[uguu.git] / static / php / includes / Core.namespace.php

<?php

/*
 * Uguu
 *
 * @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */


namespace Core {

    require_once 'Upload.class.php';

    use Exception;
    use PDO;
    use Upload as Upload;

    class Settings
    {

        public static mixed $DB;

        public static string $DB_MODE;
        public static string $DB_PATH;
        public static string $DB_USER;
        public static string $DB_PASS;

        public static bool $LOG_IP;
        public static bool $ANTI_DUPE;
        public static bool $BLACKLIST_DB;
        public static bool $FILTER_MODE;

        public static string $FILES_ROOT;
        public static int $FILES_RETRIES;

        public static bool $SSL;
        public static string $URL;

        public static int $NAME_LENGTH;
        public static string $ID_CHARSET;
        public static array $DOUBLE_DOTS;
        public static array $BLOCKED_EXTENSIONS;
        public static array $BLOCKED_MIME;


        /**
         * @throws Exception
         */
        public static function loadConfig()
        {
            if (!file_exists('/var/www/uguu/dist.json')) {
                throw new Exception('Cant read settings file.', 500);
            }
            try {
                $settings_array = json_decode(
                    file_get_contents('/var/www/uguu/dist.json'),
                    true
                );
                self::$DB_MODE = $settings_array['DB_MODE'];
                self::$DB_PATH = $settings_array['DB_PATH'];
                self::$DB_USER = $settings_array['DB_USER'];
                self::$DB_PASS = $settings_array['DB_PASS'];
                self::$LOG_IP = $settings_array['LOG_IP'];
                self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
                self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
                self::$FILTER_MODE = $settings_array['FILTER_MODE'];
                self::$FILES_ROOT = $settings_array['FILES_ROOT'];
                self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
                self::$SSL = $settings_array['SSL'];
                self::$URL = $settings_array['URL'];
                self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
                self::$ID_CHARSET = $settings_array['ID_CHARSET'];
                self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
                self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
                self::$DOUBLE_DOTS = $settings_array['DOUBLE_DOTS'];
            } catch (Exception) {
                throw new Exception('Cant populate settings.', 500);
            }
            (new Database())->assemblePDO();
        }
    }

    class cuteGrills
    {
        public static array $GRILLS;

        public static function showGrills()
        {
            self::loadGrills();
            if (!headers_sent()) {
                header(
                    'Location: /img/grills/' .
                    self::$GRILLS[array_rand(self::$GRILLS)],
                    true,
                    303
                );
            }
        }

        public static function loadGrills()
        {
            self::$GRILLS = array_slice(scandir('img/grills/'), 2);
        }
    }

    class Response
    {
        private mixed $type;

        public function __construct($response_type = null)
        {
            switch ($response_type) {
                case 'csv':
                    header('Content-Type: text/csv; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'html':
                    header('Content-Type: text/html; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'json':
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                case 'gyazo':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = 'text';
                    break;
                case 'text':
                    header('Content-Type: text/plain; charset=UTF-8');
                    $this->type = $response_type;
                    break;
                default:
                    header('Content-Type: application/json; charset=UTF-8');
                    $this->type = 'json';
                    $this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
                    break;
            }
        }

        public function error($code, $desc)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvError($desc);
                    break;
                case 'html':
                    $response = $this->htmlError($code, $desc);
                    break;
                case 'json':
                    $response = $this->jsonError($code, $desc);
                    break;
                case 'text':
                    $response = $this->textError($code, $desc);
                    break;
            }
            http_response_code($code);
            echo $response;
        }

        private static function csvError($description): string
        {
            return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
        }

        private static function htmlError($code, $description): string
        {
            return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
        }

        private static function jsonError($code, $description): bool|string
        {
            return json_encode([
                'success' => false,
                'errorcode' => $code,
                'description' => $description,
            ], JSON_PRETTY_PRINT);
        }


        private static function textError($code, $description): string
        {
            return 'ERROR: (' . $code . ') ' . $description;
        }

        public function send($files)
        {
            $response = null;

            switch ($this->type) {
                case 'csv':
                    $response = $this->csvSuccess($files);
                    break;
                case 'html':
                    $response = $this->htmlSuccess($files);
                    break;
                case 'json':
                    $response = $this->jsonSuccess($files);
                    break;
                case 'text':
                    $response = $this->textSuccess($files);
                    break;
            }

            http_response_code(200); // "200 OK". Success.
            echo $response;
        }

        private static function csvSuccess($files): string
        {
            $result = '"name","url","hash","size"' . "\r\n";
            foreach ($files as $file) {
                $result .= '"' . $file['name'] . '"' . ',' .
                    '"' . $file['url'] . '"' . ',' .
                    '"' . $file['hash'] . '"' . ',' .
                    '"' . $file['size'] . '"' . "\r\n";
            }

