|
|
<?php |
|
|
session_start(); |
|
|
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { |
|
|
header('HTTP/1.1 403 Forbidden'); |
|
|
exit('Access denied'); |
|
|
} |
|
|
|
|
|
class FileUploader { |
|
|
private $uploadDir = '../../uploads/claims/'; |
|
|
private $allowedTypes = ['jpg', 'jpeg', 'png', 'pdf', 'doc', 'docx']; |
|
|
private $maxSize = 5 * 1024 * 1024; |
|
|
|
|
|
public function __construct() { |
|
|
|
|
|
if (!file_exists($this->uploadDir)) { |
|
|
mkdir($this->uploadDir, 0755, true); |
|
|
} |
|
|
} |
|
|
|
|
|
public function upload($file) { |
|
|
try { |
|
|
|
|
|
if ($file['error'] !== UPLOAD_ERR_OK) { |
|
|
throw new Exception('Upload error: ' . $file['error']); |
|
|
} |
|
|
|
|
|
|
|
|
if ($file['size'] > $this->maxSize) { |
|
|
throw new Exception('File size exceeds maximum limit of 5MB'); |
|
|
} |
|
|
|
|
|
|
|
|
$fileExtension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); |
|
|
if (!in_array($fileExtension, $this->allowedTypes)) { |
|
|
throw new Exception('Invalid file type. Allowed types: ' . implode(', ', $this->allowedTypes)); |
|
|
} |
|
|
|
|
|
|
|
|
$filename = uniqid() . '_' . time() . '.' . $fileExtension; |
|
|
$filepath = $this->uploadDir . $filename; |
|
|
|
|
|
|
|
|
if (!move_uploaded_file($file['tmp_name'], $filepath)) { |
|
|
throw new Exception('Failed to move uploaded file'); |
|
|
} |
|
|
|
|
|
return $filename; |
|
|
|
|
|
} catch (Exception $e) { |
|
|
error_log("File Upload Error: " . $e->getMessage()); |
|
|
return false; |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['evidence_file'])) { |
|
|
$uploader = new FileUploader(); |
|
|
$filename = $uploader->upload($_FILES['evidence_file']); |
|
|
|
|
|
if ($filename) { |
|
|
echo json_encode(['success' => true, 'filename' => $filename]); |
|
|
} else { |
|
|
echo json_encode(['success' => false, 'message' => 'File upload failed']); |
|
|
} |
|
|
exit; |
|
|
} |
|
|
?> |
