diff --git a/add-keys.php b/add-keys.php
index 278c72e..5ecdeb7 100644
--- a/add-keys.php
+++ b/add-keys.php
@@ -1,97 +1,98 @@
query('SELECT * FROM keys');
+
+ $numberOfUploads = 0;
+ $lastUsed = date($dateFormat);
+ $Issued = date($dateFormat);
+ $ip = "";
+ $userAgent = "";
+
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = getUserAgent();
}
- function getUserAgent() {
- return $_SERVER['HTTP_USER_AGENT'];
+ if ($storeIP || $storeIP == "true") {
+ $ip = getIPAddress();
}
- // TODO: Hash passwords
- function addKey($adminKey, $Value) {
- include "config.php";
+ $Database->exec("INSERT INTO keys(key, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+}
- $Database = createTables($sqlDB);
- $DatabaseQuery = $Database->query('SELECT * FROM keys');
+function addTempKey($adminKey, $Value, $uploadsLeft) {
+ include "config.php";
- $numberOfUploads = 0;
- $lastUsed = date($dateFormat);
- $Issued = date($dateFormat);
- $ip = "";
- $userAgent = "";
+ $Database = createTables($sqlDB);
+ $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = getUserAgent();
- }
+ $numberOfUploads = 0;
+ $lastUsed = date($dateFormat);
+ $Issued = date($dateFormat);
+ $ip = "";
+ $userAgent = "";
- if ($storeIP || $storeIP == "true") {
- $ip = getIPAddress();
- }
-
- $Database->exec("INSERT INTO keys(key, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = getUserAgent();
}
- function addTempKey($adminKey, $Value, $uploadsLeft) {
- include "config.php";
-
- $Database = createTables($sqlDB);
- $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
-
- $numberOfUploads = 0;
- $lastUsed = date($dateFormat);
- $Issued = date($dateFormat);
- $ip = "";
- $userAgent = "";
-
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = getUserAgent();
- }
-
- if ($storeIP || $storeIP == "true") {
- $ip = getIPAddress();
- }
-
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = $_SERVER['HTTP_USER_AGENT'];
- }
-
- $Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+ if ($storeIP || $storeIP == "true") {
+ $ip = getIPAddress();
}
- // TEMPORARY FUNCTION: TO BE REMOVED
- function addAdminKey($Value) {
- include "config.php";
-
- $Database = createTables($sqlDB);
- $DatabaseQuery = $Database->query('SELECT * FROM admins');
-
- $lastUsed = date($dateFormat);
- $Issued = date($dateFormat);
- $ip = "";
- $userAgent = "";
-
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = getUserAgent();
- }
-
- if ($storeIP || $storeIP == "true") {
- $ip = getIPAddress();
- }
-
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = $_SERVER['HTTP_USER_AGENT'];
- }
-
- $Database->exec("INSERT INTO admins(id, key, lastused, issued, ip, useragent) VALUES('$Value', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = $_SERVER['HTTP_USER_AGENT'];
}
+
+ $Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+}
+
+function addAdminKey($adminKey, $Value, $Primary) {
+ include "config.php";
+
+ $Database = createTables($sqlDB);
+ $DatabaseQuery = $Database->query('SELECT * FROM keys');
+
+ $numberOfUploads = 0;
+ $lastUsed = date($dateFormat);
+ $Issued = date($dateFormat);
+ $ip = "";
+ $userAgent = "";
+
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = getUserAgent();
+ }
+
+ if ($storeIP || $storeIP == "true") {
+ $ip = getIPAddress();
+ }
+
+ $Database->exec("INSERT INTO admins(key, primary, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$Primary', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')");
+}
?>
diff --git a/admin.php b/admin.php
new file mode 100644
index 0000000..816c171
--- /dev/null
+++ b/admin.php
@@ -0,0 +1,31 @@
+query('SELECT * FROM admins');
+
+$html .= "\n";
+$html .= "\n";
+$html .= "\t
