aiden
/
anonupload
mirror of https://github.com/Supernova3339/anonupload
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Apply fixes from StyleCI

Browse Source
pull/31/head
StyleCI Bot 3 years ago
parent a0fe631a72
commit 8a67f48d75
No known key found for this signature in database
GPG Key ID: E4A5316DFBB23575
16 changed files with 501 additions and 497 deletions
Show Stats Download Patch File Download Diff File

2
admin/captcha.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php <?php
session_start(); session_start();
// Generate random 6 character string // Generate random 6 character string
$captcha_code = substr(str_shuffle('01234567890123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'), 0, 6); $captcha_code = substr(str_shuffle('01234567890123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz'), 0, 6);
@ -37,4 +38,3 @@ for($i = 0; $i < count($captcha_code_chars); $i++) {
header('Content-type: image/png'); header('Content-type: image/png');
imagepng($final_image); imagepng($final_image);
imagedestroy($final_image); imagedestroy($final_image);
?>

23
admin/check.php
Unescape Escape View File

@ -1,37 +1,40 @@
<?php <?php
// Get Configuration // Get Configuration
require '../system/config.php'; require '../system/config.php';
// Get Dashboard URL // Get Dashboard URL
$url = $file_url_destination."/admin/dashboard"; $url = $file_url_destination.'/admin/dashboard';
// (A) START SESSION // (A) START SESSION
session_start(); session_start();
// (B) HANDLE LOGIN // (B) HANDLE LOGIN
if (isset($_POST["user"]) && !isset($_SESSION["user"])) { if (isset($_POST['user']) && !isset($_SESSION['user'])) {
// (B1) USERS & PASSWORDS - SET YOUR OWN ! // (B1) USERS & PASSWORDS - SET YOUR OWN !
$users = [ $users = [
email => password // USER AND PASSWORD PULLED FROM CONFIGURATION FILE email => password, // USER AND PASSWORD PULLED FROM CONFIGURATION FILE
]; ];
// (B2) CHECK & VERIFY // (B2) CHECK & VERIFY
if (isset($users[$_POST["user"]])) { if (isset($users[$_POST['user']])) {
// check captcha // check captcha
if ($_SESSION['captcha'] !== $_POST['captcha']) { if ($_SESSION['captcha'] !== $_POST['captcha']) {
header("Location: ?capfail"); header('Location: ?capfail');
exit(0); exit(0);
} }
// end captcha // end captcha
if ($users[$_POST["user"]] == $_POST["password"]) { if ($users[$_POST['user']] == $_POST['password']) {
$_SESSION["user"] = $_POST["user"]; $_SESSION['user'] = $_POST['user'];
} }
} }
// (B3) FAILED LOGIN FLAG // (B3) FAILED LOGIN FLAG
if (!isset($_SESSION["user"])) { $failed = true; } if (!isset($_SESSION['user'])) {
$failed = true;
}
} }
// (C) REDIRECT USER TO DASHBOARD IF SIGNED IN // (C) REDIRECT USER TO DASHBOARD IF SIGNED IN
if (isset($_SESSION["user"])) { if (isset($_SESSION['user'])) {
header("Location: dashboard"); // REDIRECT TO DASHBOARD header('Location: dashboard'); // REDIRECT TO DASHBOARD
exit(); exit();
} }

