Tul xxx Tul
User / IP
:
216.73.216.159
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
progressgym
/
modules
/
biblioteca
/
Viewing: actions.php
<?php /** * Ocean Library actions. */ ob_start(); require_once __DIR__ . '/library_helpers.php'; register_shutdown_function(function () { $error = error_get_last(); if (!$error || !in_array($error['type'], [E_ERROR, E_PARSE, E_CORE_ERROR, E_COMPILE_ERROR], true)) { return; } if (headers_sent()) { return; } if (ob_get_level() > 0) { @ob_clean(); } http_response_code(500); header('Content-Type: application/json; charset=utf-8'); echo json_encode([ 'success' => false, 'error' => 'El servidor corto la subida. Revisa el formato o intenta con un archivo mas liviano.', ], JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); }); if (empty($_SESSION['user_id'])) { ol_json(['success' => false, 'error' => 'Sesion expirada.'], 401); } $contentLength = (int) ($_SERVER['CONTENT_LENGTH'] ?? 0); $postLimit = ol_ini_size_to_bytes((string) ini_get('post_max_size')); if ($_SERVER['REQUEST_METHOD'] === 'POST' && $postLimit > 0 && $contentLength > $postLimit) { ol_json([ 'success' => false, 'error' => 'El archivo supera el limite del servidor (' . ol_format_size($postLimit) . ').', ], 413); } $db = getDB(); $uid = (int) $_SESSION['user_id']; $duo = getDuoId(); ol_ensure_schema($db); ol_ensure_default_folder($db, $uid, $duo); $raw = file_get_contents('php://input'); $json = json_decode($raw ?: '', true); if (!is_array($json)) { $json = []; } $action = $_POST['action'] ?? $_GET['action'] ?? $json['action'] ?? ''; function ol_input(string $key, $default = null) { global $json; if (array_key_exists($key, $_POST)) return $_POST[$key]; if (array_key_exists($key, $_GET)) return $_GET[$key]; if (is_array($json) && array_key_exists($key, $json)) return $json[$key]; return $default; } function ol_require_file(PDO $db, int $uid, int $duo, int $fileId): array { $file = ol_fetch_file($db, $uid, $duo, $fileId); if (!$file) { ol_json(['success' => false, 'error' => 'Documento no encontrado.'], 404); } return $file; } function ol_release_session_lock(): void { if (session_status() === PHP_SESSION_ACTIVE) { session_write_close(); } } if ($action === 'list_state') { $fileId = (int) ol_input('file_id', 0); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo, $fileId)]); } if ($action === 'create_folder') { $name = trim((string) ol_input('name', '')); if ($name === '') { ol_json(['success' => false, 'error' => 'Escribe un nombre para la carpeta.'], 400); } if (strlen($name) > 180) { $name = substr($name, 0, 180); } $stmt = $db->prepare("INSERT INTO ocean_library_folders (user_id, duo_id, name, folder_order) VALUES (?, ?, ?, ?)"); $stmt->execute([$uid, $duo, $name, time()]); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo)]); } if ($action === 'rename_folder') { $folderId = (int) ol_input('folder_id', 0); $name = trim((string) ol_input('name', '')); if ($folderId <= 0 || $name === '') { ol_json(['success' => false, 'error' => 'Carpeta invalida.'], 400); } $stmt = $db->prepare("UPDATE ocean_library_folders SET name = ? WHERE id = ? AND user_id = ? AND duo_id = ?"); $stmt->execute([substr($name, 0, 180), $folderId, $uid, $duo]); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo)]); } if ($action === 'delete_folder') { $folderId = (int) ol_input('folder_id', 0); if ($folderId <= 0) { ol_json(['success' => false, 'error' => 'Carpeta invalida.'], 400); } $db->prepare("UPDATE ocean_library_files SET folder_id = NULL WHERE folder_id = ? AND user_id = ? AND duo_id = ?") ->execute([$folderId, $uid, $duo]); $db->prepare("DELETE FROM ocean_library_folders WHERE id = ? AND user_id = ? AND duo_id = ?") ->execute([$folderId, $uid, $duo]); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo)]); } if ($action === 'upload_file') { if (empty($_FILES['file'])) { ol_json(['success' => false, 'error' => 'No llego ningun archivo al servidor. Intenta de nuevo o revisa el tamano.'], 400); } $file = $_FILES['file']; if (($file['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) { ol_json(['success' => false, 'error' => ol_upload_error_message((int) ($file['error'] ?? UPLOAD_ERR_NO_FILE))], 400); } if (($file['size'] ?? 