diff --git a/.idea/.gitignore b/.idea/.gitignore
new file mode 100644
index 0000000..13566b8
--- /dev/null
+++ b/.idea/.gitignore
@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Editor-based HTTP Client requests
+/httpRequests/
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
diff --git a/.idea/Uguu.iml b/.idea/Uguu.iml
new file mode 100644
index 0000000..c956989
--- /dev/null
+++ b/.idea/Uguu.iml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/copyright/neku.xml b/.idea/copyright/neku.xml
new file mode 100644
index 0000000..a3708a3
--- /dev/null
+++ b/.idea/copyright/neku.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/copyright/profiles_settings.xml b/.idea/copyright/profiles_settings.xml
new file mode 100644
index 0000000..bb47296
--- /dev/null
+++ b/.idea/copyright/profiles_settings.xml
@@ -0,0 +1,3 @@
+
+
+
\ No newline at end of file
diff --git a/.idea/modules.xml b/.idea/modules.xml
new file mode 100644
index 0000000..e0cbf93
--- /dev/null
+++ b/.idea/modules.xml
@@ -0,0 +1,8 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/vcs.xml b/.idea/vcs.xml
new file mode 100644
index 0000000..94a25f7
--- /dev/null
+++ b/.idea/vcs.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/dist.json b/dist.json
index 5a8dd91..9d07f65 100644
--- a/dist.json
+++ b/dist.json
@@ -26,5 +26,48 @@
"ToolsDesc": "The following tools might need editing to work on this clone of Uguu, usually editing the URL works.",
"paypalUrl": "",
"bitcoinAddress": "",
- "flattrUrl": ""
+ "flattrUrl": "",
+
+ "DB_MODE": "sqlite",
+ "DB_CONN": "/path/to/db/uguu.sq3",
+ "DB_USER": "NULL",
+ "DB_PASS": "NULL",
+ "LOG_IP": false,
+ "ANTI_DUPE": false,
+ "BLACKLIST_DB": true,
+ "FILTER_MODE": true,
+ "FILES_ROOT": "/path/files",
+ "FILES_RETRIES": 15,
+ "SSL": true,
+ "URL": "a.uguu.se",
+ "ID_CHARSET": "abcdefghijklmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ",
+ "BLOCKED_EXTENSIONS": [
+ "exe",
+ "scr",
+ "com",
+ "vbs",
+ "bat",
+ "cmd",
+ "htm",
+ "html",
+ "jar",
+ "msi",
+ "apk",
+ "phtml",
+ "svg"
+ ],
+ "BLOCKED_MIME": [
+ "application/msword",
+ "text/html",
+ "application/x-dosexec",
+ "application/java",
+ "application/java-archive",
+ "application/x-executable",
+ "application/x-mach-binary",
+ "image/svg+xml"
+ ],
+ "DOUBLE_DOTS": [
+ "tar.gz",
+ "tar.cp"
+ ]
}
\ No newline at end of file
diff --git a/static/php/classes/Core.php b/static/php/classes/Core.php
new file mode 100644
index 0000000..e33df09
--- /dev/null
+++ b/static/php/classes/Core.php
@@ -0,0 +1,83 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+namespace Core {
+
+ /**
+ * @property mixed $DB_CONN
+ */
+ class Settings
+ {
+
+ public $DB_MODE;
+ public $DB_PATH;
+ public $DB_USER;
+ public $DB_PASS;
+
+ public $LOG_IP;
+ public $ANTI_DUPE;
+ public $BLACKLIST_DB;
+ public $FILTER_MODE;
+
+ public $FILES_ROOT;
+ public $FILES_RETRIES;
+
+ public $SSL;
+ public $URL;
+
+ public $NAME_LENGTH;
+ public $ID_CHARSET;
+ public $BLOCKED_EXTENSIONS;
+ public $BLOCKED_MIME;
+ public $DOUBLE_DOTS;
+
+ public function __constructSettings()
+ {
+ $settings_array = json_decode(file_get_contents('/Users/go.johansson/PERSONAL_REPOS/Uguu/dist.json'), true);
+ $this->DB_MODE = $settings_array['DB_MODE'];
+ $this->DB_PATH = $settings_array['DB_PATH'];
+ $this->DB_USER = $settings_array['DB_USER'];
+ $this->DB_PASS = $settings_array['DB_PASS'];
+ $this->LOG_IP = $settings_array['LOG_IP'];
+ $this->ANTI_DUPE = $settings_array['ANTI_DUPE'];
+ $this->BLACKLIST_DB = $settings_array['BLACKLIST_DB'];
+ $this->FILTER_MODE = $settings_array['FILTER_MODE'];
+ $this->FILES_ROOT = $settings_array['FILES_ROOT'];
+ $this->FILES_RETRIES = $settings_array['FILES_RETRIES'];
+ $this->SSL = $settings_array['SSL'];
+ $this->URL = $settings_array['URL'];
+ $this->NAME_LENGTH = $settings_array['NAME_LENGTH'];
+ $this->ID_CHARSET = $settings_array['ID_CHARSET'];
+ $this->BLOCKED_EXTENSIONS = $settings_array['BLOCKED_EXTENSIONS'];
+ $this->BLOCKED_MIME = $settings_array['BLOCKED_MIME'];
+ $this->DOUBLE_DOTS = $settings_array['DOUBLE_DOTS'];
+ }
+ }
+
+ class Database extends Settings
+ {
+ public $DB;
+
+ public function __constructDB()
+ {
+ $this->DB = new PDO($this->DB_MODE.':'.$this->DB_PATH, $this->DB_USER, $this->DB_PASS);
