X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=index.php;h=7d866367d72263ab54ada5cac935827f642e0ad2;hb=4376a1aa26c2698a777cbd86ef3d421f0248f39e;hp=24b9eb8785154c5eb50020141509cfb85c6ffadc;hpb=fdc9be07ce18c5705b38e833ed6ad0a8e5372c78;p=simple-upload.git

diff --git a/index.php b/index.php
index 24b9eb8..7d86636 100644
--- a/index.php
+++ b/index.php
@@ -14,96 +14,129 @@
 		along with this program.  If not, see <http://www.gnu.org/licenses/>.
 	*/
 
-	// ============== Configuration begin  ==============
-
+	// =============={ Configuration Begin }==============
 	$settings = array(
 
+		// Website title
+		'title' => 'strace.club',
+
 		// Directory to store uploaded files
-		uploaddir => '.',
+		'uploaddir' => '.',
 
 		// Display list uploaded files
-		listfiles => true,
+		'listfiles' => true,
 
 		// Allow users to delete files that they have uploaded (will enable sessions)
-		allow_deletion => true,
+		'allow_deletion' => true,
+
+		// Allow users to mark files as hidden
+		'allow_private' => true,
 
 		// Display file sizes
-		listfiles_size => true,
+		'listfiles_size' => true,
 
 		// Display file dates
-		listfiles_date => true,
+		'listfiles_date' => true,
 
 		// Display file dates format
-		listfiles_date_format => 'F d Y H:i:s',
+		'listfiles_date_format' => 'F d Y H:i:s',
 
 		// Randomize file names (number of 'false')
-		random_name_len => 8,
+		'random_name_len' => 8,
 
 		// Keep filetype information (if random name is activated)
-		random_name_keep_type => true,
+		'random_name_keep_type' => true,
 
 		// Random file name letters
-		random_name_alphabet => 'qazwsxedcrfvtgbyhnujmikolp1234567890',
+		'random_name_alphabet' => 'qazwsxedcrfvtgbyhnujmikolp1234567890',
 
 		// Display debugging information
-		debug => false,
+		'debug' => false,
 
 		// Complete URL to your directory (including tracing slash)
-		url => 'http://strace.club/',
+		'url' => 'http://strace.club/',
+
+		// Amount of seconds that each file should be stored for (0 for no limit)
+		// Default 30 days
+		'time_limit' => 60 * 60 * 24 * 30,
+
+		// Files that will be ignored
+		'ignores' => array('.', '..', 'LICENSE', 'README.md'),
 
+		// Language code
+		'lang' => 'en_GB',
+
+		// Language direction
+		'lang_dir' => 'ltr',
 	);
+	// =============={ Configuration End }==============
+
+	// Is the local config file there?
+	if (file_exists('config-local.php')) {
+		// Load it then
+		include('config-local.php');
+	}
 
-	// ============== Configuration end  ==============
+	// Enabling error reporting
+	if ($settings['debug']) {
+		error_reporting(E_ALL);
+		ini_set('display_startup_errors',1);
+		ini_set('display_errors',1);
+	}
 
 	$data = array();
 
 	// Name of this file
 	$data['scriptname'] = pathinfo(__FILE__, PATHINFO_BASENAME);
 
+	// Adding current script name to ignore list
+	$data['ignores'] = $settings['ignores'];
+	$data['ignores'][] = $data['scriptname'];
+
 	// Use canonized path
-	$data['uploaddir'] = realpath($settings['uploaddir']);
+	$data['uploaddir'] = realpath(dirname(__FILE__) . DIRECTORY_SEPARATOR . $settings['uploaddir']);
 
 	// Maximum upload size, set by system
 	$data['max_upload_size'] = ini_get('upload_max_filesize');
 
-	if ($settings['allow_deletion']) {
+	// If file deletion or private files are allowed, starting a session.
+	// This is required for user authentification
+	if ($settings['allow_deletion'] || $settings['allow_private']) {
 		session_start();
 
+		// 'User ID'
 		if (!isset($_SESSION['upload_user_id']))
-			$_SESSION['upload_user_id'] = rand(1000, 9999);
+			$_SESSION['upload_user_id'] = mt_rand(100000, 999999);
 
