mirror of
https://github.com/nokonoko/Uguu.git
synced 2024-01-06 13:35:15 +00:00
support for blacklist & fix for make
This version introduces support for a blacklist DB and other changes as to work when the Moe Panel is released. You NEED to use the new DB schema for this version to work! Also fixes wrong name for layout_index.swig
This commit is contained in:
parent
5e56fb981a
commit
d0b9cbdcac
@ -3,7 +3,7 @@
|
|||||||
"allowErrors": false
|
"allowErrors": false
|
||||||
},
|
},
|
||||||
"dest": "dist",
|
"dest": "dist",
|
||||||
"pkgVersion": "1.2.0",
|
"pkgVersion": "1.3.0",
|
||||||
"banners": [
|
"banners": [
|
||||||
"banners/malware_scans.swig",
|
"banners/malware_scans.swig",
|
||||||
"banners/donations.swig"
|
"banners/donations.swig"
|
||||||
|
26
mysql_schema.sql
Normal file
26
mysql_schema.sql
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
CREATE TABLE `files` (
|
||||||
|
`id` int(20) unsigned NOT NULL auto_increment,
|
||||||
|
`hash` char(40) DEFAULT NULL,
|
||||||
|
`originalname` varchar(255) default NULL,
|
||||||
|
`filename` varchar(30) default NULL,
|
||||||
|
`size` int(15) DEFAULT NULL,
|
||||||
|
`date` int(15) DEFAULT NULL,
|
||||||
|
`ip` char(15) DEFAULT NULL,
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
|
||||||
|
|
||||||
|
CREATE TABLE `accounts` (
|
||||||
|
`id` int(20) unsigned NOT NULL auto_increment,
|
||||||
|
`email` varchar(255) default NULL,
|
||||||
|
`pass` varchar(255) default NULL,
|
||||||
|
`level` int(15) DEFAULT NULL,
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
|
||||||
|
|
||||||
|
CREATE TABLE `blacklist` (
|
||||||
|
`id` int(20) unsigned NOT NULL auto_increment,
|
||||||
|
`hash` char(40) DEFAULT NULL,
|
||||||
|
`originalname` varchar(255) default NULL,
|
||||||
|
`time` int(15) DEFAULT NULL,
|
||||||
|
PRIMARY KEY (`id`)
|
||||||
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "uguu",
|
"name": "uguu",
|
||||||
"version": "1.2.0",
|
"version": "1.3.0",
|
||||||
"description": "Kawaii file host",
|
"description": "Kawaii file host",
|
||||||
"homepage": "https://uguu.se/",
|
"homepage": "https://uguu.se/",
|
||||||
"repository": {
|
"repository": {
|
||||||
|
@ -10,4 +10,16 @@ CREATE TABLE `files` (
|
|||||||
, `date` integer default NULL
|
, `date` integer default NULL
|
||||||
, `ip` char(15) default NULL
|
, `ip` char(15) default NULL
|
||||||
);
|
);
|
||||||
|
CREATE TABLE `accounts` (
|
||||||
|
`id` integer NOT NULL PRIMARY KEY AUTOINCREMENT
|
||||||
|
, `email` varchar(255) default NULL
|
||||||
|
, `pass` varchar(255) default NULL
|
||||||
|
, `level` integer default NULL
|
||||||
|
);
|
||||||
|
CREATE TABLE `blacklist` (
|
||||||
|
`id` integer NOT NULL PRIMARY KEY AUTOINCREMENT
|
||||||
|
, `hash` char(40) default NULL
|
||||||
|
, `originalname` varchar(255) default NULL
|
||||||
|
, `time` integer default NULL
|
||||||
|
);
|
||||||
END TRANSACTION;
|
END TRANSACTION;
|
||||||
|
@ -35,6 +35,12 @@ define('LOG_IP', false);
|
|||||||
*/
|
*/
|
||||||
define('ANTI_DUPE', false);
|
define('ANTI_DUPE', false);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param boolean blacklist DB
|
||||||
|
* ONLY ENABLE THIS IS YOU ARE USING THE LATEST DB SCHEMA!
|
||||||
|
*/
|
||||||
|
define('BLACKLIST_DB', false);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* File system location where to store uploaded files
|
* File system location where to store uploaded files
|
||||||
*
|
*
|
||||||
|
@ -61,6 +61,22 @@ function generateName($file)
|
|||||||
$name .= '.'.$ext;
|
$name .= '.'.$ext;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Check if the file is blacklisted
|
||||||
|
if(BLACKLIST_DB){
|
||||||
|
$q = $db->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
|
||||||
|
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
|
||||||
|
$q->execute();
|
||||||
|
$result = $q->fetch();
|
||||||
|
if ($result['count'] > 0) {
|
||||||
|
http_response_code(415);
|
||||||
|
throw new Exception(
|
||||||
|
'File blacklisted!',
|
||||||
|
415
|
||||||
|
);
|
||||||
|
exit(0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Check if file is whitelisted or blacklisted
|
// Check if file is whitelisted or blacklisted
|
||||||
switch (CONFIG_FILTER_MODE) {
|
switch (CONFIG_FILTER_MODE) {
|
||||||
|
|
||||||
@ -68,12 +84,20 @@ function generateName($file)
|
|||||||
//check if MIME is blacklisted
|
//check if MIME is blacklisted
|
||||||
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
||||||
http_response_code(415);
|
http_response_code(415);
|
||||||
exit(0);
|
throw new Exception(
|
||||||
|
'File type not allowed!',
|
||||||
|
415
|
||||||
|
);
|
||||||
|
exit(0);
|
||||||
}
|
}
|
||||||
//Check if EXT is blacklisted
|
//Check if EXT is blacklisted
|
||||||
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
|
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
|
||||||
http_response_code(415);
|
http_response_code(415);
|
||||||
exit(0);
|
throw new Exception(
|
||||||
|
'File type not allowed!',
|
||||||
|
415
|
||||||
|
);
|
||||||
|
exit(0);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@ -81,12 +105,20 @@ function generateName($file)
|
|||||||
//Check if MIME is whitelisted
|
//Check if MIME is whitelisted
|
||||||
if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
||||||
http_response_code(415);
|
http_response_code(415);
|
||||||
exit(0);
|
throw new Exception(
|
||||||
|
'File type not allowed!',
|
||||||
|
415
|
||||||
|
);
|
||||||
|
exit(0);
|
||||||
}
|
}
|
||||||
//Check if EXT is whitelisted
|
//Check if EXT is whitelisted
|
||||||
if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
|
if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
|
||||||
http_response_code(415);
|
http_response_code(415);
|
||||||
exit(0);
|
throw new Exception(
|
||||||
|
'File type not allowed!',
|
||||||
|
415
|
||||||
|
);
|
||||||
|
exit(0);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user