+ }
+ }
+}
\ No newline at end of file
diff --git a/static/php/classes/Database.class.php b/static/php/classes/Database.class.php
new file mode 100644
index 0000000..7530c82
--- /dev/null
+++ b/static/php/classes/Database.class.php
@@ -0,0 +1,30 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+require_once 'Settings.class.php';
+
+class Database extends Settings
+{
+public $db;
+ public function __construct()
+ {
+ $this->db = new PDO($this->DB_CONN, $this->DB_USER, $this->DB_PASS);
+ }
+}
\ No newline at end of file
diff --git a/static/php/classes/Upload.php b/static/php/classes/Upload.php
new file mode 100644
index 0000000..9a9c2ac
--- /dev/null
+++ b/static/php/classes/Upload.php
@@ -0,0 +1,133 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+require_once 'Database.class.php';
+
+class Upload extends Database, errorReport
+{
+ public $FILE_NAME;
+ public $FILE_EXTENSION;
+ public $FILE_MIME;
+
+ public $NEW_NAME;
+ public $NEW_NAME_FULL;
+
+ public function fileInfo ($file)
+ {
+ if (isset($_FILES['files'])) {
+ $this->FILE_NAME = '';
+ $this->FILE_NAME = $file->name;
+ $finfo = finfo_open(FILEINFO_MIME_TYPE);
+ $this->FILE_MIME = finfo_file($finfo, $file->tempfile);
+ finfo_close($finfo);
+
+ // Check if extension is a double-dot extension and, if true, override $ext
+ foreach ($this->DOUBLE_DOTS as $ddot) {
+ if (stripos(strrev($this->FILE_NAME), $ddot) === 0) {
+ $this->FILE_EXTENSION = strrev($ddot);
+ } else {
+ $this->FILE_EXTENSION = pathinfo($file->name, PATHINFO_EXTENSION);
+ }
+ }
+ }
+ }
+
+public function checkFileBlacklist ($hash){
+ $q = $this->db->prepare('SELECT hash, COUNT(*) AS count FROM blacklist WHERE hash = (:hash)');
+ $q->bindValue(':hash', $hash, PDO::PARAM_STR);
+ $q->execute();
+ $result = $q->fetch();
+ if ($result['count'] > 0) {
+ http_response_code(415);
+ throw new Exception(
+ 'File blacklisted!',
+ 415
+ );
+ exit(0);
+ }
+}
+
+public function checkExtensionBlacklist($ext){
+ //Check if EXT is blacklisted
+ if (in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))) {
+ http_response_code(415);
+ throw new Exception(
+ 'File type not allowed!',
+ 415
+ );
+ exit(0);
+ }
+}
+
+public function checkMimeBlacklist($mime){
+ //check if MIME is blacklisted
+ if (in_array($mime, unserialize($this->BLOCKED_MIME))) {
+ http_response_code(415);
+ throw new Exception(
+ 'File type not allowed!',
+ 415
+ );
+ exit(0);
+ }
+}
+
+ public function generateName($file)
+ {
+ $this->fileInfo($file);
+ $error = new
+ do {
+ // Iterate until we reach the maximum number of retries
+ if ($this->FILES_RETRIES-- === 0) {
+ $error->throwError('500', 'Gave up trying to find an unused name', true);
+ }
+
+
+
+
+ for ($i = 0; $i < $this->NAME_LENGTH; ++$i) {
+ $this->NEW_NAME .= $this->ID_CHARSET[mt_rand(0, strlen($this->ID_CHARSET))];
+ }
+
+ // Add the extension to the file name
+ if (isset($this->FILE_EXTENSION) && $this->FILE_EXTENSION !== '') {
+ $this->NEW_NAME_FULL = $this->NEW_NAME.'.'.$this->FILE_EXTENSION;
+ }
+
+ // Check if the file hash is blacklisted
+ if($this->BLACKLIST_DB){
+ $this->checkFileBlacklist($file->getSha1());
+ }
+
+ // Check if extension or mime is blacklisted
+ if($this->FILTER_MODE) {
+ $this->checkMimeBlacklist($this->FILE_MIME);
+ $this->checkExtensionBlacklist($this->FILE_EXTENSION);
+ }
+
+ // Check if a file with the same name does already exist in the database
+ $q = $db->prepare('SELECT COUNT(filename) FROM files WHERE filename = (:name)');
+ $q->bindValue(':name', $name, PDO::PARAM_STR);
+ $q->execute();
+ $result = $q->fetchColumn();
+ // If it does, generate a new name
+ } while ($result > 0);
+
+ return $name;
+ }
+}
\ No newline at end of file
diff --git a/static/php/classes/errorReport.php b/static/php/classes/errorReport.php
new file mode 100644
index 0000000..3660da1
--- /dev/null
+++ b/static/php/classes/errorReport.php
@@ -0,0 +1,24 @@
+
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see .
+ */
+
+class errorReport
+{
+
+}
\ No newline at end of file
diff --git a/static/php/includes/database.inc.php b/static/php/includes/database.inc.php
deleted file mode 100644
index d845f5c..0000000
--- a/static/php/includes/database.inc.php
+++ /dev/null
@@ -1,6 +0,0 @@
-