From d3551c4f0c4f48468078dedfe266f2fe5f201f48 Mon Sep 17 00:00:00 2001 From: Timo Ley Date: Fri, 4 Sep 2020 16:36:32 +0200 Subject: [PATCH] Add user endpoint --- jensmemes.php | 119 +++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 103 insertions(+), 16 deletions(-) diff --git a/jensmemes.php b/jensmemes.php index b1d51fa..cc38adb 100644 --- a/jensmemes.php +++ b/jensmemes.php @@ -41,19 +41,19 @@ if ($method == "GET") { $obj->status = 200; $query = "SELECT * FROM images"; if (isset($_GET["category"])) { - $query = addCondition('cat="' . $_GET["category"] . '"', $query); + $query = addCondition('cat="' . santinize($_GET["category"]) . '"', $query); } if (isset($_GET["user"])) { - $query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query); + $query = addCondition('user LIKE "%' . santinize($_GET["user"]) . '%"', $query); } if (isset($_GET["search"])) { - $query = addCondition('path LIKE "%' . $_GET["search"] . '%"', $query); + $query = addCondition('path LIKE "%' . santinize($_GET["search"]) . '%"', $query); } $obj->memes = memesArray($query); break; case "/meme": if (isset($_GET["id"])) { - $q = 'SELECT * FROM images WHERE id=' . $_GET["id"]; + $q = 'SELECT * FROM images WHERE id=' . santinize($_GET["id"]); $res = mysqli_query($jmcon, $q); checksql($res); $row = mysqli_fetch_array($res, MYSQLI_ASSOC); @@ -70,10 +70,10 @@ if ($method == "GET") { case "/random": $query = "SELECT * FROM images"; if (isset($_GET["category"])) { - $query = addCondition('cat="' . $_GET["category"] . '"', $query); + $query = addCondition('cat="' . santinize($_GET["category"]) . '"', $query); } if (isset($_GET["user"])) { - $query = addCondition('user LIKE "%' . $_GET["user"] . '%"', $query); + $query = addCondition('user LIKE "%' . santinize($_GET["user"]) . '%"', $query); } $memes = memesArray($query); $random = rand(0, count($memes) - 1); @@ -91,7 +91,7 @@ if ($method == "GET") { break; case "/category": if (isset($_GET["id"])) { - $q = 'SELECT * FROM cats WHERE id="' . $_GET["id"] . '"'; + $q = 'SELECT * FROM cats WHERE id="' . santinize($_GET["id"]) . '"'; $res = mysqli_query($jmcon, $q); checksql($res); $row = mysqli_fetch_array($res, MYSQLI_ASSOC); @@ -110,8 +110,9 @@ if ($method == "GET") { while ($row = mysqli_fetch_array($res_users, MYSQLI_ASSOC)) { $user = new stdClass(); $user->name = $row["name"]; - $user->tokenhash = $row["userdir"]; + $user->tokenhash = md5($row["token"]); $user->userdir = $row["userdir"]; + $user->id = $row["userdir"]; $user->dayuploads = $row["uploadsLast24H"]; array_push($users, $user); } @@ -119,12 +120,31 @@ if ($method == "GET") { $obj->users = $users; $obj->status = 200; break; - case "/token/random": - if (isset($_GET["user"])) { + case "/user": + $q_user = "SELECT * FROM token"; + if ($_GET["id"]) { + $q_user = addCondition('userdir="' . santinize($_GET["id"]) . '"', $q_user); + } + else if ($_GET["token"]) { + $q_user = addCondition('token="' . santinize($_GET["token"]) . '"', $q_user); + } + else if ($_GET["name"]) { + $q_user = addCondition('name LIKE "%' . santinize($_GET["name"]) . '%"', $q_user); + } + $res = mysqli_query($jmcon, $q_user); + checksql($res); + $row = mysqli_fetch_array($res, MYSQLI_ASSOC); + if ($row) { + $user = new stdClass(); + $user->name = $row["name"]; + $user->tokenhash = md5($row["token"]); + $user->userdir = $row["userdir"]; + $user->id = $row["userdir"]; + $user->dayuploads = $row["uploadsLast24H"]; + $obj->user = $user; $obj->status = 200; - $obj->token = genToken($_GET["user"]); } else { - $obj->error = "Need to set a user with ?user"; + $obj->error = "user not found"; } break; default: @@ -136,6 +156,8 @@ if ($method == "GET") { case "/upload": upload(); break; + case "/admin": + admin(file_get_contents("php://input")); } @@ -214,11 +236,22 @@ function genToken($discord) { return md5($prehash); } +function santinize($input) { + global $jmcon; + $out = str_replace(" ", "", $input); + $out = str_replace("'", "", $out); + $out = str_replace('"', "", $out); + $out = mysqli_escape_string($jmcon, $out); + return $out; +} + function upload() { global $jmcon; global $obj; global $jmimagepath; + global $jmurl; $token = $_POST["token"]; + $token = santinize($token); $cat = $_POST["category"]; $obj->token = $token; if (isset($token)) { @@ -243,10 +276,10 @@ function upload() { $type = gettype($_FILES['file']['name']); if ($type != "array") { $filename = $_FILES['file']['name']; - if (isset($filename)) { - $obj->file = $filename; + if ($filename != "") { move_uploaded_file($_FILES['file']['tmp_name'], $jmimagepath . $homedir . "/" . $filename); $path = "images/" . $homedir . "/" . $filename; + $obj->file = $jmurl.$path; $clientIP = $_SERVER['REMOTE_ADDR'];; $sqlType = "INSERT INTO images (user, path, cat, ip) VALUES ('$user', '$path', '$cat', '$clientIP')"; $res = mysqli_query($jmcon, $sqlType); @@ -256,10 +289,10 @@ function upload() { $obj->files = array(); for ($i = 0; $i < $countfiles; $i++) { $filename = $_FILES['file']['name'][$i]; - if (isset($filename)) { - array_push($obj->files, $filename); + if ($filename != "") { move_uploaded_file($_FILES['file']['tmp_name'][$i], $jmimagepath . $homedir . "/" . $filename); $path = "images/" . $homedir . "/" . $filename; + array_push($obj->files, $jmurl.$path); $clientIP = $_SERVER['REMOTE_ADDR'];; $sqlType = "INSERT INTO images (user, path, cat, ip) VALUES ('$user', '$path', '$cat', '$clientIP')"; $res = mysqli_query($jmcon, $sqlType); @@ -284,3 +317,57 @@ function upload() { $obj->status = 401; } } + +function admin($data) { + global $obj; + global $jmkey; + global $jmcon; + $decr = ""; + openssl_public_decrypt(base64_decode($data), $decr, $jmkey); + $req = json_decode($decr); + if ($req == null) { + $obj->status = 400; + $obj->error = "bad request or unauthorized"; + } else { + switch ($req->method) { + case "gettoken": + $user = $req->user; + $query = "SELECT * FROM token WHERE name='$user'"; + $res = mysqli_query($jmcon, $query); + checksql($res); + $tok = mysqli_fetch_array($res, MYSQLI_ASSOC); + if ($tok) { + $obj->status = 200; + $obj->token = encrypt($tok["token"], $jmkey); + } + break; + case "register": + $user = $req->user; + $query = "SELECT * FROM token WHERE name='$user'"; + $res = mysqli_query($jmcon, $query); + checksql($res); + $tok = mysqli_fetch_array($res, MYSQLI_ASSOC); + if ($tok) { + $obj->status = 200; + $obj->token = encrypt($tok["token"], $jmkey); + } else { + $token = genToken($user); + $userdir = md5($user); + $query = "INSERT INTO token (name, token, userdir) VALUES ('$user', '$token', '$userdir')"; + $res = mysqli_query($jmcon, $query); + checksql($res); + if ($res) { + $obj->status = 201; + $obj->token = encrypt($token, $jmkey); + $obj->userdir = $userdir; + } + } + } + } +} + +function encrypt($data, $pubkey) { + $encr = ""; + openssl_public_encrypt($data, $encr, $pubkey); + return base64_encode($encr); +} \ No newline at end of file