Lightweight and easy to install "anonymous" file sharing host.

- !WARNING!: Not safe, please read.
- !WARNING!: Not safe, please read.
- !WARNING!: Not safe, please read.

This implementation is just a proof of concept by someone who has no idea what they are doing.
It contains several security and implementation vulnerabilities.
DO NOT PUSH THIS CODE TO PROD! EVER!
It's more meant as a code example and an idea of how small a "pop up street stall" file host can be.

You make a web server, you unpack the missing folder into it. This folder contains 2 php scripts, some file icons and a folder where files go.
That's it. No sql, no accounts, no complex downloading and installing 37 repositories inside a docker container.
You ftp 2 php files to any random web site, now it's a file host.
Done.

"pop up street stall style" as in you can make a file sharing website anywhere in under a minute. it is very easy to install and run.
Because of this ease of use and the host having almost no idea what files are on there server, there are no admin tools or ways to banned / remove users or content.
You can delete files from the server if you need to free up space, but you will have no idea what you are deleting.
This also means that there is no api to upload files. Some sort of curl api would be cool, but way to easy to abuse, especially for small files size like this.
The small file size is meant as a fun throw back, it is the size of a 3.5" High density floppy. People use to cram all kinds of things onto those back in the day.
It also makes managing it a little easier as it's hundreds of people uploading small files, rather then hundreds of people uploading large files thing.
Your data usage over time will be less, but still a pain to manage without some sort of admin tool. And adding said tools may remove some of the anonymity of the site.

"anonymous" as in I really wanted this to be something like anonfiles (rip 😿) where you can just upload something, without an account, and it's just there.
However without the "we will auto delete whatever you upload in 90 days or less" thing. I just wanted a place to put random files without messing about with them or constantly checking if they are still online or not.
Dump'n'go. No need to worry about it ever, as long as the server is still up, the private key is still the same, the link should still be valid.
However, because I have no idea what i'm doing, ALL of the actions of this site are handled SERVER SIDE.
If you know anything about encryption, you know this is super trash. Like really bad.
php is server side only. So you upload a file to the server, it encrypts it and stores it.
You request a file, it decrypts it and sends it to you.
Did you catch that? The server is in charge of encrypting and decrypting the files.
So even know the files are stored encrypted, as soon as a valid link is given to decrypt it, that decryption is handled server side.
Both the checking how big a file is an encrypting it is also handled server side too.
So a "plain text" file is sent over the net, then checked and encrypted on the server.
It would be way to easy to "honey pot" this and just syphon off all the files people upload and download to a new folder that is not encrypted.
or some how get around the max file size thing as that is also checked server side after you upload something.
We should be doing this encryption and decryption locally on the clients side, but idk how to do that with out invoking the hell spawn that is JavaScript..
Might be able to do something in html5 but I like that this site works fine on an early 2000's web browser. It fits the whole vibe of the site and how I make things.
No need for flashy css or site animations. Quick, easy and fast. It "looking bad" is just an aesthetic choice. That I like.
Anyways enough rambling

Like I said, this is very easy and quick to setup.
Just download the , unpack the missing folder into the root of your webserver.
Then navigate to it like http://127.0.0.1/missing and you can now upload a file from there.
In the missing folder there is a info.html you might like to edit to tell users about your instance of the missing file host and who you are.

- !IMPORTANT!: You need to change the default private key.

Todo this, edit the file.php and index.php scripts, at the top of the scripts you will see a $key = variable. You need to change this to some other 30+ special char string.
This will ensure that you can't just move files from one host to another and they will still work. Also means your links only work on your site.
When editing this key, you need to make sure they are set to the same thing. index.php will encrypt your file, file.php will decrypt it. And they can't do that if they do not have the same key.

Now you have that all setup, you can go to the index page, click on browse to select a file from your computer, select something that is <= 1.44 MB.
Then click open. The filename should show next to the browse button, then you can just click upload.
As we are uploading a MB of data, this will happen quite quickly.
Once done, you will be taken to a new page, that has your link
http://127.0.0.1/missing/file?v=BygiSyAvG3YjfUhuOC4OSg8mGAYNeAEaR0kFDIziyjrgbbqikLp4ZNJqk8w
Now you can either click on the copy to clipboard button to well copy it, or just click on it to open it.
This will now bring you to the file.php script where you can see a little preview icon, the file name and file size, the MD5 checksum of the file, and our download button.
Just click the button to download it.
The file will now be fetched, decrypted and sent to you.

(well outside of making this thing "real" and actually useful)
Make some sort of setup.php script that will auto generate the private keys, stash them somewhere not on the root of the website, and then delete it's self.

As we are using a whole new file and padding it to "hide" it for file metadata, it would be awesome to allow for some sort of nfo file saving.
So you can save your scene / crack info with the file upload. And it would be displayed just under the file info and icon when you open the link.

Ok I did say outside of making this thing actually good, But we really do need to find a way to check file sizes locally before uploading them.

I know this implementation is bad, and it probably won't scale very well if say a thousand people tried to download things at once
But everyone has to start somewhere, and I wanted something small and lightweight to learn on.
It would be really awesome if I was smart enough to make this thing actually functional and launch it as a real site. But time, skill and money are the biggest killer there.
(and the law... errgh)
So It would be nice if someone came along and "fixed" this for me, added all the client side encryption and decryption code. But for now it's just a fun project to look at.
JUST DON'T, please don't, actually use it outside of a private network in this state.

Fun fact: As the site is so small (235 KB compressed) you can actuly upload the site to itself.