\n";
+$html .= "\t\t\n";
+
+if (isset($_REQUEST['key'])) {
+ $Key = $_REQUEST['key'];
+} else {
+ $Authorized = 0;
+}
+?>
diff --git a/config.ini b/config.ini
index 3c72881..9d4e0ed 100644
--- a/config.ini
+++ b/config.ini
@@ -1,4 +1,5 @@
[html]
+instance_name = curload
css = index.css
favicon = favicon.svg
diff --git a/config.php b/config.php
index 92bbe27..20ee21d 100644
--- a/config.php
+++ b/config.php
@@ -1,37 +1,44 @@
diff --git a/create-table.php b/create-table.php
index c7fd391..50e43f6 100644
--- a/create-table.php
+++ b/create-table.php
@@ -1,51 +1,55 @@
exec(
- "CREATE TABLE IF NOT EXISTS admins(id INTEGER PRIMARY KEY, key TEXT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)"
- );
+function createTables($sqlDB) {
+ $Database = new SQLite3($sqlDB);
- /* keys table
- * id (INTEGER PRIMARY KEY)
- * key (TEXT)
- * numberofuploads (INT)
- * lastused (INT)
- * issued (TEXT)
- * ip (TEXT)
- * useragent (TEXT)
- */
- $Database->exec("CREATE TABLE IF NOT EXISTS keys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
+ /* administrator table
+ * id (INTEGER PRIMARY KEY)
+ * key (TEXT)
+ * primary (INT)
+ * lastused (TEXT)
+ * issued (TEXT)
+ * ip (TEXT)
+ * useragent (TEXT)
+ */
+ $Database->exec("CREATE TABLE IF NOT EXISTS admins(id INTEGER PRIMARY KEY, key TEXT, primary INT, numberofuploads INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
- /* temporary keys table
- * id (INTEGER PRIMARY KEY)
- * key (TEXT)
- * numberofuploads (INT)
- * uploadsleft (INT)
- * lastused (TEXT)
- * issued (TEXT)
- * ip (TEXT)
- * useragent (TEXT)
- */
- $Database->exec("CREATE TABLE IF NOT EXISTS tkeys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, uploadsleft INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
+ /* keys table
+ * id (INTEGER PRIMARY KEY)
+ * key (TEXT)
+ * numberofuploads (INT)
+ * lastused (INT)
+ * issued (TEXT)
+ * ip (TEXT)
+ * useragent (TEXT)
+ */
+ $Database->exec("CREATE TABLE IF NOT EXISTS keys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
- /* uploads table
- * id (INTEGER PRIMARY KEY)
- * file (TEXT)
- * uploaddate (TEXT)
- * keyid (INT) (THIS IS THE ID OF THE KEY USED TO UPLOAD THE FILE)
- * tempkey (INT)
- */
- $Database->exec("CREATE TABLE IF NOT EXISTS uploads(id INTEGER PRIMARY KEY, file TEXT, uploaddate TEXT, keyid INT, tempkey INT)");
+ /* temporary keys table
+ * id (INTEGER PRIMARY KEY)
+ * key (TEXT)
+ * numberofuploads (INT)
+ * uploadsleft (INT)
+ * lastused (TEXT)
+ * issued (TEXT)
+ * ip (TEXT)
+ * useragent (TEXT)
+ */
+ $Database->exec("CREATE TABLE IF NOT EXISTS tkeys(id INTEGER PRIMARY KEY, key TEXT, numberofuploads INT, uploadsleft INT, lastused TEXT, issued TEXT, ip TEXT, useragent TEXT)");
- return $Database;
- }
+ /* uploads table
+ * id (INTEGER PRIMARY KEY)
+ * file (TEXT)
+ * uploaddate (TEXT)
+ * keyid (INT) (THIS IS THE ID OF THE KEY USED TO UPLOAD THE FILE)
+ * keytype (INT)
+ */
+ $Database->exec("CREATE TABLE IF NOT EXISTS uploads(id INTEGER PRIMARY KEY, file TEXT, uploaddate TEXT, keyid INT, keytype INT)");
+
+ return $Database;
+}
?>
diff --git a/create.php b/create.php
index 11c84cc..ac8953b 100644
--- a/create.php
+++ b/create.php
@@ -30,7 +30,7 @@
}
if ($Type == "Admin") {
- addAdminKey($Data);
+ addAdminKey($Key, $Data, 0);
} else if ($Type == "Temporary") {
addTempKey($Key, $Data, $Uploads);
} else if ($Type == "Key") {
diff --git a/index.php b/index.php
index 4ae4ba0..8cd8258 100644
--- a/index.php
+++ b/index.php
@@ -4,51 +4,37 @@
* Licensed under the GNU Affero General Public License version 3.0
*/
-function printHeader($title, $description, $Icon, $Stylesheet) {
- print "\n";
- print "\n";