            return $result;
        }

        private static function htmlSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
            }

            return $result;
        }

        private static function jsonSuccess($files): bool|string
        {
            return json_encode([
                'success' => true,
                'files' => $files,
            ], JSON_PRETTY_PRINT);
        }

        private static function textSuccess($files): string
        {
            $result = '';

            foreach ($files as $file) {
                $result .= $file['url'] . "\n";
            }

            return $result;
        }
    }

    class Database
    {
        /**
         * @throws Exception
         */
        public static function assemblePDO()
        {
            try {
                Settings::$DB = new PDO(
                    Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
                    Settings::$DB_PASS
                );
            } catch (Exception) {
                throw new Exception('Cant connect to DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function dbCheckNameExists()
        {
            try {
                $q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
                $q->bindValue(':name', Upload::$NEW_NAME_FULL);
                $q->execute();
                return $q->fetchColumn();
            } catch (Exception) {
                throw new Exception('Cant check if name exists in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function checkFileBlacklist()
        {
            try {
                $q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    throw new Exception('File blacklisted!', 415);
                }
            } catch (Exception) {
                throw new Exception('Cant check blacklist DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function antiDupe()
        {
            try {
                $q = Settings::$DB->prepare(
                    'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->execute();
                $result = $q->fetch();
                if ($result['count'] > 0) {
                    Upload::$NEW_NAME_FULL = $result['filename'];
                }
            } catch (Exception) {
                throw new Exception('Cant check for dupes in DB.', 500);
            }
        }

