diff --git a/config.ini b/config.ini
index b539d89..e316e58 100644
--- a/config.ini
+++ b/config.ini
@@ -1,11 +1,17 @@
[html]
-css = index.css
-favicon = favicon.svg
+css = index.css
+favicon = favicon.svg
[upload]
-upload_dir = uploads2/
-max_size = 100
+upload_dir = uploads/
+max_size = 100
[credentials]
-key_file = passwords.txt
-temp_key_file = temporary_passwords.txt
+sql = true
+sqldb = curload.sql
+key_file = passwords.txt
+temp_key_file = temporary_passwords.txt
+
+[logging]
+store_ip = true
+store_user_agent = true
diff --git a/config.php b/config.php
index a2cceb0..4ef12b7 100644
--- a/config.php
+++ b/config.php
@@ -5,6 +5,10 @@
$keyFile = "passwords.txt";
$tempKeyFile = "temporary_passwords.txt";
$maxFileSize = "100";
+ $sql = true;
+ $sqlDB = "curload.db";
+ $storeIP = true;
+ $storeAgent = true;
define('CONFIG_FILE', 'config.ini');
@@ -20,4 +24,8 @@
$keyFile = $configEntries['key_file'];
$tempKeyFile = $configEntries['temp_key_file'];
$maxFileSize = $configEntries['max_size'];
+ $sql = $configEntries['sql'];
+ $sqlDB = $configEntries['sqldb'];
+ $storeIP = $configEntries['store_ip'];
+ $storeAgent = $configEntries['store_user_agent'];
?>
diff --git a/index.php b/index.php
index b26243e..943d34f 100644
--- a/index.php
+++ b/index.php
@@ -30,7 +30,7 @@ function initServer() {
function main() {
include "config.php";
- printHeader("curload", "Upload files", $Icon, $Stylesheet);
+ printHeader("curload", "Simply upload files", $Icon, $Stylesheet);
print "\t\t\t
speedie's super awesome file uploader junk
\n";
print "\t\t\t\n";
diff --git a/upload.php b/upload.php
index 8efdb68..b6593b7 100644
--- a/upload.php
+++ b/upload.php
@@ -14,7 +14,39 @@
$uploadLimit = $maxFileSize * 1000000;
$self = dirname($_SERVER['PHP_SELF']);
- if (isset($_FILES['file']['name'])) {
+ if (!isset($_FILES['file']['name'])) {
+ print "You didn't specify a file.";
+ die();
+ }
+
+ // init database
+ if ($sql) {
+ $Database = new SQLite3($sqlDB);
+ $Database->exec("CREATE TABLE keys(id INTEGER PRIMARY KEY, key TEXT)");
+ $Database->exec("CREATE TABLE tkeys(id INTEGER PRIMARY KEY, key TEXT, uploads INT)");
+ $Database->exec("CREATE TABLE uploads(id INTEGER PRIMARY KEY, file TEXT, date TEXT, useragent TEXT, ip TEXT)");
+
+ $DatabaseQuery = $Database->query('SELECT * FROM keys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ if ($line['key'] == $Key && $Key != "" && $line['key'] != "") {
+ $Authorized = 1;
+ break;
+ }
+ }
+
+ if ($Authorized != 1) {
+ $DatabaseQuery = $Database->query('SELECT * FROM tkeys');
+ while ($line = $DatabaseQuery->fetchArray()) {
+ if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploads'] != 0) {
+ $numberOfUploads = $line['uploads'] - 1;
+ $id = $line['id'];
+ $Database->exec("UPDATE tkeys SET uploads=$numberOfUploads WHERE id=$id");
+ $Authorized = 1;
+ break;
+ }
+ }
+ }
+ } else { // no sql version
// All normal keys will be considered valid
if (file_exists($keyFile)) {
$validKeys = explode("\n", file_get_contents($keyFile));
@@ -45,58 +77,55 @@
}
}
}
+ }
- // Not an authorized key
- if ($Authorized == 0) {
- print "Not authorized: Key '$Key' is invalid.";
- die();
- }
+ // Not an authorized key
+ if ($Authorized == 0) {
+ print "Not authorized: Key '$Key' is invalid.";
+ die();
+ }
- if ($_FILES['file']['size'] > $uploadLimit) {
- print "File is too big. Max file size is $maxFileSize" . "MB";
- die();
- }
+ if ($_FILES['file']['size'] > $uploadLimit) {
+ print "File is too big. Max file size is $maxFileSize" . "MB";
+ die();
+ }
- if (!is_dir($uploadDir)) {
- mkdir($uploadDir, 0777, true);
- }
+ if (!is_dir($uploadDir)) {
+ mkdir($uploadDir, 0777, true);
+ }
- $destinationFile = $uploadDir . basename($_FILES['file']['name']);
+ $destinationFile = $uploadDir . basename($_FILES['file']['name']);
- if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
- $destinationFile = $uploadDir . rand(10000,100000) . "." . strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
+ if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
+ $destinationFile = $uploadDir . rand(10000,100000) . "." . strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
- if (file_exists($destinationFile)) { // wtf
- print "Failed to upload file.";
- die();
- }
- }
-
- if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
- $uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
-
- if ($tempKeyUsed) { // Remove temporary key
- $file = file_get_contents($tempKeyFile);
- $file = preg_replace("/\b$Key\b/", "", $file);
- file_put_contents($tempKeyFile, $file);
- }
-
- print "$uploadedFile";
-
- if (isset($_REQUEST['web'])) { // redirect back to index
- print "Your link
\n";
- die();
- }
- } else {
+ if (file_exists($destinationFile)) { // wtf
print "Failed to upload file.";
+ die();
+ }
+ }
- if ($_FILES['file']['error'] == 1) {
- print "Is the upload_max_filesize set up properly?";
- }
+ if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
+ $uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
+
+ if ($tempKeyUsed) { // Remove temporary key
+ $file = file_get_contents($tempKeyFile);
+ $file = preg_replace("/\b$Key\b/", "", $file);
+ file_put_contents($tempKeyFile, $file);
+ }
+
+ print "$uploadedFile";
+
+ if (isset($_REQUEST['web'])) { // redirect back to index
+ print "Your link
\n";
die();
}
} else {
- print "You didn't specify a file.";
+ print "Failed to upload file.";
+
+ if ($_FILES['file']['error'] == 1) {
+ print "Is the upload_max_filesize set up properly?";
+ }
die();
}
?>