-
Notifications
You must be signed in to change notification settings - Fork 8
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit f97b586
Showing
359 changed files
with
16,218 additions
and
0 deletions.
There are no files selected for viewing
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,143 @@ | ||
| <?php | ||
| error_reporting(0); | ||
| $dbaddr = "localhost"; | ||
| $dbuser = "root"; | ||
| $dbpass = ""; | ||
| $dbname = "dropbox"; | ||
| $db = new mysqli($dbaddr, $dbuser, $dbpass, $dbname); | ||
|
|
||
| class User { | ||
| public $db; | ||
|
|
||
| public function __construct() { | ||
| global $db; | ||
| $this->db = $db; | ||
| } | ||
|
|
||
| public function user_exist($username) { | ||
| $stmt = $this->db->prepare("SELECT `username` FROM `users` WHERE `username` = ? LIMIT 1;"); | ||
| $stmt->bind_param("s", $username); | ||
| $stmt->execute(); | ||
| $stmt->store_result(); | ||
| $count = $stmt->num_rows; | ||
| if ($count === 0) { | ||
| return false; | ||
| } | ||
| return true; | ||
| } | ||
|
|
||
| public function add_user($username, $password) { | ||
| if ($this->user_exist($username)) { | ||
| return false; | ||
| } | ||
| $password = sha1($password . "SiAchGHmFx"); | ||
| $stmt = $this->db->prepare("INSERT INTO `users` (`id`, `username`, `password`) VALUES (NULL, ?, ?);"); | ||
| $stmt->bind_param("ss", $username, $password); | ||
| $stmt->execute(); | ||
| return true; | ||
| } | ||
|
|
||
| public function verify_user($username, $password) { | ||
| if (!$this->user_exist($username)) { | ||
| return false; | ||
| } | ||
| $password = sha1($password . "SiAchGHmFx"); | ||
| $stmt = $this->db->prepare("SELECT `password` FROM `users` WHERE `username` = ?;"); | ||
| $stmt->bind_param("s", $username); | ||
| $stmt->execute(); | ||
| $stmt->bind_result($expect); | ||
| $stmt->fetch(); | ||
| if (isset($expect) && $expect === $password) { | ||
| return true; | ||
| } | ||
| return false; | ||
| } | ||
|
|
||
| public function __destruct() { | ||
| $this->db->close(); | ||
| } | ||
| } | ||
|
|
||
| class FileList { | ||
| private $files; | ||
| private $results; | ||
| private $funcs; | ||
|
|
||
| public function __construct($path) { | ||
| $this->files = array(); | ||
| $this->results = array(); | ||
| $this->funcs = array(); | ||
| $filenames = scandir($path); | ||
|
|
||
| $key = array_search(".", $filenames); | ||
| unset($filenames[$key]); | ||
| $key = array_search("..", $filenames); | ||
| unset($filenames[$key]); | ||
|
|
||
| foreach ($filenames as $filename) { | ||
| $file = new File(); | ||
| $file->open($path . $filename); | ||
| array_push($this->files, $file); | ||
| $this->results[$file->name()] = array(); | ||
| } | ||
| } | ||
|
|
||
| public function __call($func, $args) { | ||
| array_push($this->funcs, $func); | ||
| foreach ($this->files as $file) { | ||
| $this->results[$file->name()][$func] = $file->$func(); | ||
| } | ||
| } | ||
|
|
||
| public function __destruct() { | ||
| $table = '<div id="container" class="container"><div class="table-responsive"><table id="table" class="table table-bordered table-hover sm-font">'; | ||
| $table .= '<thead><tr>'; | ||
| foreach ($this->funcs as $func) { | ||
| $table .= '<th scope="col" class="text-center">' . htmlentities($func) . '</th>'; | ||
| } | ||
| $table .= '<th scope="col" class="text-center">Opt</th>'; | ||
| $table .= '</thead><tbody>'; | ||
| foreach ($this->results as $filename => $result) { | ||
