48 | '.$toptext.'
49 |'.$bottomtext.'
50 |
43 |
44 |
45 |
46 |
47 |
48 |
51 |
52 |
57 |
58 |
59 | ';
60 |
61 | return $middle;
62 | }
63 |
64 | function deliverBottom() {
65 |
66 | $bottom = '
67 |
69 |
70 |
71 |
72 |
73 |
79 |
80 |
81 | ';
82 |
83 | return $bottom;
84 | }
85 |
86 | ?>
87 |
--------------------------------------------------------------------------------
/login.php:
--------------------------------------------------------------------------------
1 |
48 | ', ''); 36 | 37 | echo deliverBottom(); 38 | 39 | ?> 40 | -------------------------------------------------------------------------------- /logout.php: -------------------------------------------------------------------------------- 1 | Signed out successfully'; 10 | header('Refresh: 2; URL = index.php'); 11 | ?> 12 | -------------------------------------------------------------------------------- /manage.php: -------------------------------------------------------------------------------- 1 |
Files successfully deleted
".PHP_EOL; 36 | 37 | unset($myFilesId); 38 | unset($myFilesName); // Re-loading list after file deletion 39 | unset($nFiles); 40 | 41 | $myFilesId = contactDB("SELECT * FROM files WHERE fileowner=$currentUser;", 0); 42 | $myFilesName = contactDB("SELECT * FROM files where fileowner=$currentUser;", 1); 43 | } 44 | 45 | /* If the user elected to change her settings, make the change now */ 46 | if ($_POST['settings-changed'] == true) { 47 | 48 | $input_auto_delete_enabled = ($_POST['auto_delete_enabled'] == true); 49 | 50 | $final_auto_delete_length = -1; // -1 for 'disabled' 51 | 52 | if ($input_auto_delete_enabled) { 53 | $input_auto_delete_length = $_POST['auto_delete_length']; 54 | $input_auto_delete_unit = $_POST['auto_delete_unit']; 55 | 56 | if (is_numeric($input_auto_delete_length)) { 57 | // Convert chosen unit to seconds: 58 | if ($input_auto_delete_unit == "minutes") { 59 | $final_auto_delete_length = ($input_auto_delete_length * 60); 60 | } else if ($input_auto_delete_unit == "hours") { 61 | $final_auto_delete_length = ($input_auto_delete_length * 60 * 60); 62 | } else if ($input_auto_delete_unit == "days") { 63 | $final_auto_delete_length = ($input_auto_delete_length * 24 * 60 * 60); 64 | } else if ($input_auto_delete_unit == "weeks") { 65 | $final_auto_delete_length = ($input_auto_delete_length * 7 * 24 * 60 * 60); 66 | } 67 | } 68 | 69 | } 70 | 71 | $update_settings = contactDB("UPDATE users SET auto_delete_files_after=$final_auto_delete_length WHERE user_id=$currentUser", 0); 72 | $noticeText = "
Settings successfully changed
".PHP_EOL; 73 | 74 | if ($input_auto_delete_enabled && !is_numeric($input_auto_delete_length)) { 75 | $notice = "
Error: Non-numeric input for auto-deletion time
".PHP_EOL; 76 | } 77 | } 78 | 79 | $auto_delete_after_length = contactDB("SELECT auto_delete_files_after FROM users WHERE user_id=$currentUser;", 0); 80 | $auto_delete_after_length = $auto_delete_after_length[0]; 81 | 82 | $auto_delete_enabled = ($auto_delete_after_length > 0); 83 | 84 | // Determine pre-set "placeholder" value for auto_delete_length 85 | $preset_length = 10; 86 | $preset_unit = "minutes"; 87 | 88 | if ($auto_delete_enabled) { 89 | $one_minute = 60; 90 | $one_hour = $one_minute * 60; 91 | $one_day = $one_hour * 24; 92 | $one_week = $one_day * 7; 93 | 94 | // Is it evenly divisible by weeks, days, or hours? 95 | if ($auto_delete_after_length % $one_week == 0) { 96 | $preset_length = ($auto_delete_after_length / $one_week); 97 | $preset_unit = "weeks"; 98 | } else if ($auto_delete_after_length % $one_day == 0) { 99 | $preset_length = ($auto_delete_after_length / $one_day); 100 | $preset_unit = "days"; 101 | } else if ($auto_delete_after_length % $one_hour == 0) { 102 | $preset_length = ($auto_delete_after_length / $one_hour); 103 | $preset_unit = "hours"; 104 | } else { 105 | $preset_length = (floor($auto_delete_after_length / $one_minute)); 106 | $preset_unit = "minutes"; 107 | } 108 | } 109 | 110 | function set_preset_unit($unit) { 111 | global $preset_unit; 112 | if ($unit == $preset_unit) { 113 | return ' selected="selected"'; 114 | } 115 | return ""; 116 | } 117 | 118 | $settingsForm = ''; 132 | 133 | $nFiles = count($myFilesId); 134 | 135 | $outputContents = ""; 136 | 137 | if ($nFiles == 0) { 138 | $outputContents = "You haven't uploaded any files yet"; 139 | } else { 140 | while ($i < $nFiles) { 141 | $fileName = str_replace("files/", "", $myFilesName[$i]); 142 | $outputContents = $outputContents.'
