diff --git a/src/php/api.php b/src/php/api.php
index 9cb8831..79fcf39 100644
--- a/src/php/api.php
+++ b/src/php/api.php
@@ -1,8 +1,9 @@
<?php
session_start();
- require_once('config.php');
-
+ include_once('config.php');
+ include_once('ga.php');
+
$body = file_get_contents('php://input');
$c = json_decode($body);
$rsp = array(
@@ -12,7 +13,7 @@
switch($c->cmd){
case "config":
{
- require_once("db.php");
+ include_once("db.php");
$db = new DB();
$rsp["stats"] = $db->GetStats();
@@ -25,7 +26,7 @@
}
case "file":
{
- require_once("db.php");
+ include_once("db.php");
$db = new DB();
$fi = $db->GetFile($c->hash);
@@ -42,10 +43,13 @@
$dlCounter = $redis->get($hashKey);
if($dlCounter != False && $dlCounter >= _DL_CAPTCHA) {
+ GAEvent("Captcha", "Hit");
$rsp["captcha"] = True;
}
$redis->close();
+ }else {
+ $rsp["file"] = NULL;
}
break;
}
@@ -78,11 +82,14 @@
$dlCounter = 0;
$redis->setEx($hashKey, _CAPTCHA_DL_EXPIRE, 0);
$rsp["ok"] = True;
+ GAEvent("Captcha", "Pass");
}else{
$rsp["ok"] = False;
+ GAEvent("Captcha", "Fail");
}
}else{
$rsp["ok"] = True;
+ GAEvent("Captcha", "Miss");
}
$redis->close();
@@ -92,4 +99,4 @@
header('Content-Type: application/json');
echo json_encode($rsp);
-?>
\ No newline at end of file
+?>
diff --git a/src/php/config.php.sample b/src/php/config.php.sample
index 0024087..cb08740 100644
--- a/src/php/config.php.sample
+++ b/src/php/config.php.sample
@@ -15,7 +15,8 @@
define('_FILEPATH', '/var/www/void.cat' . _UPLOADDIR);
define('_DISCORD_WEBHOOK', 'DISCORD_HOOK_URL');
define('_FILE_EXPIRE_TIME', 30);
- define('_GA_CODE', 'UA-73200448-1');
+ define('_GA_SITE_CODE', 'UA-73200448-1');
+ define('_BLOCK_REFERER', array("yobuilder.com", "adf.ly"));
/* CAPTCHA SETTINGS */
define('_DL_CAPTCHA', 10);
diff --git a/src/php/cron.php b/src/php/cron.php
index c5369b0..f975e63 100644
--- a/src/php/cron.php
+++ b/src/php/cron.php
@@ -9,14 +9,15 @@
foreach($fl as $f) {
if(unlink($f->path)) {
$db->DeleteFile($f);
- echo 'Deleted file: ' . $f->filename . ' (' . $f->hash160 . ')\n';
+ echo 'Deleted file: ' . $f->filename . ' (' . $f->hash160 . ') \n';
+ $del[] = $f->hash160;
}else{
- echo 'Cant delete file ' . $f->hash160 . '\n';
+ echo 'Cant delete file ' . $f->path . ' \n';
}
}
if(count($fl) > 0){
- $discord_data = array("content" => 'Deleted ' . count($fl) . ' expired files.');
+ $discord_data = array("content" => 'Deleted ' . count($fl) . ' expired files. `' . implode("` `", $del) . '`');
include('discord.php');
}
-?>
\ No newline at end of file
+?>
diff --git a/src/php/db.php b/src/php/db.php
index 1d2f106..982f851 100644
--- a/src/php/db.php
+++ b/src/php/db.php
@@ -67,7 +67,7 @@
{
$res = array();
- $stmt = $this->mysqli->prepare("select hash160, hash256, filename, mime, size, path, views, isAdminFile, uploaded, lastview from files");
+ $stmt = $this->mysqli->prepare("select hash160, hash256, filename, mime, size, path, views, isAdminFile, uploaded, lastview from files order by uploaded desc");
if($stmt)
{
$stmt->execute();
@@ -109,7 +109,7 @@
$stmt = $this->mysqli->prepare("delete from files where hash160 = ?");
if($stmt)
{
- $stmt->bind_param("s", $f->id);
+ $stmt->bind_param("s", $f->hash160);
$stmt->execute();
$stmt->close();
}
@@ -141,14 +141,16 @@
{
$res = array();
- $stmt = $this->mysqli->prepare("select hash160 from files where date_add(lastview, INTERVAL " . _FILE_EXPIRE_TIME . " DAY) >= CURRENT_TIMESTAMP");
+ $stmt = $this->mysqli->prepare("select hash160, filename, path from files where date_add(lastview, INTERVAL " . _FILE_EXPIRE_TIME . " DAY) < CURRENT_TIMESTAMP");
if($stmt)
{
$stmt->execute();
- $stmt->bind_result($hash160);
+ $stmt->bind_result($hash160, $filename, $path);
while($stmt->fetch()){
$nf = new FileUpload();
$nf->hash160 = $hash160;
+ $nf->filename = $filename;
+ $nf->path = $path;
