From 0984db04e4eae1699d0c9dfcc9487aeb30177575 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 02:20:49 +0100 Subject: [PATCH 01/13] cleanup the script alot and start on adding logging to the console --- upload.php | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/upload.php b/upload.php index 6f51731..6360fbe 100644 --- a/upload.php +++ b/upload.php @@ -3,6 +3,7 @@ /** * DO NOT TOUCH!!!!!!!! */ +$SCRIPT_VERSION = "0.1.0"; // The version of the script $before = microtime(true); // Start time of the script $defaultSecretKey = "set me"; // The default secret key header('Content-type:application/json;charset=utf-8'); // Set the response content type to JSON @@ -80,19 +81,38 @@ function returnJson($data): void die(); } +/** + * Log to nginx + */ +function logToNginx($message): void +{ + error_log($message); +} + try { $secret = $_POST['secret']; // The secret key $file = $_FILES['sharex']; // The uploaded file + // Page to show if someone visits the upload page + if (!$secret && !$file) { + returnJson(array( + 'status' => 'OK', + 'url' => 'Welcome to the ShareX PHP Uploader! v' . $SCRIPT_VERSION, + // Remove this if you don't want to show the support URL + 'support' => "For support, visit - https://git.fascinated.cc/Fascinated/sharex-php-uploader", + 'timeTaken' => getTimeTaken() + )); + die(); + } + // Check if the token is valid if (!checkSecret($secret)) { returnJson(array( 'status' => 'ERROR', 'url' => 'Invalid or missing upload secret', - // Remove this if you don't want to show the support URL - 'support' => "For support, visit - https://git.fascinated.cc/Fascinated/sharex-php-uploader", 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted with an invalid secret key: " . $secret); die(); } @@ -103,6 +123,7 @@ try { 'url' => 'You need to set your upload secret in the configuration section of the upload.php file', 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted with the default secret key"); die(); } @@ -113,23 +134,26 @@ try { 'url' => 'No file was uploaded', 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted without providing a file"); die(); } - $target_file = preg_replace("/[^A-Za-z0-9_.]/", '', $_FILES["sharex"]["name"]); // Remove unwanted characters - $fileType = pathinfo($target_file, PATHINFO_EXTENSION); // File extension (e.g. png, jpg, etc.) + $originalFileName = preg_replace("/[^A-Za-z0-9_.]/", '', $_FILES["sharex"]["name"]); // Remove unwanted characters + $fileType = pathinfo($originalFileName, PATHINFO_EXTENSION); // File extension (e.g. png, jpg, etc.) + $fileSize = $_FILES["sharex"]["size"]; // File size in bytes // Check if the file already exists - if (file_exists($uploadDir . $target_file)) { + if (file_exists($uploadDir . $originalFileName)) { returnJson(array( 'status' => 'ERROR', 'url' => 'File already exists', 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted with a file that already exists: " . $originalFileName); die(); } - $finalName = $target_file; // The final name of the file + $finalName = $originalFileName; // The final name of the file if ($useRandomFileNames) { // Generate a random file name if enabled $finalName = generateRandomString($fileNameLength) . "." . $fileType; } @@ -155,6 +179,8 @@ try { $image->clear(); $image->destroy(); + $fileSize = filesize($webp_file); // Update the file size + // Update the final filename $finalName = $webp_file; $needsToBeSaved = false; @@ -169,6 +195,7 @@ try { 'url' => 'Failed to save file. Check the permissions of the upload directory.', 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted but the file could not be saved: " . $finalName); die(); } } @@ -177,6 +204,7 @@ try { 'url' => $finalName, 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was successful. original id: $originalFileName, final id: $finalName, size: $fileSize"); die(); } catch (Exception $e) { // Handle any errors returnJson(array( @@ -184,5 +212,6 @@ try { 'url' => $e->getMessage(), 'timeTaken' => getTimeTaken() )); + logToNginx("An upload was attempted but an error occurred: " . $e->getMessage()); die(); } From 71e2cf21bebfba9c4b67c49375511eee9312f58e Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:37:39 +0100 Subject: [PATCH 02/13] add gzip open file caching --- docker/nginx.conf | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/docker/nginx.conf b/docker/nginx.conf index d9c5049..a3a1e68 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -22,6 +22,20 @@ http { root /var/www/html; index index.html index.htm; + # TCP optimizations + tcp_nopush on; + tcp_nodelay on; + + # Gzip + sendfile on; + gzip on; + gzip_disable "msie6"; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 8; + gzip_buffers 16 64k; + gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript; + client_max_body_size 500M; # Will get replaced by the environment variable MAX_UPLOAD_SIZE location /upload.php { @@ -38,8 +52,12 @@ http { location / { expires 7d; + open_file_cache max=1000 inactive=60s; + open_file_cache_valid 60s; + open_file_cache_min_uses 1; + open_file_cache_errors on; + # Serve the file directly from disk try_files $uri $uri/ =404; } - } } \ No newline at end of file From c7574ecb800dfdc773137ff79ed6ed53801fd9b0 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:37:47 +0100 Subject: [PATCH 03/13] update comment --- upload.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/upload.php b/upload.php index 6360fbe..53c4b0f 100644 --- a/upload.php +++ b/upload.php @@ -93,7 +93,7 @@ try { $secret = $_POST['secret']; // The secret key $file = $_FILES['sharex']; // The uploaded file - // Page to show if someone visits the upload page + // Page to show if someone visits the upload script if (!$secret && !$file) { returnJson(array( 'status' => 'OK', From 19f9d5783108ad1a67e61d98e26347e1674730fc Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:39:52 +0100 Subject: [PATCH 04/13] change logging in nginx to not show ip --- docker/nginx.conf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/docker/nginx.conf b/docker/nginx.conf index a3a1e68..48b4467 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -38,6 +38,10 @@ http { client_max_body_size 500M; # Will get replaced by the environment variable MAX_UPLOAD_SIZE + log_format main '[$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + location /upload.php { try_files $uri =404; From 5644761ceeee16f28cbd195bd2fe82dab4572b17 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:41:23 +0100 Subject: [PATCH 05/13] fix missing } --- docker/nginx.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/nginx.conf b/docker/nginx.conf index 48b4467..bd6f8ce 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -64,4 +64,5 @@ http { # Serve the file directly from disk try_files $uri $uri/ =404; } + } } \ No newline at end of file From aa606b5924772d7437c8b0d1ba2aa8e7e099503c Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:43:14 +0100 Subject: [PATCH 06/13] add auto restart to nginx and php --- docker/start.sh | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/docker/start.sh b/docker/start.sh index 5bd2356..9751857 100644 --- a/docker/start.sh +++ b/docker/start.sh @@ -26,8 +26,15 @@ sed -i "s/^post_max_size = .