Knah-Tsaeb
/
Sovigall
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Sovigall/index.php

448 lines
14 KiB
PHP
Raw Blame History

<?php
error_reporting(E_ALL ^ E_NOTICE);
session_start();
$startTime = microtime(true);
date_default_timezone_set('UTC');
// Data subdirectory
$GLOBALS['config']['DATADIR'] = 'data';
// Video subdirectory
$GLOBALS['config']['VIDEODIR'] = 'videos';
// Video subdirectory before renaming
$GLOBALS['config']['TMPDIR'] = 'tmp';
// Configuration file (user login/password)
$GLOBALS['config']['LISTDIR'] = $GLOBALS['config']['DATADIR'].'/listDir.php';
// Configuration file (user login/password)
$GLOBALS['config']['LISTFILE'] = $GLOBALS['config']['DATADIR'].'/listFile.php';
// Configuration file (user login/password)
$GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php';
// File storage for failures and bans.
$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php';
// Ban IP after this many failures.
$GLOBALS['config']['BAN_AFTER'] = 4;
// Ban duration for IP address after login failures (in seconds) (1800 sec. = 30 minutes)
$GLOBALS['config']['BAN_DURATION'] = 1800;
// Page cache directory.
$GLOBALS['config']['PAGECACHE'] = 'pagecache';
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
return $value;
}
$_POST = array_map('stripslashes_deep', $_POST);
$_GET = array_map('stripslashes_deep', $_GET);
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
}
$ci = array_map('htmlentities', array_merge($_POST, $_GET));
$_SESSION['bc'] = $ci['bc'];
if (!file_exists($GLOBALS['config']['CONFIG_FILE']) || strlen(file_get_contents($GLOBALS['config']['CONFIG_FILE'])) == 0) {
$page = install($ci);
}
require $GLOBALS['config']['CONFIG_FILE'];
require $GLOBALS['config']['LISTDIR'];
require $GLOBALS['config']['LISTFILE'];
function install($ci) {
if (!is_dir($GLOBALS['config']['DATADIR']) && !mkdir($GLOBALS['config']['DATADIR'], 0755)) {
die('Error on create dir "DATADIR".');
}
if (!is_dir($GLOBALS['config']['VIDEODIR']) && !mkdir($GLOBALS['config']['VIDEODIR'], 0755)) {
die('Error on create dir "VIDEODIR".');
}
if (!is_dir($GLOBALS['config']['PAGECACHE']) && !mkdir($GLOBALS['config']['PAGECACHE'], 0755)) {
die('Error on create dir "PAGECACHE".');
}
if (!is_dir($GLOBALS['config']['TMPDIR']) && !mkdir($GLOBALS['config']['TMPDIR'], 0755)) {
die('Error on create dir "TMPDIR".');
}
if (!copy('inc/.htaccess', $GLOBALS['config']['DATADIR'].'/.htaccess')) {
die('Error on create .httaccess in dir "'.$GLOBALS['config']['DATADIR'].'"');
}
if (!copy('inc/.htaccess', $GLOBALS['config']['TMPDIR'].'/.htaccess')) {
die('Error on create .httaccess in dir "'.$GLOBALS['config']['TMPDIR'].'"');
}
if (!is_file($GLOBALS['config']['CONFIG_FILE'])) {
touch($GLOBALS['config']['CONFIG_FILE']);
}
if (!is_file($GLOBALS['config']['IPBANS_FILENAME'])) {
touch($GLOBALS['config']['IPBANS_FILENAME']);
}
if (!is_file($GLOBALS['config']['LISTDIR'])) {
touch($GLOBALS['config']['LISTDIR']);
}
if (!is_file($GLOBALS['config']['LISTFILE'])) {
touch($GLOBALS['config']['LISTFILE']);
}
$page = 'install';
if ($ci['install'] == 'install') {
verifToken($ci['token']);
$GLOBALS['loginName']['salt'] = hash('sha256', uniqid(rand(), true).'_'.mt_rand());
$GLOBALS['loginName']['loginName'] = hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']);
$GLOBALS['loginName']['password'] = hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt']);
