Skip to content

Commit

Permalink
🎉 v1.0.9 Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@axtonprice
axtonprice authored Apr 24, 2022
1 parent efd8db2 commit 8f05fd4
Show file tree
Hide file tree
Showing 14 changed files with 474 additions and 95 deletions.
4 changes: 2 additions & 2 deletions LICENSE
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
MIT License

Copyright (c) 2022 axtonprice.com
Copyright (c) 2022 Axtonprice, QuickBlaze

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
Expand All @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
SOFTWARE.
97 changes: 64 additions & 33 deletions Modules/Functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,55 +9,60 @@ function sanitizeXSS()
}

/* Internal Script Functions */
function get_string_between($string, $start, $end)
{
$string = ' ' . $string;
$ini = strpos($string, $start);
if ($ini == 0) return '';
$ini += strlen($start);
$len = strpos($string, $end, $ini) - $ini;
return substr($string, $ini, $len);
}
function processData($data)
{
sanitizeXSS(); // Sanitize Script
$encryptionKey = generateKey(64); // Create new key
$encryptedData = encryptData($data, $encryptionKey); // Encrypt data
insertRecord($encryptedData, $encryptionKey); // Insert new database record
return $encryptionKey;
}
function ifTextBoxDisabled()
{
sanitizeXSS(); // Sanitize Script
if (isset($_GET["submitted"])) {
echo "disabled";
}
}
function determineMessageContent()
{
sanitizeXSS(); // Sanitize Script
if (getRecord("encrypted_contents", htmlspecialchars($_GET["key"]), ENT_QUOTES, 'UTF-8') == null) {
header("Location: 404");
} else {
if (!isset($_GET["confirm"])) {
echo '
<h6>
Decrypt & View Message?
' . translate("Decrypt & View Message?", "en") . '
</h6>
<a class="btn btn-primary submit-button darkmode-ignore" href="?confirm&key=' . htmlspecialchars($_GET["key"]) . '">
View Message
' . translate("View Message", "en") . '
</a>';
} else {
echo '
<h6>
This message has been destroyed!
' . translate("This message has been destroyed!", "en") . '
</h6>
<textarea disabled type="text" class="form-control" id="linkbox" name="data">' . htmlspecialchars(decryptData(htmlspecialchars($_GET["key"]))) . '</textarea>
<br>
<button type="button" class="btn btn-primary submit-button darkmode-ignore" onclick="copyToClipboard(\'#linkbox\')">
Copy Message
' . translate("Copy Message", "en") . '
</button>
<a class="btn btn-secondary submit-button darkmode-ignore" href="./">
Return Home
' . translate("Return Home", "en") . '
</a>';
destroyRecord(htmlspecialchars($_GET["key"], ENT_QUOTES, 'UTF-8')); // destroy record
}
}
}
function getSubmittedKey()
{
sanitizeXSS(); // Sanitize Script
error_reporting(0); // disable error reporting
if (isset($_GET["submitted"]) && $_GET["submitted"] != "") {
$fullUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]" . str_replace("?submitted=", "view?key=", htmlspecialchars($_SERVER['REQUEST_URI']));
Expand All @@ -71,38 +76,37 @@ function getSubmittedKey()
}
function determineSubmissionFooter()
{
sanitizeXSS(); // Sanitize Script
if (isset($_GET["submitted"])) {
echo '
<br>
<p class="text-muted">
Share this link anywhere on the internet. The message will be automatically destroyed once viewed.
' . translate("Share this link anywhere on the internet. The message will be automatically destroyed once viewed.", "en") . '
</p>
<button type="button" class="btn btn-primary submit-button darkmode-ignore" onclick="copyToClipboard(\'#linkbox\')">
Copy Link
' . translate("Copy Link", "en") . '
</button>
<a class="btn btn-secondary submit-button darkmode-ignore" href="./">
Create New
' . translate("Create New", "en") . '
</a>';
} else {
echo '
<br>
<button class="btn btn-primary submit-button darkmode-ignore" type="submit">
Generate Link
' . translate("Generate Link", "en") . '
</button>';
}
}
function determineSystemVersion()
{
if (!file_exists("./.version")) {
touch("./.version");
$latestVersion = json_decode(file_get_contents("https://raw.githubusercontent.com/axtonprice-dev/quickblaze-encrypt/main/.version", true), true);
file_put_contents("./.version", json_encode(array("BRANCH" => $latestVersion["BRANCH"], "VERSION" => $latestVersion["VERSION"])));
$latestVersion = json_decode(file_get_contents("https://raw.githubusercontent.com/axtonprice-dev/quickblaze-encrypt/main/.version?cacheUpdate=" . rand(0, 100), true), true);
file_put_contents("./.version", json_encode(array("BRANCH" => $latestVersion["BRANCH"], "VERSION" => $latestVersion["VERSION"], "LANGUAGE" => "auto")));
}
$thisVersion = json_decode(file_get_contents("./.version", true), true);
$latestVersion = json_decode(file_get_contents("https://raw.githubusercontent.com/axtonprice-dev/quickblaze-encrypt/" . filter_var(htmlspecialchars($thisVersion["BRANCH"]), FILTER_SANITIZE_FULL_SPECIAL_CHARS) . "/.version", true), true);
$latestVersion = json_decode(file_get_contents("https://raw.githubusercontent.com/axtonprice-dev/quickblaze-encrypt/" . filter_var(htmlspecialchars($thisVersion["BRANCH"]), FILTER_SANITIZE_FULL_SPECIAL_CHARS) . "/.version?cacheUpdate=" . rand(0, 100), true), true);
if ($thisVersion["VERSION"] != $latestVersion["VERSION"]) {
return '<x style="color:red">v' . $thisVersion["VERSION"] . ' (Outdated!)</x>';
} else {
Expand All @@ -113,7 +117,6 @@ function determineSystemVersion()
/* Database Interaction Functions */
function generateKey($length)
{
sanitizeXSS(); // Sanitize Script
$length = 16;
$bytes = openssl_random_pseudo_bytes($length);
$hex = bin2hex($bytes);
Expand All @@ -123,22 +126,19 @@ function generateKey($length)
/* Data Conversion Functions */
function encryptData($data, $encryption_key)
{
sanitizeXSS(); // Sanitize Script
$encryption_iv = hex2bin($encryption_key);
return openssl_encrypt($data, "AES-128-CTR", $encryption_key, 0, $encryption_iv);
}

