[uguu.git] / static / php / includes / Core.namespace.php

<?php
/*
 * Uguu
 *
 * @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

namespace Core {

    use PDO;
    use Upload as Upload;

    class Settings
    {

        public static mixed $DB;

        public static string $DB_MODE;
        public static string $DB_PATH;
        public static string $DB_USER;
        public static string $DB_PASS;

        public static bool $LOG_IP;
        public static bool $ANTI_DUPE;
        public static bool $BLACKLIST_DB;
        public static bool $FILTER_MODE;

        public static string $FILES_ROOT;
        public static int $FILES_RETRIES;

        public static bool $SSL;
        public static string $URL;

        public static int $NAME_LENGTH;
        public static string $ID_CHARSET;
        public static array $DOUBLE_DOTS;
        public static array $BLOCKED_EXTENSIONS;
        public static array $BLOCKED_MIME;


        public function __construct()
        {
            $settings_array = json_decode(file_get_contents('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json'), true);
            self::$DB_MODE = $settings_array['DB_MODE'];
            self::$DB_PATH = $settings_array['DB_PATH'];
            self::$DB_USER = $settings_array['DB_USER'];
            self::$DB_PASS = $settings_array['DB_PASS'];
            self::$LOG_IP = $settings_array['LOG_IP'];
            self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
            self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
            self::$FILTER_MODE = $settings_array['FILTER_MODE'];
            self::$FILES_ROOT = $settings_array['FILES_ROOT'];
            self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
            self::$SSL = $settings_array['SSL'];
            self::$URL = $settings_array['URL'];
            self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
            self::$ID_CHARSET = $settings_array['ID_CHARSET'];
            self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
            self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
            self::$DOUBLE_DOTS = array($settings_array['DOUBLE_DOTS']);
        }
    }

    class cuteGrills
    {
        public static array $GRILLS;

        public function __construct()
        {
            self::$GRILLS = array_slice(scandir('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist/img/grills/'), 2);
        }


        public static function showGrills()
        {
            if (!headers_sent()) {
                header('Location: ' . self::$GRILLS[array_rand(self::$GRILLS)], true, 303);
            }
        }
    }

    class Response
    {
        public function returnError($code, $message, $filename): bool|string
        {
            http_response_code($code);
            header('Content-Type: application/json; charset=UTF-8');
            self::cleanAndDie();
            return json_encode(array(
                'success' => false,
                'file' => $filename,
                'code' => $code,
                'description' => $message
            ), JSON_FORCE_OBJECT);
        }

        public function cleanAndDie()
        {
            Settings::$DB = null;
        }

        public function returnSuccess($files): bool|string
        {
            http_response_code('200');
            header('Content-Type: application/json; charset=UTF-8');
            return json_encode(array(
                'success' => true,
                'files' => $files
            ), JSON_PRETTY_PRINT);
        }
    }


    class Database
    {

        public function __construct()
        {
            Settings::$DB = new PDO(
                Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
                Settings::$DB_PASS
            );
        }

        public function dbCheckNameExists()
        {
            $q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
            $q->bindValue(':name', Upload::$NEW_NAME_FULL);
            $q->execute();
            return $q->fetchColumn();
        }

        public function checkFileBlacklist()
        {
            $q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
            $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
            $q->execute();
            $result = $q->fetch();
            if ($result['count'] > 0) {
                (new Response())->returnError('415', 'File blacklisted!', Upload::$FILE_NAME);
            }
        }

        public function antiDupe(): ?array
        {
            $q = Settings::$DB->prepare(
                'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
            );
            $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
            $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
            $q->execute();
            $result = $q->fetch();
            if ($result['count'] > 0) {
                return array(
                    'hash' => Upload::$SHA1,
                    'name' => Upload::$FILE_NAME,
                    'url' => Settings::$URL . rawurlencode($result['filename']),
                    'size' => Upload::$FILE_SIZE
                );
            }
            return [];
        }

