From e71373e430ae69b3b853d79322125e3b1904ba48 Mon Sep 17 00:00:00 2001 From: Muhammad Asadullah Nadeem <88024587+Asadullah-nadeem@users.noreply.github.com> Date: Wed, 4 Dec 2024 10:02:38 +0530 Subject: [PATCH] bug fix --- .sql | 12 ++--- Documentation.php | 1 + README.md | 2 +- Script.js | 79 +------------------------------ composer.json | 5 ++ config.php | 10 +++- index.php | 1 + subscribe.php | 117 +++++++++++++++++++++++++++++++++++++++++++--- upload.php | 63 +------------------------ upload_api.php | 116 +++++---------------------------------------- view.php | 1 + 11 files changed, 147 insertions(+), 260 deletions(-) create mode 100644 composer.json diff --git a/.sql b/.sql index 20b49cf..2eb7698 100644 --- a/.sql +++ b/.sql @@ -2,12 +2,12 @@ CREATE DATABASE image_bucket; USE image_bucket; -CREATE TABLE images ( - id INT AUTO_INCREMENT PRIMARY KEY, - unique_key VARCHAR(255) NOT NULL UNIQUE, - file_name VARCHAR(255) NOT NULL, - uploaded_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP -); +-- CREATE TABLE images ( +-- id INT AUTO_INCREMENT PRIMARY KEY, +-- unique_key VARCHAR(255) NOT NULL UNIQUE, +-- file_name VARCHAR(255) NOT NULL, +-- uploaded_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP +-- ); CREATE TABLE subscribers ( id INT AUTO_INCREMENT PRIMARY KEY, diff --git a/Documentation.php b/Documentation.php index 9016a20..bd00c2d 100644 --- a/Documentation.php +++ b/Documentation.php @@ -1,3 +1,4 @@ + diff --git a/README.md b/README.md index 8e2ebe1..f968dc4 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ File Upload API built using PHP and Tailwind CSS! It features secure API key aut ![image](https://github.com/user-attachments/assets/946297a0-346f-4dee-bfb7-6fc932b37ada) -## Old UI +## old UI ![image](https://github.com/user-attachments/assets/789097e6-b37e-4263-b493-8dad7327ae8a) ![image](https://github.com/user-attachments/assets/dda9c25b-b18e-4260-936a-9fdddd12b05b) diff --git a/Script.js b/Script.js index f30607a..59de502 100644 --- a/Script.js +++ b/Script.js @@ -1,83 +1,6 @@ +// Script.js document.getElementById('currentYear').textContent = new Date().getFullYear(); -// async function uploadImage() { -// const apiKey = document.getElementById('api_key').value; -// const image = document.getElementById('image').files[0]; -// -// if (!apiKey || !image) { -// document.getElementById('responseMessage').textContent = "Please enter an API key and select an image."; -// return; -// } -// -// const formData = new FormData(); -// formData.append("api_key", apiKey); -// formData.append("image", image); -// -// try { -// const response = await fetch('upload_api.php', { -// method: 'POST', -// headers: { -// 'API_KEY': apiKey, -// }, -// body: formData, -// }); -// -// const result = await response.json(); -// if (response.ok) { -// document.getElementById('responseMessage').textContent = `Success: ${result.success}. File URL: ${result.file_url}`; -// document.getElementById('responseMessage').classList.add("text-green-500"); -// } else { -// document.getElementById('responseMessage').textContent = `Error: ${result.error}`; -// document.getElementById('responseMessage').classList.add("text-red-500"); -// } -// } catch (error) { -// document.getElementById('responseMessage').textContent = `Error: ${error.message}`; -// document.getElementById('responseMessage').classList.add("text-red-500"); -// } -// } - -// async function uploadImage() { -// const apiKey = document.getElementById('api_key').value; -// const image = document.getElementById('image').files[0]; -// -// if (!apiKey || !image) { -// document.getElementById('responseMessage').textContent = "Please enter an API key and select an image."; -// return; -// } -// -// const validImageTypes = ["image/jpeg", "image/png", "image/gif"]; -// if (!validImageTypes.includes(image.type)) { -// document.getElementById('responseMessage').textContent = "Invalid file type. Please upload an image."; -// document.getElementById('responseMessage').classList.add("text-red-500"); -// return; -// } -// -// const formData = new FormData(); -// formData.append("api_key", apiKey); -// formData.append("image", image); -// -// try { -// const response = await fetch('upload_api.php', { -// method: 'POST', -// headers: { -// 'API_KEY': apiKey, -// }, -// body: formData, -// }); -// -// const result = await response.json(); -// if (response.ok) { -// document.getElementById('responseMessage').textContent = `Success: ${result.success}. File URL: ${result.file_url}`; -// document.getElementById('responseMessage').classList.add("text-green-500"); -// } else { -// document.getElementById('responseMessage').textContent = `Error: ${result.error}`; -// document.getElementById('responseMessage').classList.add("text-red-500"); -// } -// } catch (error) { -// document.getElementById('responseMessage').textContent = `Error: ${error.message}`; -// document.getElementById('responseMessage').classList.add("text-red-500"); -// } -// } async function uploadImage() { const apiKey = document.getElementById('api_key').value; const image = document.getElementById('image').files[0]; diff --git a/composer.json b/composer.json new file mode 100644 index 0000000..54286f3 --- /dev/null +++ b/composer.json @@ -0,0 +1,5 @@ +{ + "require": { + "aws/aws-sdk-php": "^3.333" + } +} diff --git a/config.php b/config.php index 4cede82..1166eda 100644 --- a/config.php +++ b/config.php @@ -1,10 +1,17 @@ + getMessage()); } -} - +} \ No newline at end of file diff --git a/index.php b/index.php index 19c0efd..332aa2f 100644 --- a/index.php +++ b/index.php @@ -1,3 +1,4 @@ + diff --git a/subscribe.php b/subscribe.php index 64f826d..353dff1 100644 --- a/subscribe.php +++ b/subscribe.php @@ -1,9 +1,11 @@ + prepare("SELECT * FROM subscribers WHERE email = :email"); $stmt->execute(['email' => $email]); - + if ($stmt->rowCount() > 0) { $message = "This email is already subscribed."; } else { @@ -21,9 +23,112 @@ function generateApiKey($length = 32) { $stmt = $pdo->prepare("INSERT INTO subscribers (email, api_key) VALUES (:email, :api_key)"); if ($stmt->execute(['email' => $email, 'api_key' => $apiKey])) { - $subject = "Your API Key for Image Upload"; - $message = "Thank you for subscribing! Here is your API key:\n\n" . $apiKey; - $headers = "From: no-reply@bucket.codeaxe.co.in"; + $subject = "Welcome to Codeaxe - Your API Key & Documentation Details"; + + $message = " + + + + + + +
+
+

