FILEUP

LOG | FILES | OVERVIEW 

F diff --git a/index.php b/index.php
--- a/index.php
+++ b/index.php

  <html>

      <head>

          <meta charset="utf-8">

-         <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">

          <title>shady file upload</title> <link rel="stylesheet" type="text/css" href="css/style.css"> 

      </head>

  

F diff --git a/loggedin.js b/loggedin.js
--- a/loggedin.js
+++ b/loggedin.js

- var FORM_ASYNC = false;

- 

  const upload_form    = document.getElementById("upload_form");

  const the_file       = document.getElementById("the_file");

  const filename_input = document.getElementById("filename");

  const upload_btn     = document.getElementById("upload_btn");

- const current_directory = document.getElementById("current_directory");

  

  the_file.onchange = on_file_added;

  

- const files = [];

- 

- const pending_uploads = [];

- 

- function on_file_added(_e) {

+ function on_file_added(e) {

      if (the_file.files.length >= 1) {

          filename_input.value = the_file.files[0].name;

  

-         if (!FORM_ASYNC) {

-             upload_form.submit();

-             return;

-         }

- 

          // Send the form asynchronously through the fetch api

          fetch(upload_form.action, {

              method: upload_form.method,

              body: new FormData(upload_form)

-         }).then((resp) => {

-             if (resp.status == 200) {

-                 add_file_visuals(filename_input.value, true);

-             }

-             else {

-                 alert("Upload failed");

-             }

-         }, () => {

-             alert("Upload failed")

-         });

- 

+         })

  

+         alert("Sent the upload request");

      }

      else {

          alert("No files selected");

  

  }

  

- function add_file_visuals(name, pending) {

-     var fileDiv = document.createElement('div');

- 

-     var img = document.createElement('img');

-     var filename = document.createElement('div');

- 

-     img.src="/mimeicons/application-pdf.png";

-     fileDiv.classList.add('file');

-     filename.classList.add('filename');

-     filename.innerText = name;

- 

-     fileDiv.appendChild(img);

-     fileDiv.appendChild(filename);

- 

-     current_directory.appendChild(fileDiv);

- 

-     files.push([name, fileDiv]);

- 

-     return fileDiv;

- }

- 

  function begin_upload() {

      the_file.click();

  }

F diff --git a/loggedin.php b/loggedin.php
--- a/loggedin.php
+++ b/loggedin.php

+ 

  <div>

      <div class="filesystem">

          <h2 style="display: flex; gap: 1rem;">

              <input id="upload_btn" type="button" value="Upload" onclick="begin_upload()">

          </h2>

  

-         <div class="files" id="current_directory">

+         <div class="files">

+             <div class="file"> 

+                 <img src="/mimeicons/application-pdf.png">

+                 <div class="filename">asdf</div>

+             </div>

          </div>

      </div>

  

F diff --git a/php/database.php b/php/database.php
--- a/php/database.php
+++ b/php/database.php

  		function create_file_node(string $filename): string

  		{

  			global $storage_root;

- 			$code=get_random_node_name("");

- 			if($filename==NULL)return false;

+ 			$code=$this->get_random_node_name("");

+ 			if($filename==NULL)return "error";

  			$prep=$this->pdo->prepare("insert into nodes(is_directory,relative_path,name,code)

  						   values(false,:root,:name,:code)

  						   ");

  			$prep->bindParam(':name',$filename);

  			$prep->bindParam(':root',$storage_root);

- 

  			$prep->bindParam(':code',$code);

+ 

  			if($prep->execute()==false)

  			{

  				error_log("could not upload file");

  				/*not so quiet error*/

  				return "error";

  			}

- 			return code;

+ 			return $code;

  		}

  		function are_linked(int $directory_id,int $node_id): bool

  		{

F diff --git a/php/upload.php b/php/upload.php
--- a/php/upload.php
+++ b/php/upload.php

  require_once "database.php";

  require_once "configuration.php";

  

- if (!isset( $_POST["filename"]) || !isset($_POST["the_file"]))

+ if (!isset( $_POST["filename"]) || !isset($_FILES["the_file"]))

  {

  	http_response_code(400);

  	error_log("someone tried to upload something impropperly");

  	exit(1);

  }

  

- $file = $_POST["the_file"];

+ $file = $_FILES["the_file"];

  $filename= $_POST["filename"];

  

  

- $codename=create_file_node($filename);

- 

- copy($file['tmp_name'], "$storage_root/$codename");

+ $codename=$database->create_file_node($filename);

+ if($codename=="error")

+ {

+ 	http_response_code(400);

+ 	exit(0);

+ }

+ error_log($file['tmp_name']);

+ move_uploaded_file($file['tmp_name'], "$storage_root/$codename");

  

- echo $codename;

+ http_response_code(200);

+ exit(0);

  ?>

F diff --git a/sql/fileshare.sql b/sql/fileshare.sql
--- a/sql/fileshare.sql
+++ b/sql/fileshare.sql

+ /*BEWARE!*/

+ drop table if exists nodes;

+ drop table if exists users;

+ drop table if exists node_access;

+ drop table if exists node_links;

+ 

+ 

+ 

+ 

  create table nodes (

  	node_id int not null auto_increment,

  	is_directory boolean default false,