diff options
-rw-r--r-- | htaccess.txt | 4 | ||||
-rwxr-xr-x | system/application/config/example/config.php | 5 | ||||
-rwxr-xr-x | system/application/config/example/routes.php | 2 | ||||
-rw-r--r-- | system/application/controllers/file.php | 198 | ||||
-rw-r--r-- | system/application/models/file_mod.php | 135 | ||||
-rw-r--r-- | system/application/views/file/show_url.php | 2 | ||||
-rw-r--r-- | system/application/views/file/upload_form.php | 20 |
7 files changed, 213 insertions, 153 deletions
diff --git a/htaccess.txt b/htaccess.txt index 1460d773c..60d053b77 100644 --- a/htaccess.txt +++ b/htaccess.txt @@ -1,8 +1,4 @@ RewriteEngine on - -RewriteRule ^s/(.*)$ file/show_url -RewriteRule ^d/(.*)$ file/download - RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php/?$1 [L] diff --git a/system/application/config/example/config.php b/system/application/config/example/config.php index 7b325a3e0..487740d12 100755 --- a/system/application/config/example/config.php +++ b/system/application/config/example/config.php @@ -341,9 +341,8 @@ $config['upload_path'] = FCPATH.'data/uploads'; $config['upload_max_size'] = 256*1024*1024; $config['upload_max_text_size'] = 2*1024*1024; $config['upload_max_age'] = 60*60*24*5; // 5 days -$config['paste_show_url'] = 'file/show_url/'; // "s/" with url rewrite -$config['paste_download_url'] = 'file/download/'; // "d/" with url rewrite -$config['passwordsalt'] = ''; // just enter any strign you want here +$config['paste_download_url'] = 'file/download/'; // "" with url rewrite +$config['passwordsalt'] = ''; // just enter any string you want here /* End of file config.php */ /* Location: ./system/application/config/config.php */ diff --git a/system/application/config/example/routes.php b/system/application/config/example/routes.php index 1edd3f93c..17e5927be 100755 --- a/system/application/config/example/routes.php +++ b/system/application/config/example/routes.php @@ -42,6 +42,8 @@ $route['default_controller'] = "file"; $route['scaffolding_trigger'] = ""; +$route['file/(:any)'] = "file/$1"; +$route['(:any)'] = "file/index/$1"; /* End of file routes.php */ /* Location: ./system/application/config/routes.php */ diff --git a/system/application/controllers/file.php b/system/application/controllers/file.php index 0c670f11d..248799c8a 100644 --- a/system/application/controllers/file.php +++ b/system/application/controllers/file.php @@ -19,7 +19,15 @@ class File extends Controller { function index() { - $this->upload_form(); + if(isset($_FILES['file'])) { + $this->do_upload(); + } elseif ($this->input->post('content')) { + $this->do_paste(); + } elseif ($this->file_mod->id_exists($this->uri->segment(1))) { + $this->file_mod->download(); + } else { + $this->upload_form(); + } } function upload_form() @@ -36,7 +44,7 @@ class File extends Controller { { $id = $this->uri->segment(3); $password = $this->input->post('password'); - if ($password !== false && $this->file_mod->id_exists($id) && $this->file_mod->delete_id($id, $password)) { + if ($this->file_mod->delete_id($id, $password)) { echo $id." deleted\n"; } else { echo 'Couldn\'t delete '.$id."\n"; @@ -44,157 +52,67 @@ class File extends Controller { die(); } - function do_upload() + function do_paste() { $data = array(); - if(isset($_FILES['userfile'])) { - if ($_FILES['userfile']['error'] === 0) { - $filesize = filesize($_FILES['userfile']['tmp_name']); - if ($filesize >= $this->config->item('upload_max_size')) { - $this->load->view('file/header', $data); - $this->load->view('file/too_big'); - } else { - $password = $this->input->post('password'); - $extension = $this->input->post('extension'); - if ($password !== false) { - $password = $this->file_mod->hash_password($password); - } else { - $password = 'NULL'; - } - - $id = $this->file_mod->new_id(); - $file_hash = md5_file($_FILES['userfile']['tmp_name']); - $file_name = $_FILES['userfile']['name']; - $folder = $this->file_mod->folder($file_hash); - file_exists($folder) || mkdir ($folder); - $file = $this->file_mod->file($file_hash); - - $sql = ' - INSERT INTO `files` (`hash`, `id`, `filename`, `password`, `date`) - VALUES (?, ?, ?, ?, ?)'; - $query = $this->db->query($sql, array($file_hash, $id, $file_name, $password, time())); - - move_uploaded_file($_FILES['userfile']['tmp_name'], $file); - chmod($file, 0600); - - redirect($this->config->item('paste_show_url').