Add login
This commit is contained in:
parent
8af14ad90d
commit
e0fc2a6c8a
|
@ -18,7 +18,7 @@ $Database = createTables($sqlDB);
|
||||||
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||||
|
|
||||||
$html = "";
|
$html = "";
|
||||||
$html = printHead($html);
|
$html = printHeader($html);
|
||||||
|
|
||||||
if (isset($_REQUEST['key'])) {
|
if (isset($_REQUEST['key'])) {
|
||||||
$Key = $_REQUEST['key'];
|
$Key = $_REQUEST['key'];
|
||||||
|
|
|
@ -2,8 +2,12 @@
|
||||||
instance_name = curload
|
instance_name = curload
|
||||||
css = index.css
|
css = index.css
|
||||||
javascript = index.js
|
javascript = index.js
|
||||||
|
logo = logo.svg
|
||||||
favicon = favicon.svg
|
favicon = favicon.svg
|
||||||
|
|
||||||
|
[header]
|
||||||
|
logo_header_size = 16
|
||||||
|
|
||||||
[upload]
|
[upload]
|
||||||
upload_dir = uploads/
|
upload_dir = uploads/
|
||||||
public_uploading = false
|
public_uploading = false
|
||||||
|
@ -18,6 +22,7 @@ sqldb = curload.sql
|
||||||
enable_keys = true
|
enable_keys = true
|
||||||
enable_temporary_keys = true
|
enable_temporary_keys = true
|
||||||
enable_admin_keys = true
|
enable_admin_keys = true
|
||||||
|
cookie_name = speedierocks
|
||||||
|
|
||||||
[logging]
|
[logging]
|
||||||
store_ip = true
|
store_ip = true
|
||||||
|
|
|
@ -8,6 +8,7 @@ $configFile = "config.ini";
|
||||||
$Stylesheet = "index.css";
|
$Stylesheet = "index.css";
|
||||||
$javaScript = "index.js";
|
$javaScript = "index.js";
|
||||||
$Icon = "favicon.svg";
|
$Icon = "favicon.svg";
|
||||||
|
$Logo = "logo.svg";
|
||||||
$uploadDir = "uploads/";
|
$uploadDir = "uploads/";
|
||||||
$maxFileSize = "100";
|
$maxFileSize = "100";
|
||||||
$sqlDB = "curload.db";
|
$sqlDB = "curload.db";
|
||||||
|
@ -19,8 +20,10 @@ $storeUploads = true;
|
||||||
$publicUploading = false;
|
$publicUploading = false;
|
||||||
$renameDuplicates = true;
|
$renameDuplicates = true;
|
||||||
$replaceOriginal = false;
|
$replaceOriginal = false;
|
||||||
|
$logoHeaderSize = 16;
|
||||||
$dateFormat = "Y/m/d";
|
$dateFormat = "Y/m/d";
|
||||||
$instanceName = "curload";
|
$instanceName = "curload";
|
||||||
|
$cookieName = "speedierocks";
|
||||||
$enableKeys = true;
|
$enableKeys = true;
|
||||||
$enableAdminKeys = true;
|
$enableAdminKeys = true;
|
||||||
$enableTemporaryKeys = true;
|
$enableTemporaryKeys = true;
|
||||||
|
@ -35,6 +38,7 @@ if (!file_exists($configFile)) {
|
||||||
$configEntries = parse_ini_file($configFile);
|
$configEntries = parse_ini_file($configFile);
|
||||||
$Stylesheet = $configEntries['css'];
|
$Stylesheet = $configEntries['css'];
|
||||||
$Icon = $configEntries['favicon'];
|
$Icon = $configEntries['favicon'];
|
||||||
|
$Logo = $configEntries['logo'];
|
||||||
$uploadDir = $configEntries['upload_dir'];
|
$uploadDir = $configEntries['upload_dir'];
|
||||||
$maxFileSize = $configEntries['max_size'];
|
$maxFileSize = $configEntries['max_size'];
|
||||||
$sqlDB = $configEntries['sqldb'];
|
$sqlDB = $configEntries['sqldb'];
|
||||||
|
@ -43,6 +47,7 @@ $storeAgent = $configEntries['store_user_agent'];
|
||||||
$storeIssued = $configEntries['store_issued'];
|
$storeIssued = $configEntries['store_issued'];
|
||||||
$storeLastUsage = $configEntries['store_last_usage'];
|
$storeLastUsage = $configEntries['store_last_usage'];
|
||||||
$storeUploads = $configEntries['store_number_of_uploads'];
|
$storeUploads = $configEntries['store_number_of_uploads'];
|
||||||
|
$logoHeaderSize = $configEntries['logo_header_size'];
|
||||||
$dateFormat = $configEntries['date_format'];
|
$dateFormat = $configEntries['date_format'];
|
||||||
$instanceName = $configEntries['instance_name'];
|
$instanceName = $configEntries['instance_name'];
