Add the ability to create keys, fix some bugs with uploading by
administrators
This commit is contained in:
parent
26601743fd
commit
4735ac997c
182
add-keys.php
182
add-keys.php
|
@ -1,182 +0,0 @@
|
||||||
<?php
|
|
||||||
/* curload
|
|
||||||
* Simple file uploading using POST requests and temporary keys
|
|
||||||
* Licensed under the GNU Affero General Public License version 3.0
|
|
||||||
*/
|
|
||||||
|
|
||||||
include "create-table.php";
|
|
||||||
|
|
||||||
function getIPAddress() {
|
|
||||||
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
|
||||||
return $_SERVER['HTTP_CLIENT_IP'];
|
|
||||||
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
|
||||||
return $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
||||||
} else {
|
|
||||||
return $_SERVER['REMOTE_ADDR'];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
function getUserAgent() {
|
|
||||||
return $_SERVER['HTTP_USER_AGENT'];
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO: Hash passwords
|
|
||||||
function addKey($adminKey, $Value) {
|
|
||||||
include "config.php";
|
|
||||||
|
|
||||||
$Database = createTables($sqlDB);
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
|
||||||
$Authorized = 0;
|
|
||||||
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "") {
|
|
||||||
$Authorized = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Make sure no existing key exists with that value
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == "$Value") {
|
|
||||||
print "A key with that value already exists.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($Authorized != 1) {
|
|
||||||
print "You are not authorized to perform this action.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
|
|
||||||
$numberOfUploads = 0;
|
|
||||||
$lastUsed = "";
|
|
||||||
$Issued = "";
|
|
||||||
$ip = "";
|
|
||||||
$userAgent = "";
|
|
||||||
|
|
||||||
if ($storeAgent || $storeAgent == "true") {
|
|
||||||
$userAgent = getUserAgent();
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIssued || $storeIssued == "true") {
|
|
||||||
$Issued = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeLastUsage || $storeLastUsage == "true") {
|
|
||||||
$lastUsed = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIP || $storeIP == "true") {
|
|
||||||
$ip = getIPAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
$Database->exec("INSERT INTO keys(key, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
|
||||||
}
|
|
||||||
|
|
||||||
function addTempKey($adminKey, $Value, $uploadsLeft) {
|
|
||||||
include "config.php";
|
|
||||||
|
|
||||||
$Database = createTables($sqlDB);
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
|
||||||
$Authorized = 0;
|
|
||||||
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "") {
|
|
||||||
$Authorized = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Make sure no existing key exists with that value
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == "$Value") {
|
|
||||||
print "A key with that value already exists.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($Authorized != 1) {
|
|
||||||
print "You are not authorized to perform this action.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
|
|
||||||
$numberOfUploads = 0;
|
|
||||||
$lastUsed = "";
|
|
||||||
$Issued = "";
|
|
||||||
$ip = "";
|
|
||||||
$userAgent = "";
|
|
||||||
|
|
||||||
if ($storeAgent || $storeAgent == "true") {
|
|
||||||
$userAgent = getUserAgent();
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIssued || $storeIssued == "true") {
|
|
||||||
$Issued = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeLastUsage || $storeLastUsage == "true") {
|
|
||||||
$lastUsed = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIP || $storeIP == "true") {
|
|
||||||
$ip = getIPAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
$Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
|
||||||
}
|
|
||||||
|
|
||||||
function addAdminKey($adminKey, $Value, $Primary) {
|
|
||||||
include "config.php";
|
|
||||||
|
