speedie/keyload
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Remove temporary keys, the feature is now included in normal keys

Browse source
This commit is contained in:
Jacob 2023-10-04 11:00:28 +02:00
parent de0538df54
commit 0ed4daa0f3
9 changed files with 50 additions and 266 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
admin.php
View file

@ -110,10 +110,8 @@ if ($Action == "files") {
$keyID = $line['keyid'];
$keytypeID = $line['keytype'];
if ($line['keytype'] == 0) {
if ($line['keytype'] == 1) {
$keyType = "Key";
} else if ($line['keytype'] == 1) {
$keyType = "Temporary";
} else if ($line['keytype'] == 2) {
$keyType = "Administrator";
} else {
@ -241,41 +239,14 @@ if ($Action == "files") {
$IP = $line['ip'];
$UserAgent = $line['useragent'];
$keyType = "Key";
$UploadsLeft = "";
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"id-0-$ID\">$ID</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminKey\">$Key</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminNumberOfUploads\"><a href=\"admin.php?action=files&id=$ID\">$NumberOfUploads</a></td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminUploadsLeft\">$UploadsLeft</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminLastUsed\">$LastUsed</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminIssued\">$Issued</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminIP\">$IP</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminUserAgent\">$UserAgent</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminRemove\"><a href=\"/remove-key.php?redir=admin&id=$ID&type=0\">Remove</a></td>\n";
$html .= "\t\t\t\t\t</tr>\n";
}
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] != $filterID && $filterID != -1) {
continue;
}
$ID = $line['id'];
$Key = $line['key'];
$NumberOfUploads = $line['numberofuploads'];
$UploadsLeft = "";
$LastUsed = $line['lastused'];
$Issued = $line['issued'];
$IP = $line['ip'];
$UserAgent = $line['useragent'];
$keyType = "Temporary";
$UploadsLeft = $line['uploadsleft'];
if ($line['uploadsleft'] == -1) {
$UploadsLeft = "";
$keyType = "Key";
}
$html .= "\t\t\t\t\t<tr class=\"adminKeyView\">\n";
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"id-1-$ID\">$ID</td>\n";
$html .= "\t\t\t\t\t\t<td class=\"adminKey\">$Key</td>\n";

16
core.php
View file

@ -85,7 +85,7 @@ function printFileUploadForm($html, $Error) {
} else if ($Error == "size") {
$html .= "\t\t\t<p class=\"error\">File is too big.</p>\n";
} else if ($Error == "key") {
$html .= "\t\t\t<p class=\"error\">Invalid key. WTF?</p>\n";
$html .= "\t\t\t<p class=\"error\">File upload failed: No uploads left.</p>\n";
} else if ($Error == "wtf") {
$html .= "\t\t\t<p class=\"error\">WTF? Try again.</p>\n";
}
@ -112,4 +112,18 @@ function checkIfAdminExists() {
return $adminExists;
}
function getIPAddress() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
return $_SERVER['REMOTE_ADDR'];
}
}
function getUserAgent() {
return $_SERVER['HTTP_USER_AGENT'];
}
?>

13
create-table.php
View file

@ -20,17 +20,6 @@ function createTables($sqlDB) {
$Database->exec("CREATE TABLE IF NOT EXISTS admins(id INTEGER PRIMARY KEY, key TEXT, primaryadmin INT, numberofuploads INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
/* keys table
* id (INTEGER PRIMARY KEY)
* key (TEXT)
* numberofuploads (INT)
* lastused (INT)
* issued (TEXT)
* ip (TEXT)
* useragent (TEXT)
*/
$Database->exec("CREATE TABLE IF NOT EXISTS keys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
/* temporary keys table
* id (INTEGER PRIMARY KEY)
* key (TEXT)
* numberofuploads (INT)
@ -40,7 +29,7 @@ function createTables($sqlDB) {
* ip (TEXT)
* useragent (TEXT)
*/
$Database->exec("CREATE TABLE IF NOT EXISTS tkeys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, uploadsleft INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
$Database->exec("CREATE TABLE IF NOT EXISTS keys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, uploadsleft INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
/* uploads table
* id (INTEGER PRIMARY KEY)

