YandolsZX
/
IcarusImeji
1
1
Fork 1
Code Issues 1 Pull Requests Releases Wiki Activity

Merge branch 'UFNRAdev' into 'master'

Browse Source 
Resolves #9

See merge request YandolsZX/Icarus-Imeji!2
master
YandolsZX 5 years ago
parent 9d2431e4ff a09e25d794
commit 8cfd1597b0
2 changed files with 109 additions and 73 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 106
      dropload.php
  2. 76
      upload.php

106
dropload.php
Unescape View File

@ -1,114 +1,116 @@
<?php
//Imeji Uploader Core Code -- Version 2.0 (revision 49) (Migrations Phase 1)
$imejicoreversion = "Icarus_Imeji_V2_Droploader_r49_S_p1";
// Imeji Uploader Core Code -- Version 2.1 (revision 54) (Uploader Filename Randomizer Algorithm Update)
//
// Core Variables. Don't change unless you know what you're doing.
$imejicoreversion = "Icarus_Imeji_V2.1_Droploader_r54";
$target_dir = "public/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
// Check if uploaded image file is a actual image or fake image with masked extension.
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
}
// Check if file already exists
// Check whether a file with the same name already exists on server or not for security reasons.
if (file_exists($target_file)) {
//echo "Sorry, file already exists.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Check file size (Currently Max 6MB)
// Check file size. (Imeji Standard Max is 6MB)
if ($_FILES["fileToUpload"]["size"] > 6291456) {
//echo "Sorry, your file is too large. (Max is 6MB)";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Allow certain file formats
// Fixed uppercase rejection bug in 1.1a
// Allow only certain file formats.
// 1.1a -- Fixed uppercase rejection bug and allows them.
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
&& $imageFileType != "gif" && $imageFileType != "svg"
&& $imageFileType != "GIF" && $imageFileType != "SVG" ) {
//echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Check if $uploadOk is set to 0 by an error
// Check if $uploadOk is set to 0 by an error, if so go to failure condition.
if ($uploadOk == 0) {
//echo "Sorry, your file could not be uploaded.";
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
// if everything is ok, try to upload file
// If everything is ok, try to upload file.
} else {
// 1.2a -- Changed some case-confusing characters such as I and O to web safe symbols.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!$+*';
$random_string_length = 12;
// 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
// 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
// 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
$random_string_length = 11;
$randomFilename = '';
for ($i = 0; $i < $random_string_length; $i++) {
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
}
//$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
//$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
// Day-base identifiers (Implemented in v1.3_0)
if (date('D') == 'Sun') {
$dayId = 'Q';
} else if (date('D') == 'Mon') {
$dayId = 'a';
} else if (date('D') == 'Tue') {
$dayId = 'z';
} else if (date('D') == 'Wed') {
$dayId = '2';
} else if (date('D') == 'Thu') {
$dayId = 'W';
} else if (date('D') == 'Fri') {
$dayId = 's';
} else if (date('D') == 'Sat') {
$dayId = 'x';
} else {
$dayId = '0';
}
// Hour-base identifiers (Implemented in v1.3_0 / Changed in v1.3_2)
if ((date('H') >= '00') && (date('H') <= '03')) {
$hourId = '3';
} else if ((date('H') >= '04') && (date('H') <= '07')) {
$hourId = 'E';
} else if ((date('H') >= '08') && (date('H') <= '11')) {
$hourId = 'd';
} else if ((date('H') >= '12') && (date('H') <= '15')) {
$hourId = '4';
} else if ((date('H') >= '16') && (date('H') <= '19')) {
$hourId = 'R';
} else if ((date('H') >= '20') && (date('H') <= '23')) {
$hourId = 'f';
} else {
$hourId = 'z';
}
// Finalize file upload and return output to user.
// Old line: $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v1.3, kept for instaneous rollback safety.
$newfilename = $dayId . $hourId . $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
$newtarget = $target_dir . $newfilename;
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
chmod("$newtarget", 0775); // Set read and write permissions if file
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
chmod("$newtarget", 0775); // Set read and write permissions on file
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
//$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
//$respondingcode = http_response_code();
//return $respondingcode;
//$droploaddata = header('Location: https://i.zxicar.us/' . $newfilename);
//$droploaddata = '{ "Location": "https://i.zxicar.us/' . $newfilename . '" }';
//header('Content-type: application/json');
//echo $droploaddata;
//return;
header('Content-type: application/json');
echo json_encode([
"location" => "https://i.yandols.xyz/{$newfilename}"
]);
return;
//header('Location: https://i.zxicar.us/' . $newfilename);
//return;
//header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
//header('Location: ../imeji/' . $newtarget); --changed as of v0.7
//header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
} else {
//echo "Sorry, there was a problem uploading your file.";
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
}

