<?php

const HASH_ALGOS = array('md5', 'sha1', 'sha256', 'sha512');

/**
 * @author Gernot WALZL
 */
class ChecksumHTML {

    function println($msg) {
        print($msg."\n");
    }

    function print_head($title='PHP File Checksum') {
        $this->println('<!DOCTYPE html>');
        $this->println('<html lang="en">');
        $this->println('<head>');
        $this->println('<meta charset="utf-8" />');
        $this->println('<title>'.$title.'</title>');
        $this->println('<meta name="viewport" '.
            'content="width=device-width, initial-scale=1.0" />');
        $this->println('</head>');
        $this->println('<body>');
    }

    function print_foot() {
        $this->println('</body>');
        $this->println('</html>');
    }

    function print_form($filename='', $algo_selected='') {
        if (empty($filename)) {
            $filename = basename(__FILE__);
        }
        $this->println('<form method="get" action="'.$_SERVER['PHP_SELF'].'">');
        $this->println('<table>');
        $this->println('<tr>');
        $this->println('<td><label for="filename">Filename:</label></td>');
        $this->println('<td><input type="text" id="filename" name="filename" '.
                       'value="'.htmlentities($filename).'" /></td>');
        $this->println('</tr>');
        $this->println('<tr>');
        $this->println('<td><label for="algo">Algo:</label></td>');
        $this->println('<td><select id="algo" name="algo">');
        foreach (HASH_ALGOS as $algo) {
            if ($algo == $algo_selected) {
                $this->println('<option value="'.$algo.'" selected>'.
                    $algo.'</option>');
            } else {
                $this->println('<option value="'.$algo.'">'.
                    $algo.'</option>');
            }
        }
        $this->println('</select></td>');
        $this->println('</tr>');
        $this->println('</table>');
        $this->println('<p>');
        $this->println('<input type="submit" value="Hash File" />');
        $this->println('</p>');
        $this->println('</form>');
    }

    function print_info() {
        $this->println('<h1>PHP File Checksum</h1>');
     }

    function print_error() {
        $this->println('<p><strong>Error:</strong> '.
            'The given filename is not valid.</p>');
    }

    function print_checksum($checksum, $filename) {
        $this->println('<pre>'.$checksum.'  '.$filename);
        $this->println('</pre>');
    }

}

function is_valid_filename($filename) {
    $result = false;
    if (!empty($filename)) {
        if (!stristr($filename, '..')) {
            $full_filename = dirname(__FILE__).'/'.$filename;
            if (is_file($full_filename) and is_readable($full_filename)) {
                $result = true;
            }
        }
    }
    return $result;
}

$filename = '';
if (!empty($_GET['filename'])) {
    $filename = $_GET['filename'];
}
$algo = 'sha256';
if (isset($_GET['algo'])) {
    if (in_array($_GET['algo'], HASH_ALGOS)) {
        $algo = $_GET['algo'];
    }
}

$html_checksum = new ChecksumHTML();
if (is_valid_filename($filename)) {
    $html_checksum->print_head('hash_file(\''.$algo.'\', \''.$filename.'\')');
    $checksum = hash_file($algo, dirname(__FILE__).'/'.$filename);
    $html_checksum->print_checksum($checksum, $filename);
} else {
    $html_checksum->print_head();
    $html_checksum->print_info();
    if (!empty($filename)) {
        $html_checksum->print_error();
    }
    $html_checksum->print_form($filename, $algo);
}
$html_checksum->print_foot();

?>