|
||||||
$publicUploading = $configEntries['public_uploading'];
|
$publicUploading = $configEntries['public_uploading'];
|
||||||
|
@ -53,5 +58,6 @@ $enableAdminKeys = $configEntries['enable_admin_keys'];
|
||||||
$enableTemporaryKeys = $configEntries['enable_temporary_keys'];
|
$enableTemporaryKeys = $configEntries['enable_temporary_keys'];
|
||||||
$enableUploadRemoval = $configEntries['enable_upload_removal'];
|
$enableUploadRemoval = $configEntries['enable_upload_removal'];
|
||||||
$enableKeyUploadRemoval = $configEntries['enable_key_upload_removal'];
|
$enableKeyUploadRemoval = $configEntries['enable_key_upload_removal'];
|
||||||
|
$cookieName = $configEntries['cookie_name'];
|
||||||
$javaScript = $configEntries['javascript'];
|
$javaScript = $configEntries['javascript'];
|
||||||
?>
|
?>
|
||||||
|
|
8
core.php
8
core.php
|
@ -4,7 +4,7 @@
|
||||||
* Licensed under the GNU Affero General Public License version 3.0
|
* Licensed under the GNU Affero General Public License version 3.0
|
||||||
*/
|
*/
|
||||||
|
|
||||||
function printHead($html) {
|
function printHeader($html) {
|
||||||
include "config.php";
|
include "config.php";
|
||||||
|
|
||||||
$html .= "<!DOCTYPE html>\n";
|
$html .= "<!DOCTYPE html>\n";
|
||||||
|
@ -18,6 +18,12 @@ function printHead($html) {
|
||||||
if (file_exists($javaScript)) $html .= "\t\t<script src=\"$javaScript\"></script>\n";
|
if (file_exists($javaScript)) $html .= "\t\t<script src=\"$javaScript\"></script>\n";
|
||||||
|
|
||||||
$html .= "\t\t<title>$instanceName</title>\n";
|
$html .= "\t\t<title>$instanceName</title>\n";
|
||||||
|
$html .= "\t\t<div class=\"bar\">\n";
|
||||||
|
$html .= "\t\t\t<span id='titleSpan' class='title'>\n";
|
||||||
|
if (file_exists($Logo)) $html .= "\t\t\t\t<img src=\"$Logo\" id=\"titleLogo\" class=\"title\" width=\"$logoHeaderSize\" height=\"$logoHeaderSize\">\n";
|
||||||
|
$html .= "\t\t\t\t$instanceName\n";
|
||||||
|
$html .= "\t\t\t</span>\n";
|
||||||
|
$html .= "\t\t</div>\n";
|
||||||
$html .= "\t</head>\n";
|
$html .= "\t</head>\n";
|
||||||
$html .= "\t<body>\n";
|
$html .= "\t<body>\n";
|
||||||
$html .= "\t\t<div class=\"content\">\n";
|
$html .= "\t\t<div class=\"content\">\n";
|
||||||
|
|
|
@ -9,7 +9,7 @@
|
||||||
}
|
}
|
||||||
|
|
||||||
.bar img {
|
.bar img {
|
||||||
transform: translate(0, +30%);
|
float: left;
|
||||||
padding-right: 5px;
|
padding-right: 5px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -49,11 +49,16 @@ footer {
|
||||||
padding-left: 2px;
|
padding-left: 2px;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.error {
|
||||||
|
color: #ff0000;
|
||||||
|
}
|
||||||
|
|
||||||
.content {
|
.content {
|
||||||
color: #f0eee4;
|
color: #f0eee4;
|
||||||
padding: 5px;
|
padding: 5px;
|
||||||
max-width: 1000px;
|
max-width: 1000px;
|
||||||
margin: auto;
|
margin: auto;
|
||||||
|
text-align: center;
|
||||||
}
|
}
|
||||||
|
|
||||||
a {
|
a {
|
||||||
|
|
|
@ -9,13 +9,17 @@ function main() {
|
||||||
include "core.php";
|
include "core.php";
|
||||||
|
|
||||||
$html = "";
|
$html = "";
|
||||||
$html = printHead($html);
|
$html = printHeader($html);
|
||||||
|
|
||||||
$html .= "\t\t\t<h1>speedie's super awesome file uploader junk</h1>\n";
|
$html .= "\t\t\t<h1>speedie's super awesome file uploader junk</h1>\n";
|
||||||
$html .= "\t\t\t<form action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">Select file to upload<br><input type=\"file\" name=\"file\" id=\"file\"><br><input type=\"text\" name=\"key\" placeholder=\"Upload key here\"><br><input type=\"submit\" value=\"Upload selected file\" name=\"web\"></form>\n";
|
