]>
git.p6c8.net - jirafeau.git/blob - admin.php
3 * Jirafeau, your web file repository
4 * Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
5 * Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
6 * Copyright (C) 2024 Jirafeau project <https://gitlab.com/jirafeau> (see AUTHORS.md)
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as
10 * published by the Free Software Foundation, either version 3 of the
11 * License, or (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
22 define('JIRAFEAU_ROOT', dirname(__FILE__
) . '/');
24 require(JIRAFEAU_ROOT
. 'lib/settings.php');
25 require(JIRAFEAU_ROOT
. 'lib/functions.php');
26 require(JIRAFEAU_ROOT
. 'lib/lang.php');
28 /* Check if installation is OK. */
29 if (file_exists(JIRAFEAU_ROOT
. 'install.php')
30 && !file_exists(JIRAFEAU_ROOT
. 'lib/config.local.php')) {
31 header('Location: install.php');
35 /* If called from CLI, no password or graphical interface */
36 if (php_sapi_name() == "cli") {
37 if ($cfg['installation_done'] == false) {
38 die("Installation not completed yet.\n");
40 if ((count($argv)>1) && $argv[1]=="clean_expired") {
41 $total = jirafeau_admin_clean();
42 echo "$total expired files deleted.\n";
43 } elseif ((count($argv)>1) && $argv[1]=="clean_async") {
44 $total = jirafeau_admin_clean_async();
45 echo "$total old unfinished transfers deleted.\n";
47 die("No command found. Should be admin.php <clean_expired|clean_async>.\n");
49 // Second check: Challenge by IP
50 } elseif (true === jirafeau_challenge_admin_ip($cfg, get_ip_address($cfg))) {
51 /* Disable admin interface if we have a empty admin password. */
52 if (empty($cfg['admin_password']) && empty($cfg['admin_http_auth_user'])) {
53 require(JIRAFEAU_ROOT
. 'lib/template/header.php');
54 echo '<div class="error"><p>'.
57 require(JIRAFEAU_ROOT
.'lib/template/footer.php');
61 /* Logout if requested. */
62 if (jirafeau_admin_session_logged() && isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) {
63 jirafeau_session_end();
66 if (!jirafeau_admin_session_logged()) {
67 /* Test HTTP authentication. */
68 if (!empty($cfg['admin_http_auth_user']) &&
69 ((is_array($cfg['admin_http_auth_user']) && in_array($_SERVER['PHP_AUTH_USER'], $cfg['admin_http_auth_user'])) ||
70 (($cfg['admin_http_auth_user'] == $_SERVER['PHP_AUTH_USER'])))) {
71 jirafeau_admin_session_start();
73 /* Test web password authentication. */
74 elseif (!empty($cfg['admin_password']) && isset($_POST['admin_password'])) {
75 if ($cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) {
76 jirafeau_admin_session_start();
78 require(JIRAFEAU_ROOT
. 'lib/template/header.php');
79 echo '<div class="error"><p>'. t('BAD_PSW') . '</p></div>';
80 require(JIRAFEAU_ROOT
.'lib/template/footer.php');
84 /* Admin password prompt form. */
86 require(JIRAFEAU_ROOT
. 'lib/template/header.php'); ?
>
87 <form method
="post" class="form login">
91 <td
class = "label"><label
for = "enter_password">
92 <?php
echo t('ADMIN_PSW') . ':'; ?
></label
>
96 <td
class = "field"><input type
= "password"
97 name
= "admin_password" id
= "admin_password"
98 size
= "40" autocomplete
= "current-password" />
102 <td
class = "nav next">
103 <input type
= "submit" name
= "key" value
=
104 "<?php echo t('LOGIN'); ?>" />
111 require(JIRAFEAU_ROOT
.'lib/template/footer.php');
116 /* Operations may take a long time.
117 * Be sure PHP's safe mode is off.
121 /* Show admin interface if not downloading a file. */
122 if (!(isset($_POST['action']) && strcmp($_POST['action'], 'download') == 0)) {
123 require(JIRAFEAU_ROOT
. 'lib/template/header.php'); ?
><h2
><?php
echo t('ADMIN_INTERFACE'); ?
></h2
><?php
124 ?
><h2
>(version
<?php
echo JIRAFEAU_VERSION ?
>)</h2
><?php
126 if ($cfg['enable_crypt'] && !(extension_loaded('sodium'))) {
127 echo '<div class="error"><p>'.t('SODIUM_UNAVAILABLE').'</p></div>';
131 <fieldset
><legend
><?php
echo t('ACTIONS'); ?
></legend
>
135 <input type
= "hidden" name
= "action" value
= "clean"/>
136 <?php
echo jirafeau_admin_csrf_field() ?
>
138 <?php
echo t('CLEAN_EXPIRED'); ?
>
142 <input type
= "submit" value
= "<?php echo t('CLEAN'); ?>" />
148 <input type
= "hidden" name
= "action" value
= "clean_async"/>
149 <?php
echo jirafeau_admin_csrf_field() ?
>
151 <?php
echo t('CLEAN_INCOMPLETE'); ?
