[uguu.git] / static / php / includes / Core.namespace.php

<?php

/*
 * Uguu
 *
 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */


namespace Core {

    require_once 'Upload.class.php';

    use Exception;
    use PDO;
    use Upload as Upload;

    class Settings
    {

        public static mixed $DB;

        public static string $DB_MODE;
        public static string $DB_PATH;
        public static string $DB_USER;
        public static string $DB_PASS;

        public static bool $LOG_IP;
        public static bool $ANTI_DUPE;
        public static bool $BLACKLIST_DB;
        public static bool $FILTER_MODE;

        public static string $FILES_ROOT;
        public static int $FILES_RETRIES;

        public static bool $SSL;
        public static string $URL;

        public static int $NAME_LENGTH;
        public static string $ID_CHARSET;
        public static array $DOUBLE_DOTS;
        public static array $BLOCKED_EXTENSIONS;
        public static array $BLOCKED_MIME;


        /**
         * @throws Exception
         */
        public static function loadConfig()
        {
            if (!file_exists('/var/www/uguu/dist.json')) {
                throw new Exception('Cant read settings file.', 500);
            }
            try {
                $settings_array = json_decode(
                    file_get_contents('/var/www/uguu/dist.json'),
                    true
                );
                self::$DB_MODE = $settings_array['DB_MODE'];
                self::$DB_PATH = $settings_array['DB_PATH'];
                self::$DB_USER = $settings_array['DB_USER'];
                self::$DB_PASS = $settings_array['DB_PASS'];
                self::$LOG_IP = $settings_array['LOG_IP'];
                self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
                self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
                self::$FILTER_MODE = $settings_array['FILTER_MODE'];
                self::$FILES_ROOT = $settings_array['FILES_ROOT'];
                self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
                self::$SSL = $settings_array['SSL'];
                self::$URL = $settings_array['URL'];
                self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
                self::$ID_CHARSET = $settings_array['ID_CHARSET'];
                self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
                self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
            } catch (Exception) {
                throw new Exception('Cant populate settings.', 500);
            }
            (new Database())->assemblePDO();
        }
    }

    class cuteGrills
    {
        public static array $GRILLS;

        public static function showGrills()
        {
            self::loadGrills();
            if (!headers_sent()) {
                header(
                    'Location: /img/grills/' .
                    self::$GRILLS[array_rand(self::$GRILLS)],
                    true,
                    303
                );
            }
        }

        public static function loadGrills()
        {
            self::$GRILLS = array_slice(scandir('img/grills/'), 2);
        }
    }

    class Response
    {
        private mixed $type;

        public function __construct($response_type = null)
        {
            switch ($response_type) {
                case 'csv':
                    header('Content-Type: text/csv; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'html':
                    header('Content-Type: text/html; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'json':
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'gyazo':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = 'text';
                    break;
                case 'text':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                default:
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = 'json';
                    $this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
                    break;
            }
        }

        public function error($code, $desc)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvError($desc);
                    break;
                case 'html':
                    $response = $this->htmlError($code, $desc);
                    break;
                case 'json':
                    $response = $this->jsonError($code, $desc);
                    break;
                case 'text':
                    $response = $this->textError($code, $desc);
                    break;
            }
            http_response_code($code);
            echo $response;
        }

        private static function csvError($description): string
        {
            return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
        }

        private static function htmlError($code, $description): string
        {
            return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
        }

        private static function jsonError($code, $description): bool|string
        {
            return json_encode([
                'success' => false,
                'errorcode' => $code,
                'description' => $description,
            ], JSON_PRETTY_PRINT);
        }


        private static function textError($code, $description): string
        {
            return 'ERROR: (' . $code . ') ' . $description;
        }

        public function send($files)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvSuccess($files);
                    break;
                case 'html':
                    $response = $this->htmlSuccess($files);
                    break;
                case 'json':
                    $response = $this->jsonSuccess($files);
                    break;
                case 'text':
                    $response = $this->textSuccess($files);
                    break;
            }

            http_response_code(200); // "200 OK". Success.
            echo $response;
        }

        private static function csvSuccess($files): string
        {
            $result = '"name","url","hash","size"' . "\r\n";
            foreach ($files as $file) {
                $result .= '"' . $file['name'] . '"' . ',' .
                    '"' . $file['url'] . '"' . ',' .
                    '"' . $file['hash'] . '"' . ',' .
                    '"' . $file['size'] . '"' . "\r\n";
            }

