<?php

/*===============================================*\
|| ############################################# ||
|| # JAKWEB.CH / Version 1.2                   # ||
|| # ----------------------------------------- # ||
|| # Copyright 2021 JAKWEB All Rights Reserved # ||
|| ############################################# ||
\*===============================================*/

if (!file_exists('../config.php')) die('[uploader.php] config.php not found');
require_once '../config.php';

if(!isset($_SESSION['jak_lcp_idhash'])) die("Nothing to see here");

// Import the language file
if (isset($_REQUEST["operatorLanguage"]) && file_exists(APP_PATH.'lang/'.strtolower($_REQUEST["operatorLanguage"]).'.php')) {
    include_once(APP_PATH.'lang/'.strtolower($_REQUEST["operatorLanguage"]).'.php');
} else {
    include_once(APP_PATH.'lang/'.JAK_LANG.'.php');
}

// The new file upload stuff
if (!empty($_FILES['uploadpp']['name']) && is_numeric($_REQUEST["ticketId"])) {
  
  // Ticket ID
  $ticketid = $_REQUEST['ticketId'];

  $filename = strtolower($_FILES['uploadpp']['name']); // original filename
  $ls_xtension = pathinfo($filename);
  
  // Check if the extension is valid
  $allowedf = explode(',', JAK_ALLOWEDO_FILES);
  if (in_array(".".$ls_xtension['extension'], $allowedf)) {

  // if mime type is valid
  $mime_type = jak_mime_content_type($_FILES['uploadpp']['name'], $ls_xtension['extension']);
  if ($mime_type) {

  // Get the maximum upload or set to 2
  $postmax = (ini_get('post_max_size') ? filter_var(ini_get('post_max_size'), FILTER_SANITIZE_NUMBER_INT) : "2");
  
  if ($_FILES['uploadpp']['size'] <= ($postmax * 1000000)) {
  
    // first get the target path
    $targetPathd = CLIENT_UPLOAD_DIR.'/'.$opcacheid.'/support/'.$ticketid.'/';
    $targetPath =  str_replace("//", "/", $targetPathd);

    // Create the target path
    if (!is_dir($targetPath)) mkdir($targetPath, 0755, true);
  
      $tempFile = $_FILES['uploadpp']['tmp_name'];
      $name_space = explode(".", $_FILES["uploadpp"]["name"]);
      // Keep the file name but sanitized
      $fileName = mb_ereg_replace("([^\w\s\d\-_~,;\[\]\(\).])", '', $name_space[0]);
    $fileName = mb_ereg_replace("([\.]{2,})", '', $fileName);
    $fileName =  preg_replace('/\s+/', '_', $fileName);
    $ufile = 'o_'.str_replace('.', '_', microtime(true)).'_'.$fileName. '.' . end($name_space);

      // The path to upload
      $targetFile =  str_replace('//', '/', $targetPath).$ufile;
      // The path to show
      $targetShow =  jak_encrypt_decrypt(str_replace('//', '/', '/'.$opcacheid.'/support/'.$ticketid.'/').$ufile.':#:'.$ufile.':#:'.$mime_type);

      // Check if the file is an image
      if(@is_array(getimagesize($tempFile))){
        $isimage = 1;
    } else {
        $isimage = 0;
    }

    // Delete path
    $delpath = str_replace('uploader/', '', JAK_rewrite::jakParseurl(JAK_OPERATOR_LOC, 'support', 'deletef', $ticketid, $ufile));

    // Move file     
      if (move_uploaded_file($tempFile, $targetFile)) {

        // Update counter on ticket
        if (file_exists($targetFile)) $jakdb->update("support_tickets", ["attachments[+]" => 1], ["id" => $ticketid]);

        // Now we update the answer table so we can have it in the conversation.
        $jakdb->insert("ticket_answers", ["ticketid" => $ticketid,
              "operatorid" => JAK_USERID,
              "content" => $ufile,
              "file" => 1,
              "lastedit" => $jakdb->raw("NOW()"),
              "sent" => $jakdb->raw("NOW()")]);

        // success
        $msg = '{"status":"'.$jkl['s'].'", "filepath": "'.$targetShow.'", "filename": "'.$ufile.'", "isimage": '.$isimage.', "delpath": "'.$delpath.'"}';

      }
                  
  } else {
    $msg = $jkl['hd219'];
  }

  } else {
      $msg = $jkl['e13'];
  }
              
  } else {
      $msg = $jkl['e13'];
  }

switch ($_FILES['uploadpp']['error'])
{
     case 0:
     //$msg = "No Error"; // comment this out if you don't want a message to appear on success.
     break;
     case 1:
     $msg = "The file is bigger than this PHP installation allows";
     break;
     case 2:
     $msg = "The file is bigger than this form allows";
     break;
     case 3:
     $msg = "Only part of the file was uploaded";
     break;
     case 4:
     $msg = "No file was uploaded";
     break;
     case 6:
     $msg = "Missing a temporary folder";
     break;
     case 7:
     $msg = "Failed to write file to disk";
     break;
     case 8:
     $msg = "File upload stopped by extension";
     break;
     default:
     $msg = "unknown error ".$_FILES['uploadpp']['error'];
     break;
}

if (isset($msg) && !empty($msg)) {
    $stringData = $msg;
} else { 
  $stringData = '{"status":"'.$jkl['s'].'", "filepath": "'.$targetShow.'", "filename": "'.$ufile.'", "isimage": '.$isimage.', "delpath": "'.$delpath.'"}'; // return json
}
} else {
  $stringData = "error";
}
echo $stringData;
?>