script.php

   1 <?php
   2 /*
   3  *  Jirafeau, your web file repository
   4  *  Copyright (C) 2015  Jerome Jutteau <j.jutteau@gmail.com>
   5  *
   6  *  This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 /*
  21  * This file permits to easyly script file sending, receiving, deleting, ...
  22  * If you don't want this feature, you can simply delete this file from your
  23  * web directory.
  24  */
  25
  26 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
  27
  28 require (JIRAFEAU_ROOT . 'lib/config.original.php');
  29 require (JIRAFEAU_ROOT . 'lib/settings.php');
  30 require (JIRAFEAU_ROOT . 'lib/functions.php');
  31 require (JIRAFEAU_ROOT . 'lib/lang.php');
  32
  33  global $script_langages;
  34  $script_langages = array ('bash' => 'Bash');
  35
  36 /* Operations may take a long time.
  37  * Be sure PHP's safe mode is off.
  38  */
  39 @set_time_limit(0);
  40 /* Remove errors. */
  41 @error_reporting(0);
  42
  43 if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
  44 {
  45     require (JIRAFEAU_ROOT . 'lib/template/header.php');
  46     check_errors ($cfg);
  47     if (has_error ())
  48     {
  49         show_errors ();
  50         require (JIRAFEAU_ROOT . 'lib/template/footer.php');
  51         exit;
  52     }
  53     ?>
  54     <div class="info">
  55     <h2>Scriting interface</h2>
  56     <p>This interface permits to script your uploads and downloads.</p>
  57     <p>See <a href="https://gitlab.com/mojo42/Jirafeau/blob/master/script.php">source code</a> of this interface to understand availablee calls :)</p>
  58     </div>
  59     <br />
  60     <?php
  61     require (JIRAFEAU_ROOT . 'lib/template/footer.php');
  62     exit;
  63 }
  64
  65 /* Lets use interface now. */
  66 header('Content-Type: text; charset=utf-8');
  67
  68 check_errors ($cfg);
  69 if (has_error ())
  70 {
  71     echo "Error";
  72     exit;
  73 }
  74
  75 /* Upload file */
  76 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
  77     && is_writable (VAR_LINKS))
  78 {
  79     if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
  80     {
  81         echo "Error";
  82         exit;
  83     }
  84
  85     if (jirafeau_has_upload_password ($cfg) &&
  86          (!isset ($_POST['upload_password']) ||
  87           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
  88     {
  89         echo "Error";
  90         exit;
  91     }
  92
  93     $key = '';
  94     if (isset ($_POST['key']))
  95         $key = $_POST['key'];
  96
  97     $time = time ();
  98     if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
  99     {
 100         echo "Error";
 101         exit;
 102     }
 103     else
 104         switch ($_POST['time'])
 105         {
 106             case 'minute':
 107                 $time += JIRAFEAU_MINUTE;
 108                 break;
 109             case 'hour':
 110                 $time += JIRAFEAU_HOUR;
 111                 break;
 112             case 'day':
 113                 $time += JIRAFEAU_DAY;
 114                 break;
 115             case 'week':
 116                 $time += JIRAFEAU_WEEK;
 117                 break;
 118             case 'month':
 119                 $time += JIRAFEAU_MONTH;
 120                 break;
 121             case 'year':
 122                 $time += JIRAFEAU_YEAR;
 123                 break;
 124            default:
 125                 $time = JIRAFEAU_INFINITY;
 126                 break;
 127         }
 128
