Compare commits

..

19 Commits

Author SHA1 Message Date
YandolsZX e814a4f5f1 Fixed new authentication redirector messing up other redirection systems that were in place.
5 years ago
YandolsZX 32587d062d Fixed double login prompt on authentication pages such as log viewer. Automatically redirect logins on HTTP to HTTPS now.
5 years ago
YandolsZX 6567acd1dc Fixed a domain change missed by the migrationdev branch.
6 years ago
YandolsZX 480523f37e More cleanup + changes to the legacy front-end.
6 years ago
YandolsZX f742310fdc Cleanup .htaccess files.
6 years ago
YandolsZX 1722e1a3de Also apply assets path change to the upload failed page.
6 years ago
YandolsZX 86c9feb483 Use relative paths instead of absolute paths for assets.
6 years ago
YandolsZX 182aa78719 Cleanup. Bump display version up to 2.1S
6 years ago
YandolsZX 28b391ab97 Move droploader files from addonstyle into assets folder.
6 years ago
YandolsZX 8cfd1597b0 Merge branch 'UFNRAdev' into 'master'
6 years ago
YandolsZX 9d2431e4ff Fix typo.
6 years ago
YandolsZX 02ec8f47c2 Add README.md and LICENSE.md
6 years ago
YandolsZX d243a7cea9 Merge branch 'migrationdev' into 'master'
6 years ago
YandolsZX a09e25d794 Cleanup.
6 years ago
YandolsZX fc1d66e2f4 Apply UFNRA update to droploader.
6 years ago
YandolsZX 07e9424bb7 Changed hour-base identifiers to intervals of 4 hours instead of 6.
6 years ago
YandolsZX 1e52b9f248 Cleanup + set randomized length to 11, bringing the total filename length to 13.
6 years ago
YandolsZX e99dc7df6c Fixed forgetting to parse the new algorithm into the filename itself.
6 years ago
YandolsZX 69ad885419 Finished new working uploader filename randomizer algorithm (abbr. as UFNRA).
6 years ago
  1. 12
      .htaccess
  2. 21
      LICENSE.md
  3. 35
      README.md
  4. 0
      assets/droploader/_dropzone.js
  5. 0
      assets/droploader/basic.css
  6. 0
      assets/droploader/dropzone.css
  7. 0
      assets/droploader/dropzone.js
  8. 0
      assets/droploader/min/basic.min.css
  9. 0
      assets/droploader/min/dropzone.min.css
  10. 0
      assets/droploader/min/dropzone.min.js
  11. 106
      dropload.php
  12. 20
      failed.php
  13. 98
      index.php
  14. 38
      legacy.php
  15. 10
      public/.htaccess
  16. 76
      upload.php

@ -9,20 +9,18 @@ RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force Uploaded Imejis to load via HTTP instead of HTTPS due to backwards compatibility problem on some platforms.
# SHOULD no longer be needed after the switch to LetsEncrypt on 31/07/2016
#RewriteCond %{HTTPS} on
#ReWriteCond %{REQUEST_URI} \w(\.png|\.jpeg|\.jpg|\.gif)$
#RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Hackerbots Prevention
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^ZmEu [OR]
RewriteCond %{HTTP_USER_AGENT} (.*)Msqq(.*)
RewriteRule .* http://www.urbandictionary.com/define.php?term=fuck+you [R=301,L]
#Preventing Public Access to Logs file
# Prevent public access to the logs, requires login through HTTPS
<FilesMatch "(logs.php|uploads.log)$">
SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "%{HTTP_HOST}%{REQUEST_URI}"
ErrorDocument 403 https://%{HTTP_HOST}%{REQUEST_URI}
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /var/www/passes/imeji/.htpasswd

@ -0,0 +1,21 @@
MIT License
Copyright (c) 2016-2019 Yandols ZeonX, Locaria Technologies.
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

