speedie/keyload
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Add code for removing a file

Browse source
This commit is contained in:
Jacob 2023-09-30 03:59:11 +02:00
parent 8f3a013425
commit b377c34247
2 changed files with 92 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
config.php
View file

@ -4,24 +4,26 @@
* Licensed under the GNU Affero General Public License version 3.0
*/
$Stylesheet = "index.css";
$Icon = "favicon.svg";
$uploadDir = "uploads/";
$maxFileSize = "100";
$sqlDB = "curload.db";
$storeIP = true;
$storeAgent = true;
$storeIssued = true;
$storeLastUsage = true;
$storeUploads = true;
$publicUploading = false;
$renameDuplicates = true;
$replaceOriginal = false;
$dateFormat = "Y/m/d";
$instanceName = "curload";
$enableKeys = true;
$enableAdminKeys = true;
$enableTemporaryKeys = true;
$Stylesheet = "index.css";
$Icon = "favicon.svg";
$uploadDir = "uploads/";
$maxFileSize = "100";
$sqlDB = "curload.db";
$storeIP = true;
$storeAgent = true;
$storeIssued = true;
$storeLastUsage = true;
$storeUploads = true;
$publicUploading = false;
$renameDuplicates = true;
$replaceOriginal = false;
$dateFormat = "Y/m/d";
$instanceName = "curload";
$enableKeys = true;
$enableAdminKeys = true;
$enableTemporaryKeys = true;
$enableUploadRemoval = true;
$enableKeyUploadRemoval = true;
define('CONFIG_FILE', 'config.ini');
@ -49,4 +51,6 @@ $replaceOriginal = $configEntries['replace_original'];
$enableKeys = $configEntries['enable_keys'];
$enableAdminKeys = $configEntries['enable_admin_keys'];
$enableTemporaryKeys = $configEntries['enable_temporary_keys'];
$enableUploadRemoval = $configEntries['enable_upload_removal'];
$enableKeyUploadRemoval = $configEntries['enable_key_upload_removal'];
?>

71
remove.php
View file

@ -9,5 +9,74 @@
die();
}
// TODO: Functions that remove stuff
if (isset($_REQUEST['id'])) {
$fileID = $_REQUEST['id'];
} else {
print "No ID specified.";
die();
}
if (!$enableUploadRemoval || $enableUploadRemoval == "false") {
print "Uploads cannot be removed.";
die();
}
$FileToRemove = "";
$AuthorizedRemoval = 0;
$fileUploadedByPrimary = 0;
$Database = createTables($sqlDB);
$DatabaseQuery = $Database->query('SELECT * FROM uploads');
while ($line = $DatabaseQuery->fetchArray()) {
if ($line['id'] == $fileID) { // passed ID is a file that exists
// check if our key is authorized to remove the file
if (($enableKeys || $enableKeys == "true") && ($enableKeyUploadRemoval || $enableKeyUploadRemoval == "true")) {
$keyDatabaseQuery = $Database->query('SELECT * FROM keys');
while ($kline = $keyDatabaseQuery->fetchArray()) {
if ($line['keyid'] == $kline['id']) {
$AuthorizedRemoval = 1;
break;
}
}
}
// check if the key is an admin key, automatically making it authorized to remove the file provided it wasn't uploaded by a primary admin
if ($AuthorizedRemoval != 1 && ($enableUploadRemoval || $enableUploadRemoval == "true")) {
$keyDatabaseQuery = $Database->query('SELECT * FROM admins');
// check if the file was uploaded by a primary admin
while ($kline = $keyDatabaseQuery->fetchArray()) {
if ($kline['key'] == $line['keyid']) {
$fileUploadedByPrimary = $kline['primaryadmin'];
}
}
while ($kline = $keyDatabaseQuery->fetchArray()) {
if ($kline['key'] == $Key && $Key != "" && $kline['key'] != "") { // key = passed key
if (($fileUploadedByPrimary == 1 && $kline['primaryadmin'] == 1) || ($fileUploadedByPrimary == 0)) { // primary key passed and primary file OR non primary file
$AuthorizedRemoval = 1;
break;
}
}
}
}
$FileToRemove = $kline['file'];
break;
}
}
// fuck off pleb
if ($AuthorizedRemoval != 1) {
print "You aren't authorized to perform this action.";
die();
}
// remove file
unlink($FileToRemove);
?>