$desc = $_POST['desc']; // check file data if (!$file) { Util::log_and_die("Bad client upload request: no file data"); } // check required field if (!$from || !$title) { Util::log_and_die("Bad client upload request: required fields are missing"); } // generate md5 id for uploaded file $md5_id = md5_file($file["tmp_name"]); if (!$md5_id) { Util::log_and_die("Server error: can't generate md5 id for uploaded file"); } // initiate db connection FileDB::init(); // duplication check if (FileDB::check_duplicate($md5_id)) { Util::log_and_die("Bad client upload request: duplicated file for " . $md5_id); } // type and size check $type = strtolower(pathinfo($file["name"], PATHINFO_EXTENSION)); $size = $_FILES['file']['size']; if ($size > MAXSIZE) { Util::log_and_die("Bad client upload request: file exceed size limit(" . MAXSIZE . "kb)"); } elseif (!in_array($type, $allowed_types)) { Util::log_and_die("Bad client upload request: unacceptable file format"); } // build upload path $upload_dir = "uploads/"; $ext = $type;