 129     // Check file size
 130     if ($cfg['maximal_upload_size'] > 0 &&
 131         $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
 132     {
 133         echo "Error";
 134         exit;
 135     }
 136
 137     $res = jirafeau_upload ($_FILES['file'],
 138                             isset ($_POST['one_time_download']),
 139                             $key, $time, get_ip_address($cfg),
 140                             $cfg['enable_crypt'], $cfg['link_name_length']);
 141
 142     if (empty($res) || $res['error']['has_error'])
 143     {
 144         echo "Error";
 145         exit;
 146     }
 147     /* Print direct link. */
 148     echo $res['link'];
 149     /* Print delete link. */
 150     echo NL;
 151     echo $res['delete_link'];
 152     /* Print decrypt key. */
 153     echo NL;
 154     echo urlencode($res['crypt_key']);
 155 }
 156 elseif (isset ($_GET['h']))
 157 {
 158     $link_name = $_GET['h'];
 159     $key = '';
 160     if (isset ($_POST['key']))
 161         $key = $_POST['key'];
 162     $d = '';
 163     if (isset ($_GET['d']))
 164         $d = $_GET['d'];
 165
 166     if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
 167     {
 168         echo "Error";
 169         exit;
 170     }
 171
 172     $link = jirafeau_get_link ($link_name);
 173     if (count ($link) == 0)
 174     {
 175         echo "Error";
 176         exit;
 177     }
 178     if (strlen ($d) > 0 && $d == $link['link_code'])
 179     {
 180         jirafeau_delete_link ($link_name);
 181         echo "Ok";
 182         exit;
 183     }
 184     if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time'])
 185     {
 186         jirafeau_delete_link ($link_name);
 187         echo "Error";
 188         exit;
 189     }
 190     if (strlen ($link['key']) > 0 && md5 ($key) != $link['key'])
 191     {
 192         echo "Error";
 193         exit;
 194     }
 195     $p = s2p ($link['md5']);
 196     if (!file_exists (VAR_FILES . $p . $link['md5']))
 197     {
 198         echo "Error";
 199         exit;
 200     }
 201
 202     /* Read file. */
 203     header ('Content-Length: ' . $link['file_size']);
 204     header ('Content-Type: ' . $link['mime_type']);
 205     header ('Content-Disposition: attachment; filename="' .
 206             $link['file_name'] . '"');
 207
 208     $r = fopen (VAR_FILES . $p . $link['md5'], 'r');
 209     while (!feof ($r))
 210     {
 211         print fread ($r, 1024);
 212         ob_flush();
 213     }
 214     fclose ($r);
 215
 216     if ($link['onetime'] == 'O')
 217         jirafeau_delete_link ($link_name);
 218     exit;
 219 }
 220 elseif (isset ($_GET['get_capacity']))
 221 {
 222     echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
 223               jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
 224 }
 225 elseif (isset ($_GET['get_maximal_upload_size']))
 226 {
 227     echo $cfg['maximal_upload_size'];
 228 }
 229 elseif (isset ($_GET['get_version']))
 230 {
 231     echo JIRAFEAU_VERSION;
 232 }
 233 elseif (isset ($_GET['lang']))
 234 {
 235     $l=$_GET['lang'];
 236     if ($l == "bash")
 237     {
 238 ?>
 239 #!/bin/bash
 240
 241 # This script has been auto-generated by Jirafeau but you can still edit
 242 # options below.
 243
 244 # Config
 245 proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
 246 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'
 247 time='none' # minute, hour, day, week, month, year or none. Or set JIRAFEAU_TIME.