38
admin/dashboard/files.php
Unescape Escape View File

@ -1,6 +1,6 @@
<?php <?php
include 'main.php'; include 'main.php';
$dir = "../../files/"; $dir = '../../files/';
/* /*
ini_set('display_errors', 1); ini_set('display_errors', 1);
ini_set('display_startup_errors', 1); ini_set('display_startup_errors', 1);
@ -42,16 +42,14 @@ if (isset($_GET['error_msg'])) {
} }
} }
// filelist // filelist
function list_directory_files($dir) { function list_directory_files($dir)
{
if (is_dir($dir)) { if (is_dir($dir)) {
if ($handle = opendir($dir)) { if ($handle = opendir($dir)) {
while (($file = readdir($handle)) !== false) { while (($file = readdir($handle)) !== false) {
if ($file != "." && $file != ".." && $file != "Thumbs.db" && $file != "index.php") { if ($file != '.' && $file != '..' && $file != 'Thumbs.db' && $file != 'index.php') {
echo '<tr>'; echo '<tr>';
echo '<td>'; echo '<td>';
echo $file; echo $file;
@ -61,20 +59,17 @@ function list_directory_files($dir) {
echo '<a class="link1" href="?delete&file='.$dir.''.$file.'">Delete</a>'; echo '<a class="link1" href="?delete&file='.$dir.''.$file.'">Delete</a>';
echo '</td>'; echo '</td>';
echo '</tr>'; echo '</tr>';
} }
} }
closedir($handle); closedir($handle);
} }
} }
} }
// download file // download file
if(isset($_GET['path'])) if (isset($_GET['path'])) {
{
//Read the url //Read the url
$url = $_GET['path']; $url = $_GET['path'];
@ -98,32 +93,27 @@ flush();
readfile($url, true); readfile($url, true);
//Terminate from the script //Terminate from the script
die(); exit();
} } else {
else{
// do nothing // do nothing
} }
} }
// do nothing // do nothing
if (isset($_GET['delete'], $_GET['file'])) { if (isset($_GET['delete'], $_GET['file'])) {
$delfile = $_GET['file']; $delfile = $_GET['file'];
/* /*
header("Location: $delfile"); header("Location: $delfile");
*/ */
If (unlink($delfile)) { if (unlink($delfile)) {
// file was successfully deleted // file was successfully deleted
header("Refresh:0 url=files.php?success_msg=1"); header('Refresh:0 url=files.php?success_msg=1');
} else { } else {
// there was a problem deleting the file // there was a problem deleting the file
header("Refresh:0 url=files.php?error_msg=1"); header('Refresh:0 url=files.php?error_msg=1');
} }
} }
?> ?>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script>
@ -137,22 +127,22 @@ If (unlink($delfile)) {
</div> </div>
<!-- Display Success Alert --> <!-- Display Success Alert -->
<?php if (isset($success_msg)): ?> <?php if (isset($success_msg)) { ?>
<div class="msg success"> <div class="msg success">
<i class="fas fa-check-circle"></i> <i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p> <p><?=$success_msg?></p>
<i class="fas fa-times"></i> <i class="fas fa-times"></i>
</div> </div>
<?php endif; ?> <?php } ?>
<!-- Display Error Message --> <!-- Display Error Message -->
<?php if (isset($error_msg)): ?> <?php if (isset($error_msg)) { ?>
<div class="msg error"> <div class="msg error">
<i class="fa fa-exclamation-triangle"></i> <i class="fa fa-exclamation-triangle"></i>
<p><?=$error_msg?></p> <p><?=$error_msg?></p>
<i class="fas fa-times"></i> <i class="fas fa-times"></i>
</div> </div>
<?php endif; ?> <?php } ?>
<div class="content-block"> <div class="content-block">
<div class="table"> <div class="table">

30
admin/dashboard/index.php
Unescape Escape View File

@ -11,34 +11,35 @@ error_reporting(E_ALL);
?> ?>
<?php <?php
$directory = "../.$file_url_destination./files/"; // dir location $directory = "../.$file_url_destination./files/"; // dir location
if (glob($directory . "*.*") != false) if (glob($directory.'*.*') != false) {
{ $filecount = count(glob($directory.'*.*' && $file != 'index.php'));
$filecount = count(glob($directory. "*.*" && $file != "index.php"));
} }
// file size of upload dir // file size of upload dir
function folderSize($dir){ function folderSize($dir)
{
$count_size = 0; $count_size = 0;
$count = 0; $count = 0;
$dir_array = scandir($dir); $dir_array = scandir($dir);
foreach ($dir_array as $key=>$filename) { foreach ($dir_array as $key=>$filename) {
if($filename!=".." && $filename!="." && $filename!="index.php"){ if ($filename != '..' && $filename != '.' && $filename != 'index.php') {
if(is_dir($dir."/".$filename)){ if (is_dir($dir.'/'.$filename)) {
$new_foldersize = foldersize($dir."/".$filename); $new_foldersize = foldersize($dir.'/'.$filename);
$count_size = $count_size + $new_foldersize; $count_size = $count_size + $new_foldersize;
}else if(is_file($dir."/".$filename)){ } elseif (is_file($dir.'/'.$filename)) {
$count_size = $count_size + filesize($dir."/".$filename); $count_size = $count_size + filesize($dir.'/'.$filename);
$count++; $count++;
} }
} }
} }
return $count_size; return $count_size;
} }
// size converter // size converter
function sizeFormat($bytes){ function sizeFormat($bytes)
{
$kb = 1024; $kb = 1024;
$mb = $kb * 1024; $mb = $kb * 1024;
$gb = $mb * 1024; $gb = $mb * 1024;
@ -46,16 +47,12 @@ $tb = $gb * 1024;
if (($bytes >= 0) && ($bytes < $kb)) { if (($bytes >= 0) && ($bytes < $kb)) {
return $bytes.' B'; return $bytes.' B';
} elseif (($bytes >= $kb) && ($bytes < $mb)) { } elseif (($bytes >= $kb) && ($bytes < $mb)) {
return ceil($bytes / $kb).' KB'; return ceil($bytes / $kb).' KB';
} elseif (($bytes >= $mb) && ($bytes < $gb)) { } elseif (($bytes >= $mb) && ($bytes < $gb)) {
return ceil($bytes / $mb).' MB'; return ceil($bytes / $mb).' MB';
} elseif (($bytes >= $gb) && ($bytes < $tb)) { } elseif (($bytes >= $gb) && ($bytes < $tb)) {
return ceil($bytes / $gb).' GB'; return ceil($bytes / $gb).' GB';
} elseif ($bytes >= $tb) { } elseif ($bytes >= $tb) {
return ceil($bytes / $tb).' TB'; return ceil($bytes / $tb).' TB';
} else { } else {
@ -68,7 +65,7 @@ $plugin_count = count(glob('../../plugins/*', GLOB_ONLYDIR));
// Update checker // Update checker
$PATCH_URL = 'https://raw.githubusercontent.com/Supernova3339/anonfiles/main/'; $PATCH_URL = 'https://raw.githubusercontent.com/Supernova3339/anonfiles/main/';
$version_filename = 'latest.txt?token=GHSAT0AAAAAAB4S7HM4SZGF7VWPABQO3KRSY5FDV4Q'; # REMOVE TOKEN $version_filename = 'latest.txt?token=GHSAT0AAAAAAB4S7HM4SZGF7VWPABQO3KRSY5FDV4Q'; // REMOVE TOKEN
// Get version // Get version
$ch = curl_init($PATCH_URL.$version_filename); $ch = curl_init($PATCH_URL.$version_filename);
@ -136,5 +133,4 @@ $version_filename = 'latest.txt?token=GHSAT0AAAAAAB4S7HM4SZGF7VWPABQO3KRSY5FDV4Q
<script async src="'.plausibledomain.'/js/embed.host.js"></script> '; <script async src="'.plausibledomain.'/js/embed.host.js"></script> ';
} }
template_admin_footer(); template_admin_footer();