@ -0,0 +1,35 @@
# Icarus Imeji Uploader Service
Imeji (for short) is a form of PHP image uploader system that you can use to host a simple image uploader service on your server. It utilizes the [dropzone.js](https://github.com/enyo/dropzone) library and also includes a basic POST uploader for clients incompatible with the aforementioned dropzone.js library.
This repository is used for development and project tracking of the code we use on our [live image uploader](https://imeji.yandols.xyz). However, you a free to download a copy of it for yourself and alter it to use within the limits of our [license](/LICENSE.md).
# Requirements
* A server running Apache *(or anything else really, should work fine as well.)*
* mod_rewrite for Apache
* PHP 7.1 or greater
That's about it.
# Configuration
You can configure parameters within `dropload.php` and `upload.php` to your liking, making them both have the same changes or have them function with different parameters respectively.
Don't forget to set up `.htaccess` to suit your server environment and also make sure to configure the path to your `.htpasswd` file. Ideally you would want the .htpasswd file itself outside of Imeji's working directory for safety.
Anything else such as the front-end design of pages is completely up to you to change. Be sure to change the paths of elements and assets in the `index.php` file and other related files too.
# Contributing
You can use our [issue tracker](https://dev.zxicar.us/YandolsZX/Icarus-Imeji/issues) to help report problems or suggest enhancements on the Imeji system. [Merge requests](https://dev.zxicar.us/YandolsZX/Icarus-Imeji/merge_requests) are also welcome.
# License
See the [LICENSE.md](/LICENSE.md) file.
# Third Party Code Attribution
* The Icarus Imeji Uploader Service uses the [dropzone.js](https://gitlab.com/meno/dropzone) library by Matias Meno. (MIT License)
* The front-end template uses the [Identity](https://html5up.net) template by ajlkn. (CCA 3.0 License)

@ -1,114 +1,116 @@
<?php
//Imeji Uploader Core Code -- Version 2.0 (revision 49) (Migrations Phase 1)
$imejicoreversion = "Icarus_Imeji_V2_Droploader_r49_S_p1";
// Imeji Uploader Core Code -- Version 2.1 (revision 54) (Uploader Filename Randomizer Algorithm Update)
//
// Core Variables. Don't change unless you know what you're doing.
$imejicoreversion = "Icarus_Imeji_V2.1_Droploader_r54";
$target_dir = "public/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
// Check if uploaded image file is a actual image or fake image with masked extension.
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
//echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
//echo "File is not an image.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
}
// Check if file already exists
// Check whether a file with the same name already exists on server or not for security reasons.
if (file_exists($target_file)) {
//echo "Sorry, file already exists.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Check file size (Currently Max 6MB)
// Check file size. (Imeji Standard Max is 6MB)
if ($_FILES["fileToUpload"]["size"] > 6291456) {
//echo "Sorry, your file is too large. (Max is 6MB)";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Allow certain file formats
// Fixed uppercase rejection bug in 1.1a
// Allow only certain file formats.
// 1.1a -- Fixed uppercase rejection bug and allows them.
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
&& $imageFileType != "gif" && $imageFileType != "svg"
&& $imageFileType != "GIF" && $imageFileType != "SVG" ) {
//echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
// Check if $uploadOk is set to 0 by an error
// Check if $uploadOk is set to 0 by an error, if so go to failure condition.
if ($uploadOk == 0) {
//echo "Sorry, your file could not be uploaded.";
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
// if everything is ok, try to upload file
// If everything is ok, try to upload file.
} else {
// 1.2a -- Changed some case-confusing characters such as I and O to web safe symbols.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!$+*';
$random_string_length = 12;
// 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
// 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
// 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
$random_string_length = 11;
$randomFilename = '';
for ($i = 0; $i < $random_string_length; $i++) {
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
}
//$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
//$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
// Day-base identifiers (Implemented in v1.3_0)
if (date('D') == 'Sun') {
$dayId = 'Q';
} else if (date('D') == 'Mon') {
$dayId = 'a';
} else if (date('D') == 'Tue') {
$dayId = 'z';
} else if (date('D') == 'Wed') {
$dayId = '2';
} else if (date('D') == 'Thu') {
$dayId = 'W';
} else if (date('D') == 'Fri') {
$dayId = 's';
} else if (date('D') == 'Sat') {
$dayId = 'x';
} else {
$dayId = '0';
}
// Hour-base identifiers (Implemented in v1.3_0 / Changed in v1.3_2)
if ((date('H') >= '00') && (date('H') <= '03')) {
$hourId = '3';
} else if ((date('H') >= '04') && (date('H') <= '07')) {
$hourId = 'E';
} else if ((date('H') >= '08') && (date('H') <= '11')) {
$hourId = 'd';
} else if ((date('H') >= '12') && (date('H') <= '15')) {
$hourId = '4';
} else if ((date('H') >= '16') && (date('H') <= '19')) {
$hourId = 'R';
} else if ((date('H') >= '20') && (date('H') <= '23')) {
$hourId = 'f';
} else {
$hourId = 'z';
}
// Finalize file upload and return output to user.
// Old line: $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v1.3, kept for instaneous rollback safety.
$newfilename = $dayId . $hourId . $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
$newtarget = $target_dir . $newfilename;
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
chmod("$newtarget", 0775); // Set read and write permissions if file
//echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
chmod("$newtarget", 0775); // Set read and write permissions on file
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
//$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
//$respondingcode = http_response_code();
//return $respondingcode;
//$droploaddata = header('Location: https://i.zxicar.us/' . $newfilename);
//$droploaddata = '{ "Location": "https://i.zxicar.us/' . $newfilename . '" }';
//header('Content-type: application/json');
//echo $droploaddata;
//return;
header('Content-type: application/json');
echo json_encode([
"location" => "https://i.yandols.xyz/{$newfilename}"
]);
return;
//header('Location: https://i.zxicar.us/' . $newfilename);
//return;
//header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
//header('Location: ../imeji/' . $newtarget); --changed as of v0.7
//header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
} else {
//echo "Sorry, there was a problem uploading your file.";
//header('Location: ./failed.php');
header('HTTP/1.1 400 Bad Request', true, 400);
http_response_code(400);
//echo 400;
return;
}
}

