Fijxu/Uguu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

test

Browse source
This commit is contained in:
Go Johansson 2022-12-16 22:56:15 +01:00
parent 83f6699d7f
commit cec6349edd
8 changed files with 722 additions and 751 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/Classes/CuteGrills.php
View file

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Uguu * Uguu
* *
@ -19,7 +18,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu\Classes; namespace Uguu\Classes;
class CuteGrills class CuteGrills
{ {
@ -36,7 +35,7 @@ class CuteGrills
'Location: /img/grills/' . 'Location: /img/grills/' .
$this->GRILLS[array_rand($this->GRILLS)], $this->GRILLS[array_rand($this->GRILLS)],
true, true,
303 303,
); );
} }
} }

42
src/Classes/Database.php
View file

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Uguu * Uguu
* *
@ -19,7 +18,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu\Classes; namespace Uguu\Classes;
use Exception; use Exception;
use PDO; use PDO;
@ -53,7 +52,8 @@ class Database
$q->bindValue(':name', $name); $q->bindValue(':name', $name);
$q->execute(); $q->execute();
return $q->fetchColumn(); return $q->fetchColumn();
} catch (Exception) { }
catch (Exception) {
throw new Exception('Cant check if name exists in DB.', 500); throw new Exception('Cant check if name exists in DB.', 500);
} }
} }
@ -75,7 +75,8 @@ class Database
if ($result['count'] > 0) { if ($result['count'] > 0) {
throw new Exception('File blacklisted!', 415); throw new Exception('File blacklisted!', 415);
} }
} catch (Exception) { }
catch (Exception) {
throw new Exception('Cant check blacklist DB.', 500); throw new Exception('Cant check blacklist DB.', 500);
} }
} }
@ -92,10 +93,9 @@ class Database
if (!$this->CONFIG['ANTI_DUPE']) { if (!$this->CONFIG['ANTI_DUPE']) {
return true; return true;
} }
try { try {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash)' 'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash)',
); );
$q->bindValue(':hash', $hash); $q->bindValue(':hash', $hash);
$q->execute(); $q->execute();
@ -105,7 +105,8 @@ class Database
} else { } else {
return true; return true;
} }
} catch (Exception) { }
catch (Exception) {
throw new Exception('Cant check for dupes in DB.', 500); throw new Exception('Cant check for dupes in DB.', 500);
} }
} }
@ -123,7 +124,7 @@ class Database
try { try {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'INSERT INTO files (hash, originalname, filename, size, date, ip)' . 'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
'VALUES (:hash, :orig, :name, :size, :date, :ip)' 'VALUES (:hash, :orig, :name, :size, :date, :ip)',
); );
$q->bindValue(':hash', $FILE_INFO['SHA1']); $q->bindValue(':hash', $FILE_INFO['SHA1']);
$q->bindValue(':orig', $FILE_INFO['NAME']); $q->bindValue(':orig', $FILE_INFO['NAME']);
@ -132,12 +133,12 @@ class Database
$q->bindValue(':date', $fingerPrintInfo['timestamp']); $q->bindValue(':date', $fingerPrintInfo['timestamp']);
$q->bindValue(':ip', $fingerPrintInfo['ip']); $q->bindValue(':ip', $fingerPrintInfo['ip']);
$q->execute(); $q->execute();
} catch (Exception) { }
catch (Exception) {
throw new Exception('Cant insert into DB.', 500); throw new Exception('Cant insert into DB.', 500);
} }
} }
/** /**
* Creates a new row in the database with the information provided * Creates a new row in the database with the information provided
* *
@ -147,9 +148,8 @@ class Database
{ {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'INSERT INTO timestamp (iphash, files, time)' . 'INSERT INTO timestamp (iphash, files, time)' .
'VALUES (:iphash, :files, :time)' 'VALUES (:iphash, :files, :time)',
); );
$q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
$q->bindValue(':files', $fingerPrintInfo['files_amount']); $q->bindValue(':files', $fingerPrintInfo['files_amount']);
$q->bindValue(':time', $fingerPrintInfo['timestamp']); $q->bindValue(':time', $fingerPrintInfo['timestamp']);
@ -167,25 +167,22 @@ class Database
{ {
if ($iStamp) { if ($iStamp) {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)' 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)',
); );
$q->bindValue(':time', $fingerPrintInfo['timestamp']); $q->bindValue(':time', $fingerPrintInfo['timestamp']);
} else { } else {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)' 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)',
); );
} }
$q->bindValue(':files', $fCount); $q->bindValue(':files', $fCount);
$q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
$q->execute(); $q->execute();
} }
/** /**
* Checks if the user has uploaded more than 100 files in the last minute, if so it returns true, if not it updates the database with the new file count and * Checks if the user has uploaded more than 100 files in the last minute, if so it returns true, if not it updates the database with the new file
* timestamp * count and timestamp
* *
* @param $fingerPrintInfo array An array containing the following: * @param $fingerPrintInfo array An array containing the following:
* *
@ -194,29 +191,24 @@ class Database
public function checkRateLimit(array $fingerPrintInfo):bool public function checkRateLimit(array $fingerPrintInfo):bool
{ {
$q = $this->DB->prepare( $q = $this->DB->prepare(
'SELECT files, time, iphash, COUNT(*) AS count FROM ratelimit WHERE iphash = (:iphash)' 'SELECT files, time, iphash, COUNT(*) AS count FROM ratelimit WHERE iphash = (:iphash)',
); );
$q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
$q->execute(); $q->execute();
$result = $q->fetch(); $result = $q->fetch();
$nTime = $fingerPrintInfo['timestamp'] - (60); $nTime = $fingerPrintInfo['timestamp'] - (60);
switch (true) { switch (true) {
//If more then 100 files trigger rate-limit //If more then 100 files trigger rate-limit
case $result['files'] > 100: case $result['files'] > 100:
return true; return true;
//if timestamp is older than one minute, set new files count and timestamp //if timestamp is older than one minute, set new files count and timestamp
case $result['time'] < $nTime: case $result['time'] < $nTime:
$this->updateRateLimit($fingerPrintInfo['files_amount'], true, $fingerPrintInfo); $this->updateRateLimit($fingerPrintInfo['files_amount'], true, $fingerPrintInfo);
break; break;
//if timestamp isn't older than one-minute update the files count //if timestamp isn't older than one-minute update the files count
case $result['time'] > $nTime: case $result['time'] > $nTime:
$this->updateRateLimit($fingerPrintInfo['files_amount'] + $result['files'], false, $fingerPrintInfo); $this->updateRateLimit($fingerPrintInfo['files_amount'] + $result['files'], false, $fingerPrintInfo);
break; break;
//If there is no other match a record does not exist, create one //If there is no other match a record does not exist, create one
default: default:
$this->createRateLimit($fingerPrintInfo); $this->createRateLimit($fingerPrintInfo);