$data = '<?php
$GLOBALS[\'loginName\'][\'salt\'] = \''.$GLOBALS['loginName']['salt'].'\';
$GLOBALS[\'loginName\'][\'loginName\'] = \''.$GLOBALS['loginName']['loginName'].'\';
$GLOBALS[\'loginName\'][\'password\'] = \''.$GLOBALS['loginName']['password'].'\';
?>
';
file_put_contents($GLOBALS['config']['CONFIG_FILE'], $data);
$page = 'content';
}
return $page;
}
function checkSecure() {
}
function logout() {
}
function getCurrentDir($bc) {
$currentDir = end(str_split($bc, 8));
return $currentDir;
}
function genToken() {
$token = sha1(uniqid(rand(), true).'_'.mt_rand());
$_SESSION['token'] = $token;
$_SESSION['tokenTime'] = time();
return $token;
}
function verifToken($token) {
if ($token !== $_SESSION['token'] || $_SESSION['tokenTime'] <= time() - 24000) {
ban();
die('So Long, and Thanks for All the Fish.');
}
}
function checkIfBan() {
require 'cache/logs/banUser.php';
$userIp = $_SERVER['REMOTE_ADDR'];
if (isset($banList[$userIp]) && $banList[$userIp]['nbBan'] >= $GLOBALS['config']['maxErrorBeforeBan'] && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] > time()) {
return true;
} elseif (isset($banList[$userIp]) && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] < time()) {
unban();
return false;
} else {
return false;
}
}
function ban() {
require $GLOBALS['config']['IPBANS_FILENAME'];
$userIp = $_SERVER['REMOTE_ADDR'];
if (isset($banList[$userIp])) {
$banList[$userIp]['lastBan'] = time();
$banList[$userIp]['nbBan']++;
} else {
$banList[$userIp]['lastBan'] = time();
$banList[$userIp]['nbBan'] = 1;
}
file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
}
function unBan() {
require $GLOBALS['config']['IPBANS_FILENAME'];
$userIp = $_SERVER['REMOTE_ADDR'];
unset($banList[$userIp]);
file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
}
function n_print($data, $name = '') {
$aBackTrace = debug_backtrace();
echo '<h2>', $name, '</h2>';
echo '
<fieldset style="border: 1px solid orange; padding: 5px;color:#1E1915; background-color: #fff;">';
echo '
<legend style="border:1px solid orange;padding: 1px;background-color:#eee;color:orange;">
', basename($aBackTrace[0]['file']), ' ligne => ', $aBackTrace[0]['line'], '
</legend>';
echo '<pre style="color:#1E1915;">', htmlentities(print_r($data, 1)), '</pre>';
echo '
</fieldset>
<br />';
}
function addDir($dir, $breadcrumb, $fullListDir) {
if (empty($dir)) {
return 'error';
}
$dirHash = substr(sha1($dir.microtime(true)), 0, 8);
$fullListDir[$dirHash] = $dir;
$path = chunk_split($breadcrumb, 8, '/');
file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
if (mkdir('videos/'.$path.'/'.$dirHash)) {
return array(
'result' => 'success',
'fullListDir' => $fullListDir
);
} else {
return 'error';
}
}
function renDir($dir, $breadcrumb, $fullListDir) {
if (empty($dir)) {
return;
}
$currentDir = getCurrentDir($breadcrumb);
$dirHash = substr(sha1($dir.microtime(true)), 0, 8);
$fullListDir[$dirHash] = $dir;
$path = chunk_split($breadcrumb, 8, '/');
if (rename('videos/'.$path, 'videos/'.substr($path, 0, -9).'/'.$dirHash)) {
unset($fullListDir[$currentDir]);
file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
$breadcrumb = substr($path, 0, -9).$dirHash;
return array(
'result' => 'success',
'bc' => str_replace('/', '', $breadcrumb),
'fullListDir' => $fullListDir
);
} else {
return 'error';
}
}
