TERMINAL EXPLOIT V2.1
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: POST");
header("Content-Type: application/json");
$response = [
"status" => false,
"message" => "Something went wrong",
"image_url" => null
];
// Path to store images
$uploadRoot = __DIR__ . "/bumppy/";
$cdnBaseUrl = "https://img.bumppy.com/bumppy/";
// Get current year and month with leading zeros
$currentYear = date('Y');
$currentMonth = str_pad(date('m'), 2, '0', STR_PAD_LEFT); // ensures "06", "07" etc.
// Create year and month folder if not exist
$yearDir = $uploadRoot . $currentYear;
$monthDir = $yearDir . "/" . $currentMonth;
if (!file_exists($yearDir)) {
mkdir($yearDir, 0755, true);
}
if (!file_exists($monthDir)) {
mkdir($monthDir, 0755, true);
}
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['image'])) {
$image = $_FILES['image'];
$allowedTypes = ['image/jpeg', 'image/png', 'image/gif', 'image/webp'];
if ($image['error'] !== 0) {
$response['message'] = 'File upload error.';
} elseif (!in_array($image['type'], $allowedTypes)) {
$response['message'] = 'Invalid file type.';
} else {
$ext = pathinfo($image['name'], PATHINFO_EXTENSION);
$filename = uniqid('img_', true) . '.' . $ext;
$destination = $monthDir . '/' . $filename;
if (move_uploaded_file($image['tmp_name'], $destination)) {
$response['status'] = true;
$response['message'] = 'Image uploaded successfully.';
$response['image_url'] = $cdnBaseUrl . "$currentYear/$currentMonth/$filename";
} else {
$response['message'] = 'Failed to move uploaded file.';
}
}
} else {
$response['message'] = 'No image file uploaded.';
}
echo json_encode($response);
[ CLOSE ]