<?php
$files = $_FILES['file'];
$file_path = $files['tmp_name'][0]; // temporary upload path of the first file
$file_name = $_POST['name']; // desired name of the file

$uploaded = move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER['DOCUMENT_ROOT'] . '/public/uploads/' . $_FILES['file']['name']);
if($uploaded) {
    header('Access-Control-Allow-Origin: *');
    header('Content-type: application/json');
    $data = ['url' => '/public/uploads/' . basename($file_name), 'message' => 'The file ' . $file_name . ' has been uploaded.'];
    http_response_code(201);
    echo json_encode($data);
}
/*
die;

ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);

// Get the maximum upload file size
$max_size = ini_get('upload_max_filesize');

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
        header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT');
    }
    //Make sure you remove those you do not want to support
    header('Access-Control-Allow-Origin: *');

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) {
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
    }

    //Just exit with 200 OK with the above headers for OPTIONS method
    exit(0);
}

            

    
    $target_dir = __DIR__ . DIRECTORY_SEPARATOR . 'uploads';
    $file_name = basename($_FILES['file']['name']);
    $file_size = $_FILES['file']['size'];
    $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;

    // Validate file size
    if ($file_size > $max_size) {
        header('Access-Control-Allow-Origin: *');
        header('Content-type: application/json');
        $data = ['message' => 'File size exceeds the maximum allowed size of ' . $max_size . '.'];
        http_response_code(400);
        echo json_encode($data);
        exit;
    }

    // Sanitize file name to prevent directory traversal attacks
    $file_name = preg_replace('/[^a-zA-Z0-9._-]/', '', $file_name);
    $target_file = $target_dir . DIRECTORY_SEPARATOR . $file_name;

    try {
        if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
            header('Access-Control-Allow-Origin: *');
            header('Content-type: application/json');
            $data = ['url' => $target_file, 'message' => 'The file ' . $file_name . ' has been uploaded.'];
            http_response_code(201);
            echo json_encode($data);
        } else {
            throw new Exception('Unable to move the uploaded file to its final location:' . $target_file);
        }

    } catch (\Throwable $th) {
        header('Access-Control-Allow-Origin: *');
        header('Content-type: application/json');
        $data = ['message' => 'Sorry, there was an error uploading your file.', 'error' => $th->getMessage()];
        http_response_code(400);
        echo json_encode($data);
    }
*/