1
0
mirror of https://github.com/nokonoko/Uguu.git synced 2024-01-06 13:35:15 +00:00

add whitelist mode and fix clipboard glyph

This commit is contained in:
nokonoko 2021-07-03 17:23:16 +02:00
parent 6fb976d738
commit 5e56fb981a
5 changed files with 41 additions and 20 deletions

View File

@ -3,7 +3,7 @@
"allowErrors": false
},
"dest": "dist",
"pkgVersion": "1.1.2",
"pkgVersion": "1.2.0",
"banners": [
"banners/malware_scans.swig",
"banners/donations.swig"

View File

@ -1,6 +1,6 @@
{
"name": "uguu",
"version": "1.1.2",
"version": "1.2.0",
"description": "Kawaii file host",
"homepage": "https://uguu.se/",
"repository": {

View File

@ -232,7 +232,7 @@ nav > ul > li:last-child:after {
color: #891A18;
}
button.upload-clipboard-btn {
height: 16px;
height: 32px;
}
.error#upload-filelist .progress-percent {
color: #B94A48;

View File

@ -25,10 +25,14 @@ define('UGUU_DB_USER', 'NULL');
/* @param string UGUU_DB_PASS Database password */
define('UGUU_DB_PASS', 'NULL');
/** Log IP of uploads */
/**
* @param boolean Log IP of uploads
*/
define('LOG_IP', false);
/** Dont upload a file already in the DB */
/**
* @param boolean anti-dupe
*/
define('ANTI_DUPE', false);
/*
@ -78,11 +82,11 @@ define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat'
define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary', 'image/svg+xml']));
/**
* Filter mode: whitelist (true) or blacklist (false).
*
* @param bool $FILTER_MODE mime type filter mode
* Whitelist or blacklist mode
* @param boolean blacklist (false) | whitelist (true)
*/
$FILTER_MODE = false;
define('CONFIG_FILTER_MODE', false);
/**
* Double dot file extensions.
*

View File

@ -61,15 +61,34 @@ function generateName($file)
$name .= '.'.$ext;
}
//Check if MIME is blacklisted
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
http_response_code(415);
exit(0);
}
//Check if EXT is blacklisted
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
http_response_code(415);
exit(0);
// Check if file is whitelisted or blacklisted
switch (CONFIG_FILTER_MODE) {
case false:
//check if MIME is blacklisted
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
http_response_code(415);
exit(0);
}
//Check if EXT is blacklisted
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
http_response_code(415);
exit(0);
}
break;
case true:
//Check if MIME is whitelisted
if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
http_response_code(415);
exit(0);
}
//Check if EXT is whitelisted
if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
http_response_code(415);
exit(0);
}
break;
}
// Check if a file with the same name does already exist in the database
@ -93,8 +112,6 @@ function generateName($file)
function uploadFile($file)
{
global $db;
global $FILTER_MODE;
global $FILTER_MIME;
// Handle file errors
if ($file->error) {