diff --git a/README.md b/README.md
index 6e36c0a..a4b66ef 100644
--- a/README.md
+++ b/README.md
@@ -31,7 +31,8 @@ Table of contents
 - [x] Duplicate detection
 - [x] Write permission detection
 - [x] Delete codes for every uploaded file
-- [ ] Upload via link
+- [x] Upload via link/url
+- [x] Upload via base64
 - [ ] Autodestruct for every uploaded file
 
 ### Config options
diff --git a/api/base64.php b/api/base64.php
new file mode 100644
index 0000000..c569951
--- /dev/null
+++ b/api/base64.php
@@ -0,0 +1,123 @@
+<?php
+// basic path definitions
+define('DS', DIRECTORY_SEPARATOR);
+define('ROOT', dirname(__FILE__).'/..');
+
+//loading default settings if exist
+if(!file_exists(ROOT.DS.'inc'.DS.'config.inc.php'))
+	exit('Rename /inc/example.config.inc.php to /inc/config.inc.php first!');
+include_once(ROOT.DS.'inc'.DS.'config.inc.php');
+
+//loading core and controllers
+include_once(ROOT . DS . 'inc' . DS. 'core.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'image'. DS . 'image.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'text'. DS . 'text.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'url'. DS . 'url.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'video'. DS . 'video.controller.php');
+
+// check write permissions first
+if(!isFolderWritable(ROOT.DS.'data'))
+    exit(json_encode(array('status'=>'err','reason'=>'Data directory not writable')));
+else if(!isFolderWritable(ROOT.DS.'tmp'))
+    exit(json_encode(array('status'=>'err','reason'=>'Temp directory not writable')));
+
+$hash = sanatizeString(trim($_REQUEST['hash']))?sanatizeString(trim($_REQUEST['hash'])):false;
+
+// check for POSTed text
+if($_REQUEST['base64'])
+{
+    $data = $_REQUEST['base64'];
+    $format = $_REQUEST['format'];
+
+    $tmpfile = ROOT.DS.'tmp'.DS.md5(rand(0,10000).time()).time();
+
+    base64ToFile($data, $tmpfile);
+
+    //check for duplicates
+    $sha1 = sha1_file($tmpfile);
+    $ehash = sha1Exists($sha1);
+    if($ehash && file_exists(ROOT.DS.'data'.DS.$ehash.DS.$ehash))
+        exit(json_encode(array('status'=>'ok','hash'=>$ehash,'url'=>URL.$ehash)));
+            
+    //get the file type
+    $type = getTypeOfFile($tmpfile);
+
+    //cross check filetype for controllers
+    //
+    //image?
+    if(in_array($type,(new ImageController)->getRegisteredExtensions()))
+    {
+        $answer = (new ImageController())->handleUpload($tmpfile,$hash);
+    }
+    //or, a text
+    else if($type=='text')
+    {
+        $answer = (new TextController())->handleUpload($tmpfile,$hash);
+    }
+    //or, a video
+    else if(in_array($type,(new VideoController)->getRegisteredExtensions()))
+    {
+        $answer = (new VideoController())->handleUpload($tmpfile,$hash);
+    }
+
+    if(!$answer)
+        $answer = array('status'=>'err','reason'=>'Unsupported filetype','filetype'=>$type);
+
+    if($answer['hash'] && $answer['status']=='ok')
+    {
+        $answer['filetype'] = $type;
+        //add this sha1 to the list
+        addSha1($answer['hash'],$sha1);
+        
+        if(getDeleteCodeOfHash($answer['hash']))
+        {
+            $answer['delete_code'] = getDeleteCodeOfHash($answer['hash']);
+            $answer['delete_url'] = URL.'delete_'.getDeleteCodeOfHash($answer['hash']).'/'.$answer['hash'];
+        }
+        
+        // Lets' check all storage controllers and tell them that a new file was uploaded
+        $sc = getStorageControllers();
+        foreach($sc as $contr)
+        {
+            if((new $contr())->isEnabled()===true)
+                (new $contr())->pushFile($answer['hash']);
+        }
+    }
+    
+        echo json_encode($answer);   
+}
+
+
+
+
+function base64_to_type($base64_string)
+{
+	$data = explode(',', $base64_string);
+	$data = $data[1];
+
+	$data = str_replace(' ','+',$data);
+	$data = base64_decode($data);
+
+	$info = getimagesizefromstring($data);
+	
+	
+
+	trigger_error("########## FILETYPE: ".$info['mime']);
+
+
+	$f = finfo_open();
+	$type = finfo_buffer($f, $data, FILEINFO_MIME_TYPE);
+
+	return $type;
+}
+
+function base64ToFile($base64_string, $output_file)
+{
+	$data = explode(',', $base64_string);
+	$data = $data[1];
+	$data = str_replace(' ','+',$data);
+    $data = base64_decode($data);
+    $ifp = fopen( $output_file, 'wb' ); 
+    fwrite( $ifp, $data );
+    fclose( $ifp ); 
+}
\ No newline at end of file
diff --git a/api/geturl.php b/api/geturl.php
new file mode 100644
index 0000000..1465307
--- /dev/null
+++ b/api/geturl.php
@@ -0,0 +1,123 @@
+<?php
+// basic path definitions
+define('DS', DIRECTORY_SEPARATOR);
+define('ROOT', dirname(__FILE__).'/..');
+
+//loading default settings if exist
+if(!file_exists(ROOT.DS.'inc'.DS.'config.inc.php'))
+	exit('Rename /inc/example.config.inc.php to /inc/config.inc.php first!');
+include_once(ROOT.DS.'inc'.DS.'config.inc.php');