29
admin/dashboard/main.php
Unescape Escape View File

@ -1,4 +1,5 @@
<?php <?php
// Check if the user is logged-in // Check if the user is logged-in
include_once '../protect.php'; include_once '../protect.php';
// Read comfiguration file // Read comfiguration file
@ -6,19 +7,20 @@ include_once '../../system/config.php';
// Add/remove roles from the list // Add/remove roles from the list
$roles_list = ['Admin', 'Member']; $roles_list = ['Admin', 'Member'];
// Logout User on '?logout' --> // Logout User on '?logout' -->
if(isset($_GET['logout'])) if (isset($_GET['logout'])) {
{
logout(); logout();
} }
// Logout Function --> // Logout Function -->
function logout(){ function logout()
{
session_destroy(); session_destroy();
header("Location: ../"); header('Location: ../');
exit(); exit();
} }
// Template admin header // Template admin header
function template_admin_header($title, $selected = 'dashboard', $selected_child = '') { function template_admin_header($title, $selected = 'dashboard', $selected_child = '')
{
// Admin HTML links // Admin HTML links
$admin_links = ' $admin_links = '
<a href="index.php"'.($selected == 'dashboard' ? ' class="selected"' : '').'><i class="fas fa-tachometer-alt"></i>Dashboard</a> <a href="index.php"'.($selected == 'dashboard' ? ' class="selected"' : '').'><i class="fas fa-tachometer-alt"></i>Dashboard</a>
@ -57,7 +59,8 @@ echo <<<EOT
EOT; EOT;
} }
// Template admin footer // Template admin footer
function template_admin_footer() { function template_admin_footer()
{
// Indenting the below code may cause an error // Indenting the below code may cause an error
echo <<<EOT echo <<<EOT
</main> </main>
@ -129,8 +132,9 @@ echo <<<EOT
EOT; EOT;
} }
// Convert date to elapsed string function // Convert date to elapsed string function
function time_elapsed_string($datetime, $full = false) { function time_elapsed_string($datetime, $full = false)
$now = new DateTime; {
$now = new DateTime();
$ago = new DateTime($datetime); $ago = new DateTime($datetime);
$diff = $now->diff($ago); $diff = $now->diff($ago);
$diff->w = floor($diff->d / 7); $diff->w = floor($diff->d / 7);
@ -143,15 +147,18 @@ function time_elapsed_string($datetime, $full = false) {
unset($string[$k]); unset($string[$k]);
} }
} }
if (!$full) $string = array_slice($string, 0, 1); if (!$full) {
$string = array_slice($string, 0, 1);
}
return $string ? implode(', ', $string).' ago' : 'just now'; return $string ? implode(', ', $string).' ago' : 'just now';
} }
function str_to_version_info($string) function str_to_version_info($string)
{ {
$latest_version = FALSE; $latest_version = false;
if (preg_match('/^\s*?(\d+\.\d+\.\d+)/i', $string, $match)) { if (preg_match('/^\s*?(\d+\.\d+\.\d+)/i', $string, $match)) {
$latest_version = $match[1]; $latest_version = $match[1];
} }
return $latest_version; return $latest_version;
} }
?>