$id.'/'.$extension); - } - } else { - $this->index(); - } - } else { + $content = $this->input->post('content')."\n"; + $extension = $this->input->post('extension'); + if($content === false) { + $this->upload_form(); + return; + } + if(strlen($content) >= $this->config->item('upload_max_size')) { $this->load->view('file/header', $data); - $this->load->view('file/upload_error', $data); - $this->load->view('file/footer', $data); + $this->load->view('file/too_big'); + $this->load->view('file/footer'); + return; } + + $id = $this->file_mod->new_id(); + $hash = md5($content); + $folder = $this->file_mod->folder($hash); + file_exists($folder) || mkdir ($folder); + $file = $this->file_mod->file($hash); + + file_put_contents($file, $content); + chmod($file, 0600); + $this->file_mod->add_file($hash, $id, 'stdin'); + $this->file_mod->show_url($id, $extension); } - function show_url() + function do_upload() { $data = array(); - $id = $this->uri->segment(3); - $mode = $this->uri->segment(4); - - if ($mode) { - $data['url'] = site_url($this->config->item('paste_download_url').$id.'/'.$mode); - } else { - $data['url'] = site_url($this->config->item('paste_download_url').$id).'/'; + $extension = $this->input->post('extension'); + if(!isset($_FILES['file'])) { + $this->load->view('file/header', $data); + $this->load->view('file/upload_error'); + $this->load->view('file/footer'); + return; } - - if (strstr($_SERVER['HTTP_USER_AGENT'], 'libcurl')) { - echo $data['url']; - } else { + if ($_FILES['file']['error'] !== 0) { + $this->upload_form(); + return; + } + $filesize = filesize($_FILES['file']['tmp_name']); + if ($filesize >= $this->config->item('upload_max_size')) { $this->load->view('file/header', $data); - $this->load->view('file/show_url', $data); - $this->load->view('file/footer', $data); + $this->load->view('file/too_big'); + $this->load->view('file/footer'); + return; } - } - function download() - { - $data = array(); - $id = $this->uri->segment(3); - $mode = $this->uri->segment(4); - - $filedata = $this->file_mod->get_filedata($id); - $file = $this->file_mod->file($filedata['hash']); + $id = $this->file_mod->new_id(); + $hash = md5_file($_FILES['file']['tmp_name']); + $filename = $_FILES['file']['name']; + $folder = $this->file_mod->folder($hash); + file_exists($folder) || mkdir ($folder); + $file = $this->file_mod->file($hash); - if ($this->file_mod->id_exists($id) && file_exists($file)) { - // MODIFIED SINCE SUPPORT -- START - // helps to keep traffic low when reloading an image - // TODO: check for bugs, find source of code again - $filedate = filectime($file); - $etag = strtolower(md5_file($file)); - $modified = true; - - if(isset($_SERVER['HTTP_IF_NONE_MATCH'])) { - $oldtag = trim(strtolower($_SERVER['HTTP_IF_NONE_MATCH']), '"'); - if($oldtag == $etag) { - $modified = false; - } else { - $modified = true; - } - } - - if(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { - $olddate = date_parse(trim(strtolower($_SERVER['HTTP_IF_MODIFIED_SINCE']))); - $olddate = gmmktime($olddate['hour'], - $olddate['minute'], - $olddate['second'], - $olddate['month'], - $olddate['day'], - $olddate['year']); - if($olddate >= $filedate) { - $modified = false; - } else { - $modified = true; - } - } - // MODIFIED SINCE SUPPORT -- END - - $type = exec('/usr/bin/perlbin/vendor/mimetype -b '.escapeshellarg($file)); - - if (!$mode && substr_count(ltrim($this->uri->uri_string(), "/"), '/') >= 3) { - $mode = $this->file_mod->mime2extension($type); - } - - if (!$modified) { - header("HTTP/1.1 304 Not Modified"); - header('Etag: "'.$etag.'"'); - } else { - if ($mode - && $this->file_mod->mime2extension($type) - && filesize($file) <= $this->config->item('upload_max_text_size') - ) { - $data['title'] = $filedata['filename']; - $data['raw_link'] = site_url($this->config->item('paste_download_url').