false, 'error' => 'Method not allowed']); exit(); } // Configuration $uploadDir = __DIR__ . '/'; $maxFileSize = 2 * 1024 * 1024; // 2MB $allowedTypes = ['image/jpeg', 'image/png', 'image/jpg', 'image/webp', 'image/gif']; // Check if file was uploaded if (!isset($_FILES['file']) || $_FILES['file']['error'] !== UPLOAD_ERR_OK) { $errorMessage = 'No file uploaded or upload error'; if (isset($_FILES['file']['error'])) { switch ($_FILES['file']['error']) { case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: $errorMessage = 'File too large'; break; case UPLOAD_ERR_PARTIAL: $errorMessage = 'File only partially uploaded'; break; case UPLOAD_ERR_NO_FILE: $errorMessage = 'No file selected'; break; default: $errorMessage = 'Unknown upload error'; } } http_response_code(400); echo json_encode(['success' => false, 'error' => $errorMessage]); exit(); } $file = $_FILES['file']; // Validate file size if ($file['size'] > $maxFileSize) { http_response_code(400); echo json_encode(['success' => false, 'error' => 'File size exceeds 2MB limit']); exit(); } // Validate file type $finfo = finfo_open(FILEINFO_MIME_TYPE); $mimeType = finfo_file($finfo, $file['tmp_name']); finfo_close($finfo); if (!in_array($mimeType, $allowedTypes)) { http_response_code(400); echo json_encode(['success' => false, 'error' => 'Invalid file type. Only JPEG, PNG, WEBP, and GIF are allowed']); exit(); } // Generate unique filename $extension = pathinfo($file['name'], PATHINFO_EXTENSION); $timestamp = time(); $random = bin2hex(random_bytes(8)); $filename = $timestamp . '_' . $random . '.' . $extension; $targetPath = $uploadDir . $filename; // Move uploaded file if (move_uploaded_file($file['tmp_name'], $targetPath)) { // Set proper permissions chmod($targetPath, 0644); // Generate URL (supports both HTTP and HTTPS) $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https://' : 'http://'; $host = $_SERVER['HTTP_HOST']; $basePath = dirname($_SERVER['SCRIPT_NAME']); $imageUrl = $protocol . $host . $basePath . '/' . $filename; // Return success response echo json_encode([ 'success' => true, 'message' => 'File uploaded successfully', 'filename' => $filename, 'url' => $imageUrl, 'size' => $file['size'], 'mime_type' => $mimeType ]); } else { http_response_code(500); echo json_encode(['success' => false, 'error' => 'Failed to save file on server']); } ?>