15
admin/dashboard/settings.php
Unescape Escape View File

@ -5,12 +5,15 @@ $file = '../../system/config.php';
// Open the configuration file for reading // Open the configuration file for reading
$contents = file_get_contents($file); $contents = file_get_contents($file);
// Format key function // Format key function
function format_key($key) { function format_key($key)
{
$key = str_replace(['_', 'url', 'db ', ' pass', ' user'], [' ', 'URL', 'Database ', ' Password', ' Username'], strtolower($key)); $key = str_replace(['_', 'url', 'db ', ' pass', ' user'], [' ', 'URL', 'Database ', ' Password', ' Username'], strtolower($key));
return ucwords($key); return ucwords($key);
} }
// Format HTML output function // Format HTML output function
function format_var_html($key, $value) { function format_var_html($key, $value)
{
$html = ''; $html = '';
$type = 'text'; $type = 'text';
$value = htmlspecialchars(trim($value, '\''), ENT_QUOTES); $value = htmlspecialchars(trim($value, '\''), ENT_QUOTES);
@ -22,10 +25,12 @@ function format_var_html($key, $value) {
$html .= '<input type="hidden" name="'.$key.'" value="false">'; $html .= '<input type="hidden" name="'.$key.'" value="false">';
} }
$html .= '<input type="'.$type.'" name="'.$key.'" id="'.$key.'" value="'.$value.'" placeholder="'.format_key($key).'"'.$checked.'>'; $html .= '<input type="'.$type.'" name="'.$key.'" id="'.$key.'" value="'.$value.'" placeholder="'.format_key($key).'"'.$checked.'>';
return $html; return $html;
} }
// Format form // Format form
function format_form($contents) { function format_form($contents)
{
$rows = explode("\n", $contents); $rows = explode("\n", $contents);
echo '<div class="tab-content active">'; echo '<div class="tab-content active">';
for ($i = 0; $i < count($rows); $i++) { for ($i = 0; $i < count($rows); $i++) {
@ -62,13 +67,13 @@ if (isset($_GET['success_msg'])) {
<h2>Settings</h2> <h2>Settings</h2>
<?php if (isset($success_msg)): ?> <?php if (isset($success_msg)) { ?>
<div class="msg success"> <div class="msg success">
<i class="fas fa-check-circle"></i> <i class="fas fa-check-circle"></i>
<p><?=$success_msg?></p> <p><?=$success_msg?></p>
<i class="fas fa-times"></i> <i class="fas fa-times"></i>
</div> </div>
<?php endif; ?> <?php } ?>

4
admin/index.php
Unescape Escape View File

@ -1,6 +1,6 @@
<?php <?php
// (A) LOGIN CHECKS // (A) LOGIN CHECKS
require "check.php"; require 'check.php';
?> ?>
<head> <head>
<title>Login</title> <title>Login</title>
@ -53,7 +53,7 @@ require "check.php";
</div> </div>
<?php } ?> <?php } ?>
<!-- invalid captcha --> <!-- invalid captcha -->
<?php if (isset($_GET["capfail"])) { ?> <?php if (isset($_GET['capfail'])) { ?>
<div class="alert alert-danger shadow" data-dismiss="alert" role="alert" style="border-left:#721C24 5px solid; border-radius: 0px"> <div class="alert alert-danger shadow" data-dismiss="alert" role="alert" style="border-left:#721C24 5px solid; border-radius: 0px">
<button type="button" class="close" data-dismiss="alert" aria-label="Close"> <button type="button" class="close" data-dismiss="alert" aria-label="Close">

9
admin/protect.php
Unescape Escape View File

@ -1,12 +1,15 @@
<?php <?php
// (A) START SESSION // (A) START SESSION
session_start(); session_start();
// (B) LOGOUT REQUEST // (B) LOGOUT REQUEST
if (isset($_POST["logout"])) { unset($_SESSION["user"]); } if (isset($_POST['logout'])) {
unset($_SESSION['user']);
}
// (C) REDIRECT TO LOGIN PAGE IF NOT LOGGED IN // (C) REDIRECT TO LOGIN PAGE IF NOT LOGGED IN
if (!isset($_SESSION["user"])) { if (!isset($_SESSION['user'])) {
header("Location: ../"); header('Location: ../');
exit(); exit();
} }

12
api.php
Unescape Escape View File

@ -4,17 +4,17 @@
$code = isset($_GET['code']) ? $_GET['code'] : ''; $code = isset($_GET['code']) ? $_GET['code'] : '';
// If the code isn't in the correct format, CloudFlare will throw a 1020 // If the code isn't in the correct format, CloudFlare will throw a 1020
if (!preg_match("/^([a-f0-9]{8})-(([a-f0-9]{4})-){3}([a-f0-9]{12}) *$/i", $code)) { if (!preg_match('/^([a-f0-9]{8})-(([a-f0-9]{4})-){3}([a-f0-9]{12}) *$/i', $code)) {
http_response_code(403); http_response_code(403);
echo "error code: 1020"; echo 'error code: 1020';
die; exit;
} }
header('Content-Type: application/json; charset=utf-8'); header('Content-Type: application/json; charset=utf-8');
// Handle valid codes // Handle valid codes
if ($code == "86781236-23d0-4b3c-7dfa-c1c147e0dece") { if ($code == '86781236-23d0-4b3c-7dfa-c1c147e0dece') {
echo <<<EOD echo <<<'EOD'
{ {
"amount": "19.84", "amount": "19.84",
"sold_at": "2016-09-07T10:54:28+10:00", "sold_at": "2016-09-07T10:54:28+10:00",
@ -39,7 +39,7 @@ EOD;
// Handle invalid codes // Handle invalid codes
else { else {
http_response_code(404); http_response_code(404);
echo <<<EOD echo <<<'EOD'
{ {
"error": 404, "error": 404,
"description": "No sale belonging to the current user found with that code" "description": "No sale belonging to the current user found with that code"

10
download.php
Unescape Escape View File

@ -1,7 +1,8 @@
<?php <?php
require_once(__DIR__ . '/system/core.class.php'); require_once __DIR__.'/system/core.class.php';
// size convertor // size convertor
function sizeFormat($bytes){ function sizeFormat($bytes)
{
$kb = 1024; $kb = 1024;
$mb = $kb * 1024; $mb = $kb * 1024;
$gb = $mb * 1024; $gb = $mb * 1024;
@ -9,16 +10,12 @@ $tb = $gb * 1024;
if (($bytes >= 0) && ($bytes < $kb)) { if (($bytes >= 0) && ($bytes < $kb)) {
return $bytes.' B'; return $bytes.' B';
} elseif (($bytes >= $kb) && ($bytes < $mb)) { } elseif (($bytes >= $kb) && ($bytes < $mb)) {
return ceil($bytes / $kb).' KB'; return ceil($bytes / $kb).' KB';
} elseif (($bytes >= $mb) && ($bytes < $gb)) { } elseif (($bytes >= $mb) && ($bytes < $gb)) {
return ceil($bytes / $mb).' MB'; return ceil($bytes / $mb).' MB';
} elseif (($bytes >= $gb) && ($bytes < $tb)) { } elseif (($bytes >= $gb) && ($bytes < $tb)) {
return ceil($bytes / $gb).' GB'; return ceil($bytes / $gb).' GB';
} elseif ($bytes >= $tb) { } elseif ($bytes >= $tb) {
return ceil($bytes / $tb).' TB'; return ceil($bytes / $tb).' TB';
} else { } else {
@ -57,7 +54,6 @@ $core = new Core();
<img src="assets/images/logo.png"> <img src="assets/images/logo.png">
<?php <?php
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
} }
?> ?>
<!--<form>--> <!--<form>-->

12
error.php
Unescape Escape View File

@ -1,14 +1,14 @@
<?php <?php
$code = $_SERVER['REDIRECT_STATUS']; $code = $_SERVER['REDIRECT_STATUS'];
$codes = array( $codes = [
403 => 'Forbidden', 403 => 'Forbidden',
404 => '404 Not Found', 404 => '404 Not Found',
500 => 'Internal Server Error' 500 => 'Internal Server Error',
); ];
$source_url = 'http'.((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') ? 's' : '').'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; $source_url = 'http'.((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') ? 's' : '').'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
if (array_key_exists($code, $codes) && is_numeric($code)) { if (array_key_exists($code, $codes) && is_numeric($code)) {
die("Error $code: {$codes[$code]}"); exit("Error $code: {$codes[$code]}");
} else { } else {
die('Unknown error'); exit('Unknown error');
} }
?>

22
index.php
Unescape Escape View File

@ -1,8 +1,9 @@
<?php <?php
require_once(__DIR__ . '/system/core.class.php'); require_once __DIR__.'/system/core.class.php';
require_once(__DIR__ . '/system/config.php'); require_once __DIR__.'/system/config.php';
// size convertor // size convertor
function sizeFormat($bytes){ function sizeFormat($bytes)
{
$kb = 1024; $kb = 1024;
$mb = $kb * 1024; $mb = $kb * 1024;
$gb = $mb * 1024; $gb = $mb * 1024;
@ -10,16 +11,12 @@ $tb = $gb * 1024;
if (($bytes >= 0) && ($bytes < $kb)) { if (($bytes >= 0) && ($bytes < $kb)) {
return $bytes.' B'; return $bytes.' B';
} elseif (($bytes >= $kb) && ($bytes < $mb)) { } elseif (($bytes >= $kb) && ($bytes < $mb)) {
return ceil($bytes / $kb).' KB'; return ceil($bytes / $kb).' KB';
} elseif (($bytes >= $mb) && ($bytes < $gb)) { } elseif (($bytes >= $mb) && ($bytes < $gb)) {
return ceil($bytes / $mb).' MB'; return ceil($bytes / $mb).' MB';
} elseif (($bytes >= $gb) && ($bytes < $tb)) { } elseif (($bytes >= $gb) && ($bytes < $tb)) {
return ceil($bytes / $gb).' GB'; return ceil($bytes / $gb).' GB';
} elseif ($bytes >= $tb) { } elseif ($bytes >= $tb) {
return ceil($bytes / $tb).' TB'; return ceil($bytes / $tb).' TB';
} else { } else {
@ -44,12 +41,11 @@ $core = new Core();
<img src="assets/images/logo.png"> <img src="assets/images/logo.png">
<?php <?php
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
if($core->FileTypeVerification($_FILES["fileToUpload"])){ if ($core->FileTypeVerification($_FILES['fileToUpload'])) {
if($core->FileSizeVerification($_FILES["fileToUpload"])){ if ($core->FileSizeVerification($_FILES['fileToUpload'])) {
$newfilename = $core->FileNameConvertor($_FILES["fileToUpload"]); $newfilename = $core->FileNameConvertor($_FILES['fileToUpload']);
if($core->UploadFile($_FILES["fileToUpload"], $newfilename)){ if ($core->UploadFile($_FILES['fileToUpload'], $newfilename)) {
$destination = base64_encode(file_destination.'/'.$newfilename); $destination = base64_encode(file_destination.'/'.$newfilename); ?>
?>
<div class="notification success"> <div class="notification success">
Success ! Your file are available here: <a href="download.php?file=<?php echo $destination; ?>">download.php?file=<?php echo $destination; ?></a> Success ! Your file are available here: <a href="download.php?file=<?php echo $destination; ?>">download.php?file=<?php echo $destination; ?></a>
</div> </div>

23
installer.php
Unescape Escape View File

@ -5,19 +5,23 @@ $url = 'https://' . $_SERVER['HTTP_HOST'];
$response = ''; $response = '';
/* Install function */ /* Install function */
function install($config_file = 'system/config.php') { function install($config_file = 'system/config.php')
{
$contents = '<?php'.PHP_EOL; $contents = '<?php'.PHP_EOL;
// Write new variables to files // Write new variables to files
foreach ($_POST as $k => $v) { foreach ($_POST as $k => $v) {
if ($k == 'code') continue; if ($k == 'code') {
continue;
}
$v = in_array(strtolower($v), ['true', 'false']) || is_numeric($v) ? strtolower($v) : '\''.$v.'\''; $v = in_array(strtolower($v), ['true', 'false']) || is_numeric($v) ? strtolower($v) : '\''.$v.'\'';
$contents .= 'define(\''.$k.'\','.$v.');'.PHP_EOL; $contents .= 'define(\''.$k.'\','.$v.');'.PHP_EOL;
} }
$contents .= '?>'; $contents .= '?>';
if (!file_put_contents($config_file, $contents)) { if (!file_put_contents($config_file, $contents)) {
return FALSE; return false;
} }
return TRUE;
return true;
} }
/*Verify Purchase Code function*/ /*Verify Purchase Code function*/
@ -29,14 +33,14 @@ function verify($code)
/*add purchase code to the API link*/ /*add purchase code to the API link*/
$purchase_code = $code; $purchase_code = $code;
$url = "https://dl.supers0ft.us/anonuptest/api.php?code=".$purchase_code; $url = 'https://dl.supers0ft.us/anonuptest/api.php?code='.$purchase_code;
$curl = curl_init($url); $curl = curl_init($url);
/*Set your personal token*/ /*Set your personal token*/
// $personal_token = "9COT6mduU2sZSMIlC09aYAQveaRdQ2H9"; // $personal_token = "9COT6mduU2sZSMIlC09aYAQveaRdQ2H9";
/*Correct header for the curl extension*/ /*Correct header for the curl extension*/
$header = array(); $header = [];
$header[] = 'Authorization: Bearer '.$personal_token; $header[] = 'Authorization: Bearer '.$personal_token;
$header[] = 'User-Agent: Purchase code verification'; $header[] = 'User-Agent: Purchase code verification';
$header[] = 'timeout: 20'; $header[] = 'timeout: 20';
@ -59,7 +63,6 @@ function verify($code)
$support_amount = (isset($envatoCheck->support_amount) ? $envatoCheck->support_amount : false); $support_amount = (isset($envatoCheck->support_amount) ? $envatoCheck->support_amount : false);
$item = (isset($envatoCheck->item->previews->landscape_preview->landscape_url) ? $envatoCheck->item->previews->landscape_preview->landscape_url : false); $item = (isset($envatoCheck->item->previews->landscape_preview->landscape_url) ? $envatoCheck->item->previews->landscape_preview->landscape_url : false);
/*Check for Special Characters*/ /*Check for Special Characters*/
if (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬]/', $code)) { if (preg_match('/[\'^£$%&*()}{@#~?><>,|=_+¬]/', $code)) {
return 'Not allowed to use special characters!'; return 'Not allowed to use special characters!';
@ -122,6 +125,7 @@ function verify($code)
if (!install()) { if (!install()) {
return '<h3>Error!</h3><p>Could not write to file! Please check permissions and try again!</a>'; return '<h3>Error!</h3><p>Could not write to file! Please check permissions and try again!</a>';
} }
return " return "
<div class='alert alert-success' role='alert'> <div class='alert alert-success' role='alert'>
<h3>{$envatoCheck->item->name}</h3> <h3>{$envatoCheck->item->name}</h3>
@ -213,7 +217,6 @@ function verify($code)
</div> </div>
"; ";
} }
} }
} }
@ -424,9 +427,9 @@ if ($_POST) {
} }
}; };
}); });
<?php if (!empty($_POST)): ?> <?php if (!empty($_POST)) { ?>
setStep(5); setStep(5);
<?php endif; ?> <?php } ?>
</script> </script>
</body> </body>