array_push($res, $nf);
}
$stmt->close();
diff --git a/src/php/download.php b/src/php/download.php
index ee761b6..7759514 100644
--- a/src/php/download.php
+++ b/src/php/download.php
@@ -1,37 +1,19 @@
<?php
session_start();
include_once('config.php');
+ include_once('ga.php');
- function XFastDownload($location, $filename, $mimeType = 'application/octet-stream')
- {
- global $validRequest;
- if($validRequest)
- {
- $url = "https://www.google-analytics.com/collect";
- $payload = "v=1&tid=" . _GA_CODE . "&cid=" . session_id() . "&t=pageview&dh=" . $_SERVER['HTTP_HOST'] . "&dp=" . urlencode($_SERVER['REQUEST_URI']) . "&uip=" . $_SERVER['REMOTE_ADDR'] . "&ua=" . urlencode($_SERVER["HTTP_USER_AGENT"]) . "&dr=" . urlencode(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "");
-
- $ch = curl_init();
-
- curl_setopt($ch, CURLOPT_URL, $url);
- curl_setopt($ch, CURLOPT_POST, 1);
- curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
-
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_exec($ch);
- curl_close ($ch);
- }
-
- $expire = 604800;
-
- header("X-Accel-Redirect: $location");
- header("Cache-Control: public, max-age=$expire");
- header("Content-type: $mimeType");
- header('Content-Disposition: inline; filename="' . $filename . '"');
- }
-
$hash = substr($_SERVER["REQUEST_URI"], 1);
$hashKey = $_SERVER['REMOTE_ADDR'] . ':' . $hash;
+ $refr = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : False;
+ if($refr != False){
+ $rh = parse_url($refr)["host"];
+ if(in_array($rh, _BLOCK_REFERER)){
+ http_response_code(403);
+ exit();
+ }
+ }
$range_start = 0;
$range_end = 999;
if(isset($_SERVER['HTTP_RANGE'])){
@@ -54,20 +36,31 @@
if($dlCounter >= _DL_CAPTCHA){
//redirect for captcha check
$redis->close();
+ GAEvent("Captcha", "Hit");
header('location: ' . _SITEURL . '?dl#' . $hash);
exit();
}
}else{
$redis->setEx($hashKey, _CAPTCHA_DL_EXPIRE, 0);
+ $dlCounter = 0;
}
include_once('db.php');
$db = new DB();
$f = $db->GetFile($hash);
if($f->hash160 != NULL){
- XFastDownload(_UPLOADDIR . $f->hash160, $f->filename, $f->mime);
+ $expire = 604800;
+ $location = _UPLOADDIR . $f->hash160;
+ $mimeType = $f->mime;
+ $filename = $f->filename;
+
+ header("X-Accel-Redirect: $location");
+ header("Cache-Control: public, max-age=$expire");
+ header("Content-type: $mimeType");
+ header('Content-Disposition: inline; filename="' . $filename . '"');
if($validRequest){
+ GAPageView();
$db->AddView($f->hash160);
$redis->incr($hashKey);
}
diff --git a/src/php/ga.php b/src/php/ga.php
new file mode 100644
index 0000000..4c1dcc8
--- /dev/null
+++ b/src/php/ga.php
@@ -0,0 +1,39 @@
+<?php
+ include_once('config.php');
+
+ function GACollect($p) {
+ $url = "https://www.google-analytics.com/collect";
+ $p["v"] = "1";
+ $p["tid"] = _GA_SITE_CODE;
+ $p["cid"] = session_id();
+
+ $ch = curl_init();
+
+ curl_setopt($ch, CURLOPT_URL, $url);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($p));
+
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ curl_exec($ch);
+ curl_close ($ch);
+ }
+
+ function GAPageView(){
+ GACollect(array(
+ "t" => "pageview",
+ "dh" => $_SERVER['HTTP_HOST'],
+ "dp" => urlencode($_SERVER['REQUEST_URI']),
+ "uip" => $_SERVER['REMOTE_ADDR'],
+ "ua" => urlencode(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : ""),
+ "dr" => urlencode(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "")
+ ));
+ }
+
+ function GAEvent($cat, $act) {
+ GACollect(array(
+ "t" => "event",
+ "ec" => $cat,
+ "ea" => $act
+ ));
+ }
+?>
\ No newline at end of file
diff --git a/src/php/upload.php b/src/php/upload.php
index 7feea75..464c92b 100644
--- a/src/php/upload.php
+++ b/src/php/upload.php
@@ -123,4 +123,4 @@
//return response
header('Content-Type: application/json');
echo json_encode($response);
-?>
\ No newline at end of file
+?>