'.PHP_EOL.'
'); 154 | 155 | echo deliverBottom(); 156 | 157 | ?> 158 | -------------------------------------------------------------------------------- /screen-download.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rail5/SimpleFS/bc8bd4cd78d1a20fc0543b73a278c2b816ee91f4/screen-download.png -------------------------------------------------------------------------------- /screen-login.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rail5/SimpleFS/bc8bd4cd78d1a20fc0543b73a278c2b816ee91f4/screen-login.png -------------------------------------------------------------------------------- /screen-main.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rail5/SimpleFS/bc8bd4cd78d1a20fc0543b73a278c2b816ee91f4/screen-main.png -------------------------------------------------------------------------------- /screen-manage.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rail5/SimpleFS/bc8bd4cd78d1a20fc0543b73a278c2b816ee91f4/screen-manage.png -------------------------------------------------------------------------------- /screen-upload.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/rail5/SimpleFS/bc8bd4cd78d1a20fc0543b73a278c2b816ee91f4/screen-upload.png -------------------------------------------------------------------------------- /setup.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 |
Warning: Your PHP configuration has disabled file uploadsPlease check your php.ini for the line:
file_uploads = On
';
13 | }
14 |
15 | // Check for SQLite and PDO
16 | if (!extension_loaded("pdo_sqlite")) {
17 | echo '
Warning: You do not have the PHP SQLite extension installed.
Please install the PHP sqlite3 extension before moving forward
';
18 | }
19 |
20 | if (!extension_loaded("zip")) {
21 | echo '
Warning: You do not have the PHP ZIP extension installed.
Please install the PHP-zip extension before moving forward
';
22 | }
23 |
24 | echo '
php.ini specifies your server\'s maximum upload filesize as: '.min(ini_get('post_max_size'), ini_get('upload_max_filesize')).'
To change this, edit the value of upload_max_filesize (currently '.ini_get('upload_max_filesize').') in your php.ini
The value of post_max_size (currently '.ini_get('post_max_size').') must always be larger than upload_max_filesize
';
25 |
26 | echo 'php.ini specifies that your server can permit uploads of up to '.ini_get('max_file_uploads').' files in one request
To change this, edit the value of max_file_uploads in your php.ini
';
27 | ?>
28 |
29 |
59 |
60 | Initialized SQLite database';
106 |
107 | // Populate the 'users' table
108 | $admin_password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
109 | $user_password_hash = password_hash($_POST['pass2'], PASSWORD_DEFAULT);
110 |
111 | $add_user = contactDB("INSERT INTO users (user_name, user_password, auto_delete_files_after)
112 | VALUES ('".$_POST['username']."', '$admin_password_hash', -1);", 0);
113 |
114 | if ($_POST['makeuser']) {
115 | $add_user = contactDB("INSERT INTO users (user_name, user_password, auto_delete_files_after)
116 | VALUES ('".$_POST['user2']."', '$user_password_hash', -1);", 0);
117 | }
118 |
119 | echo '
User(s) created.';
120 |
121 | // Delete setup.php
122 | unlink("./setup.php");
123 |
124 | header('Refresh: 2; URL = index.php');
125 | }
126 |
127 | ?>
128 |
129 |
130 |
131 |
132 |
--------------------------------------------------------------------------------
/simplefs-cron.php:
--------------------------------------------------------------------------------
1 | 0)) {
25 | // If the user doesn't have "auto-delete files" enabled, there's nothing to be done here
26 | $i = $i + 1;
27 | continue; // Jump to the next user
28 | }
29 | // Otherwise, carry on and delete old files
30 |
31 | $cutoff_point = ($currentTime - $delete_after_time);
32 |
33 | // Get list of files older than the cutoff point
34 | $FileIDs = contactDB("SELECT fileid FROM files WHERE fileowner=$user_id AND filedate <= $cutoff_point;", 0);
35 |
36 | // Delete files in that list
37 | foreach ($FileIDs as $file) {
38 |
39 | // Get file path
40 | $file_path = contactDB("SELECT filepath FROM files WHERE fileid=$file;", 0);
41 | $file_path = $file_path[0];
42 |
43 | unlink($file_path); // Delete file
44 |
45 | $dbChange = contactDB("DELETE FROM files WHERE fileid=$file;", 0); // Update database
46 | }
47 |
48 | $i = $i + 1;
49 | }
