diff options
Diffstat (limited to 'apis/webservice/newupload.php')
-rw-r--r-- | apis/webservice/newupload.php | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/apis/webservice/newupload.php b/apis/webservice/newupload.php new file mode 100644 index 00000000..b0e683c3 --- /dev/null +++ b/apis/webservice/newupload.php @@ -0,0 +1,67 @@ +<?php +if(!isset($_SESSION['userid'])){ + echo json_encode(array( + "errormsg"=>"Not logged in", + "status" => "error", + "msg" => "")); + die(); +} +if(!isset($_POST['nparts'])){ + echo json_encode(array( + "errormsg"=>"Number of parts isn't set", + "status" => "error", + "msg" => "")); + die(); +} + +function crypto_rand_secure($min, $max){ + $range = $max - $min; + if ($range < 1) return $min; // not so random... + $log = ceil(log($range, 2)); + $bytes = (int) ($log / 8) + 1; // length in bytes + $bits = (int) $log + 1; // length in bits + $filter = (int) (1 << $bits) - 1; // set all lower bits to 1 + do { + $rnd = hexdec(bin2hex(openssl_random_pseudo_bytes($bytes))); + $rnd = $rnd & $filter; // discard irrelevant bits + } while ($rnd >= $range); + return $min + $rnd; +} + +function getToken($length){ + $token = ""; + $codeAlphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; + $codeAlphabet.= "abcdefghijklmnopqrstuvwxyz"; + $codeAlphabet.= "0123456789"; + $max = strlen($codeAlphabet) - 1; + for ($i=0; $i < $length; $i++) { + $token .= $codeAlphabet[crypto_rand_secure(0, $max)]; + } + return $token; +} +$token=getToken(35); +while(Database::queryFirst("select * from upload where `token`=:token", array( + "token" => $token))){ + $token = getToken(35); +} +$okay=Database::exec("INSERT INTO upload(`userid`, `nparts`, `nremaining`, `token`)". + " values (:userid, :nparts, :nremaining, :token)", array( + "userid"=>$_SESSION['userid'], + "nparts"=>$_POST['nparts'], + "nremaining"=>$_POST['nparts'], + "token"=> $token + )); +if($okay){ + echo json_encode(array( + "uploadid"=>$token, + "errormsg"=>"", + "status" => "ok", + "msg" => "New upload succesful")); + mkdir($target_dir.$token."/",0755, true); +}else{ + echo json_encode(array( + "errormsg"=>"Error when saving new upload, please retry", + "status" => "error", + "msg" => "")); +} + |