        /**
         * @throws Exception
         */
        public function newIntoDB()
        {
            try {
                $q = Settings::$DB->prepare(
                    'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
                    'VALUES (:hash, :orig, :name, :size, :date, :ip)'
                );
                $q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
                $q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
                $q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
                $q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
                $q->bindValue(':date', time(), PDO::PARAM_STR);
                $q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
                $q->execute();
            } catch (Exception) {
                throw new Exception('Cant insert into DB.', 500);
            }
        }
    }
}
Commit	Line	Data
044a28cd	1	<?php
82202428	2
044a28cd GJ	3	/*
	4	* Uguu
	5	*
5156099c	6	* @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
044a28cd GJ	7	*
	8	* This program is free software: you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, either version 3 of the License, or
	11	* (at your option) any later version.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program. If not, see <https://www.gnu.org/licenses/>.
	20	*/
	21
82202428	22
044a28cd GJ	23	namespace Core {
044a28cd GJ	24
82202428 GJ	25	require_once 'Upload.class.php';
82202428 GJ	26
4c21cfa0	27	use Exception;
044a28cd GJ	28	use PDO;
	29	use Upload as Upload;
	30
	31	class Settings
	32	{
	33
	34	public static mixed $DB;
	35
	36	public static string $DB_MODE;
	37	public static string $DB_PATH;
	38	public static string $DB_USER;
	39	public static string $DB_PASS;
	40
	41	public static bool $LOG_IP;
	42	public static bool $ANTI_DUPE;
	43	public static bool $BLACKLIST_DB;
	44	public static bool $FILTER_MODE;
	45
	46	public static string $FILES_ROOT;
	47	public static int $FILES_RETRIES;
	48
	49	public static bool $SSL;
	50	public static string $URL;
	51
	52	public static int $NAME_LENGTH;
	53	public static string $ID_CHARSET;
	54	public static array $DOUBLE_DOTS;
	55	public static array $BLOCKED_EXTENSIONS;
	56	public static array $BLOCKED_MIME;
	57
	58
4c21cfa0 GJ	59	/**
	60	* @throws Exception
	61	*/
82202428 GJ	62	public static function loadConfig()
82202428 GJ	63	{
edfde395	64	if (!file_exists('/var/www/uguu/dist.json')) {
4c21cfa0	65	throw new Exception('Cant read settings file.', 500);
82202428 GJ	66	}
	67	try {
	68	$settings_array = json_decode(
edfde395	69	file_get_contents('/var/www/uguu/dist.json'),
82202428 GJ	70	true
	71	);
	72	self::$DB_MODE = $settings_array['DB_MODE'];
	73	self::$DB_PATH = $settings_array['DB_PATH'];
	74	self::$DB_USER = $settings_array['DB_USER'];
	75	self::$DB_PASS = $settings_array['DB_PASS'];
	76	self::$LOG_IP = $settings_array['LOG_IP'];
	77	self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
	78	self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
	79	self::$FILTER_MODE = $settings_array['FILTER_MODE'];
	80	self::$FILES_ROOT = $settings_array['FILES_ROOT'];
	81	self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
	82	self::$SSL = $settings_array['SSL'];
	83	self::$URL = $settings_array['URL'];
	84	self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
	85	self::$ID_CHARSET = $settings_array['ID_CHARSET'];
	86	self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
	87	self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
	88	self::$DOUBLE_DOTS = $settings_array['DOUBLE_DOTS'];
4c21cfa0 GJ	89	} catch (Exception) {
4c21cfa0 GJ	90	throw new Exception('Cant populate settings.', 500);
82202428 GJ	91	}
82202428 GJ	92	(new Database())->assemblePDO();
044a28cd GJ	93	}
	94	}
	95
	96	class cuteGrills
	97	{
	98	public static array $GRILLS;
	99
044a28cd GJ	100	public static function showGrills()
044a28cd GJ	101	{
82202428	102	self::loadGrills();
044a28cd	103	if (!headers_sent()) {
82202428 GJ	104	header(
	105	'Location: /img/grills/' .
	106	self::$GRILLS[array_rand(self::$GRILLS)],
	107	true,
	108	303
	109	);
044a28cd GJ	110	}
044a28cd GJ	111	}
82202428 GJ	112
	113	public static function loadGrills()
	114	{
	115	self::$GRILLS = array_slice(scandir('img/grills/'), 2);
	116	}
044a28cd GJ	117	}
	118
	119	class Response
	120	{
4c21cfa0	121	private mixed $type;
82202428	122
82202428	123	public function __construct($response_type = null)
044a28cd	124	{
82202428 GJ	125	switch ($response_type) {
	126	case 'csv':
	127	header('Content-Type: text/csv; charset=UTF-8');
	128	$this->type = $response_type;
	129	break;
	130	case 'html':
	131	header('Content-Type: text/html; charset=UTF-8');
	132	$this->type = $response_type;
	133	break;
	134	case 'json':
	135	header('Content-Type: application/json; charset=UTF-8');
	136	$this->type = $response_type;
	137	break;
	138	case 'gyazo':
	139	header('Content-Type: text/plain; charset=UTF-8');
	140	$this->type = 'text';
	141	break;
	142	case 'text':
	143	header('Content-Type: text/plain; charset=UTF-8');
	144	$this->type = $response_type;
	145	break;
	146	default:
	147	header('Content-Type: application/json; charset=UTF-8');
	148	$this->type = 'json';
	149	$this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
	150	break;
	151	}
	152	}
	153
82202428 GJ	154	public function error($code, $desc)
	155	{
	156	$response = null;
	157
	158	switch ($this->type) {
	159	case 'csv':
	160	$response = $this->csvError($desc);
	161	break;
	162	case 'html':
	163	$response = $this->htmlError($code, $desc);
	164	break;
	165	case 'json':
	166	$response = $this->jsonError($code, $desc);
