[uguu.git] / static / php / includes / Core.namespace.php

<?php

/*
 * Uguu
 *
 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */


namespace Core {

    require_once 'Upload.class.php';

    use Exception;
    use PDO;
    use Upload as Upload;

    class Settings
    {

        public static mixed $DB;

        public static string $DB_MODE;
        public static string $DB_PATH;
        public static string $DB_USER;
        public static string $DB_PASS;

        public static bool $LOG_IP;
        public static bool $ANTI_DUPE;
        public static bool $BLACKLIST_DB;
        public static bool $FILTER_MODE;

        public static string $FILES_ROOT;
        public static int $FILES_RETRIES;

        public static bool $SSL;
        public static string $URL;

        public static int $NAME_LENGTH;
        public static string $ID_CHARSET;
        public static array $BLOCKED_EXTENSIONS;
        public static array $BLOCKED_MIME;


        /**
         * @throws Exception
         */
        public static function loadConfig()
        {
            if (!file_exists('/var/www/uguu/dist.json')) {
                throw new Exception('Cant read settings file.', 500);
            }
            try {
                $settings_array = json_decode(
                    file_get_contents('/var/www/uguu/dist.json'),
                    true
                );
                self::$DB_MODE = $settings_array['DB_MODE'];
                self::$DB_PATH = $settings_array['DB_PATH'];
                self::$DB_USER = $settings_array['DB_USER'];
                self::$DB_PASS = $settings_array['DB_PASS'];
                self::$LOG_IP = $settings_array['LOG_IP'];
                self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
                self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
                self::$FILTER_MODE = $settings_array['FILTER_MODE'];
                self::$FILES_ROOT = $settings_array['FILES_ROOT'];
                self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
                self::$SSL = $settings_array['SSL'];
                self::$URL = $settings_array['URL'];
                self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
                self::$ID_CHARSET = $settings_array['ID_CHARSET'];
                self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
                self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
            } catch (Exception) {
                throw new Exception('Cant populate settings.', 500);
            }
            (new Database())->assemblePDO();
        }
    }

    class cuteGrills
    {
        public static array $GRILLS;

        public static function showGrills()
        {
            self::loadGrills();
            if (!headers_sent()) {
                header(
                    'Location: /img/grills/' .
                    self::$GRILLS[array_rand(self::$GRILLS)],
                    true,
                    303
                );
            }
        }

        public static function loadGrills()
        {
            self::$GRILLS = array_slice(scandir('img/grills/'), 2);
        }
    }

    class Response
    {
        private mixed $type;

        public function __construct($response_type = null)
        {
            switch ($response_type) {
                case 'csv':
                    header('Content-Type: text/csv; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'html':
                    header('Content-Type: text/html; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'json':
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'gyazo':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = 'text';
                    break;
                case 'text':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                default:
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = 'json';
                    $this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
                    break;
            }
        }

        public function error($code, $desc)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvError($desc);
                    break;
                case 'html':
                    $response = $this->htmlError($code, $desc);
                    break;
                case 'json':
                    $response = $this->jsonError($code, $desc);
                    break;
                case 'text':
                    $response = $this->textError($code, $desc);
                    break;
            }
            http_response_code($code);
            echo $response;
        }

        private static function csvError($description): string
        {
            return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
        }

        private static function htmlError($code, $description): string
        {
            return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
        }

        private static function jsonError($code, $description): bool|string
        {
            return json_encode([
                'success' => false,
                'errorcode' => $code,
                'description' => $description,
            ], JSON_PRETTY_PRINT);
        }


        private static function textError($code, $description): string
        {
            return 'ERROR: (' . $code . ') ' . $description;
        }

        public function send($files)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvSuccess($files);
                    break;
                case 'html':
                    $response = $this->htmlSuccess($files);
                    break;
                case 'json':
                    $response = $this->jsonSuccess($files);
                    break;
                case 'text':
                    $response = $this->textSuccess($files);
                    break;
            }

            http_response_code(200); // "200 OK". Success.
            echo $response;
        }

        private static function csvSuccess($files): string
        {
            $result = '"name","url","hash","size"' . "\r\n";
            foreach ($files as $file) {
                $result .= '"' . $file['name'] . '"' . ',' .
                    '"' . $file['url'] . '"' . ',' .
                    '"' . $file['hash'] . '"' . ',' .
                    '"' . $file['size'] . '"' . "\r\n";
            }

