Added support for sharex deletion url
This commit is contained in:
Sergio Brighenti
parent
0444705121
commit
4b25b842b1
9 changed files with 98 additions and 13 deletions
|
|
@ -1,3 +1,11 @@
|
||||||
|
## v2.1
|
||||||
|
+ Improved theme style.
|
||||||
|
+ Improved page redirecting.
|
||||||
|
+ Allow e-mail login.
|
||||||
|
+ Support for ShareX deletion URL.
|
||||||
|
+ Fixed HTTP/2 push preload.
|
||||||
|
+ Added video.js support.
|
||||||
|
|
||||||
## v2.0
|
## v2.0
|
||||||
+ Migrated from Flight to Slim 3 framework.
|
+ Migrated from Flight to Slim 3 framework.
|
||||||
+ Added install wizard (using the CLI is no longer required).
|
+ Added install wizard (using the CLI is no longer required).
|
||||||
|
|
|
||||||
|
|
@ -83,7 +83,7 @@ class UploadController extends Controller
|
||||||
{
|
{
|
||||||
$media = $this->getMedia($args['userCode'], $args['mediaCode']);
|
$media = $this->getMedia($args['userCode'], $args['mediaCode']);
|
||||||
|
|
||||||
if (!$media || !$media->published && Session::get('user_id') !== $media->user_id && !Session::get('admin', false)) {
|
if (!$media || (!$media->published && Session::get('user_id') !== $media->user_id && !Session::get('admin', false))) {
|
||||||
throw new NotFoundException($request, $response);
|
throw new NotFoundException($request, $response);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -108,10 +108,11 @@ class UploadController extends Controller
|
||||||
}
|
}
|
||||||
|
|
||||||
} catch (FileNotFoundException $e) {
|
} catch (FileNotFoundException $e) {
|
||||||
throw $e;
|
throw new NotFoundException($request, $response);
|
||||||
}
|
}
|
||||||
|
|
||||||
return $this->view->render($response, 'upload/public.twig', [
|
return $this->view->render($response, 'upload/public.twig', [
|
||||||
|
'delete_token' => isset($args['token']) ? $args['token'] : null,
|
||||||
'media' => $media,
|
'media' => $media,
|
||||||
'type' => $mime,
|
'type' => $mime,
|
||||||
'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
|
'extension' => pathinfo($media->filename, PATHINFO_EXTENSION),
|
||||||
|
|
@ -119,6 +120,52 @@ class UploadController extends Controller
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Request $request
|
||||||
|
* @param Response $response
|
||||||
|
* @param $args
|
||||||
|
* @return Response
|
||||||
|
* @throws NotFoundException
|
||||||
|
* @throws UnauthorizedException
|
||||||
|
*/
|
||||||
|
public function deleteByToken(Request $request, Response $response, $args): Response
|
||||||
|
{
|
||||||
|
$media = $this->getMedia($args['userCode'], $args['mediaCode']);
|
||||||
|
|
||||||
|
if (!$media) {
|
||||||
|
throw new NotFoundException($request, $response);
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = $this->database->query('SELECT `id`, `active` FROM `users` WHERE `token` = ? LIMIT 1', $args['token'])->fetch();
|
||||||
|
|
||||||
|
if (!$user) {
|
||||||
|
Session::alert('Token specified not found.', 'danger');
|
||||||
|
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$user->active) {
|
||||||
|
Session::alert('Account disabled.', 'danger');
|
||||||
|
return $response->withRedirect($request->getHeaderLine('HTTP_REFERER'));
|
||||||
|
}
|
||||||
|
|
||||||
|
if (Session::get('admin', false) || $user->id === $media->user_id) {
|
||||||
|
|
||||||
|
$filesystem = $this->getStorage();
|
||||||
|
try {
|
||||||
|
$filesystem->delete($media->storage_path);
|
||||||
|
} catch (FileNotFoundException $e) {
|
||||||
|
throw new NotFoundException($request, $response);
|
||||||
|
} finally {
|
||||||
|
$this->database->query('DELETE FROM `uploads` WHERE `id` = ?', $media->mediaId);
|
||||||
|
$this->logger->info('User ' . $user->username . ' deleted a media via token.', [$media->mediaId]);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
throw new UnauthorizedException();
|
||||||
|
}
|
||||||
|
|
||||||
|
return redirect($response, '/home');
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Request $request
|
* @param Request $request
|
||||||
* @param Response $response
|
* @param Response $response
|
||||||
|
|
@ -212,6 +259,10 @@ class UploadController extends Controller
