jfr.im git - uguu.git/blame_incremental - static/php/includes/Core.namespace.php

... / ...

Commit	Line	Data
	1	<?php
	2
	3	/*
	4	* Uguu
	5	*
	6	* @copyright Copyright (c) 2022 Go Johansson (nokonoko) <neku@pomf.se>
	7	*
	8	* This program is free software: you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License as published by
	10	* the Free Software Foundation, either version 3 of the License, or
	11	* (at your option) any later version.
	12	*
	13	* This program is distributed in the hope that it will be useful,
	14	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	15	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	16	* GNU General Public License for more details.
	17	*
	18	* You should have received a copy of the GNU General Public License
	19	* along with this program. If not, see <https://www.gnu.org/licenses/>.
	20	*/
	21
	22
	23	namespace Core {
	24
	25	require_once 'Upload.class.php';
	26
	27	use Exception;
	28	use PDO;
	29	use Upload as Upload;
	30
	31	class Settings
	32	{
	33
	34	public static mixed $DB;
	35
	36	public static string $DB_MODE;
	37	public static string $DB_PATH;
	38	public static string $DB_USER;
	39	public static string $DB_PASS;
	40
	41	public static bool $LOG_IP;
	42	public static bool $ANTI_DUPE;
	43	public static bool $BLACKLIST_DB;
	44	public static bool $FILTER_MODE;
	45
	46	public static string $FILES_ROOT;
	47	public static int $FILES_RETRIES;
	48
	49	public static bool $SSL;
	50	public static string $URL;
	51
	52	public static int $NAME_LENGTH;
	53	public static string $ID_CHARSET;
	54	public static array $DOUBLE_DOTS;
	55	public static array $BLOCKED_EXTENSIONS;
	56	public static array $BLOCKED_MIME;
	57
	58
	59	/**
	60	* @throws Exception
	61	*/
	62	public static function loadConfig()
	63	{
	64	if (!file_exists('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json')) {
	65	throw new Exception('Cant read settings file.', 500);
	66	}
	67	try {
	68	$settings_array = json_decode(
	69	file_get_contents('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json'),
	70	true
	71	);
	72	self::$DB_MODE = $settings_array['DB_MODE'];
	73	self::$DB_PATH = $settings_array['DB_PATH'];
	74	self::$DB_USER = $settings_array['DB_USER'];
	75	self::$DB_PASS = $settings_array['DB_PASS'];
	76	self::$LOG_IP = $settings_array['LOG_IP'];
	77	self::$ANTI_DUPE = $settings_array['ANTI_DUPE'];
	78	self::$BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
	79	self::$FILTER_MODE = $settings_array['FILTER_MODE'];
	80	self::$FILES_ROOT = $settings_array['FILES_ROOT'];
	81	self::$FILES_RETRIES = $settings_array['FILES_RETRIES'];
	82	self::$SSL = $settings_array['SSL'];
	83	self::$URL = $settings_array['URL'];
	84	self::$NAME_LENGTH = $settings_array['NAME_LENGTH'];
	85	self::$ID_CHARSET = $settings_array['ID_CHARSET'];
	86	self::$BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
	87	self::$BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
	88	self::$DOUBLE_DOTS = $settings_array['DOUBLE_DOTS'];
	89	} catch (Exception) {
	90	throw new Exception('Cant populate settings.', 500);
	91	}
	92	(new Database())->assemblePDO();
	93	}
	94	}
	95
	96	class cuteGrills
	97	{
	98	public static array $GRILLS;
	99
	100	public static function showGrills()
	101	{
	102	self::loadGrills();
	103	if (!headers_sent()) {
	104	header(
	105	'Location: /img/grills/' .
	106	self::$GRILLS[array_rand(self::$GRILLS)],
	107	true,
	108	303
	109	);
	110	}
	111	}
	112
	113	public static function loadGrills()
	114	{
	115	self::$GRILLS = array_slice(scandir('img/grills/'), 2);
	116	}
	117	}
	118
	119	class Response
	120	{
	121	private mixed $type;
	122
	123	public function __construct($response_type = null)
	124	{
	125	switch ($response_type) {
	126	case 'csv':
	127	header('Content-Type: text/csv; charset=UTF-8');
	128	$this->type = $response_type;
	129	break;
	130	case 'html':
	131	header('Content-Type: text/html; charset=UTF-8');
	132	$this->type = $response_type;
	133	break;
	134	case 'json':
	135	header('Content-Type: application/json; charset=UTF-8');
	136	$this->type = $response_type;
	137	break;
	138	case 'gyazo':
	139	header('Content-Type: text/plain; charset=UTF-8');
	140	$this->type = 'text';
	141	break;
	142	case 'text':
	143	header('Content-Type: text/plain; charset=UTF-8');
	144	$this->type = $response_type;
	145	break;
	146	default:
	147	header('Content-Type: application/json; charset=UTF-8');
	148	$this->type = 'json';
	149	$this->error(400, 'Invalid response type. Valid options are: csv, html, json, text.');
	150	break;
	151	}
	152	}
	153
	154	public function error($code, $desc)
	155	{
	156	$response = null;
	157
	158	switch ($this->type) {
	159	case 'csv':
	160	$response = $this->csvError($desc);
	161	break;
	162	case 'html':
	163	$response = $this->htmlError($code, $desc);
	164	break;
	165	case 'json':
	166	$response = $this->jsonError($code, $desc);
	167	break;
	168	case 'text':
	169	$response = $this->textError($code, $desc);
	170	break;
	171	}
	172	http_response_code($code);
	173	echo $response;
	174	}
	175
	176	private static function csvError($description): string
	177	{
	178	return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
	179	}
	180
	181	private static function htmlError($code, $description): string
	182	{
	183	return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
	184	}
	185
	186	private static function jsonError($code, $description): bool\|string
	187	{
	188	return json_encode([
	189	'success' => false,
	190	'errorcode' => $code,
	191	'description' => $description,
	192	], JSON_PRETTY_PRINT);
	193	}
	194
	195
	196	private static function textError($code, $description): string
	197	{
	198	return 'ERROR: (' . $code . ') ' . $description;
	199	}
	200
	201	public function send($files)
	202	{
	203	$response = null;
	204
	205	switch ($this->type) {
	206	case 'csv':
	207	$response = $this->csvSuccess($files);
	208	break;
	209	case 'html':
	210	$response = $this->htmlSuccess($files);
	211	break;
	212	case 'json':
	213	$response = $this->jsonSuccess($files);
	214	break;
	215	case 'text':
	216	$response = $this->textSuccess($files);
	217	break;
	218	}
	219
	220	http_response_code(200); // "200 OK". Success.