10
src/Classes/Response.php
View file

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Uguu * Uguu
* *
@ -19,7 +18,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu\Classes; namespace Uguu\Classes;
class Response class Response
{ {
@ -115,7 +114,6 @@ class Response
], JSON_PRETTY_PRINT); ], JSON_PRETTY_PRINT);
} }
/** /**
* Returns a string that contains the error code and description * Returns a string that contains the error code and description
* *
@ -144,7 +142,6 @@ class Response
'json' => $this->jsonSuccess($files), 'json' => $this->jsonSuccess($files),
'text' => $this->textSuccess($files), 'text' => $this->textSuccess($files),
}; };
http_response_code(200); // "200 OK". Success. http_response_code(200); // "200 OK". Success.
echo $response; echo $response;
} }
@ -165,7 +162,6 @@ class Response
'"' . $file['hash'] . '"' . ',' . '"' . $file['hash'] . '"' . ',' .
'"' . $file['size'] . '"' . "\r\n"; '"' . $file['size'] . '"' . "\r\n";
} }
return $result; return $result;
} }
@ -179,11 +175,9 @@ class Response
private static function htmlSuccess(array $files):string private static function htmlSuccess(array $files):string
{ {
$result = ''; $result = '';
foreach ($files as $file) { foreach ($files as $file) {
$result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>'; $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
} }
return $result; return $result;
} }
@ -212,11 +206,9 @@ class Response
private static function textSuccess(array $files):string private static function textSuccess(array $files):string
{ {
$result = ''; $result = '';
foreach ($files as $file) { foreach ($files as $file) {
$result .= $file['url'] . "\n"; $result .= $file['url'] . "\n";
} }
return $result; return $result;
} }
} }