$id); - header("Content-Type: text/html\n"); - echo $this->load->view('file/html_header', $data, true); - // only rewrite if it's fast - // count(file($file)); isn't - echo shell_exec('/usr/bin/seq 1 $(/usr/bin/wc -l '.escapeshellarg($file).' | /bin/cut -d\ -f1) | sed -r \'s/^(.*)$/<a href="#n\1" class="no" name="n\1" id="n\1">\1<\/a>/g\''); - echo '</pre></td><td class="code"><pre>'."\n"; - echo shell_exec(FCPATH.'scripts/syntax-highlighting.sh '.$filedata['filename'].'.'.$mode.' < '.escapeshellarg($file)); - echo $this->load->view('file/html_footer', $data, true); - } else { - header("Content-Type: ".$type."\n"); - header("Content-disposition: inline; filename=\"".$filedata['filename']."\"\n"); - header("Content-Length: ".filesize($file)."\n"); - header("Last-Modified: ".date('D, d M Y H:i:s', $filedate)." GMT"); - header('Etag: "'.$etag.'"'); - $fp = fopen($file,"r"); - while (!feof($fp)) { - echo fread($fp,4096); - } - fclose($fp); - } - } - exit(); - } else { - $this->load->view('file/header', $data); - $this->load->view('file/non_existant'); - $this->load->view('file/footer', $data); - } + move_uploaded_file($_FILES['file']['tmp_name'], $file); + chmod($file, 0600); + $this->file_mod->add_file($hash, $id, $filename); + $this->file_mod->show_url($id, $extension); } function cron() diff --git a/system/application/models/file_mod.php b/system/application/models/file_mod.php index 2d7574a60..626ae431c 100644 --- a/system/application/models/file_mod.php +++ b/system/application/models/file_mod.php @@ -18,7 +18,7 @@ class File_mod extends Model { { $id = $this->random_id(3,6); - if ($this->id_exists($id)) { + if ($this->id_exists($id) || $id == 'file') { return $this->new_id(); } else { return $id; @@ -27,6 +27,10 @@ class File_mod extends Model { function id_exists($id) { + if(!$id) { + return false; + } + $sql = ' SELECT id FROM `files` @@ -71,6 +75,129 @@ class File_mod extends Model { return sha1($this->config->item('passwordsalt').$password); } + function get_password() + { + $password = $this->input->post('password'); + if ($password !== false) { + return $this->hash_password($password); + } + return 'NULL'; + } + + function add_file($hash, $id, $filename) + { + $query = $this->db->query(' + INSERT INTO `files` (`hash`, `id`, `filename`, `password`, `date`) + VALUES (?, ?, ?, ?, ?)', + array($hash, $id, $filename, $this->get_password(), time())); + } + + function show_url($id, $mode) + { + $data = array(); + + if ($mode) { + $data['url'] = site_url($this->config->item('paste_download_url').$id.'/'.$mode); + } else { + $data['url'] = site_url($this->config->item('paste_download_url').$id).'/'; + } + + if (strstr($_SERVER['HTTP_USER_AGENT'], 'libcurl')) { + echo $data['url']; + } else { + $this->load->view('file/header', $data); + $this->load->view('file/show_url', $data); + $this->load->view('file/footer', $data); + } + } + + function download() + { + $data = array(); + $id = $this->uri->segment(1); + $mode = $this->uri->segment(2); + + $filedata = $this->get_filedata($id); + $file = $this->file($filedata['hash']); + + if ($this->id_exists($id) && file_exists($file)) { + // MODIFIED SINCE SUPPORT -- START + // helps to keep traffic low when reloading an image + // TODO: check for bugs, find source of code again + $filedate = filectime($file); + $etag = strtolower(md5_file($file)); + $modified = true; + + if(isset($_SERVER['HTTP_IF_NONE_MATCH'])) { + $oldtag = trim(strtolower($_SERVER['HTTP_IF_NONE_MATCH']), '"'); + if($oldtag == $etag) { + $modified = false; + } else { + $modified = true; + } + } + + if(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { + $olddate = date_parse(trim(strtolower($_SERVER['HTTP_IF_MODIFIED_SINCE']))); + $olddate = gmmktime($olddate['hour'], + $olddate['minute'], + $olddate['second'], + $olddate['month'], + $olddate['day'], + $olddate['year']); + if($olddate >= $filedate) { + $modified = false; + } else { + $modified = true; + } + } + // MODIFIED SINCE SUPPORT -- END + + $type = exec('/usr/bin/perlbin/vendor/mimetype -b '.escapeshellarg($file)); + + if (!