mirror of
https://codeberg.org/PostERG/xamxam.git
synced 2026-06-25 16:19:19 +02:00
46 lines
1.4 KiB
PHP
46 lines
1.4 KiB
PHP
<?php
|
|
/**
|
|
* upload-progress.php
|
|
*
|
|
* Returns the current upload/processing progress for a given token.
|
|
* Called by the client-side upload-progress.js while the form XHR is in flight.
|
|
*
|
|
* GET /admin/actions/upload-progress.php?token=<token>
|
|
*
|
|
* Response: JSON
|
|
* { "stage": "upload"|"processing"|"done", "pct": 45, "file": "video.mp4" }
|
|
*
|
|
* Progress data is written by ThesisEditController / ThesisCreateController
|
|
* to a temp file during processing.
|
|
*/
|
|
|
|
require_once __DIR__ . '/../../../bootstrap.php';
|
|
// No AdminAuth check here — this endpoint is called by client-side JS during
|
|
// both admin and partage (student) form uploads. Access is guarded by the
|
|
// progress token (64 bits of entropy, fresh per form render) which must match
|
|
// a temp file that only exists during an active upload.
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
$token = $_GET['token'] ?? '';
|
|
if (!preg_match('/^[a-f0-9]{16}$/', $token)) {
|
|
echo json_encode(['stage' => 'error', 'error' => 'Invalid token']);
|
|
exit;
|
|
}
|
|
|
|
$progressFile = sys_get_temp_dir() . '/xamxam_upload_' . $token . '.json';
|
|
|
|
if (!file_exists($progressFile)) {
|
|
// No progress file yet — still in upload phase (or token invalid)
|
|
echo json_encode(['stage' => 'upload', 'pct' => 0, 'file' => '']);
|
|
exit;
|
|
}
|
|
|
|
$data = json_decode(file_get_contents($progressFile), true);
|
|
if (!$data) {
|
|
echo json_encode(['stage' => 'upload', 'pct' => 0, 'file' => '']);
|
|
exit;
|
|
}
|
|
|
|
echo json_encode($data);
|