From 82ca61db4ece20812087bcd78ed71df503e04f72 Mon Sep 17 00:00:00 2001 From: Jack Foltz Date: Sat, 28 Jan 2017 01:46:28 -0500 Subject: [PATCH] Version 3.0.0 - Major optimizations and streamlining --- assets/css/shimapan-panel.css | 35 ++- includes/api.php | 68 ++++-- includes/core.php | 519 +++++++++++++++++++++++------------------- includes/header.swig | 4 +- includes/layout.swig | 6 +- includes/nav.swig | 2 +- includes/navbar.swig | 15 +- includes/report.swig | 2 +- includes/search.swig | 9 +- includes/settings.inc.php | 8 +- includes/shimapan.swig | 2 +- templates/login/index.swig | 2 +- templates/register/index.swig | 5 +- 13 files changed, 378 insertions(+), 299 deletions(-) diff --git a/assets/css/shimapan-panel.css b/assets/css/shimapan-panel.css index 5216060..b5e4a50 100644 --- a/assets/css/shimapan-panel.css +++ b/assets/css/shimapan-panel.css @@ -4,8 +4,8 @@ /* ---------- GENERAL ---------- */ body { - background: #eaeaea; - color: #999; + background-color: #060606; + color: #d3d3d3; font: 100%/1.5em sans-serif; margin: 0; } @@ -55,9 +55,9 @@ input[type="submit"] { cursor: pointer; } } #login-form h3 { - background-color: #282830; + background-color: #222222; border-radius: 5px 5px 0 0; - color: #fff; + color: #2a9fd6; font-size: 14px; padding: 20px; text-align: center; @@ -65,14 +65,14 @@ input[type="submit"] { cursor: pointer; } } #login-form fieldset { - background: #fff; + background: #151515; border-radius: 0 0 5px 5px; padding: 20px; position: relative; } #login-form fieldset:before { - background-color: #fff; + background-color: #222222; content: ""; height: 8px; left: 50%; @@ -94,13 +94,12 @@ input[type="submit"] { cursor: pointer; } #login-form input[name="user"], #login-form input[name="code"], #login-form input[type="password"] { - border: 1px solid #dcdcdc; - padding: 12px 10px; - width: 238px; -} - -#login-form input[name="user"] { + color: #888888; + background: #ffffff; + border: 1px solid #282828; border-radius: 3px 3px 0 0; + width: 248px; + padding: 12px 10px; } #login-form input[name="code"], @@ -110,7 +109,7 @@ input[type="submit"] { cursor: pointer; } } #login-form input[type="submit"] { - background: #1dabb8; + background: #454545; border-radius: 3px; color: #fff; float: right; @@ -127,7 +126,7 @@ input[type="submit"] { cursor: pointer; } } .info { - background: #e5e5e5; + background: #2a9fd6; border-radius: 50%; display: inline-block; height: 20px; @@ -150,9 +149,9 @@ input[type="submit"] { cursor: pointer; } } #fail:target h3 { - background-color: #282830; + background-color: #222222; border-radius: 5px 5px 0 0; - color: #fff; + color: #2a9fd6; font-size: 14px; padding: 20px; text-align: center; @@ -160,14 +159,14 @@ input[type="submit"] { cursor: pointer; } } #fail:target fieldset { - background: #fff; + background: #151515; border-radius: 0 0 5px 5px; padding: 20px; position: relative; } #fail:target fieldset:before { - background-color: #fff; + background-color: #151515; content: ""; height: 8px; left: 50%; diff --git a/includes/api.php b/includes/api.php index 878e485..544703a 100644 --- a/includes/api.php +++ b/includes/api.php @@ -6,46 +6,66 @@ if (isset($_GET['do'])) { switch ($action) { case "login": - login($_POST['user'], $_POST['pass']); + login($_POST['user'], $_POST['pass']); break; case "register": register($_POST['user'], $_POST['pass'], $_POST['code']); break; - case "invite": - generate($_GET['level']); + case "invite": + if (!empty($_GET['level'])) + generate($_GET['level']); + else + generate(NULL); break; - case "fetch": - fetchFiles($_GET['date'], $_GET['count'], $_GET['keyword'], $_GET['action']); - break; + case "fetch": + switch($_GET['method']) { + case "Fetch All": + fetchFiles($_GET['method'], NULL, $_GET['count'], NULL); + break; - case "search": - fetchFiles(); - break; + case "Fetch": + fetchFiles($_GET['method'], $_GET['date'], $_GET['count'], $_GET['keyword']); + break; - case "report": - report($_POST['file'], $_POST['reason']); - break; + default: + fetchFiles(NULL, NULL, NULL, NULL); + break; + } + break; - case "mod": - mod($_GET['action'], $_GET['date'], $_GET['count'], $_GET['why'], $_GET['file'], $_GET['keyword'], $_GET['fileid'], $_GET['hash'], $_GET['originalname']); - break; + case "report": + if (!empty($_POST['file'])) + report($_POST['file'], $_POST['reason']); + else + report(NULL, NULL); + break; + + case "reports": + reports(); + break; + + + case "acceptreport": + acceptreport($_GET['id']); + break; + + case "dismissreport": + dismissreport($_GET['id']); + break; case "panel": - header('Location: ../panel/index.php'); + panel(); break; - case "delete": - delete($_GET['filename'], $_GET['fileid']); + case "delete": + delete($_GET['fileid']); break; - case "logout": - session_unset(); - session_destroy(); - session_write_close(); - header('Location: ../login'); + case "logout": + destroySession(); break; default: @@ -53,4 +73,4 @@ if (isset($_GET['do'])) { } } else { echo "What are you doing here, baka?"; -} \ No newline at end of file +} diff --git a/includes/core.php b/includes/core.php index 7d94f25..0b69e2a 100644 --- a/includes/core.php +++ b/includes/core.php @@ -2,81 +2,125 @@ session_start(); require_once 'database.inc.php'; -function register($user, $pass, $code) -{ - global $db; - $q = $db->prepare("SELECT id, used, level FROM invites WHERE code = (:code)"); - $q->bindParam(':code', $code); +/* + * + * Utilitiy Functions + * + */ + +function createSession($id, $username, $level) { + $_SESSION['id'] = $id; + $_SESSION['user'] = $username; + $_SESSION['level'] = $level; + redirect('/'); +} + +function destroySession() { + session_unset(); + session_destroy(); + redirect('/login'); +} + +function checkSession($requiredLevel) { + // Check that they are logged in + if (!isset($_SESSION['id'])) + redirect('/login'); + + // Check that they have the required access level + if ($_SESSION['level'] > $requiredLevel) + exit(header('HTTP/1.0 403 Forbidden')); +} + +function redirect($uri) { + $host = $_SERVER['HTTP_HOST']; + exit(header('Location: https://'.$host.$uri)); +} + +/* + * + * Core Functions + * + */ + +function panel() { + global $db; + checkSession(3); + + include('./panel.php'); + + $q = $db->prepare("SELECT apikey FROM accounts WHERE user = (:user)"); + $q->bindParam(':user', $_SESSION['user']); + $q->execute(); + $r = $q->fetch(); + + echo 'Your API Key is '.