            return $result;
        }

        private static function htmlSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
            }

            return $result;
        }

        private static function jsonSuccess($files): bool|string
        {
            return json_encode([
                'success' => true,
                'files' => $files,
            ], JSON_PRETTY_PRINT);
        }

        private static function textSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= $file['url'] . "\n";
            }

            return $result;
        }
    }

    class Database
    {
        /**
         * @throws Exception
         */
        public static function assemblePDO()
        {
            try {
                Settings::$DB = new PDO(
                    Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
                    Settings::$DB_PASS
                );
            } catch (Exception) {
                throw new Exception('Cant connect to DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function dbCheckNameExists()
        {
            try {
                $q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
                $q->bindValue(':name', Upload::$NEW_NAME_FULL);
                $q->execute();
                return $q->fetchColumn();
            } catch (Exception) {
                throw new Exception('Cant check if name exists in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function checkFileBlacklist()
        {
            try {
                $q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    throw new Exception('File blacklisted!', 415);
                }
            } catch (Exception) {
                throw new Exception('Cant check blacklist DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function antiDupe()
        {
            try {
                $q = Settings::$DB->prepare(
                    'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    return $result['filename'];
                }
            } catch (Exception) {
                throw new Exception('Cant check for dupes in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function newIntoDB()
        {
            try {
                $q = Settings::$DB->prepare(
                    'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
                    'VALUES (:hash, :orig, :name, :size, :date, :ip)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
                $q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->bindValue(':date', time(), PDO::PARAM_STR);
                $q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
                $q->execute();
            } catch (Exception) {
                throw new Exception('Cant insert into DB.', 500);
            }
        }
    }
}
Commit	Line	Data
044a28cd	1	<?php
82202428	2
044a28cd GJ	3	/*
	4	* Uguu
	5	*
5156099c	6	* @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
044a28cd GJ	7	*
	8	* This program is free software: you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, either version 3 of the License, or
	11	* (at your option) any later version.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program. If not, see <https://www.gnu.org/licenses/>.
	20	*/
	21
82202428	22
044a28cd GJ	23	namespace Core {
044a28cd GJ	24
82202428 GJ	25	require_once 'Upload.class.php';
82202428 GJ	26
4c21cfa0	27	use Exception;
044a28cd GJ	28	use PDO;
	29	use Upload as Upload;
	30
	31	class Settings
	32	{
	33
	34	public static mixed $DB;
	35
	36	public static string $DB_MODE;
	37	public static string $DB_PATH;
	38	public static string $DB_USER;
	39	public static string $DB_PASS;
	40
	41	public static bool $LOG_IP;
	42	public static bool $ANTI_DUPE;
	43	public static bool $BLACKLIST_DB;
	44	public static bool $FILTER_MODE;
	45
	46	public static string $FILES_ROOT;
	47	public static int $FILES_RETRIES;
	48
	49	public static bool $SSL;
	50	public static string $URL;
	51
	52	public static int $NAME_LENGTH;
	53	public static string $ID_CHARSET;
044a28cd GJ	54	public static array $BLOCKED_EXTENSIONS;
	55	public static array $BLOCKED_MIME;
	56
	57
4c21cfa0 GJ	58	/**
	59	* @throws Exception
	60	*/
82202428 GJ	61	public static function loadConfig()
82202428 GJ	62	{
edfde395	63	if (!file_exists('/var/www/uguu/dist.json')) {
4c21cfa0	64	throw new Exception('Cant read settings file.', 500);