+		// List of filenames that were uploaded by this user
 		if (!isset($_SESSION['upload_user_files']))
 			$_SESSION['upload_user_files'] = array();
 	}
 
+	// If debug is enabled, logging all variables
 	if ($settings['debug']) {
-
-
-		// Enabling error reporting
-		error_reporting(E_ALL);
-		error_reporting(1);
-
 		// Displaying debug information
-		echo '<h2>Debugging information: settings</h2>';
+		echo '<h2>Settings:</h2>';
 		echo '<pre>';
 		print_r($settings);
 		echo '</pre>';
 
 		// Displaying debug information
-		echo '<h2>Debugging information: data</h2>';
+		echo '<h2>Data:</h2>';
 		echo '<pre>';
 		print_r($data);
 		echo '</pre>';
 		echo '</pre>';
 
 		// Displaying debug information
-		echo '<h2>Debugging information: _SESSION</h2>';
+		echo '<h2>SESSION:</h2>';
 		echo '<pre>';
 		print_r($_SESSION);
 		echo '</pre>';
 	}
 
-	function FormatSize ($bytes) {
+	// Format file size
+	function formatSize ($bytes) {
 		$units = array('B', 'KB', 'MB', 'GB', 'TB');
 
 		$bytes = max($bytes, 0);
@@ -115,81 +148,93 @@
 		return ceil($bytes) . ' ' . $units[$pow];
 	}
 
-	function DiverseArray ($vector) {
+	// Rotating a two-dimensional array
+	function diverseArray ($vector) {
 		$result = array();
-		foreach($vector as $key1 => $value1)
-			foreach($value1 as $key2 => $value2)
+		foreach ($vector as $key1 => $value1)
+			foreach ($value1 as $key2 => $value2)
 				$result[$key2][$key1] = $value2;
 		return $result;
 	}
 
-	function UploadFile ($file_data) {
+	// Handling file upload
+	function uploadFile ($file_data) {
 		global $settings;
 		global $data;
 		global $_SESSION;
 
-		$data['uploaded_file_name'] = basename($file_data['name']);
-		$data['target_file_name'] = $file_data['uploaded_file_name'];
+		$file_data['uploaded_file_name'] = basename($file_data['name']);
+		$file_data['target_file_name'] = $file_data['uploaded_file_name'];
+
+		// Generating random file name
 		if ($settings['random_name_len'] !== false) {
 			do {
-				$data['target_file_name'] = '';
-				while (strlen($data['target_file_name']) < $settings['random_name_len'])
-					$data['target_file_name'] .= $settings['random_name_alphabet'][rand(0, strlen($settings['random_name_alphabet']) - 1)];
+				$file_data['target_file_name'] = '';
+				while (strlen($file_data['target_file_name']) < $settings['random_name_len'])
+					$file_data['target_file_name'] .= $settings['random_name_alphabet'][mt_rand(0, strlen($settings['random_name_alphabet']) - 1)];
 				if ($settings['random_name_keep_type'])
-					$data['target_file_name'] .= '.' . pathinfo($data['uploaded_file_name'], PATHINFO_EXTENSION);
-			} while (file_exists($data['target_file_name']));
+					$file_data['target_file_name'] .= '.' . pathinfo($file_data['uploaded_file_name'], PATHINFO_EXTENSION);
+			} while (file_exists($file_data['target_file_name']));
 		}
-		$data['upload_target_file'] = $data['uploaddir'] . DIRECTORY_SEPARATOR . $data['target_file_name'];
-		$data['tmp_name'] = $file_data['tmp_name'];
+		$file_data['upload_target_file'] = $data['uploaddir'] . DIRECTORY_SEPARATOR . $file_data['target_file_name'];
 
-		if (file_exists($data['upload_target_file'])) {
+		// Do now allow to overwriting files
+		if (file_exists($file_data['upload_target_file'])) {
 			echo 'File name already exists' . "\n";
 			return;
 		}
 