35
protect.php
Unescape Escape View File

@ -1,23 +1,24 @@
<?php <?php
$LOGIN_INFORMATION = array( $LOGIN_INFORMATION = [
'user' => 'userpass', 'user' => 'userpass',
'admin' => 'adminpass' 'admin' => 'adminpass',
); ];
define('USE_USERNAME', true); define('USE_USERNAME', true);
define('LOGOUT_URL', 'https://dl.supers0ft.us/logout.php/'); define('LOGOUT_URL', 'https://dl.supers0ft.us/logout.php/');
define('TIMEOUT_MINUTES', 0); define('TIMEOUT_MINUTES', 0);
define('TIMEOUT_CHECK_ACTIVITY', true); define('TIMEOUT_CHECK_ACTIVITY', true);
if (isset($_GET['help'])) { if (isset($_GET['help'])) {
die('Include following code into every page you would like to protect, at the very beginning (first line):<br>&lt;?php include("' . str_replace('\\','\\\\',__FILE__) . '"); ?&gt;'); exit('Include following code into every page you would like to protect, at the very beginning (first line):<br>&lt;?php include("'.str_replace('\\', '\\\\', __FILE__).'"); ?&gt;');
} }
$timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60); $timeout = (TIMEOUT_MINUTES == 0 ? 0 : time() + TIMEOUT_MINUTES * 60);
if (isset($_GET['logout'])) { if (isset($_GET['logout'])) {
setcookie("verify", '', $timeout, '/'); setcookie('verify', '', $timeout, '/');
header('Location: '.LOGOUT_URL); header('Location: '.LOGOUT_URL);
exit(); exit();
} }
if (!function_exists('showLoginPasswordProtect')) { if (!function_exists('showLoginPasswordProtect')) {
function showLoginPasswordProtect($error_msg) { function showLoginPasswordProtect($error_msg)
{
?> ?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
@ -61,7 +62,9 @@ input { border: 1px solid black; }
<p><b> Administration Panel</b></p></div> <p><b> Administration Panel</b></p></div>
<div class="errmessage"> <div class="errmessage">
<font color="#2f80ed"><?php echo $error_msg; ?></font></div> <font color="#2f80ed"><?php echo $error_msg; ?></font></div>
<?php if (USE_USERNAME) echo '<span class="login"></span><br /><input type="input" placeholder="Username" name="access_login" /><br /><span class="pass"></span><br />'; ?> <?php if (USE_USERNAME) {
echo '<span class="login"></span><br /><input type="input" placeholder="Username" name="access_login" /><br /><span class="pass"></span><br />';
} ?>
<input type="password" placeholder="Password" name="access_password" /><p></p> <input type="password" placeholder="Password" name="access_password" /><p></p>
<div class="buttonlogin"><input type="submit" name="join" value="🔒" /></div> <div class="buttonlogin"><input type="submit" name="join" value="🔒" /></div>
</form> </form>
@ -70,7 +73,7 @@ input { border: 1px solid black; }
<!--Login query.--> <!--Login query.-->
<?php <?php
die(); exit();
} }
} }
if (isset($_POST['access_password'])) { if (isset($_POST['access_password'])) {
@ -79,18 +82,16 @@ $pass = $_POST['access_password'];
if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION) if (!USE_USERNAME && !in_array($pass, $LOGIN_INFORMATION)
|| (USE_USERNAME && (!array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass)) || (USE_USERNAME && (!array_key_exists($login, $LOGIN_INFORMATION) || $LOGIN_INFORMATION[$login] != $pass))
) { ) {
showLoginPasswordProtect("Incorrect data."); showLoginPasswordProtect('Incorrect data.');
} } else {
else { setcookie('auth', md5($login.'%'.$pass), $timeout, '/');
setcookie("auth", md5($login.'%'.$pass), $timeout, '/');
unset($_POST['access_login']); unset($_POST['access_login']);
unset($_POST['access_password']); unset($_POST['access_password']);
unset($_POST['Submit']); unset($_POST['Submit']);
} }
} } else {
else {
if (!isset($_COOKIE['auth'])) { if (!isset($_COOKIE['auth'])) {
showLoginPasswordProtect(""); showLoginPasswordProtect('');
} }
$found = false; $found = false;
foreach ($LOGIN_INFORMATION as $key=>$val) { foreach ($LOGIN_INFORMATION as $key=>$val) {
@ -98,13 +99,13 @@ $lp = (USE_USERNAME ? $key : '') .'%'.$val;
if ($_COOKIE['auth'] == md5($lp)) { if ($_COOKIE['auth'] == md5($lp)) {
$found = true; $found = true;
if (TIMEOUT_CHECK_ACTIVITY) { if (TIMEOUT_CHECK_ACTIVITY) {
setcookie("auth", md5($lp), $timeout, '/'); setcookie('auth', md5($lp), $timeout, '/');
} }
break; break;
} }
} }
if (!$found) { if (!$found) {
showLoginPasswordProtect(""); showLoginPasswordProtect('');
} }
} }
?> ?>