@ -10,19 +10,19 @@
<meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no" />
<title>Error - Icarus Imeji Service</title>
<link rel="shortcut icon" href="https://imeji.yandols.xyz/assets/images/favicon.ico">
<link rel="icon" type="image/png" href="https://imeji.yandols.xyz/assets/images/favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="https://imeji.yandols.xyz/assets/images/favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-152x152.png" />
<link rel="shortcut icon" href="assets/images/favicon.ico">
<link rel="icon" type="image/png" href="assets/images/favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="assets/images/favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="assets/images/apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/images/apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/images/apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/images/apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="assets/images/apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="assets/images/apple-touch-icon-152x152.png" />
<meta name="application-name" content="Icarus Imeji"/>
<meta name="msapplication-TileColor" content="#FFFFFF" />
<meta name="msapplication-TileImage" content="https://imeji.yandols.xyz/assets/images/mstile-144x144.png" />
<meta name="msapplication-TileImage" content="assets/images/mstile-144x144.png" />
<link rel="stylesheet" href="public/assets/css/main.css" />
<noscript><link rel="stylesheet" href="public/assets/css/noscript.css" /></noscript>

@ -1,7 +1,7 @@
<!DOCTYPE HTML>
<!--
New Icarus Imeji Uploader by YandolsZX
Icarus Front-end version 2.0S
Icarus Front-end version 2.1S
Template "Identity" by @ajlkn, licensed under under the CCA 3.0 license (html5up.net/license)
Droploader "DropzoneJS" by Matias Meno
-->
@ -11,42 +11,35 @@
<meta name="description" content="Icarus Imeji Uploader is a Free Image Uploading and Hosting Service by Locaria Technologies." />
<meta name="keywords" content="Icarus Imeji Uploader is a Free Image Uploading and Hosting Service by Locaria Technologies" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<!--[if lte IE 8]><script src="https://imeji.yandols.xyz/assets/js/html5shiv.js"></script><![endif]-->
<link rel="stylesheet" href="https://imeji.yandols.xyz/assets/css/main.css" />
<!--[if lte IE 9]><link rel="stylesheet" href="https://imeji.yandols.xyz/assets/css/ie9.css" /><![endif]-->
<!--[if lte IE 8]><link rel="stylesheet" href="https://imeji.yandols.xyz/assets/css/ie8.css" /><![endif]-->
<noscript><link rel="stylesheet" href="https://imeji.yandols.xyz/assets/css/noscript.css" /></noscript>
<!--[if lte IE 8]><script src="assets/js/html5shiv.js"></script><![endif]-->
<link rel="stylesheet" href="assets/css/main.css" />
<!--[if lte IE 9]><link rel="stylesheet" href="assets/css/ie9.css" /><![endif]-->
<!--[if lte IE 8]><link rel="stylesheet" href="assets/css/ie8.css" /><![endif]-->
<noscript><link rel="stylesheet" href="assets/css/noscript.css" /></noscript>
<title>Icarus Imeji Uploader</title>
<link rel="shortcut icon" href="https://imeji.yandols.xyz/assets/images/favicon.ico">
<link rel="icon" type="image/png" href="https://imeji.yandols.xyz/assets/images/favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="https://imeji.yandols.xyz/assets/images/favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="https://imeji.yandols.xyz/assets/images/apple-touch-icon-152x152.png" />
<link rel="shortcut icon" href="assets/images/favicon.ico">
<link rel="icon" type="image/png" href="assets/images/favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="assets/images/favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="assets/images/apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/images/apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/images/apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/images/apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="assets/images/apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="assets/images/apple-touch-icon-152x152.png" />
<meta name="application-name" content="Icarus Imeji"/>