60
create.php
View file

@ -6,20 +6,7 @@
include "config.php";
include "create-table.php";
function getIPAddress() {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
return $_SERVER['REMOTE_ADDR'];
}
}
function getUserAgent() {
return $_SERVER['HTTP_USER_AGENT'];
}
include "core.php";
$Redirect = "";
$uploadsLeft = 1;
@ -117,6 +104,8 @@ if (isset($_REQUEST['uploadsleft']) && $Type == "Temporary") {
die();
}
} else {
$uploadsLeft = -1;
}
if ($Type == "Admin") {
@ -171,46 +160,7 @@ if ($Type == "Admin") {
}
$Database->exec("INSERT INTO admins(key, primaryadmin, numberofuploads, lastused, issued, ip, useragent) VALUES('$Data', '$primary', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
} else if ($Type == "Temporary") {
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == "$Data" && $Data != "" && $line['key'] != "") {
if ($Redirect == "admin") {
header("Location: admin.php?action=create&e=exists");
} else if ($Redirect == "setup") {
header("Location: setup.php?e=exists");
} else {
header("Location: /");
}
die();
}
}
$numberOfUploads = 0;
$lastUsed = "";
$Issued = "";
$ip = "";
$userAgent = "";
if ($storeAgent || $storeAgent == "true") {
$userAgent = getUserAgent();
}
if ($storeIssued || $storeIssued == "true") {
$Issued = date($dateFormat);
}
if ($storeLastUsage || $storeLastUsage == "true") {
$lastUsed = date($dateFormat);
}
if ($storeIP || $storeIP == "true") {
$ip = getIPAddress();
}
$Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Data', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
} else if ($Type == "Key") {
} else if ($Type == "Temporary" || $Type == "Key") {
$DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == "$Data" && $Data != "" && $line['key'] != "") {
@ -248,7 +198,7 @@ if ($Type == "Admin") {
$ip = getIPAddress();
}
$Database->exec("INSERT INTO keys(key, numberofuploads, lastused, issued, ip, useragent) VALUES('$Data', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
$Database->exec("INSERT INTO keys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Data', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
} else {
if ($Redirect == "admin") {
header("Location: admin.php?action=create&e=type");

14
files.php
View file

@ -37,26 +37,16 @@ if (isset($_COOKIE[$cookieTypeName]) && (!$publicUploading || $publicUploading =
$keytypeID = $line['keytype'];
$CorrectFile = 0;
if ($line['keytype'] == 0) {
if ($line['keytype'] == 1) {
$keyType = "Key";
} else if ($line['keytype'] == 1) {
$keyType = "Temporary";
} else if ($line['keytype'] == 2) {
$keyType = "Administrator";
} else {
$keyType = "Unknown";
}
if ($keytypeID == 0) { // is it a normal key?
if ($keytypeID == 1) { // key?
$UserDatabaseQuery = $Database->query('SELECT * FROM keys');
while ($uline = $UserDatabaseQuery->fetchArray()) {
if ($uline['id'] == $keyID && $keytypeID == 0 && $_COOKIE[$cookieName] == $uline['key']) {
$CorrectFile = 1;
break;
}
}
} else if ($keytypeID == 1) { // no?
$UserDatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($uline = $UserDatabaseQuery->fetchArray()) {
if ($uline['id'] == $keyID && $keytypeID == 1 && $_COOKIE[$cookieName] == $uline['key']) {
$CorrectFile = 1;

62
login.php
View file

@ -40,7 +40,7 @@ if (isset($_REQUEST['key'])) {
// check the validity of the key
$Database = createTables($sqlDB);
// Regular keys
// Temporary keys
$DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
@ -54,61 +54,16 @@ if (isset($_REQUEST['key'])) {
// update IP address
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$ip = getIPAddress();
$Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
}
// update user agent
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$userAgent = getUserAgent();
$Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
}
$Authorized = 1;
$KeyType = 0;
break;
}
}
// Temporary keys
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableTemporaryKeys || $enableTemporaryKeys == "true")) {
$id = $line['id'];
// update last usage
if ($storeLastUsage || $storeLastUsage == "true") {
$lastUsed = date($dateFormat);
$Database->exec("UPDATE tkeys SET lastused='$lastUsed' WHERE id='$id'");
}
// update IP address
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$Database->exec("UPDATE tkeys SET ip='$ip' WHERE id='$id'");
}
// update user agent
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$Database->exec("UPDATE tkeys SET useragent='$userAgent' WHERE id='$id'");
}
$Authorized = 1;
$KeyType = 1;
@ -130,20 +85,13 @@ if (isset($_REQUEST['key'])) {
// update IP address
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$ip = getIPAddress();
$Database->exec("UPDATE admins SET ip='$ip' WHERE id='$id'");
}
// update user agent
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$userAgent = getUserAgent();
$Database->exec("UPDATE admins SET useragent='$userAgent' WHERE id='$id'");
}