$r['apikey']; +} + +function register($user, $pass, $code) { + global $db; + + // Check if code exists, if it is used, and store it in $r for later use + $q = $db->prepare("SELECT id, used, level FROM invites WHERE code = (:code) AND used = 0"); + $q->bindParam(':code', $code); + $q->execute(); + $r = $q->fetch(); + if ($q->rowCount() == 0) redirect('/register/index.html#fail'); + + // Check if username is used + $q = $db->prepare("SELECT user FROM accounts WHERE user = (:user)"); + $q->bindParam(':user', $user); $q->execute(); - $result = $q->fetch(); + if ($q->rowCount() > 0) redirect('/register/index.html#fail'); - // Check if code is used - if ($result['used'] == '0') { - // Check to see if the username is in use - $q = $db->prepare("SELECT user FROM accounts WHERE user = (:user)"); - $q->bindParam(':user', $user); - $q->execute(); - if (!($result = $q->fetch())) { - // Add new account - $q = $db->prepare("INSERT INTO accounts (user, pass, level, apikey) VALUES (:user, :pass, :level, :apikey)"); - $q->bindParam(':user', $user); - $q->bindParam(':level', $result['level']); - $hash = password_hash($pass, PASSWORD_DEFAULT); - $q->bindParam(':pass', $hash); - $apikey = generateString(KEY_CHARSET, 32); - $q->bindParam(':apikey', $apikey); - $q->execute(); + // If the checks passed, create the account + $q = $db->prepare("INSERT INTO accounts (user, pass, apikey, level) VALUES (:user, :pass, :apikey, :level)"); + $q->bindParam(':user', $user); + $q->bindParam(':pass', password_hash($pass, PASSWORD_DEFAULT)); + $q->bindParam(':apikey', generateString(KEY_CHARSET, 32)); + $q->bindParam(':level', $r['level']); + $q->execute(); - // Set the code as used - $q = $db->prepare("UPDATE invites SET used = (:used),usedby = (:usedby) WHERE code = (:code)"); - $q->bindValue(':used', '1'); - $q->bindValue(':usedby', $user); - $q->bindParam(':code', $code); - $q->execute(); + // Set the code as used + $q = $db->prepare("UPDATE invites SET used = (:used), usedby = (:usedby) WHERE code = (:code)"); + $q->bindValue(':used', 1); + $q->bindValue(':usedby', $user); + $q->bindParam(':code', $code); + $q->execute(); - // Log them in - $_SESSION['id'] = $result['id']; - $_SESSION['user'] = $user; - $_SESSION['level'] = $result['level']; - header('Location: http://www.shimapan.rocks/includes/api.php?do=panel'); - } else { - header('Location: ../register/index.html#fail'); - } - } else { - header('Location: ../register/index.html#fail'); - } + // Log them in + createSession($r['id'], $user, $r['level']); } -function generate($level) -{ - global $db; - if (isset($_SESSION['id'])) { - if ($_SESSION['level'] < '3') { - if (empty($level)) { - include_once('./invite.php'); - } else { - if ($level > $_SESSION['level'] && $level < '4') { - $q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)"); - $code = generateString(CODE_CHARSET, 16); - $q->bindParam(':code', $code); - $q->bindParam(':level', $level); - $q->bindParam(':issuer', $_SESSION['user']); - $q->execute(); - echo '

Generation Successful.


-

Code: '.$code.'


-

Access Level: '.$level.'

'; - } - } - } else { - echo 'Insufficient Access Level.'; - } - } else { - header('Location: ../login'); - } +function generate($level) { + global $db; + checkSession(2); + + // Display form if not generating an invite + if (empty($level)) { + include_once('./invite.php'); + exit(); + } + + // Check to make sure level is valid + if ($level < $_SESSION['level'] || $level > 3) { + echo 'Invalid Access Level.
+ Level must be greater than your current level, and less than 4.'; + exit(); + } + + // Create the invite code + $q = $db->prepare("INSERT INTO invites (code, level, issuer) VALUES (:code, :level, :issuer)"); + $code = generateString(CODE_CHARSET, 16); + $q->bindParam(':code', $code); + $q->bindParam(':level', $level); + $q->bindParam(':issuer', $_SESSION['user']); + $q->execute(); + echo 'Generation Successful.
+ Code: '.$code.'
+ Access Level: '.$level; } -function generateString($charset, $length) -{ +function generateString($charset, $length) { $string = ''; for ($i = 0; $i < $length; $i++) { $string .= $charset[rand(0, strlen($charset) - 1)]; @@ -84,122 +128,114 @@ function generateString($charset, $length) return $string; } -function login($user, $pass) -{ - global $db; +function login($user, $pass) { + global $db; + + // Get the specified user's data $q = $db->prepare("SELECT pass, id, user, level FROM accounts WHERE user = (:user)"); $q->bindParam(':user', $user); $q->execute(); - $result = $q->fetch(); - - if (password_verify($pass, $result['pass'])) { - $_SESSION['id'] = $result['id']; - $_SESSION['user'] = $result['user']; - $_SESSION['level'] = $result['level']; - header('Location: api.php?do=panel'); - } else { - header('Location: ../login/index.html#fail'); - } + $r = $q->fetch(); + + if (password_verify($pass, $r['pass'])) + createSession($r['id'], $r['user'], $r['level']); + else + redirect('/login/index.html#fail'); } -function delete($filename, $deleteid) -{ - if (isset($_SESSION['id'])) { - if ($_SESSION['level'] < '4') { - if (empty($filename)) { - echo "Invalid Filename"; - } else { - global $db; - $q = $db->prepare("SELECT filename, delid, id, user FROM files WHERE filename = (:filename)"); - $q->bindParam(':filename', $filename); - $q->execute(); - $result = $q->fetch(); +function delete($fileid) { + global $db; + checkSession(3); - if ($_SESSION['level'] === '0' || $result['user'] === $_SESSION['user']) { - $q = $db->prepare("DELETE FROM files WHERE id = (:id)"); - $q->bindParam(':id', $result['id']); - $q->execute(); - unlink(SHIM_FILES_ROOT.$filename); - echo "
File deleted.
"; - } else { - echo 'Insufficient Access Level'; - } - } - } else { - echo 'Insufficient Access Level.'; - } - } else { - header('Location: ../login'); - } + if (empty($fileid)) { + echo 'Invalid File.'; + exit(); + } + + // Get owner + filename + $q = $db->prepare("SELECT filename, user FROM files WHERE id = (:id)"); + $q->bindParam(':id', $fileid); + $q->execute(); + $r = $q->fetch(); + + // If they own it or are an admin + if ($_SESSION['level'] <= 1 || $r['user'] == $_SESSION['user']) { + // Remove it from the DB + $q = $db->prepare("DELETE FROM files WHERE id = (:id)"); + $q->bindParam(':id', $fileid); + $q->execute(); + + // Delete the file + unlink(SHIM_FILES_ROOT.$r['filename']); + echo 'File deleted.'; + } } -function fetchFiles($date, $count, $keyword, $action) -{ - global $db; - if (isset($_SESSION['id'])) { - if ($_SESSION['level'] < '4') { - include('./search.php'); +function fetchFiles($method, $date, $count, $keyword) { + global $db; + checkSession(3); - if ($action === 'Fetch All') { - if ($_SESSION['level'] === '0') { - $q = $db->prepare("SELECT * FROM files ORDER BY id DESC LIMIT :count"); - } else { - $q = $db->prepare("SELECT * FROM files WHERE user = (:user) ORDER BY id DESC LIMIT :count"); - $q->bindValue(':user', $_SESSION['user']); - } - $q->bindValue(':count', (int) $count, PDO::PARAM_INT); - $q->execute(); + include('./search.php'); - $i = 0; - while ($row = $q->fetch()) { - $i++; - $bytes = $row['size']; - $kilobytes = $row['size'] / 1000; - echo ''.$row['id'].' - '.strip_tags($row['originalname']).' - '.$row['filename'].' ('.$row['originalname'].') - '.$bytes.' / '.$kilobytes.' - Remove'; - } - echo '

'.$i.' Files in total at being shown.

'; - echo ''; - } elseif ($action === 'Fetch') { - if ($_SESSION['level'] === '0') { - $q = $db->prepare("SELECT * FROM files WHERE originalname LIKE (:keyword) AND date LIKE (:date) OR filename LIKE (:keyword) AND date LIKE (:date) ORDER BY id DESC LIMIT :count"); - } else { - $q = $db->prepare("SELECT * FROM files WHERE originalname LIKE (:keyword) AND date LIKE (:date) AND user = (:user) OR filename LIKE (:keyword) AND date LIKE (:date) AND user = (:userid) ORDER BY id DESC LIMIT :count"); - $q->bindValue(':user', $_SESSION['user']); - } - $q->bindValue(':date', "%".$date."%"); - $q->bindValue(':count', (int) $count, PDO::PARAM_INT); - $q->bindValue(':keyword', "%".$keyword."%"); - $q->execute(); + if (empty($method)) { + include('./footer.php'); + exit(); + } - $i = 0; - while ($row = $q->fetch()) { - $i++; - $bytes = $row['size']; - $kilobytes = $row['size'] / 1000; - echo ''.$row['id'].' - '.strip_tags($row['originalname']).' - '.$row['filename'].' ('.$row['originalname'].') - '.$bytes.' / '.$kilobytes.' - Remove'; - } - echo '

'.$i.' Files in total at being shown.

'; - echo ''; - } - include('./footer.php'); - } else { - echo 'Insufficient Access Level.'; - } - } else { - header('Location: ../login'); - } + if ($method == 'Fetch') { + // Either fetch all files matching query, or only the user's files + if ($_SESSION['level'] == 0) + $q = $db->prepare('SELECT * FROM files WHERE (originalname LIKE (:keyword) AND date LIKE (:date)) OR (filename LIKE (:keyword) AND date LIKE (:date)) ORDER BY id DESC LIMIT :count'); + else { + $q = $db->prepare('SELECT * FROM files WHERE user = (:user) AND ((originalname LIKE (:keyword) AND date LIKE (:date)) OR (filename LIKE (:keyword) AND date LIKE (:date))) ORDER BY id DESC LIMIT :count'); + $q->bindValue(':user', $_SESSION['user']); + } + + $q->bindValue(':date', '%'.$date.'%'); + $q->bindValue(':count', (int)$count, PDO::PARAM_INT); + $q->bindValue(':keyword', '%'.$keyword.'%'); + $q->execute(); + } else if ($method == 'Fetch All') { + // Either fetch all files or only the user's files + if ($_SESSION['level'] == 0) + $q = $db->prepare('SELECT * FROM files ORDER BY id DESC LIMIT :count'); + else { + $q = $db->prepare('SELECT * FROM files WHERE user = (:user) ORDER BY id DESC LIMIT :count'); + $q->bindValue(':user', $_SESSION['user']); + } + + $q->bindValue(':count', (int)$count, PDO::PARAM_INT); + $q->execute(); + } + + while ($r = $q->fetch()) { + $id = $r['id']; + $oname = strip_tags($r['originalname']); + $fname = $r['filename']; + $bytes = $r['size'].' B'; + $temp = $r['size'] / 1000; + $kilobytes = $temp.' KB'; + $uploadDate = $r['date']; + $uploader = $r['user']; + + echo ' + '.$id.' + '.$oname.' + '.$fname.' + '.$uploadDate.' + '.$uploader.' + '.$bytes.' / '.$kilobytes.' + Remove + '; + } + + echo '

'.$q->rowCount().' files found.

