448 lines
14 KiB
PHP
448 lines
14 KiB
PHP
<?php
|
|
error_reporting(E_ALL ^ E_NOTICE);
|
|
session_start();
|
|
$startTime = microtime(true);
|
|
date_default_timezone_set('UTC');
|
|
// Data subdirectory
|
|
$GLOBALS['config']['DATADIR'] = 'data';
|
|
// Video subdirectory
|
|
$GLOBALS['config']['VIDEODIR'] = 'videos';
|
|
// Video subdirectory before renaming
|
|
$GLOBALS['config']['TMPDIR'] = 'tmp';
|
|
// Configuration file (user login/password)
|
|
$GLOBALS['config']['LISTDIR'] = $GLOBALS['config']['DATADIR'].'/listDir.php';
|
|
// Configuration file (user login/password)
|
|
$GLOBALS['config']['LISTFILE'] = $GLOBALS['config']['DATADIR'].'/listFile.php';
|
|
// Configuration file (user login/password)
|
|
$GLOBALS['config']['CONFIG_FILE'] = $GLOBALS['config']['DATADIR'].'/config.php';
|
|
// File storage for failures and bans.
|
|
$GLOBALS['config']['IPBANS_FILENAME'] = $GLOBALS['config']['DATADIR'].'/ipbans.php';
|
|
// Ban IP after this many failures.
|
|
$GLOBALS['config']['BAN_AFTER'] = 4;
|
|
// Ban duration for IP address after login failures (in seconds) (1800 sec. = 30 minutes)
|
|
$GLOBALS['config']['BAN_DURATION'] = 1800;
|
|
// Page cache directory.
|
|
$GLOBALS['config']['PAGECACHE'] = 'pagecache';
|
|
|
|
if (get_magic_quotes_gpc()) {
|
|
function stripslashes_deep($value) {
|
|
$value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
|
|
return $value;
|
|
}
|
|
|
|
$_POST = array_map('stripslashes_deep', $_POST);
|
|
$_GET = array_map('stripslashes_deep', $_GET);
|
|
$_COOKIE = array_map('stripslashes_deep', $_COOKIE);
|
|
}
|
|
|
|
$ci = array_map('htmlentities', array_merge($_POST, $_GET));
|
|
$_SESSION['bc'] = $ci['bc'];
|
|
|
|
if (!file_exists($GLOBALS['config']['CONFIG_FILE']) || strlen(file_get_contents($GLOBALS['config']['CONFIG_FILE'])) == 0) {
|
|
$page = install($ci);
|
|
}
|
|
|
|
require $GLOBALS['config']['CONFIG_FILE'];
|
|
require $GLOBALS['config']['LISTDIR'];
|
|
require $GLOBALS['config']['LISTFILE'];
|
|
|
|
function install($ci) {
|
|
if (!is_dir($GLOBALS['config']['DATADIR']) && !mkdir($GLOBALS['config']['DATADIR'], 0755)) {
|
|
die('Error on create dir "DATADIR".');
|
|
}
|
|
if (!is_dir($GLOBALS['config']['VIDEODIR']) && !mkdir($GLOBALS['config']['VIDEODIR'], 0755)) {
|
|
die('Error on create dir "VIDEODIR".');
|
|
}
|
|
if (!is_dir($GLOBALS['config']['PAGECACHE']) && !mkdir($GLOBALS['config']['PAGECACHE'], 0755)) {
|
|
die('Error on create dir "PAGECACHE".');
|
|
}
|
|
if (!is_dir($GLOBALS['config']['TMPDIR']) && !mkdir($GLOBALS['config']['TMPDIR'], 0755)) {
|
|
die('Error on create dir "TMPDIR".');
|
|
}
|
|
if (!copy('inc/.htaccess', $GLOBALS['config']['DATADIR'].'/.htaccess')) {
|
|
die('Error on create .httaccess in dir "'.$GLOBALS['config']['DATADIR'].'"');
|
|
}
|
|
if (!copy('inc/.htaccess', $GLOBALS['config']['TMPDIR'].'/.htaccess')) {
|
|
die('Error on create .httaccess in dir "'.$GLOBALS['config']['TMPDIR'].'"');
|
|
}
|
|
if (!is_file($GLOBALS['config']['CONFIG_FILE'])) {
|
|
touch($GLOBALS['config']['CONFIG_FILE']);
|
|
}
|
|
if (!is_file($GLOBALS['config']['IPBANS_FILENAME'])) {
|
|
touch($GLOBALS['config']['IPBANS_FILENAME']);
|
|
}
|
|
if (!is_file($GLOBALS['config']['LISTDIR'])) {
|
|
touch($GLOBALS['config']['LISTDIR']);
|
|
}
|
|
if (!is_file($GLOBALS['config']['LISTFILE'])) {
|
|
touch($GLOBALS['config']['LISTFILE']);
|
|
}
|
|
$page = 'install';
|
|
|
|
if ($ci['install'] == 'install') {
|
|
verifToken($ci['token']);
|
|
$GLOBALS['loginName']['salt'] = hash('sha256', uniqid(rand(), true).'_'.mt_rand());
|
|
$GLOBALS['loginName']['loginName'] = hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']);
|
|
$GLOBALS['loginName']['password'] = hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt']);
|
|
$data = '<?php
|
|
$GLOBALS[\'loginName\'][\'salt\'] = \''.$GLOBALS['loginName']['salt'].'\';
|
|
$GLOBALS[\'loginName\'][\'loginName\'] = \''.$GLOBALS['loginName']['loginName'].'\';
|
|
$GLOBALS[\'loginName\'][\'password\'] = \''.$GLOBALS['loginName']['password'].'\';
|
|
?>
|
|
';
|
|
file_put_contents($GLOBALS['config']['CONFIG_FILE'], $data);
|
|
$page = 'content';
|
|
}
|
|
return $page;
|
|
}
|
|
|
|
function checkSecure() {
|
|
}
|
|
|
|
function logout() {
|
|
}
|
|
|
|
function getCurrentDir($bc) {
|
|
$currentDir = end(str_split($bc, 8));
|
|
return $currentDir;
|
|
}
|
|
|
|
function genToken() {
|
|
$token = sha1(uniqid(rand(), true).'_'.mt_rand());
|
|
$_SESSION['token'] = $token;
|
|
$_SESSION['tokenTime'] = time();
|
|
return $token;
|
|
}
|
|
|
|
function verifToken($token) {
|
|
if ($token !== $_SESSION['token'] || $_SESSION['tokenTime'] <= time() - 24000) {
|
|
ban();
|
|
die('So Long, and Thanks for All the Fish.');
|
|
}
|
|
}
|
|
|
|
function checkIfBan() {
|
|
require 'cache/logs/banUser.php';
|
|
$userIp = $_SERVER['REMOTE_ADDR'];
|
|
if (isset($banList[$userIp]) && $banList[$userIp]['nbBan'] >= $GLOBALS['config']['maxErrorBeforeBan'] && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] > time()) {
|
|
return true;
|
|
} elseif (isset($banList[$userIp]) && $banList[$userIp]['lastBan'] + $GLOBALS['config']['banTime'] < time()) {
|
|
unban();
|
|
return false;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function ban() {
|
|
require $GLOBALS['config']['IPBANS_FILENAME'];
|
|
$userIp = $_SERVER['REMOTE_ADDR'];
|
|
if (isset($banList[$userIp])) {
|
|
$banList[$userIp]['lastBan'] = time();
|
|
$banList[$userIp]['nbBan']++;
|
|
} else {
|
|
$banList[$userIp]['lastBan'] = time();
|
|
$banList[$userIp]['nbBan'] = 1;
|
|
}
|
|
file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
|
|
}
|
|
|
|
function unBan() {
|
|
require $GLOBALS['config']['IPBANS_FILENAME'];
|
|
$userIp = $_SERVER['REMOTE_ADDR'];
|
|
unset($banList[$userIp]);
|
|
file_put_contents($GLOBALS['config']['IPBANS_FILENAME'], "<?php\n\$banList=".var_export($banList, true).";\n?>");
|
|
}
|
|
|
|
function n_print($data, $name = '') {
|
|
$aBackTrace = debug_backtrace();
|
|
echo '<h2>', $name, '</h2>';
|
|
echo '
|
|
<fieldset style="border: 1px solid orange; padding: 5px;color:#1E1915; background-color: #fff;">';
|
|
echo '
|
|
<legend style="border:1px solid orange;padding: 1px;background-color:#eee;color:orange;">
|
|
', basename($aBackTrace[0]['file']), ' ligne => ', $aBackTrace[0]['line'], '
|
|
</legend>';
|
|
echo '<pre style="color:#1E1915;">', htmlentities(print_r($data, 1)), '</pre>';
|
|
echo '
|
|
</fieldset>
|
|
<br />';
|
|
}
|
|
|
|
function addDir($dir, $breadcrumb, $fullListDir) {
|
|
if (empty($dir)) {
|
|
return 'error';
|
|
}
|
|
$dirHash = substr(sha1($dir.microtime(true)), 0, 8);
|
|
$fullListDir[$dirHash] = $dir;
|
|
$path = chunk_split($breadcrumb, 8, '/');
|
|
file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
|
|
if (mkdir('videos/'.$path.'/'.$dirHash)) {
|
|
return array(
|
|
'result' => 'success',
|
|
'fullListDir' => $fullListDir
|
|
);
|
|
} else {
|
|
return 'error';
|
|
}
|
|
}
|
|
|
|
function renDir($dir, $breadcrumb, $fullListDir) {
|
|
if (empty($dir)) {
|
|
return;
|
|
}
|
|
$currentDir = getCurrentDir($breadcrumb);
|
|
$dirHash = substr(sha1($dir.microtime(true)), 0, 8);
|
|
$fullListDir[$dirHash] = $dir;
|
|
$path = chunk_split($breadcrumb, 8, '/');
|
|
|
|
if (rename('videos/'.$path, 'videos/'.substr($path, 0, -9).'/'.$dirHash)) {
|
|
unset($fullListDir[$currentDir]);
|
|
file_put_contents($GLOBALS['config']['LISTDIR'], "<?php\n\$fullListDir=".var_export($fullListDir, true).";\n?>");
|
|
$breadcrumb = substr($path, 0, -9).$dirHash;
|
|
return array(
|
|
'result' => 'success',
|
|
'bc' => str_replace('/', '', $breadcrumb),
|
|
'fullListDir' => $fullListDir
|
|
);
|
|
} else {
|
|
return 'error';
|
|
}
|
|
}
|
|
|
|
function addVideo($ci, $fullListFile) {
|
|
$nameHash = substr(sha1($ci['name'].$ci['url']), 0, 10);
|
|
$url = escapeshellcmd($ci['url']);
|
|
$path = chunk_split($ci['bc'], 8, '/');
|
|
$data = $nameHash.' '.$url.' '.$path."\n";
|
|
file_put_contents($GLOBALS['config']['TMPDIR'].'/'.$nameHash.'.hash', $data);
|
|
$fullListFile[$nameHash] = array(
|
|
'title' => $ci['name'],
|
|
'url' => $ci['url'],
|
|
'desc' => $ci['desc'],
|
|
'via' => $ci['via'],
|
|
'licence' => $ci['licence']
|
|
);
|
|
file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
|
|
}
|
|
|
|
function deleteVideo($bc, $file) {
|
|
$path = $GLOBALS['config']['VIDEODIR'].'/'.chunk_split($bc, 8, '/');
|
|
$pathAndFile = $path.$file;
|
|
if (file_exists($pathAndFile) && !is_dir($pathAndFile) && $file === $_SESSION['video'].'.jpg') {
|
|
$listFile = (glob($path.$_SESSION['video']."*"));
|
|
foreach ($listFile as $value) {
|
|
unlink($value);
|
|
}
|
|
} else {
|
|
return 'Error, cannot delete this file.';
|
|
}
|
|
}
|
|
|
|
function updateFileTitle($hash, $title) {
|
|
global $fullListFile;
|
|
$fullListFile[$hash]['title'] = $title;
|
|
chdir($_SERVER['DOCUMENT_ROOT']);
|
|
file_put_contents($GLOBALS['config']['LISTFILE'], "<?php\n\$fullListFile=".var_export($fullListFile, true).";\n?>");
|
|
}
|
|
|
|
function listCurrentDir($breadcrumb) {
|
|
chdir($breadcrumb);
|
|
return glob("*", GLOB_ONLYDIR);
|
|
}
|
|
|
|
function makeBreadcrumb($bc, $fullListDir) {
|
|
$bcToArray = str_split($bc, 8);
|
|
$nbBc = count($bcToArray);
|
|
for ($i = 0; $i < $nbBc; $i++) {