Welcome to Codeaxe

+
+
+

Hi there,

+

Thank you for signing up! We're excited to have you onboard. Here is your API Key:

+
+ $apiKey +
+

You can access the API documentation and further details using the link below:

+

API Documentation

+

If you have any questions or need assistance, feel free to reach out to us.

+
+
+ Go to Dashboard +
+
+

© " . date('Y') . " Codeaxe. All rights reserved.

+
+
+ + + +"; + + $headers = "From: no-reply@bucket.codeaxe.co.in\r\n"; + // $headers .= "Reply-To: support@bucket.codeaxe.co.in\r\n"; + $headers .= "MIME-Version: 1.0\r\n"; + $headers .= "Content-Type: text/html; charset=UTF-8\r\n"; if (mail($email, $subject, $message, $headers)) { $message = "Subscription successful! Your API key has been sent to your email."; @@ -47,4 +152,4 @@ function generateApiKey($length = 32) { alert('No email provided.'); window.location.href = 'index.php'; "; -} \ No newline at end of file +} diff --git a/upload.php b/upload.php index e867222..ebf33da 100644 --- a/upload.php +++ b/upload.php @@ -1,3 +1,4 @@ + prepare("INSERT INTO images (unique_key, file_name, directory_key) VALUES (:unique_key, :file_name, :directory_key)"); -// $stmt->execute(['unique_key' => $uniqueKey, 'file_name' => $fileName, 'directory_key' => $uniqueDirKey]); -// -// $uniqueUrl = BASE_URL . "view.php?key=" . $uniqueKey; -// $fileUrl = BASE_URL . $uploadDir . $fileName; -// -// echo "Image uploaded successfully! Access it at: $uniqueUrl"; -// echo "
Direct image URL: $fileUrl"; -// } else { -// echo "Failed to upload the image."; -// } -//} -//if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['image'])) { -// $fileType = mime_content_type($_FILES['image']['tmp_name']); -// $validImageTypes = ['image/jpeg', 'image/png', 'image/gif']; -// -// if (!in_array($fileType, $validImageTypes)) { -// echo "Invalid file type. Only image files are allowed."; -// exit; -// } -// -// $uniqueDirKey = generate8BitUniqueKey(); -// $uploadDir = UPLOAD_DIR . $uniqueDirKey . '/'; -// -// if (!is_dir($uploadDir)) { -// mkdir($uploadDir, 0777, true); -// } -// -// $fileName = generate8BitUniqueKey() . '.' . pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); -// $filePath = $uploadDir . $fileName; -// -// if (move_uploaded_file($_FILES['image']['tmp_name'], $filePath)) { -// $uniqueKey = generateUniqueKey(); -// -// $stmt = $pdo->prepare("INSERT INTO images (unique_key, file_name, directory_key) VALUES (:unique_key, :file_name, :directory_key)"); -// $stmt->execute(['unique_key' => $uniqueKey, 'file_name' => $fileName, 'directory_key' => $uniqueDirKey]); -// -// $uniqueUrl = BASE_URL . "view.php?key=" . $uniqueKey; -// $fileUrl = BASE_URL . $uploadDir . $fileName; -// -// echo "Image uploaded successfully! Access it at: $uniqueUrl"; -// echo "
Direct image URL: $fileUrl"; -// } else { -// echo "Failed to upload the image."; -// } -//} else { -// echo "No file uploaded."; -//} if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['image'])) { $maxSize = 5 * 1024 * 1024; // 5 MB in bytes if ($_FILES['image']['size'] > $maxSize) { diff --git a/upload_api.php b/upload_api.php index 3cbb9db..809e9cf 100644 --- a/upload_api.php +++ b/upload_api.php @@ -7,116 +7,20 @@ function authenticateApiKey($apiKey) { $stmt->execute(['api_key' => $apiKey]); return $stmt->fetch(PDO::FETCH_ASSOC); } -function generate8BitUniqueKey($length = 8) { - return substr(bin2hex(random_bytes($length)), 0, $length); -} -//if ($_SERVER['REQUEST_METHOD'] == 'POST') { -// $apiKey = $_SERVER['HTTP_API_KEY'] ?? $_POST['api_key'] ?? ''; -// $user = authenticateApiKey($apiKey); -// if (!