5) { $found = false; foreach ($fDbData as $i => $remote) { foreach ($remote as $j => $fileentry) { if ($fileentry["file"] === $dirname.$entry) { unset($fDbData[$i][$j]); if (count($fDbData[$i]) === 0) unset($fDbData[$i]); $found = true; break; } } if ($found) break; } unlink($dirname.$entry); } } fwrite($fDb, json_encode($fDbData)); fclose($fDb); closedir($dir); } else { error_log("Cannot open upload dir for cleaning"); } error_log("Done cleaning up files"); // Ping servers $result = []; foreach (getServers() as $i => $attrs) { $success = false; foreach ($attrs["ports"] as $port => $unused) { if (pingServer($i, $port)) { $success = true; break; } } $result[$i] = $success; } $result = array( "result" => $result, "date" => time() ); writeServersState($result); break; case "gravatar": require_once(".htconfig.php"); if (!isset($_GET["nick"])) { header("HTTP/1.0 400 Bad Request"); die("Bad Request"); } $dblink = getlink(); $lowerNick = strtolower($_GET["nick"]); $userRow = $dblink->prepare("SELECT `core`.`email` FROM `anope_NickCore` `core` INNER JOIN `anope_NickAlias` `alias` on `alias`.`nc`=`core`.`display` WHERE LOWER(`alias`.`nick`)=:nick AND `core`.`USE_GRAVATAR`=true LIMIT 1"); $userRow->execute([ "nick" => $lowerNick ]); $res = $userRow->fetch(PDO::FETCH_ASSOC); if ($res === false) { $userRow = $dblink->prepare("SELECT 'irc.knacki@gmail.com' as `email` FROM `anope_BotInfo` `bot` WHERE LOWER(`bot`.`nick`)=:nick LIMIT 1"); $userRow->execute([ "nick" => $lowerNick ]); $res = $userRow->fetch(PDO::FETCH_ASSOC); } header('Location: https://www.gravatar.com/avatar/' .md5($res === false ? $lowerNick : $res["email"]) .'.png?d=retro'); die(); break; case "file": require_once(".htconfig.php"); if (!isset($_GET["from"]) || strlen($_GET["from"]) == 0 || !isset($_FILES["file"])) { header("HTTP/1.0 400 Bad Request"); die("Bad Request"); } $extensionLocal = strrpos($_FILES["file"]["name"], '.'); $extension = strtolower(substr($_FILES["file"]["name"], $extensionLocal === FALSE ? 0 : $extensionLocal)); if (strpos($_FILES["file"]["type"], "image/") !== 0 || !in_array($extension, array( ".png", ".jpg", ".jpeg", ".ico"))) { header("HTTP/1.0 400 Bad Request"); die("Unrecognized file type"); } if ($_FILES["file"]["size"] > MAX_ALLOWED_UPLOAD_SIZE) { header("HTTP/1.0 400 Bad Request"); die("File is too large (max " .MAX_ALLOWED_UPLOAD_SIZE ."o, got " .$_FILES["file"]["size"] .')'); } $filename = md5($_GET["from"].time()) .$extension; // Flood protection if (file_exists($filename)) { header("HTTP/1.0 400 Bad Request"); die("Please wait between uploads"); } // Append file in files db $dbFile = getcwd()."/uploads/db.json"; $fDbData = array(); try { $fDbData = json_decode(@file_get_contents($dbFile), true); } catch(\Exception $e) { $fDbData = array(); } $fDb = fopen($dbFile, "w"); if (!$fDb) return; flock($fDb, LOCK_EX); if ($fDbData === NULL) $fDbData = array(); if (isset($fDbData->{$_SERVER["REMOTE_ADDR"]})) { $cur = $fDbData->{$_SERVER["REMOTE_ADDR"]}; while (count($fDbData->{$_SERVER["REMOTE_ADDR"]}) > 10) { $fileToRemove = array_shift($fDbData->{$_SERVER["REMOTE_ADDR"]}); var_dump("unlink".$fileToRemove->{"file"}); @unlink($fileToRemove->{"file"}); } } // Actual write file if (move_uploaded_file($_FILES["file"]["tmp_name"], getcwd()."/uploads/".$filename) === FALSE) { fwrite($fDb, json_encode($fDbData)); fclose($fDb); header("HTTP/1.0 500 Internal Server Error"); die("Internal Server Error"); } // Write to file db $fDbData[$_SERVER["REMOTE_ADDR"]] = isset($fDbData[$_SERVER["REMOTE_ADDR"]]) ? $fDbData[$_SERVER["REMOTE_ADDR"]] : array(); $fDbData[$_SERVER["REMOTE_ADDR"]][] = array("file" => getcwd()."/uploads/".$filename, "time" => time(), "from" => $_GET["from"], "ip" => $_SERVER["REMOTE_ADDR"]); fwrite($fDb, json_encode($fDbData)); fclose($fDb); // Log info error_log($_GET["from"] ." uploaded file " .$filename ." " .print_r($_FILES["file"], true) ." from " .$_SERVER["REMOTE_ADDR"]); echo "/uploads/" .$filename; break; } } ?>