|
|
$hrefBc .= $bcToArray[$i];
|
|
$breadcrumb[$hrefBc] = $fullListDir[$bcToArray[$i]];
|
|
}
|
|
return $breadcrumb;
|
|
}
|
|
|
|
function listVideo($breadcrumb) {
|
|
return glob("*.jpg");
|
|
}
|
|
|
|
function parseVideoDescription($file, $fullInfo = false) {
|
|
$value = json_decode(file_get_contents($file));
|
|
}
|
|
|
|
function getVideoInfo($file, $dir, $fullListFile) {
|
|
$file = substr($file, 0, 10);
|
|
$postInfo = $fullListFile[$file];
|
|
$path = chunk_split($dir, 8, '/');
|
|
$descFile = glob("videos/".$path.$file."*.json");
|
|
$jsonInfo = json_decode(file_get_contents($descFile[0]));
|
|
|
|
$time = gmdate('H\hi\ms\s', $jsonInfo -> duration);
|
|
|
|
$info = array(
|
|
'hash' => $file,
|
|
'title' => $postInfo['title'],
|
|
'originalTitle' => htmlentities($jsonInfo -> stitle),
|
|
'url' => $postInfo['url'],
|
|
'desc' => $postInfo['desc'],
|
|
'originalDesc' => htmlentities($jsonInfo -> description),
|
|
'uploadDate' => htmlentities($jsonInfo -> upload_date),
|
|
'format' => htmlentities($jsonInfo -> format),
|
|
'ext' => htmlentities($jsonInfo -> ext),
|
|
'duration' => htmlentities($time),
|
|
'via' => $postInfo['via'],
|
|
'licence' => $postInfo['licence']
|
|
);
|
|
return $info;
|
|
}
|
|
|
|
function editVideoDescription() {
|
|
}
|
|
|
|
function testCache() {
|
|
}
|
|
|
|
function makeCache() {
|
|
}
|
|
|
|
function getThumbnail($path, $value) {
|
|
if (file_exists(getcwd().'/'.$value.'/thumb.jpg')) {
|
|
return $path.$value.'/thumb.jpg';
|
|
} else {
|
|
return;
|
|
}
|
|
}
|
|
|
|
function login($ci) {
|
|
if (hash('sha256', $ci['loginName'].$GLOBALS['loginName']['salt']) === $GLOBALS['loginName']['loginName'] && $GLOBALS['loginName']['password'] === hash('sha256', $ci['loginPass'].$GLOBALS['loginName']['salt'])) {
|
|
$_SESSION['log'] = true;
|
|
return true;
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
function defineThumb($bc, $file) {
|
|
$path = chunk_split($bc, 8, '/');
|
|
if (file_exists($GLOBALS['config']['VIDEODIR'].'/'.$path.$file)) {
|
|
copy($GLOBALS['config']['VIDEODIR'].'/'.$path.$file, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb.jpg');
|
|
}
|
|
}
|
|
|
|
function addThumbnail($bc) {
|
|
if (!is_uploaded_file($_FILES['file']['tmp_name'])) {
|
|
echo 'Error on upload file.';
|
|
}
|
|
if ($_FILES['file']['error'] > 0) {
|
|
$msgError = array(
|
|
'1' => 'Le fichier excède le poids autorisé par la directive upload_max_filesize de php.ini',
|
|
'2' => 'Le fichier excède le poids autorisé par le champ MAX_FILE_SIZE s\'il a été donné',
|
|
'3' => 'Thumbnail are partially upload',
|
|
'4' => 'Thumbnail are not upload'
|
|
);
|
|
echo $msgError[$_FILES["file"]["error"]];
|
|
}
|
|
$tmpName = $_FILES["file"]["tmp_name"];
|
|
if ((int) extension_loaded('fileinfo') === 1) {
|
|
$finfo = finfo_open(FILEINFO_MIME_TYPE);
|
|
$type = finfo_file($finfo, $tmpName);
|
|
finfo_close($finfo);
|
|
} else {
|
|
echo 'Please active fileinfo extension';
|
|
}
|
|
$permitImage = array(
|
|
'image/gif',
|
|
'image/jpg',
|
|
'image/jpeg',
|
|
'image/pjpeg',
|
|
