From: nokonoko Date: Sat, 3 Jul 2021 15:23:16 +0000 (+0200) Subject: add whitelist mode and fix clipboard glyph X-Git-Tag: v1.2.0 X-Git-Url: https://jfr.im/git/uguu.git/commitdiff_plain/refs/tags/v1.2.0?hp=6fb976d738c4dad3ba51306ec3b4ffd4119660c3 add whitelist mode and fix clipboard glyph --- diff --git a/dist.json b/dist.json index 92e510f..d6e30db 100644 --- a/dist.json +++ b/dist.json @@ -3,7 +3,7 @@ "allowErrors": false }, "dest": "dist", - "pkgVersion": "1.1.2", + "pkgVersion": "1.2.0", "banners": [ "banners/malware_scans.swig", "banners/donations.swig" diff --git a/package.json b/package.json index d9f06ea..48c2871 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "uguu", - "version": "1.1.2", + "version": "1.2.0", "description": "Kawaii file host", "homepage": "https://uguu.se/", "repository": { diff --git a/static/css/uguu.css b/static/css/uguu.css index 8faa788..93c7fd3 100644 --- a/static/css/uguu.css +++ b/static/css/uguu.css @@ -232,7 +232,7 @@ nav > ul > li:last-child:after { color: #891A18; } button.upload-clipboard-btn { - height: 16px; + height: 32px; } .error#upload-filelist .progress-percent { color: #B94A48; diff --git a/static/php/includes/settings.inc.php b/static/php/includes/settings.inc.php index e94f49b..58e9738 100644 --- a/static/php/includes/settings.inc.php +++ b/static/php/includes/settings.inc.php @@ -25,10 +25,14 @@ define('UGUU_DB_USER', 'NULL'); /* @param string UGUU_DB_PASS Database password */ define('UGUU_DB_PASS', 'NULL'); -/** Log IP of uploads */ +/** + * @param boolean Log IP of uploads + */ define('LOG_IP', false); -/** Dont upload a file already in the DB */ +/** + * @param boolean anti-dupe + */ define('ANTI_DUPE', false); /* @@ -78,11 +82,11 @@ define('CONFIG_BLOCKED_EXTENSIONS', serialize(['exe', 'scr', 'com', 'vbs', 'bat' define('CONFIG_BLOCKED_MIME', serialize(['application/msword', 'text/html', 'application/x-dosexec', 'application/java', 'application/java-archive', 'application/x-executable', 'application/x-mach-binary', 'image/svg+xml'])); /** - * Filter mode: whitelist (true) or blacklist (false). - * - * @param bool $FILTER_MODE mime type filter mode + * Whitelist or blacklist mode + * @param boolean blacklist (false) | whitelist (true) */ -$FILTER_MODE = false; +define('CONFIG_FILTER_MODE', false); + /** * Double dot file extensions. * diff --git a/static/php/upload.php b/static/php/upload.php index acc4e82..9448151 100644 --- a/static/php/upload.php +++ b/static/php/upload.php @@ -61,15 +61,34 @@ function generateName($file) $name .= '.'.$ext; } - //Check if MIME is blacklisted - if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) { - http_response_code(415); - exit(0); - } - //Check if EXT is blacklisted - if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) { - http_response_code(415); - exit(0); + // Check if file is whitelisted or blacklisted + switch (CONFIG_FILTER_MODE) { + + case false: + //check if MIME is blacklisted + if (in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) { + http_response_code(415); + exit(0); + } + //Check if EXT is blacklisted + if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) { + http_response_code(415); + exit(0); + } + break; + + case true: + //Check if MIME is whitelisted + if (!in_array($type_mime, unserialize(CONFIG_BLOCKED_MIME))) { + http_response_code(415); + exit(0); + } + //Check if EXT is whitelisted + if (!in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) { + http_response_code(415); + exit(0); + } + break; } // Check if a file with the same name does already exist in the database @@ -93,8 +112,6 @@ function generateName($file) function uploadFile($file) { global $db; - global $FILTER_MODE; - global $FILTER_MIME; // Handle file errors if ($file->error) {