            return $result;
        }

        private static function htmlSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
            }

            return $result;
        }

        private static function jsonSuccess($files): bool|string
        {
            return json_encode([
                'success' => true,
                'files' => $files,
            ], JSON_PRETTY_PRINT);
        }

        private static function textSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= $file['url'] . "\n";
            }

            return $result;
        }
    }

    class Database
    {
        /**
         * @throws Exception
         */
        public static function assemblePDO()
        {
            try {
                Settings::$DB = new PDO(
                    Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
                    Settings::$DB_PASS
                );
            } catch (Exception) {
                throw new Exception('Cant connect to DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function dbCheckNameExists()
        {
            try {
                $q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
                $q->bindValue(':name', Upload::$NEW_NAME_FULL);
                $q->execute();
                return $q->fetchColumn();
            } catch (Exception) {
                throw new Exception('Cant check if name exists in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function checkFileBlacklist()
        {
            try {
                $q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    throw new Exception('File blacklisted!', 415);
                }
            } catch (Exception) {
                throw new Exception('Cant check blacklist DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function antiDupe()
        {
            try {
                $q = Settings::$DB->prepare(
                    'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    Upload::$NEW_NAME_FULL = $result['filename'];
                }
            } catch (Exception) {
                throw new Exception('Cant check for dupes in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function newIntoDB()
        {
            try {
                $q = Settings::$DB->prepare(
                    'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
                    'VALUES (:hash, :orig, :name, :size, :date, :ip)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
                $q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->bindValue(':date', time(), PDO::PARAM_STR);
                $q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
                $q->execute();
            } catch (Exception) {
                throw new Exception('Cant insert into DB.', 500);
            }
        }
    }
}
Commit	Line	Data
044a28cd	1	<?php
82202428	2
044a28cd GJ	3	/*
	4	* Uguu
	5	*
5156099c	6	* @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
044a28cd GJ	7	*
	8	* This program is free software: you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, either version 3 of the License, or
	11	* (at your option) any later version.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program. If not, see <https://www.gnu.org/licenses/>.
	20	*/
	21
82202428	22
044a28cd GJ	23	namespace Core {
044a28cd GJ	24
82202428 GJ	25	require_once 'Upload.class.php';
82202428 GJ	26
4c21cfa0	27	use Exception;
044a28cd GJ	28	use PDO;
	29	use Upload as Upload;
	30
	31	class Settings
	32	{
	33
	34	public static mixed $DB;
	35
	36	public static string $DB_MODE;
	37	public static string $DB_PATH;
	38	public static string $DB_USER;
	39	public static string $DB_PASS;
	40
	41	public static bool $LOG_IP;
	42	public static bool $ANTI_DUPE;
	43	public static bool $BLACKLIST_DB;
	44	public static bool $FILTER_MODE;
	45
	46	public static string $FILES_ROOT;
	47	public static int $FILES_RETRIES;
	48
	49	public static bool $SSL;
	50	public static string $URL;
	51
	52	public static int $NAME_LENGTH;
	53	public static string $ID_CHARSET;
	54	public static array $DOUBLE_DOTS;
	55	public static array $BLOCKED_EXTENSIONS;
	56	public static array $BLOCKED_MIME;
	57
	58
4c21cfa0 GJ	59	/**
	60	* @throws Exception
	61	*/
82202428 GJ	62	public static function loadConfig()
82202428 GJ	63	{
edfde395	64	if (!file_exists('/var/www/uguu/dist.json')) {