        public function newIntoDB()
        {
            $q = Settings::$DB->prepare(
                'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
                'VALUES (:hash, :orig, :name, :size, :date, :ip)'
            );
            $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
            $q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
            $q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
            $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
            $q->bindValue(':date', time(), PDO::PARAM_STR);
            $q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
            $q->execute();
        }
    }
}
Commit	Line	Data
044a28cd GJ	1	<?php
	2	/*
	3	* Uguu
	4	*
	5	* @copyright Copyright (c) 2022 Go Johansson (nekunekus) <neku@pomf.se> <github.com/nokonoko>
	6	*
	7	* This program is free software: you can redistribute it and/or modify
	8	* it under the terms of the GNU General Public License as published by
	9	* the Free Software Foundation, either version 3 of the License, or
	10	* (at your option) any later version.
	11	*
	12	* This program is distributed in the hope that it will be useful,
	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	* GNU General Public License for more details.
	16	*
	17	* You should have received a copy of the GNU General Public License
	18	* along with this program. If not, see <https://www.gnu.org/licenses/>.
	19	*/
	20
	21	namespace Core {
	22
	23	use PDO;
	24	use Upload as Upload;
	25
	26	class Settings
	27	{
	28
	29	public static mixed $DB;
	30
	31	public static string $DB_MODE;
	32	public static string $DB_PATH;
	33	public static string $DB_USER;
	34	public static string $DB_PASS;
	35
	36	public static bool $LOG_IP;
	37	public static bool $ANTI_DUPE;
	38	public static bool $BLACKLIST_DB;
	39	public static bool $FILTER_MODE;
	40
	41	public static string $FILES_ROOT;
	42	public static int $FILES_RETRIES;
	43
	44	public static bool $SSL;
	45	public static string $URL;
	46
	47	public static int $NAME_LENGTH;
	48	public static string $ID_CHARSET;
	49	public static array $DOUBLE_DOTS;
	50	public static array $BLOCKED_EXTENSIONS;
	51	public static array $BLOCKED_MIME;
	52
	53
	54	public function __construct()
	55	{
	56	$settings_array = json_decode(file_get_contents('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json'), true);
	57	self::$DB_MODE = $settings_array['DB_MODE'];
	58	self::$DB_PATH = $settings_array['DB_PATH'];
	59	self::$DB_USER = $settings_array['DB_USER'];
	60	self::$DB_PASS = $settings_array['DB_PASS'];
	61	self::$LOG_IP = $settings_array['LOG_IP'];
	62	self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
	63	self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
	64	self::$FILTER_MODE = $settings_array['FILTER_MODE'];
65	self::$FILES_ROOT = $settings_array['FILES_ROOT'];
66	self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
67	self::$SSL = $settings_array['SSL'];
68	self::$URL = $settings_array['URL'];
69	self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
70	self::$ID_CHARSET = $settings_array['ID_CHARSET'];
71	self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
72	self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
73	self::$DOUBLE_DOTS = array($settings_array['DOUBLE_DOTS']);
74	}
75	}
76
77	class cuteGrills
78	{
79	public static array $GRILLS;
80
81	public function __construct()
82	{
83	self::$GRILLS = array_slice(scandir('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist/img/grills/'), 2);
84	}
85
86
87	public static function showGrills()
88	{
89	if (!headers_sent()) {
90	header('Location: ' . self::$GRILLS[array_rand(self::$GRILLS)], true, 303);
91	}
92	}
93	}
94
95	class Response
96	{
97	public function returnError($code, $message, $filename): bool\|string
98	{
99	http_response_code($code);
100	header('Content-Type: application/json; charset=UTF-8');
101	self::cleanAndDie();
102	return json_encode(array(
103	'success' => false,
104	'file' => $filename,
105	'code' => $code,
106	'description' => $message
107	), JSON_FORCE_OBJECT);
108	}
109
110	public function cleanAndDie()
111	{
112	Settings::$DB = null;
113	}
114
115	public function returnSuccess($files): bool\|string
116	{
117	http_response_code('200');
118	header('Content-Type: application/json; charset=UTF-8');
119	return json_encode(array(
120	'success' => true,
121	'files' => $files
122	), JSON_PRETTY_PRINT);
123	}
124	}
125
126
127	class Database
128	{
129
130	public function __construct()
131	{
132	Settings::$DB = new PDO(
133	Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
134	Settings::$DB_PASS
135	);
136	}
137
138	public function dbCheckNameExists()
139	{
140	$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
141	$q->bindValue(':name', Upload::$NEW_NAME_FULL);
142	$q->execute();
143	return $q->fetchColumn();
144	}
145
146	public function checkFileBlacklist()
147	{
148	$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
149	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
150	$q->execute();
151	$result = $q->fetch();
152	if ($result['count'] > 0) {
153	(new Response())->returnError('415', 'File blacklisted!', Upload::$FILE_NAME);
154	}
155	}
156
157	public function antiDupe(): ?array
158	{
159	$q = Settings::$DB->prepare(
160	'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
161	);
162	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
163	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
164	$q->execute();
165	$result = $q->fetch();
166	if ($result['count'] > 0) {
167	return array(
168	'hash' => Upload::$SHA1,
169	'name' => Upload::$FILE_NAME,
170	'url' => Settings::$URL . rawurlencode($result['filename']),
171	'size' => Upload::$FILE_SIZE
172	);
173	}
174	return [];
175	}
176
177	public function newIntoDB()
178	{
179	$q = Settings::$DB->prepare(
180	'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
181	'VALUES (:hash, :orig, :name, :size, :date, :ip)'
182	);
183	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
184	$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
185	$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
186	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
187	$q->bindValue(':date', time(), PDO::PARAM_STR);
188	$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
189	$q->execute();
190	}
191	}
192	}
193
194
195