Add views check

Author: Carlgo11

Download.php

@@ -14,15 +14,18 @@ function return404() {
 $url = explode('/', strtoupper($_SERVER['REQUEST_URI']));
 $id = filter_var($url[1]);
 $password = filter_input(INPUT_GET, "p");
-
-$file = DataStorage::getFile($id, $password);
-
+if (is_null($password)) die("No password specified.");
+try {
+	$file = DataStorage::getFile($id, $password);
+} catch (Exception $ex) {
+	return404();
+}
 $metadata = $file->getMetaData();
 $content = base64_encode($file->getContent());
 
 if ($file->getMaxViews()) { // max views > 0
 	if ($file->getMaxViews() <= $file->getCurrentViews() + 1) DataStorage::deleteFile($id);
-	else $file->setCurrentViews($file->getCurrentViews() + 1);
+	else DataStorage::updateViews($id, $file->getCurrentViews() + 1);
 }
 
 // Set headers

src/com/carlgo11/tempfiles/EncryptedFile.php

@@ -14,7 +14,7 @@ class EncryptedFile {
 	protected $_metadata;
 	protected string $_id;
 
-	public function __toString() {
+	public function __toString(): string {
 		return $this->_id;
 	}
 
@@ -43,7 +43,7 @@ public function setFileContent(string $blob, string $password) {
 	 * @throws Exception
 	 */
 	public function setFileMetaData(array $metadata, File $file, string $password) {
-		$data = Encryption::encryptFileDetails($metadata, $file->getDeletionPassword(), (int)$file->getCurrentViews(), (int)$file->getMaxViews(), $password);
+		$data = Encryption::encryptFileDetails($metadata, $file->getDeletionPassword(), $password);
 		$this->_metadata = $data['data'];
 		$this->_iv[1] = $data['iv'];
 		$this->_tag[1] = $data['tag'];

src/com/carlgo11/tempfiles/Encryption.php

@@ -80,8 +80,6 @@ public static function decrypt(string $input, string $password, string $iv, stri
 	 *
 	 * @param array $metadata the $_FILES[] array to use.
 	 * @param string $deletionPassword Deletion password to encrypt along with the metadata.
-	 * @param int $currentViews Current views of the file.
-	 * @param int $maxViews Max allowable views of the file before deletion.
 	 * @param string $password Password used to encrypt the data.
 	 * @return array|false
 	 * @throws Exception
@@ -90,19 +88,16 @@ public static function decrypt(string $input, string $password, string $iv, stri
 	 * @since 2.3 Added support for AEAD cipher modes.
 	 * @global array $conf Configuration variables.
 	 */
-	public static function encryptFileDetails(array $metadata, string $deletionPassword, int $currentViews, int $maxViews, string $password) {
+	public static function encryptFileDetails(array $metadata, string $deletionPassword, string $password) {
 		global $conf;
 		$cipher = $conf['Encryption-Method'];
 		$iv = self::getIV($cipher);
 
-
-		$views_string = implode(' ', [$currentViews, $maxViews]);
 		$data_array = [
 			base64_encode($metadata['name']),
 			base64_encode($metadata['size']),
 			base64_encode($metadata['type']),
 			base64_encode($deletionPassword),
-			base64_encode($views_string)
 		];
 
 		$data_string = implode(" ", $data_array);

src/com/carlgo11/tempfiles/Exceptions/BadMethod.php

@@ -6,7 +6,7 @@
 
 class BadMethod extends Exception {
 
-	public function __construct($message = "", $code = 0, Throwable $previous = NULL) {
+	public function __construct($message = "", $code = 400, Throwable $previous = NULL) {
 		parent::__construct($message, $code, $previous);
 	}
 }

src/com/carlgo11/tempfiles/Exceptions/MissingEntry.php

@@ -8,7 +8,7 @@
 
 class MissingEntry extends Exception {
 
-	public function __construct($message = "", $code = 0, Throwable $previous = NULL) {
+	public function __construct($message = "No file found with matching ID and Password.", $code = 400, Throwable $previous = NULL) {
 		parent::__construct($message, $code, $previous);
 	}
 }

src/com/carlgo11/tempfiles/File.php

@@ -15,12 +15,12 @@
  */
 class File {
 
-	protected $_id;
-	protected $_content;
-	protected $_currentViews;
-	protected $_maxViews = 0;
-	protected $_deletionPassword;
-	protected $_metaData;
+	protected string $_id;
+	protected string $_content;
+	protected int $_currentViews = 0;
+	protected int $_maxViews = 0;
+	protected string $_deletionPassword;
+	protected array $_metaData;
 	protected $_iv;
 	protected $_time;
 
@@ -45,7 +45,7 @@ public function __construct($file = NULL, string $id = NULL) {
 	 * @return boolean Returns TRUE if the action was successfully executed, otherwise FALSE.
 	 * @since 2.2
 	 */
-	private function generateID() {
+	private function generateID(): bool {
 		return is_string($this->_id = strtoupper(uniqid("d")));
 	}
 