76
upload.php
Unescape View File

@ -1,12 +1,14 @@
<?php
//Imeji Uploader Core Code -- Version 1.2b (Migrations Phase 1)
$imejicoreversion = "imeji_v1.2b_S_p1";
// Imeji Uploader Core Code -- Version 1.3 (Uploader Filename Randomizer Algorithm Update)
//
// Core Variables. Don't change unless you know what you're doing.
$imejicoreversion = "imeji_v1.3_2";
$target_dir = "public/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
// Check if uploaded image file is a actual image or fake image with masked extension.
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
@ -18,20 +20,20 @@ if(isset($_POST["submit"])) {
header('Location: ./failed.php');
}
}
// Check if file already exists
// Check whether a file with the same name already exists on server or not for security reasons.
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
header('Location: ./failed.php');
}
// Check file size (Currently Max 6MB)
// Check file size. (Imeji Standard Max is 6MB)
if ($_FILES["fileToUpload"]["size"] > 6291456) {
echo "Sorry, your file is too large. (Max is 6MB)";
$uploadOk = 0;
header('Location: ./failed.php');
}
// Allow certain file formats
// Fixed uppercase rejection bug in 1.1a
// Allow only certain file formats.
// 1.1a -- Fixed uppercase rejection bug and allows them.
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
&& $imageFileType != "gif" && $imageFileType != "svg"
@ -40,35 +42,67 @@ if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg
$uploadOk = 0;
header('Location: ./failed.php');
}
// Check if $uploadOk is set to 0 by an error
// Check if $uploadOk is set to 0 by an error, if so go to failure condition.
if ($uploadOk == 0) {
echo "Sorry, your file could not be uploaded.";
header('Location: ./failed.php');
// if everything is ok, try to upload file
// If everything is ok, try to upload file.
} else {
// 1.2a -- Changed some case-confusing characters such as I and O to web safe symbols.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!$+*';
$random_string_length = 12;
// 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
// 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
// 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
$random_string_length = 11;
$randomFilename = '';
for ($i = 0; $i < $random_string_length; $i++) {
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
}
//$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
//$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
// Day-base identifiers (Implemented in v1.3_0)
if (date('D') == 'Sun') {
$dayId = 'Q';
} else if (date('D') == 'Mon') {
$dayId = 'a';
} else if (date('D') == 'Tue') {
$dayId = 'z';
} else if (date('D') == 'Wed') {
$dayId = '2';
} else if (date('D') == 'Thu') {
$dayId = 'W';
} else if (date('D') == 'Fri') {
$dayId = 's';
} else if (date('D') == 'Sat') {
$dayId = 'x';
} else {
$dayId = '0';
}
// Hour-base identifiers (Implemented in v1.3_0 / Changed in v1.3_2)
if ((date('H') >= '00') && (date('H') <= '03')) {
$hourId = '3';
} else if ((date('H') >= '04') && (date('H') <= '07')) {
$hourId = 'E';
} else if ((date('H') >= '08') && (date('H') <= '11')) {
$hourId = 'd';
} else if ((date('H') >= '12') && (date('H') <= '15')) {
$hourId = '4';
} else if ((date('H') >= '16') && (date('H') <= '19')) {
$hourId = 'R';
} else if ((date('H') >= '20') && (date('H') <= '23')) {
$hourId = 'f';
} else {
$hourId = 'z';
}
// Finalize file upload and return output to user.
// Old line: $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v1.3, kept for instaneous rollback safety.
$newfilename = $dayId . $hourId . $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
$newtarget = $target_dir . $newfilename;
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
chmod("$newtarget", 0775); // Set read and write permissions if file
chmod("$newtarget", 0775); // Set read and write permissions on file
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
//$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
header('Location: https://i.yandols.xyz/' . $newfilename);
//header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
//header('Location: ../imeji/' . $newtarget); --changed as of v0.7
//header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
} else {
// If anything wrong here, go to failure condition.
echo "Sorry, there was a problem uploading your file.";
header('Location: ./failed.php');
}

Write Preview
Loading…
Cancel
Save