Soshot/index.php

408 lines
12 KiB
PHP
Raw Normal View History

2013-03-14 11:56:21 +01:00
<?php
if (empty($_SESSION)) {
session_start();
}
2013-03-19 17:07:13 +01:00
// change if you want no inpact
date_default_timezone_set('Europe/Paris');
2013-03-19 17:07:13 +01:00
// soshot only accept request by 127.0.0.1
$GLOBALS['config']['onlyLocalServer'] = false;
2013-03-19 17:07:13 +01:00
// No form for post url only acces by GET method
$GLOBALS['config']['NoWebPage'] = false;
2013-03-19 17:07:13 +01:00
// After 3 criticla error ban user
$GLOBALS['config']['maxErrorBeforeBan'] = 3;
2013-03-19 17:07:13 +01:00
// Ban for 60 minutes
$GLOBALS['config']['banTime'] = 60;
2013-03-19 17:07:13 +01:00
// default url for form
$GLOBALS['config']['defaultUrl'] = 'https://google.com';
2013-03-19 17:07:13 +01:00
// default size for thumbnail
$GLOBALS['config']['defaultThumbSize'] = '120x90';
// generate only thumbnail or generate thumbnail + 1280x1024 image
$GLOBALS['config']['onlyThumb'] = TRUE;
2013-03-19 17:07:13 +01:00
// list of available size for thumb
$GLOBALS['config']['thumbSize'] = array(
's' => '120x90',
'm' => '200x160',
'l' => '300x240',
'xl' => '400x320',
'xxl' => '500x400'
);
// Remove image older than 12 hours
$GLOBALS['config']['expireCache'] = 12;
2013-03-14 11:56:21 +01:00
if (!file_exists('cache/config/genConf.php')) {
install();
}
require 'cache/config/genConf.php';
$ui = '';
if (($GLOBALS['config']['onlyLocalServer'] === true && $_SERVER['REMOTE_ADDR'] !== '127.0.0.1') || checkIfBan() === true) {
header("HTTP/1.0 404 Not Found");
echo "<h1>404 Not Found</h1>";
echo "The page that you have requested could not be found.";
exit();
}
2013-03-19 17:07:13 +01:00
if ($GLOBALS['config']['NoWebPage'] === true && empty($_GET)) {
header("HTTP/1.0 404 Not Found");
echo "<h1>404 Not Found</h1>";
echo "The page that you have requested could not be found.";
exit();
}
2013-03-14 11:56:21 +01:00
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
function testExistImg($file) {
2013-03-19 17:07:13 +01:00
if ($GLOBALS['config']['onlyThumb'] === true) {
if (file_exists($file.'_thumb.png')) {
2013-03-19 17:07:13 +01:00
return true;
} else {
return false;
}
2013-03-14 11:56:21 +01:00
} else {
if (file_exists($file.'_thumb.png') && file_exists($file.'.png')) {
2013-03-19 17:07:13 +01:00
return true;
} else {
return false;
}
2013-03-14 11:56:21 +01:00
}
}
/**
* Run the bash script for generate thumbnail
*
* @author Knah Tsaeb
* @date 2013-02-12
* @param $url (string) url for thumbshot
* @param $hashUrl (md5) md5($url)
* @param $width (string) size of thumbnail 190x90
* @param $onlyThumb (bool)
* @param $waiForResult (bool)
* @return
*/
function launchScript($url, $hashUrl, $width, $size, $onlyThumb, $waitForResult = false) {
2013-04-02 15:42:06 +02:00
$hashUrl = escapeshellarg($hashUrl);
2013-03-14 11:56:21 +01:00
$url = escapeshellarg($url);
$width = escapeshellarg($width);
if ($GLOBALS['config']['onlyThumb'] === true) {
$onlyThumb = 1;
} else {
$onlyThumb = 0;
}
2013-03-19 17:07:13 +01:00
if ($waitForResult === false) {
exec('bin/thumb_server.sh '.$url.' '.$hashUrl.' '.$width.' '.$size.' '.$onlyThumb.' > /dev/null &', $result);
2013-03-19 17:07:13 +01:00
} else {
