diff --git a/add-keys.php b/add-keys.php index 5ecdeb7..38de047 100644 --- a/add-keys.php +++ b/add-keys.php @@ -27,11 +27,23 @@ function addKey($adminKey, $Value) { include "config.php"; $Database = createTables($sqlDB); - $DatabaseQuery = $Database->query('SELECT * FROM keys'); + $DatabaseQuery = $Database->query('SELECT * FROM admins'); + $Authorized = 0; + + while ($line = $DatabaseQuery->fetchArray()) { + if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "") { + $Authorized = 1; + break; + } + } + if ($Authorized != 1) { + print "You are not authorized to perform this action."; + die(); + } $numberOfUploads = 0; - $lastUsed = date($dateFormat); - $Issued = date($dateFormat); + $lastUsed = ""; + $Issued = ""; $ip = ""; $userAgent = ""; @@ -39,6 +51,14 @@ function addKey($adminKey, $Value) { $userAgent = getUserAgent(); } + if ($storeIssued || $storeIssued == "true") { + $Issued = date($dateFormat); + } + + if ($storeLastUsage || $storeLastUsage == "true") { + $lastUsed = date($dateFormat); + } + if ($storeIP || $storeIP == "true") { $ip = getIPAddress(); } @@ -50,11 +70,23 @@ function addTempKey($adminKey, $Value, $uploadsLeft) { include "config.php"; $Database = createTables($sqlDB); - $DatabaseQuery = $Database->query('SELECT * FROM tkeys'); + $DatabaseQuery = $Database->query('SELECT * FROM admins'); + $Authorized = 0; + + while ($line = $DatabaseQuery->fetchArray()) { + if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "") { + $Authorized = 1; + break; + } + } + if ($Authorized != 1) { + print "You are not authorized to perform this action."; + die(); + } $numberOfUploads = 0; - $lastUsed = date($dateFormat); - $Issued = date($dateFormat); + $lastUsed = ""; + $Issued = ""; $ip = ""; $userAgent = ""; @@ -62,12 +94,16 @@ function addTempKey($adminKey, $Value, $uploadsLeft) { $userAgent = getUserAgent(); } - if ($storeIP || $storeIP == "true") { - $ip = getIPAddress(); + if ($storeIssued || $storeIssued == "true") { + $Issued = date($dateFormat); } - if ($storeAgent || $storeAgent == "true") { - $userAgent = $_SERVER['HTTP_USER_AGENT']; + if ($storeLastUsage || $storeLastUsage == "true") { + $lastUsed = date($dateFormat); + } + + if ($storeIP || $storeIP == "true") { + $ip = getIPAddress(); } $Database->exec("INSERT INTO tkeys(key, numberofuploads, uploadsleft, lastused, issued, ip, useragent) VALUES('$Value', '$numberOfUploads', '$uploadsLeft', '$lastUsed', '$Issued', '$ip', '$userAgent')"); @@ -77,11 +113,23 @@ function addAdminKey($adminKey, $Value, $Primary) { include "config.php"; $Database = createTables($sqlDB); - $DatabaseQuery = $Database->query('SELECT * FROM keys'); + $DatabaseQuery = $Database->query('SELECT * FROM admins'); + $Authorized = 0; + + while ($line = $DatabaseQuery->fetchArray()) { + if ($line['key'] == $adminKey && $adminKey != "" && $line['key'] != "" && $line['primaryadmin'] == 1) { + $Authorized = 1; + break; + } + } + if ($Authorized != 1) { + print "You are not authorized to perform this action."; + die(); + } $numberOfUploads = 0; - $lastUsed = date($dateFormat); - $Issued = date($dateFormat); + $lastUsed = ""; + $Issued = ""; $ip = ""; $userAgent = ""; @@ -89,10 +137,18 @@ function addAdminKey($adminKey, $Value, $Primary) { $userAgent = getUserAgent(); } + if ($storeIssued || $storeIssued == "true") { + $Issued = date($dateFormat); + } + + if ($storeLastUsage || $storeLastUsage == "true") { + $lastUsed = date($dateFormat); + } + if ($storeIP || $storeIP == "true") { $ip = getIPAddress(); } - $Database->exec("INSERT INTO admins(key, primary, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$Primary', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')"); + $Database->exec("INSERT INTO admins(key, primaryadmin, numberofuploads, lastused, issued, ip, useragent) VALUES('$Value', '$Primary', '$numberOfUploads', '$lastUsed', '$Issued', '$ip', '$userAgent')"); } ?> diff --git a/admin.php b/admin.php index 816c171..d0dcd63 100644 --- a/admin.php +++ b/admin.php @@ -4,9 +4,14 @@ * Licensed under the GNU Affero General Public License version 3.0 */ -include "config.php"?; +include "config.php"; include "create-table.php"; +if (!$enableAdminKeys || $enableAdminKeys == "false") { + print "Admin keys are not supported."; + die(); +} + $Authorized = 0; $Database = createTables($sqlDB); $DatabaseQuery = $Database->query('SELECT * FROM admins'); @@ -25,7 +30,68 @@ $html .= "\t\t
Invalid administrator key.
\n"; + } } + +$html .= "\t\t