summaryrefslogtreecommitdiffstats
path: root/apis/webservice/newupload.php
diff options
context:
space:
mode:
Diffstat (limited to 'apis/webservice/newupload.php')
-rw-r--r--apis/webservice/newupload.php67
1 files changed, 67 insertions, 0 deletions
diff --git a/apis/webservice/newupload.php b/apis/webservice/newupload.php
new file mode 100644
index 00000000..b0e683c3
--- /dev/null
+++ b/apis/webservice/newupload.php
@@ -0,0 +1,67 @@
+<?php
+if(!isset($_SESSION['userid'])){
+ echo json_encode(array(
+ "errormsg"=>"Not logged in",
+ "status" => "error",
+ "msg" => ""));
+ die();
+}
+if(!isset($_POST['nparts'])){
+ echo json_encode(array(
+ "errormsg"=>"Number of parts isn't set",
+ "status" => "error",
+ "msg" => ""));
+ die();
+}
+
+function crypto_rand_secure($min, $max){
+ $range = $max - $min;
+ if ($range < 1) return $min; // not so random...
+ $log = ceil(log($range, 2));
+ $bytes = (int) ($log / 8) + 1; // length in bytes
+ $bits = (int) $log + 1; // length in bits
+ $filter = (int) (1 << $bits) - 1; // set all lower bits to 1
+ do {
+ $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes)));
+ $rnd = $rnd & $filter; // discard irrelevant bits
+ } while ($rnd >= $range);
+ return $min + $rnd;
+}
+
+function getToken($length){
+ $token = "";
+ $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+ $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz";
+ $codeAlphabet.= "0123456789";
+ $max = strlen($codeAlphabet) - 1;
+ for ($i=0; $i < $length; $i++) {
+ $token .= $codeAlphabet[crypto_rand_secure(0, $max)];
+ }
+ return $token;
+}
+$token=getToken(35);
+while(Database::queryFirst("select * from upload where `token`=:token", array(
+ "token" => $token))){
+ $token = getToken(35);
+}
+$okay=Database::exec("INSERT INTO upload(`userid`, `nparts`, `nremaining`, `token`)".
+ " values (:userid, :nparts, :nremaining, :token)", array(
+ "userid"=>$_SESSION['userid'],
+ "nparts"=>$_POST['nparts'],
+ "nremaining"=>$_POST['nparts'],
+ "token"=> $token
+ ));
+if($okay){
+ echo json_encode(array(
+ "uploadid"=>$token,
+ "errormsg"=>"",
+ "status" => "ok",
+ "msg" => "New upload succesful"));
+ mkdir($target_dir.$token."/",0755, true);
+}else{
+ echo json_encode(array(
+ "errormsg"=>"Error when saving new upload, please retry",
+ "status" => "error",
+ "msg" => ""));
+}
+
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-05-14 07:43:41 +0200