$mode && substr_count(ltrim($this->uri->uri_string(), "/"), '/') >= 1) { + $mode = $this->mime2extension($type); + } + + if (!$modified) { + header("HTTP/1.1 304 Not Modified"); + header('Etag: "'.$etag.'"'); + } else { + if ($mode + && $this->mime2extension($type) + && filesize($file) <= $this->config->item('upload_max_text_size') + ) { + $data['title'] = $filedata['filename']; + $data['raw_link'] = site_url($this->config->item('paste_download_url').$id); + header("Content-Type: text/html\n"); + echo $this->load->view('file/html_header', $data, true); + // only rewrite if it's fast + // count(file($file)); isn't + echo shell_exec('/usr/bin/seq 1 $(/usr/bin/wc -l '.escapeshellarg($file).' | /bin/cut -d\ -f1) | sed -r \'s/^(.*)$/<a href="#n\1" class="no" name="n\1" id="n\1">\1<\/a>/g\''); + echo '</pre></td><td class="code"><pre>'."\n"; + echo shell_exec(FCPATH.'scripts/syntax-highlighting.sh '.$filedata['filename'].'.'.$mode.' < '.escapeshellarg($file)); + echo $this->load->view('file/html_footer', $data, true); + } else { + header("Content-Type: ".$type."\n"); + header("Content-disposition: inline; filename=\"".$filedata['filename']."\"\n"); + header("Content-Length: ".filesize($file)."\n"); + header("Last-Modified: ".date('D, d M Y H:i:s', $filedate)." GMT"); + header('Etag: "'.$etag.'"'); + $fp = fopen($file,"r"); + while (!feof($fp)) { + echo fread($fp,4096); + } + fclose($fp); + } + } + exit(); + } else { + $this->load->view('file/header', $data); + $this->load->view('file/non_existant'); + $this->load->view('file/footer'); + } + } + private function unused_file($hash) { $sql = ' @@ -90,7 +217,11 @@ class File_mod extends Model { function delete_id($id, $password) { $filedata = $this->get_filedata($id); - $password = $this->hash_password($password); + $password = $this->get_password(); + + if(!$this->id_exists($id)) { + return false; + } $sql = ' DELETE diff --git a/system/application/views/file/show_url.php b/system/application/views/file/show_url.php index 62d34c661..73073ec04 100644 --- a/system/application/views/file/show_url.php +++ b/system/application/views/file/show_url.php @@ -1,4 +1,4 @@ <div style="text-align:center"> - You can get your file here:<br /> + You can get your file/paste here:<br /> <a href="<?php echo $url; ?>"><?php echo $url; ?></a><br /> </div> diff --git a/system/application/views/file/upload_form.php b/system/application/views/file/upload_form.php index b39088c4e..081277bde 100644 --- a/system/application/views/file/upload_form.php +++ b/system/application/views/file/upload_form.php @@ -1,13 +1,27 @@ <div style="text-align:center"> <?php echo form_open_multipart('file/do_upload'); ?> - File: <input type="file" name="userfile" size="30" /> + File: <input type="file" name="file" size="30" /> <input type="submit" value="Upload" name="process" /> </form> + <br /> + <p>OR</p> + <br /> + <?php echo form_open_multipart('file/do_paste'); ?> + <textarea name="content" cols="80" rows="20"></textarea><br /> + <input type="submit" value="Paste" name="process" /> + </form> </div> <br /><br /> -Uploads are deleted after 5 days.<br /> +Uploads/pastes are deleted after 5 days.<br /> +<br /> +For shell uploading/pasting use:<br /> +<pre> +curl -F "content=<-" <?php echo base_url(); ?> < file (not binary safe) +cat file | curl -F "content=<-" <?php echo base_url(); ?> (not binary safe) +curl -F "file=@/home/user/foo" <?php echo base_url(); ?> (binary safe) +</pre> <br /> -If you want to you can use my script (needs python and curl) to upload files, paste text (with syntax highlighting of course) or delete your uploads:<br /> +If you want to you can use my script (needs python and curl) to upload files, paste text or delete your uploads:<br /> <a href="http://git.server-speed.net/bin/plain/fb">http://git.server-speed.net/bin/plain/fb</a><br /> <br /> If you experience any problems feel free to <a href="http://bluewind.at/?id=1">contact me</a>.<br /> |