-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathimg.php
More file actions
66 lines (52 loc) · 1.99 KB
/
Copy pathimg.php
File metadata and controls
66 lines (52 loc) · 1.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
// MySQL Config
$dbhost = 'localhost';
$dbname = '';
$dbusername = '';
$dbpassword = '';
// End of config
$b64 = $_POST['b64'];
$imgid = $_GET['id'];
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, $charactersLength - 1)];
}
return $randomString;
}
try {
$dbcon = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbusername, $dbpassword);
$dbcon->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch(PDOException $e){
die();
}
// Some hosts doesnt allow SQL Events, this means that we have to resort to some hacky solutions such as this one.
// We clear the database everytime someone uploads an image.
$dbcon->query("DELETE FROM images WHERE UNIX_TIMESTAMP() - created > 10");
// Upload image and return the img_id.
if (isset($b64)) {
$ip = $_SERVER['REMOTE_ADDR'];
$request = $dbcon->query("SELECT b64 FROM images WHERE ip = '$ip'");
$ratelimit = $request->fetch();
if ($ratelimit) {
die();
}
$img_id = generateRandomString();
$sql = "INSERT INTO images (img_id, b64, created, ip) VALUES (?,?,?,?)";
$dbcon->prepare($sql)->execute([$img_id, base64_decode($b64, TRUE), time(), $ip]);
echo($img_id);
}
// Return the image if the img_id exists, delete after it has been sent to the requester.
if (isset($imgid)){
$request = $dbcon->query("SELECT b64 FROM images WHERE img_id = '$imgid'");
$img = $request->fetch();
$request = $dbcon->prepare("DELETE FROM images WHERE img_id = '$imgid'")->execute();
$b64data = $img['b64'];
if (!$b64data) {
die();
}
echo(base64_encode($b64data));
}
?>