commit bb4ebf67b9a0ff768918ba977d5fc66cad656444 Author: vincent Date: Wed Apr 23 09:15:00 2025 +0200 v1 release diff --git a/data/.htaccess b/data/.htaccess new file mode 100644 index 0000000..4600d25 --- /dev/null +++ b/data/.htaccess @@ -0,0 +1,3 @@ +# .htaccess file in the 'data' directory +Order Deny,Allow +Deny from all diff --git a/display.php b/display.php new file mode 100644 index 0000000..76a4978 --- /dev/null +++ b/display.php @@ -0,0 +1,47 @@ + + + + + + connect_error) { + die("Connection failed: " . $conn->connect_error); + } + + $sql = "SELECT name, description, type FROM smz_files_data WHERE id='$fileId'"; + $result = $conn->query($sql); + $conn->close(); + if ($result->num_rows > 0) { + while ($row = $result->fetch_assoc()) { + $fileName = $row["name"]; + $fileDesc = $row["description"]; + $fileType = $row["type"]; + } + } else { + echo "Datei nicht in der Datenbank gefunden."; + } + ?> + + + + smzint/Files + + + $fileName$fileType

$fileDesc


"; + ?> + + diff --git a/download.php b/download.php new file mode 100644 index 0000000..e93ac9e --- /dev/null +++ b/download.php @@ -0,0 +1,45 @@ +connect_error) { + die("Connection failed: " . $conn->connect_error); +} + +$sql = "SELECT * FROM smz_files_data WHERE id='$fileId'"; +$result = $conn->query($sql); +$conn->close(); +if ($result->num_rows > 0) { + while ($row = $result->fetch_assoc()) { + $fileName = $row["name"]; + $fileType = $row["type"]; + $fileHash = $row["hash"]; + } +} else { + echo "Datei nicht in der Datenbank gefunden."; +} + +$filePath = "data/$fileId"; + +if (file_exists($filePath)&& hash_equals($fileHash, hash_file("ADLER32", $filePath))) { + // Set headers to force download + header('Content-Description: File Transfer'); + header('Content-Type: application/octet-stream'); + header('Content-Disposition: attachment; filename="smzintFILES-'.$fileName.'.'.$fileType.'"'); + header('Expires: 0'); + header('Cache-Control: must-revalidate'); + header('Pragma: public'); + readfile($filePath); + exit; +} else { + echo "File not found."; +} +?> diff --git a/index.php b/index.php new file mode 100644 index 0000000..96885cf --- /dev/null +++ b/index.php @@ -0,0 +1,39 @@ + + + + + + + + smzint/Files + + +

Available Files

+ + + diff --git a/upload.php b/upload.php new file mode 100644 index 0000000..a34d7fa --- /dev/null +++ b/upload.php @@ -0,0 +1,111 @@ +connect_error) { + die("Server Error"); + } + $sql = "INSERT INTO smz_files_data (id, name, description, public, type, hash) VALUES ('$fileId', '$fileName', '$fileDesc', '$public', '$fileType', '$fileHash')"; + + if ($conn->query($sql) === TRUE) { + echo "New record created successfully"; + } else { + echo "Error: " . $sql . "
" . $conn->error; + } + + $conn->close(); +} + +function getId() { + include('../Auth/random.php'); + $id = random_int(0, 65535); + + global $dbservername; + global $dbusername; + global $dbpassword; + global $dbname; + + $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); + if ($conn->connect_error) { + die("Connection failed: " . $conn->connect_error); + } + + $sql = "SELECT id FROM smz_files_data WHERE id='$id'"; + $result = $conn->query($sql); + $conn->close(); + if ($result->num_rows > 0) { + getId(); + } else { + return $id; + } +} + +function hashCheck($hash) { + global $dbservername; + global $dbusername; + global $dbpassword; + global $dbname; + + $conn = new mysqli($dbservername, $dbusername, $dbpassword, $dbname); + if ($conn->connect_error) { + die("Connection failed: " . $conn->connect_error); + } + + $sql = "SELECT id FROM smz_files_data WHERE hash='$hash'"; + $result = $conn->query($sql); + $conn->close(); + if ($result->num_rows > 0) { + while ($row = $result->fetch_assoc()) { + die("Datei Existiert schon (siehe " . $row["id"] . ")."); + } + } else { + return true; + } +} +?> + + + + + smzint/Files - UPLOAD + + +
+

+

+


+

+


+

+


+

+


+

+

Select File to upload: +

+ +
+ +