| $table .= '<tr>'; | ||
| foreach ($result as $func => $value) { | ||
| $table .= '<td class="text-center">' . htmlentities($value) . '</td>'; | ||
| } | ||
| $table .= '<td class="text-center" filename="' . htmlentities($filename) . '"><a href="#" class="download">下载</a> / <a href="#" class="delete">删除</a></td>'; | ||
| $table .= '</tr>'; | ||
| } | ||
| echo $table; | ||
| } | ||
| } | ||
|
|
||
| class File { | ||
| public $filename; | ||
|
|
||
| public function open($filename) { | ||
| $this->filename = $filename; | ||
| if (file_exists($filename) && !is_dir($filename)) { | ||
| return true; | ||
| } else { | ||
| return false; | ||
| } | ||
| } | ||
|
|
||
| public function name() { | ||
| return basename($this->filename); | ||
| } | ||
|
|
||
| public function size() { | ||
| $size = filesize($this->filename); | ||
| $units = array(' B', ' KB', ' MB', ' GB', ' TB'); | ||
| for ($i = 0; $size >= 1024 && $i < 4; $i++) $size /= 1024; | ||
| return round($size, 2).$units[$i]; | ||
| } | ||
|
|
||
| public function detele() { | ||
| unlink($this->filename); | ||
| } | ||
|
|
||
| public function close() { | ||
| return file_get_contents($this->filename); | ||
| } | ||
| } | ||
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| <?php | ||
| session_start(); | ||
| if (!isset($_SESSION['login'])) { | ||
| header("Location: login.php"); | ||
| die(); | ||
| } | ||
|
|
||
| if (!isset($_POST['filename'])) { | ||
| die(); | ||
| } | ||
|
|
||
| include "class.php"; | ||
|
|
||
| chdir($_SESSION['sandbox']); | ||
| $file = new File(); | ||
| $filename = (string) $_POST['filename']; | ||
| if (strlen($filename) < 40 && $file->open($filename)) { | ||
| $file->detele(); | ||
| Header("Content-type: application/json"); | ||
| $response = array("success" => true, "error" => ""); | ||
| echo json_encode($response); | ||
| } else { | ||
| Header("Content-type: application/json"); | ||
| $response = array("success" => false, "error" => "File not exist"); | ||
| echo json_encode($response); | ||
| } | ||
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| <?php | ||
| session_start(); | ||
| if (!isset($_SESSION['login'])) { | ||
| header("Location: login.php"); | ||
| die(); | ||
| } | ||
|
|
||
| if (!isset($_POST['filename'])) { | ||
| die(); | ||
| } | ||
|
|
||
| include "class.php"; | ||
| ini_set("open_basedir", getcwd() . ":/etc:/tmp"); | ||
|
|
||
| chdir($_SESSION['sandbox']); | ||
| $file = new File(); | ||
| $filename = (string) $_POST['filename']; | ||
| if (strlen($filename) < 40 && $file->open($filename) && stristr($filename, "flag") === false) { | ||
| Header("Content-type: application/octet-stream"); | ||
| Header("Content-Disposition: attachment; filename=" . basename($filename)); | ||
| echo $file->close(); | ||
| } else { | ||
| echo "File not exist"; | ||
| } | ||
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| <?php | ||
| session_start(); | ||
| if (!isset($_SESSION['login'])) { | ||
| header("Location: login.php"); | ||
| die(); | ||
| } | ||
| ?> | ||
|
|
||
|
|
||
| <!DOCTYPE html> | ||
| <html> | ||
|
|
||
| <meta charset="utf-8"> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> | ||
| <title>网盘管理</title> | ||
|
|
||
| <head> | ||
| <link href="static/css/bootstrap.min.css" rel="stylesheet"> | ||
| <link href="static/css/panel.css" rel="stylesheet"> | ||
| <script src="static/js/jquery.min.js"></script> | ||
| <script src="static/js/bootstrap.bundle.min.js"></script> | ||
