diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | Makefile | 15 | ||||
| -rw-r--r-- | config/config.php | 9 | ||||
| -rw-r--r-- | public/.htaccess | 10 | ||||
| -rw-r--r-- | public/admin.php | 0 | ||||
| -rw-r--r-- | public/index.php | 47 | ||||
| -rw-r--r-- | public/view.php | 0 | ||||
| -rw-r--r-- | util/src/id.c | 40 |
8 files changed, 123 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..27ae3b6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.out +uploads/* diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..2294f74 --- /dev/null +++ b/Makefile @@ -0,0 +1,15 @@ +serve: + cd public && php -S 0.0.0.0:8000 + +CC = gcc +CFLAGS = -Wall -fsanitize=leak + +all: util/id.out + +util/id.out: util/src/id.c + $(CC) $(CFLAGS) $< -o $@ -lssl -lcrypto + +clean: + rm -f util/*.out + +.PHONY: all clean serve diff --git a/config/config.php b/config/config.php new file mode 100644 index 0000000..d6fcba7 --- /dev/null +++ b/config/config.php @@ -0,0 +1,9 @@ +<?php + +$UPLOAD_DIR = "../uploads/"; +$UPLOAD_MAX_SZ = 20000000; +$FILE_PROCESSING_CMD = "../util/process.out"; +$ID_CMD = "../util/id.out"; +$ADMIN_PASS = "correcthorsebatterystaple" + +?> diff --git a/public/.htaccess b/public/.htaccess new file mode 100644 index 0000000..e46b2d9 --- /dev/null +++ b/public/.htaccess @@ -0,0 +1,10 @@ +RewriteEngine On + +RewriteCond %{REQUEST_URI} ^/$ [OR] +RewriteCond %{REQUEST_URI} ^/index\.php$ +RewriteRule ^(.*)$ /index.php [L] + +RewriteCond %{QUERY_STRING} ^v=([a-zA-Z0-9\_\-\~\!\*]{8})$ +RewriteRule ^$ /view.php?v=%1 [L,QSA] + +RewriteRule ^admin\.php$ /admin.php [L] diff --git a/public/admin.php b/public/admin.php new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/public/admin.php diff --git a/public/index.php b/public/index.php new file mode 100644 index 0000000..f656154 --- /dev/null +++ b/public/index.php @@ -0,0 +1,47 @@ +<?php + +include '../config/config.php'; + +if ( + $_SERVER['REQUEST_METHOD'] == 'POST' && + isset($_FILES['file']) +) { + $f = $_FILES['file']; + $id = shell_exec($ID_CMD); + $targetf = $UPLOAD_DIR . $id; + + if ($f['size' > $UPLOAD_MAX_SZ]) { + echo "File too large."; + } else { + if (move_uploaded_file($f['tmp_name'], $targetf)) { + $cmd = escapeshellcmd( + "$FILE_PROCESSING_CMD " . + escapeshellarg($targetf) + ); + + shell_exec($cmd); + echo "Uploaded."; + } else { + echo "Error uploading."; + } + } +} + +?> + +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <title>i2</title> +</head> +<body> + <h1>Upload File</h1> + <form action="index.php" method="post" enctype="multipart/form-data"> + <label for="file">Choose file:</label> + <input type="file" id="file" name="file" required> + <button type="submit">Upload</button> + </form> +</body> +</html> diff --git a/public/view.php b/public/view.php new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/public/view.php diff --git a/util/src/id.c b/util/src/id.c new file mode 100644 index 0000000..48bed23 --- /dev/null +++ b/util/src/id.c @@ -0,0 +1,40 @@ +#include <stdio.h> +#include <stdlib.h> +#include <openssl/rand.h> + +#define IDLN 8 +#define CHARSET \ + "abcdefghijklmnopqrstuvwxyz" \ + "ABCDEFGHIJKLMNOPQRSTUVWXYZ" \ + "0123456789" \ + "-_!~" +#define CHARSETLN (sizeof(CHARSET) - 1) + +char* gen() { + char* id = malloc(IDLN + 1); + if (id == NULL) { + perror("malloc"); + exit(1); + } + + unsigned char buf[IDLN]; + if (RAND_bytes(buf, IDLN) != 1) { + perror("RAND_bytes"); + free(id); + exit(1); + } + + for ( + int i = 0; + i < IDLN || (id[IDLN] = '\0'); + id[i++] = CHARSET[buf[i] % CHARSETLN] + ); + + return id; +} + +int main(void) { + char* id = gen(); + printf("%s", id); + free(id); +} |