summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/alert.php30
-rw-r--r--public/delete.php63
-rw-r--r--public/index.php9
-rw-r--r--public/mod.php4
-rw-r--r--public/report.php64
-rw-r--r--public/static/style.css10
-rw-r--r--public/upload.php37
7 files changed, 175 insertions, 42 deletions
diff --git a/lib/alert.php b/lib/alert.php
new file mode 100644
index 0000000..76ca523
--- /dev/null
+++ b/lib/alert.php
@@ -0,0 +1,30 @@
+<?php
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
+
+function generate_alert(string $redirect, string|null $message, int $code = 200, mixed $data = null)
+{
+ if (IS_JSON_REQUEST) {
+ json_response($data, $message, $code);
+ } else if (isset($message)) {
+ header("Location: $redirect" . (str_contains($redirect, "?") ? "&" : "?") . "es=$code&er=" . urlencode($message));
+ } else {
+ header("Location: $redirect");
+ }
+}
+
+function display_alert()
+{
+ if (!isset($_GET["es"], $_GET["er"])) {
+ return;
+ }
+
+ $status = $_GET["es"];
+ $reason = urldecode($_GET['er']);
+ $ok = substr($status, 0, 1) == '2';
+
+ echo '' ?>
+ <section class="box alert<?= !$ok ? ' red' : '' ?>">
+ <p><?= $reason ?></p>
+ </section>
+ <?php ;
+} \ No newline at end of file
diff --git a/public/delete.php b/public/delete.php
index 453e0b3..2ca1d73 100644
--- a/public/delete.php
+++ b/public/delete.php
@@ -2,11 +2,16 @@
include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/file.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php';
session_start();
if (!FILE_DELETION) {
- json_response(null, 'File deletion is not allowed!', 403);
+ generate_alert(
+ '/',
+ "File deletion is not allowed",
+ 403
+ );
exit();
}
@@ -14,7 +19,11 @@ $file_id = $_GET['f'] ?? null;
$password = $_GET['key'] ?? null;
if (!isset($file_id)) {
- json_response(null, "File ID must be set!", 400);
+ generate_alert(
+ '/',
+ "File ID must be set!",
+ 400
+ );
exit();
}
@@ -23,46 +32,76 @@ $file_ext = $file_id[1];
$file_id = $file_id[0];
if (!preg_match('/^[a-zA-Z0-9_-]+$/', $file_id) || !preg_match('/^[a-zA-Z0-9]+$/', $file_ext)) {
- json_response(null, "Invalid file ID or extension", 400);
+ generate_alert(
+ '/',
+ "Invalid file ID or extension",
+ 400
+ );
exit();
}
if (!is_file(FILE_UPLOAD_DIRECTORY . "/{$file_id}.{$file_ext}")) {
- json_response(null, "File {$file_id} not found", 404);
+ generate_alert(
+ "/",
+ "File $file_id not found",
+ 404
+ );
exit();
}
if (!is_file(FILE_METADATA_DIRECTORY . "/{$file_id}.metadata.json")) {
- json_response(null, "File metadata {$file_id} not found", 404);
+ generate_alert(
+ "/$file_id.$file_ext",
+ "File metadata $file_id not found",
+ 404
+ );
exit();
}
$metadata = json_decode(file_get_contents(FILE_METADATA_DIRECTORY . "/{$file_id}.metadata.json"), true);
if (!array_key_exists('password', $metadata)) {
- json_response(null, "File {$file_id} does not have a password. File cannot be deleted!", 400);
+ generate_alert(
+ "/$file_id.$file_ext",
+ "File $file_id does not have a password. File cannot be deleted!",
+ 400
+ );
exit();
}
if (!isset($_SESSION['is_moderator']) && !isset($password)) {
- json_response(null, "Field 'key' must be set!", 400);
+ generate_alert(
+ "/$file_id.$file_ext",
+ "Field 'key' must be set!",
+ 400
+ );
exit();
}
if (!isset($_SESSION['is_moderator']) && !password_verify($password, $metadata['password'])) {
- json_response(null, "Bad password", 401);
+ generate_alert(
+ "/$file_id.$file_ext",
+ 'Unauthorized',
+ 401
+ );
exit();
}
