namespace Pomf\Uguu\Classes;
+ use DateTimeZone;
use Exception;
use PDO;
+ use DateTime;
class Database
{
*
* @param $name string The name of the file.
*
- * @return int The number of rows that match the query.
+ * @return bool The number of rows that match the query.
* @throws \Exception
*/
- public function dbCheckNameExists(string $name): int
+ public function dbCheckNameExists(string $name): bool
{
try {
- $q = $this->DB->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
+ $q = $this->DB->prepare('SELECT * FROM files WHERE EXISTS
+ (SELECT filename FROM files WHERE filename = (:name)) LIMIT 1');
$q->bindValue(':name', $name);
$q->execute();
- return $q->fetchColumn();
+ $result = $q->fetch();
+ if ($result) {
+ return true;
+ }
+ return false;
} catch (Exception) {
throw new Exception('Cant check if name exists in DB.', 500);
}
public function checkFileBlacklist(array $FILE_INFO): void
{
try {
- $q = $this->DB->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
+ $q = $this->DB->prepare('SELECT * FROM blacklist WHERE EXISTS
+ (SELECT hash FROM blacklist WHERE hash = (:hash)) LIMIT 1');
$q->bindValue(':hash', $FILE_INFO['SHA1']);
$q->execute();
$result = $q->fetch();
- if ($result['count'] > 0) {
+ if ($result) {
throw new Exception('File blacklisted!', 415);
}
} catch (Exception) {
{
try {
$q = $this->DB->prepare(
- 'SELECT filename, COUNT(*) AS count FROM files WHERE hash = (:hash)',
+ 'SELECT * FROM files WHERE EXISTS
+ (SELECT filename FROM files WHERE hash = (:hash)) LIMIT 1',
);
$q->bindValue(':hash', $hash);
$q->execute();
$result = $q->fetch();
- if ($result['count'] > 0) {
+ if ($result) {
return [
'result' => true,
'name' => $result['filename'],
* Creates a new row in the database with the information provided
*
* @param $fingerPrintInfo array
+ *
+ * @throws \Exception
*/
public function createRateLimit(array $fingerPrintInfo): void
{
- $q = $this->DB->prepare(
- 'INSERT INTO timestamp (iphash, files, time)' .
- 'VALUES (:iphash, :files, :time)',
- );
- $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
- $q->bindValue(':files', $fingerPrintInfo['files_amount']);
- $q->bindValue(':time', $fingerPrintInfo['timestamp']);
- $q->execute();
+ try {
+ $q = $this->DB->prepare(
+ 'INSERT INTO ratelimit (iphash, files, time)' .
+ 'VALUES (:iphash, :files, :time)',
+ );
+ $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
+ $q->bindValue(':files', $fingerPrintInfo['files_amount']);
+ $q->bindValue(':time', $fingerPrintInfo['timestamp']);
+ $q->execute();
+ } catch (Exception $e) {
+ throw new Exception(500, $e->getMessage());
+ }
}
/**
* Update the rate limit table with the new file count and timestamp
*
* @param $fCount int The number of files uploaded by the user.
- * @param $iStamp boolean A boolean value that determines whether or not to update the timestamp.
+ * @param $iStamp bool A boolean value that determines whether or not to update the timestamp.
* @param $fingerPrintInfo array An array containing the following keys:
+ *
+ * @throws \Exception
*/
public function updateRateLimit(int $fCount, bool $iStamp, array $fingerPrintInfo): void
{
- if ($iStamp) {
- $q = $this->DB->prepare(
- 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)',
- );
- $q->bindValue(':time', $fingerPrintInfo['timestamp']);
- } else {
- $q = $this->DB->prepare(
- 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)',
- );
+ try {
+ if ($iStamp) {
+ $q = $this->DB->prepare(
+ 'UPDATE ratelimit SET files = (:files), time = (:time) WHERE iphash = (:iphash)',
+ );
+ $q->bindValue(':time', $fingerPrintInfo['timestamp']);
+ } else {
+ $q = $this->DB->prepare(
+ 'UPDATE ratelimit SET files = (:files) WHERE iphash = (:iphash)',
+ );
+ }
+ $q->bindValue(':files', $fCount);
+ $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
+ $q->execute();
+ } catch (Exception $e) {
+ throw new Exception(500, $e->getMessage());
}
- $q->bindValue(':files', $fCount);
- $q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
- $q->execute();
}
/**
- * Checks if the user has uploaded more than 100 files in the last minute, if so it returns true, if not it updates the database with the new file
+ * @throws \Exception
+ */
+ public function compareTime(int $timestamp, int $seconds_d): bool
+ {
+ $dateTime_end = new DateTime('now', new DateTimeZone('Europe/Stockholm'));
+ $dateTime_start = new DateTime();
+ $dateTime_start->setTimestamp($timestamp);
+ $diff = strtotime($dateTime_end->format('Y-m-d H:i:s')) - strtotime($dateTime_start->format('Y-m-d H:i:s'));
+ if ($diff > $seconds_d) {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Checks if the user has uploaded more than 100 files in the last minute, if so it returns true,
+ * if not it updates the database with the new file
* count and timestamp
*
* @param $fingerPrintInfo array An array containing the following:
*
* @return bool A boolean value.