exec('bin/thumb_server.sh '.$url.' '.$hashUrl.' '.$width.' '.$size.' '.$onlyThumb.' 1', $result);
2013-03-19 17:07:13 +01:00
}
2013-03-14 11:56:21 +01:00
return $result;
}
function testValidUrl($url) {
$url = trim($url);
2013-03-14 11:56:21 +01:00
if (filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED)) {
$url = parse_url($url);
if (!in_array($url['scheme'], array(
'http',
'https'
))) {
2013-03-14 11:56:21 +01:00
return array('msg' => 'Url must be start by http or https.');
}
return true;
} else {
return array('msg' => 'Url are not valid.');
}
}
function genToken() {
$token = sha1(uniqid(rand(), true).'_'.mt_rand());
2013-03-14 11:56:21 +01:00
$_SESSION['token'] = $token;
return $token;
}
function verifToken($token) {
if ($token !== $_SESSION['token']) {
ban();
die('So Long, and Thanks for All the Fish.');
}
}
function checkIfBan() {
require 'cache/logs/banUser.php';
$userIp = $_SERVER['REMOTE_ADDR'];
if (isset($banList[$userIp]) && $banList[$userIp]['nbBan'] >= $GLOBALS['config']['maxErrorBeforeBan'] && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] > time()) {
return true;
} elseif (isset($banList[$userIp]) && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] < time()) {
unban();
return false;
} else {
return false;
}
}
function ban() {
require 'cache/logs/banUser.php';
$userIp = $_SERVER['REMOTE_ADDR'];
if (isset($banList[$userIp])) {
$banList[$userIp]['lastBan'] = time();
$banList[$userIp]['nbBan']++;
} else {
$banList[$userIp]['lastBan'] = time();
$banList[$userIp]['nbBan'] = 1;
}
file_put_contents('cache/logs/banUser.php', "<?php\n\$banList=".var_export($banList, true).";\n?>");
2013-03-14 11:56:21 +01:00
}
function unBan() {
require 'cache/logs/banUser.php';
$userIp = $_SERVER['REMOTE_ADDR'];
unset($banList[$userIp]);
file_put_contents('cache/logs/banUser.php', "<?php\n\$banList=".var_export($banList, true).";\n?>");
2013-03-14 11:56:21 +01:00
}
function install() {
if (!is_writable('cache')) {
die('Make dir "cache" writable');
}
if (!mkdir('cache/config', 0705)) {
die('Error on create dir "cache/config".');
}
if (!mkdir('cache/img', 0705)) {
die('Error on create dir "cache/img".');
}
if (!mkdir('cache/logs', 0705)) {
die('Error on create dir "cache/logs".');
}
if (!mkdir('cache/tmp', 0705)) {
die('Error on create dir "cache/tmp".');
}
$salt = sha1(uniqid(rand(), true).'_'.mt_rand());
$serverKey = substr(sha1(uniqid(rand(), true).'_'.mt_rand().$salt), 0, 12);
$encryptServerKey = sha1($serverKey.$salt);
2013-03-14 11:56:21 +01:00
if (!is_file('cache/config/genConf.php')) {
file_put_contents('cache/config/genConf.php', "<?php\n\$GLOBALS['config']['serverKey'] = '$encryptServerKey';\n\$GLOBALS['config']['salt'] = '$salt';\n?>");
}
if (!is_file('cache/config/serverOptions.php')) {
touch('cache/config/serverOptions.php');
}
if (!is_file('cache/config/options.php')) {
file_put_contents('cache/config/options.php', "<?php\n\n?>");
}
2013-03-14 11:56:21 +01:00
if (!is_file('cache/logs/banUser.php')) {
file_put_contents('cache/logs/banUser.php', "<?php\n\n?>");
}
if (!is_file('cache/logs/log.txt')) {
touch('cache/logs/log.txt');
2013-03-19 17:07:13 +01:00
}
echo '
<div>
This is the key for generate thumbnail whith GET method. Save it, this key is secret, don\'t share it.