function addVideo($ci, $fullListFile) {
$nameHash = substr(sha1($ci['name'].$ci['url']), 0, 10);
$url = escapeshellcmd($ci['url']);
$path = chunk_split($ci['bc'], 8, '/');
$data = $nameHash.' '.$url.' '.$path."\n";
file_put_contents($GLOBALS['config']['TMPDIR'].'/'.$nameHash.'.hash', $data);
$fullListFile[$nameHash] = array(
'title' => $ci['name'],
'url' => $ci['url'],
'desc' => $ci['desc'],
'via' => $ci['via'],
'licence' => $ci['licence']
);
file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
}
function deleteVideo($bc, $file) {
$path = $GLOBALS['config']['VIDEODIR'].'/'.chunk_split($bc, 8, '/');
$pathAndFile = $path.$file;
if (file_exists($pathAndFile) && !is_dir($pathAndFile) && $file === $_SESSION['video'].'.jpg') {
$listFile = (glob($path.$_SESSION['video']."*"));
foreach ($listFile as $value) {
unlink($value);
}
} else {
return 'Error, cannot delete this file.';
}
}
function updateFileTitle($hash, $title) {
global $fullListFile;
$fullListFile[$hash]['title'] = $title;
chdir($_SERVER['DOCUMENT_ROOT']);
file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
}
function listCurrentDir($breadcrumb) {
chdir($breadcrumb);
return glob("*", GLOB_ONLYDIR);
}
function makeBreadcrumb($bc, $fullListDir) {
$bcToArray = str_split($bc, 8);
$nbBc = count($bcToArray);
for ($i = 0; $i < $nbBc; $i++) {
$hrefBc .= $bcToArray[$i];
$breadcrumb[$hrefBc] = $fullListDir[$bcToArray[$i]];
}
return $breadcrumb;
}
function listVideo($breadcrumb) {
return glob("*.jpg");
}
function parseVideoDescription($file, $fullInfo = false) {
$value = json_decode(file_get_contents($file));
}
function getVideoInfo($file, $dir, $fullListFile) {
$file = substr($file, 0, 10);
$postInfo = $fullListFile[$file];
$path = chunk_split($dir, 8, '/');
$descFile = glob("videos/".$path.$file."*.json");
$jsonInfo = json_decode(file_get_contents($descFile[0]));
$time = gmdate('H\hi\ms\s', $jsonInfo -> duration);
$info = array(
'hash' => $file,
'title' => $postInfo['title'],
'originalTitle' => htmlentities($jsonInfo -> stitle),
'url' => $postInfo['url'],
'desc' => $postInfo['desc'],
'originalDesc' => htmlentities($jsonInfo -> description),
'uploadDate' => htmlentities($jsonInfo -> upload_date),
'format' => htmlentities($jsonInfo -> format),
'ext' => htmlentities($jsonInfo -> ext),
'duration' => htmlentities($time),
'via' => $postInfo['via'],
'licence' => $postInfo['licence']
);
return $info;
}
function editVideoDescription() {
}
function testCache() {
}
function makeCache() {
}
function getThumbnail($path, $value) {
if (file_exists(getcwd().'/'.$value.'/thumb.jpg')) {
return $path.$value.'/thumb.jpg';
} else {
return;
}
}
function login($ci) {
if (hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']) === $GLOBALS['loginName']['loginName'] && $GLOBALS['loginName']['password'] === hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt'])) {
$_SESSION['log'] = true;
return true;
} else {
return false;
}
}
function defineThumb($bc, $file) {
$path = chunk_split($bc, 8, '/');
if (file_exists($GLOBALS['config']['VIDEODIR'].'/'.$path.$file)) {
copy($GLOBALS['config']['VIDEODIR'].'/'.$path.$file, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb.jpg');
}
}
function addThumbnail($bc) {
if (!is_uploaded_file($_FILES['file']['tmp_name'])) {
echo 'Error on upload file.';
}
if ($_FILES['file']['error'] > 0) {
$msgError = array(
