file2link/upload.php

<?php

if (!isset($_POST['expire']) or !isset($_POST['item']) or !isset($_POST['key']) or !isset($_FILES) or !isset($_POST['random'])) {
    exit('No hack 1');
}
//~ echo $_POST['access'];
//~ if ($_POST['password'] != 'false')  {
//~ echo "post password";
    //~ exit($_POST['password']);
//~ }
//~ exit($_POST['access']);
$config = yaml_parse_file('./config.yaml'); 
include('./lib/functions.php');

// Vérification si le calcul d'expiration est conforme à la config
// Complexe, dépend trop du temps d'upload côté client
/*if ($_POST['expire'] <= time()+$config['expireDay'][count($config['expireDay'])-1]*86400+5) {
    exit('No hack 2');
}
*/

// Définition des variables
$uploadDir = $config['uploadDir'].'/'.$_POST['expire'].'-'.$_POST['random'];
$uploadFile = preg_replace("#[^a-zA-Z0-9.]#", "", basename($_FILES['file']['name']));

// Création du répertoire
if (!is_dir($uploadDir)) {
    mkdir($uploadDir);
} else {
    $fileAlreadyUploadSizeTotal=0;
    foreach (scandir($uploadDir) as $fileAlreadyUpload) {
        if (is_file($uploadDir.'/'.$fileAlreadyUpload)) {
            $fileAlreadyUploadSizeTotal=filesize($uploadDir.'/'.$fileAlreadyUpload)+$fileAlreadyUploadSizeTotal;
        }
    }
}
if (!is_file($uploadDir.'/.key-'.$_POST['key'].'.cfg')) {
    touch($uploadDir.'/.key-'.$_POST['key'].'.cfg');
}
if ($_POST['access'] != 'false' && preg_match('/^[0-9]+$/', $_POST['access']))  {
    if (!is_file($uploadDir.'/.access.cfg')) {
	file_put_contents($uploadDir.'/.access.cfg', $_POST['access']);
    }
}
if ($_POST['password'] != 'false')  {
    if (!is_file($uploadDir.'/.password.cfg')) {
	file_put_contents($uploadDir.'/.password.cfg', password_hash($config['passwordUniqKey'].$_POST['password'], PASSWORD_DEFAULT));
    }
}


if (!checkMimeTypes($_FILES['file']['type'])) {
    printf('<div class="highlight-1">'._('this type of file isn\'t allow').'</div>');
    echo "<script>
	    $( '.progress-".$_POST['item']."').remove();
	    $('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
	</script>";
} else if ($_FILES['file']['size'] > convertHumain2octect($config['maxUploadPerFile'])) {
    printf('<div class="highlight-1">'.basename($_FILES['file']['name']).' : '._('this file exceeds the allowed size %s').'</div>', $config['maxUploadPerFile']);
    echo "<script>
	    $( '.progress-".$_POST['item']."').remove();
	    $('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
	</script>";
} else if ($fileAlreadyUploadSizeTotal > convertHumain2octect($config['maxUploadTotal'])) {
    printf('<div class="highlight-1">'._('The total size of the files exceeds the allowed size %s').'</div>', $config['maxUploadTotal']);
    echo "<script>
	    $( '.progress-".$_POST['item']."').remove();
	    $('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
	</script>";
} else {
    if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadDir.'/'.$uploadFile) 
        && $_FILES['file']['error'] == 0) {     
	if (isset($_POST['resize']) && $_POST['resize'] != 0 && preg_match('/^image\/(jpeg|gif)$/', $_FILES['file']['type'])) {
	    @resize_image($uploadDir.'/'.$uploadFile , $uploadDir.'/'.$uploadFile.'.resize' , $_POST['resize'] , $_POST['resize']);
	    @rename($uploadDir.'/'.$uploadFile.'.resize',  $uploadDir.'/'.$uploadFile);
	}
        echo "<script>
		sessionStorage.setItem('uploadWait', Number(sessionStorage.getItem('uploadWait'))-1);
		$( '.progress-".$_POST['item']."').remove();
		$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult ok\">Ok</spam>');
		if (sessionStorage.getItem('uploadWait') <= 0) {
			sessionStorage.removeItem('uploadWait');
			window.location.href = Config_baseUrl + '".$_POST['expire']."-".$_POST['random']."/';
		}
	    </script>";
    } else {
        printf('<div class="highlight-1">'._('Unknown error').'</div>');
	echo "<script>sessionStorage.setItem('uploadWait', sessionStorage.getItem('uploadWait')+1);</script>";
    }
}
Pas loin de la 0.1 2019-11-18 00:19:13 +00:00			`<?php`

			`if (!isset($_POST['expire']) or !isset($_POST['item']) or !isset($_POST['key']) or !isset($_FILES) or !isset($_POST['random'])) {`
			`exit('No hack 1');`
			`}`
- 0.2 - Mod gallery if images - Passowrd for access - Delete after first access OR define nb access (10, 20...) - Bug Fix : - BUG day / days - BUG my files no work in html page - BUG delete file, but already in storage - MyFiles Rewrite 2019-12-05 14:30:19 +00:00			`//~ echo $_POST['access'];`
			`//~ if ($_POST['password'] != 'false') {`
			`//~ echo "post password";`
			`//~ exit($_POST['password']);`
			`//~ }`
			`//~ exit($_POST['access']);`
Pas loin de la 0.1 2019-11-18 00:19:13 +00:00			`$config = yaml_parse_file('./config.yaml');`
			`include('./lib/functions.php');`

