From 282a0443aee02f9664f11af08c645cc706605f18 Mon Sep 17 00:00:00 2001
From: ENGO150 <v.smejkal06@gmail.com>
Date: Fri, 24 May 2024 17:02:05 +0200
Subject: [PATCH] checking for possible issues on upload_picture api

---
 res/forum/api/upload_picture.php | 37 +++++++++++++++++++++++++++++++-
 1 file changed, 36 insertions(+), 1 deletion(-)

diff --git a/res/forum/api/upload_picture.php b/res/forum/api/upload_picture.php
index 70a9399..81001ac 100644
--- a/res/forum/api/upload_picture.php
+++ b/res/forum/api/upload_picture.php
@@ -1,6 +1,41 @@
 <?php
 
-$status = 0;
+include("../../global.php");
+session_start();
 
+if (!isset($_SESSION["username"])) goto fail;
+
+$out = $database -> query("SELECT username, admin FROM user WHERE BINARY username=\"" . $_SESSION["username"] . "\" AND admin=\"1\"");
+
+if ($out -> num_rows != 1)
+{
+    fail:
+    echo "nope";
+    header("Location: ../../../index.php");
+    return;
+}
+
+$status = 0;
+$supported_formats = array("jpg", "jpeg", "png", "webp");
+
+if (!isset($_FILES["file_upload"]))
+{
+    $status = 1;
+    goto send;
+}
+
+if (!isset($_POST["name"]))
+{
+    $status = 2;
+    goto send;
+}
+
+if (!in_array(strtolower(pathinfo($_FILES["file_upload"]["name"], PATHINFO_EXTENSION)), $supported_formats))
+{
+    $status = 3;
+    goto send;
+}
+
+send:
 header('Content-type: application/json');
 echo json_encode(["status" => $status]);
\ No newline at end of file