$html .= "\t\t\t<form action=\"upload.php\" method=\"post\" enctype=\"multipart/form-data\">Select file to upload<br><input type=\"file\" name=\"file\" id=\"file\"><br><input type=\"text\" name=\"key\" placeholder=\"Upload key here\"><br><input type=\"submit\" value=\"Upload selected file\" name=\"web\"></form>\n";
|
||||||
$html .= "\t\t\t<p>Max file size: $maxFileSize MB</p>\n";
|
$html .= "\t\t\t<p>Max file size: $maxFileSize MB</p>\n";
|
||||||
$html .= "\t\t\t<a href=\"https://git.speedie.site/speedie/curload\">source code</a>\n";
|
$html .= "\t\t\t<a href=\"https://git.speedie.site/speedie/curload\">source code</a>\n";
|
||||||
|
|
||||||
|
if (isset($_COOKIE[$cookieName])) {
|
||||||
|
$html .= "\t\t\t<p>Cookie found, how awesome is that?</p>\n";
|
||||||
|
}
|
||||||
|
|
||||||
$html = printFooter($html);
|
$html = printFooter($html);
|
||||||
|
|
||||||
print "$html";
|
print "$html";
|
||||||
|
|
197
login.php
Normal file
197
login.php
Normal file
|
@ -0,0 +1,197 @@
|
||||||
|
<?php
|
||||||
|
/* curload
|
||||||
|
* Simple file uploading using POST requests and temporary keys
|
||||||
|
* Licensed under the GNU Affero General Public License version 3.0
|
||||||
|
*/
|
||||||
|
|
||||||
|
include "config.php";
|
||||||
|
include "create-table.php";
|
||||||
|
include "core.php";
|
||||||
|
|
||||||
|
$Authorized = 0;
|
||||||
|
$KeyType = 0;
|
||||||
|
$Redirect = "";
|
||||||
|
|
||||||
|
if (isset($_REQUEST['redir'])) {
|
||||||
|
$Redirect = $_REQUEST['redir'];
|
||||||
|
}
|
||||||
|
|
||||||
|
// if a cookie exists, redirect the user there instead
|
||||||
|
if (isset($_COOKIE[$cookieName])) {
|
||||||
|
if (isset($_REQUEST['logout']) && $_REQUEST['logout'] == "true") {
|
||||||
|
setcookie($cookieName, "", 0);
|
||||||
|
header('Location: login.php');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($Redirect == "index" || ($Redirect == "admin" && $KeyType != 3) || $Redirect == "") {
|
||||||
|
header('Location: /');
|
||||||
|
die();
|
||||||
|
} else if ($Redirect == "admin") {
|
||||||
|
header('Location: admin.php');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (isset($_REQUEST['key'])) {
|
||||||
|
$Key = $_REQUEST['key'];
|
||||||
|
|
||||||
|
// check the validity of the key
|
||||||
|
$Database = createTables($sqlDB);
|
||||||
|
|
||||||
|
// Regular keys
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM keys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableKeys || $enableKeys == "true")) {
|
||||||
|
$id = $line['id'];
|
||||||
|
|
||||||
|
// update last usage
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
$Database->exec("UPDATE keys SET lastused='$lastUsed' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update IP address
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
||||||
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||||
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
||||||
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||||
|
} else {
|
||||||
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("UPDATE keys SET ip='$ip' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update user agent
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = $_SERVER['HTTP_USER_AGENT'];
|
||||||
|
$Database->exec("UPDATE keys SET useragent='$userAgent' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
$Authorized = 1;
|
||||||
|
$KeyType = 0;
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Temporary keys
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM tkeys');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableTemporaryKeys || $enableTemporaryKeys == "true")) {
|
||||||
|
$id = $line['id'];
|
||||||
|
|
||||||
|
// update last usage
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