<meta name="msapplication-TileColor" content="#FFFFFF" />
<meta name="msapplication-TileImage" content="https://imeji.yandols.xyz/assets/images/mstile-144x144.png" />
<meta name="msapplication-TileColor" content="#ff89c9" />
<meta name="msapplication-TileImage" content="assets/images/mstile-144x144.png" />
<meta name="theme-color" content="#ff89c9">
<meta property="og:title" content="Icarus Imeji Uploader" />
<meta property="og:description" content="Icarus Imeji Uploader is a Free Image Uploading and Hosting Service by Locaria Technologies." />
<meta property="og:image" content="https://imeji.yandols.xyz/assets/images/mstile-144x144.png" />
<meta property="og:image" content="assets/images/mstile-144x144.png" />
<meta property="og:image:height" content="144" />
<meta property="og:image:width" content="144" />
<!--
<link rel="stylesheet" type="text/css" href="styler/normalize.css" />
<link rel="stylesheet" type="text/css" href="styler/demo.css" />
<link rel="stylesheet" type="text/css" href="styler/component.css" />
<link rel="stylesheet" type="text/css" href="styler/additional.css" />
-->
<link rel="stylesheet" type="text/css" href="addonstyle/basic.css" />
<link rel="stylesheet" type="text/css" href="addonstyle/dropzone.css" />
<link rel="stylesheet" type="text/css" href="assets/droploader/basic.css" />
<link rel="stylesheet" type="text/css" href="assets/droploader/dropzone.css" />
</head>
<body class="is-loading">
@ -57,51 +50,14 @@
<!-- Main -->
<section id="main">
<header>
<span class="avatar"><img src="https://imeji.yandols.xyz/assets/images/apple-touch-icon-57x57.png" alt="Icarus Imeji Uploader" /></span>
<span class="avatar"><img src="assets/images/apple-touch-icon-57x57.png" alt="Icarus Imeji Uploader" /></span>
<form action="dropload.php" class="dropzone" id="iv-dropzone" method="post" enctype="multipart/form-data">
<div class="fallback">
<input name="file" id="file" type="file" />
</div>
</form>
</header>
<!--
<hr />
<h2>Extra Stuff!</h2>
<form method="post" action="#">
<div class="field">
<input type="text" name="name" id="name" placeholder="Name" />
</div>
<div class="field">
<input type="email" name="email" id="email" placeholder="Email" />
</div>
<div class="field">
<div class="select-wrapper">
<select name="department" id="department">
<option value="">Department</option>
<option value="sales">Sales</option>
<option value="tech">Tech Support</option>
<option value="null">/dev/null</option>
</select>
</div>
</div>
<div class="field">
<textarea name="message" id="message" placeholder="Message" rows="4"></textarea>
</div>
<div class="field">
<input type="checkbox" id="human" name="human" /><label for="human">I'm a human</label>
</div>
<div class="field">
<label>But are you a robot?</label>
<input type="radio" id="robot_yes" name="robot" /><label for="robot_yes">Yes</label>
<input type="radio" id="robot_no" name="robot" /><label for="robot_no">No</label>
</div>
<ul class="actions">
<li><a href="#" class="button">Get Started</a></li>
</ul>
</form>
<hr />
-->
<footer>
<ul class="actions">
<li>Accepted Files: <a>JP(e)G</a>, <a>PNG</a>, <a>GIF</a>.</li><br/>
@ -120,7 +76,7 @@
<!-- Footer -->
<footer id="footer">
<ul class="copyright">
<li>Icarus Imeji Uploader 2.0S by Yandols ZeonX<br/><br/>Copyright &copy;
<li>Icarus Imeji Uploader 2.1S by Yandols ZeonX<br/><br/>Copyright &copy;
<?php
$fromYear = 2016;
$thisYear = (int)date('Y');
@ -139,18 +95,14 @@
</div>
<!-- Scripts -->
<!--[if lte IE 8]><script src="https://imeji.yandols.xyz/assets/js/respond.min.js"></script><![endif]-->
<!--[if lte IE 8]><script src="assets/js/respond.min.js"></script><![endif]-->
<script>
if ('addEventListener' in window) {
window.addEventListener('load', function() { document.body.className = document.body.className.replace(/\bis-loading\b/, ''); });
document.body.className += (navigator.userAgent.match(/(MSIE|rv:11\.0)/) ? ' is-ie' : '');
}
</script>
<!-- <script src="styler/custom-file-input.js"></script> -->
<script src="addonstyle/dropzone.js"></script>
<script src="assets/droploader/dropzone.js"></script>
</body>
</html>

