API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 24th, 2019
110
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.14 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. ini_set('display_errors', 0);
  4.  
  5. // reset challenge environment hourly
  6. if (!file_exists('../hourly') || (time() - filemtime('../hourly')) > 60*60) {
  7. // remove uploaded files
  8. foreach (glob('../files/*') as $f) {
  9. unlink("../files/$f");
  10. }
  11. rmdir('../files');
  12.  
  13. // remove a database
  14. unlink('../database.db');
  15.  
  16. // make a directory to store uploaded files
  17. mkdir('../files');
  18.  
  19. // move a secret file into `files`
  20. copy('../secret_file', '../files/secret_file');
  21.  
  22. // make the database
  23. $db = new PDO('sqlite:../database.db');
  24. $db->exec('CREATE TABLE files(id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, passcode TEXT)');
  25.  
  26. // create a secret entry
  27. $secrets = include('secrets.php');
  28. $db->exec("INSERT INTO files(name, passcode) VALUES ('secret_file', '{$secrets['passcode']}')");
  29.  
  30. // update file modified time
  31. file_put_contents('../hourly', (string)time());
  32. }
  33.  
  34. if (isset($_GET['source'])) {
  35. highlight_file(__FILE__);
  36. exit;
  37. }
  38.  
  39. $db = new PDO('sqlite:../database.db');
  40.  
  41. // when a file is uploaded
  42. if (isset($_POST['passcode'])) {
  43. $filename = basename($_FILES['file']['name']);
  44. if (!preg_match('@^[A-Za-z0-9_.]+$@', $filename)) {
  45. die('Invalid Filename');
  46. }
  47. $uploadfile = '../files/' . $filename;
  48. if (file_exists($uploadfile)) {
  49. die('File already exists');
  50. }
  51. if (! move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
  52. die('Failed to upload file');
  53. }
  54. $db->exec("INSERT INTO files(name, passcode) VALUES ('$filename', '{$_POST['passcode']}')");
  55. }
  56.  
  57. // file download query
  58. if (isset($_GET['download']) && isset($_GET['passcode'])) {
  59. $name = $_GET['download'];
  60. $rows = $db->query("select name, passcode from files where name = '$name'")->fetchAll();
  61. if (count($rows) == 1 && $rows[0][0] === $name && $rows[0][1] == $_GET['passcode']) {
  62. $path = '../files/'. $name;
  63. header('Content-Type: application/force-download');
  64. header('Content-Length: '.filesize($path));
  65. header('Content-disposition: attachment; filename="'.$name.'"');
  66. readfile($path);
  67. exit;
  68. } else {
  69. die('Invalid filename or passcode');
  70. }
  71. }
  72.  
  73. $files = [];
  74. // search
  75. if (isset($_GET['search'])) {
  76. $rows = $db->query("SELECT name FROM files WHERE instr(name, '{$_GET['search']}') ORDER BY id DESC");
  77. foreach ($rows as $row) {
  78. $files []= $row[0];
  79. }
  80. }
  81. // all files
  82. else {
  83. $rows = $db->query('SELECT name FROM files ORDER BY id DESC');
  84. foreach ($rows as $row) {
  85. $files []= $row[0];
  86. }
  87. }
  88. ?>
  89. <!DOCTYPE html>
  90. <html lang="en">
  91. <head>
  92. <meta charset="UTF-8">
  93. <title>UPLOADER</title>
  94. <style>
  95. .container {
  96. width: 1024px;
  97. margin: 0 auto;
  98. }
  99. h1 {
  100. text-align: center;
  101. }
  102. section {
  103. margin: 20px 0;
  104. }
  105. h2 {
  106. border-bottom: 1px solid #ccc;
  107. }
  108. input[type=file] {
  109. display: none;
  110. }
  111. .upload,input[type=submit] {
  112. border: 1px solid #ccc;
  113. display: inline-block;
  114. padding: 0.5em 2em;
  115. cursor: pointer;
  116. }
  117. input[type=text],input[type=password] {
  118. border: 1px solid #ccc;
  119. padding: 0.5em;
  120. }
  121. li {
  122. clear: both;
  123. }
  124. .inline-form {
  125. display: inline-block;
  126. float: right;
  127. }
  128. </style>
  129. </head>
  130. <body>
  131. <div class="container">
  132. <h1>UPLOADER</h1>
  133. <p><a href="?source">view source</a></p>
  134.  
  135. <section>
  136. <h2>UPLOAD</h2>
  137. <form enctype="multipart/form-data" method="POST">
  138. <label for="file-upload" class="upload">file upload</label>
  139. <input name="file" type="file" id="file-upload"/>
  140. passcode: <input type="password" name="passcode" required>
  141. <input type="submit" value="UPLOAD" />
  142. </form>
  143. </section>
  144.  
  145. <section>
  146. <h2>DOWNLOAD</h2>
  147. <form method="GET"><input type="text" name="search" value="<?= @$_GET['search']; ?>"><input type="submit" value="search by keyword"></form>
  148.  
  149. <ul>
  150. <?php foreach ($files as $f) {
  151. echo "<li>$f<form class='inline-form' method='get'><input type='hidden' name='download' value='$f'>passcode: <input type='password' name='passcode'/><input type='submit' value='download'></form></li>";
  152. } ?>
  153. </ul>
  154. </section>
  155. </div>
  156. </body>
  157. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!