@@ -56,7 +56,7 @@ private function generateID() {
 	 * @return boolean Returns TRUE if the action was successfully executed, otherwise FALSE.
 	 * @since 2.2
 	 */
-	private function setID(string $id) {
+	private function setID(string $id): bool {
 		return ($this->_id = $id) === $id;
 	}
 
@@ -66,7 +66,7 @@ private function setID(string $id) {
 	 * @return string Returns the ID of the file.
 	 * @since 2.2
 	 */
-	public function __toString() {
+	public function __toString(): string {
 		return $this->_id;
 	}
 
@@ -76,7 +76,7 @@ public function __toString() {
 	 * @return string Returns the ID of the file.
 	 * @since 2.2
 	 */
-	public function getID() {
+	public function getID(): string {
 		return $this->_id;
 	}
 
@@ -86,7 +86,7 @@ public function getID() {
 	 * @return string Returns file content in clear text.
 	 * @since 2.2
 	 */
-	public function getContent() {
+	public function getContent(): string {
 		return $this->_content;
 	}
 
@@ -97,7 +97,7 @@ public function getContent() {
 	 * @return boolean Returns TRUE if the action was successfully executed, otherwise FALSE.
 	 * @since 2.2
 	 */
-	public function setContent(string $content) {
+	public function setContent(string $content): bool {
 		return ($this->_content = $content) === $content;
 	}
 
@@ -107,7 +107,7 @@ public function setContent(string $content) {
 	 * @return int Returns current views/downloads of the file if supplied, otherwise NULL.
 	 * @since 2.2
 	 */
-	public function getCurrentViews() {
+	public function getCurrentViews(): int {
 		return (int)$this->_currentViews;
 	}
 
@@ -128,7 +128,7 @@ public function setCurrentViews(int $views) {
 	 * @return int|null Returns max views of the file if supplied, otherwise NULL.
 	 * @since 2.2
 	 */
-	public function getMaxViews() {
+	public function getMaxViews(): ?int {
 		return $this->_maxViews;
 	}
 
@@ -139,7 +139,7 @@ public function getMaxViews() {
 	 * @return boolean Returns TRUE if the action was successfully executed, otherwise FALSE.
 	 * @since 2.2
 	 */
-	public function setMaxViews(int $views) {
+	public function setMaxViews(int $views): bool {
 		return ($this->_maxViews = $views) === $views;
 	}
 
@@ -149,7 +149,7 @@ public function setMaxViews(int $views) {
 	 * @return string Returns deletion password if supplied, otherwise NULL.
 	 * @since 2.2
 	 */
-	public function getDeletionPassword() {
+	public function getDeletionPassword(): string {
 		return $this->_deletionPassword;
 	}
 
@@ -160,7 +160,7 @@ public function getDeletionPassword() {
 	 * @return boolean Returns TRUE if the action was successfully executed, otherwise FALSE.
 	 * @since 2.2
 	 */
-	public function setDeletionPassword(string $deletionPassword) {
+	public function setDeletionPassword(string $deletionPassword): bool {
 		return ($this->_deletionPassword = $deletionPassword) === $deletionPassword;
 	}
 
@@ -184,7 +184,7 @@ public function getMetaData(string $type = NULL) {
 	 * @throws Exception Throws exception if size isn't a number.
 	 * @since 2.2
 	 */
-	public function setMetaData(array $metaData) {
+	public function setMetaData(array $metaData): bool {
 		if (!filter_var($metaData['size'], FILTER_VALIDATE_INT, ['min_range' => 0]))
 			throw new Exception("File size " . $metaData['size'] . " isn't a number.");
 		else $newMetaData['size'] = $metaData['size'];
@@ -200,7 +200,7 @@ public function getIV() {
 		return $this->_iv;
 	}
 
-	public function setIV(array $iv) {
+	public function setIV(array $iv): bool {
 		return ($this->_iv = $iv) === $iv;
 	}
 
@@ -211,7 +211,7 @@ public function setIV(array $iv) {
 	 * @return boolean Returns TRUE if the action was successful, otherwise FALSE.
 	 * @since 2.4
 	 */
-	public function setDateTime(DateTime $time) {
+	public function setDateTime(DateTime $time): bool {
 		return ($this->_time = $time) === $time && !NULL;
 	}
 
@@ -221,7 +221,7 @@ public function setDateTime(DateTime $time) {
 	 * @return DateTime|null Returns the time of which the file will be removed if one is set.
 	 * @since 2.4
 	 */
-	public function getDateTime() {
+	public function getDateTime(): ?DateTime {
 		return $this->_time;
 	}
 }

src/com/carlgo11/tempfiles/api/Upload.php

@@ -25,8 +25,8 @@ function __construct(string $method) {
 			$file = new File($fileArray);
 			$output = [];
 