|
||||||
{
|
{
|
||||||
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $args['id'])->fetch();
|
$media = $this->database->query('SELECT * FROM `uploads` WHERE `id` = ? LIMIT 1', $args['id'])->fetch();
|
||||||
|
|
||||||
|
if (!$media) {
|
||||||
|
throw new NotFoundException($request, $response);
|
||||||
|
}
|
||||||
|
|
||||||
if (Session::get('admin', false) || $media->user_id === Session::get('user_id')) {
|
if (Session::get('admin', false) || $media->user_id === Session::get('user_id')) {
|
||||||
|
|
||||||
$filesystem = $this->getStorage();
|
$filesystem = $this->getStorage();
|
||||||
|
|
@ -240,7 +291,7 @@ class UploadController extends Controller
|
||||||
{
|
{
|
||||||
$mediaCode = pathinfo($mediaCode)['filename'];
|
$mediaCode = pathinfo($mediaCode)['filename'];
|
||||||
|
|
||||||
$media = $this->database->query('SELECT * FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [
|
$media = $this->database->query('SELECT `uploads`.*, `users`.*, `users`.`id` AS `userId`, `uploads`.`id` AS `mediaId` FROM `uploads` INNER JOIN `users` ON `uploads`.`user_id` = `users`.`id` WHERE `user_code` = ? AND `uploads`.`code` = ? LIMIT 1', [
|
||||||
$userCode,
|
$userCode,
|
||||||
$mediaCode,
|
$mediaCode,
|
||||||
])->fetch();
|
])->fetch();
|
||||||
|
|
@ -282,7 +333,7 @@ class UploadController extends Controller
|
||||||
ob_end_clean();
|
ob_end_clean();
|
||||||
return $response
|
return $response
|
||||||
->withHeader('Content-Type', $mime)
|
->withHeader('Content-Type', $mime)
|
||||||
->withHeader('Content-Disposition', $disposition . ';filename="' . $media->filename . '"')
|
->withHeader('Content-Disposition', $disposition . '; filename="' . $media->filename . '"')
|
||||||
->withHeader('Content-Length', $storage->getSize($media->storage_path))
|
->withHeader('Content-Length', $storage->getSize($media->storage_path))
|
||||||
->withBody(new Stream($storage->readStream($media->storage_path)));
|
->withBody(new Stream($storage->readStream($media->storage_path)));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -348,7 +348,7 @@ class UserController extends Controller
|
||||||
],
|
],
|
||||||
'URL' => '$json:url$',
|
'URL' => '$json:url$',
|
||||||
'ThumbnailURL' => '$json:url$/raw',
|
'ThumbnailURL' => '$json:url$/raw',
|
||||||
'DeletionURL' => '$json:url$/delete',
|
'DeletionURL' => '$json:url$/delete/' . $user->token,
|
||||||
];
|
];
|
||||||
|
|
||||||
return $response
|
return $response
|
||||||
|
|
|
||||||
|
|
@ -35,5 +35,7 @@ $app->map(['GET', 'POST'], '/logout', \App\Controllers\LoginController::class .
|
||||||
$app->post('/upload', \App\Controllers\UploadController::class . ':upload');
|
$app->post('/upload', \App\Controllers\UploadController::class . ':upload');
|
||||||
|
|
||||||
$app->get('/{userCode}/{mediaCode}', \App\Controllers\UploadController::class . ':show');
|
$app->get('/{userCode}/{mediaCode}', \App\Controllers\UploadController::class . ':show');
|
||||||
|
$app->get('/{userCode}/{mediaCode}/delete/{token}', \App\Controllers\UploadController::class . ':show');
|
||||||
|
$app->post('/{userCode}/{mediaCode}/delete/{token}', \App\Controllers\UploadController::class . ':deleteByToken');
|
||||||
$app->get('/{userCode}/{mediaCode}/raw', \App\Controllers\UploadController::class . ':showRaw');
|
$app->get('/{userCode}/{mediaCode}/raw', \App\Controllers\UploadController::class . ':showRaw');
|
||||||
$app->get('/{userCode}/{mediaCode}/download', \App\Controllers\UploadController::class . ':download');
|
$app->get('/{userCode}/{mediaCode}/download', \App\Controllers\UploadController::class . ':download');
|
||||||
|
|
@ -27,9 +27,12 @@ $config = array_replace_recursive([
|
||||||
'username' => null,
|
'username' => null,
|
||||||
'password' => null,
|
'password' => null,
|
||||||
],
|
],
|
||||||
'routerCacheFile' => __DIR__ . '/../resources/cache/routes.cache.php',
|
|
||||||
], require __DIR__ . '/../config.php');
|
], require __DIR__ . '/../config.php');
|
||||||
|
|
||||||
|
if (!$config['displayErrorDetails']) {
|
||||||
|
$config['routerCacheFile'] = __DIR__ . '/../resources/cache/routes.cache.php';
|
