1 files changed, 41 insertions, 1 deletions

diff --git a/src/attachment_writer.php b/src/attachment_writer.php
index ee638c7..bd00b14 100644
--- a/src/attachment_writer.php
+++ b/src/attachment_writer.php
@@ -4,9 +4,49 @@ if (!array_key_exists('password', $_POST)) {
   die('No password given');
 }
 
-var_dump($_FILES);
+if ($_POST['password'] != 'foo') {
+  die('Incorrect password');
+}
+
+$attach_dir = '/var/www/forum/files';
+
+foreach ($_FILES as $file) {
+  # Check for errors
+  switch ($file['error']) {
+  case UPLOAD_ERR_OK:
+    break;
+  case UPLOAD_ERR_INI_SIZE:
+    die('Error UPLOAD_ERR_INI_SIZE: ' . $file['name']);
+  case UPLOAD_ERR_FORM_SIZE:
+    die('Error UPLOAD_ERR_FORM_SIZE: ' . $file['name']);
+  case UPLOAD_ERR_PARTIAL:
+    die('Error UPLOAD_ERR_PARTIAL: ' . $file['name']);
+  case UPLOAD_ERR_NO_FILE:
+    die('Error UPLOAD_ERR_NO_FILE: ' . $file['name']);
+  case UPLOAD_ERR_NO_TMP_DIR:
+    die('Error UPLOAD_ERR_NO_TMP_DIR: ' . $file['name']);
+  case UPLOAD_ERR_CANT_WRITE:
+    die('Error UPLOAD_ERR_CANT_WRITE: ' . $file['name']);
+  case UPLOAD_ERR_EXTENSION:
+    die('Error UPLOAD_ERR_EXTENSION: ' . $file['name']);
+  default:
+    die('Unrecognized error code: ' . $file['error'] . ' ' $file['name']);
+  }
 
+  # Don't continue if the name isn't what phpBB expects
+  if (preg_match('/^\d+_[0-9a-f]{32}$/', $file['name']) != 1) {
+    die('Bad destination filename: ' . $file['name']);
+  }
 
+  $src = $file['tmp_name'];
+  $dst = $attach_dir . '/' . $file['name'];
+
+  # Move temp file to attachments dir
+  if (!move_uploaded_file($src, $dst)) {
+    die("Failed to move $src to $dst.");
+  }
 }
 
+return 1;
+
 ?>