diff options
Diffstat (limited to 'system/application/controllers/file.php')
| -rw-r--r-- | system/application/controllers/file.php | 198 |
1 files changed, 58 insertions, 140 deletions
diff --git a/system/application/controllers/file.php b/system/application/controllers/file.php index 0c670f11d..248799c8a 100644 --- a/system/application/controllers/file.php +++ b/system/application/controllers/file.php @@ -19,7 +19,15 @@ class File extends Controller { function index() { - $this->upload_form(); + if(isset($_FILES['file'])) { + $this->do_upload(); + } elseif ($this->input->post('content')) { + $this->do_paste(); + } elseif ($this->file_mod->id_exists($this->uri->segment(1))) { + $this->file_mod->download(); + } else { + $this->upload_form(); + } } function upload_form() @@ -36,7 +44,7 @@ class File extends Controller { { $id = $this->uri->segment(3); $password = $this->input->post('password'); - if ($password !== false && $this->file_mod->id_exists($id) && $this->file_mod->delete_id($id, $password)) { + if ($this->file_mod->delete_id($id, $password)) { echo $id." deleted\n"; } else { echo 'Couldn\'t delete '.$id."\n"; @@ -44,157 +52,67 @@ class File extends Controller { die(); } - function do_upload() + function do_paste() { $data = array(); - if(isset($_FILES['userfile'])) { - if ($_FILES['userfile']['error'] === 0) { - $filesize = filesize($_FILES['userfile']['tmp_name']); - if ($filesize >= $this->config->item('upload_max_size')) { - $this->load->view('file/header', $data); - $this->load->view('file/too_big'); - } else { - $password = $this->input->post('password'); - $extension = $this->input->post('extension'); - if ($password !== false) { - $password = $this->file_mod->hash_password($password); - } else { - $password = 'NULL'; - } - - $id = $this->file_mod->new_id(); - $file_hash = md5_file($_FILES['userfile']['tmp_name']); - $file_name = $_FILES['userfile']['name']; - $folder = $this->file_mod->folder($file_hash); - file_exists($folder) || mkdir ($folder); - $file = $this->file_mod->file($file_hash); - - $sql = ' - INSERT INTO `files` (`hash`, `id`, `filename`, `password`, `date`) - VALUES (?, ?, ?, ?, ?)'; - $query = $this->db->query($sql, array($file_hash, $id, $file_name, $password, time())); - - move_uploaded_file($_FILES['userfile']['tmp_name'], $file); - chmod($file, 0600); - - redirect($this->config->item('paste_show_url').$id.'/'.$extension); - } - } else { - $this->index(); - } - } else { + $content = $this->input->post('content')."\n"; + $extension = $this->input->post('extension'); + if($content === false) { + $this->upload_form(); + return; + } + if(strlen($content) >= $this->config->item('upload_max_size')) { $this->load->view('file/header', $data); - $this->load->view('file/upload_error', $data); - $this->load->view('file/footer', $data); + $this->load->view('file/too_big'); + $this->load->view('file/footer'); + return; } + + $id = $this->file_mod->new_id(); + $hash = md5($content); + $folder = $this->file_mod->folder($hash); + file_exists($folder) || mkdir ($folder); + $file = $this->file_mod->file($hash); + + file_put_contents($file, $content); + chmod($file, 0600); + $this->file_mod->add_file($hash, $id, 'stdin'); + $this->file_mod->show_url($id, $extension); } - function show_url() + function do_upload() { $data = array(); - $id = $this->uri->segment(3); - $mode = $this->uri->segment(4); - - if ($mode) { - $data['url'] = site_url($this->config->item('paste_download_url').$id.'/'.$mode); - } else { - $data['url'] = site_url($this->config->item('paste_download_url').$id).'/'; + $extension = $this->input->post('extension'); + if(!isset($_FILES['file'])) { + $this->load->view('file/header', $data); + $this->load->view('file/upload_error'); + $this->load->view('file/footer'); + return; } - - if (strstr($_SERVER['HTTP_USER_AGENT'], 'libcurl')) { - echo $data['url']; - } else { + if ($_FILES['file']['error'] !== 0) { + $this->upload_form(); + return; + } + $filesize = filesize($_FILES['file']['tmp_name']); + if ($filesize >= $this->config->item('upload_max_size')) { $this->load->view('file/header', $data); - $this->load->view('file/show_url', $data); - $this->load->view('file/footer', $data); + $this->load->view('file/too_big'); + $this->load->view('file/footer'); + return; } - } - function download() - { - $data = array(); - $id = $this->uri->segment(3); - $mode = $this->uri->segment(4); - - $filedata = $this->file_mod->get_filedata($id); - $file = $this->file_mod->file($filedata['hash']); + $id = $this->file_mod->new_id(); + $hash = md5_file($_FILES['file']['tmp_name']); + $filename = $_FILES['file']['name']; + $folder = $this->file_mod->folder($hash); + file_exists($folder) || mkdir ($folder); + $file = $this->file_mod->file($hash); - if ($this->file_mod->id_exists($id) && file_exists($file)) { - // MODIFIED SINCE SUPPORT -- START - // helps to keep traffic low when reloading an image - // TODO: check for bugs, find source of code again - $filedate = filectime($file); - $etag = strtolower(md5_file($file)); - $modified = true; - - if(isset($_SERVER['HTTP_IF_NONE_MATCH'])) { - $oldtag = trim(strtolower($_SERVER['HTTP_IF_NONE_MATCH']), '"'); - if($oldtag == $etag) { - $modified = false; - } else { - $modified = true; - } - } - - if(isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { - $olddate = date_parse(trim(strtolower($_SERVER['HTTP_IF_MODIFIED_SINCE']))); - $olddate = gmmktime($olddate['hour'], - $olddate['minute'], - $olddate['second'], - $olddate['month'], - $olddate['day'], - $olddate['year']); - if($olddate >= $filedate) { - $modified = false; - } else { - $modified = true; - } - } - // MODIFIED SINCE SUPPORT -- END - - $type = exec('/usr/bin/perlbin/vendor/mimetype -b '.escapeshellarg($file)); - - if (!$mode && substr_count(ltrim($this->uri->uri_string(), "/"), '/') >= 3) { - $mode = $this->file_mod->mime2extension($type); - } - - if (!$modified) { - header("HTTP/1.1 304 Not Modified"); - header('Etag: "'.$etag.'"'); - } else { - if ($mode - && $this->file_mod->mime2extension($type) - && filesize($file) <= $this->config->item('upload_max_text_size') - ) { - $data['title'] = $filedata['filename']; - $data['raw_link'] = site_url($this->config->item('paste_download_url').$id); - header("Content-Type: text/html\n"); - echo $this->load->view('file/html_header', $data, true); - // only rewrite if it's fast - // count(file($file)); isn't - echo shell_exec('/usr/bin/seq 1 $(/usr/bin/wc -l '.escapeshellarg($file).' | /bin/cut -d\ -f1) | sed -r \'s/^(.*)$/<a href="#n\1" class="no" name="n\1" id="n\1">\1<\/a>/g\''); - echo '</pre></td><td class="code"><pre>'."\n"; - echo shell_exec(FCPATH.'scripts/syntax-highlighting.sh '.$filedata['filename'].'.'.$mode.' < '.escapeshellarg($file)); - echo $this->load->view('file/html_footer', $data, true); - } else { - header("Content-Type: ".$type."\n"); - header("Content-disposition: inline; filename=\"".$filedata['filename']."\"\n"); - header("Content-Length: ".filesize($file)."\n"); - header("Last-Modified: ".date('D, d M Y H:i:s', $filedate)." GMT"); - header('Etag: "'.$etag.'"'); - $fp = fopen($file,"r"); - while (!feof($fp)) { - echo fread($fp,4096); - } - fclose($fp); - } - } - exit(); - } else { - $this->load->view('file/header', $data); - $this->load->view('file/non_existant'); - $this->load->view('file/footer', $data); - } + move_uploaded_file($_FILES['file']['tmp_name'], $file); + chmod($file, 0600); + $this->file_mod->add_file($hash, $id, $filename); + $this->file_mod->show_url($id, $extension); } function cron() |