|
||||||
$Database = createTables($sqlDB);
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
|
||||||
$Authorized = 0;
|
|
||||||
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "" && $line['primaryadmin'] == 1) {
|
|
||||||
$Authorized = 1;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Make sure no existing key exists with that value
|
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
|
||||||
while ($line = $DatabaseQuery->fetchArray()) {
|
|
||||||
if ($line['key'] == "$Value") {
|
|
||||||
print "A key with that value already exists.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($Authorized != 1) {
|
|
||||||
print "You are not authorized to perform this action.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
|
|
||||||
$numberOfUploads = 0;
|
|
||||||
$lastUsed = "";
|
|
||||||
$Issued = "";
|
|
||||||
$ip = "";
|
|
||||||
$userAgent = "";
|
|
||||||
|
|
||||||
if ($storeAgent || $storeAgent == "true") {
|
|
||||||
$userAgent = getUserAgent();
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIssued || $storeIssued == "true") {
|
|
||||||
$Issued = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeLastUsage || $storeLastUsage == "true") {
|
|
||||||
$lastUsed = date($dateFormat);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($storeIP || $storeIP == "true") {
|
|
||||||
$ip = getIPAddress();
|
|
||||||
}
|
|
||||||
|
|
||||||
$Database->exec("INSERT INTO admins(key, primaryadmin, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$Primary', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
|
||||||
}
|
|
||||||
?>
|
|
46
admin.php
46
admin.php
|
@ -12,6 +12,7 @@ $Action = "";
|
||||||
$Authorized = 0;
|
$Authorized = 0;
|
||||||
$Primary = 0;
|
$Primary = 0;
|
||||||
$filterID = -1;
|
$filterID = -1;
|
||||||
|
$Error = 0;
|
||||||
|
|
||||||
if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
|
if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
|
||||||
header('Location: login.php?redir=admin');
|
header('Location: login.php?redir=admin');
|
||||||
|
@ -33,6 +34,12 @@ if (!isset($_REQUEST['id'])) {
|
||||||
$filterID = $_REQUEST['id'];
|
$filterID = $_REQUEST['id'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!isset($_REQUEST['e'])) {
|
||||||
|
$Error = 0;
|
||||||
|
} else {
|
||||||
|
$Error = $_REQUEST['e'];
|
||||||
|
}
|
||||||
|
|
||||||
// in case admin keys are disabled
|
// in case admin keys are disabled
|
||||||
if (!$enableAdminKeys || $enableAdminKeys == "false") {
|
if (!$enableAdminKeys || $enableAdminKeys == "false") {
|
||||||
header('Location: /');
|
header('Location: /');
|
||||||
|
@ -75,6 +82,12 @@ if ($Action == "keys") {
|
||||||
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=keys\">Keys</a>\n";
|
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=keys\">Keys</a>\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($Action == "create") {
|
||||||
|
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=create\" id='sel'>Create</a>\n";
|
||||||
|
} else {
|
||||||
|
$html .= "\t\t\t\t\t\t<a href=\"/admin.php?action=create\">Create</a>\n";
|
||||||
|
}
|
||||||
|
|
||||||
$html .= "\t\t\t\t\t</span>\n";
|
$html .= "\t\t\t\t\t</span>\n";
|
||||||
$html .= "\t\t\t\t</div>\n";
|
$html .= "\t\t\t\t</div>\n";
|
||||||
|
|
||||||
|
@ -109,7 +122,7 @@ if ($Action == "files") {
|
||||||
|
|
||||||
$html .= "\t\t\t\t\t<tr class=\"adminFileView\">\n";
|
$html .= "\t\t\t\t\t<tr class=\"adminFileView\">\n";
|
||||||
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"adminID-$ID\">$ID</td>\n";
|
$html .= "\t\t\t\t\t\t<td class=\"adminID\" id=\"adminID-$ID\">$ID</td>\n";
|
||||||
$html .= "\t\t\t\t\t\t<td class=\"adminFilename\">$Filename</td>\n";
|
$html .= "\t\t\t\t\t\t<td class=\"adminFilename\"><a href=\"$Filename\">$Filename</a></td>\n";
|
||||||
$html .= "\t\t\t\t\t\t<td class=\"adminUploadDate\">$uploadDate</td>\n";
|
$html .= "\t\t\t\t\t\t<td class=\"adminUploadDate\">$uploadDate</td>\n";
|