'; + echo ''; + + include('./footer.php'); } -function report($file, $reason) -{ +function report($file, $reason) { global $db; if (isset($_SESSION['id'])) { if ($_SESSION['level'] < '4') { @@ -212,7 +248,7 @@ function report($file, $reason) $result = $q->fetch(); if ($q->rowCount() != '0') { - $q = $db->prepare(" header('Location: ../register/index.html#fail');INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)"); + $q = $db->prepare("INSERT INTO reports (hash, date, file, fileid, reporter, reason) VALUES (:hash, :date, :file, :fileid, :reporter, :reason)"); $q->bindValue(':file', strip_tags($file)); $q->bindValue(':date', date('Y-m-d')); $q->bindValue(':reporter', $_SESSION['user']); @@ -221,69 +257,90 @@ function report($file, $reason) $q->bindValue(':reason', $reason); $q->execute(); echo 'Thank you, report has been sent. The file will be reviewed.'; - } else { - echo 'File does not exist.'; - } + } else echo 'File does not exist.'; } - } else { - echo 'Insufficient Access Level.'; - } - } else { - header('Location: ../login'); - } + } else echo 'Insufficient Access Level.'; + } else header('Location: ../login'); } -function mod($action, $date, $count, $why, $file, $keyword, $fileid, $hash, $orginalname) -{ - global $db; - if (isset($_SESSION['id'])) { - if ($_SESSION['level'] < '2') { - switch ($action) { - case "reports": - $q = $db->prepare("SELECT * FROM reports WHERE status = '0'"); - $q->execute(); +function reports() { + global $db; + checkSession(1); - $i = 0; - include('./reports.php'); - while ($row = $q->fetch()) { - $i++; - echo ''.$row['id'].' - '.strip_tags($row['file']).' - '.$row['fileid'].' - '.$row['reporter'].' - '.$row['status'].' - '.$row['reason'].' - Remove File - Dismiss Report'; - } - echo ''; - include('./footer.php'); - echo $i.' Reports in total at being shown.'; - break; + include('./reports.php'); - case "remove": - delete($file, $fileid); - $q = $db->prepare("DELETE FROM files WHERE id = (:id)"); - $q->bindParam(':id', $fileid); - $q->execute(); - unlink(SHIM_FILES_ROOT.$file); - $q = $db->prepare("UPDATE reports SET status = (:status) WHERE fileid = (:fileid)"); - $q->bindValue(':status', '1'); - $q->bindValue(':fileid', $fileid); - $q->execute(); - break; + // Populate the table + $q = $db->prepare("SELECT * FROM reports WHERE status = '0'"); + $q->execute(); + while ($r = $q->fetch()) { + $id = $r['id']; + $fileid = $r['fileid']; + $filename = strip_tags($r['file']); + $reporter = $r['reporter']; + $status = $r['status']; + $reason = strip_tags($r['reason']); - case "dismiss": - $q = $db->prepare("UPDATE reports SET status = (:status) WHERE fileid = (:fileid)"); - $q->bindValue(':status', '2'); - $q->bindValue('fileid', $fileid); - $q->execute(); - echo 'Report Dismissed.'; - } - } else { - echo 'Insufficient Access Level.'; - } - } else { - header('Location: ../login'); - } -} \ No newline at end of file + echo ' + '.$id.' + '.$filename.' + '.$fileid.' + '.$reporter.' + '.$status.' + '.$reason.' + Remove File + Dismiss Report + '; + + } + echo ''; + + include('./footer.php'); + + // Display report stats + echo $q->rowCount().' Reports in total are being shown.
'; + $q = $db->prepare("SELECT * FROM reports WHERE status != '0'"); + $q->execute(); + echo $q->rowCount().' Unshown reports filled.'; +} + +function acceptreport($id) { + global $db; + checkSession(1); + + // Get file info + $q = $db->prepare('SELECT file, fileid FROM reports WHERE id = (:id)'); + $q->bindParam(':id', $id); + $q->execute(); + $r = $q->fetch(); + $fileid = $r['fileid']; + $filename = $r['file']; + + // Delete the file and remove from DB + delete($fileid); + $q = $db->prepare("DELETE FROM files WHERE id = (:id)"); + $q->bindParam(':id', $fileid); + $q->execute(); + + // MOVE TO delete(); + unlink(SHIM_FILES_ROOT.$filename); + + // Update report status + $q = $db->prepare("UPDATE reports SET status = (:status) WHERE id = (:id)"); + $q->bindValue(':status', '1'); + $q->bindValue(':id', $id); + $q->execute(); +} + +function dismissreport($id) { + global $db; + checkSession(1); + + // Update report status + $q = $db->prepare('UPDATE reports SET status = (:status) WHERE id = (:id)'); + $q->bindValue(':status', '2'); + $q->bindValue('id', $id); + $q->execute(); + echo 'Report Dismissed.'; +} + +?> diff --git a/includes/header.swig b/includes/header.swig index 7c67f9d..0507dc8 100644 --- a/includes/header.swig +++ b/includes/header.swig @@ -6,7 +6,7 @@ {{siteName}} Panel - + - {% include "navbar.swig" %} \ No newline at end of file + {% include "navbar.swig" %} diff --git a/includes/layout.swig b/includes/layout.swig index 3ab9cbd..f60d44c 100644 --- a/includes/layout.swig +++ b/includes/layout.swig @@ -7,12 +7,12 @@ {{siteName}} {% block title %}Services{% endblock %} - - + +
{% block body %}What are you doing here, baka?{% endblock %}
- \ No newline at end of file + diff --git a/includes/nav.swig b/includes/nav.swig index 538b1bb..d888458 100644 --- a/includes/nav.swig +++ b/includes/nav.swig @@ -1,7 +1,7 @@ \ No newline at end of file + diff --git a/includes/report.swig b/includes/report.swig index 68570f2..996fb52 100644 --- a/includes/report.swig +++ b/includes/report.swig @@ -10,4 +10,4 @@ -{% include "footer.swig" %} \ No newline at end of file +{% include "footer.swig" %} diff --git a/includes/search.swig b/includes/search.swig index 6424f97..0807dcb 100644 --- a/includes/search.swig +++ b/includes/search.swig @@ -1,7 +1,6 @@ {% include "header.swig" %}
-
@@ -14,8 +13,8 @@
- - + +