 248 one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
 249 curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
 250 # End of config
 251
 252 if [ -n "$JIRAFEAU_PROXY" ]; then
 253     proxy="$JIRAFEAU_PROXY"
 254 fi
 255
 256 if [ -n "$JIRAFEAU_URL" ]; then
 257     url="$JIRAFEAU_URL"
 258 fi
 259
 260 if [ -z "$url" ]; then
 261     echo "Please set url in script parameters or export JIRAFEAU_URL"
 262 fi
 263
 264 if [ -n "$JIRAFEAU_TIME" ]; then
 265     time="$JIRAFEAU_TIME"
 266 fi
 267
 268 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
 269     one_time='1'
 270 fi
 271
 272 if [ -z "$curl" ]; then
 273     curl="$JIRAFEAU_CURL_PATH"
 274 fi
 275
 276 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
 277     curl="/usr/bin/curl"
 278 fi
 279
 280 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
 281     curl="/bin/curl.exe"
 282 fi
 283
 284 if [ -z "$curl" ]; then
 285     echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
 286     exit
 287 fi
 288
 289 if [ -z "$2" ]; then
 290     echo "man:"
 291     echo "    $0 send PATH [PASSWORD]"
 292     echo "    $0 get URL [PASSWORD]"
 293     echo "    $0 delete URL"
 294     echo ""
 295     echo "Global variables to export:"
 296     echo "    JIRAFEAU_PROXY : example: proxysever.test.com:3128"
 297     echo "    JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"
 298     echo "    JIRAFEAU_TIME : minute, hour, day, week, year, month or none"
 299     echo "    JIRAFEAU_ONE_TIME : set anything or set empty"
 300     echo "    JIRAFEAU_CURL : path to your curl binary"
 301
 302     exit 0
 303 fi
 304
 305 if [ -n "$proxy" ]; then
 306     proxy="-x $proxy"
 307 fi
 308
 309 options=''
 310 if [ -n "$one_time" ]; then
 311     options="$options -F one_time_download=1"
 312 fi
 313
 314 password=''
 315 if [ -n "$3" ]; then
 316     password="$3"
 317     options="$options -F key=$password"
 318 fi
 319
 320 if [ "$1" == "send" ]; then
 321     if [ ! -f "$2" ]; then
 322         echo "File \"$2\" does not exists."
 323         exit
 324     fi
 325
 326     # Ret result
 327     res=$($curl -X POST --http1.0 $proxy $options \
 328                   -F "time=$time" \
 329                   -F "file=@$2" \
 330                   $url)
 331
 332     if [[ "$res" == "Error" ]]; then
 333         echo "Error while uploading."
 334         exit
 335     fi
 336
 337     # Not using head or tail to minimise command dependencies
 338     code=$(cnt=0; echo "$res" | while read l; do
 339         if [[ "$cnt" == "0" ]]; then
 340             echo "$l"
 341         fi
 342         cnt=$(( cnt + 1 ))
 343         done)
 344     del_code=$(cnt=0; echo "$res" | while read l; do
 345         if [[ "$cnt" == "1" ]]; then
 346             echo "$l"
 347         fi
 348         cnt=$(( cnt + 1 ))
 349         done)
 350     echo "${url}?h=$code"
 351     echo "${url}?h=$code&d=$del_code"
 352 elif [ "$1" == "get" ]; then
 353     if [ -z "$password" ]; then
 354         $curl $proxy -OJ "$2"
 355     else
 356         $curl $proxy -OJ -X POST -F key=$password "$2"
 357     fi
 358 elif [ "$1" == "delete" ]; then
 359     $curl $proxy "$2"
 360 fi
 361 <?php
 362     }
 363     else
 364     {
 365         echo "Error";
 366         exit;
 367     }
 368 }
 369 /* Create alias. */
 370 elseif (isset ($_GET['alias_create']))
 371 {
 372     $ip = get_ip_address($cfg);
 373     if (!jirafeau_challenge_upload_ip ($cfg, $ip))
 374     {
 375         echo "Error";
 376         exit;
 377     }
 378
 379     if (jirafeau_has_upload_password ($cfg) &&
 380          (!isset ($_POST['upload_password']) ||
 381           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
 382     {
 383         echo "Error";
 384         exit;
 385     }
 386
 387     if (!isset ($_POST['alias']) ||
 388         !isset ($_POST['destination']) ||
 389         !isset ($_POST['password']))
 390     {
 391         echo "Error";
 392         exit;
 393     }
 394
 395     echo jirafeau_alias_create ($_POST['alias'],
 396                                 $_POST['destination'],
 397                                 $_POST['password'],
 398                                 $ip);
 399 }
 400 /* Get alias. */
 401 elseif (isset ($_GET['alias_get']))
 402 {
 403     if (!isset ($_POST['alias']))
 404     {
 405         echo "Error";
 406         exit;
 407     }
 408
 409     echo jirafeau_alias_get ($_POST['alias']);
 410 }
 411 /* Update alias. */
 412 elseif (isset ($_GET['alias_update']))
 413 {
 414     if (!isset ($_POST['alias']) ||
 415         !isset ($_POST['destination']) ||
 416         !isset ($_POST['password']))
 417     {
 418         echo "Error";
 419         exit;
 420     }
 421
 422     $new_password = '';
 423     if (isset ($_POST['new_password']))
 424         $new_password = $_POST['new_password'];
 425
 426     echo jirafeau_alias_update ($_POST['alias'],
 427                                 $_POST['destination'],
 428                                 $_POST['password'],
 429                                 $new_password,
 430                                 get_ip_address($cfg));
 431 }
 432 /* Delete alias. */
 433 elseif (isset ($_GET['alias_delete']))
 434 {
 435     if (!isset ($_POST['alias']) ||
 436         !isset ($_POST['password']))
 437     {
 438         echo "Error";
 439         exit;
 440     }
 441
 442     echo jirafeau_alias_delete ($_POST['alias'],
 443                                 $_POST['password']);
 444 }
 445 /* Initialize an asynchronous upload. */
 446 elseif (isset ($_GET['init_async']))
 447 {
 448     if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
 449     {
 450         echo "Error";
 451         exit;
 452     }
 453
 454     if (jirafeau_has_upload_password ($cfg) &&
 455          (!isset ($_POST['upload_password']) ||
 456           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
 457     {
 458         echo "Error";
 459         exit;
 460     }
 461
 462     if (!isset ($_POST['filename']))
 463     {
 464         echo "Error";
 465         exit;
 466     }
 467
 468     $type = '';
 469     if (isset ($_POST['type']))
 470         $type = $_POST['type'];
 471
 472     $key = '';
 473     if (isset ($_POST['key']))
 474         $key = $_POST['key'];
 475
 476     $time = time ();
 477     if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
 478     {
 479         echo "Error";
 480         exit;
 481     }
 482     else
 483         switch ($_POST['time'])
 484         {
 485             case 'minute':
 486                 $time += JIRAFEAU_MINUTE;
 487                 break;
 488             case 'hour':
 489                 $time += JIRAFEAU_HOUR;
 490                 break;
 491             case 'day':
 492                 $time += JIRAFEAU_DAY;
 493                 break;
 494             case 'week':
 495                 $time += JIRAFEAU_WEEK;
 496                 break;
 497             case 'month':
 498                 $time += JIRAFEAU_MONTH;
 499                 break;
 500             case 'year':
 501                 $time += JIRAFEAU_YEAR;
 502                 break;
 503             default:
 504                 $time = JIRAFEAU_INFINITY;
 505                 break;
 506         }
 507     echo jirafeau_async_init ($_POST['filename'],
 508                               $type,
 509                               isset ($_POST['one_time_download']),
 510                               $key,
 511                               $time,
 512                               get_ip_address($cfg));
 513 }
 514 /* Continue an asynchronous upload. */
 515 elseif (isset ($_GET['push_async']))
 516 {
 517     if ((!isset ($_POST['ref']))
 518         || (!isset ($_FILES['data']))
 519         || (!isset ($_POST['code'])))
 520         echo "Error";
 521     else
 522     {
 523         echo jirafeau_async_push ($_POST['ref'],
 524                                   $_FILES['data'],
 525                                   $_POST['code'],
 526                                   $cfg['maximal_upload_size']);
 527     }
 528 }
 529 /* Finalize an asynchronous upload. */
 530 elseif (isset ($_GET['end_async']))
 531 {
 532     if (!isset ($_POST['ref'])
 533         || !isset ($_POST['code']))
 534         echo "Error";
 535     else
 536         echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
 537 }
 538 else
 539     echo "Error";
 540 exit;
 541 ?>
 542