From 7f67235a44f3241b18d1a9d3ebd991ef7f90c28f Mon Sep 17 00:00:00 2001 From: adam Date: Mon, 15 Feb 2021 14:36:23 +0200 Subject: hacks and contents --- INIT_DATABASE.sql | 16 +++++++++++++++- php/upload.php | 12 +++++++++--- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/INIT_DATABASE.sql b/INIT_DATABASE.sql index 2d772e4..5499de1 100644 --- a/INIT_DATABASE.sql +++ b/INIT_DATABASE.sql @@ -9,6 +9,7 @@ drop table if exists trash; drop table if exists super_trash; drop table if exists shared_nodes; drop table if exists nodes; +drop table if exists email_verification_codes; @@ -18,6 +19,7 @@ drop trigger if exists del_node; drop trigger if exists supper_del_node; +drop view if exists usernames; @@ -76,6 +78,14 @@ create table super_trash ( node_id int not null ); +create table email_verification_codes ( + verification_id int not null auto_increment, + verification_code varchar(100) not null, + username varchar(50) not null unique, + password varchar(255) not null, + email varchar(50), + primary key (verification_id) + ); create trigger delete_on_zero_links after delete @@ -113,4 +123,8 @@ create trigger delete_links delete from node_links where directory_id=old.node_id; - +create view usernames + as + select username from users + union + select username from email_verification_codes; diff --git a/php/upload.php b/php/upload.php index 04f2214..94e30d1 100644 --- a/php/upload.php +++ b/php/upload.php @@ -6,7 +6,7 @@ require_once "user.php"; require_once "node.php"; session_start(); -if (!isset( $_POST["filename"]) || !isset($_FILES["the_file"]) || !isset($_POST['parent_directory']) || !isset($_POST['overwrite'])) +if (!isset( $_POST["filename"]) || (!isset($_FILES["the_file"]) && (!isset($_POST['content'] || gettype($_POST['content'])!="string"))|| !isset($_POST['parent_directory']) || !isset($_POST['overwrite'])) { error_log("someone tried to upload something impropperly"); http_response_code(400); @@ -41,8 +41,14 @@ if($codename=="filename taken") http_response_code(409); exit(0); } -unlink("$storage_root/$codename"); -move_uploaded_file($file['tmp_name'], "$storage_root/$codename"); +if(isset($_POST['content'])) +{ + file_put_contents("$storage_root/$codename",$_POST['content']); +}else +{ + unlink("$storage_root/$codename"); + move_uploaded_file($file['tmp_name'], "$storage_root/$codename"); +} http_response_code(200); exit(0); -- cgit v1.2.3 From 7532e744e0be43657cafffce171f875ffe94fc3f Mon Sep 17 00:00:00 2001 From: adam Date: Mon, 15 Feb 2021 14:46:48 +0200 Subject: mimetype problems --- php/upload.php | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/php/upload.php b/php/upload.php index 94e30d1..f3ef550 100644 --- a/php/upload.php +++ b/php/upload.php @@ -6,7 +6,9 @@ require_once "user.php"; require_once "node.php"; session_start(); -if (!isset( $_POST["filename"]) || (!isset($_FILES["the_file"]) && (!isset($_POST['content'] || gettype($_POST['content'])!="string"))|| !isset($_POST['parent_directory']) || !isset($_POST['overwrite'])) +if (!isset( $_POST["filename"]) || + (!isset($_FILES["the_file"]) && (!isset($_POST['content']) || gettype($_POST['content'])!="string")) + || !isset($_POST['parent_directory']) || !isset($_POST['overwrite'])) { error_log("someone tried to upload something impropperly"); http_response_code(400); @@ -18,10 +20,17 @@ $filename=$_POST["filename"]; $parent_directory=$_POST["parent_directory"]; $user=$_SESSION['user_object']; $homedir=$user->home_directory; -$mimetype=file_type($file['tmp_name']); $overwrite=$_POST['overwrite']; $dir = get_directory($parent_directory, $user); + +if(isset($_POST['content'])) +{ + $mimetype="text/plain"; +}else +{ + $mimetype=file_type($file['tmp_name']); +} if (!$dir) { error_log("trying to upload to invalid directory"); -- cgit v1.2.3