fix: handle missing fileinfo extension for logo upload
finfo_open() is not available on CloudLinux alt-php84. Now validates by file extension first, and only uses finfo if the extension is available. Falls back gracefully. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
26
api.php
26
api.php
@@ -706,18 +706,28 @@ switch ($action) {
|
||||
echo json_encode(['error' => 'Logo on liian suuri (max 2MB)']);
|
||||
break;
|
||||
}
|
||||
// Validoi tyyppi
|
||||
$allowedTypes = ['image/png', 'image/jpeg', 'image/svg+xml', 'image/webp'];
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
$detectedType = finfo_file($finfo, $file['tmp_name']);
|
||||
finfo_close($finfo);
|
||||
if (!in_array($detectedType, $allowedTypes)) {
|
||||
// Validoi tyyppi (tiedostopäätteen + mahdollisen finfo:n perusteella)
|
||||
$allowedExtensions = ['png', 'jpg', 'jpeg', 'svg', 'webp'];
|
||||
$origExt = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
|
||||
if (!in_array($origExt, $allowedExtensions)) {
|
||||
http_response_code(400);
|
||||
echo json_encode(['error' => 'Sallitut tiedostotyypit: PNG, JPG, SVG, WebP']);
|
||||
break;
|
||||
}
|
||||
$extMap = ['image/png' => 'png', 'image/jpeg' => 'jpg', 'image/svg+xml' => 'svg', 'image/webp' => 'webp'];
|
||||
$ext = $extMap[$detectedType] ?? 'png';
|
||||
// Käytä finfo:a jos saatavilla, muuten luota tiedostopäätteeseen
|
||||
if (function_exists('finfo_open')) {
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
$detectedType = finfo_file($finfo, $file['tmp_name']);
|
||||
finfo_close($finfo);
|
||||
$allowedMimes = ['image/png', 'image/jpeg', 'image/svg+xml', 'image/webp'];
|
||||
if (!in_array($detectedType, $allowedMimes)) {
|
||||
http_response_code(400);
|
||||
echo json_encode(['error' => 'Sallitut tiedostotyypit: PNG, JPG, SVG, WebP']);
|
||||
break;
|
||||
}
|
||||
}
|
||||
$extNormalize = ['jpeg' => 'jpg'];
|
||||
$ext = $extNormalize[$origExt] ?? $origExt;
|
||||
$newFilename = 'logo.' . $ext;
|
||||
$compDir = DATA_DIR . '/companies/' . $companyId;
|
||||
// Luo kansio tarvittaessa (data on nyt MySQL:ssä, kansio vain logoille)
|
||||
|
||||
@@ -1,69 +0,0 @@
|
||||
<?php
|
||||
// Testaa koko upload-flow ilman autentikaatiota
|
||||
ini_set('display_errors', '1');
|
||||
error_reporting(E_ALL);
|
||||
header('Content-Type: text/plain; charset=utf-8');
|
||||
|
||||
require_once __DIR__ . '/db.php';
|
||||
|
||||
define('DATA_DIR', __DIR__ . '/data');
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['logo'])) {
|
||||
$companyId = $_POST['company_id'] ?? 'web1';
|
||||
$file = $_FILES['logo'];
|
||||
|
||||
echo "Upload tiedot:\n";
|
||||
echo " company_id: $companyId\n";
|
||||
echo " name: {$file['name']}\n";
|
||||
echo " type: {$file['type']}\n";
|
||||
echo " size: {$file['size']}\n";
|
||||
echo " error: {$file['error']}\n";
|
||||
echo " tmp_name: {$file['tmp_name']}\n\n";
|
||||
|
||||
if ($file['error'] !== UPLOAD_ERR_OK) {
|
||||
echo "❌ Upload error: {$file['error']}\n";
|
||||
exit;
|
||||
}
|
||||
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
$detectedType = finfo_file($finfo, $file['tmp_name']);
|
||||
finfo_close($finfo);
|
||||
echo " detected mime: $detectedType\n\n";
|
||||
|
||||
$extMap = ['image/png' => 'png', 'image/jpeg' => 'jpg', 'image/svg+xml' => 'svg', 'image/webp' => 'webp'];
|
||||
$ext = $extMap[$detectedType] ?? 'unknown';
|
||||
$newFilename = 'logo.' . $ext;
|
||||
|
||||
$compDir = DATA_DIR . '/companies/' . $companyId;
|
||||
if (!file_exists($compDir)) mkdir($compDir, 0755, true);
|
||||
|
||||
echo "Tallenna: $compDir/$newFilename\n";
|
||||
$ok = move_uploaded_file($file['tmp_name'], $compDir . '/' . $newFilename);
|
||||
echo $ok ? "✅ Tiedosto tallennettu!\n" : "❌ move_uploaded_file epäonnistui\n";
|
||||
|
||||
if ($ok) {
|
||||
$companies = dbLoadCompanies();
|
||||
foreach ($companies as $comp) {
|
||||
if ($comp['id'] === $companyId) {
|
||||
$comp['logo_file'] = $newFilename;
|
||||
try {
|
||||
dbSaveCompany($comp);
|
||||
echo "✅ Kanta päivitetty (logo_file = $newFilename)\n";
|
||||
} catch (Throwable $e) {
|
||||
echo "❌ DB virhe: " . $e->getMessage() . "\n";
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
echo "\nJSON response olisi:\n";
|
||||
echo json_encode(['success' => true, 'logo_file' => $newFilename, 'logo_url' => "api.php?action=company_logo&company_id=" . urlencode($companyId)]);
|
||||
}
|
||||
} else {
|
||||
echo "Käytä POST-lomaketta:\n\n";
|
||||
header('Content-Type: text/html; charset=utf-8');
|
||||
echo '<form method="POST" enctype="multipart/form-data">
|
||||
<input type="hidden" name="company_id" value="web1">
|
||||
<input type="file" name="logo" accept="image/*">
|
||||
<button type="submit">Upload logo</button>
|
||||
</form>';
|
||||
}
|
||||
Reference in New Issue
Block a user