keyload/upload.php

<?php
/* curload
 * Simple file uploading using POST requests and temporary keys
 * Licensed under the GNU Affero General Public License version 3.0
 */

include "config.php";
include "core.php";

$WebInterface = 1;

if (isset($_REQUEST['key'])) {
    $Key = $_REQUEST['key'];
    $WebInterface = 0;
} else if (isset($_COOKIE[$cookieName])) {
    $Key = $_COOKIE[$cookieName];
    $WebInterface = 1;
} else if (!$publicUploading || $publicUploading == "false") {
    print "No key specified.";
    die();
}

$Status = 0;
$Authorized = 0;
$keyType = 1;
$uploadLimit = $maxFileSize * 1000000;
$keyID = 0;

if (!isset($_FILES['file']['name']) || $_FILES['file']['name'] == "") {
    if ($WebInterface == 0) {
        print "You didn't specify a file.";
        die();
    } else {
        header("Location: /?e=file");
        die();
    }
}

$Database = createTables($sqlDB);

// init database
if (!$publicUploading || $publicUploading == "false") {
    $DatabaseQuery = $Database->query('SELECT * FROM keys');
    while ($line = $DatabaseQuery->fetchArray()) {
        if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0 && ($enableKeys || $enableKeys == "true")) {
            $id = $line['id'];
            $keyID = $id;

            // decrease uploads left if temporary
            if ($line['uploadsleft'] != -1) {
                $uploadsLeft = $line['uploadsleft'] - 1;
                $Database->exec("UPDATE keys SET uploadsleft='$uploadsLeft' WHERE id='$id'");
            }

            if ($storeLastUsage || $storeLastUsage == "true") {
                $lastUsed = date($dateFormat);
                $Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");
            }

            if ($storeUploads || $storeUploads == "true") {
                $numberOfUploads = $line['numberofuploads'] + 1;
                $Database->exec("UPDATE keys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
            }

            if ($storeIP || $storeIP == "true") {
                $ip = getIPAddress();
                $Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
            }

            if ($storeAgent || $storeAgent == "true") {
                $userAgent = getUserAgent();
                $Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
            }

            $Authorized = 1;
            $keyType = $line['keytype'];
            break;
        }
    }

    // Not an authorized key
    if ($Authorized == 0) {
        if ($WebInterface == 0) {
            print "Not authorized: Your key is invalid.";
            die();
        } else {
            header("Location: /?e=key");
            die();
        }
    }
}

if ($_FILES['file']['size'] > $uploadLimit && $uploadLimit > 0) {
    if ($WebInterface == 0) {
        print "File is too big. Max file size is $maxFileSize" . "MB";
        die();
    } else {
        header("Location: /?e=size");
        die();
    }
}

// check if file is too big to be uploaded
if (!is_dir($uploadDir)) {
    mkdir($uploadDir, 0777, true);
}

$destinationFile = $uploadDir . basename($_FILES['file']['name']);

// rename file if necessary
if (!$replaceOriginal || $replaceOriginal == "false") {
    if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
        $fileExtension = strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
        if (isset($fileExtension)) {
            $extension = "." . $fileExtension;
        }

        if ($renameDuplicates || $renameDuplicates == "true") {
            $destinationFile = $uploadDir . rand(1000,100000) . $extension;
        }

        if (file_exists($destinationFile)) { // wtf
            if ($WebInterface == 0) {
                print "Upload failed.";
                die();
            } else {
                header("Location: /?e=wtf");
                die();
            }
        }
    }
}

if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
    $uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;

    $lastUsed = date($dateFormat);
    $DatabaseQuery = $Database->query('SELECT * FROM uploads');
    $Database->exec("INSERT INTO uploads(file, uploaddate, keyid, keytype) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$keyType')");

    if ($WebInterface == 0) {
        print "$uploadedFile";
    } else {
        header("Location: $uploadedFile");
    }

    if (isset($_REQUEST['web'])) { // redirect back to index
        header("Redirect: $uploadedFile");
        die();
    }
} else {
    if (file_exists($destinationFile)) { // wtf
        if ($WebInterface == 0) {
            print "Upload failed.";
            die();
        } else {
            header("Location: /?e=wtf");
            die();
        }
    }
}
?>
Initial commit 2023-09-28 21:29:21 +02:00			`<?php`
Change some basic things 2023-09-29 21:29:29 +02:00			`/* curload`
			`* Simple file uploading using POST requests and temporary keys`
			`* Licensed under the GNU Affero General Public License version 3.0`
			`*/`

