From d398a49fc69c6ae7bff2862e3e3cc1745a0b0152 Mon Sep 17 00:00:00 2001 From: BkPHcgQL3V Date: Wed, 22 Oct 2014 06:53:29 +0000 Subject: [PATCH] Add MD5 for individual files to the API --- inc/api.php | 9 ++++----- inc/display.php | 7 ++++++- post.php | 38 ++++++++++++++++---------------------- 3 files changed, 26 insertions(+), 28 deletions(-) diff --git a/inc/api.php b/inc/api.php index 95a71d91..0335a1a4 100644 --- a/inc/api.php +++ b/inc/api.php @@ -85,13 +85,13 @@ class Api { } } - private function translateFile($file, $post, &$apiPost) { + private function translateFile($file, &$apiPost) { $this->translateFields($this->fileFields, $file, $apiPost); $apiPost['filename'] = @substr($file->name, 0, strrpos($file->name, '.')); $dotPos = strrpos($file->file, '.'); $apiPost['ext'] = substr($file->file, $dotPos); $apiPost['tim'] = substr($file->file, 0, $dotPos); - $apiPost['md5'] = base64_encode(hex2bin($post->filehash)); + $apiPost['md5'] = base64_encode(hex2bin($file->hash)); } private function translatePost($post, $threadsPage = false) { @@ -116,17 +116,16 @@ class Api { } // Handle files - // Note: 4chan only supports one file, so only the first file is taken into account for 4chan-compatible API. if (isset($post->files) && $post->files && !$threadsPage) { $file = $post->files[0]; - $this->translateFile($file, $post, $apiPost); + $this->translateFile($file, $apiPost); if (sizeof($post->files) > 1) { $extra_files = array(); foreach ($post->files as $i => $f) { if ($i == 0) continue; $extra_file = array(); - $this->translateFile($f, $post, $extra_file); + $this->translateFile($f, $extra_file); $extra_files[] = $extra_file; } diff --git a/inc/display.php b/inc/display.php index 9b4c2d83..a58d92f4 100644 --- a/inc/display.php +++ b/inc/display.php @@ -354,8 +354,13 @@ class Post { $this->{$key} = $value; } - if (isset($this->files) && $this->files) + if (isset($this->files) && $this->files) { $this->files = json_decode($this->files); + // Compatibility for posts before individual file hashing + foreach ($this->files as &$file) + if (!isset($file->hash)) + $file->hash = $this->filehash; + } $this->subject = utf8tohtml($this->subject); $this->name = utf8tohtml($this->name); diff --git a/post.php b/post.php index 099ea6d7..881c7e01 100644 --- a/post.php +++ b/post.php @@ -577,6 +577,7 @@ elseif (isset($_POST['post'])) { if ($post['has_file']) { + $allhashes = ''; foreach ($post['files'] as $key => &$file) { if (!in_array($file['extension'], $config['allowed_ext']) && !in_array($file['extension'], $config['allowed_ext_files'])) error($config['error']['unknownext']); @@ -586,33 +587,26 @@ elseif (isset($_POST['post'])) { // Truncate filename if it is too long $file['filename'] = mb_substr($file['filename'], 0, $config['max_filename_len']); - if (!isset($filenames)) { - $filenames = escapeshellarg($file['tmp_name']); - } else { - $filenames .= (' ' . escapeshellarg($file['tmp_name'])); - } $upload = $file['tmp_name']; if (!is_readable($upload)) error($config['error']['nomove']); - } - - $md5cmd = $config['bsd_md5'] ? 'md5 -r' : 'md5sum'; - - if( ($output = shell_exec_error("cat $filenames | $md5cmd")) !== false ) { - $explodedvar = explode(' ', $output); - $hash = $explodedvar[0]; - $post['filehash'] = $hash; - } - elseif ($config['max_images'] === 1) { - $post['filehash'] = md5_file($upload); - } - else { - $str_to_hash = ''; - foreach (explode(' ', $filenames) as $i => $f) { - $str_to_hash .= file_get_contents($f); + + $md5cmd = $config['bsd_md5'] ? 'md5 -r' : 'md5sum'; + if( ($output = shell_exec_error("cat " . escapeshellarg($upload) . " | $md5cmd")) !== false ) { + $explodedvar = explode(' ', $output); + $hash = $explodedvar[0]; + } else { + $hash = md5_file($upload); } - $post['filehash'] = md5($str_to_hash); + $file['hash'] = $hash; + $allhashes .= $hash; + } + + if (count($post['files']) == 1) { + $post['filehash'] = $hash; + } else { + $post['filehash'] = md5($allhashes); } }