Add the ability to upload images.
Also redirect from pages that require/don't require a login correctly.
This commit is contained in:
parent
e03dcecc5d
commit
d0ce926f3b
GPG key ID:
801FE4AD456E922C
4 changed files with 61 additions and 11 deletions
|
|
@ -62,6 +62,16 @@ function issueSessionToken($username) {
|
|||
return $token;
|
||||
}
|
||||
|
||||
function addImage($location, $uploader, $tags) {
|
||||
global $db;
|
||||
|
||||
$insertStatement = $db->prepare("INSERT INTO images (location, uploader, tags) VALUES (?, ?, ?)");
|
||||
$insertStatement->bindParam(1, $location, SQLITE3_TEXT);
|
||||
$insertStatement->bindParam(2, $uploader, SQLITE3_TEXT);
|
||||
$insertStatement->bindParam(3, $tags, SQLITE3_TEXT);
|
||||
$result = $insertStatement->execute();
|
||||
}
|
||||
|
||||
function flushSessionTokens() {
|
||||
global $db;
|
||||
|
||||
|
|
@ -120,4 +130,16 @@ function isAdmin($username) {
|
|||
$result = $getTokenStatement->execute();
|
||||
return $result->fetchArray()[0];
|
||||
}
|
||||
|
||||
function loggedInCheck() {
|
||||
if(!isset($_COOKIE["meowboardSession"])){
|
||||
die("<meta http-equiv=\"refresh\" content=\"0; url=/login.php\">");
|
||||
}
|
||||
|
||||
if(isset($_COOKIE["meowboardSession"])){
|
||||
if(checkSessionToken($_COOKIE["meowboardSession"]) == 0){
|
||||
die("<meta http-equiv=\"refresh\" content=\"0; url=/login.php\">");
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ $sitename = "meowboard";
|
|||
include 'include/templates.php';
|
||||
|
||||
if (file_exists("meowboard.db")) {
|
||||
die("Meowboard is already installed. If you are a webmaster, you may want to delete this file.");
|
||||
die("meowboard is already installed. If you are a webmaster, you may want to delete this file.");
|
||||
}
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
|
|
@ -27,11 +27,6 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||
$saltHex = bin2hex($salt);
|
||||
$pepper = random_bytes(64);
|
||||
$pepperHex = bin2hex($pepper);
|
||||
|
||||
echo $saltHex;
|
||||
echo "<br>";
|
||||
echo $pepperHex;
|
||||
echo "<br>";
|
||||
|
||||
$passwordFinal = hash("sha512", hash("sha512", $password . $saltHex) . $pepperHex);
|
||||
|
||||
|
|
@ -69,7 +64,7 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|||
$insert_sitename_query->bindParam(1, $sitename, SQLITE3_TEXT);
|
||||
$result = $insert_sitename_query->execute();
|
||||
|
||||
echo "Meowboard has been installed and is ready to use!";
|
||||
die("<meta http-equiv=\"refresh\" content=\"0; url=/\">Install complete.");
|
||||
|
||||
} else {
|
||||
showHeader(1);
|
||||
|
|
|
|||
|
|
@ -2,8 +2,9 @@
|
|||
include 'include/db.php';
|
||||
include 'include/templates.php';
|
||||
|
||||
if (isset($_COOKIE["meowboardSession"])) { die('<meta http-equiv="refresh" content="0; url=/index.php">'); }
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
if (isset($_COOKIE["meowboardSession"])) { die('<meta http-equiv="refresh" content="0; url=index.php">'); }
|
||||
|
||||
$username = $_POST['username'];
|
||||
$password = $_POST['password'];
|
||||
|
|
|
|||
38
upload.php
38
upload.php
|
|
@ -2,11 +2,43 @@
|
|||
include 'include/db.php';
|
||||
include 'include/templates.php';
|
||||
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") { }
|
||||
else {
|
||||
loggedInCheck();
|
||||
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||||
$path_parts = pathinfo($_FILES["fileToUpload"]["name"]);
|
||||
$location = "img/" . bin2hex(random_bytes(16)) . "-" . time() . "." . $path_parts['extension'];
|
||||
$uploadValid = 1;
|
||||
|
||||
if(@is_array(getimagesize($_FILES["fileToUpload"]["tmp_name"])) == false){
|
||||
$uploadValid = 0;
|
||||
}
|
||||
|
||||
if($_FILES['userfile']['size'] > 300000000){
|
||||
$uploadValid = 0;
|
||||
}
|
||||
|
||||
if(ctype_alnum(str_replace(",","",$_POST["tags"])) == false){
|
||||
$uploadValid = 0;
|
||||
}
|
||||
|
||||
if($uploadValid == 0){
|
||||
showHeader();
|
||||
echo '<h3>An error has occured, please try again.</h3>';
|
||||
echo $footer;
|
||||
die();
|
||||
} else {
|
||||
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $location);
|
||||
|
||||
addImage($location, tokenToUsername($_COOKIE["meowboardSession"]), $_POST["tags"]);
|
||||
showHeader();
|
||||
echo '<h3>File uploaded!</h3>';
|
||||
echo $footer;
|
||||
exit();
|
||||
}
|
||||
|
||||
} else {
|
||||
showHeader();
|
||||
echo '<h3>Upload</h3><form action="upload.php" method="post" enctype="multipart/form-data">
|
||||
<input type="file" name="fileToUpload" id="fileToUpload">
|
||||
<div class="upload">Upload <input type="file" name="fileToUpload" id="fileToUpload"> <icon>⇑</icon></div>
|
||||
<label for="tags">Tags</label><br/><input type="text" id="tags" name="tags">
|
||||
<br/><button>submit</button>
|
||||
</form>';
|
||||
|
|
|
|||
Loading…
Reference in a new issue