f9d7fac852
- Mod gallery if images - Passowrd for access - Delete after first access OR define nb access (10, 20...) - Bug Fix : - BUG day / days - BUG my files no work in html page - BUG delete file, but already in storage - MyFiles Rewrite
90 lines
4 KiB
PHP
90 lines
4 KiB
PHP
<?php
|
|
|
|
if (!isset($_POST['expire']) or !isset($_POST['item']) or !isset($_POST['key']) or !isset($_FILES) or !isset($_POST['random'])) {
|
|
exit('No hack 1');
|
|
}
|
|
//~ echo $_POST['access'];
|
|
//~ if ($_POST['password'] != 'false') {
|
|
//~ echo "post password";
|
|
//~ exit($_POST['password']);
|
|
//~ }
|
|
//~ exit($_POST['access']);
|
|
$config = yaml_parse_file('./config.yaml');
|
|
include('./lib/functions.php');
|
|
|
|
// Vérification si le calcul d'expiration est conforme à la config
|
|
// Complexe, dépend trop du temps d'upload côté client
|
|
/*if ($_POST['expire'] <= time()+$config['expireDay'][count($config['expireDay'])-1]*86400+5) {
|
|
exit('No hack 2');
|
|
}
|
|
*/
|
|
|
|
// Définition des variables
|
|
$uploadDir = $config['uploadDir'].'/'.$_POST['expire'].'-'.$_POST['random'];
|
|
$uploadFile = preg_replace("#[^a-zA-Z0-9.]#", "", basename($_FILES['file']['name']));
|
|
|
|
// Création du répertoire
|
|
if (!is_dir($uploadDir)) {
|
|
mkdir($uploadDir);
|
|
} else {
|
|
$fileAlreadyUploadSizeTotal=0;
|
|
foreach (scandir($uploadDir) as $fileAlreadyUpload) {
|
|
if (is_file($uploadDir.'/'.$fileAlreadyUpload)) {
|
|
$fileAlreadyUploadSizeTotal=filesize($uploadDir.'/'.$fileAlreadyUpload)+$fileAlreadyUploadSizeTotal;
|
|
}
|
|
}
|
|
}
|
|
if (!is_file($uploadDir.'/.key-'.$_POST['key'].'.cfg')) {
|
|
touch($uploadDir.'/.key-'.$_POST['key'].'.cfg');
|
|
}
|
|
if ($_POST['access'] != 'false' && preg_match('/^[0-9]+$/', $_POST['access'])) {
|
|
if (!is_file($uploadDir.'/.access.cfg')) {
|
|
file_put_contents($uploadDir.'/.access.cfg', $_POST['access']);
|
|
}
|
|
}
|
|
if ($_POST['password'] != 'false') {
|
|
if (!is_file($uploadDir.'/.password.cfg')) {
|
|
file_put_contents($uploadDir.'/.password.cfg', password_hash($config['passwordUniqKey'].$_POST['password'], PASSWORD_DEFAULT));
|
|
}
|
|
}
|
|
|
|
|
|
if (!checkMimeTypes($_FILES['file']['type'])) {
|
|
printf('<div class="highlight-1">'._('this type of file isn\'t allow').'</div>');
|
|
echo "<script>
|
|
$( '.progress-".$_POST['item']."').remove();
|
|
$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
|
|
</script>";
|
|
} else if ($_FILES['file']['size'] > convertHumain2octect($config['maxUploadPerFile'])) {
|
|
printf('<div class="highlight-1">'.basename($_FILES['file']['name']).' : '._('this file exceeds the allowed size %s').'</div>', $config['maxUploadPerFile']);
|
|
echo "<script>
|
|
$( '.progress-".$_POST['item']."').remove();
|
|
$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
|
|
</script>";
|
|
} else if ($fileAlreadyUploadSizeTotal > convertHumain2octect($config['maxUploadTotal'])) {
|
|
printf('<div class="highlight-1">'._('The total size of the files exceeds the allowed size %s').'</div>', $config['maxUploadTotal']);
|
|
echo "<script>
|
|
$( '.progress-".$_POST['item']."').remove();
|
|
$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult nok\">KO</spam>');
|
|
</script>";
|
|
} else {
|
|
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadDir.'/'.$uploadFile)
|
|
&& $_FILES['file']['error'] == 0) {
|
|
if (isset($_POST['resize']) && $_POST['resize'] != 0 && preg_match('/^image\/(jpeg|gif)$/', $_FILES['file']['type'])) {
|
|
@resize_image($uploadDir.'/'.$uploadFile , $uploadDir.'/'.$uploadFile.'.resize' , $_POST['resize'] , $_POST['resize']);
|
|
@rename($uploadDir.'/'.$uploadFile.'.resize', $uploadDir.'/'.$uploadFile);
|
|
}
|
|
echo "<script>
|
|
sessionStorage.setItem('uploadWait', Number(sessionStorage.getItem('uploadWait'))-1);
|
|
$( '.progress-".$_POST['item']."').remove();
|
|
$('.file-".$_POST['item']."').append(' : <spam class=\"file-".$_POST['item']." uploadResult ok\">Ok</spam>');
|
|
if (sessionStorage.getItem('uploadWait') <= 0) {
|
|
sessionStorage.removeItem('uploadWait');
|
|
window.location.href = Config_baseUrl + '".$_POST['expire']."-".$_POST['random']."/';
|
|
}
|
|
</script>";
|
|
} else {
|
|
printf('<div class="highlight-1">'._('Unknown error').'</div>');
|
|
echo "<script>sessionStorage.setItem('uploadWait', sessionStorage.getItem('uploadWait')+1);</script>";
|
|
}
|
|
}
|