-		if (move_uploaded_file($data['tmp_name'], $data['upload_target_file'])) {
-			if ($settings['allow_deletion'])
-				$_SESSION['upload_user_files'][] = $data['target_file_name'];
-			echo $settings['url'] .  $data['target_file_name'] . "\n";
+		// Moving uploaded file OK
+		if (move_uploaded_file($file_data['tmp_name'], $file_data['upload_target_file'])) {
+			if ($settings['allow_deletion'] || $settings['allow_private'])
+				$_SESSION['upload_user_files'][] = $file_data['target_file_name'];
+			echo $settings['url'] .  $file_data['target_file_name'] . "\n";
 		} else {
 			echo 'Error: unable to upload the file.';
 		}
 	}
 
-	if (isset($_FILES['file'])) {
-		if ($settings['debug']) {
-			// Displaying debug information
-			echo '<h2>Debugging information: data</h2>';
-			echo '<pre>';
-			print_r($data);
-			echo '</pre>';
-			// Displaying debug information
-			echo '<h2>Debugging information: file</h2>';
-			echo '<pre>';
-			print_r($_FILES);
-			echo '</pre>';
-		}
 
+	// Files are being POSEed. Uploading them one by one.
+	if (isset($_FILES['file'])) {
+		header('Content-type: text/plain');
 		if (is_array($_FILES['file'])) {
-			$file_array = DiverseArray($_FILES['file']);
+			$file_array = diverseArray($_FILES['file']);
 			foreach ($file_array as $file_data)
-				UploadFile($file_data);
+				uploadFile($file_data);
 		} else
-			UploadFile($_FILES['file']);
+			uploadFile($_FILES['file']);
 		exit;
 	}
 
-	if ($settings['allow_deletion'])
-		if (isset($_POST))
-			if ($_POST['action'] === 'delete')
-				if (in_array($_POST['target'], $_SESSION['upload_user_files']))
+	// Other file functions (delete, private).
+	if (isset($_POST)) {
+		if ($settings['allow_deletion'])
+			if (isset($_POST['action']) && $_POST['action'] === 'delete')
+				if (in_array(substr($_POST['target'], 1), $_SESSION['upload_user_files']) || in_array($_POST['target'], $_SESSION['upload_user_files']))
 					if (file_exists($_POST['target'])) {
 						unlink($_POST['target']);
 						echo 'File has been removed';
 						exit;
 					}
 
-	function ListFiles ($dir, $exclude) {
+		if ($settings['allow_private'])
+			if (isset($_POST['action']) && $_POST['action'] === 'privatetoggle')
+				if (in_array(substr($_POST['target'], 1), $_SESSION['upload_user_files']) || in_array($_POST['target'], $_SESSION['upload_user_files']))
+					if (file_exists($_POST['target'])) {
+						if ($_POST['target'][0] === '.') {
+							rename($_POST['target'], substr($_POST['target'], 1));
+							echo 'File has been made visible';
+						} else {
+							rename($_POST['target'], '.' . $_POST['target']);
+							echo 'File has been hidden';
+						}
+						exit;
+					}
+	}
+
+	// List files in a given directory, excluding certain files
+	function listFiles ($dir, $exclude) {
 		$file_array = array();
 		$dh = opendir($dir);
 			while (false !== ($filename = readdir($dh)))
@@ -200,12 +245,25 @@
 		return $file_array;
 	}
 
+	$file_array = listFiles($settings['uploaddir'], $data['ignores']);
+
+	// Removing old files
+	foreach ($file_array as $file)
+		if ($settings['time_limit'] < time() - filemtime($file))
+			unlink($file);
+
+	$file_array = listFiles($settings['uploaddir'], $data['ignores']);
 ?>
-<html lang="en-GB">
+<!DOCTYPE html>
+<html lang="<?=$settings['lang']?>" dir="<?=$settings['lang_dir']?>">
 	<head>
-		<meta charset="utf-8">
-		<title>strace.club</title>
+		<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+		<meta http-equiv="Content-Script-Type" content="text/javascript">
+		<meta name="robots" content="noindex">
+		<meta name="referrer" content="origin-when-crossorigin">
+		<title><?=$settings['title']?></title>
 		<style media="screen">
+		<!--
 			body {
 				background: #111;
 				margin: 0;
@@ -213,7 +271,7 @@
 				font-family: sans-serif;
 			}
 