@@ -23,6 +22,8 @@ + + - \ No newline at end of file + diff --git a/includes/settings.inc.php b/includes/settings.inc.php index 6242547..94bf8d2 100644 --- a/includes/settings.inc.php +++ b/includes/settings.inc.php @@ -4,12 +4,12 @@ define('SHIM_DB_CONN', 'mysql:host=localhost;dbname=shimapan'); define('SHIM_DB_USER', 'shimapan'); define('SHIM_DB_PASS', 'skeleton'); -define('SHIM_FILES_ROOT', '/media/shimapan/'); +define('SHIM_FILES_ROOT', '/var/www/shimapan/i/'); define('SHIM_FILES_RETRIES', 15); define('SHIM_FILES_LENGTH', 6); -define('SHIM_URL', 'http://www.shimapan.rocks/'); -define('SHIM_FILE_URL', 'http://i.shimapan.rocks/'); +define('SHIM_URL', 'https://www.shimapan.rocks/'); +define('SHIM_FILE_URL', 'https://i.shimapan.rocks/'); define('FILE_CHARSET', 'abcdefghijklmnopqrstuvwxyz'); define('KEY_CHARSET', '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'); @@ -23,4 +23,4 @@ $doubledots = array_map('strrev', array( 'tar.bz2', 'tar.xz', 'user.js', -)); \ No newline at end of file +)); diff --git a/includes/shimapan.swig b/includes/shimapan.swig index 802fa6e..82d6186 100644 --- a/includes/shimapan.swig +++ b/includes/shimapan.swig @@ -14,5 +14,5 @@ $images = array( // Redirect to a random image from the above array using status code "303 See Other" if (headers_sent() === false) { - header('Location: '.$images[array_rand($images)], true, 303); + //header('Location: '.$images[array_rand($images)], true, 303); } diff --git a/templates/login/index.swig b/templates/login/index.swig index eea2e7b..e9991cf 100644 --- a/templates/login/index.swig +++ b/templates/login/index.swig @@ -1,6 +1,6 @@ - + {{siteName}} Login diff --git a/templates/register/index.swig b/templates/register/index.swig index 745bb2d..5389d04 100644 --- a/templates/register/index.swig +++ b/templates/register/index.swig @@ -1,6 +1,6 @@ - + {{siteName}} Register @@ -11,6 +11,7 @@ +
ID Orginal Name FilenameUpload DateUploader Size (Bytes / Kilobytes) Action