$user) { -// http_response_code(401); -// echo json_encode(["error" => "Unauthorized. Invalid API key."]); -// exit; -// } -// -// if (!isset($_FILES['image'])) { -// http_response_code(400); -// echo json_encode(["error" => "No image uploaded."]); -// exit; -// } -// -// $uniqueDirKey = generate8BitUniqueKey(); -// $uploadDir = UPLOAD_DIR . $uniqueDirKey . '/'; -// -// if (!is_dir($uploadDir)) { -// mkdir($uploadDir, 0777, true); -// } -// -// $fileName = generate8BitUniqueKey() . '.' . pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); -// $filePath = $uploadDir . $fileName; -// -// if (move_uploaded_file($_FILES['image']['tmp_name'], $filePath)) { -// http_response_code(200); -// echo json_encode([ -// "success" => "Image uploaded successfully.", -// "file_url" => BASE_URL . $uploadDir . $fileName -// ]); -// } else { -// http_response_code(500); -// echo json_encode(["error" => "Failed to upload image."]); -// } -//} else { -// http_response_code(405); -// echo json_encode(["error" => "Method not allowed. Please use POST."]); -//} -//if ($_SERVER['REQUEST_METHOD'] == 'POST') { -// $apiKey = $_SERVER['HTTP_API_KEY'] ?? $_POST['api_key'] ?? ''; -// $user = authenticateApiKey($apiKey); -// if (!$user) { -// http_response_code(401); -// echo json_encode(["error" => "Unauthorized. Invalid API key."]); -// exit; -// } -// -// if (!isset($_FILES['image'])) { -// http_response_code(400); -// echo json_encode(["error" => "No image uploaded."]); -// exit; -// } -// -// $fileType = mime_content_type($_FILES['image']['tmp_name']); -// $validImageTypes = ['image/jpeg', 'image/png', 'image/gif']; -// -// if (!in_array($fileType, $validImageTypes)) { -// http_response_code(400); -// echo json_encode(["error" => "Invalid file type. Only image files are allowed."]); -// exit; -// } -// -// $uniqueDirKey = generate8BitUniqueKey(); -// $uploadDir = UPLOAD_DIR . $uniqueDirKey . '/'; -// -// if (!is_dir($uploadDir)) { -// mkdir($uploadDir, 0777, true); -// } -// -// $fileName = generate8BitUniqueKey() . '.' . pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); -// $filePath = $uploadDir . $fileName; -// -// if (move_uploaded_file($_FILES['image']['tmp_name'], $filePath)) { -// http_response_code(200); -// echo json_encode([ -// "success" => "Image uploaded successfully.", -// "file_url" => BASE_URL . $uploadDir . $fileName -// ]); -// } else { -// http_response_code(500); -// echo json_encode(["error" => "Failed to upload image."]); -// } -//} else { -// http_response_code(405); -// echo json_encode(["error" => "Method not allowed. Please use POST."]); -//} if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $apiKey = $_SERVER['HTTP_API_KEY'] ?? $_POST['api_key'] ?? ''; + $apiKey = $_SERVER['HTTP_API_KEY'] ?? ''; $user = authenticateApiKey($apiKey); + if (!$user) { http_response_code(401); echo json_encode(["error" => "Unauthorized. Invalid API key."]); exit; } - if (!isset($_FILES['image'])) { - http_response_code(400); - echo json_encode(["error" => "No image uploaded."]); - exit; - } - - $maxSize = 1 * 1024 * 1024; // 5 MB in bytes - if ($_FILES['image']['size'] > $maxSize) { + if (!isset($_FILES['image']) || $_FILES['image']['error'] != UPLOAD_ERR_OK) { http_response_code(400); - echo json_encode(["error" => "File size exceeds 5 MB. Please upload a smaller image."]); + echo json_encode(["error" => "No valid image uploaded."]); exit; } @@ -129,18 +33,20 @@ function generate8BitUniqueKey($length = 8) { if (!in_array($fileType, $validImageTypes)) { http_response_code(400); - echo json_encode(["error" => "Invalid file type. Only specific image files are allowed."]); + echo json_encode(["error" => "Invalid file type. Only images are allowed."]); exit; } - $uniqueDirKey = generate8BitUniqueKey(); + $uniqueDirKey = bin2hex(random_bytes(4)); $uploadDir = UPLOAD_DIR . $uniqueDirKey . '/'; - if (!is_dir($uploadDir)) { - mkdir($uploadDir, 0777, true); + if (!is_dir($uploadDir) && !mkdir($uploadDir, 0777, true)) { + http_response_code(500); + echo json_encode(["error" => "Failed to create upload directory."]); + exit; } - $fileName = generate8BitUniqueKey() . '.' . pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); + $fileName = bin2hex(random_bytes(8)) . '.' . pathinfo($_FILES['image']['name'], PATHINFO_EXTENSION); $filePath = $uploadDir . $fileName; if (move_uploaded_file($_FILES['image']['tmp_name'], $filePath)) { diff --git a/view.php b/view.php index de44a2d..d095d70 100644 --- a/view.php +++ b/view.php @@ -1,3 +1,4 @@ +