| <script src="static/js/toast.js"></script> | ||
| <script src="static/js/panel.js"></script> | ||
| </head> | ||
|
|
||
| <body> | ||
| <nav aria-label="breadcrumb"> | ||
| <ol class="breadcrumb"> | ||
| <li class="breadcrumb-item active">管理面板</li> | ||
| <li class="breadcrumb-item active"><label for="fileInput" class="fileLabel">上传文件</label></li> | ||
| <li class="active ml-auto"><a href="#">你好 <?php echo $_SESSION['username']?></a></li> | ||
| </ol> | ||
| </nav> | ||
| <input type="file" id="fileInput" class="hidden"> | ||
| <div class="top" id="toast-container"></div> | ||
|
|
||
| <?php | ||
| include "class.php"; | ||
|
|
||
| $a = new FileList($_SESSION['sandbox']); | ||
| $a->Name(); | ||
| $a->Size(); | ||
| ?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,81 @@ | ||
| <?php | ||
| session_start(); | ||
| if (isset($_SESSION['login'])) { | ||
| header("Location: index.php"); | ||
| die(); | ||
| } | ||
| ?> | ||
|
|
||
| <!doctype html> | ||
|
|
||
| <head> | ||
| <meta charset="utf-8"> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> | ||
| <meta name="description" content=""> | ||
| <title>登录</title> | ||
|
|
||
| <!-- Bootstrap core CSS --> | ||
| <link href="static/css/bootstrap.min.css" rel="stylesheet"> | ||
|
|
||
|
|
||
| <style> | ||
| .bd-placeholder-img { | ||
| font-size: 1.125rem; | ||
| text-anchor: middle; | ||
| } | ||
|
|
||
| @media (min-width: 768px) { | ||
| .bd-placeholder-img-lg { | ||
| font-size: 3.5rem; | ||
| } | ||
| } | ||
| </style> | ||
| <!-- Custom styles for this template --> | ||
| <link href="static/css/std.css" rel="stylesheet"> | ||
| </head> | ||
|
|
||
| <body class="text-center"> | ||
| <form class="form-signin" action="login.php" method="POST"> | ||
| <h1 class="h3 mb-3 font-weight-normal">登录</h1> | ||
| <label for="username" class="sr-only">Username</label> | ||
| <input type="text" name="username" class="form-control" placeholder="Username" required autofocus> | ||
| <label for="password" class="sr-only">Password</label> | ||
| <input type="password" name="password" class="form-control" placeholder="Password" required> | ||
| <button class="btn btn-lg btn-primary btn-block" type="submit">提交</button> | ||
| <p class="mt-5 text-muted">还没有账号? <a href="register.php">注册</a></p> | ||
| <p class="text-muted">© 2018-2019</p> | ||
| </form> | ||
| <div class="top" id="toast-container"></div> | ||
| </body> | ||
|
|
||
| <script src="static/js/jquery.min.js"></script> | ||
| <script src="static/js/bootstrap.bundle.min.js"></script> | ||
| <script src="static/js/toast.js"></script> | ||
| </html> | ||
|
|
||
|
|
||
| <?php | ||
| include "class.php"; | ||
|
|
||
| if (isset($_GET['register'])) { | ||
| echo "<script>toast('注册成功', 'info');</script>"; | ||
| } | ||
|
|
||
| if (isset($_POST["username"]) && isset($_POST["password"])) { | ||
| $u = new User(); | ||
| $username = (string) $_POST["username"]; | ||
| $password = (string) $_POST["password"]; | ||
| if (strlen($username) < 20 && $u->verify_user($username, $password)) { | ||
| $_SESSION['login'] = true; | ||
| $_SESSION['username'] = htmlentities($username); | ||
| $sandbox = "uploads/" . sha1($_SESSION['username'] . "sftUahRiTz") . "/"; | ||
| if (!is_dir($sandbox)) { | ||
| mkdir($sandbox); | ||
| } | ||
| $_SESSION['sandbox'] = $sandbox; | ||
| header("Location: index.php"); | ||
| die(); | ||
| } | ||
| echo "<script>toast('账号或密码错误', 'warning');</script>"; | ||
| } | ||
| ?> |
Oops, something went wrong.