From 4a285a3db84f95b43bf18f609909215defdd009d Mon Sep 17 00:00:00 2001
From: Beu <benoit@virtit.fr>
Date: Wed, 1 May 2019 22:58:11 +0200
Subject: [PATCH] add "delTree" function and add size limit (#2)

---
 conf/config.sample.php |  1 +
 index.php              | 40 +++++++++++++++++++++++++++-------------
 2 files changed, 28 insertions(+), 13 deletions(-)

diff --git a/conf/config.sample.php b/conf/config.sample.php
index cdbe0d8..d8943e5 100644
--- a/conf/config.sample.php
+++ b/conf/config.sample.php
@@ -3,4 +3,5 @@
         define('_HTTP_PROTO','http');
         define('_HTTP_DOMAIN','localhost:8080'); // domain/IP with port if needed
         define('_HTTP_PATH','/');
+        define('_SIZE_LIMIT','2000000'); // in bytes
 ?>
\ No newline at end of file
diff --git a/index.php b/index.php
index 368d0fd..80fde29 100644
--- a/index.php
+++ b/index.php
@@ -2,6 +2,15 @@
         // Load configuration
         include 'conf/config.php';
 
+        // Delete directory recursively
+        function delTree($dir) {
+                $files = array_diff(scandir($dir), array('.','..'));
+                foreach ($files as $file) {
+                        (is_dir("$dir/$file")) ? delTree("$dir/$file") : unlink("$dir/$file");
+                }
+                return rmdir($dir);
+        } 
+
         // Check if file have to be deleted
         $data_dir = array_diff(scandir(_DATA_DIR), array('..', '.', '.gitkeep'));
         foreach ($data_dir as $data_dir_content)
@@ -9,16 +18,7 @@
                 $data_conf = json_decode(file_get_contents(_DATA_DIR . "/" . $data_dir_content . "/info.json"),true);
                 if ($data_conf['expire'] < time()) 
                 {
-                        $i = new DirectoryIterator(_DATA_DIR . "/" . $data_dir_content);
-                        foreach($i as $f) {
-                                if($f->isFile()) 
-                                {
-                                        unlink($f->getRealPath());
-                                } else if(!$f->isDot() && $f->isDir()) {
-                                        rrmdir($f->getRealPath());
-                                }
-                        }
-                        rmdir(_DATA_DIR . "/" . $data_dir_content );
+                        delTree(_DATA_DIR . "/" . $data_dir_content);
                 } 
 
         }
@@ -27,6 +27,8 @@
         if ($_SERVER['REQUEST_METHOD'] === 'PUT') 
         {
                 $rnd_data = mt_rand(10000,99999);
+                $filesize = 0 ;
+                
                 mkdir(_DATA_DIR . "/" . $rnd_data);
                 $info_json = new stdClass(); 
                 $info_json->expire = time() + (7 * 24 * 60 * 60);
@@ -34,13 +36,25 @@
 
                 $putdata = fopen("php://input", "r");
                 $fp = fopen(_DATA_DIR . "/" . $rnd_data . "/file", "w");
-                while ($data = fread($putdata, 1024))
+                while ($data = fread($putdata, 1024) and $filesize < _SIZE_LIMIT )
                 {
+                        $filesize += 1024 ;
                         fwrite($fp, $data);
                 }
-                fclose($fp);
                 fclose($putdata);
-                print(_HTTP_PROTO . '://' . _HTTP_DOMAIN . _HTTP_PATH . 'data/' . $rnd_data . '/file');
+                fclose($fp);
+
+                if ($filesize < _SIZE_LIMIT )
+                {
+                        print(_HTTP_PROTO . '://' . _HTTP_DOMAIN . _HTTP_PATH . 'data/' . $rnd_data . '/file');
+                }
+                else
+                {
+                        delTree(_DATA_DIR . "/" . $rnd_data);
+                        print("File size exceeded (Max " . _SIZE_LIMIT . " bytes)");
+                }
+                
+
         }
 
         // Informations for user