From dbccf470d1daf367d7da87934700789ab7d80297 Mon Sep 17 00:00:00 2001 From: Kieran Date: Wed, 15 Nov 2017 17:50:06 +0800 Subject: [PATCH] add referer block, and ga events --- src/php/api.php | 17 ++++++++++---- src/php/config.php.sample | 3 ++- src/php/cron.php | 9 +++---- src/php/db.php | 10 ++++---- src/php/download.php | 49 +++++++++++++++++---------------------- src/php/ga.php | 39 +++++++++++++++++++++++++++++++ src/php/upload.php | 2 +- 7 files changed, 86 insertions(+), 43 deletions(-) create mode 100644 src/php/ga.php diff --git a/src/php/api.php b/src/php/api.php index 9cb8831..79fcf39 100644 --- a/src/php/api.php +++ b/src/php/api.php @@ -1,8 +1,9 @@ cmd){ case "config": { - require_once("db.php"); + include_once("db.php"); $db = new DB(); $rsp["stats"] = $db->GetStats(); @@ -25,7 +26,7 @@ } case "file": { - require_once("db.php"); + include_once("db.php"); $db = new DB(); $fi = $db->GetFile($c->hash); @@ -42,10 +43,13 @@ $dlCounter = $redis->get($hashKey); if($dlCounter != False && $dlCounter >= _DL_CAPTCHA) { + GAEvent("Captcha", "Hit"); $rsp["captcha"] = True; } $redis->close(); + }else { + $rsp["file"] = NULL; } break; } @@ -78,11 +82,14 @@ $dlCounter = 0; $redis->setEx($hashKey, _CAPTCHA_DL_EXPIRE, 0); $rsp["ok"] = True; + GAEvent("Captcha", "Pass"); }else{ $rsp["ok"] = False; + GAEvent("Captcha", "Fail"); } }else{ $rsp["ok"] = True; + GAEvent("Captcha", "Miss"); } $redis->close(); @@ -92,4 +99,4 @@ header('Content-Type: application/json'); echo json_encode($rsp); -?> \ No newline at end of file +?> diff --git a/src/php/config.php.sample b/src/php/config.php.sample index 0024087..cb08740 100644 --- a/src/php/config.php.sample +++ b/src/php/config.php.sample @@ -15,7 +15,8 @@ define('_FILEPATH', '/var/www/void.cat' . _UPLOADDIR); define('_DISCORD_WEBHOOK', 'DISCORD_HOOK_URL'); define('_FILE_EXPIRE_TIME', 30); - define('_GA_CODE', 'UA-73200448-1'); + define('_GA_SITE_CODE', 'UA-73200448-1'); + define('_BLOCK_REFERER', array("yobuilder.com", "adf.ly")); /* CAPTCHA SETTINGS */ define('_DL_CAPTCHA', 10); diff --git a/src/php/cron.php b/src/php/cron.php index c5369b0..f975e63 100644 --- a/src/php/cron.php +++ b/src/php/cron.php @@ -9,14 +9,15 @@ foreach($fl as $f) { if(unlink($f->path)) { $db->DeleteFile($f); - echo 'Deleted file: ' . $f->filename . ' (' . $f->hash160 . ')\n'; + echo 'Deleted file: ' . $f->filename . ' (' . $f->hash160 . ') \n'; + $del[] = $f->hash160; }else{ - echo 'Cant delete file ' . $f->hash160 . '\n'; + echo 'Cant delete file ' . $f->path . ' \n'; } } if(count($fl) > 0){ - $discord_data = array("content" => 'Deleted ' . count($fl) . ' expired files.'); + $discord_data = array("content" => 'Deleted ' . count($fl) . ' expired files. `' . implode("` `", $del) . '`'); include('discord.php'); } -?> \ No newline at end of file +?> diff --git a/src/php/db.php b/src/php/db.php index 1d2f106..982f851 100644 --- a/src/php/db.php +++ b/src/php/db.php @@ -67,7 +67,7 @@ { $res = array(); - $stmt = $this->mysqli->prepare("select hash160, hash256, filename, mime, size, path, views, isAdminFile, uploaded, lastview from files"); + $stmt = $this->mysqli->prepare("select hash160, hash256, filename, mime, size, path, views, isAdminFile, uploaded, lastview from files order by uploaded desc"); if($stmt) { $stmt->execute(); @@ -109,7 +109,7 @@ $stmt = $this->mysqli->prepare("delete from files where hash160 = ?"); if($stmt) { - $stmt->bind_param("s", $f->id); + $stmt->bind_param("s", $f->hash160); $stmt->execute(); $stmt->close(); } @@ -141,14 +141,16 @@ { $res = array(); - $stmt = $this->mysqli->prepare("select hash160 from files where date_add(lastview, INTERVAL " . _FILE_EXPIRE_TIME . " DAY) >= CURRENT_TIMESTAMP"); + $stmt = $this->mysqli->prepare("select hash160, filename, path from files where date_add(lastview, INTERVAL " . _FILE_EXPIRE_TIME . " DAY) < CURRENT_TIMESTAMP"); if($stmt) { $stmt->execute(); - $stmt->bind_result($hash160); + $stmt->bind_result($hash160, $filename, $path); while($stmt->fetch()){ $nf = new FileUpload(); $nf->hash160 = $hash160; + $nf->filename = $filename; + $nf->path = $path; array_push($res, $nf); } $stmt->close(); diff --git a/src/php/download.php b/src/php/download.php index ee761b6..7759514 100644 --- a/src/php/download.php +++ b/src/php/download.php @@ -1,37 +1,19 @@ = _DL_CAPTCHA){ //redirect for captcha check $redis->close(); + GAEvent("Captcha", "Hit"); header('location: ' . _SITEURL . '?dl#' . $hash); exit(); } }else{ $redis->setEx($hashKey, _CAPTCHA_DL_EXPIRE, 0); + $dlCounter = 0; } include_once('db.php'); $db = new DB(); $f = $db->GetFile($hash); if($f->hash160 != NULL){ - XFastDownload(_UPLOADDIR . $f->hash160, $f->filename, $f->mime); + $expire = 604800; + $location = _UPLOADDIR . $f->hash160; + $mimeType = $f->mime; + $filename = $f->filename; + + header("X-Accel-Redirect: $location"); + header("Cache-Control: public, max-age=$expire"); + header("Content-type: $mimeType"); + header('Content-Disposition: inline; filename="' . $filename . '"'); if($validRequest){ + GAPageView(); $db->AddView($f->hash160); $redis->incr($hashKey); } diff --git a/src/php/ga.php b/src/php/ga.php new file mode 100644 index 0000000..4c1dcc8 --- /dev/null +++ b/src/php/ga.php @@ -0,0 +1,39 @@ + "pageview", + "dh" => $_SERVER['HTTP_HOST'], + "dp" => urlencode($_SERVER['REQUEST_URI']), + "uip" => $_SERVER['REMOTE_ADDR'], + "ua" => urlencode(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : ""), + "dr" => urlencode(isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "") + )); + } + + function GAEvent($cat, $act) { + GACollect(array( + "t" => "event", + "ec" => $cat, + "ea" => $act + )); + } +?> \ No newline at end of file diff --git a/src/php/upload.php b/src/php/upload.php index 7feea75..464c92b 100644 --- a/src/php/upload.php +++ b/src/php/upload.php @@ -123,4 +123,4 @@ //return response header('Content-Type: application/json'); echo json_encode($response); -?> \ No newline at end of file +?>