'1' => 'Le fichier excède le poids autorisé par la directive upload_max_filesize de php.ini',
'2' => 'Le fichier excède le poids autorisé par le champ MAX_FILE_SIZE s\'il a été donné',
'3' => 'Thumbnail are partially upload',
'4' => 'Thumbnail are not upload'
);
echo $msgError[$_FILES["file"]["error"]];
}
$tmpName = $_FILES["file"]["tmp_name"];
if ((int) extension_loaded('fileinfo') === 1) {
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$type = finfo_file($finfo, $tmpName);
finfo_close($finfo);
} else {
echo 'Please active fileinfo extension';
}
$permitImage = array(
'image/gif',
'image/jpg',
'image/jpeg',
'image/pjpeg',
'image/png'
);
if (!in_array($type, $permitImage)) {
echo 'This type '.$type.' file is not permit. Convert it and retry.';
}
$path = chunk_split($bc, 8, '/');
if (!move_uploaded_file($_FILES['file']['tmp_name'], $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp')) {
echo 'Error on move file to final destination.';
} else {
convertToJpeg($path, $type);
}
}
function convertToJpeg($path, $type) {
$pathAndNameFile = $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp';
if ($type == 'image/jpeg') {
$image = imagecreatefromjpeg($pathAndNameFile);
}
if ($type == 'image/png') {
$image = imagecreatefrompng($pathAndNameFile);
}
if ($type == 'image/gif') {
$image = imagecreatefromgif($pathAndNameFile);
}
imagejpeg($image, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.jpg', 100);
imagedestroy($image);
unlink($pathAndNameFile);
}
if (!empty($ci['ac']) && $ci['ac'] === 'login' && !empty($ci['op']) && (int)$ci['op'] === 2) {
verifToken($ci['token']);
if (login($ci) === true) {
unset($ci['op'], $ci['ac']);
}
}
if (isset($ci['ac']) && !empty($ci['ac'])) {
if ($ci['ac'] === 'renDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
verifToken($ci['token']);
$renDir = renDir($ci['renDir'], $ci['bc'], $fullListDir);
$ci['bc'] = $renDir['bc'];
$fullListDir = $renDir['fullListDir'];
}
if ($ci['ac'] === 'newDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
verifToken($ci['token']);
$addDir = addDir($ci['newDir'], $ci['bc'], $fullListDir);
$fullListDir = $addDir['fullListDir'];
}
if ($ci['ac'] === 'addVideo' && !empty($ci['op']) && (int)$ci['op'] === 1) {
verifToken($ci['token']);
$addVideo = addVideo($ci, $fullListFile);
}
if ($ci['ac'] === 'addThumbnail' && !empty($ci['op']) && (int)$ci['op'] === 1) {
verifToken($ci['token']);
$addThumbnail = addThumbnail($ci['bc']);
}
if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 4) {
verifToken($ci['token']);
if ($_SESSION['log'] !== true) {
die('Tinker say : You can keep your magic, I have laser beams! ');
}
$deleteVideo = deleteVideo($ci['bc'], $ci['file']);
}
if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 3) {
verifToken($ci['token']);
if ($_SESSION['log'] !== true) {
die('Tinker say : Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew');
}
$defineThumb = defineThumb($ci['bc'], $ci['file']);
}
}
?>
<!doctype html>
<html lang="fr">
<head>
<meta charset="utf-8">
<title>SoViGall - Personal Video Gallery</title>
<link rel="stylesheet" href="style.css">
</head>
<body>
<?php
if (!isset($page) && empty($page)) {
require 'inc/content.php';
} else {
require 'inc/'.$page.'.php';
}
echo '<p id="time">Exec time : '.round((microtime(TRUE) - $startTime), 5).'</p>';
?>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink