WIP work on SQL #4
This commit is contained in:
parent
dc7b04bb9c
commit
e01c13fe82
18
config.ini
18
config.ini
|
@ -1,11 +1,17 @@
|
||||||
[html]
|
[html]
|
||||||
css = index.css
|
css = index.css
|
||||||
favicon = favicon.svg
|
favicon = favicon.svg
|
||||||
|
|
||||||
[upload]
|
[upload]
|
||||||
upload_dir = uploads2/
|
upload_dir = uploads/
|
||||||
max_size = 100
|
max_size = 100
|
||||||
|
|
||||||
[credentials]
|
[credentials]
|
||||||
key_file = passwords.txt
|
sql = true
|
||||||
temp_key_file = temporary_passwords.txt
|
sqldb = curload.sql
|
||||||
|
key_file = passwords.txt
|
||||||
|
temp_key_file = temporary_passwords.txt
|
||||||
|
|
||||||
|
[logging]
|
||||||
|
store_ip = true
|
||||||
|
store_user_agent = true
|
||||||
|
|
|
@ -5,6 +5,10 @@
|
||||||
$keyFile = "passwords.txt";
|
$keyFile = "passwords.txt";
|
||||||
$tempKeyFile = "temporary_passwords.txt";
|
$tempKeyFile = "temporary_passwords.txt";
|
||||||
$maxFileSize = "100";
|
$maxFileSize = "100";
|
||||||
|
$sql = true;
|
||||||
|
$sqlDB = "curload.db";
|
||||||
|
$storeIP = true;
|
||||||
|
$storeAgent = true;
|
||||||
|
|
||||||
define('CONFIG_FILE', 'config.ini');
|
define('CONFIG_FILE', 'config.ini');
|
||||||
|
|
||||||
|
@ -20,4 +24,8 @@
|
||||||
$keyFile = $configEntries['key_file'];
|
$keyFile = $configEntries['key_file'];
|
||||||
$tempKeyFile = $configEntries['temp_key_file'];
|
$tempKeyFile = $configEntries['temp_key_file'];
|
||||||
$maxFileSize = $configEntries['max_size'];
|
$maxFileSize = $configEntries['max_size'];
|
||||||
|
$sql = $configEntries['sql'];
|
||||||
|
$sqlDB = $configEntries['sqldb'];
|
||||||
|
$storeIP = $configEntries['store_ip'];
|
||||||
|
$storeAgent = $configEntries['store_user_agent'];
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -30,7 +30,7 @@ function initServer() {
|
||||||
function main() {
|
function main() {
|
||||||
include "config.php";
|
include "config.php";
|
||||||
|
|
||||||
printHeader("curload", "Upload files", $Icon, $Stylesheet);
|
printHeader("curload", "Simply upload files", $Icon, $Stylesheet);
|
||||||
|
|
||||||
print "\t\t\t<h1>speedie's super awesome file uploader junk</h1>\n";
|
print "\t\t\t<h1>speedie's super awesome file uploader junk</h1>\n";
|
||||||
print "\t\t\t<form action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">Select file to upload<br><input type=\"file\" name=\"file\" id=\"file\"><br><input type=\"text\" name=\"key\" placeholder=\"Upload key here\"><br><input type=\"submit\" value=\"Upload selected file\" name=\"web\"></form>\n";
|
print "\t\t\t<form action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">Select file to upload<br><input type=\"file\" name=\"file\" id=\"file\"><br><input type=\"text\" name=\"key\" placeholder=\"Upload key here\"><br><input type=\"submit\" value=\"Upload selected file\" name=\"web\"></form>\n";
|
||||||
|
|
113
upload.php
113
upload.php
|
@ -14,7 +14,39 @@
|
||||||
$uploadLimit = $maxFileSize * 1000000;
|
$uploadLimit = $maxFileSize * 1000000;
|
||||||
$self = dirname($_SERVER['PHP_SELF']);
|
$self = dirname($_SERVER['PHP_SELF']);
|
||||||
|
|
||||||
if (isset($_FILES['file']['name'])) {
|
if (!isset($_FILES['file']['name'])) {
|
||||||
|
print "You didn't specify a file.";
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
// init database
|
||||||
|
if ($sql) {
|
||||||
|
$Database = new SQLite3($sqlDB);
|
||||||
|
$Database->exec("CREATE TABLE keys(id INTEGER PRIMARY KEY, key TEXT)");
|
||||||
|
$Database->exec("CREATE TABLE tkeys(id INTEGER PRIMARY KEY, key TEXT, uploads INT)");
|
||||||
|
$Database->exec("CREATE TABLE uploads(id INTEGER PRIMARY KEY, file TEXT, date TEXT, useragent TEXT, ip TEXT)");
|
||||||
|
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $Key && $Key != "" && $line['key'] != "") {
|
||||||
|
$Authorized = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($Authorized != 1) {
