Skip to content
This repository was archived by the owner on Mar 29, 2024. It is now read-only.

Commit eaea4a3

Browse files
Carlgo11Carlgo11
committed
Replace query params
1 parent 6bd82b3 commit eaea4a3

File tree

2 files changed

+25
-21
lines changed

2 files changed

+25
-21
lines changed

src/com/carlgo11/tempfiles/api/Delete.php

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,6 @@
55
use com\carlgo11\tempfiles\datastorage\DataStorage;
66
use com\carlgo11\tempfiles\exception\BadMethod;
77
use com\carlgo11\tempfiles\exception\MissingEntry;
8-
use com\carlgo11\tempfiles\Misc;
98
use Exception;
109

1110
class Delete extends API {
@@ -18,9 +17,11 @@ class Delete extends API {
1817
public function __construct($method) {
1918
try {
2019
if ($method !== 'DELETE') throw new BadMethod('Bad method. Use DELETE.');
21-
$id = filter_var(Misc::getVar('id'), FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^D([0-9]|[A-z]){13}/']]);
20+
$url = explode('/', strtoupper($_SERVER['REQUEST_URI']));
21+
$id = filter_var($url[2], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^D([0-9]|[A-z]){13}/']]);
22+
$password = filter_var($url[3]);
2223

23-
if (password_verify(Misc::getVar('delete'), DataStorage::getDeletionPassword($id)))
24+
if (password_verify($password, DataStorage::getDeletionPassword($id)))
2425
if (DataStorage::deleteFile($id)) http_response_code(204);
2526
else throw new Exception('Unable to delete file');
2627
else throw new MissingEntry('Bad ID or Password');

src/com/carlgo11/tempfiles/api/Download.php

Lines changed: 21 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -19,27 +19,30 @@ public function __construct($method) {
1919
try {
2020
if ($method !== 'GET') throw new BadMethod('Bad method. Use GET.');
2121

22-
$id = filter_var(Misc::getVar('id'), FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^D([0-9]|[A-z]){13}/']]);
23-
$p = Misc::getVar('p');
24-
$file = DataStorage::getFile($id, $p);
22+
$url = explode('/', strtoupper($_SERVER['REQUEST_URI']));
23+
$id = filter_var($url[2], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => '/^D([0-9]|[A-z]){13}/']]);
24+
$password = filter_var($url[3]);
25+
$file = DataStorage::getFile($id, $password);
26+
$metadata = $file->getMetaData();
27+
$content = base64_encode($file->getContent());
2528

26-
if (isset($file)) {
27-
$metadata = $file->getMetaData();
28-
$content = base64_encode($file->getContent());
29-
parent::outputJSON([
30-
'type' => $metadata['type'],
31-
'filename' => $metadata['name'],
32-
'length' => $metadata['size'],
33-
'data' => $content
34-
], 200);
29+
if ($file->getMaxViews()) { // max views > 0
30+
if ($file->getMaxViews() <= $file->getCurrentViews() + 1) DataStorage::deleteFile($id);
31+
else $file->setCurrentViews($file->getCurrentViews() + 1);
32+
}
33+
// Set headers
34+
header("Content-Description: File Transfer");
35+
header("Expires: 0");
36+
header("Pragma: public");
37+
header("Content-Type: {$metadata['type']}");
38+
header("Content-Disposition: inline; filename=\"{$metadata['name']}\"");
39+
header("Content-Length: {$metadata['size']}");
3540

36-
if ($file->getMaxViews()) { // max views > 0
37-
if ($file->getMaxViews() <= $file->getCurrentViews() + 1) DataStorage::deleteFile($id);
38-
else $file->setCurrentViews($file->getCurrentViews() + 1);
39-
}
40-
} else throw new MissingEntry('File not found');
41+
// output file contents
42+
echo base64_decode($content);
4143
} catch (Exception $e) {
42-
parent::outputJSON(['error' => $e->getMessage()], $e->getCode() ?: 400);
44+
parent::outputJSON(['error' => 'File not found'], 404);
45+
error_log($e->getMessage());
4346
}
4447
return NULL;
4548
}

0 commit comments

Comments
 (0)