+ * @throws \Exception
*/
- public function checkRateLimit(array $fingerPrintInfo): bool
+ public function checkRateLimit(array $fingerPrintInfo, int $rateTimeout, int $fileLimit): bool
{
$q = $this->DB->prepare(
'SELECT files, time, iphash, COUNT(*) AS count FROM ratelimit WHERE iphash = (:iphash)',
$q->bindValue(':iphash', $fingerPrintInfo['ip_hash']);
$q->execute();
$result = $q->fetch();
- $nTime = $fingerPrintInfo['timestamp'] - (60);
- switch (true) {
- //If more then 100 files trigger rate-limit
- case $result['files'] > 100:
- return true;
- //if timestamp is older than one minute, set new files count and timestamp
- case $result['time'] < $nTime:
- $this->updateRateLimit($fingerPrintInfo['files_amount'], true, $fingerPrintInfo);
- break;
- //if timestamp isn't older than one-minute update the files count
- case $result['time'] > $nTime:
- $this->updateRateLimit($fingerPrintInfo['files_amount'] + $result['files'], false, $fingerPrintInfo);
- break;
- //If there is no other match a record does not exist, create one
- default:
- $this->createRateLimit($fingerPrintInfo);
- break;
+
+ //If there is no other match a record does not exist, create one.
+ if (!$result['count'] > 0) {
+ $this->createRateLimit($fingerPrintInfo);
+ return false;
+ }
+
+ // Apply rate-limit when file count reached and timeout not reached.
+ if ($result['files'] === $fileLimit and !$this->compareTime($result['time'], $rateTimeout)) {
+ return true;
}
+
+ // Update timestamp if timeout reached.
+ if ($this->compareTime($result['time'], $rateTimeout)) {
+ $this->updateRateLimit($fingerPrintInfo['files_amount'], true, $fingerPrintInfo);
+ return false;
+ }
+
+ // Add filecount, timeout not reached.
+ if ($result['files'] < $fileLimit and !$this->compareTime($result['time'], $rateTimeout)) {
+ $this->updateRateLimit($result['files'] + $fingerPrintInfo['files_amount'], false, $fingerPrintInfo);
+ return false;
+ }
+
return false;
}
}
<?php
+
/**
* Uguu
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
-
+
namespace Pomf\Uguu\Classes;
-
- class Response
+
+class Response
+{
+ public string $type;
+
+ /**
+ * Takes a string as an argument and sets the header to the appropriate content type
+ *
+ * @param $response_type string The type of response you want to return.
+ * Valid options are: csv, html, json, text.
+ */
+ public function __construct(string $response_type)
{
- public string $type;
-
- /**
- * Takes a string as an argument and sets the header to the appropriate content type
- *
- * @param $response_type string The type of response you want to return. Valid options are: csv, html, json, text.