if (!delete_file($file_id, $file_ext)) {
- json_response(null, 'Failed to remove files. Try again later.', 500);
+ generate_alert(
+ "/$file_id.$file_ext",
+ 'Failed to remove files. Try again later',
+ 500
+ );
exit();
}
-json_response(
+generate_alert(
+ $_GET['r'] ?? '/',
+ 'Successfully deleted the file',
+ 200,
[
'id' => $file_id,
'extension' => $file_ext
- ],
- 'Successfully deleted the file'
+ ]
); \ No newline at end of file
diff --git a/public/index.php b/public/index.php
index 7df2ce1..5640e9d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -2,6 +2,7 @@
include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/partials.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php';
session_start();
@@ -18,8 +19,6 @@ $file_id = null;
if (strlen(substr($_SERVER['PHP_SELF'], strlen('/index.php'))) > 0) {
$file_id = basename($_SERVER['PHP_SELF']);
-} else if (isset($_SERVER['QUERY_STRING']) && !empty(trim($_SERVER['QUERY_STRING']))) {
- $file_id = basename($_SERVER['QUERY_STRING']);
}
if (FILE_CATALOG_FANCY_VIEW && $file_id) {
@@ -145,9 +144,11 @@ $privacy_exists = is_file($_SERVER['DOCUMENT_ROOT'] . '/static/PRIVACY.txt');
</div>
</div>
+ <?php display_alert() ?>
+
<section class="file-preview-wrapper">
<section class="box">
- <div class="tab row">
+ <div class="tab row gap-8">
<div class="grow">
<?php if (isset($file['original_name'])): ?>
<p><i><?= $file['original_name'] ?></i></p>
@@ -197,6 +198,8 @@ $privacy_exists = is_file($_SERVER['DOCUMENT_ROOT'] . '/static/PRIVACY.txt');
<noscript>No JavaScript Mode</noscript>
<?php html_big_navbar() ?>
+ <?php display_alert() ?>
+
<section class="box">
<div class="tab">
<p>What is <?= INSTANCE_NAME ?>?</p>
diff --git a/public/mod.php b/public/mod.php
index d0ec00c..38e259e 100644
--- a/public/mod.php
+++ b/public/mod.php
@@ -2,6 +2,7 @@
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/partials.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php';
session_start();
@@ -85,6 +86,7 @@ if (isset($_SESSION['is_moderator'])) {
<body>
<main>
<?php html_mini_navbar() ?>
+ <?php display_alert() ?>
<?php if (isset($_SESSION['is_moderator'])): ?>
<?php if (!empty($files)): ?>
<section class="column gap-8">
@@ -114,7 +116,7 @@ if (isset($_SESSION['is_moderator'])) {
<?= format_timestamp(time() - filemtime(sprintf('%s/%s', FILE_UPLOAD_DIRECTORY, $f['name']))) ?>
</td>
<td>
- <a href="/delete.php?f=<?= $f['name'] ?>">
+ <a href="/delete.php?f=<?= $f['name'] ?>&r=/mod.php">
<button>
<img src="/static/img/icons/delete.png" alt="Delete">
</button>
diff --git a/public/report.php b/public/report.php
index ef1def6..ca4f882 100644
--- a/public/report.php
+++ b/public/report.php
@@ -2,16 +2,27 @@
include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/partials.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php';
if (!FILE_REPORT) {
- http_response_code(403);
- exit('No reports allowed!');
+ generate_alert(
+ '/',
+ 'No reports allowed!',
+ 403,
+ null
+ );
+ exit();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (!isset($_POST['id'], $_POST['reason'])) {
- http_response_code(400);
- exit('Not enough data.');
+ generate_alert(
+ '/report.php',
+ 'Not enough data.',
+ 400,
+ null
+ );
+ exit();
}
$file_id = $_POST['id'];
@@ -20,15 +31,25 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$file_id = $file_id[0];
if (!is_file(FILE_UPLOAD_DIRECTORY . "/{$file_id}.{$file_ext}")) {
- http_response_code(404);
- exit('Invalid file.');
+ generate_alert(