			`include "config.php";`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`include "core.php";`
Change some basic things 2023-09-29 21:29:29 +02:00
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`$WebInterface = 1;`

Change some basic things 2023-09-29 21:29:29 +02:00			`if (isset($_REQUEST['key'])) {`
			`$Key = $_REQUEST['key'];`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`$WebInterface = 0;`
			`} else if (isset($_COOKIE[$cookieName])) {`
			`$Key = $_COOKIE[$cookieName];`
			`$WebInterface = 1;`
Fix an option in the configuration 2023-10-01 16:23:07 +02:00			`} else if (!$publicUploading \|\| $publicUploading == "false") {`
Change some basic things 2023-09-29 21:29:29 +02:00			`print "No key specified.";`
			`die();`
			`}`

			`$Status = 0;`
			`$Authorized = 0;`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`$keyType = 1;`
Change some basic things 2023-09-29 21:29:29 +02:00			`$uploadLimit = $maxFileSize * 1000000;`
			`$keyID = 0;`

CSS changes, small bug fix 2023-10-01 04:10:34 +02:00			`if (!isset($_FILES['file']['name']) \|\| $_FILES['file']['name'] == "") {`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if ($WebInterface == 0) {`
			`print "You didn't specify a file.";`
			`die();`
			`} else {`
			`header("Location: /?e=file");`
			`die();`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`}`

Fix an option in the configuration 2023-10-01 16:23:07 +02:00			`$Database = createTables($sqlDB);`

Change some basic things 2023-09-29 21:29:29 +02:00			`// init database`
some more work 2023-09-30 01:28:36 +02:00			`if (!$publicUploading \|\| $publicUploading == "false") {`
Change some basic things 2023-09-29 21:29:29 +02:00			`$DatabaseQuery = $Database->query('SELECT * FROM keys');`
			`while ($line = $DatabaseQuery->fetchArray()) {`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0 && ($enableKeys \|\| $enableKeys == "true")) {`
Simplify significantly, by combining admins, temporary keys and keys into one. Also some miscellanious codebase improvements. 2023-10-04 15:53:02 +02:00			`$id = $line['id'];`
			`$keyID = $id;`

Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`// decrease uploads left if temporary`
			`if ($line['uploadsleft'] != -1) {`
			`$uploadsLeft = $line['uploadsleft'] - 1;`
Simplify significantly, by combining admins, temporary keys and keys into one. Also some miscellanious codebase improvements. 2023-10-04 15:53:02 +02:00			`$Database->exec("UPDATE keys SET uploadsleft='$uploadsLeft' WHERE id='$id'");`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`}`

some more work 2023-09-30 01:28:36 +02:00			`if ($storeLastUsage \|\| $storeLastUsage == "true") {`
Change some basic things 2023-09-29 21:29:29 +02:00			`$lastUsed = date($dateFormat);`
some more work 2023-09-30 01:28:36 +02:00			`$Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00
some more work 2023-09-30 01:28:36 +02:00			`if ($storeUploads \|\| $storeUploads == "true") {`
			`$numberOfUploads = $line['numberofuploads'] + 1;`
			`$Database->exec("UPDATE keys SET numberofuploads='$numberOfUploads' WHERE id='$id'");`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00
			`if ($storeIP \|\| $storeIP == "true") {`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`$ip = getIPAddress();`
Change some basic things 2023-09-29 21:29:29 +02:00			`$Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");`
			`}`

			`if ($storeAgent \|\| $storeAgent == "true") {`
Remove temporary keys, the feature is now included in normal keys 2023-10-04 11:00:28 +02:00			`$userAgent = getUserAgent();`
Change some basic things 2023-09-29 21:29:29 +02:00			`$Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");`
			`}`

