diff options
Diffstat (limited to 'public')
| -rw-r--r-- | public/index.php | 27 | ||||
| -rw-r--r-- | public/static/scripts/options.js | 17 | ||||
| -rw-r--r-- | public/upload.php | 36 |
3 files changed, 74 insertions, 6 deletions
diff --git a/public/index.php b/public/index.php index 9e3dc4e..44b97bf 100644 --- a/public/index.php +++ b/public/index.php @@ -2,6 +2,7 @@ include_once $_SERVER['DOCUMENT_ROOT'] . '/../config.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/partials.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/utils.php'; +include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/file.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php'; session_start(); @@ -67,7 +68,19 @@ if (FILE_CATALOG_FANCY_VIEW && $file_id) { $db->prepare('UPDATE files SET views = ? WHERE id = ? AND extension = ?')->execute([$file['views'], $file['id'], $file['extension']]); } $_SESSION['viewed_file_ids'] = $viewed_file_ids; - session_commit(); + + if ( + $file_exists && + isset($file['expires_at']) && + ( + ($file['expires_at'] == $file['uploaded_at'] && $file['views'] > 1) || + ($file['expires_at'] != $file['uploaded_at'] && time() > strtotime($file['expires_at'])) + ) + ) { + delete_file($file_id, $file_ext, $db); + http_response_code(404); + exit; + } $file['full_url'] = FILE_UPLOAD_DIRECTORY_PREFIX . "/{$file['id']}.{$file['extension']}"; @@ -340,6 +353,18 @@ $privacy_exists = is_file($_SERVER['DOCUMENT_ROOT'] . '/static/PRIVACY.txt'); value="<?= generate_random_char_sequence(FILE_ID_CHARACTERS, FILE_DELETION_KEY_LENGTH) ?>"> </td> </tr> + <?php if (!empty(FILE_EXPIRATION)): ?> + <tr> + <th>File expiration:</th> + <td> + <select name="expires_in"> + <?php foreach (FILE_EXPIRATION as $v => $n): ?> + <option value="<?= $v ?>"><?= $n ?></option> + <?php endforeach; ?> + </select> + </td> + </tr> + <?php endif; ?> <tr> <th>Preserve original filename:</th> <td><input type="checkbox" name="preserve_original_name" value="1"></td> diff --git a/public/static/scripts/options.js b/public/static/scripts/options.js index 7e4b4e4..e460f29 100644 --- a/public/static/scripts/options.js +++ b/public/static/scripts/options.js @@ -1,8 +1,6 @@ let options = JSON.parse(localStorage.getItem('options') ?? '{}'); -const checkboxes = document.querySelectorAll('input[type=checkbox]'); - -checkboxes.forEach((c) => { +document.querySelectorAll('input[type=checkbox]').forEach((c) => { const id = c.getAttribute('name'); c.addEventListener('change', () => { @@ -13,4 +11,17 @@ checkboxes.forEach((c) => { if (options[id] !== undefined) { c.checked = options[id]; } +}); + +document.querySelectorAll('select').forEach((c) => { + const id = c.getAttribute('name'); + + c.addEventListener('change', () => { + options[id] = c.value; + localStorage.setItem('options', JSON.stringify(options)); + }); + + if (options[id] !== undefined) { + c.value = options[id]; + } });
\ No newline at end of file diff --git a/public/upload.php b/public/upload.php index f578631..fac7c5c 100644 --- a/public/upload.php +++ b/public/upload.php @@ -5,6 +5,8 @@ include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/thumbnails.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/file.php'; include_once $_SERVER['DOCUMENT_ROOT'] . '/../lib/alert.php'; +session_start(); + if ($_SERVER['REQUEST_METHOD'] != 'POST') { generate_alert( '/', @@ -247,6 +249,35 @@ try { $file_data['urls']['deletion_url'] = INSTANCE_URL . "/delete.php?f={$file_data['id']}.{$file_data['extension']}&key={$file_data['password']}"; } + $file_data['expires_at'] = null; + + if (array_key_exists($_POST['expires_in'] ?? '', FILE_EXPIRATION)) { + $e = $_POST['expires_in']; + $format = 'Y-m-d H:i:s'; + + function calculate_expiration_time($e, $format) + { + $v = intval(substr($e, 0, strlen($e) - 1)); + $m = substr($e, strlen($e) - 1); + + $secs = match ($m) { + 'd' => 86400, + 'h' => 3600, + 'm' => 60, + default => 0 + }; + + $t = time() + $v * $secs; + return date($format, $t); + } + + $file_data['expires_at'] = match ($e) { + 'ne' => null, + 're' => date($format), + default => calculate_expiration_time($e, $format) + }; + } + generate_alert( "/{$file_data['id']}.{$file_data['extension']}", null, @@ -270,14 +301,15 @@ try { } } - $db->prepare('INSERT INTO files(id, mime, extension, size, title, password) VALUES (?, ?, ?, ?, ?, ?)') + $db->prepare('INSERT INTO files(id, mime, extension, size, title, password, expires_at) VALUES (?, ?, ?, ?, ?, ?, ?)') ->execute([ $file_data['id'], $file_data['mime'], $file_data['extension'], $file_data['size'], $file_data['original_name'] ?? null, - $file_data['password'] + $file_data['password'], + $file_data['expires_at'] ]); if ($metadata_should_be_created) { |