<p class="alert">
', $serverKey, '
</p>
</div>';
2013-03-14 11:56:21 +01:00
checkInstall();
}
function checkInstall() {
if (!is_file('.htaccess')) {
file_put_contents('.htaccess', "AddDefaultCharset UTF-8\nOptions -Indexes\nDirectoryIndex index.php index.html\nFileETag none\nSetOutputFilter DEFLATE\n");
}
if (!is_file('cache/logs/.htaccess')) {
file_put_contents('cache/logs/.htaccess', "Allow from none\nDeny from all\n");
}
if (!is_file('cache/config/.htaccess')) {
file_put_contents('cache/config/.htaccess', "Allow from none\nDeny from all\n");
2013-03-14 11:56:21 +01:00
}
if (!is_file('bin/.htaccess')) {
file_put_contents('bin/.htaccess', "Allow from none\nDeny from all\n");
}
}
function removeOlderThan($dir = 'cache/img/shortLived') {
if (is_dir($dir)) {
$objects = scandir($dir);
foreach ($objects as $object) {
if ($object !== '.' && $object !== '..' && $object) {
if (filetype($dir.'/'.$object) === 'dir') {
removeOlderThan($dir.'/'.$object);
} else {
if(fileatime($dir.'/'.$object) < time() - 3600*$GLOBALS['config']['expireCache']){
unlink($dir.'/'.$object);
}
}
}
}
reset($objects);
}
}
2013-03-14 11:56:21 +01:00
checkInstall();
removeOlderThan();
2013-03-14 11:56:21 +01:00
if ($_GET) {
$ui = $_GET;
unset($_GET);
if (empty($ui['key']) || empty($ui['url'])) {
die('Are you Ken ?');
}
if (sha1($ui['key'].$GLOBALS['config']['salt']) !== $GLOBALS['config']['serverKey']) {
2013-03-14 11:56:21 +01:00
ban();
die('I take a chips and give it to Godzilla. I print a shoes and .............. KAMOULOX ! Well done Jean Pierre.');
}
if (!array_key_exists($ui['s'], $GLOBALS['config']['thumbSize'])) {
die('Die another day !');
}
2013-03-14 11:56:21 +01:00
$ui['url'] = rawurldecode($ui['url']);
2013-03-14 11:56:21 +01:00
$testUrl = testValidUrl($ui['url']);
if ($testUrl !== true) {
header("Content-type: image/png");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
echo file_get_contents('bin/error.png');
2013-03-14 11:56:21 +01:00
exit();
}
$defUrl = $ui['url'];
if (isset($ui['s']) && array_key_exists($ui['s'], $GLOBALS['config']['thumbSize'])) {
2013-03-14 11:56:21 +01:00
$width = $GLOBALS['config']['thumbSize'][$ui['s']];
} else {
$width = $GLOBALS['config']['defaultThumbSize'];
}
$hashUrl = sha1($GLOBALS['config']['serverKey'].$defUrl);
$startPath = substr($hashUrl, 0, 2).'/'.substr($hashUrl, 2, 2).'/';
$file = 'cache/img/'.$ui['s'].'/'.$startPath.$hashUrl;
2013-03-14 11:56:21 +01:00
if (testExistImg($file) !== true || isset($ui['fr']) && (int)$ui['fr'] === 1) {
2013-03-19 17:07:13 +01:00
if (isset($ui['iw']) && (int)$ui['iw'] === 1) {
launchScript($defUrl, $hashUrl, $width, $ui['s'], $GLOBALS['config']['onlyThumb'], true);
2013-03-19 17:07:13 +01:00
} else {
$res = launchScript($defUrl, $hashUrl, $width, $ui['s'], $GLOBALS['config']['onlyThumb'], false);
2013-03-19 17:07:13 +01:00
header("Content-type: image/png");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
echo file_get_contents('bin/loadingGen.png');
exit();
2013-03-14 11:56:21 +01:00
}
}
header("Content-type: image/png");
header('Expires: ', gmdate('D, d M Y H:i:s', time()).' GMT');
2013-03-14 11:56:21 +01:00
if (!empty($ui['t']) && $ui['t'] === 'full') {