*/post_max_size = ${MAX_UPLOAD_SIZE}/" /etc/php/8.1/ # Set max upload size for nginx sed -i "s/client_max_body_size 500M;/client_max_body_size ${MAX_UPLOAD_SIZE};/" /etc/nginx/nginx.conf -# Start Nginx -echo "Starting PHP & Nginx" -/etc/init.d/php8.1-fpm start && -chmod 777 /run/php/php8.1-fpm.sock && -nginx -g 'daemon off;' \ No newline at end of file +function start() { + echo "Starting PHP & Nginx" + /etc/init.d/php8.1-fpm start && + chmod 777 /run/php/php8.1-fpm.sock && + nginx -g 'daemon off;' +} + +# Start Nginx and retry if it fails +until start; do + echo "Nginx failed to start, retrying in 5 seconds..." + sleep 5 +done \ No newline at end of file From 8ad2f46cc3e9cc53ca6af34a4c076e093a2dfb66 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:44:07 +0100 Subject: [PATCH 07/13] move log formatter --- docker/nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker/nginx.conf b/docker/nginx.conf index bd6f8ce..8b1e09d 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -6,6 +6,10 @@ http { access_log /dev/stdout; error_log /dev/stdout; + log_format main '[$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + include mime.types; default_type application/octet-stream; @@ -38,10 +42,6 @@ http { client_max_body_size 500M; # Will get replaced by the environment variable MAX_UPLOAD_SIZE - log_format main '[$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - location /upload.php { try_files $uri =404; From a24fe5843f5fe3a1b7dfea6f742035c8f2d3b7cc Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:46:36 +0100 Subject: [PATCH 08/13] add comments to nginx file --- docker/nginx.conf | 41 +++++++++++++++++++++-------------------- 1 file changed, 21 insertions(+), 20 deletions(-) diff --git a/docker/nginx.conf b/docker/nginx.conf index 8b1e09d..3106cd4 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -3,35 +3,34 @@ events { } http { - access_log /dev/stdout; - error_log /dev/stdout; + access_log /dev/stdout; # Log access to stdout + error_log /dev/stdout; # Log errors to stdout + # Log format log_format main '[$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; + '"$http_user_agent" "$http_x_forwarded_for"'; - include mime.types; - default_type application/octet-stream; + include mime.types; # Include the mime types file + default_type application/octet-stream; # Default type - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 15; - types_hash_max_size 4096; + sendfile on; # Send files directly from disk + keepalive_timeout 15; # Keep connections alive for 15 seconds + types_hash_max_size 4096; # Max number of mime types + + # TCP optimizations + tcp_nopush on; # Send headers in one packet + tcp_nodelay on; # Don't wait for packets to be full + server { - server_name _; - listen 80; + server_name _; # Listen on all hostnames + listen 80; # Listen on port 80 - root /var/www/html; - index index.html index.htm; - - # TCP optimizations - tcp_nopush on; - tcp_nodelay on; + root /var/www/html; # Serve files from /var/www/html + index index.html index.htm; # Serve index.html and index.htm by default # Gzip - sendfile on; gzip on; gzip_disable "msie6"; gzip_vary on; @@ -42,6 +41,7 @@ http { client_max_body_size 500M; # Will get replaced by the environment variable MAX_UPLOAD_SIZE + # Upload endpoint location /upload.php { try_files $uri =404; @@ -53,7 +53,8 @@ http { include fastcgi_params; } - location / { + # Serve your files + location / { expires 7d; open_file_cache max=1000 inactive=60s; From 0352cd247acde0b5db3e81a53e5f02bfbe50f309 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:49:22 +0100 Subject: [PATCH 09/13] actually use the log formatter --- docker/nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docker/nginx.conf b/docker/nginx.conf index 3106cd4..69bbfe1 