	167	break;
	168	case 'text':
	169	$response = $this->textError($code, $desc);
	170	break;
	171	}
044a28cd	172	http_response_code($code);
82202428 GJ	173	echo $response;
	174	}
	175
4c21cfa0	176	private static function csvError($description): string
82202428 GJ	177	{
	178	return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
	179	}
	180
4c21cfa0	181	private static function htmlError($code, $description): string
82202428 GJ	182	{
	183	return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
	184	}
	185
4c21cfa0	186	private static function jsonError($code, $description): bool\|string
82202428 GJ	187	{
82202428 GJ	188	return json_encode([
044a28cd	189	'success' => false,
82202428 GJ	190	'errorcode' => $code,
	191	'description' => $description,
	192	], JSON_PRETTY_PRINT);
044a28cd GJ	193	}
044a28cd GJ	194
4c21cfa0 GJ	195
4c21cfa0 GJ	196	private static function textError($code, $description): string
044a28cd	197	{
82202428	198	return 'ERROR: (' . $code . ') ' . $description;
044a28cd GJ	199	}
044a28cd GJ	200
82202428	201	public function send($files)
044a28cd	202	{
82202428 GJ	203	$response = null;
	204
	205	switch ($this->type) {
	206	case 'csv':
	207	$response = $this->csvSuccess($files);
	208	break;
	209	case 'html':
	210	$response = $this->htmlSuccess($files);
	211	break;
	212	case 'json':
	213	$response = $this->jsonSuccess($files);
	214	break;
	215	case 'text':
	216	$response = $this->textSuccess($files);
	217	break;
	218	}
	219
	220	http_response_code(200); // "200 OK". Success.
	221	echo $response;
	222	}
	223
4c21cfa0	224	private static function csvSuccess($files): string
82202428 GJ	225	{
	226	$result = '"name","url","hash","size"' . "\r\n";
	227	foreach ($files as $file) {
	228	$result .= '"' . $file['name'] . '"' . ',' .
	229	'"' . $file['url'] . '"' . ',' .
	230	'"' . $file['hash'] . '"' . ',' .
	231	'"' . $file['size'] . '"' . "\r\n";
	232	}
	233
	234	return $result;
	235	}
	236
4c21cfa0	237	private static function htmlSuccess($files): string
82202428 GJ	238	{
	239	$result = '';
	240
	241	foreach ($files as $file) {
	242	$result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
	243	}
	244
	245	return $result;
	246	}
	247
4c21cfa0	248	private static function jsonSuccess($files): bool\|string
82202428 GJ	249	{
82202428 GJ	250	return json_encode([
044a28cd	251	'success' => true,
82202428 GJ	252	'files' => $files,
	253	], JSON_PRETTY_PRINT);
	254	}
	255
4c21cfa0	256	private static function textSuccess($files): string
82202428 GJ	257	{
	258	$result = '';
	259
	260	foreach ($files as $file) {
	261	$result .= $file['url'] . "\n";
	262	}
	263
	264	return $result;
044a28cd GJ	265	}
	266	}
	267
044a28cd GJ	268	class Database
044a28cd GJ	269	{
4c21cfa0 GJ	270	/**
	271	* @throws Exception
	272	*/
82202428	273	public static function assemblePDO()
044a28cd	274	{
82202428 GJ	275	try {
	276	Settings::$DB = new PDO(
	277	Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
	278	Settings::$DB_PASS
	279	);
4c21cfa0 GJ	280	} catch (Exception) {
4c21cfa0 GJ	281	throw new Exception('Cant connect to DB.', 500);
82202428	282	}
044a28cd GJ	283	}
044a28cd GJ	284
4c21cfa0 GJ	285	/**
	286	* @throws Exception
	287	*/
044a28cd GJ	288	public function dbCheckNameExists()
044a28cd GJ	289	{
82202428 GJ	290	try {
	291	$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
	292	$q->bindValue(':name', Upload::$NEW_NAME_FULL);
	293	$q->execute();
	294	return $q->fetchColumn();
4c21cfa0 GJ	295	} catch (Exception) {
4c21cfa0 GJ	296	throw new Exception('Cant check if name exists in DB.', 500);
82202428	297	}
044a28cd GJ	298	}
044a28cd GJ	299
4c21cfa0 GJ	300	/**
	301	* @throws Exception
	302	*/
044a28cd GJ	303	public function checkFileBlacklist()
044a28cd GJ	304	{
82202428 GJ	305	try {
	306	$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
	307	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	308	$q->execute();
	309	$result = $q->fetch();
	310	if ($result['count'] > 0) {
4c21cfa0	311	throw new Exception('File blacklisted!', 415);
82202428	312	}
4c21cfa0 GJ	313	} catch (Exception) {
4c21cfa0 GJ	314	throw new Exception('Cant check blacklist DB.', 500);
044a28cd GJ	315	}
	316	}
	317
4c21cfa0 GJ	318	/**
	319	* @throws Exception
	320	*/
82202428 GJ	321	public function antiDupe()
	322	{
	323	try {
	324	$q = Settings::$DB->prepare(
	325	'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
044a28cd	326	);
82202428 GJ	327	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	328	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	329	$q->execute();
	330	$result = $q->fetch();
	331	if ($result['count'] > 0) {
	332	Upload::$NEW_NAME_FULL = $result['filename'];
	333	}
4c21cfa0 GJ	334	} catch (Exception) {
4c21cfa0 GJ	335	throw new Exception('Cant check for dupes in DB.', 500);
044a28cd	336	}
044a28cd GJ	337	}
044a28cd GJ	338
4c21cfa0 GJ	339	/**
	340	* @throws Exception
	341	*/
044a28cd GJ	342	public function newIntoDB()
044a28cd GJ	343	{
82202428 GJ	344	try {
	345	$q = Settings::$DB->prepare(
	346	'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
	347	'VALUES (:hash, :orig, :name, :size, :date, :ip)'
	348	);
	349	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	350	$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
	351	$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
	352	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	353	$q->bindValue(':date', time(), PDO::PARAM_STR);
	354	$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
	355	$q->execute();
4c21cfa0 GJ	356	} catch (Exception) {
4c21cfa0 GJ	357	throw new Exception('Cant insert into DB.', 500);
82202428	358	}
044a28cd GJ	359	}
	360	}
	361	}
	362
	363
	364