'image/png'
|
|
);
|
|
if (!in_array($type, $permitImage)) {
|
|
echo 'This type '.$type.' file is not permit. Convert it and retry.';
|
|
}
|
|
$path = chunk_split($bc, 8, '/');
|
|
if (!move_uploaded_file($_FILES['file']['tmp_name'], $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp')) {
|
|
echo 'Error on move file to final destination.';
|
|
} else {
|
|
convertToJpeg($path, $type);
|
|
}
|
|
}
|
|
|
|
function convertToJpeg($path, $type) {
|
|
$pathAndNameFile = $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.tmp';
|
|
if ($type == 'image/jpeg') {
|
|
$image = imagecreatefromjpeg($pathAndNameFile);
|
|
}
|
|
if ($type == 'image/png') {
|
|
$image = imagecreatefrompng($pathAndNameFile);
|
|
}
|
|
if ($type == 'image/gif') {
|
|
$image = imagecreatefromgif($pathAndNameFile);
|
|
}
|
|
imagejpeg($image, $GLOBALS['config']['VIDEODIR'].'/'.$path.'thumb'.'.jpg', 100);
|
|
imagedestroy($image);
|
|
unlink($pathAndNameFile);
|
|
}
|
|
|
|
if (!empty($ci['ac']) && $ci['ac'] === 'login' && !empty($ci['op']) && (int)$ci['op'] === 2) {
|
|
verifToken($ci['token']);
|
|
if (login($ci) === true) {
|
|
unset($ci['op'], $ci['ac']);
|
|
}
|
|
}
|
|
|
|
if (isset($ci['ac']) && !empty($ci['ac'])) {
|
|
if ($ci['ac'] === 'renDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
|
|
verifToken($ci['token']);
|
|
$renDir = renDir($ci['renDir'], $ci['bc'], $fullListDir);
|
|
$ci['bc'] = $renDir['bc'];
|
|
$fullListDir = $renDir['fullListDir'];
|
|
}
|
|
|
|
if ($ci['ac'] === 'newDir' && !empty($ci['op']) && (int)$ci['op'] === 1) {
|
|
verifToken($ci['token']);
|
|
$addDir = addDir($ci['newDir'], $ci['bc'], $fullListDir);
|
|
$fullListDir = $addDir['fullListDir'];
|
|
}
|
|
|
|
if ($ci['ac'] === 'addVideo' && !empty($ci['op']) && (int)$ci['op'] === 1) {
|
|
verifToken($ci['token']);
|
|
$addVideo = addVideo($ci, $fullListFile);
|
|
}
|
|
if ($ci['ac'] === 'addThumbnail' && !empty($ci['op']) && (int)$ci['op'] === 1) {
|
|
verifToken($ci['token']);
|
|
$addThumbnail = addThumbnail($ci['bc']);
|
|
}
|
|
if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 4) {
|
|
verifToken($ci['token']);
|
|
if ($_SESSION['log'] !== true) {
|
|
die('Tinker say : You can keep your magic, I have laser beams! ');
|
|
}
|
|
$deleteVideo = deleteVideo($ci['bc'], $ci['file']);
|
|
}
|
|
if ($ci['ac'] === 'view' && !empty($ci['op']) && (int)$ci['op'] === 3) {
|
|
verifToken($ci['token']);
|
|
if ($_SESSION['log'] !== true) {
|
|
die('Tinker say : Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew Pew');
|
|
}
|
|
$defineThumb = defineThumb($ci['bc'], $ci['file']);
|
|
}
|
|
}
|
|
?>
|
|
<!doctype html>
|
|
<html lang="fr">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<title>SoViGall - Personal Video Gallery</title>
|
|
<link rel="stylesheet" href="style.css">
|
|
</head>
|
|
<body>
|
|
<?php
|
|
if (!isset($page) && empty($page)) {
|
|
require 'inc/content.php';
|
|
} else {
|
|
require 'inc/'.$page.'.php';
|
|
}
|
|
echo '<p id="time">Exec time : '.round((microtime(TRUE) - $startTime), 5).'</p>';
|
|
?>
|
|
</body>
|
|
</html>
|