>
155 <input type
= "submit" value
= "<?php echo t('CLEAN'); ?>" />
161 <input type
= "hidden" name
= "action" value
= "list"/>
162 <?php
echo jirafeau_admin_csrf_field() ?
>
164 <?php
echo t('LS_FILES'); ?
>
168 <input type
= "submit" value
= "<?php echo t('LIST'); ?>" />
174 <input type
= "hidden" name
= "action" value
= "size"/>
175 <?php
echo jirafeau_admin_csrf_field() ?
>
177 <?php
echo t('SIZE_DATA'); ?
>
181 <input type
= "submit" value
= "<?php echo t('SIZE'); ?>" />
187 <input type
= "hidden" name
= "action" value
= "search_by_name"/>
188 <?php
echo jirafeau_admin_csrf_field() ?
>
190 <?php
echo t('SEARCH_NAME'); ?
>
193 <input type
= "text" name
= "name" id
= "name"/>
196 <input type
= "submit" value
= "<?php echo t('SEARCH'); ?>" />
202 <input type
= "hidden" name
= "action" value
= "search_by_file_hash"/>
203 <?php
echo jirafeau_admin_csrf_field() ?
>
205 <?php
echo t('SEARH_BY_HASH'); ?
>
208 <input type
= "text" name
= "hash" id
= "hash"/>
211 <input type
= "submit" value
= "<?php echo t('SEARCH'); ?>" />
217 <input type
= "hidden" name
= "action" value
= "search_link"/>
218 <?php
echo jirafeau_admin_csrf_field() ?
>
220 <?php
echo t('SEARCH_LINK'); ?
>
223 <input type
= "text" name
= "link" id
= "link"/>
226 <input type
= "submit" value
= "<?php echo t('SEARCH'); ?>" />
232 <input type
= "hidden" name
= "action" value
= "bug_report_info"/>
233 <?php
echo jirafeau_admin_csrf_field() ?
>
235 <?php
echo t('REPORTING_AN_ISSUE'); ?
>
239 <input type
= "submit" value
= "<?php echo t('INFO'); ?>" />
245 <input type
= "hidden" name
= "action" value
= "logout" />
246 <?php
echo jirafeau_admin_csrf_field() ?
>
247 <input type
= "submit" value
= "<?php echo t('LOGOUT'); ?>" />
249 </fieldset
></div
><?php
252 /* Check for actions */
253 if (isset($_POST['action'])) {
254 if (strcmp($_POST['action'], 'clean') == 0) {
255 $total = jirafeau_admin_clean();
256 echo '<div class="message">' . NL
;
258 echo t('CLEANED_FILES_CNT') . ' : ' . $total;
260 } elseif (strcmp($_POST['action'], 'clean_async') == 0) {
261 $total = jirafeau_admin_clean_async();
262 echo '<div class="message">' . NL
;
264 echo t('CLEANED_FILES_CNT') . ' : ' . $total;
266 } elseif (strcmp($_POST['action'], 'size') == 0) {
267 $size = jirafeau_dir_size($cfg['var_root']);
268 $human_size = jirafeau_human_size($size);
269 echo '<div class="message">' . NL
;
270 echo '<p>' . t('SIZE_DATA') . ': ' . $human_size .'</p>';
272 } elseif (strcmp($_POST['action'], 'list') == 0) {
273 jirafeau_admin_list("", "", "");
274 } elseif (strcmp($_POST['action'], 'search_by_name') == 0) {
275 jirafeau_admin_list($_POST['name'], "", "");
276 } elseif (strcmp($_POST['action'], 'search_by_file_hash') == 0) {
277 jirafeau_admin_list("", $_POST['hash'], "");
278 } elseif (strcmp($_POST['action'], 'search_link') == 0) {
279 jirafeau_admin_list("", "", $_POST['link']);
280 } elseif (strcmp($_POST['action'], 'delete_link') == 0) {
281 jirafeau_delete_link($_POST['link']);
282 echo '<div class="message">' . NL
;
283 echo '<p>' . t('LINK_DELETED') . '</p></div>';
284 } elseif (strcmp($_POST['action'], 'delete_file') == 0) {
285 $count = jirafeau_delete_file($_POST['hash']);
286 echo '<div class="message">' . NL
;
287 echo '<p>' . t('DELETED_LINKS') . ' : ' . $count . '</p></div>';
288 } elseif (strcmp($_POST['action'], 'download') == 0) {
289 $l = jirafeau_get_link($_POST['link']);
293 $p = s2p($l['hash']);
294 header('Content-Length: ' . $l['file_size']);
295 header('Content-Type: ' . $l['mime_type']);
296 header('Content-Disposition: attachment; filename="' .
297 $l['file_name'] . '"');
298 if (file_exists(VAR_FILES
. $p . $l['hash'])) {
299 $r = fopen(VAR_FILES
. $p . $l['hash'], 'r');
301 print fread($r, 1024);
306 } elseif (strcmp($_POST['action'], 'bug_report_info') == 0) {
307 echo jirafeau_admin_bug_report($cfg);
311 require(JIRAFEAU_ROOT
.'lib/template/footer.php');
313 require(JIRAFEAU_ROOT
. 'lib/template/header.php');
314 jirafeau_fatal_error(t('ACCESS_KO'), $cfg);
patrick-canterino.de