summaryrefslogtreecommitdiff
path: root/upload.php
diff options
context:
space:
mode:
authorGravatar steering72532026-06-24 03:22:20 -0400
committerGravatar steering72532026-06-24 03:22:20 -0400
commit1246a277c17d8b600f9c9b1de7a12ae6fb6da962 (patch)
tree9703871809d1f799c1e690f8fd11805c8b8b0f66 /upload.php
init
Diffstat (limited to 'upload.php')
-rw-r--r--upload.php95
1 files changed, 95 insertions, 0 deletions
diff --git a/upload.php b/upload.php
new file mode 100644
index 0000000..3c0c3a7
--- /dev/null
+++ b/upload.php
@@ -0,0 +1,95 @@
+<?php
+require(__DIR__ . '/.config.php');
+header('Content-Type: text/plain');
+
+if (isset($_GET['df'])) {
+ system("df -h --output=avail / | tail -1");
+ exit;
+}
+
+$c_t = strtolower($_SERVER['HTTP_CONTENT_TYPE'] ?? '');
+if ($c_t == 'multipart/form-data' || 0 === strpos($c_t, 'multipart/form-data;')) {
+ foreach (array_keys($_FILES['file']['size']) as $index) {
+ // remap the array to have the dimensions ordered properly.
+ $file = array();
+ foreach (array_keys($_FILES['file']) as $key) {
+ $file[$key] = $_FILES['file'][$key][$index];
+ }
+ // good, now $file['tmp_name'] exists for example, instead of $_FILES['file']['tmp_name'][$index]...
+
+ if (!is_uploaded_file($file['tmp_name'])) {
+ die_error("Not an uploaded file: $file[tmp_name]");
+ }
+ $hash = hash_file("sha512", $file['tmp_name']);
+ if (FALSE === $hash) {
+ die_error("Unable to hash uploaded file?!");
+ }
+ $filename = $hash . get_extension($file['name']);
+ $filepath = UPLOAD_DIR . '/' . $filename;
+ if (FALSE === move_uploaded_file($file['tmp_name'], $filepath)) {
+ die_error("Renaming uploaded file $file[tmp_name] to $filepath failed");
+ }
+ echo UPLOAD_URL . $filename . "\n";
+ send_notification("[hostfil.es] $_SERVER[REMOTE_ADDR] uploaded $file[full_path] $file[type] -> $filename");
+ }
+} else {
+ $in_fh = fopen('php://input', 'r');
+ $tmp_path = tempnam(UPLOAD_DIR, '.up-');
+ $out_fh = fopen($tmp_path, 'w');
+ if (FALSE === $out_fh) {
+ die_error("Couldn't open temporary file $tmp_path");
+ }
+ $hash = hash_init("sha512");
+ $size = 0;
+ while (!feof($in_fh) && FALSE !== ($data = fread($in_fh, 1024*1024))) {
+ hash_update($hash, $data);
+ $fwrite_status = fwrite($out_fh, $data);
+ if (FALSE === $fwrite_status || $fwrite_status < strlen($data)) {
+ die_error("Outputting to temporary file $tmp_path failed");
+ }
+ $size += $fwrite_status;
+ }
+ fclose($in_fh);
+ if (FALSE === fclose($out_fh)) {
+ die_error("Closing temporary file $tmp_path failed");
+ }
+ $filename = hash_final($hash) . get_extension($_SERVER['PATH_INFO']);
+ $filepath = UPLOAD_DIR . '/' . $filename;
+ if (file_exists($filepath)) {
+ unlink($tmp_path);
+ } else {
+ if (FALSE === rename($tmp_path, $filepath)) {
+ die_error("Renaming temporary file $tmp_path to $filepath failed");
+ }
+ }
+ echo UPLOAD_URL . $filename . "\n";
+ send_notification("[hostfil.es] $_SERVER[REMOTE_ADDR] uploaded $_SERVER[PATH_INFO] $c_t -> $filename");
+}
+
+
+function send_notification($note) {
+ $sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
+ socket_connect($sock, gethostbyname(NOTIFICATION_ADDRESS), NOTIFICATION_PORT);
+ socket_write($sock, $note, strlen($note));
+ socket_close($sock);
+}
+
+
+function die_error($s) {
+ global $tmp_path, $filepath, $size;
+ header('Status: 500 Server Is 💩');
+ echo $s;
+ error_log($s);
+ @$debug = json_encode(array('s'=>$_SERVER, 'f'=>$_FILES, 't'=>$tmp_path, 'p'=>$filepath, 'size' => $size));
+ send_notification("[hostfil.es] $_SERVER[REMOTE_ADDR] ! $s\n$debug");
+ exit;
+}
+
+
+function get_extension($file) {
+ $ext = strrchr($file, '.');
+ if (FALSE === $ext) {
+ return '';
+ }
+ return $ext;
+}