@ -4,22 +4,22 @@
<meta charset="UTF-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="description" content="Icarus Imeji Uploader is a Free Image Uploading and Hosting Service by Locaria Technologies." />
<meta name="keywords" content="I.C.A.R.U.S. Icarus Imeji Uploader Free Image Uploading and Hosting Service Locaria Technologies" />
<meta name="keywords" content="Icarus Imeji Uploader Free Image Uploading and Hosting Service Locaria Technologies" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="theme-color" content="#ff89c9">
<title>Icarus Imeji Uploader v1.2a (Legacy)</title>
<link rel="shortcut icon" href="../favicon.ico">
<link rel="icon" type="image/png" href="../favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="../favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="../apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="../apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="../apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="../apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="../apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="../apple-touch-icon-152x152.png" />
<meta name="application-name" content="I.C.A.R.U.S."/>
<meta name="msapplication-TileColor" content="#FFFFFF" />
<meta name="msapplication-TileImage" content="../mstile-144x144.png" />
<title>Icarus Imeji Uploader v1.3_2 (Legacy)</title>
<link rel="shortcut icon" href="assets/images/favicon.ico">
<link rel="icon" type="image/png" href="assets/images/favicon-32x32.png" sizes="32x32" />
<link rel="icon" type="image/png" href="assets/images/favicon-16x16.png" sizes="16x16" />
<link rel="apple-touch-icon-precomposed" sizes="57x57" href="assets/images/apple-touch-icon-57x57.png" />
<link rel="apple-touch-icon-precomposed" sizes="114x114" href="assets/images/apple-touch-icon-114x114.png" />
<link rel="apple-touch-icon-precomposed" sizes="72x72" href="assets/images/apple-touch-icon-72x72.png" />
<link rel="apple-touch-icon-precomposed" sizes="144x144" href="assets/images/apple-touch-icon-144x144.png" />
<link rel="apple-touch-icon-precomposed" sizes="120x120" href="assets/images/apple-touch-icon-120x120.png" />
<link rel="apple-touch-icon-precomposed" sizes="152x152" href="assets/images/apple-touch-icon-152x152.png" />
<meta name="application-name" content="Icarus Imeji (Legacy)"/>
<meta name="msapplication-TileColor" content="#ff89c9" />
<meta name="msapplication-TileImage" content="assets/images/mstile-144x144.png" />
<link rel="stylesheet" type="text/css" href="styler/normalize.css" />
<link rel="stylesheet" type="text/css" href="styler/demo.css" />
@ -42,24 +42,20 @@
<div class="box">
<form action="upload.php" method="post" enctype="multipart/form-data">
<input type="file" name="fileToUpload" id="fileToUpload" class="inputfile inputfile-2" data-multiple-caption="{count} files selected" multiple >
<label for="fileToUpload"><svg xmlns="http://www.w3.org/2000/svg" width="20" height="17" viewBox="0 0 20 17"><path d="M10 0l-5.2 4.9h3.3v5.1h3.8v-5.1h3.3l-5.2-4.9zm9.3 11.5l-3.2-2.1h-2l3.4 2.6h-3.5c-.1 0-.2.1-.2.1l-.8 2.3h-6l-.8-2.2c-.1-.1-.1-.2-.2-.2h-3.6l3.4-2.6h-2l-3.2 2.1c-.4.3-.7 1-.6 1.5l.6 3.1c.1.5.7.9 1.2.9h16.3c.6 0 1.1-.4 1.3-.9l.6-3.1c.1-.5-.2-1.2-.7-1.5z"/></svg> <span>Choose a file&hellip;</span></label>
<br /><br />
<input type="submit" value="Upload Image" name="submit" class="btn btn-big red">
</form>
</div>
<footer>
<hr />
<br />Icarus Imeji Uploader v1.2a (Legacy)
<br />Icarus Imeji Uploader v1.3_2 (Legacy)
<br />For use on legacy devices that don't support the new droploader.
<br />Use the <a href="https://imeji.zxicar.us">new droploader version</a> on the main page whenever possible.
<br />Use the <a href="https://imeji.yandols.xyz">new droploader version</a> on the main page whenever possible.
<br />
<br /><a href="https://gist.github.com/Yandols/cd7d5e6d24d4dbffd80aa3ebbeeaef8c" target="_blank">ShareX Support</a>
<a href="./tos.php">Terms of Service</a>
<a href="./tos.php#privacy">Privacy Policy</a>
<a href="./removal.php">Removal Request</a>
<!--<br />For ShareX support <a href="https://gist.github.com/Yandols/cd7d5e6d24d4dbffd80aa3ebbeeaef8c" target="_blank">click here</a>.
For image removal purposes <a href="./removal.php">click here</a>.-->
<!-- <br />Upload icon by <a href="http://www.flaticon.com/free-icon/outbox_3686" target="_blank">FlatIcon</a>. -->
<!-- <br /><small>FMLS Access: <a href="./listprivate.php">Area 1</a> • <a href="./list.php">Area 2</a></small> -->
<br />Copyright &copy; 2016 Locaria Technologies.
</footer>
</div>

@ -3,27 +3,17 @@ ErrorDocument 403 /403.php
ErrorDocument 404 /404.php
Options -Indexes
# HTTPS Redirection
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# Force Uploaded Imejis to load via HTTP instead of HTTPS due to backwards compatibility problem on some platforms.
# SHOULD no longer be needed after the switch to LetsEncrypt on 31/07/2016
#RewriteCond %{HTTPS} on
#ReWriteCond %{REQUEST_URI} \w(\.png|\.jpeg|\.jpg|\.gif)$
#RewriteRule ^(.*)$ http://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Hackerbots Prevention
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^ZmEu [OR]
RewriteCond %{HTTP_USER_AGENT} (.*)Msqq(.*)
RewriteRule .* http://www.urbandictionary.com/define.php?term=fuck+you [R=301,L]
#Preventing Public Access to assets folder
#RedirectMatch 403 ^/assets/?$
#Allow linking asset elemets across subdomains
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"

@ -1,12 +1,14 @@
<?php
//Imeji Uploader Core Code -- Version 1.2b (Migrations Phase 1)
$imejicoreversion = "imeji_v1.2b_S_p1";
// Imeji Uploader Core Code -- Version 1.3 (Uploader Filename Randomizer Algorithm Update)
//
// Core Variables. Don't change unless you know what you're doing.
$imejicoreversion = "imeji_v1.3_2";
$target_dir = "public/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$target_filenameonly = basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
// Check if uploaded image file is a actual image or fake image with masked extension.
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
@ -18,20 +20,20 @@ if(isset($_POST["submit"])) {
header('Location: ./failed.php');
}
}
// Check if file already exists
// Check whether a file with the same name already exists on server or not for security reasons.
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
header('Location: ./failed.php');
}
// Check file size (Currently Max 6MB)
// Check file size. (Imeji Standard Max is 6MB)
if ($_FILES["fileToUpload"]["size"] > 6291456) {
echo "Sorry, your file is too large. (Max is 6MB)";
$uploadOk = 0;
header('Location: ./failed.php');
}
// Allow certain file formats
// Fixed uppercase rejection bug in 1.1a
// Allow only certain file formats.
// 1.1a -- Fixed uppercase rejection bug and allows them.
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG"
&& $imageFileType != "gif" && $imageFileType != "svg"
@ -40,35 +42,67 @@ if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg
$uploadOk = 0;
header('Location: ./failed.php');
}
// Check if $uploadOk is set to 0 by an error
// Check if $uploadOk is set to 0 by an error, if so go to failure condition.
if ($uploadOk == 0) {
echo "Sorry, your file could not be uploaded.";
header('Location: ./failed.php');
// if everything is ok, try to upload file
// If everything is ok, try to upload file.
} else {
// 1.2a -- Changed some case-confusing characters such as I and O to web safe symbols.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!$+*';
$random_string_length = 12;
// 1.2a --- Changed some case-confusing characters such as I and O to web safe symbols.
// 1.3 ---- Removed some problematic symbol characters that can break CMS such as + and $.