$Database->exec("UPDATE tkeys SET lastused='$lastUsed' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update IP address
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
||||||
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||||
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
||||||
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||||
|
} else {
|
||||||
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("UPDATE tkeys SET ip='$ip' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update user agent
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = $_SERVER['HTTP_USER_AGENT'];
|
||||||
|
$Database->exec("UPDATE tkeys SET useragent='$userAgent' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
$Authorized = 1;
|
||||||
|
$KeyType = 1;
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Admin keys
|
||||||
|
$DatabaseQuery = $Database->query('SELECT * FROM admins');
|
||||||
|
while ($line = $DatabaseQuery->fetchArray()) {
|
||||||
|
if ($line['key'] == $Key && $Key != "" && $line['key'] != "" && ($enableTemporaryKeys || $enableTemporaryKeys == "true")) {
|
||||||
|
$id = $line['id'];
|
||||||
|
|
||||||
|
// update last usage
|
||||||
|
if ($storeLastUsage || $storeLastUsage == "true") {
|
||||||
|
$lastUsed = date($dateFormat);
|
||||||
|
$Database->exec("UPDATE admins SET lastused='$lastUsed' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update IP address
|
||||||
|
if ($storeIP || $storeIP == "true") {
|
||||||
|
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
|
||||||
|
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||||
|
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
||||||
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||||
|
} else {
|
||||||
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||||||
|
}
|
||||||
|
|
||||||
|
$Database->exec("UPDATE admins SET ip='$ip' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
// update user agent
|
||||||
|
if ($storeAgent || $storeAgent == "true") {
|
||||||
|
$userAgent = $_SERVER['HTTP_USER_AGENT'];
|
||||||
|
$Database->exec("UPDATE admins SET useragent='$userAgent' WHERE id='$id'");
|
||||||
|
}
|
||||||
|
|
||||||
|
$Authorized = 1;
|
||||||
|
$KeyType = 2;
|
||||||
|
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($Authorized == 0) {
|
||||||
|
header('Location: login.php?e=true');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
setcookie($cookieName, $Key);
|
||||||
|
|
||||||
|
if (!isset($_COOKIE[$cookieName])) {
|
||||||
|
header('Location: /');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($Redirect == "index" || ($Redirect == "admin" && $KeyType != 3)) {
|
||||||
|
header('Location: /');
|
||||||
|
die();
|
||||||
|
} else {
|
||||||
|
header('Location: admin.php');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
|
||||||
|
die();
|
||||||
|
} else {
|
||||||
|
$html = "";
|
||||||
|
|
||||||
|
$html = printHeader($html);
|
||||||
|
|
||||||
|
$html .= "\t\t\t<h1 id='loginHeader'>Login</h1>\n";
|
||||||
|
$html .= "\t\t\t\t<p>Enter your login key to continue.</p>\n";
|
||||||
|
$html .= "\t\t\t\t<form action=\"login.php\">\n";
|
||||||
|
$html .= "\t\t\t\t\t<input type=\"password\" name=\"key\" placeholder=\"Login key\">\n";
|
||||||
|
$html .= "\t\t\t\t\t<input type=\"submit\" value=\"Login\">\n";
|
||||||
|
$html .= "\t\t\t\t</form>\n";
|
||||||
|
|
||||||
|
if (isset($_REQUEST['e']) && $_REQUEST['e'] == "true") {
|
||||||
|
$html .= "\t\t\t\t<p class=\"error\">Invalid key.</p>\n";
|
||||||
|
}
|
||||||
|
|
||||||
|
$html = printFooter($html);
|
||||||
|
|
||||||
|
print "$html";
|
||||||
|
}
|
||||||
|
?>
|
Loading…
Reference in a new issue