||||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyID\"><a href=\"admin.php?action=keys#id-$keytypeID-$keyID\">$keyID</a></td>\n";
|
$html .= "\t\t\t\t\t\t<td class=\"adminKeyID\"><a href=\"admin.php?action=keys#id-$keytypeID-$keyID\">$keyID</a></td>\n";
|
||||||
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
$html .= "\t\t\t\t\t\t<td class=\"adminKeyType\">$keyType</td>\n";
|
||||||
|
@ -119,6 +132,37 @@ if ($Action == "files") {
|
||||||
}
|
}
|
||||||
|
|
||||||
$html .= "\t\t\t\t</table>\n";
|
$html .= "\t\t\t\t</table>\n";
|
||||||
|
} else if ($Action == "create") {
|
||||||
|
$html .= "\t\t\t\t<form class=\"adminCreateForm\" action=\"create.php?redir=admin\" method=\"post\">\n";
|
||||||
|
$html .= "\t\t\t\t\t<label for=\"type\">Type</label>\n";
|
||||||
|
$html .= "\t\t\t\t\t<select name=\"type\" required>\n";
|
||||||
|
|
||||||
|
if ($Primary == 1) {
|
||||||
|
$html .= "\t\t\t\t\t\t<option value=\"Admin\">Administrator</option>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html .= "\t\t\t\t\t\t<option value=\"Key\" selected=\"selected\">Key</option>\n";
|
||||||
|
$html .= "\t\t\t\t\t\t<option value=\"Temporary\">Temporary Key</option>\n";
|
||||||
|
$html .= "\t\t\t\t\t</select>\n";
|
||||||
|
$html .= "\t\t\t\t\t<label for=\"data\">Key</label>\n";
|
||||||
|
$html .= "\t\t\t\t\t<input type=\"text\" name=\"data\" placeholder=\"Key\">\n";
|
||||||
|
$html .= "\t\t\t\t\t<label for=\"uploadsleft\">Number</label>\n";
|
||||||
|
$html .= "\t\t\t\t\t<input type=\"number\" name=\"uploadsleft\" min=\"1\" value=\"1\">\n";
|
||||||
|
$html .= "\t\t\t\t\t<input type=\"submit\" value=\"Create key\" name=\"create\">\n";
|
||||||
|
$html .= "\t\t\t\t</form>\n";
|
||||||
|
|
||||||
|
// handle errors
|
||||||
|
if ($Error == "data") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"adminError\">Invalid key.</p>\n";
|
||||||
|
} else if ($Error == "type") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"adminError\">Invalid type.</p>\n";
|
||||||
|
} else if ($Error == "denied") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"adminError\">You don't have permission to create a key of this type.</p>\n";
|
||||||
|
} else if ($Error == "exists") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"adminError\">This key already exists.</p>\n";
|
||||||
|
} else if ($Error == "uploads") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"adminError\">Invalid amount of uploads.</p>\n";
|
||||||
|
}
|
||||||
} else if ($Action == "keys") {
|
} else if ($Action == "keys") {
|
||||||
if ($Primary != 1) {
|
if ($Primary != 1) {
|
||||||
$html .= "\t\t\t\t<p class=\"adminWarning\">Administrator keys are not visible.</p>\n";
|
$html .= "\t\t\t\t<p class=\"adminWarning\">Administrator keys are not visible.</p>\n";
|
||||||
|
|
227
create.php
227
create.php
|
@ -5,26 +5,77 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
include "config.php";
|
include "config.php";
|
||||||
include "add-keys.php";
|
include "create-table.php";
|
||||||
|
|
||||||
if (isset($_REQUEST['key'])) {
|
function getIPAddress() {
|
||||||
$Key = $_REQUEST['key'];
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
||||||
} else {
|
return $_SERVER['HTTP_CLIENT_IP'];
|
||||||
print "No admin key specified.";
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
||||||
|
return $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||||
|
} else {
|
||||||
|
return $_SERVER['REMOTE_ADDR'];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function getUserAgent() {
|
||||||
|
return $_SERVER['HTTP_USER_AGENT'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$Redirect = "";
|
||||||
|
$uploadsLeft = 1;
|
||||||
|
$AuthorizedRemoval = 0;
|
||||||
|
$AdminIsPrimary = 0;
|
||||||
|
|
||||||
|
if (isset($_REQUEST['redir'])) {
|
||||||
|
$Redirect = $_REQUEST['redir'];
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!isset($_COOKIE[$cookieName]) || !isset($_COOKIE[$cookieTypeName])) {
|
||||||
|
header('Location: login.php?redir=admin');
|
||||||
|
die();
|
||||||
|
} else if ($_COOKIE[$cookieTypeName] != 2) { // not allowed