+ '/report.php',
+ 'Invalid file.',
+ 404,
+ null
+ );
+ exit();
}
$reason = trim($_POST['reason'] ?? '');
if (empty($reason)) {
- http_response_code(400);
- exit('Report reason is empty');
+ generate_alert(
+ '/report.php',
+ 'Report reason is empty',
+ 400,
+ null
+ );
+ exit();
}
$email = $_POST['email'] ?? '(Anonymous)';
@@ -37,8 +58,13 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
}
if (!is_dir(FILE_REPORT_DIRECTORY) && !mkdir(FILE_REPORT_DIRECTORY, 0777, true)) {
- http_response_code(500);
- exit('Failed to create a folder for reports. Try again later.');
+ generate_alert(
+ '/report.php',
+ 'Failed to create a folder for reports. Try again later.',
+ 500,
+ null
+ );
+ exit();
}
do {
@@ -52,11 +78,21 @@ Reason:
{$reason}";
if (!file_put_contents(FILE_REPORT_DIRECTORY . "/{$report_id}.txt", $contents)) {
- http_response_code(500);
- exit("Failed to save the report. Try again later!");
+ generate_alert(
+ '/report.php',
+ 'Failed to save the report. Try again later!',
+ 500,
+ null
+ );
+ exit();
}
- json_response(['id' => $report_id], 'Sent!', 201);
+ generate_alert(
+ '/report.php',
+ 'Success!',
+ 201,
+ ['id' => $report_id]
+ );
exit();
}
@@ -78,6 +114,8 @@ if (!is_file(FILE_UPLOAD_DIRECTORY . "/{$file_id}")) {
<body>
<main>
<?php html_mini_navbar() ?>
+ <?php display_alert() ?>
+
<h1>Report a file</h1>
<hr>
<form action="/report.php" method="post">
diff --git a/public/static/style.css b/public/static/style.css
index f721a03..1eb29dc 100644
--- a/public/static/style.css
+++ b/public/static/style.css
@@ -201,6 +201,16 @@ button[type=submit]:hover {
padding: 0;
}
+.box.alert {
+ padding: 8px;
+ background: var(--box-content-background);
+}
+
+.box.alert.red {
+ background: var(--anchor-color);
+ color: #000;
+}
+
/** FILES */
.file-preview-wrapper {
display: flex;
diff --git a/public/upload.php b/public/upload.php
index bfe2113..6bff34f 100644
--- a/public/upload.php
+++ b/public/upload.php
@@ -3,14 +3,25 @@ include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/thumbnails.php';
include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/file.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php';
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- json_response(null, 'Method not allowed', 405);
+ generate_alert(
+ '/',
+ "Method not allowed",
+ 405,
+ null
+ );
exit;
}
if (!is_dir(FILE_UPLOAD_DIRECTORY) && !mkdir(FILE_UPLOAD_DIRECTORY, 0777, true)) {
- json_response(null, 'Failed to create a directory for user files', 500);
+ generate_alert(
+ '/',
+ "Failed to create a directory for user files",
+ 500,
+ null
+ );
exit();
}
@@ -185,11 +196,12 @@ try {
$file_data['urls']['deletion_url'] = INSTANCE_URL . "/delete.php?f={$file_data['id']}.{$file_data['extension']}&key={$file_data['password']}";
}
- if ($_SERVER['HTTP_ACCEPT'] == 'application/json') {
- json_response($file_data, null, 201);
- } else {
- header("Location: /{$file_data['id']}.{$file_data['extension']}");
- }
+ generate_alert(
+ "/{$file_data['id']}.{$file_data['extension']}",
+ null,
+ 201,
+ $file_data
+ );
if (FILE_METADATA) {
unset($file_data['urls']);
@@ -213,10 +225,9 @@ try {
}
}
} catch (RuntimeException $e) {
- if ($_SERVER['HTTP_ACCEPT'] == 'application/json') {
- json_response(null, $e->getMessage(), 400);
- } else {
- http_response_code(400);
- echo $e->getMessage();
- }
+ generate_alert(
+ "/",
+ $e->getMessage(),
+ 400
+ );
} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-12 21:43:34 +0000