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -3,13 +3,13 @@ events { } http { - access_log /dev/stdout; # Log access to stdout - error_log /dev/stdout; # Log errors to stdout - # Log format log_format main '[$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /dev/stdout main; # Log access to stdout + error_log /dev/stdout; # Log errors to stdout include mime.types; # Include the mime types file default_type application/octet-stream; # Default type From 41b064c1e3f58c8262787003ed80c83f12e307a8 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:54:21 +0100 Subject: [PATCH 10/13] remove useless things from the log and clean it up --- docker/nginx.conf | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docker/nginx.conf b/docker/nginx.conf index 69bbfe1..df0dc49 100644 --- a/docker/nginx.conf +++ b/docker/nginx.conf @@ -4,9 +4,7 @@ events { http { # Log format - log_format main '[$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; + log_format main '[$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"'; access_log /dev/stdout main; # Log access to stdout error_log /dev/stdout; # Log errors to stdout From 7d2e2b69d2b1df3e26f27f1ea9ff85977412e5a8 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Fri, 7 Jul 2023 23:59:27 +0100 Subject: [PATCH 11/13] fix error in nginx logs --- upload.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/upload.php b/upload.php index 53c4b0f..9ce8692 100644 --- a/upload.php +++ b/upload.php @@ -90,11 +90,11 @@ function logToNginx($message): void } try { - $secret = $_POST['secret']; // The secret key - $file = $_FILES['sharex']; // The uploaded file + $secret = isset($_POST['secret']) ? $_POST['secret'] : null; // The secret key + $file = isset($_FILES['sharex']) ? $_FILES['sharex'] : null; // The uploaded file // Page to show if someone visits the upload script - if (!$secret && !$file) { + if ($secret == null && $file == null) { returnJson(array( 'status' => 'OK', 'url' => 'Welcome to the ShareX PHP Uploader! v' . $SCRIPT_VERSION, From d89ed9e17df3b995c9c4ed185afb0a1a7c2a6d12 Mon Sep 17 00:00:00 2001 From: Fascinated Date: Sat, 8 Jul 2023 00:03:09 +0100 Subject: [PATCH 12/13] alpine tests --- Dockerfile | 12 +++++------- docker/start.sh | 21 +++++++++++---------- 2 files changed, 16 insertions(+), 17 deletions(-) diff --git a/Dockerfile b/Dockerfile index b4beec2..676e357 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,10 @@ -FROM ubuntu:23.04 +FROM alpine:3.14 # Install dependencies -RUN apt update -RUN DEBIAN_FRONTEND=noninteractive \ -apt install nginx php8.1 php8.1-fpm php8.1-gd php8.1-imagick -y - -# Clean up -RUN apt clean +RUN apk update && \ + apk upgrade && \ + apk add --no-cache nginx php8.1 php8.1-fpm php8.1-gd php8.1-imagick && \ + rm -rf /var/cache/apk/* # Set up nginx COPY ./docker/nginx.conf /etc/nginx/nginx.conf diff --git a/docker/start.sh b/docker/start.sh index 9751857..adc3992 100644 --- a/docker/start.sh +++ b/docker/start.sh @@ -1,18 +1,20 @@ -if [[ -z "${MAX_UPLOAD_SIZE}" ]]; then +#!/bin/sh + +if [ -z "$MAX_UPLOAD_SIZE" ]; then MAX_UPLOAD_SIZE="8M" # Default fallback value fi echo "Checking if upload script exists in /var/www/html" if [ -f "/var/www/html/upload.php" ]; then - echo "Upload script was found, ignoring copy." + echo "Upload script was found, ignoring copy." else - cp /tmp/upload.php /var/www/html - echo "Upload script was not found, copying it." + cp /tmp/upload.php /var/www/html + echo "Upload script was not found, copying it." fi # Letting php know that we are running in docker -echo "env[DOCKER] = true" >> /etc/php/8.1/fpm/pool.d/www.conf -echo "clear_env = no" >> /etc/php/8.1/fpm/pool.d/www.conf +echo "env[DOCKER] = true" >> /etc/php8/php-fpm.d/www.conf +echo "clear_env = no" >> /etc/php8/php-fpm.d/www.conf echo "Setting permissions for upload script" chmod 777 /var/www/html/upload.php @@ -20,16 +22,15 @@ chmod 777 /var/www/html/upload.php echo "Setting max upload size to ${MAX_UPLOAD_SIZE}" # Set max upload size for php -sed -i "s/^upload_max_filesize = .