From af38cb02a9ca95b20056bc92e73fe72a45d1f523 Mon Sep 17 00:00:00 2001 From: Peter Wu Date: Tue, 23 Apr 2013 18:59:15 +0200 Subject: Initial checkin. --- tmp-upload | 124 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100755 tmp-upload (limited to 'tmp-upload') diff --git a/tmp-upload b/tmp-upload new file mode 100755 index 0000000..913c129 --- /dev/null +++ b/tmp-upload @@ -0,0 +1,124 @@ +#!/bin/bash +host=0.0.0.0 +port=1111 + +out="$(mktemp /tmp/tmp-upload-php.XXXXXXXX)" +cleanup() { + rm -v "$out" +} +trap cleanup EXIT + +# wrap +startline=$(grep -hn -F -m 1 "# stuff ""below" "$0" | cut -d: -f1) +tail -n+$((startline+1)) "$0" > "$out" + +php -d post_max_size=128M -d upload_max_filesize=128M \ + -S "$host:$port" "$out" +exit +# stuff below +file($file); + } + return false; +} + +$url = $_SERVER['REQUEST_URI']; +if ($url != '/') { + /* Simply returning false causes PHP to parse (index).php. Unwanted, + * therefore serve it here. First check whether the path is within the + * current working directory, then whether the file exists or not. */ + $cwdir = realpath("."); + if ($cwdir === FALSE) { + http_response_code(500); + exit; + } + + $path = realpath("." . $url); + if ($path === FALSE) { + http_response_code(404); + exit; + } + if (strpos($path, $cwdir . DIRECTORY_SEPARATOR) !== 0) { + http_response_code(403); + exit; + } + + /* determine content type and size in bytes */ + $filesize = filesize($path); + $mimetype = get_mime_type($path); + if (!$mimetype) { + http_response_code(500); + exit; + } + + header("Content-Type: $mimetype"); + if ($filesize !== false) { + header("Content-Length: $filesize"); + } + + readfile($path); + exit; +} + +$msg = NULL; +if (isset($_FILES["file"]["name"])) { + $name = trim(basename($_FILES["file"]["name"]), "."); + if (!$name) { + $msg = "No filename is given!"; + } else if (!$_FILES["file"]["size"]) { + $msg = "I do not accept empty files!"; + } else { + $filename = $name; + for ($i=1; file_exists($filename); $i++) { + $filename = "$filename.$i"; + } + if (move_uploaded_file($_FILES["file"]["tmp_name"], $filename)) { + $msg = "File is saved as " . htmlspecialchars($filename); + } else { + $msg = "File could not be saved."; + } + } +} +?> + + + +
+ + +
+$msg

"; + +?> +
+
+isDot()) {
+		continue;
+	}
+	$filename = $f->getFilename();
+	$len = mb_strlen($filename);
+	if ($len > 50) {
+		$dispName = mb_substr($filename, 0, 47) . '..>';
+	} else {
+		$dispName = $filename;
+	}
+
+	printf('%s%s %s %20d' . "\n",
+		htmlspecialchars($filename),
+		htmlspecialchars($dispName),
+		str_repeat(' ', max(0, 50 - $len)),
+		date('d-M-Y H:i', $f->getMTime()),
+		$f->getSize()
+		);
+}
+?>
+
-- cgit v1.2.1