--------------------------------------------------------------------------------
/upload.php:
--------------------------------------------------------------------------------
1 | 1) {
23 | $target_file = $target_dir . "SimpleFS_User$currentUser " . date('Y-m-d H_i_s') . ".zip";
24 | } else {
25 | $target_file = $target_dir . basename($_FILES["upfile"]["name"][0]);
26 | }
27 |
28 | $uploadOk = true;
29 | $fileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
30 |
31 |
32 | if (file_exists($target_file)) {
33 | echo "Error: file already exists
";
34 | $uploadOk = false;
35 | }
36 |
37 | /* *************************** */
38 | /* Disallow risky file formats */
39 | /* This section is commented out by default. If for some reason you can't protect direct access to the files/ directory, it may be a good idea to uncomment the following code */
40 | /* However, SimpleFS comes with basic .htaccess files which should do the job for most users (assuming you're running Apache)
41 | /* ************************** */
42 |
43 | /*
44 | if($fileType == "php" || $fileType == "htm" || $fileType == "html" || $fileType == "phtml" || $fileType == "asp" || $fileType == "aspx" || $fileType == "axd" || $fileType == "asx" || $fileType == "asmx" || $fileType == "ashx" || $fileType == "cfm" || $fileType == "xhtml" || $fileType == "jhtml" || $fileType == "pl" || $fileType == "php4" || $fileType == "php3" || $fileType == "php5" || $fileType == "php6" || $fileType == "php7" || $fileType == "rhtml" || $fileType == "shtml") {
45 | die("Error: File type disallowed by security measure.");
46 | $uploadOk = 0;
47 | }
48 | */
49 |
50 | /* End of the aforementioned security section */
51 | /* **************************************************** */
52 |
53 | // TODO: Replace "sanitization" with prepared statements
54 |
55 | if (strpos($target_file, "'") !== false || strpos($target_file, '"') !== false) {
56 | echo "Error: Cannot upload files with apostrophes or quote-marks
";
57 | $uploadOk = false;
58 | }
59 |
60 | /* Getting a list of all file IDs */
61 |
62 | $fileListId = contactDB("SELECT * FROM files;", 0);
63 |
64 | if ($uploadOk == false) {
65 | echo "Error: file was not uploaded
";
66 | } else {
67 |
68 | // If the user is uploading multiple files, we'll ZIP them
69 | if (count($_FILES["upfile"]["name"]) > 1) {
70 | $zip_archive = new ZipArchive;
71 | $zip_archive->open($target_file, ZipArchive::CREATE);
72 |
73 | foreach ($_FILES["upfile"]["tmp_name"] as $key=>$tmp_file_name) {
74 | $zip_archive->addFile($tmp_file_name, basename($_FILES["upfile"]["name"][$key]));
75 | }
76 |
77 | $file_upload_complete = $zip_archive->close();
78 | } else {
79 | $file_upload_complete = move_uploaded_file($_FILES["upfile"]["tmp_name"][0], $target_file);
80 | }
81 |
82 | if ($file_upload_complete) {
83 |
84 | $newFileId = rand(10000, 99999);
85 | while (in_array($newFileId, $fileListId)) {
86 | $newFileId = rand(10000, 99999);
87 | }
88 |
89 |
90 | /* Write entry to DB */
91 |
92 | $current_date = time();
93 |
94 | $publish = contactDB("INSERT INTO files (fileid, filepath, fileowner, filedate)
95 | VALUES ($newFileId, '$target_file', $currentUser, $current_date);", 0);
96 |
97 | /* Tell the user all is well */
98 |
99 | echo "Uploaded!
";
100 |
101 | /* Provide the download link */
102 |
103 | $download_link = get_download_link($newFileId);
104 |
105 | // Javascript is used for the "copy to clipboard" button
106 | echo "";
123 | // Display the link
124 | // If we're over SSL or on localhost, display a "copy to clipboard" button
125 | // (The browser navigator.clipboard API is only available over SSL or localhost)
126 | // (This is the answer to the GH bug report #7)
127 | echo "";
128 |
129 | $javascript_can_copy_to_clipboard = (isSSL() || isLocalhost());
130 |
131 | if ($javascript_can_copy_to_clipboard) {
132 | echo " ";
133 | }
134 |
135 | echo "";
136 |
137 | } else {
138 | echo "Error uploading file
";
139 | }
140 | }
141 |
142 | }
143 |
144 | echo '';
159 |
160 | echo deliverMiddle("Upload", '
');
161 |
162 | echo deliverBottom();
163 |
164 | ?>
165 |
--------------------------------------------------------------------------------
Please check your php.ini for the line:
file_uploads = On'; 13 | } 14 | 15 | // Check for SQLite and PDO 16 | if (!extension_loaded("pdo_sqlite")) { 17 | echo '
Warning: You do not have the PHP SQLite extension installed.
