Fill in missing API info, put todo to verify MD5 hash of uploaded file

This commit is contained in:
moparisthebest 2013-08-06 20:32:32 -04:00
parent ee84fbcc0f
commit 409d980219
2 changed files with 9 additions and 5 deletions

View File

@ -3,8 +3,11 @@ puush server 216.155.137.235
UPLOADING UPLOADING
POST -> http://puush.me/api/up POST -> http://puush.me/api/up
"k" = ? "k" = API key, 32 characters long like MD5, all uppercase
"c" = ? "c" = MD5 hash of the image, lowercase
"z" = "poop" -- junk "z" = "poop" -- junk
"f" = image "f" = image
<- 0,http://puu.sh/IMGID,??,?? <- 0,http://puu.sh/IMGID,??,??
therefore, a file can be uploaded to puush.me or this puush-api and the url extracted with curl and cut like so ($1 is path to file):
curl -s -X POST -H 'Content-Type: multipart/form-data' -F "k=$puush_api_key" -F "c=$(md5sum "$1" | cut -d' ' -f1)" -F "z=poop" -F "f=@${1};filename=ss ($(date '+%Y-%m-%d at %I.%M.%S')).png;type=application/octet-stream" http://puush.me/api/up | cut -d, -f2

View File

@ -4,10 +4,10 @@ define('puush', '');
require_once 'config.php'; require_once 'config.php';
require_once 'func.php'; require_once 'func.php';
// ? // API key
$k = get_post_var('k'); $k = get_post_var('k');
// ? // MD5 hash of file
$c = get_post_var('c'); $c = get_post_var('c');
// Check for the file // Check for the file
@ -26,6 +26,7 @@ if ($file['size'] > MAX_FILE_SIZE)
} }
// Ensure the image is actually a file and not a friendly virus // Ensure the image is actually a file and not a friendly virus
// todo: validate MD5 hash either in this function or here
if (validate_image($file) === FALSE) if (validate_image($file) === FALSE)
{ {
exit ('ERR Invalid image.'); exit ('ERR Invalid image.');