82202428 GJ	65	}
	66	try {
	67	$settings_array = json_decode(
edfde395	68	file_get_contents('/var/www/uguu/dist.json'),
82202428 GJ	69	true
	70	);
	71	self::$DB_MODE = $settings_array['DB_MODE'];
	72	self::$DB_PATH = $settings_array['DB_PATH'];
	73	self::$DB_USER = $settings_array['DB_USER'];
	74	self::$DB_PASS = $settings_array['DB_PASS'];
	75	self::$LOG_IP = $settings_array['LOG_IP'];
	76	self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
	77	self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
	78	self::$FILTER_MODE = $settings_array['FILTER_MODE'];
	79	self::$FILES_ROOT = $settings_array['FILES_ROOT'];
	80	self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
	81	self::$SSL = $settings_array['SSL'];
	82	self::$URL = $settings_array['URL'];
	83	self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
	84	self::$ID_CHARSET = $settings_array['ID_CHARSET'];
	85	self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
	86	self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
4c21cfa0 GJ	87	} catch (Exception) {
4c21cfa0 GJ	88	throw new Exception('Cant populate settings.', 500);
82202428 GJ	89	}
82202428 GJ	90	(new Database())->assemblePDO();
044a28cd GJ	91	}
	92	}
	93
	94	class cuteGrills
	95	{
	96	public static array $GRILLS;
	97
044a28cd GJ	98	public static function showGrills()
044a28cd GJ	99	{
82202428	100	self::loadGrills();
044a28cd	101	if (!headers_sent()) {
82202428 GJ	102	header(
	103	'Location: /img/grills/' .
	104	self::$GRILLS[array_rand(self::$GRILLS)],
	105	true,
	106	303
	107	);
044a28cd GJ	108	}
044a28cd GJ	109	}
82202428 GJ	110
	111	public static function loadGrills()
	112	{
	113	self::$GRILLS = array_slice(scandir('img/grills/'), 2);
	114	}
044a28cd GJ	115	}
	116
	117	class Response
	118	{
4c21cfa0	119	private mixed $type;
82202428	120
82202428	121	public function __construct($response_type = null)
044a28cd	122	{
82202428 GJ	123	switch ($response_type) {
	124	case 'csv':
	125	header('Content-Type: text/csv; charset=UTF-8');
	126	$this->type = $response_type;
	127	break;
	128	case 'html':
	129	header('Content-Type: text/html; charset=UTF-8');
	130	$this->type = $response_type;
	131	break;
	132	case 'json':
	133	header('Content-Type: application/json; charset=UTF-8');
	134	$this->type = $response_type;
	135	break;
	136	case 'gyazo':
	137	header('Content-Type: text/plain; charset=UTF-8');
	138	$this->type = 'text';
	139	break;
	140	case 'text':
	141	header('Content-Type: text/plain; charset=UTF-8');
	142	$this->type = $response_type;
	143	break;
	144	default:
	145	header('Content-Type: application/json; charset=UTF-8');
	146	$this->type = 'json';
	147	$this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
	148	break;
	149	}
	150	}
	151
82202428 GJ	152	public function error($code, $desc)
	153	{
	154	$response = null;
	155
	156	switch ($this->type) {
	157	case 'csv':
	158	$response = $this->csvError($desc);
	159	break;
	160	case 'html':
	161	$response = $this->htmlError($code, $desc);
	162	break;
	163	case 'json':
	164	$response = $this->jsonError($code, $desc);
	165	break;
	166	case 'text':
	167	$response = $this->textError($code, $desc);
	168	break;
	169	}
044a28cd	170	http_response_code($code);
82202428 GJ	171	echo $response;
	172	}
	173
4c21cfa0	174	private static function csvError($description): string
82202428 GJ	175	{
	176	return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
	177	}
	178
4c21cfa0	179	private static function htmlError($code, $description): string
82202428 GJ	180	{
	181	return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
	182	}
	183
4c21cfa0	184	private static function jsonError($code, $description): bool\|string
82202428 GJ	185	{
82202428 GJ	186	return json_encode([
044a28cd	187	'success' => false,
82202428 GJ	188	'errorcode' => $code,
	189	'description' => $description,
	190	], JSON_PRETTY_PRINT);
044a28cd GJ	191	}
044a28cd GJ	192
4c21cfa0 GJ	193
4c21cfa0 GJ	194	private static function textError($code, $description): string
044a28cd	195	{
82202428	196	return 'ERROR: (' . $code . ') ' . $description;
044a28cd GJ	197	}
044a28cd GJ	198
82202428	199	public function send($files)
044a28cd	200	{
82202428 GJ	201	$response = null;
	202
	203	switch ($this->type) {
	204	case 'csv':
	205	$response = $this->csvSuccess($files);
	206	break;
	207	case 'html':
	208	$response = $this->htmlSuccess($files);