4c21cfa0	65	throw new Exception('Cant read settings file.', 500);
82202428 GJ	66	}
	67	try {
	68	$settings_array = json_decode(
edfde395	69	file_get_contents('/var/www/uguu/dist.json'),
82202428 GJ	70	true
	71	);
	72	self::$DB_MODE = $settings_array['DB_MODE'];
	73	self::$DB_PATH = $settings_array['DB_PATH'];
	74	self::$DB_USER = $settings_array['DB_USER'];
	75	self::$DB_PASS = $settings_array['DB_PASS'];
	76	self::$LOG_IP = $settings_array['LOG_IP'];
	77	self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
	78	self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
	79	self::$FILTER_MODE = $settings_array['FILTER_MODE'];
	80	self::$FILES_ROOT = $settings_array['FILES_ROOT'];
	81	self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
	82	self::$SSL = $settings_array['SSL'];
	83	self::$URL = $settings_array['URL'];
	84	self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
	85	self::$ID_CHARSET = $settings_array['ID_CHARSET'];
	86	self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
	87	self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
4c21cfa0 GJ	88	} catch (Exception) {
4c21cfa0 GJ	89	throw new Exception('Cant populate settings.', 500);
82202428 GJ	90	}
82202428 GJ	91	(new Database())->assemblePDO();
044a28cd GJ	92	}
	93	}
	94
	95	class cuteGrills
	96	{
	97	public static array $GRILLS;
	98
044a28cd GJ	99	public static function showGrills()
044a28cd GJ	100	{
82202428	101	self::loadGrills();
044a28cd	102	if (!headers_sent()) {
82202428 GJ	103	header(
	104	'Location: /img/grills/' .
	105	self::$GRILLS[array_rand(self::$GRILLS)],
	106	true,
	107	303
	108	);
044a28cd GJ	109	}
044a28cd GJ	110	}
82202428 GJ	111
	112	public static function loadGrills()
	113	{
	114	self::$GRILLS = array_slice(scandir('img/grills/'), 2);
	115	}
044a28cd GJ	116	}
	117
	118	class Response
	119	{
4c21cfa0	120	private mixed $type;
82202428	121
82202428	122	public function __construct($response_type = null)
044a28cd	123	{
82202428 GJ	124	switch ($response_type) {
	125	case 'csv':
	126	header('Content-Type: text/csv; charset=UTF-8');
	127	$this->type = $response_type;
	128	break;
	129	case 'html':
	130	header('Content-Type: text/html; charset=UTF-8');
	131	$this->type = $response_type;
	132	break;
	133	case 'json':
	134	header('Content-Type: application/json; charset=UTF-8');
	135	$this->type = $response_type;
	136	break;
	137	case 'gyazo':
	138	header('Content-Type: text/plain; charset=UTF-8');
	139	$this->type = 'text';
	140	break;
	141	case 'text':
	142	header('Content-Type: text/plain; charset=UTF-8');
	143	$this->type = $response_type;
	144	break;
	145	default:
	146	header('Content-Type: application/json; charset=UTF-8');
	147	$this->type = 'json';
	148	$this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
	149	break;
	150	}
	151	}
	152
82202428 GJ	153	public function error($code, $desc)
	154	{
	155	$response = null;
	156
	157	switch ($this->type) {
	158	case 'csv':
	159	$response = $this->csvError($desc);
	160	break;
	161	case 'html':
	162	$response = $this->htmlError($code, $desc);
	163	break;
	164	case 'json':
	165	$response = $this->jsonError($code, $desc);
	166	break;
	167	case 'text':
	168	$response = $this->textError($code, $desc);
	169	break;
	170	}
044a28cd	171	http_response_code($code);
82202428 GJ	172	echo $response;
	173	}
	174
4c21cfa0	175	private static function csvError($description): string
82202428 GJ	176	{
	177	return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
	178	}
	179
4c21cfa0	180	private static function htmlError($code, $description): string
82202428 GJ	181	{
	182	return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
	183	}
	184
4c21cfa0	185	private static function jsonError($code, $description): bool\|string
82202428 GJ	186	{
82202428 GJ	187	return json_encode([
044a28cd	188	'success' => false,
82202428 GJ	189	'errorcode' => $code,
	190	'description' => $description,
	191	], JSON_PRETTY_PRINT);
044a28cd GJ	192	}
044a28cd GJ	193
4c21cfa0 GJ	194
4c21cfa0 GJ	195	private static function textError($code, $description): string
044a28cd	196	{
82202428	197	return 'ERROR: (' . $code . ') ' . $description;
044a28cd GJ	198	}
044a28cd GJ	199
82202428	200	public function send($files)
044a28cd	201	{
82202428 GJ	202	$response = null;
	203
	204	switch ($this->type) {
	205	case 'csv':
	206	$response = $this->csvSuccess($files);
	207	break;
	208	case 'html':
