sandeshghanta · Shenr0n · Oct 22, 2017
diff --git a/get.py b/get.py
@@ -2,25 +2,25 @@
 import sys
 import requests
 filename = sys.argv[1] 
-password = str(raw_input("Enter the password for the file"))
-if (password == ""):
-    password = "null"
-r = requests.post("http://sharecode.co.nf/getcode.php?filename="+filename+"&password="+password+"&getname=true")
-localname = r.text
-r = requests.post("http://sharecode.co.nf/getcode.php?filename="+filename+"&password="+password)
-if (r.text == "False"):
+file_password = str(raw_input("Enter the password for the file"))
+if (file_password == ""):
+    file_password = "null"
+req = requests.post("http://sharecode.co.nf/getcode.php?filename="+filename+"&password="+file_password+"&getname=true")
+local_filename = req.text
+req = requests.post("http://sharecode.co.nf/getcode.php?filename="+filename+"&password="+file_password)
+if (req.text == "False"):
     print "Wrong combination of filename and password"
     exit(0)
 flag = True
 for i in os.listdir(os.getcwd()):
-	if (i == localname):
-		print "A file with the name " + localname + " already exists"
-		newname = str(raw_input("Enter new file name "))
-		if (newname != ""):
-			localname = newname
+	if (i == local_filename):
+		print "A file with the name " + local_filename + " already exists"
+		new_local_filename = str(raw_input("Enter new file name "))
+		if (new_local_filename != ""):
+			local_filename = new_local_filename
 		break
-file = open(localname,'w+')
-file.write(r.text)
+file = open(local_filename,'w+')
+file.write(req.text)
 file.close()
 
 
diff --git a/getcode.php b/getcode.php
@@ -1,18 +1,18 @@
 <?php
-	if (isset($_GET['filename']) && isset($_GET['password'])){
+	if (isset($_GET['filename']) && isset($_GET['file_password'])){
 		$host = "hiddenduetosecurityreasons";
 		$username = "hiddenduetosecurityreasons";
 		$password = "hiddenduetosecurityreasons";
 		$link = mysqli_connect($host, $username, $password);
 		mysqli_select_db($link,"hiddenduetosecurityreasons");
-		$command = "select * from data where savedname = '".$_GET['filename']."' and password = '".$_GET['password']."';";
-		$result = mysqli_query($link,$command);
-		if (mysqli_num_rows($result) === 0){
+		$get_query = "select * from data where savedname = '".$_GET['filename']."' and password = '".$_GET['file_password']."';";
+		$get_result = mysqli_query($link,$get_query);
+		if (mysqli_num_rows($get_result) === 0){
 			echo "False";
 		}
 		else{
-			$data = mysqli_fetch_row($result);
-			$filename = $data[0];
+			$file_data = mysqli_fetch_row($get_result);
+			$filename = $file_data[0];
                         if (isset($_GET['getname'])){
                                 echo $filename;
                                 exit;
@@ -24,7 +24,7 @@
                         header('Expires: 0');
                         header('Cache-Control: must-revalidate');
                         header('Pragma: public');
-                        header('Content-Length: ' . filesize($name));
+                        header('Content-Length: ' . filesize($filename));
                         ob_clean();
                         flush();
                         readfile("files/".$_GET['filename']); //showing the path to the server where the file is to be download

diff --git a/server.php b/server.php
@@ -1,5 +1,5 @@
 <?php
-	if (isset($_GET['filename']) && isset($_GET['password'])){
+	if (isset($_GET['filename']) && isset($_GET['file_password'])){
 		$host = "hiddenduetosecurityreasons";
 		$username = "hiddenduetosecurityreasons";
 		$password = "hiddenduetosecurityreasons";
@@ -11,9 +11,9 @@
 			$filename = substr(str_shuffle(str_repeat("0123456789abcdefghijklmnopqrstuvwxyz", 5)), 0, 5);
 			$command = "select * from data where savedname ='".$filename."';";
 		}
-		$command = "insert into data (filename,savedname,password) values ('" . $_GET['filename'] . "','" . $filename . "','" . $_GET['password'] . "');";
-		$result = mysqli_query($link,$command);
-		if ($result){
+		$insert_query = "insert into data (filename,savedname,password) values ('" . $_GET['filename'] . "','" . $filename . "','" . $_GET['file_password'] . "');";
+		$result = mysqli_query($link,$insert_query);
+		if ($insert_query){
 			move_uploaded_file($_FILES["file"]["tmp_name"],'files/'.$filename);
 			echo "File Uploaded Successfully\n"
 			echo "Command to get your file 'get.py ".$filename."'\n";