	209	break;
	210	case 'json':
	211	$response = $this->jsonSuccess($files);
	212	break;
	213	case 'text':
	214	$response = $this->textSuccess($files);
	215	break;
	216	}
	217
	218	http_response_code(200); // "200 OK". Success.
	219	echo $response;
	220	}
	221
4c21cfa0	222	private static function csvSuccess($files): string
82202428 GJ	223	{
	224	$result = '"name","url","hash","size"' . "\r\n";
	225	foreach ($files as $file) {
	226	$result .= '"' . $file['name'] . '"' . ',' .
	227	'"' . $file['url'] . '"' . ',' .
	228	'"' . $file['hash'] . '"' . ',' .
	229	'"' . $file['size'] . '"' . "\r\n";
	230	}
	231
	232	return $result;
	233	}
	234
4c21cfa0	235	private static function htmlSuccess($files): string
82202428 GJ	236	{
	237	$result = '';
	238
	239	foreach ($files as $file) {
	240	$result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
	241	}
	242
	243	return $result;
	244	}
	245
4c21cfa0	246	private static function jsonSuccess($files): bool\|string
82202428 GJ	247	{
82202428 GJ	248	return json_encode([
044a28cd	249	'success' => true,
82202428 GJ	250	'files' => $files,
	251	], JSON_PRETTY_PRINT);
	252	}
	253
4c21cfa0	254	private static function textSuccess($files): string
82202428 GJ	255	{
	256	$result = '';
	257
	258	foreach ($files as $file) {
	259	$result .= $file['url'] . "\n";
	260	}
	261
	262	return $result;
044a28cd GJ	263	}
	264	}
	265
044a28cd GJ	266	class Database
044a28cd GJ	267	{
4c21cfa0 GJ	268	/**
	269	* @throws Exception
	270	*/
82202428	271	public static function assemblePDO()
044a28cd	272	{
82202428 GJ	273	try {
	274	Settings::$DB = new PDO(
	275	Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
	276	Settings::$DB_PASS
	277	);
4c21cfa0 GJ	278	} catch (Exception) {
4c21cfa0 GJ	279	throw new Exception('Cant connect to DB.', 500);
82202428	280	}
044a28cd GJ	281	}
044a28cd GJ	282
4c21cfa0 GJ	283	/**
	284	* @throws Exception
	285	*/
044a28cd GJ	286	public function dbCheckNameExists()
044a28cd GJ	287	{
82202428 GJ	288	try {
	289	$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
	290	$q->bindValue(':name', Upload::$NEW_NAME_FULL);
	291	$q->execute();
	292	return $q->fetchColumn();
4c21cfa0 GJ	293	} catch (Exception) {
4c21cfa0 GJ	294	throw new Exception('Cant check if name exists in DB.', 500);
82202428	295	}
044a28cd GJ	296	}
044a28cd GJ	297
4c21cfa0 GJ	298	/**
	299	* @throws Exception
	300	*/
044a28cd GJ	301	public function checkFileBlacklist()
044a28cd GJ	302	{
82202428 GJ	303	try {
	304	$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
	305	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	306	$q->execute();
	307	$result = $q->fetch();
	308	if ($result['count'] > 0) {
4c21cfa0	309	throw new Exception('File blacklisted!', 415);
82202428	310	}
4c21cfa0 GJ	311	} catch (Exception) {
4c21cfa0 GJ	312	throw new Exception('Cant check blacklist DB.', 500);
044a28cd GJ	313	}
	314	}
	315
4c21cfa0 GJ	316	/**
	317	* @throws Exception
	318	*/
82202428 GJ	319	public function antiDupe()
	320	{
	321	try {
	322	$q = Settings::$DB->prepare(
	323	'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
044a28cd	324	);
82202428 GJ	325	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	326	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	327	$q->execute();
	328	$result = $q->fetch();
	329	if ($result['count'] > 0) {
0a3934c2	330	return $result['filename'];
82202428	331	}
4c21cfa0 GJ	332	} catch (Exception) {
4c21cfa0 GJ	333	throw new Exception('Cant check for dupes in DB.', 500);
044a28cd	334	}
044a28cd GJ	335	}
044a28cd GJ	336
4c21cfa0 GJ	337	/**
	338	* @throws Exception
	339	*/
044a28cd GJ	340	public function newIntoDB()
044a28cd GJ	341	{
82202428 GJ	342	try {
	343	$q = Settings::$DB->prepare(
	344	'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
	345	'VALUES (:hash, :orig, :name, :size, :date, :ip)'
	346	);
	347	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	348	$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
	349	$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
	350	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	351	$q->bindValue(':date', time(), PDO::PARAM_STR);
	352	$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
	353	$q->execute();
4c21cfa0 GJ	354	} catch (Exception) {
4c21cfa0 GJ	355	throw new Exception('Cant insert into DB.', 500);
82202428	356	}
044a28cd GJ	357	}
	358	}
	359	}
	360
	361