Please install the PHP sqlite3 extension before moving forward
'; 18 | } 19 | 20 | if (!extension_loaded("zip")) { 21 | echo '
Warning: You do not have the PHP ZIP extension installed.
Please install the PHP-zip extension before moving forward
'; 22 | } 23 | 24 | echo '
php.ini specifies your server\'s maximum upload filesize as: '.min(ini_get('post_max_size'), ini_get('upload_max_filesize')).'
To change this, edit the value of upload_max_filesize (currently '.ini_get('upload_max_filesize').') in your php.ini
The value of post_max_size (currently '.ini_get('post_max_size').') must always be larger than upload_max_filesize
'; 25 | 26 | echo '
php.ini specifies that your server can permit uploads of up to '.ini_get('max_file_uploads').' files in one request
To change this, edit the value of max_file_uploads in your php.ini
'; 27 | ?> 28 |
29 |
59 |
60 | Initialized SQLite database';
106 |
107 | // Populate the 'users' table
108 | $admin_password_hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
109 | $user_password_hash = password_hash($_POST['pass2'], PASSWORD_DEFAULT);
110 |
111 | $add_user = contactDB("INSERT INTO users (user_name, user_password, auto_delete_files_after)
112 | VALUES ('".$_POST['username']."', '$admin_password_hash', -1);", 0);
113 |
114 | if ($_POST['makeuser']) {
115 | $add_user = contactDB("INSERT INTO users (user_name, user_password, auto_delete_files_after)
116 | VALUES ('".$_POST['user2']."', '$user_password_hash', -1);", 0);
117 | }
118 |
119 | echo '
User(s) created.'; 120 | 121 | // Delete setup.php 122 | unlink("./setup.php"); 123 | 124 | header('Refresh: 2; URL = index.php'); 125 | } 126 | 127 | ?> 128 | 129 |
130 |
131 |
132 |
--------------------------------------------------------------------------------
/simplefs-cron.php:
--------------------------------------------------------------------------------
1 | 0)) {
25 | // If the user doesn't have "auto-delete files" enabled, there's nothing to be done here
26 | $i = $i + 1;
27 | continue; // Jump to the next user
28 | }
29 | // Otherwise, carry on and delete old files
30 |
31 | $cutoff_point = ($currentTime - $delete_after_time);
32 |
33 | // Get list of files older than the cutoff point
34 | $FileIDs = contactDB("SELECT fileid FROM files WHERE fileowner=$user_id AND filedate <= $cutoff_point;", 0);
35 |
36 | // Delete files in that list
37 | foreach ($FileIDs as $file) {
38 |
39 | // Get file path
40 | $file_path = contactDB("SELECT filepath FROM files WHERE fileid=$file;", 0);
41 | $file_path = $file_path[0];
42 |
43 | unlink($file_path); // Delete file
44 |
45 | $dbChange = contactDB("DELETE FROM files WHERE fileid=$file;", 0); // Update database
46 | }
47 |
48 | $i = $i + 1;
49 | }
--------------------------------------------------------------------------------
/upload.php:
--------------------------------------------------------------------------------
1 | 1) {
23 | $target_file = $target_dir . "SimpleFS_User$currentUser " . date('Y-m-d H_i_s') . ".zip";
24 | } else {
25 | $target_file = $target_dir . basename($_FILES["upfile"]["name"][0]);
26 | }
27 |
28 | $uploadOk = true;
29 | $fileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
30 |
31 |
32 | if (file_exists($target_file)) {
33 | echo "User(s) created.'; 120 | 121 | // Delete setup.php 122 | unlink("./setup.php"); 123 | 124 | header('Refresh: 2; URL = index.php'); 125 | } 126 | 127 | ?> 128 | 129 |
Error: file already exists
Error: Cannot upload files with apostrophes or quote-marks
Error: file was not uploaded
Uploaded!
";
128 |
129 | $javascript_can_copy_to_clipboard = (isSSL() || isLocalhost());
130 |
131 | if ($javascript_can_copy_to_clipboard) {
132 | echo " ";
133 | }
134 |
135 | echo "
";
136 |
137 | } else {
138 | echo "