]>
jfr.im git - uguu.git/blob - src/Classes/Database.php
5 * @copyright Copyright (c) 2022-2024 Go Johansson (nokonoko) <neku@pomf.se>
7 * Note that this was previously distributed under the MIT license 2015-2022.
9 * If you are a company that wants to use Uguu I urge you to contact me to
10 * solve any potential license issues rather then using pre-2022 code.
12 * A special thanks goes out to the open source community around the world
13 * for supporting and being the backbone of projects like Uguu.
15 * This project can be found at <https://github.com/nokonoko/Uguu>.
17 * This program is free software: you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation, either version 3 of the License, or
20 * (at your option) any later version.
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
27 * You should have received a copy of the GNU General Public License
28 * along with this program. If not, see <https://www.gnu.org/licenses/>.
31 namespace Pomf\Uguu\Classes
;
37 public function dbCheckNameExists ( string $name ): bool
39 $query = match ( $this- > dbType
) {
40 'pgsql' => 'SELECT EXISTS(SELECT id FROM files WHERE filename = (:name)), filename FROM files WHERE filename = (:name) LIMIT 1' ,
41 default => 'SELECT filename FROM files WHERE filename = (:name) AND EXISTS (SELECT id FROM files WHERE filename = (:name)) LIMIT 1'
43 $q = $this- > DB
-> prepare ( $query );
44 $q- > bindValue ( ':name' , $name );
46 $result = $q- > fetch ();
48 if ( isset ( $result [ 'exists' ]) and $result [ 'exists' ]) {
56 public function checkFileBlacklist ( string $hash ): void
58 $query = match ( $this- > dbType
) {
59 'pgsql' => 'SELECT EXISTS(SELECT id FROM blacklist WHERE hash = (:hash)), hash FROM blacklist WHERE hash = (:hash) LIMIT 1' ,
60 default => 'SELECT id FROM blacklist WHERE EXISTS(SELECT id FROM blacklist WHERE hash = (:hash)) LIMIT 1'
62 $q = $this- > DB
-> prepare ( $query );
63 $q- > bindValue ( ':hash' , $hash );
65 $result = $q- > fetch ();
67 if ( isset ( $result [ 'exists' ]) and $result [ 'exists' ]) {
68 $this- > response
-> error ( 415 , 'File blacklisted.' );
70 $this- > response
-> error ( 415 , 'File blacklisted.' );
74 public function antiDupe ( string $hash ): array
76 $query = match ( $this- > dbType
) {
77 'pgsql' => 'SELECT EXISTS(SELECT id FROM files WHERE hash = (:hash)), filename FROM files WHERE hash = (:hash) LIMIT 1' ,
78 default => 'SELECT filename FROM files WHERE hash = (:hash) AND EXISTS (SELECT id FROM files WHERE hash = (:hash)) LIMIT 1'
80 $q = $this- > DB
-> prepare ( $query );
81 $q- > bindValue ( ':hash' , $hash );
83 $result = $q- > fetch ();
92 'name' => $result [ 'filename' ],
97 public function newIntoDB ( array $FILE_INFO , array $fingerPrintInfo ): void
99 $q = $this- > DB
-> prepare (
100 'INSERT INTO files (hash, originalname, filename, size, date, ip)' .
101 'VALUES (:hash, :orig, :name, :size, :date, :ip)' ,
103 $q- > bindValue ( ':hash' , $FILE_INFO [ 'XXH' ]);
104 $q- > bindValue ( ':orig' , $FILE_INFO [ 'NAME' ]);
105 $q- > bindValue ( ':name' , $FILE_INFO [ 'FILENAME' ]);
106 $q- > bindValue ( ':size' , $FILE_INFO [ 'SIZE' ], PDO
:: PARAM_INT
);
107 $q- > bindValue ( ':date' , $fingerPrintInfo [ 'timestamp' ]);
108 $q- > bindValue ( ':ip' , $fingerPrintInfo [ 'ip' ]);
113 public function createRateLimit ( array $fingerPrintInfo ): void
115 $q = $this- > DB
-> prepare (
116 'INSERT INTO ratelimit (iphash, files, time)' .
117 'VALUES (:iphash, :files, :time)' ,
119 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
120 $q- > bindValue ( ':files' , $fingerPrintInfo [ 'files_amount' ]);
121 $q- > bindValue ( ':time' , $fingerPrintInfo [ 'timestamp' ]);
126 public function updateRateLimit ( int $fCount , bool $iStamp , array $fingerPrintInfo ): void
129 $q = $this- > DB
-> prepare (
130 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)' ,
132 $q- > bindValue ( ':time' , $fingerPrintInfo [ 'timestamp' ]);
134 $q = $this- > DB
-> prepare (
135 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)' ,
138 $q- > bindValue ( ':files' , $fCount );
139 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
144 public function compareTime ( int $timestamp , int $seconds_d ): bool
146 $diff = time () - $timestamp ;
147 if ( $diff > $seconds_d ) {
153 public function checkRateLimit ( array $fingerPrintInfo , int $rateTimeout , int $fileLimit ): bool
155 $query = match ( $this- > dbType
) {
156 'pgsql' => 'SELECT EXISTS(SELECT id FROM ratelimit WHERE iphash = (:iphash)), id, iphash, files, time FROM ratelimit WHERE iphash = (:iphash) LIMIT 1' ,
157 default => 'SELECT * FROM ratelimit WHERE iphash = (:iphash) AND EXISTS (SELECT id FROM ratelimit WHERE iphash = (:iphash)) LIMIT 1'
159 $q = $this- > DB
-> prepare ( $query );
160 $q- > bindValue ( ':iphash' , $fingerPrintInfo [ 'ip_hash' ]);
162 $result = $q- > fetch ();
164 //If there is no other match a record does not exist, create one.
166 $this- > createRateLimit ( $fingerPrintInfo );
169 // Apply rate-limit when file count reached and timeout not reached.
170 if ( $result [ 'files' ] === $fileLimit and ! $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
173 // Update timestamp if timeout reached, reset file count and add the incoming file count.
174 if ( $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
175 $this- > updateRateLimit ( $fingerPrintInfo [ 'files_amount' ], true , $fingerPrintInfo );
178 // Add filecount, timeout not reached.
179 if ( $result [ 'files' ] < $fileLimit and ! $this- > compareTime ( $result [ 'time' ], $rateTimeout )) {
180 $this- > updateRateLimit ( $result [ 'files' ] +
$fingerPrintInfo [ 'files_amount' ], false , $fingerPrintInfo );