Configuring server for upload
AVAA Server can be configured to allow files upload, letting users upload and manage their files via the browser editor.
After upload to the webserver, files are moved to the user directory in the relevant project.
User files are stored in the {project-root}/users/{user-id}/ directory.
Preparing the upload directory
- Create an
uploaddirectory inavaa-toolkitinstallation root - Create an
index.phpfile inside theuploadfolder
Adapt the following to host's requirements:
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
header('Access-Control-Allow-Origin: *'); // adapt
header('Access-Control-Allow-Methods: *'); // adapt
if(!isset($_POST['token'])) die('{"error":"missing token"}');
$token = trim($_POST['token']);
if( (strpos($token,'.')!==false)
||(strpos($token,'/')!==false)
||(strpos($token,'\\')!==false)
) die('{"error":"invalid token"}');
$target = __DIR__.'/'.$token.'.file';
if(!file_exists(__DIR__.'/'.$token.'.token')) die('{"error":"missing token file"}');
foreach($_FILES as $f){
if($f['error']) die('{"error":"upload error code '.$f['error'].'"}');
if(!move_uploaded_file($f['tmp_name'], $target)) die('{"error":"move upload error '.$f['error'].'"}');
break;
};
die('{"token":"'.$token.'"}');
Configuring Apache HTTP server
Make sure avaa.conf has a valid directory alias:
<VirtualHost *:443>
...
Alias /upload /opt/avaa-toolkit/upload
</VirtualHost>
<Directory "/opt/avaa-toolkit/upload">
Require all granted
Options Indexes
Order allow,deny
Allow from all
</Directory>
Install PHP:
sudo apt install libapache2-mod-php
Configure adequate upload size limit in php:
sudo nano /etc/php/8.1/apache2/php.ini
Adapt as needed post_max_size = 200M upload_max_filesize = 200M
sudo service apache2 restart
Alternative to PHP
The upload script is quite simple and could be easily implemented in other available server scripting facility.