18
remove-key.php
View file

@ -59,27 +59,11 @@ if ($AuthorizedRemoval != 1) {
}
$DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($type != 0) break;
if ($line['id'] == $id && $line['id'] != "" && $id != "") { // passed ID is a key that exists
if ($AuthorizedRemoval == 1) {
$Database->exec("DELETE FROM keys WHERE id='$id'");
$Removed = 1;
} else {
print "You aren't authorized to perform this action.";
die();
}
break;
}
}
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($type != 1) break;
if ($line['id'] == $id && $line['id'] != "" && $id != "" && $Removed != 1) { // passed ID is a key that exists
if ($AuthorizedRemoval == 1) {
$Database->exec("DELETE FROM tkeys WHERE id='$id'");
$Database->exec("DELETE FROM keys WHERE id='$id'");
$Removed = 1;
} else {
print "You aren't authorized to perform this action.";

12
remove.php
View file

@ -54,18 +54,6 @@ while ($line = $DatabaseQuery->fetchArray()) {
}
}
// check if our key is a temporary key
if (($enableKeys || $enableKeys == "true") && ($enableKeyUploadRemoval || $enableKeyUploadRemoval == "true")) {
$keyDatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($kline = $keyDatabaseQuery->fetchArray()) {
if ($line['keyid'] == $kline['id']) {
$AuthorizedRemoval = 1;
break;
}
}
}
// check if the key is an admin key, automatically making it authorized to remove the file provided it wasn't uploaded by a primary admin
if ($AuthorizedRemoval != 1 && ($enableUploadRemoval || $enableUploadRemoval == "true")) {
$keyDatabaseQuery = $Database->query('SELECT * FROM admins');

80
upload.php
View file

@ -6,6 +6,7 @@
include "config.php";
include "create-table.php";
include "core.php";
$WebInterface = 1;
@ -22,7 +23,7 @@ if (isset($_REQUEST['key'])) {
$Status = 0;
$Authorized = 0;
$keyType = 0;
$keyType = 1;
$uploadLimit = $maxFileSize * 1000000;
$keyID = 0;
@ -42,10 +43,17 @@ $Database = createTables($sqlDB);
if (!$publicUploading || $publicUploading == "false") {
$DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0 && ($enableKeys || $enableKeys == "true")) {
// decrease uploads left if temporary
if ($line['uploadsleft'] != -1) {
$uploadsLeft = $line['uploadsleft'] - 1;
}
$id = $line['id'];
$keyID = $id;
$Database->exec("UPDATE keys SET uploadsleft='$uploadsLeft' WHERE id='$id'");
if ($storeLastUsage || $storeLastUsage == "true") {
$lastUsed = date($dateFormat);
$Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");
@ -57,72 +65,21 @@ if (!$publicUploading || $publicUploading == "false") {
}
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$ip = getIPAddress();
$Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
}
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$userAgent = getUserAgent();
$Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
}
$Authorized = 1;
$keyType = 0;
$keyType = 1;
break;
}
}
if ($Authorized != 1) {
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0 && ($enableTemporaryKeys || $enableTemporaryKeys == "true")) {
$uploadsLeft = $line['uploadsleft'] - 1;
$id = $line['id'];
$keyID = $id;
$Database->exec("UPDATE tkeys SET uploadsleft='$uploadsLeft' WHERE id='$id'");
if ($storeLastUsage || $storeLastUsage == "true") {
$lastUsed = date($dateFormat);
$Database->exec("UPDATE tkeys SET lastused='$lastUsed' WHERE id='$id'");
}
if ($storeUploads || $storeUploads == "true") {
$numberOfUploads = $line['numberofuploads'] + 1;
$Database->exec("UPDATE tkeys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
}
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$Database->exec("UPDATE tkeys SET ip='$ip' WHERE id='$id'");
}
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$Database->exec("UPDATE tkeys SET useragent='$userAgent' WHERE id='$id'");
}
$Authorized = 1;
$keyType = 1;
break;
}
}
}
// maybe admin?
if ($Authorized != 1) {
$DatabaseQuery = $Database->query('SELECT * FROM admins');
@ -138,19 +95,12 @@ if (!$publicUploading || $publicUploading == "false") {
$Database->exec("UPDATE admins SET numberofuploads='$numberOfUploads' WHERE id='$id'");
if ($storeIP || $storeIP == "true") {
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$ip = getIPAddress();
$Database->exec("UPDATE admins SET ip='$ip' WHERE id='$id'");
}
if ($storeAgent || $storeAgent == "true") {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$userAgent = getUserAgent();
$Database->exec("UPDATE admins SET useragent='$userAgent' WHERE id='$id'");
}