]>
jfr.im git - uguu.git/blob - src/Classes/Database.php
5 * @copyright Copyright (c) 2022-2023 Go Johansson (nokonoko) <neku@pomf.se>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
21 namespace Pomf\Uguu\Classes
;
27 public function dbCheckNameExists ( string $name ): bool
29 $query = match ( $this- > dbType
) {
30 'pgsql' => 'SELECT EXISTS(SELECT id FROM files WHERE filename = (:name)), filename FROM files WHERE filename = (:name) LIMIT 1' ,
31 default => 'SELECT filename FROM files WHERE filename = (:name) AND EXISTS (SELECT id FROM files WHERE filename = (:name)) LIMIT 1'
33 $q = $this- > DB
-> prepare ( $query );
34 $q- > bindValue ( ':name' , $name );
36 $result = $q- > fetch ();
38 if ( isset ( $result [ 'exists' ]) and $result [ 'exists' ]) {
46 public function checkFileBlacklist ( string $hash ): void
48 $query = match ( $this- > dbType
) {
49 'pgsql' => 'SELECT EXISTS(SELECT id FROM blacklist WHERE hash = (:hash)), hash FROM blacklist WHERE hash = (:hash) LIMIT 1' ,
50 default => 'SELECT id FROM blacklist WHERE EXISTS(SELECT id FROM blacklist WHERE hash = (:hash)) LIMIT 1'
52 $q = $this- > DB
-> prepare ( $query );
53 $q- > bindValue ( ':hash' , $hash );
55 $result = $q- > fetch ();
57 if ( isset ( $result [ 'exists' ]) and $result [ 'exists' ]) {
58 $this- > response
-> error ( 415 , 'File blacklisted.' );
60 $this- > response
-> error ( 415 , 'File blacklisted.' );
64 public function antiDupe ( string $hash ): array
66 $query = match ( $this- > dbType
) {
67 'pgsql' => 'SELECT EXISTS(SELECT id FROM files WHERE hash = (:hash)), filename FROM files WHERE hash = (:hash) LIMIT 1' ,
68 default => 'SELECT filename FROM files WHERE hash = (:hash) AND EXISTS (SELECT id FROM files WHERE hash = (:hash)) LIMIT 1'
70 $q = $this- > DB
-> prepare ( $query );
71 $q- > bindValue ( ':hash' , $hash );
73 $result = $q- > fetch ();
82 'name' => $result [ 'filename' ],
87 public function newIntoDB ( array $FILE_INFO , array $fingerPrintInfo ): void
89 $q = $this- > DB
-> prepare (
90 'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
91 'VALUES (:hash, :orig, :name, :size, :date, :ip)' ,
93 $q- > bindValue ( ':hash' , $FILE_INFO [ 'SHA1' ]);
94 $q- > bindValue ( ':orig' , $FILE_INFO [ 'NAME' ]);
95 $q- > bindValue ( ':name' , $FILE_INFO [ 'FILENAME' ]);
96 $q- > bindValue ( ':size' , $FILE_INFO [ 'SIZE' ], PDO
:: PARAM_INT
);
97 $q- > bindValue ( ':date' , $fingerPrintInfo [ 'timestamp' ]);
98 $q- > bindValue ( ':ip' , $fingerPrintInfo [ 'ip' ]);
103 public function createRateLimit ( array $fingerPrintInfo ): void
105 $q = $this- > DB
-> prepare (
106 'INSERT INTO ratelimit (iphash, files, time)' .
107 'VALUES (:iphash, :files, :time)' ,
109 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
110 $q- > bindValue ( ':files' , $fingerPrintInfo [ 'files_amount' ]);
111 $q- > bindValue ( ':time' , $fingerPrintInfo [ 'timestamp' ]);
116 public function updateRateLimit ( int $fCount , bool $iStamp , array $fingerPrintInfo ): void
119 $q = $this- > DB
-> prepare (
120 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)' ,
122 $q- > bindValue ( ':time' , $fingerPrintInfo [ 'timestamp' ]);
124 $q = $this- > DB
-> prepare (
125 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)' ,
128 $q- > bindValue ( ':files' , $fCount );
129 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
134 public function compareTime ( int $timestamp , int $seconds_d ): bool
136 $diff = time () - $timestamp ;
137 if ( $diff > $seconds_d ) {
143 public function checkRateLimit ( array $fingerPrintInfo , int $rateTimeout , int $fileLimit ): bool
145 $query = match ( $this- > dbType
) {
146 'pgsql' => 'SELECT EXISTS(SELECT id FROM ratelimit WHERE iphash = (:iphash)), id, iphash, files, time FROM ratelimit WHERE iphash = (:iphash) LIMIT 1' ,
147 default => 'SELECT * FROM ratelimit WHERE iphash = (:iphash) AND EXISTS (SELECT id FROM ratelimit WHERE iphash = (:iphash)) LIMIT 1'
149 $q = $this- > DB
-> prepare ( $query );
150 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
152 $result = $q- > fetch ();
154 //If there is no other match a record does not exist, create one.
156 $this- > createRateLimit ( $fingerPrintInfo );
159 // Apply rate-limit when file count reached and timeout not reached.
160 if ( $result [ 'files' ] === $fileLimit and ! $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
163 // Update timestamp if timeout reached, reset file count and add the incoming file count.
164 if ( $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
165 $this- > updateRateLimit ( $fingerPrintInfo [ 'files_amount' ], true , $fingerPrintInfo );
168 // Add filecount, timeout not reached.
169 if ( $result [ 'files' ] < $fileLimit and ! $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
170 $this- > updateRateLimit ( $result [ 'files' ] +
$fingerPrintInfo [ 'files_amount' ], false , $fingerPrintInfo );