From 1f479927e2649cb46262a2bae59395c01ccb5c96 Mon Sep 17 00:00:00 2001 From: Fabian Schieder Date: Sun, 25 Jan 2026 22:57:18 +0100 Subject: [PATCH] Refactor error handling in file upload process to simplify response and improve logging --- upload.php | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/upload.php b/upload.php index 29f0fd3..b42bc7d 100644 --- a/upload.php +++ b/upload.php @@ -31,8 +31,7 @@ $file = $_FILES['uploadFile']; $fileError = isset($file['error']) ? (int)$file['error'] : UPLOAD_ERR_NO_FILE; if ($fileError !== UPLOAD_ERR_OK) { - error_log('Upload: PHP upload error code=' . $fileError); - header('Location: account.php?upload=err&code=php_' . $fileError); + header('Location: account.php?upload=err'); exit(); } @@ -40,8 +39,7 @@ if ($fileError !== UPLOAD_ERR_OK) $tmp = isset($file['tmp_name']) ? (string)$file['tmp_name'] : ''; if ($tmp === '' || !is_uploaded_file($tmp)) { - error_log('Upload: tmp missing or not uploaded. tmp=' . $tmp); - header('Location: account.php?upload=err&code=tmp'); + header('Location: account.php?upload=err'); exit(); } @@ -56,29 +54,27 @@ $mime = $finfo->file($tmp); if (!$mime || !isset($allowedMimeToExt[$mime])) { - error_log('Upload: invalid mime=' . (string)$mime); - header('Location: account.php?upload=err&code=mime'); + header('Location: account.php?upload=err'); exit(); } $ext = $allowedMimeToExt[$mime]; -// Zielordner IM Projekt (Webroot): assets/images/profilePictures -// Damit vermeiden wir alle DOCUMENT_ROOT/Alias/VHost Probleme. -$targetDir = rtrim(__DIR__, "\\/") . '/assets/images/profilePictures'; - -// Diagnose (landet im PHP/Apache Error-Log) +// Wichtig: Auf Linux ist ein Pfad mit führendem "/" ein Pfad ab Dateisystem-Root. +// Für move_uploaded_file() brauchen wir einen Dateisystempfad; die Public-URL ist separat. $documentRoot = isset($_SERVER['DOCUMENT_ROOT']) ? (string)$_SERVER['DOCUMENT_ROOT'] : ''; -error_log('Upload: DOCUMENT_ROOT=' . $documentRoot . ' __DIR__=' . __DIR__ . ' targetDir=' . $targetDir); +$webRoot = rtrim($documentRoot, "\\/"); +$targetDir = $webRoot !== '' + ? $webRoot . '/FSST/Website' + : __DIR__ . '/FSST/Website/assets/images/profilePictures'; if (!is_dir($targetDir)) { $mkOk = @mkdir($targetDir, 0755, true); if (!$mkOk) { - $lastErr = error_get_last(); - error_log('Upload: mkdir failed for ' . $targetDir . ' - ' . (is_array($lastErr) && isset($lastErr['message']) ? $lastErr['message'] : 'unknown')); - header('Location: account.php?upload=err&code=mkdir'); + error_log('Upload: mkdir failed for ' . $targetDir); + header('Location: account.php?upload=err'); exit(); } } @@ -86,7 +82,7 @@ if (!is_dir($targetDir)) if (!is_writable($targetDir)) { error_log('Upload: targetDir not writable: ' . $targetDir); - header('Location: account.php?upload=err&code=perm'); + header('Location: account.php?upload=err'); exit(); } @@ -95,14 +91,13 @@ $rand = uniqid('', true); $rand = str_replace('.', '', $rand); $filename = 'user_' . $userId . '_' . $rand . '.' . $ext; $targetPath = rtrim($targetDir, "\\/") . DIRECTORY_SEPARATOR . $filename; -error_log('Upload: resolved targetPath=' . $targetPath); if (!move_uploaded_file($tmp, $targetPath)) { $lastErr = error_get_last(); $lastErrMsg = (is_array($lastErr) && isset($lastErr['message'])) ? (string)$lastErr['message'] : 'unknown'; error_log('Upload: move_uploaded_file failed to ' . $targetPath . ' - ' . $lastErrMsg); - header('Location: account.php?upload=err&code=move'); + header('Location: account.php?upload=err'); exit(); }