1 files changed, 41 insertions, 0 deletions

diff --git a/app/class/globals.php b/app/class/globals.php
index 5a03da9..615efa6 100644
--- a/app/class/globals.php
+++ b/app/class/globals.php
@@ -103,4 +103,45 @@ function getErrors(string $level) : array
     return $_SCROTT[$level];
 }
 
+/*
+ * Save an uploaded file and impose some constraints on supplied
+ * data.  Caller can optionally pass some strings by reference to
+ * be given the supplied file's original name and mime-type.
+ * Maxsize is in bytes.  If this function returns false, the
+ * appropriate error will be logged.
+ */
+function saveFile(array $file, string $path, int $maxsize, ?array $allowedMime = NULL,
+    ?string &$origName = NULL, ?string &$origMime = NULL) : bool
+{
+    if ($file['error'] > 0)
+    {
+        if ($file['error'] != UPLOAD_ERR_NO_FILE)
+            logError(ERROR, "An unknown error occurred");
+
+        return false;
+    }
+
+    if ($file['size'] > $maxsize)
+    {
+        logError(ERROR, "File must be no larger than " . $maxsize . " bytes");
+        return false;
+    }
+
+    if (is_array($allowedMime) && array_search($file['type'], $allowedMime) === false)
+    {
+        logError(ERROR, "File type is not supported");
+        return false;
+    }
+
+    if (!move_uploaded_file($file['tmp_name'], $path))
+    {
+        logError(ERROR, "Error saving uploaded file");
+        return false;
+    }
+
+    $origName = $file['name'];
+    $origMime = $file['type'];
+    return true;
+}
+
 ?>