'No file received']); exit; } $file = $_FILES['image']; $allowedTypes = ['image/jpeg', 'image/png', 'image/gif', 'image/webp']; $maxSize = 5 * 1024 * 1024; // 5MB if (!in_array($file['type'], $allowedTypes)) { echo json_encode(['error' => 'Invalid file type. Use JPG, PNG, WebP, or GIF.']); exit; } if ($file['size'] > $maxSize) { echo json_encode(['error' => 'File too large. Maximum 5MB.']); exit; } // Create upload directory $uploadDir = __DIR__ . '/../uploads/products/'; if (!is_dir($uploadDir)) { mkdir($uploadDir, 0755, true); } // Generate unique filename $ext = pathinfo($file['name'], PATHINFO_EXTENSION); $filename = 'product_' . time() . '_' . bin2hex(random_bytes(4)) . '.' . strtolower($ext); $filepath = $uploadDir . $filename; if (move_uploaded_file($file['tmp_name'], $filepath)) { $url = '/uploads/products/' . $filename; echo json_encode(['success' => true, 'url' => $url]); } else { echo json_encode(['error' => 'Failed to save file. Check directory permissions.']); }