	221	echo $response;
	222	}
	223
	224	private static function csvSuccess($files): string
	225	{
	226	$result = '"name","url","hash","size"' . "\r\n";
	227	foreach ($files as $file) {
	228	$result .= '"' . $file['name'] . '"' . ',' .
	229	'"' . $file['url'] . '"' . ',' .
	230	'"' . $file['hash'] . '"' . ',' .
	231	'"' . $file['size'] . '"' . "\r\n";
	232	}
	233
	234	return $result;
	235	}
	236
	237	private static function htmlSuccess($files): string
	238	{
	239	$result = '';
	240
	241	foreach ($files as $file) {
	242	$result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
	243	}
	244
	245	return $result;
	246	}
	247
	248	private static function jsonSuccess($files): bool\|string
	249	{
	250	return json_encode([
	251	'success' => true,
	252	'files' => $files,
	253	], JSON_PRETTY_PRINT);
	254	}
	255
	256	private static function textSuccess($files): string
	257	{
	258	$result = '';
	259
	260	foreach ($files as $file) {
	261	$result .= $file['url'] . "\n";
	262	}
	263
	264	return $result;
	265	}
	266	}
	267
	268	class Database
	269	{
	270	/**
	271	* @throws Exception
	272	*/
	273	public static function assemblePDO()
	274	{
	275	try {
	276	Settings::$DB = new PDO(
	277	Settings::$DB_MODE . ':' . Settings::$DB_PATH, Settings::$DB_USER,
	278	Settings::$DB_PASS
	279	);
	280	} catch (Exception) {
	281	throw new Exception('Cant connect to DB.', 500);
	282	}
	283	}
	284
	285	/**
	286	* @throws Exception
	287	*/
	288	public function dbCheckNameExists()
	289	{
	290	try {
	291	$q = Settings::$DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
	292	$q->bindValue(':name', Upload::$NEW_NAME_FULL);
	293	$q->execute();
	294	return $q->fetchColumn();
	295	} catch (Exception) {
	296	throw new Exception('Cant check if name exists in DB.', 500);
	297	}
	298	}
	299
	300	/**
	301	* @throws Exception
	302	*/
	303	public function checkFileBlacklist()
	304	{
	305	try {
	306	$q = Settings::$DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
	307	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	308	$q->execute();
	309	$result = $q->fetch();
	310	if ($result['count'] > 0) {
	311	throw new Exception('File blacklisted!', 415);
	312	}
	313	} catch (Exception) {
	314	throw new Exception('Cant check blacklist DB.', 500);
	315	}
	316	}
	317
	318	/**
	319	* @throws Exception
	320	*/
	321	public function antiDupe()
	322	{
	323	try {
	324	$q = Settings::$DB->prepare(
	325	'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash) AND size = (:size)'
	326	);
	327	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	328	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	329	$q->execute();
	330	$result = $q->fetch();
	331	if ($result['count'] > 0) {
	332	Upload::$NEW_NAME_FULL = $result['filename'];
	333	}
	334	} catch (Exception) {
	335	throw new Exception('Cant check for dupes in DB.', 500);
	336	}
	337	}
	338
	339	/**
	340	* @throws Exception
	341	*/
	342	public function newIntoDB()
	343	{
	344	try {
	345	$q = Settings::$DB->prepare(
	346	'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
	347	'VALUES (:hash, :orig, :name, :size, :date, :ip)'
	348	);
	349	$q->bindValue(':hash', Upload::$SHA1, PDO::PARAM_STR);
	350	$q->bindValue(':orig', strip_tags(Upload::$FILE_NAME), PDO::PARAM_STR);
	351	$q->bindValue(':name', Upload::$NEW_NAME_FULL, PDO::PARAM_STR);
	352	$q->bindValue(':size', Upload::$FILE_SIZE, PDO::PARAM_INT);
	353	$q->bindValue(':date', time(), PDO::PARAM_STR);
	354	$q->bindValue(':ip', Upload::$IP, PDO::PARAM_STR);
	355	$q->execute();
	356	} catch (Exception) {
	357	throw new Exception('Cant insert into DB.', 500);
	358	}
	359	}
	360	}
	361	}
	362
	363
	364