-			h1 {
+			body > h1 {
 				display: block;
 				background: rgba(255, 255, 255, 0.05);
 				padding: 8px 16px;
@@ -221,34 +279,28 @@
 				margin: 0;
 			}
 
-			form {
+			body > form {
 				display: block;
 				background: rgba(255, 255, 255, 0.075);
 				padding: 16px 16px;
 				margin: 0;
-			}
-
-			p {
-				display: block;
-				background: rgba(255, 255, 255, 0.075);
-				padding: 4px 16px;
-				margin: 16px 0 0 0;
 				text-align: center;
 			}
 
-			ul {
+			body > ul {
 				display: block;
-				margin: 0;
 				padding: 0;
+				max-width: 1000px;
+				margin: 32px auto;
 			}
 
-			ul > li {
+			body > ul > li {
 				display: block;
 				margin: 0;
 				padding: 0;
 			}
 
-			ul > li > a {
+			body > ul > li > a {
 				display: block;
 				margin: 0 0 1px 0;
 				list-style: none;
@@ -259,50 +311,173 @@
 				opacity: 0.5;
 			}
 
-			ul > li > a > span {
+			body > ul > li > a:hover {
+				opacity: 1;
+			}
+
+			body > ul > li > a:active {
+				opacity: 0.5;
+			}
+
+			body > ul > li > a > span {
 				float: right;
 				font-size: 90%;
 			}
 
-			ul > li > a:hover {
+			body > ul > li > form {
+				display: inline-block;
+				padding: 0;
+				margin: 0;
+			}
+
+			body > ul > li.owned {
+				margin: 8px;
+			}
+
+			body > ul > li > form > button {
+				opacity: 0.5;
+				display: inline-block;
+				padding: 4px 16px;
+				margin: 0;
+				border: 0;
+				background: rgba(255, 255, 255, 0.1);
+				color: inherit;
+			}
+
+			body > ul > li > form > button:hover {
 				opacity: 1;
 			}
+
+			body > ul > li > form > button:active {
+				opacity: 0.5;
+			}
+
+			body > ul > li.uploading {
+				animation: upanim 2s linear 0s infinite alternate;
+			}
+
+			@keyframes upanim {
+				from {
+					opacity: 0.3;
+				}
+				to {
+					opacity: 0.8;
+				}
+			}
+		//-->
 		</style>
 	</head>
 	<body>
-		<h1>strace.club</h1>
-		<form action="<?= $data['scriptname'] ?>" method="POST" enctype="multipart/form-data" class="dropzone" id="my-awesome-dropzone">
+		<h1><?=$settings['title']?></h1>
+		<form action="<?= $data['scriptname'] ?>" method="POST" enctype="multipart/form-data" class="dropzone" id="simpleupload-form">
 			Maximum upload size: <?php echo $data['max_upload_size']; ?><br />
-			<input type="file" name="file[]" multiple required onchange="formname.submit();" />
+			<input type="file" name="file[]" multiple required id="simpleupload-input"/>
 		</form>
 		<?php if ($settings['listfiles']) { ?>
-			<p>Uploaded files:</p>
-			<ul>
+			<ul id="simpleupload-ul">
 				<?php
-					$file_array = ListFiles($settings['uploaddir'], array('.', '..', $data['scriptname']));
 					foreach ($file_array as $mtime => $filename) {
 						$file_info = array();
+						$file_owner = false;
+						$file_private = $filename[0] === '.';
 
 						if ($settings['listfiles_size'])
-							$file_info[] = FormatSize(filesize($filename));
+							$file_info[] = formatSize(filesize($filename));
 
 						if ($settings['listfiles_size'])
 							$file_info[] = date($settings['listfiles_date_format'], $mtime);
 
