]>
Commit | Line | Data |
---|---|---|
e480c0e5 GJ |
1 | <?php |
2 | ||
3 | /** | |
4 | * Uguu | |
5 | * | |
6 | * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se> | |
7 | * | |
8 | * This program is free software: you can redistribute it and/or modify | |
9 | * it under the terms of the GNU General Public License as published by | |
10 | * the Free Software Foundation, either version 3 of the License, or | |
11 | * (at your option) any later version. | |
12 | * | |
13 | * This program is distributed in the hope that it will be useful, | |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
16 | * GNU General Public License for more details. | |
17 | * | |
18 | * You should have received a copy of the GNU General Public License | |
19 | * along with this program. If not, see <https://www.gnu.org/licenses/>. | |
20 | */ | |
21 | ||
22 | namespace Pomf\Uguu\Classes; | |
23 | ||
24 | use Exception; | |
25 | use PDO; | |
26 | ||
27 | class Database | |
28 | { | |
29 | private PDO $DB; | |
30 | ||
31 | public function setDB($DB): void | |
32 | { | |
33 | $this->DB = $DB; | |
34 | } | |
35 | ||
36 | ||
37 | /** | |
38 | * @throws Exception | |
39 | */ | |
40 | public function dbCheckNameExists($name): string | |
41 | { | |
42 | try { | |
43 | $q = $this->DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)'); | |
44 | $q->bindValue(':name', $name); | |
45 | $q->execute(); | |
46 | return $q->fetchColumn(); | |
47 | } catch (Exception) { | |
48 | throw new Exception('Cant check if name exists in DB.', 500); | |
49 | } | |
50 | } | |
51 | ||
52 | /** | |
53 | * @throws Exception | |
54 | */ | |
55 | public function checkFileBlacklist($FILE_INFO): void | |
56 | { | |
57 | try { | |
58 | $q = $this->DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)'); | |
59 | $q->bindValue(':hash', $FILE_INFO['SHA1']); | |
60 | $q->execute(); | |
61 | $result = $q->fetch(); | |
62 | if ($result['count'] > 0) { | |
63 | throw new Exception('File blacklisted!', 415); | |
64 | } | |
65 | } catch (Exception) { | |
66 | throw new Exception('Cant check blacklist DB.', 500); | |
67 | } | |
68 | } | |
69 | ||
70 | /** | |
71 | * @throws Exception | |
72 | */ | |
73 | public function antiDupe($hash): bool | array | string | |
74 | { | |
75 | if (!$this->CONFIG['ANTI_DUPE']) { | |
76 | return true; | |
77 | } | |
78 | ||
79 | try { | |
80 | $q = $this->DB->prepare( | |
81 | 'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash)' | |
82 | ); | |
83 | $q->bindValue(':hash', $hash); | |
84 | $q->execute(); | |
85 | $result = $q->fetch(); | |
86 | if ($result['count'] > 0) { | |
87 | return $result['filename']; | |
88 | } else { | |
89 | return true; | |
90 | } | |
91 | } catch (Exception) { | |
92 | throw new Exception('Cant check for dupes in DB.', 500); | |
93 | } | |
94 | } | |
95 | ||
96 | /** | |
97 | * @throws Exception | |
98 | */ | |
99 | public function newIntoDB($FILE_INFO, $fingerPrintInfo): void | |
100 | { | |
101 | try { | |
102 | $q = $this->DB->prepare( | |
103 | 'INSERT INTO files (hash, originalname, filename, size, date, ip)' . | |
104 | 'VALUES (:hash, :orig, :name, :size, :date, :ip)' | |
105 | ); | |
106 | $q->bindValue(':hash', $FILE_INFO['SHA1']); | |
107 | $q->bindValue(':orig', $FILE_INFO['NAME']); | |
108 | $q->bindValue(':name', $FILE_INFO['NEW_NAME']); | |
109 | $q->bindValue(':size', $FILE_INFO['SIZE'], PDO::PARAM_INT); | |
110 | $q->bindValue(':date', $fingerPrintInfo['timestamp']); | |
111 | $q->bindValue(':ip', $fingerPrintInfo['ip']); | |
112 | $q->execute(); | |
113 | } catch (Exception) { | |
114 | throw new Exception('Cant insert into DB.', 500); | |
115 | } | |
116 | } | |
117 | ||
118 | ||
119 | public function createRateLimit($fingerPrintInfo): void | |
120 | { | |
121 | $q = $this->DB->prepare( | |
122 | 'INSERT INTO timestamp (iphash, files, time)' . | |
123 | 'VALUES (:iphash, :files, :time)' | |
124 | ); | |
125 | ||
126 | $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); | |
127 | $q->bindValue(':files', $fingerPrintInfo['files_amount']); | |
128 | $q->bindValue(':time', $fingerPrintInfo['timestamp']); | |
129 | $q->execute(); | |
130 | } | |
131 | ||
132 | public function updateRateLimit($fCount, $iStamp, $fingerPrintInfo): void | |
133 | { | |
134 | if ($iStamp) { | |
135 | $q = $this->DB->prepare( | |
136 | 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)' | |
137 | ); | |
138 | $q->bindValue(':time', $fingerPrintInfo['timestamp']); | |
139 | } else { | |
140 | $q = $this->DB->prepare( | |
141 | 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)' | |
142 | ); | |
143 | } | |
144 | ||
145 | $q->bindValue(':files', $fCount); | |
146 | $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); | |
147 | $q->execute(); | |
148 | } | |
149 | ||
150 | ||
151 | ||
152 | public function checkRateLimit($fingerPrintInfo): bool | |
153 | { | |
154 | $q = $this->DB->prepare( | |
155 | 'SELECT files, time, iphash, COUNT(*) AS count FROM ratelimit WHERE iphash = (:iphash)' | |
156 | ); | |
157 | $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']); | |
158 | $q->execute(); | |
159 | $result = $q->fetch(); | |
160 | ||
161 | $nTime = $fingerPrintInfo['timestamp'] - (60); | |
162 | ||
163 | switch (true) { | |
164 | //If more then 100 files trigger rate-limit | |
165 | case $result['files'] > 100: | |
166 | return true; | |
167 | ||
168 | //if timestamp is older than one minute, set new files count and timestamp | |
169 | case $result['time'] < $nTime: | |
170 | $this->updateRateLimit($fingerPrintInfo['files_amount'], true, $fingerPrintInfo); | |
171 | break; | |
172 | ||
173 | //if timestamp isn't older than one-minute update the files count | |
174 | case $result['time'] > $nTime: | |
175 | $this->updateRateLimit($fingerPrintInfo['files_amount'] + $result['files'], false, $fingerPrintInfo); | |
176 | break; | |
177 | ||
178 | //If there is no other match a record does not exist, create one | |
179 | default: | |
180 | $this->createRateLimit($fingerPrintInfo); | |
181 | break; | |
182 | } | |
183 | return false; | |
184 | } | |
185 | } |