|
||||||
|
header('Location: /');
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['data'])) {
|
$Database = createTables($sqlDB);
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||||
|
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $_COOKIE[$cookieName] && $_COOKIE[$cookieName] != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
|
||||||
|
$AuthorizedRemoval = 1;
|
||||||
|
$AdminIsPrimary = $line['primaryadmin'];
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// not authorized
|
||||||
|
if ($AuthorizedRemoval != 1) {
|
||||||
|
header('Location: /');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_REQUEST['data']) && $_REQUEST['data'] != "") {
|
||||||
$Data = $_REQUEST['data'];
|
$Data = $_REQUEST['data'];
|
||||||
} else {
|
} else {
|
||||||
print "No data specified.";
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=data");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isset($_REQUEST['type'])) {
|
if (isset($_REQUEST['type']) && $_REQUEST['type'] != "") {
|
||||||
$Type = $_REQUEST['type'];
|
$Type = $_REQUEST['type'];
|
||||||
} else {
|
} else {
|
||||||
print "No type specified.";
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=type");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -34,14 +85,156 @@ if (isset($_REQUEST['uploads']) && $Type == "Temporary") {
|
||||||
$Uploads = 1;
|
$Uploads = 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($Type == "Admin") {
|
if (isset($_REQUEST['uploadsleft']) && $Type == "Temporary") {
|
||||||
addAdminKey($Key, $Data, 0);
|
$uploadsLeft = $_REQUEST['uploadsleft'];
|
||||||
} else if ($Type == "Temporary") {
|
}
|
||||||
addTempKey($Key, $Data, $Uploads);
|
|
||||||
} else if ($Type == "Key") {
|
if (($_REQUEST['uploadsleft'] == 0 || !isset($_REQUEST['uploadsleft'])) && $Type == "Temporary") {
|
||||||
addKey($Key, $Data);
|
if ($Redirect == "admin") {
|
||||||
} else {
|
header("Location: admin.php?action=create&e=uploads");
|
||||||
print "Invalid type specified.";
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($Type == "Admin") {
|
||||||
|
if ($AdminIsPrimary != 1) {
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=denied");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||||
|
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == "$Data") {
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=exists");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$numberOfUploads = 0;
|
||||||
|
$lastUsed = "";
|
||||||
|
$Issued = "";
|
||||||
|
$ip = "";
|
||||||
|
$userAgent = "";
|
||||||
|
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = getUserAgent();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIssued || $storeIssued == "true") {
|
||||||
|
$Issued = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
$ip = getIPAddress();
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("INSERT INTO admins(key, primaryadmin, numberofuploads, lastused, issued, ip, useragent) VALUES('$Data', '0', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
||||||
|
} else if ($Type == "Temporary") {
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == "$Data") {
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=exists");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$numberOfUploads = 0;
|
||||||
|
$lastUsed = "";
|
||||||
|
$Issued = "";
|
||||||
|
$ip = "";
|
||||||
|
$userAgent = "";
|
||||||
|
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = getUserAgent();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIssued || $storeIssued == "true") {
|
||||||
|
$Issued = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
$ip = getIPAddress();
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Data', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
||||||
|
} else if ($Type == "Key") {
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == "$Data") {
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=exists");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$numberOfUploads = 0;
|
||||||