- */
- public function __construct(string $response_type)
- {
- switch ($response_type) {
- case 'csv':
- header('Content-Type: text/csv; charset=UTF-8');
- $this->type = $response_type;
- break;
- case 'html':
- header('Content-Type: text/html; charset=UTF-8');
- $this->type = $response_type;
- break;
- case 'json':
- header('Content-Type: application/json; charset=UTF-8');
- $this->type = $response_type;
- break;
- case 'gyazo':
- header('Content-Type: text/plain; charset=UTF-8');
- $this->type = 'text';
- break;
- case 'text':
- header('Content-Type: text/plain; charset=UTF-8');
- $this->type = $response_type;
- break;
- default:
- header('Content-Type: application/json; charset=UTF-8');
- $this->type = 'json';
- break;
- }
+ switch ($response_type) {
+ case 'csv':
+ header('Content-Type: text/csv; charset=UTF-8');
+ $this->type = $response_type;
+ break;
+ case 'html':
+ header('Content-Type: text/html; charset=UTF-8');
+ $this->type = $response_type;
+ break;
+ case 'json':
+ header('Content-Type: application/json; charset=UTF-8');
+ $this->type = $response_type;
+ break;
+ case 'gyazo':
+ header('Content-Type: text/plain; charset=UTF-8');
+ $this->type = 'text';
+ break;
+ case 'text':
+ header('Content-Type: text/plain; charset=UTF-8');
+ $this->type = $response_type;
+ break;
+ default:
+ header('Content-Type: application/json; charset=UTF-8');
+ $this->type = 'json';
+ break;
}
-
- /**
- * Returns a string based on the type of response requested
- *
- * @param $code mixed The HTTP status code to return.
- * @param $desc string The description of the error.
- */
- public function error(mixed $code, string $desc):void
- {
- $response = match ($this->type) {
- 'csv' => $this->csvError($desc),
- 'html' => $this->htmlError($code, $desc),
- 'json' => $this->jsonError($code, $desc),
- 'text' => $this->textError($code, $desc),
- };
+ }
+
+ /**
+ * Returns a string based on the type of response requested
+ *
+ * @param $code mixed The HTTP status code to return.
+ * @param $desc string The description of the error.
+ */
+ public function error(int $code, string $desc): void
+ {
+ $response = match ($this->type) {
+ 'csv' => $this->csvError($desc),
+ 'html' => $this->htmlError($code, $desc),
+ 'json' => $this->jsonError($code, $desc),
+ 'text' => $this->textError($code, $desc),
+ };
http_response_code($code);
echo $response;
- }
-
- /* Returning a string that contains the error message. */
- private static function csvError(string $description):string
- {
- return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
- }
-
- /**
- * Returns a string containing an HTML paragraph element with the error code and description
- *
- * @param $code int|string The error code.
- * @param $description string The description of the error.
- *
- * @return string A string.
- */
- private static function htmlError(int|string $code, string $description):string
- {
- return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
- }
-
- /**
- * Returns a JSON string with the error code and description
- *
- * @param $code int|string The error code.
- * @param $description string The description of the error.
- *
- * @return bool|string A JSON string
- */
- private static function jsonError(int|string $code, string $description):bool|string
- {
- return json_encode([
- 'success' => false,
- 'errorcode' => $code,
- 'description' => $description,
- ], JSON_PRETTY_PRINT);
- }
-
- /**
- * Returns a string that contains the error code and description
- *
- * @param $code int|string The error code.
- * @param $description string The description of the error.
- *
- * @return string A string with the error code and description.
- */
- private static function textError(int|string $code, string $description):string
- {
- return 'ERROR: (' . $code . ') ' . $description;
- }
-
- /**
- * "If the type is csv, then call the csvSuccess function, if the type is html, then call the htmlSuccess function, etc."
- *
- * The `match` keyword is a new feature in PHP 8. It's a lot like a switch statement, but it's more powerful
- *
- * @param $files array An array of file objects.
- */
- public function send(array $files):void
- {
- $response = match ($this->type) {
- 'csv' => $this->csvSuccess($files),
- 'html' => $this->htmlSuccess($files),
- 'json' => $this->jsonSuccess($files),
- 'text' => $this->textSuccess($files),
- };
+ }
+
+ /* Returning a string that contains the error message. */
+ private static function csvError(string $description): string
+ {
+ return '"error"' . "\r\n" . "\"$description\"" . "\r\n";
+ }
+
+ /**
+ * Returns a string containing an HTML paragraph element with the error code and description
+ *
+ * @param $code int|string The error code.
+ * @param $description string The description of the error.
+ *
+ * @return string A string.
+ */
+ private static function htmlError(int|string $code, string $description): string
+ {
+ return '<p>ERROR: (' . $code . ') ' . $description . '</p>';
+ }
+
+ /**
+ * Returns a JSON string with the error code and description
+ *
+ * @param $code int|string The error code.
+ * @param $description string The description of the error.
+ *
+ * @return bool|string A JSON string
+ */
+ private static function jsonError(int|string $code, string $description): bool|string
+ {
+ return json_encode([
+ 'success' => false,
+ 'errorcode' => $code,
+ 'description' => $description,
+ ], JSON_PRETTY_PRINT);
+ }
+
+ /**
+ * Returns a string that contains the error code and description
+ *
+ * @param $code int|string The error code.