function decryptData($encryption_key) // getRecord("encrypted_contents", $dataKey)
{
sanitizeXSS(); // Sanitize Script
$encryption_iv = hex2bin($encryption_key);
return openssl_decrypt(getRecord("encrypted_contents", $encryption_key), "AES-128-CTR", $encryption_key, 0, $encryption_iv);
}

/* Database Interaction Functions */
function setupDatabase()
{
sanitizeXSS(); // Sanitize Script
error_reporting(0); // disable error reporting
if (!file_exists("./Modules/InstallationStatus.json")) {
touch("./Modules/InstallationStatus.json");
Expand All @@ -150,7 +150,8 @@ function setupDatabase()
try { // attempt database connection
$mysqli = new mysqli($json["HOSTNAME"], $json["USERNAME"], $json["PASSWORD"], $json["DATABASE"]);
} catch (mysqli_sql_exception $e) {
die(file_get_contents("./Public/Error/DatabaseCredentials.html")); // throw error page if invalid credentials
require "./Public/Error/DatabaseCredentials.php"; // throw error page if invalid credentials
die();
}
$tableCreateSQL = "CREATE TABLE IF NOT EXISTS `quickblaze_records` (`record_id` int(11) NOT NULL,`encrypted_contents` longtext NOT NULL,`encryption_token` varchar(128) NOT NULL,`source_ip` varchar(100) NOT NULL, `record_date` timestamp(5) NOT NULL DEFAULT current_timestamp(5)) ENGINE=InnoDB DEFAULT CHARSET=utf8;";
$addPrimaryKeySQL = "ALTER TABLE `quickblaze_records` ADD PRIMARY KEY (`record_id`);";
Expand All @@ -161,13 +162,16 @@ function setupDatabase()
file_put_contents("./Modules/InstallationStatus.json", json_encode(array("INSTALLED" => "true")));
return true;
} else {
die($mysqli->error);
require "./Public/Error/DatabaseCredentials.php"; // throw error page if invalid credentials
die();
}
} else {
die($mysqli->error);
require "./Public/Error/DatabaseCredentials.php"; // throw error page if invalid credentials
die();
}
} else {
die($mysqli->error);
require "./Public/Error/DatabaseCredentials.php"; // throw error page if invalid credentials
die();
}