- print "\t\n";
- print "\t\t
\n";
- print "\t\t
\n";
- print "\t\t
\n";
- print "\t\t
\n";
- print "\t\t
$title\n";
- print "\t\n";
- print "\t\n";
- print "\t\t
\n";
-}
+include "config.php";
-function printFooter() {
- print "\t\t
\n";
- print "\t\n";
- print "\n";
-}
+$html .= "\n";
+$html .= "\n";
+$html .= "\t\n";
+$html .= "\t\t
\n";
+$html .= "\t\t
\n";
+$html .= "\t\t
\n";
+$html .= "\t\t
\n";
+$html .= "\t\t
$primaryTitle\n";
+$html .= "\t\n";
+$html .= "\t\n";
+$html .= "\t\t
\n";
-function initServer() {
-}
+$html .= "\t\t\t
speedie's super awesome file uploader junk
\n";
+$html .= "\t\t\t
\n";
+$html .= "\t\t\t
Max file size: $maxFileSize MB
\n";
+$html .= "\t\t\t
source code\n";
+$html .= "\t\t\t
oops i leaked admin tools
\n";
+$html .= "\t\t\t
\n";
-function main() {
- include "config.php";
+$html .= "\t\t
\n";
+$html .= "\t\n";
+$html .= "\n";
- printHeader("curload", "Simply upload files", $Icon, $Stylesheet);
-
- print "\t\t\t
speedie's super awesome file uploader junk
\n";
- print "\t\t\t
\n";
- print "\t\t\t
Max file size: $maxFileSize MB
\n";
- print "\t\t\t
source code\n";
-
- print "\t\t\t
oops i leaked admin tools
\n";
- print "\t\t\t
\n";
-
- printFooter();
-}
-
-main();
+print "$html";
?>
diff --git a/upload.php b/upload.php
index 5233b86..40c703e 100644
--- a/upload.php
+++ b/upload.php
@@ -1,31 +1,111 @@
query('SELECT * FROM keys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ if ($line['key'] == $Key && $Key != "" && $line['key'] != "") {
+ $id = $line['id'];
+ $keyID = $id;
+ $numberOfUploads = $line['numberofuploads'] + 1;
+ $lastUsed = date($dateFormat);
+
+ $Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");
+ $Database->exec("UPDATE keys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
+
+ if ($storeIP || $storeIP == "true") {
+ if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
+ $ip = $_SERVER['HTTP_CLIENT_IP'];
+ } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ } else {
+ $ip = $_SERVER['REMOTE_ADDR'];
+ }
+
+ $Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
+ }
+
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = $_SERVER['HTTP_USER_AGENT'];
+ $Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
+ }
+
+ $Authorized = 1;
+ $keyType = 0;
+ break;
+ }
}
- $Status = 0;
- $Authorized = 0;
- $tempKeyUsed = 0;
- $uploadLimit = $maxFileSize * 1000000;
- $keyID = 0;
- $self = dirname($_SERVER['PHP_SELF']);
+ if ($Authorized != 1) {
+ $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0) {
+ $uploadsLeft = $line['uploadsleft'] - 1;
+ $numberOfUploads = $line['numberofuploads'] + 1;
+ $lastUsed = date($dateFormat);
+ $id = $line['id'];
+ $keyID = $id;
- if (!isset($_FILES['file']['name'])) {
- print "You didn't specify a file.";
- die();
+ $Database->exec("UPDATE tkeys SET uploadsleft='$uploadsLeft' WHERE id='$id'");
+ $Database->exec("UPDATE tkeys SET lastused='$lastUsed' WHERE id='$id'");
+ $Database->exec("UPDATE tkeys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
+
+ if ($storeIP || $storeIP == "true") {
+ if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
+ $ip = $_SERVER['HTTP_CLIENT_IP'];
+ } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ } else {
+ $ip = $_SERVER['REMOTE_ADDR'];
+ }
+
+ $Database->exec("UPDATE tkeys SET ip='$ip' WHERE id='$id'");
+ }
+
+ if ($storeAgent || $storeAgent == "true") {
+ $userAgent = $_SERVER['HTTP_USER_AGENT'];
+ $Database->exec("UPDATE tkeys SET useragent='$userAgent' WHERE id='$id'");
+ }
+
+ $Authorized = 1;
+ $keyType = 1;
+ break;
+ }
+ }
}
- // init database
- if ($sql == "true" || $sql) {
- $Database = createTables($sqlDB);
+ // maybe admin?