0) > 35 * 1024 * 1024) { ol_json(['success' => false, 'error' => 'El archivo supera 35 MB.'], 400); } $original = (string) ($file['name'] ?? 'documento'); $ext = strtolower(pathinfo($original, PATHINFO_EXTENSION)); $allowed = ['pdf', 'doc', 'docx', 'ppt', 'pptx', 'xls', 'xlsx', 'txt', 'md', 'csv', 'rtf', 'png', 'jpg', 'jpeg', 'webp']; if (!in_array($ext, $allowed, true)) { ol_json(['success' => false, 'error' => 'Formato no soportado todavia. Sube PDF, Word, PowerPoint, Excel, texto o imagen.'], 400); } $folderId = (int) ol_input('folder_id', 0); if ($folderId > 0) { $check = $db->prepare("SELECT id FROM ocean_library_folders WHERE id = ? AND user_id = ? AND duo_id = ?"); $check->execute([$folderId, $uid, $duo]); if (!$check->fetchColumn()) $folderId = 0; } $safeBase = ol_safe_filename(pathinfo($original, PATHINFO_FILENAME)); $stored = 'ol_' . $uid . '_' . date('Ymd_His') . '_' . bin2hex(random_bytes(5)) . '_' . $safeBase . '.' . $ext; $target = ol_upload_dir() . $stored; if (!move_uploaded_file($file['tmp_name'], $target)) { ol_json(['success' => false, 'error' => 'No se pudo guardar el archivo.'], 500); } $mime = mime_content_type($target) ?: (string) ($file['type'] ?? ''); $extract = ol_extract_text($target, $ext, $mime); $stmt = $db->prepare(" INSERT INTO ocean_library_files (user_id, duo_id, folder_id, original_name, stored_name, file_path, mime_type, extension, file_size, extracted_text, text_status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?) "); $stmt->execute([ $uid, $duo, $folderId > 0 ? $folderId : null, $original, $stored, 'uploads/ocean_library/' . $stored, $mime, $ext, (int) filesize($target), $extract['text'], $extract['status'], ]); $fileId = (int) $db->lastInsertId(); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo, $fileId)]); } if ($action === 'delete_file') { $fileId = (int) ol_input('file_id', 0); $file = ol_require_file($db, $uid, $duo, $fileId); $path = __DIR__ . '/../../' . ltrim((string) $file['file_path'], '/\\'); $db->prepare("DELETE FROM ocean_library_messages WHERE file_id = ? AND user_id = ? AND duo_id = ?")->execute([$fileId, $uid, $duo]); $db->prepare("DELETE FROM ocean_library_files WHERE id = ? AND user_id = ? AND duo_id = ?")->execute([$fileId, $uid, $duo]); if (is_file($path)) { @unlink($path); } ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo)]); } if ($action === 'move_file') { $fileId = (int) ol_input('file_id', 0); $folderId = (int) ol_input('folder_id', 0); ol_require_file($db, $uid, $duo, $fileId); if ($folderId > 0) { $check = $db->prepare("SELECT id FROM ocean_library_folders WHERE id = ? AND user_id = ? AND duo_id = ?"); $check->execute([$folderId, $uid, $duo]); if (!$check->fetchColumn()) { ol_json(['success' => false, 'error' => 'Carpeta no encontrada.'], 404); } } $db->prepare("UPDATE ocean_library_files SET folder_id = ? WHERE id = ? AND user_id = ? AND duo_id = ?") ->execute([$folderId > 0 ? $folderId : null, $fileId, $uid, $duo]); ol_json(['success' => true, 'state' => ol_build_state($db, $uid, $duo, $fileId)]); } if ($action === 'get_file') { $fileId = (int) ol_input('file_id', 0); $file = ol_require_file($db, $uid, $duo, $fileId); ol_json([ 'success' => true, 'file' => ol_map_file($file, true), 'messages' => ol_fetch_messages($db, $uid, $duo, $fileId), ]); } if ($action === 'chat') { $fileId = (int) ol_input('file_id', 0); $message = trim((string) ol_input('message', '')); if ($message === '') { ol_json(['success' => false, 'error' => 'Escribe una pregunta.'], 400); } $file = ol_require_file($db, $uid, $duo, $fileId); $docText = ol_clean_text((string) ($file['extracted_text'] ?? '')); if ($docText === '' || in_array((string) $file['text_status'], ['unsupported', 'visual_only', 'empty', 'error'], true)) { ol_json(['success' => false, 'error' => 'No hay texto suficiente para consultar este documento.'], 400); } $stmt = $db->prepare("INSERT INTO ocean_library_messages (file_id, user_id, duo_id, role, content) VALUES (?, ?, ?, 'user', ?)"); $stmt->execute([$fileId, $uid, $duo, $message]); $recent = ol_fetch_messages($db, $uid, $duo, $fileId, 12); [$system, $prompt] = ol_build_chat_prompt($file, $message, $recent); ol_release_session_lock(); $result = ol_call_gemma($system, $prompt, 0.22, 4096); if (!empty($result['error'])) { ol_json(['success' => false, 'error' => $result['error']], 502); } $reply = trim((string) $result['content']); $stmt = $db->prepare("INSERT INTO ocean_library_messages (file_id, user_id, duo_id, role, content) VALUES (?, ?, ?, 'assistant', ?)"); $stmt->execute([$fileId, $uid, $duo, $reply]); ol_json([ 'success' => true, 'reply' => $reply, 'messages' => ol_fetch_messages($db, $uid, $duo, $fileId), ]); } if ($action === 'summarize') { $fileId = (int) ol_input('file_id', 0); $mode = preg_replace('/[^a-z_]/', '', (string) ol_input('mode', 'summary')) ?: 'summary'; $file = ol_require_file($db, $uid, $duo, $fileId); $docText = ol_clean_text((string) ($file['extracted_text'] ?? '')); if ($docText === '') { ol_json(['success' => false, 'error' => 'No hay texto suficiente para trabajar este documento.'], 400); } [$system, $prompt] = ol_build_summary_prompt($file, $mode); ol_release_session_lock(); $result = ol_call_gemma($system, $prompt, 0.2, 4096); if (!empty($result['error'])) { ol_json(['success' => false, 'error' => $result['error']], 502); } $content = trim((string) $result['content']); $db->prepare("UPDATE ocean_library_files SET ai_summary = ? WHERE id = ? AND user_id = ? AND duo_id = ?") ->execute([$content, $fileId, $uid, $duo]); $db->prepare("INSERT INTO ocean_library_messages (file_id, user_id, duo_id, role, content) VALUES (?, ?, ?, 'assistant', ?)") ->execute([$fileId, $uid, $duo, $content]); $freshFile = ol_fetch_file($db, $uid, $duo, $fileId); ol_json([ 'success' => true, 'content' => $content, 'file' => ol_map_file($freshFile ?: $file, true), 'messages' => ol_fetch_messages($db, $uid, $duo, $fileId), ]); } if ($action === 'send_to_nexus') { $fileId = (int) ol_input('file_id', 0); $mode = (string) ol_input('mode', 'summary'); $custom = trim((string) ol_input('content', '')); $file = ol_require_file($db, $uid, $duo, $fileId); $content = $custom; if ($content === '') { $content = trim((string) ($file['ai_summary'] ?? '')); } if ($content === '') { $msgs = ol_fetch_messages($db, $uid, $duo, $fileId, 12); for ($i = count($msgs) - 1; $i >= 0; $i--) { if ($msgs[$i]['role'] === 'assistant') { $content = trim((string) $msgs[$i]['content']); break; } } } if ($content === '') { $content = "Documento guardado en Ocean Library.\n\n" . ol_cut(ol_clean_text((string) ($file['extracted_text'] ?? '')), 3000); } if ($content === '') { ol_json(['success' => false, 'error' => 'No hay contenido para enviar a Nexus.'], 400); } $titleBase = pathinfo((string) $file['original_name'], PATHINFO_FILENAME); $title = 'Ocean Library - ' . ($titleBase ?: 'Documento'); if ($mode === 'questions') $title .= ' / Preguntas'; if ($mode === 'key_points') $title .= ' / Claves'; $doc = ol_nexus_doc_from_text($title, $content, $file); $stmt = $db->prepare("INSERT INTO nexus_notes (usuario_id, duo_id, title, content, note_type, status, tags) VALUES (?, ?, ?, ?, 'study', 'active', ?)"); $stmt->execute([$uid, $duo, $title, $doc, 'ocean-library,documento']); ol_json(['success' => true, 'note_id' => (int) $db->lastInsertId(), 'title' => $title]); } ol_json(['success' => false, 'error' => 'Accion no reconocida.'], 400);
Coded With 💗 by
0x6ick