diff options
| author | Minteck <contact@minteck.org> | 2022-04-12 16:22:44 +0200 |
|---|---|---|
| committer | Minteck <contact@minteck.org> | 2022-04-12 16:22:44 +0200 |
| commit | f5d140a3ef6e34658f6a9a6cc58ee32d01427782 (patch) | |
| tree | 665bfe2da70c032fc7c8f24def802ae0a8b0bae2 /admin | |
| parent | 300ab1d94c7d476a6c87f1d32d1756d8b04e3dbf (diff) | |
| download | cloudsdale-f5d140a3ef6e34658f6a9a6cc58ee32d01427782.tar.gz cloudsdale-f5d140a3ef6e34658f6a9a6cc58ee32d01427782.tar.bz2 cloudsdale-f5d140a3ef6e34658f6a9a6cc58ee32d01427782.zip | |
File uploader
Diffstat (limited to 'admin')
| -rwxr-xr-x | admin/index.php | 6 | ||||
| -rwxr-xr-x | admin/uploads/index.php | 186 |
2 files changed, 189 insertions, 3 deletions
diff --git a/admin/index.php b/admin/index.php index 7722af8..942db44 100755 --- a/admin/index.php +++ b/admin/index.php @@ -19,7 +19,7 @@ <div class="card"> <div class="card-body"> <h4 class="card-title">File Uploader</h4> - <p class="card-text">Encrypted, secure and fast file uploader.</p> + <p class="card-text">Extensible, secure and fast file uploader.</p> <a href="/admin/uploads" class="btn btn-primary disabled">Manage</a> </div> </div> @@ -56,13 +56,13 @@ <div class="card-body"> <h4 class="card-title">Software Updates</h4> <p class="card-text">Ensure this version of the website is up-to-date.</p> - <a href="/admin/updates" class="btn btn-primary disabled">Manage</a> + <a href="https://ci.minteck.org/project/CloudburstSystemSWebsite?mode=builds" class="btn btn-primary" target="_blank">Manage ➚</a> </div> </div> </div> </div> - <p>This website is managed by <?php $admins = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json"), true); foreach ($admins as $index => $item): ?><b><?= $item ?></b><?php if ($item === $_USER): ?> (you)<?php endif; ?><?php if ($index !== count($admins) - 1): ?><?php if ($index + 1 === count($admins) - 1): ?> and <?php else: ?>, <?php endif; ?><?php endif; ?><?php endforeach; ?> (<a href="/admin/users">edit...</a>) and updated through <a href="https://ci.minteck.org/project/CloudburstSystemSWebsite?mode=builds" target="_blank">Minteck's TeamCity instance</a></p> + <p>This website is managed by <?php $admins = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/admins.json"), true); foreach ($admins as $index => $item): ?><b><?= $item ?></b><?php if ($item === $_USER): ?> (you)<?php endif; ?><?php if ($index !== count($admins) - 1): ?><?php if ($index + 1 === count($admins) - 1): ?> and <?php else: ?>, <?php endif; ?><?php endif; ?><?php endforeach; ?> (<a href="/admin/users">edit...</a>)</p> <p class="small text-muted">powered by Pawer Technologies</p> </div> diff --git a/admin/uploads/index.php b/admin/uploads/index.php new file mode 100755 index 0000000..2990933 --- /dev/null +++ b/admin/uploads/index.php @@ -0,0 +1,186 @@ +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/session.php"; global $_USER; ?> +<?php + +$projects = json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/files.json"), true); + +/** + * @throws Exception + */ +function uuid($data = null) { + $data = $data ?? random_bytes(16); + assert(strlen($data) == 16); + + $data[6] = chr(ord($data[6]) & 0x0f | 0x40); + $data[8] = chr(ord($data[8]) & 0x3f | 0x80); + + return vsprintf('%s%s-%s-%s-%s-%s%s%s', str_split(bin2hex($data), 4)); +} + + +if (isset($_GET['submit'])) { + if (isset($_GET['upload'])) { + try { + $fileId = uuid(); + } catch (Exception $e) { + die(); + } + + if (!file_exists($_SERVER['DOCUMENT_ROOT'] . "/data/uploads")) { + mkdir($_SERVER['DOCUMENT_ROOT'] . "/data/uploads"); + } + + $target_dir = $_SERVER['DOCUMENT_ROOT'] . "/data/uploads/"; + $target_file = $target_dir . $fileId; + + $file = $_FILES["add-file"]; + + if ($_FILES["add-file"]["error"] !== 0) { + header("Location: /admin/uploads"); + die(); + } + + rename($_FILES["add-file"]["tmp_name"], $target_file); + $projects[] = [ + "name" => $_FILES["add-file"]["name"], + "uuid" => $fileId, + "size" => $_FILES["add-file"]["size"] + ]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/files.json", json_encode($projects)); + + header("Location: /admin/uploads"); + die(); + } + + if (isset($_GET["delete-project"])) { + if (isset($projects[(int)$_GET["delete-project"]])) { + unlink($_SERVER['DOCUMENT_ROOT'] . "/data/uploads/" . $projects[(int)$_GET["delete-project"]]['uuid']); + unset($projects[(int)$_GET["delete-project"]]); + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/files.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/uploads"); + die(); + } + } + + if (isset($_GET["edit-project"]) && isset($_GET["edit-project-name"])) { + if (isset($projects[(int)$_GET["edit-project"]])) { + $projects[(int)$_GET["edit-project"]]["name"] = $_GET["edit-project-name"]; + file_put_contents($_SERVER["DOCUMENT_ROOT"] . "/data/files.json", json_encode($projects, JSON_PRETTY_PRINT)); + header("Location: /admin/uploads"); + die(); + } + } +} + +?> +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/header.php"; ?> + +<br> +<div class="container"> + <?php if (isset($_GET['change']) && isset($_GET['edit-project']) && isset($projects[(int)$_GET["edit-project"]])): $project = $projects[(int)$_GET["edit-project"]]; ?> + + <h1>Edit <b><?= $project["name"] ?></b><br><span class="small"><span class="small"><span class="small">(<code><?= $project["uuid"] ?></code>)</span></span></span></h1> + + <br> + + <form style="display: inline-block;"> + <p> + File Name:<br> + <input name="edit-project-name" class="form-control" type="text" value="<?= $project["name"] ?>"> + </p> + <input name="submit" type="hidden"> + <input name="edit-project" type="hidden" value="<?= (int)$_GET["edit-project"] ?>"> + <button type="submit" class="btn btn-primary">Save and apply changes</button> + </form> + <form style="margin-top: 5px;"> + <input name="submit" type="hidden"> + <input name="delete-project" type="hidden" value="<?= (int)$_GET["edit-project"] ?>"> + <button type="submit" class="btn btn-danger">Delete</button> + </form> + + <?php else: ?> + <h1>File Uploads</h1> + <p>Files added to this list are publicly accessible from their URL.</p> + + <ul class="list-group"> + <?php foreach (json_decode(file_get_contents($_SERVER["DOCUMENT_ROOT"] . "/data/files.json"), true) as $index => $project): ?> + <li class="list-group-item"> + <span style="vertical-align: middle;padding-top:10px;"> + <?= strip_tags($project["name"]) ?><span class="text-muted"> (<?php + + if ($project["size"] > 1024) { + if ($project["size"] > (1024**2)) { + echo(round($project["size"] / (1024**2), 1) . " MiB"); + } else { + echo(round($project["size"] / 1024, 1) . " kiB"); + } + } else { + echo($project["size"] . " bytes"); + } + + ?>)</span> + </span> + <form style="display:inline;float:right;"> + <a class="btn btn-primary" onclick="alert(`https://<?= $_SERVER['HTTP_HOST'] ?>/file/?<?= $project['uuid'] ?>`);">Show link</a> + </form> + <form style="display:inline;float:right;margin-right:10px;"> + <input name="edit-project" type="hidden" value="<?= $index ?>"> + <input name="change" type="hidden"> + <button type="submit" class="btn btn-primary">Edit/delete</button> + </form> + </li> + <?php endforeach; ?> + </ul> + <br> + + <button type="button" id="admin-add-s0" class="btn btn-outline-primary" onclick="document.getElementById('admin-add-s0').style.display='none';document.getElementById('admin-add-s1').style.display='';document.getElementById('admin-add-s2').focus();">Upload new file</button> + <div class="card" style="max-width:550px;display:none;" id="admin-add-s1"> + <form class="card-body" action="?submit=&upload=" method="post" enctype="multipart/form-data"> + <h4 class="card-title">Upload new file</h4> + <p>Once added, this file will be publicly accessible.</p> + <p> + <input id="admin-add-s2" name="add-file" type="file" class="form-control"> + </p> + <p>You are able to rename and delete the file after uploading it.</p> + <p class="small text-muted"> + <?php + + $max_upload = (int)(ini_get('upload_max_filesize')); + $max_post = (int)(ini_get('post_max_size')); + $memory_limit = (int)(ini_get('memory_limit')); + + if ($max_upload < $max_post && $max_upload < $memory_limit) { + $upload_mb = $max_upload; + $limit = "upload_max_filesize"; + } else if ($max_post < $max_upload && $max_post < $memory_limit) { + $upload_mb = $max_post; + $limit = "post_max_size"; + } else if ($memory_limit < $max_upload && $memory_limit < $max_post) { + $upload_mb = $memory_limit; + $limit = "memory_limit"; + } else { + $upload_mb = $max_upload; + $limit = "(config)"; + } + + echo("Upload limit: " . $upload_mb . " MB, limited by <code>$limit</code>"); + + ?> + </p> + <input name="submit" type="hidden"> + <button type="submit" class="btn btn-success">Upload</button> <button onclick="document.getElementById('admin-add-s1').style.display='none';document.getElementById('admin-add-s0').style.display='';" type="button" class="btn btn-outline-danger">Cancel</button> + </form> + </div> + <?php endif; ?> +</div> + +<style> + .project-icon { + border-radius: 999px; + width: 24px; + vertical-align: middle; + background: lightgray; + margin-right: 5px; + } +</style> + +<?php require_once $_SERVER["DOCUMENT_ROOT"] . "/includes/admin/footer.php"; ?>
\ No newline at end of file |