initial code commit

validate.php

@@ -0,0 +1,47 @@
+<?php
+
+if (!isset($_GET['token'])) {
+  echo 'No token specified!';
+  die(); 
+}
+
+require_once('db.php');
+
+$token = $_GET['token'];
+
+$query = $db->prepare("SELECT fileId FROM validations WHERE token=:token LIMIT 1;");
+$query->execute(array(':token' => $token));
+$validation = $query->fetchAll(PDO::FETCH_ASSOC);
+
+if (!isset($validation[0])) {
+  echo 'Invalid token specified!';
+  die(); 
+}
+
+$query = $db->prepare("SELECT * FROM files WHERE id=:fileId LIMIT 1;");
+$query->execute(array(':fileId' => $validation[0]['fileId']));
+$file = $query->fetchAll(PDO::FETCH_ASSOC);
+
+$file = $file[0];
+
+if (isset($_GET['download'])) {
+  header($_SERVER["SERVER_PROTOCOL"] . " 200 OK");
+  header("Cache-Control: public");
+  header("Content-Transfer-Encoding: Binary");
+  header("Content-Length:".filesize($file['filePath']));
+  header("Content-Disposition: attachment; filename=" . basename($file['filePath']));
+  readfile($file['filePath']);
+  die(); 
+} else if (isset($_GET['validate'])) {
+  $query = $db->prepare("UPDATE validations SET validated = 1 WHERE token=:token LIMIT 1;");
+  $query->execute(array(':token' => $token));
+} else if (isset($_GET['infringement'])) {
+  $query = $db->prepare("UPDATE validations SET validated = 0 WHERE token=:token LIMIT 1;");
+  $query->execute(array(':token' => $token));
+}
+
+?>
+
+<a href="validate.php?token=<?php echo $token; ?>&download">Download File</a><br \>
+<a href="validate.php?token=<?php echo $token; ?>&validate">Mark File as validated</a> <br \>
+<a href="validate.php?token=<?php echo $token; ?>&infringement">Report copyright infringement</a>