-			if (Misc::getVar('maxviews') !== NULL) {
-				$file->setMaxViews(Misc::getVar('maxviews'));
+			if (!is_null(Misc::getVar('maxviews'))) {
+				$file->setMaxViews(Misc::getVar('maxviews') + 1);
 				$output['maxviews'] = (int)$file->getMaxViews();
 			}
 

src/com/carlgo11/tempfiles/datastorage/DataStorage.php

@@ -4,6 +4,7 @@
 
 use com\carlgo11\tempfiles\EncryptedFile;
 use com\carlgo11\tempfiles\Encryption;
+use com\carlgo11\tempfiles\exception\MissingEntry;
 use com\carlgo11\tempfiles\File;
 use DateTime;
 use Exception;
@@ -25,21 +26,36 @@ class DataStorage {
 	 * @throws Exception Throws exception upon file-fetching failure.
 	 * @since 2.5
 	 */
-	public static function getFile(string $id, string $password) {
-		$storage = DataStorage::getStorage();
-		$storedContent = $storage->getEntryContent($id);
-		$storedMetaData = $storage->getEntryMetaData($id);
-		$storedEncryptionData = $storage->getFileEncryptionData($id);
+	public static function getFile(string $id, string $password): File {
+		try {
+			$storage = DataStorage::getStorage();
+			$storedContent = $storage->getEntryContent($id);
+			$storedMetaData = $storage->getEntryMetaData($id);
+			$storedEncryptionData = $storage->getFileEncryptionData($id);
+			$storedViews = $storage->getEntryViews($id);
+		} catch (MissingEntry $ex) {
+			throw new MissingEntry();
+		}
 
 		$content = Encryption::decrypt(base64_decode($storedContent), $password, $storedEncryptionData['iv'][0], $storedEncryptionData['tag'][0]);
-		$metadata = Encryption::decrypt($storedMetaData, $password, $storedEncryptionData['iv'][1], $storedEncryptionData['tag'][1]);
-		$metadata = explode(' ', $metadata);
+		$metadata = explode(' ', Encryption::decrypt($storedMetaData, $password, $storedEncryptionData['iv'][1], $storedEncryptionData['tag'][1]));
+		$metadata = ['name' => $metadata[0],
+			'size' => $metadata[1],
+			'type' => $metadata[2],
+			'delpass' => $metadata[3],
+		];
+
 		$file = new File(NULL, $id);
 		$file->setContent($content);
-		$file->setDeletionPassword(base64_decode($metadata[3]));
+		$file->setDeletionPassword(base64_decode($metadata['delpass']));
+
+		if ($storedViews !== NULL && sizeof($storedViews) === 2) {
+			$file->setCurrentViews($storedViews[0] + 1);
+			$file->setMaxViews($storedViews[1]);
+		}
 
 		// List keys are lost during storage.
-		$file->setMetaData(['size' => base64_decode($metadata[1]), 'name' => base64_decode($metadata[0]), 'type' => base64_decode($metadata[2])]);
+		$file->setMetaData(['size' => base64_decode($metadata['size']), 'name' => base64_decode($metadata['name']), 'type' => base64_decode($metadata['type'])]);
 		return $file;
 	}
 
@@ -71,7 +87,7 @@ public static function getStorage() {
 	 * @throws Exception
 	 * @since 2.5
 	 */
-	public static function saveFile(File $file, string $password) {
+	public static function saveFile(File $file, string $password): bool {
 		$storage = DataStorage::getStorage();
 
 		include_once __DIR__ . '/../EncryptedFile.php';
@@ -80,7 +96,7 @@ public static function saveFile(File $file, string $password) {
 		$encryptedFile->setFileMetaData($file->getMetaData(), $file, $password);
 		$encryptedFile->setID($file->getID());
 
-		return $storage->saveEntry($encryptedFile, $password);
+		return $storage->saveEntry($encryptedFile, $password, [$file->getCurrentViews(), $file->getMaxViews()]);
 	}
 
 	/**
@@ -104,8 +120,19 @@ public static function deleteOldFiles() {
 	 * @return bool Returns TRUE on success & FALSE on failure.
 	 * @throws Exception Throws any exceptions from the storage classes.
 	 */
-	public static function deleteFile(string $id) {
+	public static function deleteFile(string $id): bool {
 		$storage = DataStorage::getStorage();
 		return $storage->deleteEntry($id);
 	}
+
+	/**
+	 * @param string $id
+	 * @param int $currentViews
+	 * @return bool
+	 * @throws Exception
+	 */
+	public static function updateViews(string $id, int $currentViews): bool {
+		$storage = DataStorage::getStorage();
+		return $storage->updateEntryViews($id, $currentViews);
+	}
 }