rocksolid-light/Rocksolid_Light/spoolnews/upload.php

126 lines
5.4 KiB
PHP

<?php
include "config.inc.php";
include "newsportal.php";
$logfile = $logdir . '/files.log';
$keyfile = $spooldir . '/keys.dat';
$keys = unserialize(file_get_contents($keyfile));
$name = '';
$logged_in = false;
if (! isset($_POST['username'])) {
$_POST['username'] = $_COOKIE['mail_name'];
}
$name = trim(strtolower($_POST['username']));
if (! isset($_POST['password'])) {
$_POST['password'] = null;
}
if (! isset($_COOKIE['mail_auth'])) {
$_COOKIE['mail_auth'] = null;
}
$logged_in = verify_logged_in(trim(strtolower($name)));
if(!$logged_in) {
if ((password_verify($name . $keys[0] . get_user_config($name, 'encryptionkey'), $_COOKIE['mail_auth'])) || (password_verify($name . $keys[1] . get_user_config($name, 'encryptionkey'), $_COOKIE['mail_auth']))) {
$logged_in = true;
}
}
$title .= ' - Upload file';
include "head.inc";
echo '<h1 class="np_thread_headline">';
echo '<a href="../spoolnews/files.php" target=' . $frame['menu'] . '>files</a> / ';
echo htmlspecialchars($_COOKIE['mail_name']) . '</h1>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
echo '<table cellpadding="0" cellspacing="0" class="np_buttonbar"><tr>';
// Browse button
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="files.php">';
echo '<input name="command" type="hidden" id="command" value="Browse" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Browse</button>';
echo '</form>';
echo '</td>';
// Upload button
echo '<td>';
echo '<form target="' . $frame['content'] . '" method="post" action="upload.php">';
echo '<input name="command" type="hidden" id="command" value="Upload" readonly="readonly">';
echo '<button class="np_button_link" type="submit">Upload</button>';
echo '</form>';
echo '</td>';
echo '<td width=100%></td></tr></table>';
echo '<hr>';
if (isset($_FILES['photo'])) {
$_FILES['photo']['name'] = preg_replace('/[^a-zA-Z0-9\.]/', '_', $_FILES['photo']['name']);
// Check auth here
if (isset($_POST['key']) && password_verify($CONFIG['thissitekey'] . $_POST['username'], $_POST['key'])) {
if (check_bbs_auth($_POST['username'], $_POST['password'])) {
$userdir = $spooldir . '/upload/' . strtolower($_POST['username']);
$upload_to = $userdir . '/' . $_FILES['photo']['name'];
if (is_file($upload_to)) {
echo $_FILES['photo']['name'] . ' already exists in your folder';
} else {
if (! is_dir($userdir)) {
mkdir($userdir);
}
$success = move_uploaded_file($_FILES['photo']['tmp_name'], $upload_to);
if ($success) {
file_put_contents($logfile, "\n" . format_log_date() . " Saved: " . strtolower($_POST['username']) . "/" . $_FILES['photo']['name'], FILE_APPEND);
echo 'Saved ' . $_FILES['photo']['name'] . ' to your files folder';
} else {
echo 'There was an error saving ' . $_FILES['photo']['name'];
}
}
?>
<script type="text/javascript">
if (navigator.cookieEnabled)
var savename = "<?php echo stripslashes($name); ?>";
document.cookie = "mail_name="+savename+"; path=/";
</script>
<?php
} else {
echo 'Authentication Failed';
}
echo '<br /><br />';
}
}
echo '<table border="0" align="center" cellpadding="0" cellspacing="1">';
if (! isset($_POST['username'])) {
$_POST['username'] = '';
}
if (! isset($_POST['password'])) {
$_POST['password'] = '';
}
if (! $logged_in && ! check_bbs_auth($_POST['username'], $_POST['password'])) {
echo '<form name="form1" method="post" action="user.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Please Login<br /></strong></td></tr>';
echo '<tr><td>Username:</td><td><input name="username" type="text" id="username" value="' . $_POST['username'] . '"></td></tr>';
echo '<tr><td>Password:</td><td><input name="password" type="password" id="password"></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Login" readonly="readonly"></td>';
echo '<td><input name="source" type="hidden" id="source" value="Upload:upload.php" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<td>&nbsp;</td>';
echo '<td><input type="submit" name="Submit" value="Login"></td>';
echo '</tr>';
echo '</form>';
echo '</form>';
} else {
echo '<form name="form1" method="post" action="upload.php" enctype="multipart/form-data">';
echo '<tr><td><strong>Logged in as ' . $_POST['username'] . '<br />(max size=2MB)</strong></td></tr>';
echo '<td><input name="command" type="hidden" id="command" value="Upload" readonly="readonly"></td>';
echo '<input type="hidden" name="key" value="' . password_hash($CONFIG['thissitekey'] . $name, PASSWORD_DEFAULT) . '">';
echo '<input type="hidden" name="username" value="' . $_POST['username'] . '">';
echo '<input type="hidden" name="password" value="' . $_POST['password'] . '">';
echo '<tr><td><input type="file" name="photo" id="fileSelect" value="fileSelect" accept="image/*,audio/*,text/*,application/*"></td>
';
echo '<td>&nbsp;<input type="submit" name="Submit" value="Upload"></td>';
echo '</form>';
}
echo '</tr>';
echo '</table>';
echo '</body></html>';
?>