+ if ($Authorized != 1) {
+ $DatabaseQuery = $Database->query('SELECT * FROM admins');
- $DatabaseQuery = $Database->query('SELECT * FROM keys');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['key'] == $Key && $Key != "" && $line['key'] != "") {
$id = $line['id'];
@@ -54,138 +134,98 @@
}
$Authorized = 1;
- $tempKeyUsed = 0;
+ $keyType = 2;
break;
}
}
+ }
+} else { // no sql version
+ // All normal keys will be considered valid
+ if (file_exists($keyFile)) {
+ $validKeys = explode("\n", file_get_contents($keyFile));
+ } else { // one master key must exist
+ print("Error: No valid keys found.");
+ die();
+ }
- if ($Authorized != 1) {
- $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
- while ($line = $DatabaseQuery->fetchArray()) {
- if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploadsleft'] != 0) {
- $uploadsLeft = $line['uploadsleft'] - 1;
- $numberOfUploads = $line['numberofuploads'] + 1;
- $lastUsed = date($dateFormat);
- $id = $line['id'];
- $keyID = $id;
+ foreach ($validKeys as $ValidKey) {
+ if ($Key == $ValidKey && $Key != "" && $ValidKey != "") {
+ $Authorized = 1;
+ $keyType = 0;
- $Database->exec("UPDATE tkeys SET uploadsleft='$uploadsLeft' WHERE id='$id'");
- $Database->exec("UPDATE tkeys SET lastused='$lastUsed' WHERE id='$id'");
- $Database->exec("UPDATE tkeys SET numberofuploads='$numberOfUploads' WHERE id='$id'");
-
- if ($storeIP || $storeIP == "true") {
- if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
- $ip = $_SERVER['HTTP_CLIENT_IP'];
- } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
- } else {
- $ip = $_SERVER['REMOTE_ADDR'];
- }
-
- $Database->exec("UPDATE tkeys SET ip='$ip' WHERE id='$id'");
- }
-
- if ($storeAgent || $storeAgent == "true") {
- $userAgent = $_SERVER['HTTP_USER_AGENT'];
- $Database->exec("UPDATE tkeys SET useragent='$userAgent' WHERE id='$id'");
- }
-
- $Authorized = 1;
- $tempKeyUsed = 1;
- break;
- }
- }
- }
- } else { // no sql version
- // All normal keys will be considered valid
- if (file_exists($keyFile)) {
- $validKeys = explode("\n", file_get_contents($keyFile));
- } else { // one master key must exist
- print("Error: No valid keys found.");
- die();
+ break;
}
+ }
- foreach ($validKeys as $ValidKey) {
+ // Temporary keys as well
+ if (file_exists($tempKeyFile)) {
+ $tempValidKeys = explode("\n", file_get_contents($tempKeyFile));
+
+ foreach ($tempValidKeys as $ValidKey) {
if ($Key == $ValidKey && $Key != "" && $ValidKey != "") {
$Authorized = 1;
- $tempKeyUsed = 0;
+ $keyType = 1; // key should be considered invalid after this use.