echo file_get_contents($file.'.png');
2013-03-14 11:56:21 +01:00
} else {
echo file_get_contents($file.'_thumb.png');
2013-03-14 11:56:21 +01:00
}
exit();
}
if ($_POST) {
$ui = $_POST;
unset($_POST);
if (empty($ui['url'])) {
die('No url, no thumb');
}
verifToken($ui['token']);
$ui['url'] = rawurldecode($ui['url']);
2013-03-14 11:56:21 +01:00
$testUrl = testValidUrl($ui['url']);
if ($testUrl !== true) {
echo $testUrl['msg'];
exit();
}
if (!array_key_exists($ui['s'], $GLOBALS['config']['thumbSize'])) {
die('Die another day !');
}
2013-03-14 11:56:21 +01:00
$defUrl = $ui['url'];
if (isset($ui['s']) && array_key_exists($ui['s'], $GLOBALS['config']['thumbSize'])) {
2013-03-14 11:56:21 +01:00
$width = $GLOBALS['config']['thumbSize'][$ui['s']];
} else {
$width = $GLOBALS['config']['defaultThumbSize'];
}
$hashUrl = sha1($GLOBALS['config']['serverKey'].$defUrl);
$startPath = substr($hashUrl, 0, 2).'/'.substr($hashUrl, 2, 2).'/';
$file = 'cache/img/shortLived/'.$startPath.$hashUrl;
2013-03-14 11:56:21 +01:00
if (testExistImg($file) !== true || isset($ui['fr']) && (int)$ui['fr'] === 1) {
launchScript($defUrl, $hashUrl, $width, 'shortLived', $GLOBALS['config']['onlyThumb'], true);
2013-03-14 11:56:21 +01:00
}
$success = array(
'normal' => $file.'.png',
'thumb' => $file.'_thumb.png'
);
2013-03-14 11:56:21 +01:00
}
if (empty($defUrl)) {
$defUrl = $GLOBALS['config']['defaultUrl'];
}
if (empty($width)) {
$width = $GLOBALS['config']['defaultThumbSize'];
}
2013-03-14 11:56:21 +01:00
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>KT WebThumb</title>
<meta name="description" content="My web thumbnailer">
<link rel="stylesheet" href="inc/style.css">
</head>
<body>
<form method="post">
<p>
<input type="url" placeholder="<?php echo $defUrl; ?>" value="<?php echo $defUrl; ?>" name="url"/>
</p>
<p>
<label>Size</label>
<select name="s">
<?php
foreach ($GLOBALS['config']['thumbSize'] as $key => $value) {
if ($value === $width) {
2013-03-14 11:56:21 +01:00
echo '<option value="', $key, '" selected="selected">', $value, '</option>';
} else {
echo '<option value="', $key, '">', $value, '</option>';
}
}
?>
</select>
</p>
<p>
2013-03-14 11:56:21 +01:00
<label>Force refresh</label>
<input type="checkbox" value="1" name="fr" />
</p>
<p>
<input type="hidden" name="token" value="<?php echo genToken(); ?>" />
<input type="submit" value="Generate"/>
</p>
<p class="info">
2013-03-14 12:32:51 +01:00
<a href="http://forge.leslibres.org/projects/soshot">Homepage</a>
2013-03-14 11:56:21 +01:00
</p>
</form>
<?php
if (!empty($success)) {
echo '<div id="result">';
echo '<h3>This image will removed in 24h</h3>';
echo '<img src="', $success['thumb'], '?r=', time(), '"/>';
echo '<p><label>', $width, '</label><input type="text" value="http://', $_SERVER['SERVER_NAME'], '/', $success['thumb'], '" onclick="this.select()"/></p>';
if ($GLOBALS['config']['onlyThumb'] === false) {
echo '<p><label>1280x1024</label><input type="text" value="http://', $_SERVER['SERVER_NAME'], '/', $success['normal'], '" onclick="this.select()"/></p>';
2013-03-14 11:56:21 +01:00
}
}
echo '</div>';
?>
2013-03-14 11:56:21 +01:00
</body>
2013-03-19 17:07:13 +01:00
</html>