*/upload_max_filesize = ${MAX_UPLOAD_SIZE}/" /etc/php/8.1/fpm/php.ini -sed -i "s/^post_max_size = .*/post_max_size = ${MAX_UPLOAD_SIZE}/" /etc/php/8.1/fpm/php.ini +sed -i "s/^upload_max_filesize = .*/upload_max_filesize = ${MAX_UPLOAD_SIZE}/" /etc/php8/php.ini +sed -i "s/^post_max_size = .*/post_max_size = ${MAX_UPLOAD_SIZE}/" /etc/php8/php.ini # Set max upload size for nginx sed -i "s/client_max_body_size 500M;/client_max_body_size ${MAX_UPLOAD_SIZE};/" /etc/nginx/nginx.conf function start() { echo "Starting PHP & Nginx" - /etc/init.d/php8.1-fpm start && - chmod 777 /run/php/php8.1-fpm.sock && + php-fpm8 && nginx -g 'daemon off;' } From f83830443b4906d13ca56877303732a64979e21b Mon Sep 17 00:00:00 2001 From: Lee Date: Fri, 7 Jul 2023 23:04:51 +0000 Subject: [PATCH 13/13] revert d89ed9e17df3b995c9c4ed185afb0a1a7c2a6d12 revert alpine tests --- Dockerfile | 12 +++++++----- docker/start.sh | 21 ++++++++++----------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 676e357..b4beec2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,12 @@ -FROM alpine:3.14 +FROM ubuntu:23.04 # Install dependencies -RUN apk update && \ - apk upgrade && \ - apk add --no-cache nginx php8.1 php8.1-fpm php8.1-gd php8.1-imagick && \ - rm -rf /var/cache/apk/* +RUN apt update +RUN DEBIAN_FRONTEND=noninteractive \ +apt install nginx php8.1 php8.1-fpm php8.1-gd php8.1-imagick -y + +# Clean up +RUN apt clean # Set up nginx COPY ./docker/nginx.conf /etc/nginx/nginx.conf diff --git a/docker/start.sh b/docker/start.sh index adc3992..9751857 100644 --- a/docker/start.sh +++ b/docker/start.sh @@ -1,20 +1,18 @@ -#!/bin/sh - -if [ -z "$MAX_UPLOAD_SIZE" ]; then +if [[ -z "${MAX_UPLOAD_SIZE}" ]]; then MAX_UPLOAD_SIZE="8M" # Default fallback value fi echo "Checking if upload script exists in /var/www/html" if [ -f "/var/www/html/upload.php" ]; then - echo "Upload script was found, ignoring copy." + echo "Upload script was found, ignoring copy." else - cp /tmp/upload.php /var/www/html - echo "Upload script was not found, copying it." + cp /tmp/upload.php /var/www/html + echo "Upload script was not found, copying it." fi # Letting php know that we are running in docker -echo "env[DOCKER] = true" >> /etc/php8/php-fpm.d/www.conf -echo "clear_env = no" >> /etc/php8/php-fpm.d/www.conf +echo "env[DOCKER] = true" >> /etc/php/8.1/fpm/pool.d/www.conf +echo "clear_env = no" >> /etc/php/8.1/fpm/pool.d/www.conf echo "Setting permissions for upload script" chmod 777 /var/www/html/upload.php @@ -22,15 +20,16 @@ chmod 777 /var/www/html/upload.php echo "Setting max upload size to ${MAX_UPLOAD_SIZE}" # Set max upload size for php -sed -i "s/^upload_max_filesize = .*/upload_max_filesize = ${MAX_UPLOAD_SIZE}/" /etc/php8/php.ini -sed -i "s/^post_max_size = .*/post_max_size = ${MAX_UPLOAD_SIZE}/" /etc/php8/php.ini +sed -i "s/^upload_max_filesize = .*/upload_max_filesize = ${MAX_UPLOAD_SIZE}/" /etc/php/8.1/fpm/php.ini +sed -i "s/^post_max_size = .*/post_max_size = ${MAX_UPLOAD_SIZE}/" /etc/php/8.1/fpm/php.ini # Set max upload size for nginx sed -i "s/client_max_body_size 500M;/client_max_body_size ${MAX_UPLOAD_SIZE};/" /etc/nginx/nginx.conf function start() { echo "Starting PHP & Nginx" - php-fpm8 && + /etc/init.d/php8.1-fpm start && + chmod 777 /run/php/php8.1-fpm.sock && nginx -g 'daemon off;' }