||||||
|
}
|
||||||
|
|
||||||
$container = new Container(['settings' => $config]);
|
$container = new Container(['settings' => $config]);
|
||||||
|
|
||||||
$container['logger'] = function ($container) {
|
$container['logger'] = function ($container) {
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,6 @@
|
||||||
{
|
{
|
||||||
"name": "sergix44/xbackbone",
|
"name": "sergix44/xbackbone",
|
||||||
"version": "2.0",
|
"version": "2.1",
|
||||||
"description": "A lightweight ShareX PHP backend",
|
"description": "A lightweight ShareX PHP backend",
|
||||||
"type": "project",
|
"type": "project",
|
||||||
"require": {
|
"require": {
|
||||||
|
|
|
||||||
|
|
@ -1,12 +1,13 @@
|
||||||
{
|
{
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
|
"@fortawesome/fontawesome-free": "^5.4.1",
|
||||||
"bootstrap": "^4.1.3",
|
"bootstrap": "^4.1.3",
|
||||||
"clipboard": "^2.0.1",
|
"clipboard": "^2.0.1",
|
||||||
"highlightjs": "^9.10.0",
|
"highlightjs": "^9.10.0",
|
||||||
"jquery": "^3.3.1",
|
"jquery": "^3.3.1",
|
||||||
"popper.js": "^1.14.4",
|
"popper.js": "^1.14.4",
|
||||||
"tooltip.js": "^1.3.0",
|
"tooltip.js": "^1.3.0",
|
||||||
"@fortawesome/fontawesome-free": "^5.4.1"
|
"video.js": "^7.3.0"
|
||||||
},
|
},
|
||||||
"devDependencies": {
|
"devDependencies": {
|
||||||
"grunt": "^1.0",
|
"grunt": "^1.0",
|
||||||
|
|
|
||||||
|
|
@ -23,8 +23,20 @@
|
||||||
</div>
|
</div>
|
||||||
</nav>
|
</nav>
|
||||||
<div class="container-fluid">
|
<div class="container-fluid">
|
||||||
|
{% include 'comp/alert.twig' %}
|
||||||
<div class="row ml-auto mr-auto">
|
<div class="row ml-auto mr-auto">
|
||||||
<div class="col-md-12 justify-content-center">
|
<div class="col-md-12 justify-content-center">
|
||||||
|
{% if delete_token is not null %}
|
||||||
|
<form method="post" action="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}/delete/{{ delete_token }}">
|
||||||
|
<div class="text-center mb-4">
|
||||||
|
<p>Are you sure you want to delete this item? It will be gone <b>forever</b>!</p>
|
||||||
|
<div class="btn-group">
|
||||||
|
<button type="submit" class="btn btn-danger"><i class="fas fa-trash"></i> Yes</button>
|
||||||
|
<a href="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}" class="btn btn-secondary">No</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
{% endif %}
|
||||||
{% if type starts with 'image' %}
|
{% if type starts with 'image' %}
|
||||||
<div class="row mb-2">
|
<div class="row mb-2">
|
||||||
<div class="col-md-12">
|
<div class="col-md-12">
|
||||||
|
|
@ -48,11 +60,13 @@
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{% elseif type starts with 'video' %}
|
{% elseif type starts with 'video' %}
|
||||||
<video width="100%" class="video-js" controls preload="auto">
|
<div class="video-content">
|
||||||
|
<video class="video-js vjs-fluid vjs-big-play-centered" data-setup='{"controls": true, "autoplay": true, "preload": "auto"}'>
|
||||||
<source src="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}/raw" type="{{ type }}">
|
<source src="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}/raw" type="{{ type }}">
|
||||||
Your browser does not support HTML5 video.
|
Your browser does not support HTML5 video.
|
||||||
<a href="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}/download" class="btn btn-dark btn-lg"><i class="fas fa-cloud-download-alt fa-fw"></i> Download</a>
|
<a href="{{ config.base_url }}/{{ media.user_code }}/{{ media.code }}.{{ extension }}/download" class="btn btn-dark btn-lg"><i class="fas fa-cloud-download-alt fa-fw"></i> Download</a>
|
||||||
</video>
|
</video>
|
||||||
|
</div>
|
||||||
{% else %}
|
{% else %}
|
||||||
<div class="text-center">
|
<div class="text-center">
|
||||||
<div class="row mb-2">
|
<div class="row mb-2">
|
||||||
|
|
|
||||||
|
|
@ -61,3 +61,9 @@ body {
|
||||||
line-height: 40px;
|
line-height: 40px;
|
||||||
text-align: right;
|
text-align: right;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.video-content {
|
||||||
|
width: 80%;
|
||||||
|
margin-right: auto;
|
||||||
|
margin-left: auto;
|
||||||
|
}
|
||||||
Loading…
Reference in a new issue