name"][$i] . "<br>";
continue;
}
// Check file size
if ($files["size"][$i] > $maxFileSize) {
echo "File is too large: " . $files["name"][$i] . "<br>";
continue;
}
// Move and set permissions for the uploaded file
$targetFile = $targetDir . basename($files["name"][$i]);
move_uploaded_file($files["tmp_name"][$i], $targetFile);
chmod($targetFile, 0644);
$uploadedFiles[] = $targetFile;
}
}
// Prepare form data for YAML
$formData = [
'auteurice' => $auteurice,
'année' => $annee,
'email' => $mail,
'titre' => $titre,
'tag' => $tag,
'promoteurice' => $promoteurice,
'problématique' => $problematique,
'resume' => $resume,
'orientation' => $orientation,
'ap' => $ap,
'files' => $uploadedFiles
];
// Convert form data to YAML
$yamlData = Yaml::dump($formData);
// Save YAML file
$yamlFilePath = $yamlFolder . $uniqueFileName . ".yaml";
file_put_contents($yamlFilePath, $yamlData);
// Redirect to the thank you page
header('Location: thanks.php?file=' . urlencode($yamlFilePath));
Reference in New Issue View Git Blame Copy Permalink