|
$lastUsed = "";
|
||||||
|
$Issued = "";
|
||||||
|
$ip = "";
|
||||||
|
$userAgent = "";
|
||||||
|
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = getUserAgent();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIssued || $storeIssued == "true") {
|
||||||
|
$Issued = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
$ip = getIPAddress();
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("INSERT INTO keys(key, numberofuploads, lastused, issued, ip, useragent) VALUES('$Data', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
|
||||||
|
} else {
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=create&e=type");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($Redirect == "admin") {
|
||||||
|
header("Location: admin.php?action=keys");
|
||||||
|
} else {
|
||||||
|
header("Location: /");
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -43,6 +43,10 @@ footer {
|
||||||
color: #ff0000;
|
color: #ff0000;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.adminError {
|
||||||
|
color: #ff0000;
|
||||||
|
}
|
||||||
|
|
||||||
.content {
|
.content {
|
||||||
color: #f0eee4;
|
color: #f0eee4;
|
||||||
padding: 5px;
|
padding: 5px;
|
||||||
|
@ -69,6 +73,10 @@ footer {
|
||||||
background-color: #363636;
|
background-color: #363636;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.adminCreateForm {
|
||||||
|
padding: 10px;
|
||||||
|
}
|
||||||
|
|
||||||
.adminWarning {
|
.adminWarning {
|
||||||
color: #ffff00;
|
color: #ffff00;
|
||||||
}
|
}
|
||||||
|
|
16
upload.php
16
upload.php
|
@ -122,10 +122,10 @@ if (!$publicUploading || $publicUploading == "false") {
|
||||||
$id = $line['id'];
|
$id = $line['id'];
|
||||||
$keyID = $id;
|
$keyID = $id;
|
||||||
$numberOfUploads = $line['numberofuploads'] + 1;
|
$numberOfUploads = $line['numberofuploads'] + 1;
|
||||||
$lastUsed = date($dateFormat);
|
$lastUsed = date($dateFormat);
|
||||||
|
|
||||||
$Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");
|
$Database->exec("UPDATE admins SET lastused='$lastUsed' WHERE id='$id'");
|
||||||
$Database->exec("UPDATE keys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
|
$Database->exec("UPDATE admins SET numberofuploads='$numberOfUploads' WHERE id='$id'");
|
||||||
|
|
||||||
if ($storeIP || $storeIP == "true") {
|
if ($storeIP || $storeIP == "true") {
|
||||||
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
||||||
|
@ -136,12 +136,12 @@ if (!$publicUploading || $publicUploading == "false") {
|
||||||
$ip = $_SERVER['REMOTE_ADDR'];
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
|
$Database->exec("UPDATE admins SET ip='$ip' WHERE id='$id'");
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($storeAgent || $storeAgent == "true") {
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
$userAgent = $_SERVER['HTTP_USER_AGENT'];
|
$userAgent = $_SERVER['HTTP_USER_AGENT'];
|
||||||
$Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
|
$Database->exec("UPDATE admins SET useragent='$userAgent' WHERE id='$id'");
|
||||||
}
|
}
|
||||||
|
|
||||||
$Authorized = 1;
|
$Authorized = 1;
|
||||||
|
@ -196,12 +196,6 @@ if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM uploads');
|
$DatabaseQuery = $Database->query('SELECT * FROM uploads');
|
||||||
$Database->exec("INSERT INTO uploads(file, uploaddate, keyid, keytype) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$keyType')");
|
$Database->exec("INSERT INTO uploads(file, uploaddate, keyid, keytype) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$keyType')");
|
||||||
|
|
||||||
if ($keyType == 1) { // Remove temporary key
|
|
||||||
$file = file_get_contents($tempKeyFile);
|
|
||||||
$file = preg_replace("/\b$Key\b/", "", $file);
|
|
||||||
file_put_contents($tempKeyFile, $file);
|
|
||||||
}
|
|
||||||
|
|
||||||
print "$uploadedFile";
|
print "$uploadedFile";
|
||||||
|
|
||||||
if (isset($_REQUEST['web'])) { // redirect back to index
|
if (isset($_REQUEST['web'])) { // redirect back to index
|
||||||
|
|
Loading…
Reference in a new issue