+
+//loading core and controllers
+include_once(ROOT . DS . 'inc' . DS. 'core.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'image'. DS . 'image.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'text'. DS . 'text.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'url'. DS . 'url.controller.php');
+require_once(ROOT . DS . 'content-controllers' . DS. 'video'. DS . 'video.controller.php');
+
+// check write permissions first
+if(!isFolderWritable(ROOT.DS.'data'))
+    exit(json_encode(array('status'=>'err','reason'=>'Data directory not writable')));
+else if(!isFolderWritable(ROOT.DS.'tmp'))
+    exit(json_encode(array('status'=>'err','reason'=>'Temp directory not writable')));
+
+$hash = sanatizeString(trim($_REQUEST['hash']))?sanatizeString(trim($_REQUEST['hash'])):false;
+
+$url = trim($_REQUEST['url']);
+
+if(!$url || !startsWith($url, 'http'))
+    exit(json_encode(array('status'=>'err','reason'=>'Invalid URL')));
+//@todo: let user decide max upload size via config and set php_ini var
+else if(remote_filesize($url)*0.000001 > 20)
+    exit(json_encode(array('status'=>'err','reason'=>'File too big. 20MB max')));
+
+$name = basename($url);
+$tmpfile = ROOT.DS.'tmp'.DS.$name;
+file_put_contents($tmpfile,file_get_contents($url));
+
+//check for duplicates
+$sha1 = sha1_file($tmpfile);
+$ehash = sha1Exists($sha1);
+if($ehash && file_exists(ROOT.DS.'data'.DS.$ehash.DS.$ehash))
+    exit(json_encode(array('status'=>'ok','hash'=>$ehash,'url'=>URL.$ehash)));
+
+$type = getTypeOfFile($tmpfile);
+
+//cross check filetype for controllers
+//
+//image?
+if(in_array($type,(new ImageController)->getRegisteredExtensions()))
+{
+    $answer = (new ImageController())->handleUpload($tmpfile,$hash);
+}
+//or, a text
+else if($type=='text')
+{
+    $answer = (new TextController())->handleUpload($tmpfile,$hash);
+}
+//or, a video
+else if(in_array($type,(new VideoController)->getRegisteredExtensions()))
+{
+    $answer = (new VideoController())->handleUpload($tmpfile,$hash);
+}
+
+if(!$answer)
+        $answer = array('status'=>'err','reason'=>'Unsupported filetype','filetype'=>$type);
+
+if($answer['hash'] && $answer['status']=='ok')
+    {
+        $answer['filetype'] = $type;
+        //add this sha1 to the list
+        addSha1($answer['hash'],$sha1);
+
+        if(getDeleteCodeOfHash($answer['hash']))
+        {
+            $answer['delete_code'] = getDeleteCodeOfHash($answer['hash']);
+            $answer['delete_url'] = URL.'delete_'.getDeleteCodeOfHash($answer['hash']).'/'.$answer['hash'];
+        }
+            
+
+        // Lets' check all storage controllers and tell them that a new file was uploaded
+        $sc = getStorageControllers();
+        foreach($sc as $contr)
+        {
+            if((new $contr())->isEnabled()===true)
+                (new $contr())->pushFile($answer['hash']);
+        }
+    }
+
+    if($answer['hash'] && $answer['status']=='ok')
+    {
+        //add this sha1 to the list
+        addSha1($answer['hash'],$sha1);
+
+        if(getDeleteCodeOfHash($answer['hash']))
+        {
+            $answer['delete_code'] = getDeleteCodeOfHash($answer['hash']);
+            $answer['delete_url'] = URL.'delete_'.getDeleteCodeOfHash($answer['hash']).'/'.$answer['hash'];
+        }
+
+        // Lets' check all storage controllers and tell them that a new file was uploaded
+        $sc = getStorageControllers();
+        foreach($sc as $contr)
+        {
+            if((new $contr())->isEnabled()===true)
+                (new $contr())->pushFile($answer['hash']);
+        }
+    }
+
+    echo json_encode($answer);  
+
+
+
+function remote_filesize($url) {
+    static $regex = '/^Content-Length: *+\K\d++$/im';
+    if (!$fp = @fopen($url, 'rb'))
+        return false;
+    if (
+        isset($http_response_header) &&
+        preg_match($regex, implode("\n", $http_response_header), $matches)
+    )
+        return (int)$matches[0];
+    return strlen(stream_get_contents($fp));
+}
\ No newline at end of file
diff --git a/api/pastebin.php b/api/pastebin.php
index a623e52..34f3388 100644
--- a/api/pastebin.php
+++ b/api/pastebin.php
@@ -32,7 +32,7 @@ if($_REQUEST['api_paste_code'])
         exit(URL.$sha_hash);
 
     $answer = (new TextController())->handleUpload($tmpfile,$hash);
-    if($answer['hash'])
+    if($answer['hash'] && $answer['status']=='ok')
         addSha1($answer['hash'],$sha1);
 
     echo URL.$hash;
diff --git a/api/upload.php b/api/upload.php
index a9d3e8b..b5ea9f6 100644
--- a/api/upload.php
+++ b/api/upload.php
@@ -59,6 +59,7 @@ if ($_FILES['file']["error"] == UPLOAD_ERR_OK)
 
     if($answer['hash'] && $answer['status']=='ok')
     {
+        $answer['filetype'] = $type;
         //add this sha1 to the list
         addSha1($answer['hash'],$sha1);