-						if ($settings['allow_deletion'])
-							if (in_array($filename, $_SESSION['upload_user_files']))
-								$file_info[] = '<form action="' . $data['scriptname'] . '" method="POST"><input type="hidden" name="target" value="' . $filename . '" /><input type="hidden" name="action" value="delete" /><button type="submit">delete</button></form>';
+						if ($settings['allow_deletion'] || $settings['allow_private'])
+							if (in_array(substr($filename, 1), $_SESSION['upload_user_files']) || in_array($filename, $_SESSION['upload_user_files']))
+								$file_owner = true;
 
 						$file_info = implode(', ', $file_info);
 
 						if (strlen($file_info) > 0)
 							$file_info = ' (' . $file_info . ')';
 
-						echo "<li><a href=\"$filename\" target=\"_blank\">$filename<span>$file_info</span></a></li>";
+						$class = '';
+						if ($file_owner)
+							$class = 'owned';
+
+						if (!$file_private || $file_owner) {
+							echo "<li class=\"' . $class . '\">";
+
+							echo "<a href=\"$filename\" target=\"_blank\">$filename<span>$file_info</span></a>";
+
+							if ($file_owner) {
+								if ($settings['allow_deletion'])
+									echo '<form action="' . $data['scriptname'] . '" method="POST"><input type="hidden" name="target" value="' . $filename . '" /><input type="hidden" name="action" value="delete" /><button type="submit">delete</button></form>';
+
+								if ($settings['allow_private'])
+									if ($file_private)
+										echo '<form action="' . $data['scriptname'] . '" method="POST"><input type="hidden" name="target" value="' . $filename . '" /><input type="hidden" name="action" value="privatetoggle" /><button type="submit">make public</button></form>';
+									else
+										echo '<form action="' . $data['scriptname'] . '" method="POST"><input type="hidden" name="target" value="' . $filename . '" /><input type="hidden" name="action" value="privatetoggle" /><button type="submit">make private</button></form>';
+							}
+
+							echo "</li>";
+						}
 					}
 				?>
 			</ul>
 		<?php } ?>
 		<a href="https://github.com/muchweb/simple-php-upload"><img style="position: absolute; top: 0; right: 0; border: 0;" src="https://camo.githubusercontent.com/38ef81f8aca64bb9a64448d0d70f1308ef5341ab/68747470733a2f2f73332e616d617a6f6e6177732e636f6d2f6769746875622f726962626f6e732f666f726b6d655f72696768745f6461726b626c75655f3132313632312e706e67" alt="Fork me on GitHub" data-canonical-src="https://s3.amazonaws.com/github/ribbons/forkme_right_darkblue_121621.png"></a>
+		<script charset="utf-8">
+			var target_form = document.getElementById('simpleupload-form'),
+				target_ul = document.getElementById('simpleupload-ul'),
+				target_input = document.getElementById('simpleupload-input');
+
+			target_form.addEventListener('dragover', function (event) {
+				event.preventDefault();
+			}, false);
+
+			function AddFileLi (name, info) {
+				target_form.style.display = 'none';
+
+				var new_li = document.createElement('li');
+				new_li.className = 'uploading';
+
+				var new_a = document.createElement('a');
+				new_a.innerHTML = name;
+				new_li.appendChild(new_a);
+
+				var new_span = document.createElement('span');
+				new_span.innerHTML = info;
+				new_a.appendChild(new_span);
+
+				target_ul.insertBefore(new_li, target_ul.firstChild);
+			}
+
+			function HandleFiles (event) {
+				event.preventDefault();
+
+				var i = 0,
+					files = event.dataTransfer.files,
+					len = files.length;
+
+				var form = new FormData();
+
+				for (; i < len; i++) {
+					form.append('file[]', files[i]);
+					AddFileLi(files[i].name, files[i].size + ' bytes');
+				}
+
+				var xhr = new XMLHttpRequest();
+				xhr.onload = function() {
+					window.location.reload();
+				};
+
+				xhr.open('post', '<?php echo $data['scriptname']; ?>', true);
+				xhr.send(form);
+			}
+
+			target_form.addEventListener('drop', HandleFiles, false);
+
+			document.getElementById('simpleupload-input').onchange = function () {
+				AddFileLi('Uploading...', '');
+				target_form.submit();
+			};
+		</script>
 	</body>
 </html>