// 1.3_0 -- Changed the filename randomizer algorithm to compensate for characters pool reduction to 62 from 64.
$characters = 'abcdefghjklmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ1234567890-_!*';
$random_string_length = 11;
$randomFilename = '';
for ($i = 0; $i < $random_string_length; $i++) {
$randomFilename .= $characters[rand(0, strlen($characters) - 1)];
}
//$newfilename = time() . '_' . rand(1000000, 9999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.6b
//$newfilename = time() . '_' . rand(100, 999) . '_' . rand(100000000, 999999999) . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v0.8
$newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
// Day-base identifiers (Implemented in v1.3_0)
if (date('D') == 'Sun') {
$dayId = 'Q';
} else if (date('D') == 'Mon') {
$dayId = 'a';
} else if (date('D') == 'Tue') {
$dayId = 'z';
} else if (date('D') == 'Wed') {
$dayId = '2';
} else if (date('D') == 'Thu') {
$dayId = 'W';
} else if (date('D') == 'Fri') {
$dayId = 's';
} else if (date('D') == 'Sat') {
$dayId = 'x';
} else {
$dayId = '0';
}
// Hour-base identifiers (Implemented in v1.3_0 / Changed in v1.3_2)
if ((date('H') >= '00') && (date('H') <= '03')) {
$hourId = '3';
} else if ((date('H') >= '04') && (date('H') <= '07')) {
$hourId = 'E';
} else if ((date('H') >= '08') && (date('H') <= '11')) {
$hourId = 'd';
} else if ((date('H') >= '12') && (date('H') <= '15')) {
$hourId = '4';
} else if ((date('H') >= '16') && (date('H') <= '19')) {
$hourId = 'R';
} else if ((date('H') >= '20') && (date('H') <= '23')) {
$hourId = 'f';
} else {
$hourId = 'z';
}
// Finalize file upload and return output to user.
// Old line: $newfilename = $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"])); --prior to v1.3, kept for instaneous rollback safety.
$newfilename = $dayId . $hourId . $randomFilename . '.' . end(explode(".",$_FILES["fileToUpload"]["name"]));
$newtarget = $target_dir . $newfilename;
//if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $newtarget)) {
chmod("$newtarget", 0775); // Set read and write permissions if file
chmod("$newtarget", 0775); // Set read and write permissions on file
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
$uploaderlog = "" . date('U') . ", ". date('Y-m-d H:i:s e') . ", $_SERVER[REMOTE_ADDR], $newfilename" . ", " . $imejicoreversion . ", $_SERVER[HTTP_USER_AGENT]";
//$uploaderlog = "Unix Time: " . date('U') . ", Logical Time: ". date('Y-m-d H:i:s e') . ", IP Address: $_SERVER[REMOTE_ADDR], Filename: $newfilename" . ", User Agent: $_SERVER[HTTP_USER_AGENT], Referer: $_SERVER[HTTP_REFERER]"; --simplified in v0.9e
file_put_contents('uploads.log', $uploaderlog . PHP_EOL, FILE_APPEND);
header('Location: https://i.yandols.xyz/' . $newfilename);
//header('Location: http://i.zxicar.us/' . $newfilename); --switched to HTTPS as of v0.9d
//header('Location: ../imeji/' . $newtarget); --changed as of v0.7
//header('Location: http://zxicar.us/imeji/'.basename( $_FILES["fileToUpload"]["name"])); --changed as of v0.2
} else {
// If anything wrong here, go to failure condition.
echo "Sorry, there was a problem uploading your file.";
header('Location: ./failed.php');
}

Loading…
Cancel
Save