// place files you want to import through the `$lib` alias in this folder.
import path from 'path';

function safePath(basePath: string, name: string): boolean {
	const fullPath = `${basePath}/${name}`;
	const relative = path.relative(basePath, fullPath);
	return (
		!!relative &&
		// does move out of `basePath`
		!relative.startsWith(`..${path.sep}`) &&
		// exactly one layer deep, e.g. no `./uplodas/foo/bar`
		!relative.includes(path.sep) &&
		// result is not an absolute path
		!path.isAbsolute(relative)
	);
}

const defaultPath: string = './uploads';
if (!('STORAGE_PATH' in process.env)) {
	console.warn(`'STORAGE_PATH' environment variable is not set. Defaulting to ${defaultPath}`);
}
export const storagePath: string = process.env.STORAGE_PATH ?? defaultPath;

export default safePath;