+ * @param $description string The description of the error.
+ *
+ * @return string A string with the error code and description.
+ */
+ private static function textError(int|string $code, string $description): string
+ {
+ return 'ERROR: (' . $code . ') ' . $description;
+ }
+
+ /**
+ * "If the type is csv, then call the csvSuccess function,
+ * if the type is html, then call the htmlSuccess function, etc."
+ *
+ * The `match` keyword is a new feature in PHP 8. It's a lot like a switch statement, but it's more powerful
+ *
+ * @param $files array An array of file objects.
+ */
+ public function send(array $files): void
+ {
+ $response = match ($this->type) {
+ 'csv' => $this->csvSuccess($files),
+ 'html' => $this->htmlSuccess($files),
+ 'json' => $this->jsonSuccess($files),
+ 'text' => $this->textSuccess($files),
+ };
http_response_code(200); // "200 OK". Success.
echo $response;
+ }
+
+ /**
+ * Takes an array of files and returns a CSV string
+ *
+ * @param $files array An array of files that have been uploaded.
+ *
+ * @return string A string of the files in the array.
+ */
+ private static function csvSuccess(array $files): string
+ {
+ $result = '"name","url","hash","size"' . "\r\n";
+ foreach ($files as $file) {
+ $result .= '"' . $file['name'] . '"' . ',' .
+ '"' . $file['url'] . '"' . ',' .
+ '"' . $file['hash'] . '"' . ',' .
+ '"' . $file['size'] . '"' . "\r\n";
}
-
- /**
- * Takes an array of files and returns a CSV string
- *
- * @param $files array An array of files that have been uploaded.
- *
- * @return string A string of the files in the array.
- */
- private static function csvSuccess(array $files):string
- {
- $result = '"name","url","hash","size"' . "\r\n";
- foreach ($files as $file) {
- $result .= '"' . $file['name'] . '"' . ',' .
- '"' . $file['url'] . '"' . ',' .
- '"' . $file['hash'] . '"' . ',' .
- '"' . $file['size'] . '"' . "\r\n";
- }
- return $result;
- }
-
- /**
- * Takes an array of files and returns a string of HTML links
- *
- * @param $files array An array of files to be uploaded.
- *
- * @return string the result of the foreach loop.
- */
- private static function htmlSuccess(array $files):string
- {
- $result = '';
- foreach ($files as $file) {
- $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
- }
- return $result;
- }
-
- /**
- * Returns a JSON string that contains a success message and the files that were uploaded
- *
- * @param $files array The files to be uploaded.
- *
- * @return bool|string A JSON string
- */
- private static function jsonSuccess(array $files):bool|string
- {
- return json_encode([
- 'success' => true,
- 'files' => $files,
- ], JSON_PRETTY_PRINT);
+ return $result;
+ }
+
+ /**
+ * Takes an array of files and returns a string of HTML links
+ *
+ * @param $files array An array of files to be uploaded.
+ *
+ * @return string the result of the foreach loop.
+ */
+ private static function htmlSuccess(array $files): string
+ {
+ $result = '';
+ foreach ($files as $file) {
+ $result .= '<a href="' . $file['url'] . '">' . $file['url'] . '</a><br>';
}
-
- /**
- * Takes an array of files and returns a string of URLs
- *
- * @param $files array The files to be uploaded.
- *
- * @return string the url of the file.
- */
- private static function textSuccess(array $files):string
- {
- $result = '';
- foreach ($files as $file) {
- $result .= $file['url'] . "\n";
- }
- return $result;
+ return $result;
+ }
+
+ /**
+ * Returns a JSON string that contains a success message and the files that were uploaded
+ *
+ * @param $files array The files to be uploaded.
+ *
+ * @return bool|string A JSON string
+ */
+ private static function jsonSuccess(array $files): bool|string
+ {
+ return json_encode([
+ 'success' => true,
+ 'files' => $files,
+ ], JSON_PRETTY_PRINT);
+ }
+
+ /**
+ * Takes an array of files and returns a string of URLs
+ *
+ * @param $files array The files to be uploaded.
+ *
+ * @return string the url of the file.
+ */
+ private static function textSuccess(array $files): string
+ {
+ $result = '';
+ foreach ($files as $file) {
+ $result .= $file['url'] . "\n";
}
+ return $result;
}
+}