break;
}
}
-
- // Temporary keys as well
- if (file_exists($tempKeyFile)) {
- $tempValidKeys = explode("\n", file_get_contents($tempKeyFile));
-
- foreach ($tempValidKeys as $ValidKey) {
- if ($Key == $ValidKey && $Key != "" && $ValidKey != "") {
- $Authorized = 1;
- $tempKeyUsed = 1; // key should be considered invalid after this use.
-
- break;
- }
- }
- }
}
+}
- // Not an authorized key
- if ($Authorized == 0) {
- print "Not authorized: Key '$Key' is invalid.";
- die();
+// Not an authorized key
+if ($Authorized == 0) {
+ print "Not authorized: Key '$Key' is invalid.";
+ die();
+}
+
+if ($_FILES['file']['size'] > $uploadLimit) {
+ print "File is too big. Max file size is $maxFileSize" . "MB";
+ die();
+}
+
+if (!is_dir($uploadDir)) {
+ mkdir($uploadDir, 0777, true);
+}
+
+$destinationFile = $uploadDir . basename($_FILES['file']['name']);
+
+if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
+ $fileExtension = strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
+ if (isset($fileExtension)) {
+ $extension = "." . $fileExtension;
}
+ $destinationFile = $uploadDir . rand(1000,100000) . $extension;
- if ($_FILES['file']['size'] > $uploadLimit) {
- print "File is too big. Max file size is $maxFileSize" . "MB";
- die();
- }
-
- if (!is_dir($uploadDir)) {
- mkdir($uploadDir, 0777, true);
- }
-
- $destinationFile = $uploadDir . basename($_FILES['file']['name']);
-
- if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
- $fileExtension = strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
- if (isset($fileExtension)) {
- $extension = "." . $fileExtension;
- }
- $destinationFile = $uploadDir . rand(1000,100000) . $extension;
-
- if (file_exists($destinationFile)) { // wtf
- print "Failed to upload file.";
- die();
- }
- }
-
- if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
- $uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
-
- if ($sql || $sql == "true") {
- $lastUsed = date($dateFormat);
- $DatabaseQuery = $Database->query('SELECT * FROM uploads');
- $Database->exec("INSERT INTO uploads(file, uploaddate, keyid, tempkey) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$tempKeyUsed')");
- }
-
- if ($tempKeyUsed) { // Remove temporary key
- $file = file_get_contents($tempKeyFile);
- $file = preg_replace("/\b$Key\b/", "", $file);
- file_put_contents($tempKeyFile, $file);
- }
-
- print "$uploadedFile";
-
- if (isset($_REQUEST['web'])) { // redirect back to index
- print "
Your link
\n";
- die();
- }
- } else {
+ if (file_exists($destinationFile)) { // wtf
print "Failed to upload file.";
-
- if ($_FILES['file']['error'] == 1) {
- print "Is the upload_max_filesize set up properly?";
- }
die();
}
+}
+
+if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
+ $uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
+
+ if ($sql || $sql == "true") {
+ $lastUsed = date($dateFormat);
+ $DatabaseQuery = $Database->query('SELECT * FROM uploads');
+ $Database->exec("INSERT INTO uploads(file, uploaddate, keyid, keytype) VALUES('$uploadedFile', '$lastUsed', '$keyID', '$keyType')");
+ }
+
+ if ($keyType == 1) { // Remove temporary key
+ $file = file_get_contents($tempKeyFile);
+ $file = preg_replace("/\b$Key\b/", "", $file);
+ file_put_contents($tempKeyFile, $file);
+ }
+
+ print "$uploadedFile";
+
+ if (isset($_REQUEST['web'])) { // redirect back to index
+ print "
Your link
\n";
+ die();
+ }
+} else {
+ print "Failed to upload file.";
+ print $_FILES['file']['error'];
+ die();
+}
?>