<?php
require_once "inc/config/config.php";
function upload($file, $path) {
global $db, $users;
$key = bin2hex(random_bytes(16));
$iv = random_bytes(16);
$fileContent = file_get_contents($file['tmp_name']);
$encryptedContent = openssl_encrypt($fileContent, 'AES-256-CBC', $key, 0, $iv);
file_put_contents($file['tmp_name'], $encryptedContent);
$file['name'] = pathinfo($file['name']);
$insert_array = [
"upload_name" => $file['name']['filename'],
"upload_extension" => $file['name']['extension'],
"upload_date" => time(),
"upload_user_id" => $users['user_id'],
"upload_path" => $path,
"upload_iv" => bin2hex($iv), // Hex formatında kaydetmek daha uygun
"upload_key" => $key
];
$insert = $db->insert("upload", $insert_array);
$file['new-name'] = base64_encode($insert . "-" . $users['user_id'] . "-" . time()) . ".txt";
move_uploaded_file($file['tmp_name'], $path . $file['new-name']);
}
function download($id) {
global $db, $users;
$upload = $db->select("upload", "*", ["upload_id" => $id]);
if ($db->num_rows($upload)) {
$upload = $db->fetch($upload, false);
$filename = base64_encode($upload['upload_id'] . "-" . $upload['upload_user_id'] . "-" . $upload['upload_date']);
$path = $upload['upload_path'];
$fileContent = file_get_contents($path . $filename . ".txt");
$decodedFile = openssl_decrypt($fileContent, 'AES-256-CBC', $upload['upload_key'], 0, hex2bin($upload['upload_iv']));
$downloadFileName = "indirilen_dosya." . $upload['upload_extension'];
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $downloadFileName . '"');
echo $decodedFile;
exit;
} else {
return "Hata! Böyle Bir Dosya Yok";
}
}
if ($_FILES) {
upload($_FILES['file'], "upload/test/");
}
if (isset($_GET['download'])) {
echo download($_GET['download']);
} else {
?>
<form enctype="multipart/form-data" action="" method="POST">
<input type="file" name="file">
<button type="submit">Gönder</button>
</form>
<?php
}
?>