summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.gitignore2
-rw-r--r--Makefile15
-rw-r--r--config/config.php9
-rw-r--r--public/.htaccess10
-rw-r--r--public/admin.php0
-rw-r--r--public/index.php47
-rw-r--r--public/view.php0
-rw-r--r--util/src/id.c40
8 files changed, 123 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..27ae3b6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+*.out
+uploads/*
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..2294f74
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,15 @@
+serve:
+ cd public && php -S 0.0.0.0:8000
+
+CC = gcc
+CFLAGS = -Wall -fsanitize=leak
+
+all: util/id.out
+
+util/id.out: util/src/id.c
+ $(CC) $(CFLAGS) $< -o $@ -lssl -lcrypto
+
+clean:
+ rm -f util/*.out
+
+.PHONY: all clean serve
diff --git a/config/config.php b/config/config.php
new file mode 100644
index 0000000..d6fcba7
--- /dev/null
+++ b/config/config.php
@@ -0,0 +1,9 @@
+<?php
+
+$UPLOAD_DIR = "../uploads/";
+$UPLOAD_MAX_SZ = 20000000;
+$FILE_PROCESSING_CMD = "../util/process.out";
+$ID_CMD = "../util/id.out";
+$ADMIN_PASS = "correcthorsebatterystaple"
+
+?>
diff --git a/public/.htaccess b/public/.htaccess
new file mode 100644
index 0000000..e46b2d9
--- /dev/null
+++ b/public/.htaccess
@@ -0,0 +1,10 @@
+RewriteEngine On
+
+RewriteCond %{REQUEST_URI} ^/$ [OR]
+RewriteCond %{REQUEST_URI} ^/index\.php$
+RewriteRule ^(.*)$ /index.php [L]
+
+RewriteCond %{QUERY_STRING} ^v=([a-zA-Z0-9\_\-\~\!\*]{8})$
+RewriteRule ^$ /view.php?v=%1 [L,QSA]
+
+RewriteRule ^admin\.php$ /admin.php [L]
diff --git a/public/admin.php b/public/admin.php
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/public/admin.php
diff --git a/public/index.php b/public/index.php
new file mode 100644
index 0000000..f656154
--- /dev/null
+++ b/public/index.php
@@ -0,0 +1,47 @@
+<?php
+
+include '../config/config.php';
+
+if (
+ $_SERVER['REQUEST_METHOD'] == 'POST' &&
+ isset($_FILES['file'])
+) {
+ $f = $_FILES['file'];
+ $id = shell_exec($ID_CMD);
+ $targetf = $UPLOAD_DIR . $id;
+
+ if ($f['size' > $UPLOAD_MAX_SZ]) {
+ echo "File too large.";
+ } else {
+ if (move_uploaded_file($f['tmp_name'], $targetf)) {
+ $cmd = escapeshellcmd(
+ "$FILE_PROCESSING_CMD " .
+ escapeshellarg($targetf)
+ );
+
+ shell_exec($cmd);
+ echo "Uploaded.";
+ } else {
+ echo "Error uploading.";
+ }
+ }
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <title>i2</title>
+</head>
+<body>
+ <h1>Upload File</h1>
+ <form action="index.php" method="post" enctype="multipart/form-data">
+ <label for="file">Choose file:</label>
+ <input type="file" id="file" name="file" required>
+ <button type="submit">Upload</button>
+ </form>
+</body>
+</html>
diff --git a/public/view.php b/public/view.php
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/public/view.php
diff --git a/util/src/id.c b/util/src/id.c
new file mode 100644
index 0000000..48bed23
--- /dev/null
+++ b/util/src/id.c
@@ -0,0 +1,40 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <openssl/rand.h>
+
+#define IDLN 8
+#define CHARSET \
+ "abcdefghijklmnopqrstuvwxyz" \
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \
+ "0123456789" \
+ "-_!~"
+#define CHARSETLN (sizeof(CHARSET) - 1)
+
+char* gen() {
+ char* id = malloc(IDLN + 1);
+ if (id == NULL) {
+ perror("malloc");
+ exit(1);
+ }
+
+ unsigned char buf[IDLN];
+ if (RAND_bytes(buf, IDLN) != 1) {
+ perror("RAND_bytes");
+ free(id);
+ exit(1);
+ }
+
+ for (
+ int i = 0;
+ i < IDLN || (id[IDLN] = '\0');
+ id[i++] = CHARSET[buf[i] % CHARSETLN]
+ );
+
+ return id;
+}
+
+int main(void) {
+ char* id = gen();
+ printf("%s", id);
+ free(id);
+}