mirror of
https://github.com/nokonoko/Uguu.git
synced 2024-01-06 13:35:15 +00:00
bug fix
Fixes a bug where the hash isn't inserted into the DB, also adds the option to enable anti-dupe
This commit is contained in:
parent
84c4a07100
commit
d9744300eb
@ -26,7 +26,10 @@ define('UGUU_DB_USER', 'NULL');
|
||||
define('UGUU_DB_PASS', 'NULL');
|
||||
|
||||
/** Log IP of uploads */
|
||||
define('LOG_IP', 'no');
|
||||
define('LOG_IP', 'false');
|
||||
|
||||
/** Dont upload a file already in the DB */
|
||||
define('ANTI_DUPE', 'false');
|
||||
|
||||
/*
|
||||
* File system location where to store uploaded files
|
||||
|
@ -3,7 +3,6 @@
|
||||
* Handles POST uploads, generates filenames, moves files around and commits
|
||||
* uploaded metadata to database.
|
||||
*/
|
||||
|
||||
require_once 'classes/Response.class.php';
|
||||
require_once 'classes/UploadException.class.php';
|
||||
require_once 'classes/UploadedFile.class.php';
|
||||
@ -24,9 +23,11 @@ function generateName($file)
|
||||
// We start at N retries, and --N until we give up
|
||||
$tries = UGUU_FILES_RETRIES;
|
||||
$length = UGUU_FILES_LENGTH;
|
||||
|
||||
//Get EXT
|
||||
$ext = pathinfo($file->name, PATHINFO_EXTENSION);
|
||||
//Get mime
|
||||
|
||||
//Get MIME
|
||||
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
||||
$type_mime = finfo_file($finfo, $file->tempfile);
|
||||
finfo_close($finfo);
|
||||
@ -42,8 +43,8 @@ function generateName($file)
|
||||
do {
|
||||
// Iterate until we reach the maximum number of retries
|
||||
if ($tries-- === 0) {
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
'Gave up trying to find an unused name',
|
||||
500
|
||||
); // HTTP status code "500 Internal Server Error"
|
||||
@ -60,17 +61,16 @@ function generateName($file)
|
||||
$name .= '.'.$ext;
|
||||
}
|
||||
|
||||
//Check if mime is blacklisted
|
||||
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
||||
http_response_code(415);
|
||||
throw new Exception ('Extension type not allowed.');
|
||||
//Check if MIME is blacklisted
|
||||
if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) {
|
||||
http_response_code(415);
|
||||
throw new UploadException(UPLOAD_ERR_EXTENSION);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
}
|
||||
//Check if EXT is blacklisted
|
||||
if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
|
||||
http_response_code(415);
|
||||
throw new Exception ('Extension type not allowed.');
|
||||
http_response_code(415);
|
||||
throw new UploadException(UPLOAD_ERR_EXTENSION);
|
||||
exit(0);
|
||||
}
|
||||
|
||||
@ -80,9 +80,10 @@ function generateName($file)
|
||||
$q->execute();
|
||||
$result = $q->fetchColumn();
|
||||
// If it does, generate a new name
|
||||
} while ($result > 0);
|
||||
return $name;
|
||||
}
|
||||
} while ($result > 0);
|
||||
|
||||
return $name;
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles the uploading and db entry for a file.
|
||||
@ -102,19 +103,41 @@ function uploadFile($file)
|
||||
throw new UploadException($file->error);
|
||||
}
|
||||
|
||||
// Generate a name for the file
|
||||
$newname = generateName($file);
|
||||
//fixes a bug
|
||||
$lol = $file->getSha1();
|
||||
|
||||
// Check if a file with the same hash and size (a file which is the same)
|
||||
// does already exist in the database; if it does, return the proper link
|
||||
// and data. PHP deletes the temporary file just uploaded automatically.
|
||||
if(ANTI_DUPE == 'true'){
|
||||
$q = $db->prepare('SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)');
|
||||
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
|
||||
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
|
||||
$q->execute();
|
||||
$result = $q->fetch();
|
||||
if ($result['count'] > 0) {
|
||||
return [
|
||||
'hash' => $file->getSha1(),
|
||||
'name' => $file->name,
|
||||
'url' => UGUU_URL.rawurlencode($result['filename']),
|
||||
'size' => $file->size,
|
||||
];
|
||||
}
|
||||
}
|
||||
|
||||
// Get IP
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
|
||||
// Generate a name for the file
|
||||
$newname = generateName($file);
|
||||
|
||||
// Store the file's full file path in memory
|
||||
$uploadFile = UGUU_FILES_ROOT . $newname;
|
||||
$uploadFile = UGUU_FILES_ROOT.$newname;
|
||||
|
||||
// Attempt to move it to the static directory
|
||||
if (!move_uploaded_file($file->tempfile, $uploadFile)) {
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
'Failed to move file to destination',
|
||||
500
|
||||
); // HTTP status code "500 Internal Server Error"
|
||||
@ -122,47 +145,46 @@ function uploadFile($file)
|
||||
|
||||
// Need to change permissions for the new file to make it world readable
|
||||
if (!chmod($uploadFile, 0644)) {
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
http_response_code(500);
|
||||
throw new Exception(
|
||||
'Failed to change file permissions',
|
||||
500
|
||||
); // HTTP status code "500 Internal Server Error"
|
||||
}
|
||||
|
||||
// Add it to the database
|
||||
if(LOG_IP == 'yes'){
|
||||
if(LOG_IP == 'true'){
|
||||
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ip) VALUES (:hash, :orig, :name, :size, :date, :ip)');
|
||||
}else{
|
||||
} else {
|
||||
$ip = '0';
|
||||
$q = $db->prepare('INSERT INTO files (hash, originalname, filename, size, date, ip) VALUES (:hash, :orig, :name, :size, :date, :ip)');
|
||||
}
|
||||
}
|
||||
|
||||
// Common parameters binding
|
||||
$q->bindValue(':hash', $file->getSha1(), PDO::PARAM_STR);
|
||||
$q->bindValue(':orig', strip_tags($file->name), PDO::PARAM_STR);
|
||||
$q->bindValue(':name', $newname, PDO::PARAM_STR);
|
||||
$q->bindValue(':size', $file->size, PDO::PARAM_INT);
|
||||
$q->bindValue(':date', time(), PDO::PARAM_INT);
|
||||
$q->bindValue(':date', time(), PDO::PARAM_STR);
|
||||
$q->bindValue(':ip', $ip, PDO::PARAM_STR);
|
||||
$q->execute();
|
||||
|
||||
return array(
|
||||
return [
|
||||
'hash' => $file->getSha1(),
|
||||
'name' => $file->name,
|
||||
'url' => UGUU_URL.rawurlencode($newname),
|
||||
'size' => $file->size,
|
||||
);
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Reorder files array by file.
|
||||
*
|
||||
* @param $_FILES
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function diverseArray($files)
|
||||
{
|
||||
$result = array();
|
||||
$result = [];
|
||||
|
||||
foreach ($files as $key1 => $value1) {
|
||||
foreach ($value1 as $key2 => $value2) {
|
||||
@ -176,13 +198,11 @@ function diverseArray($files)
|
||||
/**
|
||||
* Reorganize the $_FILES array into something saner.
|
||||
*
|
||||
* @param $_FILES
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
function refiles($files)
|
||||
{
|
||||
$result = array();
|
||||
$result = [];
|
||||
$files = diverseArray($files);
|
||||
|
||||
foreach ($files as $file) {
|
||||
|
Loading…
Reference in New Issue
Block a user