$mysqli->close();
Expand All @@ -176,23 +180,32 @@ function setupDatabase()
}
function checkDatabase()
{
error_reporting(0); // disable error reporting
if (!file_exists("./Modules/Database.env")) {
die(file_get_contents("./Public/Error/DatabaseConfig.html"));
touch("./Modules/Database.env");
require "./Public/Error/DatabaseConfig.php";
die();
} else {
$json = json_decode(file_get_contents("./Modules/Database.env", true), true);
if ($json["DATABASE"] == "" || $json["HOSTNAME"] == "") {
die(file_get_contents("./Public/Error/DatabaseConfig.html"));
require "./Public/Error/DatabaseConfig.php";
die();
}
}
$status = json_decode(file_get_contents("./Modules/InstallationStatus.json", true), true);
if ($status["INSTALLED"] == "false") {
setupDatabase();
}
error_reporting(E_ALL); // enable error reporting
}

function insertRecord($encrypted_contents, $encryption_token)
{
sanitizeXSS(); // Sanitize Script
$json = json_decode(file_get_contents("./Modules/Database.env", true), true);
$mysqli = new mysqli($json["HOSTNAME"], $json["USERNAME"], $json["PASSWORD"], $json["DATABASE"]);
if ($mysqli->connect_errno) {
return $mysqli->connect_errno;
require "./Public/Error/DatabaseCredentials.php";
die();
}
$source_ip = filter_var($_SERVER['HTTP_CF_CONNECTING_IP'], FILTER_VALIDATE_IP) ?? filter_var($_SERVER['REMOTE_ADDR'], FILTER_VALIDATE_IP);
$record_date = date("Y-m-d H:i:s");
Expand All @@ -206,11 +219,11 @@ function insertRecord($encrypted_contents, $encryption_token)

function destroyRecord($token)
{
sanitizeXSS(); // Sanitize Script
$json = json_decode(file_get_contents("./Modules/Database.env", true), true);
$mysqli = new mysqli($json["HOSTNAME"], $json["USERNAME"], $json["PASSWORD"], $json["DATABASE"]);
if ($mysqli->connect_errno) {
return $mysqli->connect_errno;
require "./Public/Error/DatabaseCredentials.php";
die();
}
$token = filter_var($token, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
if ($mysqli->query("DELETE FROM `quickblaze_records` WHERE `encryption_token` = '$token';") === TRUE) {
Expand All @@ -223,11 +236,11 @@ function destroyRecord($token)

function getRecord($dataToFetch, $encryption_token)
{
sanitizeXSS(); // Sanitize Script
$json = json_decode(file_get_contents("./Modules/Database.env", true), true);
$mysqli = new mysqli($json["HOSTNAME"], $json["USERNAME"], $json["PASSWORD"], $json["DATABASE"]);
if ($mysqli->connect_errno) {
return $mysqli->connect_errno;
require "./Public/Error/DatabaseCredentials.php";
die();
}
$encryption_token = filter_var($encryption_token, FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$result = $mysqli->query("SELECT `$dataToFetch` FROM `quickblaze_records` WHERE `encryption_token` = '$encryption_token'");
Expand All @@ -240,3 +253,21 @@ function getRecord($dataToFetch, $encryption_token)
}
$mysqli->close();
}

/* Translation Feature */
function translate($q, $sl)
{
$config = json_decode(file_get_contents("./.version", true), true);
if ($config["LANGUAGE"] == "auto") {
$tl = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
} else {
if ($config["LANGUAGE"] != "") {
$tl = $config["LANGUAGE"];
} else {
$tl = "en";
}
}
$res = file_get_contents("https://translate.googleapis.com/translate_a/single?client=gtx&ie=UTF-8&oe=UTF-8&dt=bd&dt=ex&dt=ld&dt=md&dt=qca&dt=rw&dt=rm&dt=ss&dt=t&dt=at&sl=" . $sl . "&tl=" . $tl . "&hl=hl&q=" . urlencode($q), $_SERVER['DOCUMENT_ROOT'] . "/transes.html");
$res = json_decode($res);
return $res[0][0][0];
}
Loading

0 comments on commit 8f05fd4

Please sign in to comment.