35
src/Classes/Upload.php
View file

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Uguu * Uguu
* *
@ -19,7 +18,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu\Classes; namespace Uguu\Classes;
use Exception; use Exception;
@ -52,7 +51,7 @@ class Upload extends Response
'SHA1' => $hash, 'SHA1' => $hash,
'EXTENSION' => $this->fileExtension($file), 'EXTENSION' => $this->fileExtension($file),
'MIME' => $this->fileMIME($file), 'MIME' => $this->fileMIME($file),
'NEW_NAME' => $this->generateName($this->fileExtension($file), $hash) 'NEW_NAME' => $this->generateName($this->fileExtension($file), $hash),
]; ];
$result[] = [ $result[] = [
$this->FILE_INFO['TEMP_NAME'], $this->FILE_INFO['TEMP_NAME'],
@ -60,11 +59,12 @@ class Upload extends Response
$this->FILE_INFO['SIZE'], $this->FILE_INFO['SIZE'],
$this->FILE_INFO['SHA1'], $this->FILE_INFO['SHA1'],
$this->FILE_INFO['EXTENSION'], $this->FILE_INFO['EXTENSION'],
$this->FILE_INFO['MIME'] $this->FILE_INFO['MIME'],
]; ];
} }
return $result; return $result;
} }
/** /**
* Takes an array of arrays and returns an array of arrays with the keys and values swapped * Takes an array of arrays and returns an array of arrays with the keys and values swapped
* *
@ -111,55 +111,49 @@ class Upload extends Response
*/ */
public function uploadFile():array public function uploadFile():array
{ {
if ($this->Connector->CONFIG['RATE_LIMIT']) { if ($this->Connector->CONFIG['RATE_LIMIT']) {
$this->Connector->checkRateLimit($this->fingerPrintInfo); $this->Connector->checkRateLimit($this->fingerPrintInfo);
} }
if ($this->Connector->CONFIG['BLACKLIST_DB']) { if ($this->Connector->CONFIG['BLACKLIST_DB']) {
$this->Connector->checkFileBlacklist($this->FILE_INFO); $this->Connector->checkFileBlacklist($this->FILE_INFO);
} }
if ($this->Connector->CONFIG['FILTER_MODE'] && empty($this->FILE_INFO['EXTENSION'])) { if ($this->Connector->CONFIG['FILTER_MODE'] && empty($this->FILE_INFO['EXTENSION'])) {
$this->checkMimeBlacklist(); $this->checkMimeBlacklist();
} }
if ($this->Connector->CONFIG['FILTER_MODE'] && !empty($this->FILE_INFO['EXTENSION'])) { if ($this->Connector->CONFIG['FILTER_MODE'] && !empty($this->FILE_INFO['EXTENSION'])) {
$this->checkMimeBlacklist(); $this->checkMimeBlacklist();
$this->checkExtensionBlacklist(); $this->checkExtensionBlacklist();
} }
if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) { if (!is_dir($this->Connector->CONFIG['FILES_ROOT'])) {
throw new Exception('File storage path not accessible.', 500); throw new Exception('File storage path not accessible.', 500);
} }
if ( if (
!move_uploaded_file($this->FILE_INFO['TEMP_NAME'], $this->Connector->CONFIG['FILES_ROOT'] . !move_uploaded_file(
$this->FILE_INFO['NEW_NAME']) $this->FILE_INFO['TEMP_NAME'],
$this->Connector->CONFIG['FILES_ROOT'] .
$this->FILE_INFO['NEW_NAME'],
)
) { ) {
throw new Exception('Failed to move file to destination', 500); throw new Exception('Failed to move file to destination', 500);
} }
if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['NEW_NAME'], 0644)) { if (!chmod($this->Connector->CONFIG['FILES_ROOT'] . $this->FILE_INFO['NEW_NAME'], 0644)) {
throw new Exception('Failed to change file permissions', 500); throw new Exception('Failed to change file permissions', 500);
} }
if (!$this->Connector->CONFIG['LOG_IP']) { if (!$this->Connector->CONFIG['LOG_IP']) {
$this->fingerPrintInfo['ip'] = null; $this->fingerPrintInfo['ip'] = null;
} }
$this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo); $this->Connector->newIntoDB($this->FILE_INFO, $this->fingerPrintInfo);
return [ return [
'hash' => $this->FILE_INFO['SHA1'], 'hash' => $this->FILE_INFO['SHA1'],
'name' => $this->FILE_INFO['NAME'], 'name' => $this->FILE_INFO['NAME'],
'url' => $this->Connector->CONFIG['FILES_URL'] . '/' . $this->FILE_INFO['NEW_NAME'], 'url' => $this->Connector->CONFIG['FILES_URL'] . '/' . $this->FILE_INFO['NEW_NAME'],
'size' => $this->FILE_INFO['SIZE'] 'size' => $this->FILE_INFO['SIZE'],
]; ];
} }
/** /**
* Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address, user agent, and the amount of files being uploaded * Takes the amount of files that are being uploaded, and creates a fingerprint of the user's IP address, user agent, and the amount of files being
* uploaded
* *
* @param $files_amount int The amount of files that are being uploaded. * @param $files_amount int The amount of files that are being uploaded.
* *
@ -174,14 +168,13 @@ class Upload extends Response
'useragent' => $USER_AGENT, 'useragent' => $USER_AGENT,
'ip' => $_SERVER['REMOTE_ADDR'], 'ip' => $_SERVER['REMOTE_ADDR'],
'ip_hash' => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT), 'ip_hash' => hash('sha1', $_SERVER['REMOTE_ADDR'] . $USER_AGENT),
'files_amount' => $files_amount 'files_amount' => $files_amount,
]; ];
} else { } else {
throw new Exception('Invalid user agent.', 500); throw new Exception('Invalid user agent.', 500);
} }
} }
/** /**
* Returns the MIME type of a file * Returns the MIME type of a file
* *
@ -252,13 +245,11 @@ class Upload extends Response
if ($this->Connector->CONFIG['FILES_RETRIES'] === 0) { if ($this->Connector->CONFIG['FILES_RETRIES'] === 0) {
throw new Exception('Gave up trying to find an unused name!', 500); throw new Exception('Gave up trying to find an unused name!', 500);
} }
$NEW_NAME = ''; $NEW_NAME = '';
for ($i = 0; $i < $this->Connector->CONFIG['NAME_LENGTH']; ++$i) { for ($i = 0; $i < $this->Connector->CONFIG['NAME_LENGTH']; ++$i) {
$NEW_NAME .= $this->Connector->CONFIG['ID_CHARSET'] $NEW_NAME .= $this->Connector->CONFIG['ID_CHARSET']
[mt_rand(0, strlen($this->Connector->CONFIG['ID_CHARSET']))]; [mt_rand(0, strlen($this->Connector->CONFIG['ID_CHARSET']))];
} }
if (!empty($extension)) { if (!empty($extension)) {
$NEW_NAME .= '.' . $extension; $NEW_NAME .= '.' . $extension;
} }

3
src/GrillLoader.php
View file

@ -1,5 +1,4 @@
<?php <?php
/** /**
* Uguu * Uguu
* *
@ -19,7 +18,7 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu; namespace Uguu;
class GrillLoader extends Classes\CuteGrills class GrillLoader extends Classes\CuteGrills
{ {

6
src/UploadGateway.php
View file

@ -18,10 +18,10 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>. * along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
namespace Pomf\Uguu; namespace Uguu;
use Exception; use Exception;
use Pomf\Uguu\Classes\Response; use Uguu\Classes\Response;
class UploadGateway extends Classes\Upload class UploadGateway extends Classes\Upload
{ {
@ -38,7 +38,6 @@
$type = 'json' ?? $output; $type = 'json' ?? $output;
$response = (new Response($type)); $response = (new Response($type));
if (!empty($_FILES['files'])) { if (!empty($_FILES['files'])) {
$files = $this->reFiles($files); $files = $this->reFiles($files);
try { try {
$this->fingerPrint(count($files)); $this->fingerPrint(count($files));
@ -53,7 +52,6 @@
catch (Exception $e) { catch (Exception $e) {
$response->error($e->getCode(), $e->getMessage()); $response->error($e->getCode(), $e->getMessage());
} }
} else { } else {
$response->error(400, 'No input file(s)'); $response->error(400, 'No input file(s)');
} }

2
src/static/php/grill.php
View file

@ -41,6 +41,6 @@
*/ */
require_once __DIR__ . '/../vendor/autoload.php'; require_once __DIR__ . '/../vendor/autoload.php';
use Pomf\Uguu\GrillLoader; use Pomf\GrillLoader;
new GrillLoader(); new GrillLoader();

2
src/static/php/upload.php
View file

@ -41,7 +41,7 @@
checkConfig(); checkConfig();
require_once __DIR__ . '/../vendor/autoload.php'; require_once __DIR__ . '/../vendor/autoload.php';
use Pomf\Uguu\UploadGateway; use Uguu\UploadGateway;
try { try {
(new UploadGateway())->handleFile($_GET['output'], $_FILES['files']); (new UploadGateway())->handleFile($_GET['output'], $_FILES['files']);