base to upload db

i2bc · Mar 19, 2024 · f728ff8 · f728ff8
1 parent fa0d1e1
commit f728ff8
Show file tree

Hide file tree

Showing 4 changed files with 219 additions and 0 deletions.
diff --git a/upload_db.php b/upload_db.php
@@ -0,0 +1,75 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<?php
+require_once("common.php");
+require_once("upload_db_lib.php");
+?>
+	<head>
+		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+		<title><?php site_name(); ?> database creator</title>
+		<link rel="icon" type="image/png" href="css/Synteruptor_logo_square.png">
+		<link rel="stylesheet" type="text/css" href="css/common.css">
+		<link rel="stylesheet" type="text/css" href="css/upload.css">
+		<script type="text/javascript" src="js/jquery/jquery-1.12.min.js"></script>
+		<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.validate/1.13.1/jquery.validate.min.js"></script>
+		<script type="text/javascript" src="js/common.js"></script>
+	</head>
+<nav>
+		<?php 
+				print_sidebar(); 
+		?>
+	</nav>
+	<body>
+<?php
+print_header("upload");
+?>
+<div id="content">
+<div class="centered_box">
+<h2><?php site_name(); ?> database upload</h2>
+<p>This page helps to upload <?php site_name(); ?> database (in sqlite3 format) to this website.</p>
+<?php
+
+if (isset($_GET["id"])) {
+	echo '<div class="infobox">';
+	echo '<h3>Restrictions</h3>';
+	echo '<ul>';
+	echo '<li>Only one file</li>';
+	echo "<li>The file has to be smaller than $max_size.</li>";
+	echo "<li>Database suffix must be .sqlite</li>";
+	echo "</ul>";
+	echo "For bigger databases you should contact us directly, see the <a href='contact.php'>contact page</a>.";
+	echo "</div>";
+
+	echo '<div class="upload_box">';
+	echo "<h3>Database file upload</h3>";
+
+	# Check id
+	if (!check_id($id)) {
+		echo "Invalid id ($id)<br>";
+		echo "</div>";
+		echo "<div class='button_container'><a href='upload_db_upload.php'><div class='button_link'>Start the upload</div></a></div>";
+		exit;
+	}
+
+	# Get the database file
+	$new_db = scan_sqlite();
+	if ($new_db) {
+		echo "Uploaded the database file to <a href=\"summary.php?version=$new_db\">$new_db</a>";
+	} else {
+		echo '<form id="uploader" action="upload_db_add.php?id=' . $id . '" method="post" enctype="multipart/form-data">';
+		echo " <input type='file' name='new_db' />";
+		echo '<input type="submit" value="Send" /></li>';
+	}
+	echo "</div>";
+} else {
+	echo "<div class='button_container'><a href='upload_db_start.php'><div class='button_link'>Upload a new database</div></a></div>";
+}
+?>
+</div>
+</div>
+<div id="tail" />
+</body>
+</html>
diff --git a/upload_db_add.php b/upload_db_add.php
@@ -0,0 +1,51 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once("upload_db_lib.php");
+$uploaded_array = array();
+$errormsg = "";
+$nerrors = 0;
+global $final_db_path;
+
+# Check id
+if (!check_id($id)) {
+	echo "Invalid id: $id";
+	echo "<a href='$builder'>Start a new upload</a>";
+	exit;
+}
+
+if (!isset($_FILES["new_db"])) {
+	$errormsg .= "<li>Max allowed size: " . ini_get('post_max_size') . " or " . ini_get('upload_max_filesize') . "</li>";
+	$nerrors++;
+} else {
+	if ($_FILES["new_db"]["error"] != UPLOAD_ERR_OK) {
+		$errormsg .= "<li>Upload error. [".$error."] on file '".$name."'</li>";
+		$nerrors++;
+	} else {
+		$tmp_name = $_FILES["new_db"]["tmp_name"];
+		if (!$tmp_name) return;
+		$name = $_FILES["new_db"]["name"];
+
+		// Check extension
+		if (!preg_match("/\.sqlite?$/", $name)) {
+			$errormsg .= "<li>Wrong file type for $name (only .sqlite allowed)</li>";
+			$nerrors++;
+		} else {
+			if ( move_uploaded_file($tmp_name, $final_db_path) ) {
+				$uploaded_array[] .= "Uploaded file '".$name."'.<br/>\n";
+			} else {
+				$errormsg .= "<li>Could not move uploaded file '".$tmp_name."' to '".$name."'<li>";
+				$nerrors++;
+			}
+		}
+	}
+}
+
+if ($nerrors == 0) {
+	header("Location: $builder?id=$id");
+} else {
+	echo "Errors, please check:<ul>$errormsg</ul>\n";
+	echo "<a href='$builder?id=$id'>Go back</a>";
+}
+?>
diff --git a/upload_db_lib.php b/upload_db_lib.php
@@ -0,0 +1,55 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once("common.php");
+$settings = parse_ini_file("settings.ini");
+$max_size = ini_get('post_max_size');
+$dbdir = get_setting("db_dir"); #"db";
+$basedir = get_setting("upload_dir");
+$builder = "upload_db.php";
+$id = get_id();
+$final_db_path = "";
+
+if ($id) {
+	define_id_paths($id);
+}
+
+function define_id_paths($new_id) {
+	global $dbdir, $final_db_path;
+	$final_db_path = "$dbdir/$new_id.upload.sqlite";
+}
+
+function get_id() {
+	if (isset($_GET["id"])) {
+		return $_GET["id"];
+	} else {
+		return "";
+	}
+}
+
+function check_id($id) {
+	# Check for format (only ASCII letters and digits)
+	if ( !preg_match( '/^[A-z0-9]+$/', $id ) ) {
+		return false;
+	}
+	# Check	if the directory actually exists
+	global $basedir;
+	if ( !file_exists( $basedir . "/" . $id . "/" ) ) {
+		return false;
+	}
+	return true;
+}
+
+function init_config($new_id, $new_config) {
+	define_id_paths($new_id);
+}
+
+function scan_sqlite() {
+	global $final_db_path;
+	if (file_exists($final_db_path)) {
+		$db_name = str_replace(".sqlite", "", basename($final_db_path));
+		return $db_name;
+	}
+}
+?>
diff --git a/upload_db_start.php b/upload_db_start.php
@@ -0,0 +1,38 @@
+<?php if(!isset($_SESSION)){session_start();} ?>
+<?php if(!isset($_SESSION["db_ids"])){$_SESSION["db_ids"]=array();} ?>
+<?php if(!isset($_SESSION["blast_ids"])){$_SESSION["blast_ids"]=array();} ?>
+<?php
+require_once('upload_db_lib.php');
+
+function temp_dir() {
+	global $basedir;
+	if (!$basedir) {
+		return null;
+	}
+	mkdir($basedir);
+	chmod($basedir, 0777);
+
+	$tempdir = tempnam($basedir, 'mgn');
+	if (is_file($tempdir)) {
+		unlink($tempdir);
+		mkdir($tempdir);
+		if (is_dir($tempdir)) {
+			chmod($tempdir, 0777);
+			$id = basename($tempdir);
+			if(!in_array($id,$_SESSION["db_ids"])){$_SESSION["db_ids"][]=$id;}
+			return $id;
+		}
+	}
+	return null;
+}
+
+// Create an empty folder with a unique random name
+$tempdir = temp_dir();
+
+if (isset($tempdir)) {
+	// Use the dir name as an id
+	header("Location: $builder?id=$tempdir");
+} else {
+	echo "Error: invalid generated id. Please refresh the page.";
+}
+?>