Created
July 29, 2017 12:18
-
-
Save qfdk/8e698724bd75358e8b52c40e846e1390 to your computer and use it in GitHub Desktop.
树洞外链python 上传方案
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| ''' | |
| SDshare Server Script For Python | |
| Ver:1.0 | |
| E-mail:abslant@126.com | |
| ''' | |
| from flask import Flask,request,make_response,abort | |
| from werkzeug import secure_filename | |
| import json,base64,hashlib,time,random,os | |
| from os.path import join, getsize | |
| app = Flask(__name__) | |
| #please enter your token here: | |
| token = 'YOUR TOKEN'; | |
| def getdirsize(dir): | |
| size = 0L | |
| for root, dirs, files in os.walk(dir): | |
| size += sum([getsize(join(root, name)) for name in files]) | |
| return size | |
| def decode_base64(data): | |
| missing_padding = 4 - len(data) % 4 | |
| if missing_padding: | |
| data += b'='* missing_padding | |
| return base64.decodestring(data) | |
| @app.route('/',methods=['GET', 'POST', 'OPTIONS']) | |
| def fileServer(): | |
| if request.method == 'OPTIONS': | |
| response = make_response("OPTIONS") | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| elif request.method == 'GET': | |
| return 'Shudong File Server For Python <br>Ver:1.0' | |
| elif request.method == 'POST': | |
| fileAction = request.form.get('action','') | |
| if fileAction == '': | |
| upToken = request.form.get('token','').split('|') | |
| uploadConfig = json.loads(decode_base64(upToken[0])) | |
| if hashlib.md5(token+decode_base64(upToken[0])).hexdigest().lower() <> upToken[1]: | |
| resContent = "{\"error\":\"bad token\"}" | |
| code = 400 | |
| else: | |
| upFlie = request.files['file'] | |
| if uploadConfig['autoName'] == 'true': | |
| fileName = uploadConfig['nameRule'].replace("{date}", time.strftime("%Y%m%d%H%M%S",time.localtime(time.time()))) | |
| fileName = fileName.replace("{time}", str(time.time()).replace(".","")) | |
| fileName = fileName.replace("{rand4}", str(random.randint(1000, 9999))) | |
| fileName = fileName.replace("{rand8}", str(random.randint(10000000, 99999999))) | |
| filrType = secure_filename(upFlie.filename).split(".") | |
| fileName = fileName+"."+filrType[-1] | |
| else: | |
| fileName = secure_filename(upFlie.filename) | |
| if os.path.exists(uploadConfig['fileDir']+"/"+fileName): | |
| resContent = "{\"error\":\"file exists\"}" | |
| code = 400 | |
| else: | |
| ALLOWED_EXTENSIONS = uploadConfig['fileEnd'].split(",") | |
| fileCheck = '.' in fileName and fileName.split('.')[1] in ALLOWED_EXTENSIONS | |
| if fileCheck: | |
| upFlie.save(uploadConfig['fileDir']+"/"+fileName) | |
| filrSizeNow = os.path.getsize(uploadConfig['fileDir']+"/"+fileName) | |
| if filrSizeNow>uploadConfig['fileSize']: | |
| os.remove(uploadConfig['fileDir']+"/"+fileName) | |
| resContent = "{\"error\":\" The file is too big\"}" | |
| code = 400 | |
| else: | |
| resContent = "{\"hash\":\" no\",\"key\":\""+fileName+"\"}" | |
| code = 200 | |
| else: | |
| resContent = "{\"error\":\" bad request\"}" | |
| code = 400 | |
| response = make_response(resContent,code) | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| elif fileAction == "info": | |
| if hashlib.md5(request.form.get('filename','')+"info"+token).hexdigest().lower() <> request.form.get('token',''): | |
| resContent = "{\"error\":\"bad token\"}" | |
| response = make_response("badtoken",200) | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| else: | |
| fileSizeGet = os.path.getsize(request.form.get('filedir','')+"/"+request.form.get('filename','')) | |
| response = make_response(str(fileSizeGet)+"."+"None",200) | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| elif fileAction == "delete": | |
| if hashlib.md5(request.form.get('filename','')+"delete"+token).hexdigest().lower() <> request.form.get('token',''): | |
| resContent = "{\"error\":\"bad token\"}" | |
| response = make_response("badtoken",200) | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| else: | |
| os.remove(request.form.get('filedir','')+"/"+request.form.get('filename','')) | |
| response = make_response("ok",200) | |
| response.headers['Access-Control-Allow-Origin'] = '*' | |
| return response | |
| if __name__ == '__main__': | |
| #change port here: | |
| app.run(port=8000,host='0.0.0.0') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment