Fixed another duplicate hash issue.

2023-11-07 22:40:26 +00:00 · 2023-11-07 22:40:26 +00:00 · 2f47bef354
parent d669221869
commit 2f47bef354
4 changed files with 13 additions and 7 deletions
--- a/public/index.php
+++ b/public/index.php
@ -194,7 +194,7 @@ if($isApiDomain) {
        $hash = hash_file('sha256', $localFile);

        // this is stupid: dmca status is stored as a file record rather than in a separate table requiring this hack ass garbage
-        $uploadInfo = Upload::byUserHash($db, $userInfo, $hash) ?? Upload::byHash($db, $hash);
+        $uploadInfo = Upload::byAppUserHash($db, $appInfo, $userInfo, $hash) ?? Upload::byHash($db, $hash);

        if($uploadInfo !== null) {
            if($uploadInfo->isDMCA())
--- a/src/Auth/MisuzuAuth.php
+++ b/src/Auth/MisuzuAuth.php
@ -1,7 +1,7 @@
 <?php
 namespace EEPROM\Auth;

-use EEPROM\Config;
+use RuntimeException;
 use Index\Serialisation\Serialiser;

 class MisuzuAuth implements IAuth {
@ -47,10 +47,11 @@ class MisuzuAuth implements IAuth {
                    'X-SharpChat-Signature: ' . $signature,
                ],
            ]);
-            $userInfo = json_decode(curl_exec($login));
+            $rawUserInfo = curl_exec($login);
+            $userInfo = json_decode($rawUserInfo);
            curl_close($login);

-            return $userInfo->user_id;
+            return empty($userInfo->success) ? 0 : $userInfo->user_id;
        }

        return 0;
--- a/src/Auth/NabuccoAuth.php
+++ b/src/Auth/NabuccoAuth.php
@ -1,7 +1,6 @@
 <?php
 namespace EEPROM\Auth;

-use EEPROM\Config;
 use Index\Serialisation\UriBase64;

 class NabuccoAuth implements IAuth {
--- a/src/Upload.php
+++ b/src/Upload.php
@ -283,7 +283,12 @@ final class Upload {
        return self::constructDb($result);
    }

-    public static function byUserHash(IDbConnection $conn, User|string $userInfo, string $hash): ?self {
+    public static function byAppUserHash(
+        IDbConnection $conn,
+        Application|string $appInfo,
+        User|string $userInfo,
+        string $hash
+    ): ?self {
        $get = $conn->prepare(
            'SELECT `upload_id`, `app_id`, `user_id`, `upload_name`, `upload_type`, `upload_size`, `upload_bump`,'
            . ' UNIX_TIMESTAMP(`upload_created`) AS `upload_created`,'
@ -293,10 +298,11 @@ final class Upload {
            . ' UNIX_TIMESTAMP(`upload_dmca`) AS `upload_dmca`,'
            . ' INET6_NTOA(`upload_ip`) AS `upload_ip`,'
            . ' LOWER(HEX(`upload_hash`)) AS `upload_hash`'
-            . ' FROM `prm_uploads` WHERE `upload_hash` = UNHEX(?) AND `user_id` = ?'
+            . ' FROM `prm_uploads` WHERE `upload_hash` = UNHEX(?) AND `user_id` = ? AND `app_id` = ?'
        );
        $get->addParameter(1, $hash);
        $get->addParameter(2, $userInfo instanceof User ? $userInfo->getId() : $userInfo);
+        $get->addParameter(3, $appInfo instanceof Application ? $appInfo->getId() : $appInfo);
        $get->execute();
        $result = $get->getResult();