			`$Authorized = 1;`
Simplify significantly, by combining admins, temporary keys and keys into one. Also some miscellanious codebase improvements. 2023-10-04 15:53:02 +02:00			`$keyType = $line['keytype'];`
Change some basic things 2023-09-29 21:29:29 +02:00			`break;`
			`}`
Initial commit 2023-09-28 21:29:21 +02:00			`}`

some more work 2023-09-30 01:28:36 +02:00			`// Not an authorized key`
			`if ($Authorized == 0) {`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if ($WebInterface == 0) {`
			`print "Not authorized: Your key is invalid.";`
			`die();`
			`} else {`
			`header("Location: /?e=key");`
			`die();`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`}`
			`}`
Initial commit 2023-09-28 21:29:21 +02:00
some more work 2023-09-30 01:28:36 +02:00			`if ($_FILES['file']['size'] > $uploadLimit && $uploadLimit > 0) {`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if ($WebInterface == 0) {`
			`print "File is too big. Max file size is $maxFileSize" . "MB";`
			`die();`
			`} else {`
			`header("Location: /?e=size");`
			`die();`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`}`
Initial commit 2023-09-28 21:29:21 +02:00
some more work 2023-09-30 01:28:36 +02:00			`// check if file is too big to be uploaded`
Change some basic things 2023-09-29 21:29:29 +02:00			`if (!is_dir($uploadDir)) {`
			`mkdir($uploadDir, 0777, true);`
			`}`
Initial commit 2023-09-28 21:29:21 +02:00
Change some basic things 2023-09-29 21:29:29 +02:00			`$destinationFile = $uploadDir . basename($_FILES['file']['name']);`
Initial commit 2023-09-28 21:29:21 +02:00
some more work 2023-09-30 01:28:36 +02:00			`// rename file if necessary`
			`if (!$replaceOriginal \|\| $replaceOriginal == "false") {`
fix syntax error 2023-09-30 19:37:53 +02:00			`if (file_exists($destinationFile)) { // rename file to distinguish it from existing file`
some more work 2023-09-30 01:28:36 +02:00			`$fileExtension = strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));`
			`if (isset($fileExtension)) {`
			`$extension = "." . $fileExtension;`
			`}`
Initial commit 2023-09-28 21:29:21 +02:00
some more work 2023-09-30 01:28:36 +02:00			`if ($renameDuplicates \|\| $renameDuplicates == "true") {`
			`$destinationFile = $uploadDir . rand(1000,100000) . $extension;`
			`}`

			`if (file_exists($destinationFile)) { // wtf`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if ($WebInterface == 0) {`
			`print "Upload failed.";`
			`die();`
			`} else {`
			`header("Location: /?e=wtf");`
			`die();`
			`}`
some more work 2023-09-30 01:28:36 +02:00			`}`
WIP work on SQL #4 2023-09-29 00:25:59 +02:00			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`}`
Initial commit 2023-09-28 21:29:21 +02:00
Change some basic things 2023-09-29 21:29:29 +02:00			`if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {`
			`$uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;`
Initial commit 2023-09-28 21:29:21 +02:00
some more work 2023-09-30 01:28:36 +02:00			`$lastUsed = date($dateFormat);`
			`$DatabaseQuery = $Database->query('SELECT * FROM uploads');`
			`$Database->exec("INSERT INTO uploads(file, uploaddate, keyid, keytype) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$keyType')");`
Initial commit 2023-09-28 21:29:21 +02:00
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if ($WebInterface == 0) {`
			`print "$uploadedFile";`
			`} else {`
			`header("Location: $uploadedFile");`
			`}`
WIP work on SQL #4 2023-09-29 00:25:59 +02:00
Change some basic things 2023-09-29 21:29:29 +02:00			`if (isset($_REQUEST['web'])) { // redirect back to index`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`header("Redirect: $uploadedFile");`
Initial commit 2023-09-28 21:29:21 +02:00			`die();`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`} else {`
Improve uploading significantly 2023-10-01 03:47:59 +02:00			`if (file_exists($destinationFile)) { // wtf`
			`if ($WebInterface == 0) {`
			`print "Upload failed.";`
			`die();`
			`} else {`
			`header("Location: /?e=wtf");`
			`die();`
			`}`
			`}`
Change some basic things 2023-09-29 21:29:29 +02:00			`}`
Initial commit 2023-09-28 21:29:21 +02:00			`?>`