3
system/config.php
Unescape Escape View File

@ -52,6 +52,3 @@ define('plausible_embed', $plausibleembed);
define('plausibleembedtoken', $plausibleembedtoken); define('plausibleembedtoken', $plausibleembedtoken);
/* version */ /* version */
define('version', 'v1.0.0'); // DO NOT FORGET TO CHANGE THIS define('version', 'v1.0.0'); // DO NOT FORGET TO CHANGE THIS
?>

27
system/core.class.php
Unescape Escape View File

@ -1,20 +1,23 @@
<?php <?php
require_once 'config.php'; require_once 'config.php';
class core class core
{ {
protected $timestamp; protected $timestamp;
/* /*
* @module File Type Verification * @module File Type Verification
* @desc This Module check if a file is with the correct type (like png or zip). This option can be edit in config file * @desc This Module check if a file is with the correct type (like png or zip). This option can be edit in config file
*/ */
public function FileTypeVerification($file){ public function FileTypeVerification($file)
$filetype_list = array(); {
$type = explode(",", FILELIST); $filetype_list = [];
$type = explode(',', FILELIST);
foreach ($type as $filetype) { foreach ($type as $filetype) {
array_push($filetype_list, $filetype); array_push($filetype_list, $filetype);
} }
$ext = pathinfo($file["name"], PATHINFO_EXTENSION); $ext = pathinfo($file['name'], PATHINFO_EXTENSION);
if (in_array($ext, $filetype_list)) { if (in_array($ext, $filetype_list)) {
return true; return true;
} else { } else {
@ -26,9 +29,10 @@ class core
* @module File Size Verification * @module File Size Verification
* @desc This Module check if the file size is correct or if is too high. This option can be disabled in config file * @desc This Module check if the file size is correct or if is too high. This option can be disabled in config file
*/ */
public function FileSizeVerification($file){ public function FileSizeVerification($file)
{
if (size_verification == true) { if (size_verification == true) {
if($file["size"] < max_size && $file["size"] > min_size){ if ($file['size'] < max_size && $file['size'] > min_size) {
return true; return true;
} else { } else {
return false; return false;
@ -42,15 +46,18 @@ class core
* @module File Name Convertor * @module File Name Convertor
* @desc This Module convert file name into a encrypted name. This option can be disabled in config file * @desc This Module convert file name into a encrypted name. This option can be disabled in config file
*/ */
public function FileNameConvertor($file){ public function FileNameConvertor($file)
{
$TransformFileName = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIKLMNOPQRSTUVWXYZ123456789'), 0, 15); $TransformFileName = substr(str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIKLMNOPQRSTUVWXYZ123456789'), 0, 15);
$filename = $TransformFileName.'-'.basename($_FILES["fileToUpload"]["name"]); $filename = $TransformFileName.'-'.basename($_FILES['fileToUpload']['name']);
return $filename; return $filename;
} }
public function UploadFile($file, $target){ public function UploadFile($file, $target)
{
$newtarget = file_destination.'/'.$target; $newtarget = file_destination.'/'.$target;
if(move_uploaded_file($file["tmp_name"], $newtarget)){ if (move_uploaded_file($file['tmp_name'], $newtarget)) {
return true; return true;
} else { } else {
return false; return false;

Write Preview
Loading…
Cancel
Save