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && $line['uploads'] != 0) {
|
||||||
|
$numberOfUploads = $line['uploads'] - 1;
|
||||||
|
$id = $line['id'];
|
||||||
|
$Database->exec("UPDATE tkeys SET uploads=$numberOfUploads WHERE id=$id");
|
||||||
|
$Authorized = 1;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
} else { // no sql version
|
||||||
// All normal keys will be considered valid
|
// All normal keys will be considered valid
|
||||||
if (file_exists($keyFile)) {
|
if (file_exists($keyFile)) {
|
||||||
$validKeys = explode("\n", file_get_contents($keyFile));
|
$validKeys = explode("\n", file_get_contents($keyFile));
|
||||||
|
@ -45,58 +77,55 @@
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Not an authorized key
|
// Not an authorized key
|
||||||
if ($Authorized == 0) {
|
if ($Authorized == 0) {
|
||||||
print "Not authorized: Key '$Key' is invalid.";
|
print "Not authorized: Key '$Key' is invalid.";
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($_FILES['file']['size'] > $uploadLimit) {
|
if ($_FILES['file']['size'] > $uploadLimit) {
|
||||||
print "File is too big. Max file size is $maxFileSize" . "MB";
|
print "File is too big. Max file size is $maxFileSize" . "MB";
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_dir($uploadDir)) {
|
if (!is_dir($uploadDir)) {
|
||||||
mkdir($uploadDir, 0777, true);
|
mkdir($uploadDir, 0777, true);
|
||||||
}
|
}
|
||||||
|
|
||||||
$destinationFile = $uploadDir . basename($_FILES['file']['name']);
|
$destinationFile = $uploadDir . basename($_FILES['file']['name']);
|
||||||
|
|
||||||
if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
|
if (file_exists($destinationFile)) { // rename file to distinguish it from existing file
|
||||||
$destinationFile = $uploadDir . rand(10000,100000) . "." . strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
|
$destinationFile = $uploadDir . rand(10000,100000) . "." . strtolower(pathinfo(basename($_FILES['file']['name']),PATHINFO_EXTENSION));
|
||||||
|
|
||||||
if (file_exists($destinationFile)) { // wtf
|
if (file_exists($destinationFile)) { // wtf
|
||||||
print "Failed to upload file.";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
|
|
||||||
$uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
|
|
||||||
|
|
||||||
if ($tempKeyUsed) { // Remove temporary key
|
|
||||||
$file = file_get_contents($tempKeyFile);
|
|
||||||
$file = preg_replace("/\b$Key\b/", "", $file);
|
|
||||||
file_put_contents($tempKeyFile, $file);
|
|
||||||
}
|
|
||||||
|
|
||||||
print "$uploadedFile";
|
|
||||||
|
|
||||||
if (isset($_REQUEST['web'])) { // redirect back to index
|
|
||||||
print "<p><a href=\"$uploadedFile\">Your link</a></p>\n";
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
print "Failed to upload file.";
|
print "Failed to upload file.";
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
if ($_FILES['file']['error'] == 1) {
|
if (move_uploaded_file($_FILES['file']['tmp_name'], $destinationFile)) {
|
||||||
print "Is the upload_max_filesize set up properly?";
|
$uploadedFile = dirname($_SERVER['PHP_SELF']) . $destinationFile;
|
||||||
}
|
|
||||||
|
if ($tempKeyUsed) { // Remove temporary key
|
||||||
|
$file = file_get_contents($tempKeyFile);
|
||||||
|
$file = preg_replace("/\b$Key\b/", "", $file);
|
||||||
|
file_put_contents($tempKeyFile, $file);
|
||||||
|
}
|
||||||
|
|
||||||
|
print "$uploadedFile";
|
||||||
|
|
||||||
|
if (isset($_REQUEST['web'])) { // redirect back to index
|
||||||
|
print "<p><a href=\"$uploadedFile\">Your link</a></p>\n";
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
print "You didn't specify a file.";
|
print "Failed to upload file.";
|
||||||
|
|
||||||
|
if ($_FILES['file']['error'] == 1) {
|
||||||
|
print "Is the upload_max_filesize set up properly?";
|
||||||
|
}
|
||||||
die();
|
die();
|
||||||
}
|
}
|
||||||
?>
|
?>
|
||||||
|
|
Loading…
Reference in a new issue