			`// Vérification si le calcul d'expiration est conforme à la config`
			`// Complexe, dépend trop du temps d'upload côté client`
			`/if ($_POST['expire'] <= time()+$config['expireDay'][count($config['expireDay'])-1]86400+5) {`
			`exit('No hack 2');`
			`}`
			`*/`

			`// Définition des variables`
			`$uploadDir = $config['uploadDir'].'/'.$_POST['expire'].'-'.$_POST['random'];`
			`$uploadFile = preg_replace("#[^a-zA-Z0-9.]#", "", basename($_FILES['file']['name']));`

			`// Création du répertoire`
			`if (!is_dir($uploadDir)) {`
			`mkdir($uploadDir);`
			`} else {`
			`$fileAlreadyUploadSizeTotal=0;`
			`foreach (scandir($uploadDir) as $fileAlreadyUpload) {`
			`if (is_file($uploadDir.'/'.$fileAlreadyUpload)) {`
			`$fileAlreadyUploadSizeTotal=filesize($uploadDir.'/'.$fileAlreadyUpload)+$fileAlreadyUploadSizeTotal;`
			`}`
			`}`
			`}`
- 0.2 - Mod gallery if images - Passowrd for access - Delete after first access OR define nb access (10, 20...) - Bug Fix : - BUG day / days - BUG my files no work in html page - BUG delete file, but already in storage - MyFiles Rewrite 2019-12-05 14:30:19 +00:00			`if (!is_file($uploadDir.'/.key-'.$_POST['key'].'.cfg')) {`
			`touch($uploadDir.'/.key-'.$_POST['key'].'.cfg');`
			`}`
			`if ($_POST['access'] != 'false' && preg_match('/^[0-9]+$/', $_POST['access'])) {`
			`if (!is_file($uploadDir.'/.access.cfg')) {`
			`file_put_contents($uploadDir.'/.access.cfg', $_POST['access']);`
			`}`
			`}`
			`if ($_POST['password'] != 'false') {`
			`if (!is_file($uploadDir.'/.password.cfg')) {`
			`file_put_contents($uploadDir.'/.password.cfg', password_hash($config['passwordUniqKey'].$_POST['password'], PASSWORD_DEFAULT));`
			`}`
Pas loin de la 0.1 2019-11-18 00:19:13 +00:00			`}`

- 0.2 - Mod gallery if images - Passowrd for access - Delete after first access OR define nb access (10, 20...) - Bug Fix : - BUG day / days - BUG my files no work in html page - BUG delete file, but already in storage - MyFiles Rewrite 2019-12-05 14:30:19 +00:00
Pas loin de la 0.1 2019-11-18 00:19:13 +00:00			`if (!checkMimeTypes($_FILES['file']['type'])) {`
			`printf('<div class="highlight-1">'._('this type of file isn\'t allow').'</div>');`
			`echo "<script>`
			`$( '.progress-".$_POST['item']."').remove();`
			`$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');`
			`</script>";`
			`} else if ($_FILES['file']['size'] > convertHumain2octect($config['maxUploadPerFile'])) {`
			`printf('<div class="highlight-1">'.basename($_FILES['file']['name']).' : '._('this file exceeds the allowed size %s').'</div>', $config['maxUploadPerFile']);`
			`echo "<script>`
			`$( '.progress-".$_POST['item']."').remove();`
			`$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');`
			`</script>";`
			`} else if ($fileAlreadyUploadSizeTotal > convertHumain2octect($config['maxUploadTotal'])) {`
			`printf('<div class="highlight-1">'._('The total size of the files exceeds the allowed size %s').'</div>', $config['maxUploadTotal']);`
			`echo "<script>`
			`$( '.progress-".$_POST['item']."').remove();`
			`$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');`
			`</script>";`
			`} else {`
			`if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadDir.'/'.$uploadFile)`
			`&& $_FILES['file']['error'] == 0) {`
Bug, il cherchai à redimmentionner des images quand ça n'en était pas... 2019-11-19 13:52:51 +00:00			`if (isset($_POST['resize']) && $_POST['resize'] != 0 && preg_match('/^image\/(jpeg\|gif)$/', $_FILES['file']['type'])) {`
Pas loin de la 0.1 2019-11-18 00:19:13 +00:00			`@resize_image($uploadDir.'/'.$uploadFile , $uploadDir.'/'.$uploadFile.'.resize' , $_POST['resize'] , $_POST['resize']);`
			`@rename($uploadDir.'/'.$uploadFile.'.resize', $uploadDir.'/'.$uploadFile);`
			`}`
			`echo "<script>`
			`sessionStorage.setItem('uploadWait', Number(sessionStorage.getItem('uploadWait'))-1);`
			`$( '.progress-".$_POST['item']."').remove();`
			`$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult ok\">Ok</spam>');`
			`if (sessionStorage.getItem('uploadWait') <= 0) {`
			`sessionStorage.removeItem('uploadWait');`
			`window.location.href = Config_baseUrl + '".$_POST['expire']."-".$_POST['random']."/';`
			`}`
			`</script>";`
			`} else {`
			`printf('<div class="highlight-1">'._('Unknown error').'</div>');`
			`echo "<script>sessionStorage.setItem('uploadWait', sessionStorage.getItem('uploadWait')+1);</script>";`
			`}`
			`}`