	209	$response = $this->htmlSuccess($files);
	210	break;
	211	case 'json':
	212	$response = $this->jsonSuccess($files);
	213	break;
	214	case 'text':
	215	$response = $this->textSuccess($files);
	216	break;
	217	}
	218
	219	http_response_code(200); // "200 OK". Success.
	220	echo $response;
	221	}
	222
4c21cfa0	223	private static function csvSuccess($files): string
82202428 GJ	224	{
	225	$result = '"name","url","hash","size"' . "\r\n";
	226	foreach ($files as $file) {
	227	$result .= '"' . $file['name'] . '"' . ',' .
	228	'"' . $file['url'] . '"' . ',' .
	229	'"' . $file['hash'] . '"' . ',' .
	230	'"' . $file['size'] . '"' . "\r\n";
	231	}
	232
	233	return $result;
	234	}
	235
4c21cfa0	236	private static function htmlSuccess($files): string
82202428 GJ	237	{
	238	$result = '';
	239
	240	foreach ($files as $file) {
	241	$result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
	242	}
	243
	244	return $result;
	245	}
	246
4c21cfa0	247	private static function jsonSuccess($files): bool\|string
82202428 GJ	248	{
82202428 GJ	249	return json_encode([
044a28cd	250	'success' => true,
82202428 GJ	251	'files' => $files,
	252	], JSON_PRETTY_PRINT);
	253	}
	254
4c21cfa0	255	private static function textSuccess($files): string
82202428 GJ	256	{
	257	$result = '';
	258
	259	foreach ($files as $file) {
	260	$result .= $file['url'] . "\n";
	261	}
	262
	263	return $result;
044a28cd GJ	264	}
	265	}
	266
044a28cd GJ	267	class Database
044a28cd GJ	268	{
4c21cfa0 GJ	269	/**
	270	* @throws Exception
	271	*/
82202428	272	public static function assemblePDO()
044a28cd	273	{
82202428 GJ	274	try {
	275	Settings::$DB = new PDO(
	276	Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
	277	Settings::$DB_PASS
	278	);
4c21cfa0 GJ	279	} catch (Exception) {
4c21cfa0 GJ	280	throw new Exception('Cant connect to DB.', 500);
82202428	281	}
044a28cd GJ	282	}
044a28cd GJ	283
4c21cfa0 GJ	284	/**
	285	* @throws Exception
	286	*/
044a28cd GJ	287	public function dbCheckNameExists()
044a28cd GJ	288	{
82202428 GJ	289	try {
	290	$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
	291	$q->bindValue(':name', Upload::$NEW_NAME_FULL);
	292	$q->execute();
	293	return $q->fetchColumn();
4c21cfa0 GJ	294	} catch (Exception) {
4c21cfa0 GJ	295	throw new Exception('Cant check if name exists in DB.', 500);
82202428	296	}
044a28cd GJ	297	}
044a28cd GJ	298
4c21cfa0 GJ	299	/**
	300	* @throws Exception
	301	*/
044a28cd GJ	302	public function checkFileBlacklist()
044a28cd GJ	303	{
82202428 GJ	304	try {
	305	$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
	306	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	307	$q->execute();
	308	$result = $q->fetch();
	309	if ($result['count'] > 0) {
4c21cfa0	310	throw new Exception('File blacklisted!', 415);
82202428	311	}
4c21cfa0 GJ	312	} catch (Exception) {
4c21cfa0 GJ	313	throw new Exception('Cant check blacklist DB.', 500);
044a28cd GJ	314	}
	315	}
	316
4c21cfa0 GJ	317	/**
	318	* @throws Exception
	319	*/
82202428 GJ	320	public function antiDupe()
	321	{
	322	try {
	323	$q = Settings::$DB->prepare(
	324	'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
044a28cd	325	);
82202428 GJ	326	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	327	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	328	$q->execute();
	329	$result = $q->fetch();
	330	if ($result['count'] > 0) {
	331	Upload::$NEW_NAME_FULL = $result['filename'];
	332	}
4c21cfa0 GJ	333	} catch (Exception) {
4c21cfa0 GJ	334	throw new Exception('Cant check for dupes in DB.', 500);
044a28cd	335	}
044a28cd GJ	336	}
044a28cd GJ	337
4c21cfa0 GJ	338	/**
	339	* @throws Exception
	340	*/
044a28cd GJ	341	public function newIntoDB()
044a28cd GJ	342	{
82202428 GJ	343	try {
	344	$q = Settings::$DB->prepare(
	345	'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
	346	'VALUES (:hash, :orig, :name, :size, :date, :ip)'
	347	);
	348	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	349	$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
	350	$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
	351	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	352	$q->bindValue(':date', time(), PDO::PARAM_STR);
	353	$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
	354	$q->execute();
4c21cfa0 GJ	355	} catch (Exception) {
4c21cfa0 GJ	356	throw new Exception('Cant insert into DB.', 500);
82202428	357	}
044a28cd GJ	358	}
	359	}
	360	}
	361
	362
	363