forked from SuprDewd/simpletracker
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsite.php
More file actions
110 lines (92 loc) · 2.72 KB
/
site.php
File metadata and controls
110 lines (92 loc) · 2.72 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
$CONFIG = array(
// Example PostgreSQL configuration
'db' => array(
'connection_string' => 'pgsql:host=localhost;dbname=simpletracker',
'type' => 'pgsql',
'user'=>'simpletracker',
'password' => 'simpletracker',
),
// Example MySQL configuration
// 'db' => array(
// 'connection_string' => 'mysql:host=localhost;dbname=simpletracker',
// 'type' => 'mysql',
// 'user'=>'simpletracker',
// 'password' => 'simpletracker',
// ),
'base_url' => 'https://domain.xyz', // no trailing slash
'site_title' => 'simpletracker',
'max_torrent_size' => 20*1024*1024,
);
require_once 'db.php';
$db = $CONFIG['db']['type'] == 'mysql' ? new MySqlDatabase()
: new PostgreSqlDatabase();
function html_escape($s) {
return htmlspecialchars($s, ENT_QUOTES, 'UTF-8');
}
function random_hash() {
$s = openssl_random_pseudo_bytes(30);
if ($s === null) {
die('no source of randomness');
}
return md5($s);
}
function require_auth() {
global $CONFIG;
if (!array_key_exists('user', $_SESSION)) {
header(sprintf('Location: %s/login.php', $CONFIG['base_url']));
die;
}
}
function check_csrf() {
if (!array_key_exists('csrf', $_POST) || $_POST['csrf'] !== $_SESSION['csrf']) {
die;
}
}
function csrf_html() {
printf('<input type="hidden", name="csrf" value="%s" />', html_escape($_SESSION['csrf']));
}
function gen_csrf($replace = false) {
if ($replace || !array_key_exists('csrf', $_SESSION)) {
$_SESSION['csrf'] = random_hash();
}
}
function format_size($b) {
if ($b < 1024) return round($b,2) . 'B';
$b /= 1024.0;
if ($b < 1024) return round($b,2) . 'KiB';
$b /= 1024.0;
if ($b < 1024) return round($b,2) . 'MiB';
$b /= 1024.0;
if ($b < 1024) return round($b,2) . 'GiB';
$b /= 1024.0;
return round($b,2) . 'TiB';
}
function site_header() {
global $CONFIG;
printf('<!DOCTYPE html>');
printf('<html>');
printf('<head>');
printf('<title>%s</title>', html_escape($CONFIG['site_title']));
printf('</head>');
printf('<body>');
if (array_key_exists('user', $_SESSION)) {
printf('sup %s', html_escape($_SESSION['user']['username']));
printf(' | ');
printf('<a href="index.php">index</a>');
printf(' | ');
printf('<a href="upload.php">upload</a>');
printf(' | ');
printf('<a href="invitations.php">invitations</a>');
printf(' | ');
printf('<a href="logout.php">logout</a>');
printf('<br/>');
printf('<br/>');
}
}
function site_footer() {
printf('</body>');
}
// session setup
session_start();
gen_csrf();