]> git.p6c8.net - jirafeau.git/blob - lib/functions.php
remove clear text password storage
[jirafeau.git] / lib / functions.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
5 * Copyright (C) 2012 Jerome Jutteau <j.jutteau@gmail.com>
6 *
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
16 *
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 /**
22 * transforms a php.ini string representing a value in an integer
23 * @param $value the value from php.ini
24 * @returns an integer for this value
25 */
26 function jirafeau_ini_to_bytes($value) {
27 $modifier = substr($value, -1);
28 $bytes = substr($value, 0, -1);
29 switch(strtoupper($modifier)) {
30 case 'P':
31 $bytes *= 1024;
32 case 'T':
33 $bytes *= 1024;
34 case 'G':
35 $bytes *= 1024;
36 case 'M':
37 $bytes *= 1024;
38 case 'K':
39 $bytes *= 1024;
40 default:
41 break;
42 }
43 return $bytes;
44 }
45
46 /**
47 * gets the maximum upload size according to php.ini
48 * @returns the maximum upload size
49 */
50 function jirafeau_get_max_upload_size() {
51 return min(jirafeau_ini_to_bytes(ini_get('post_max_size')), jirafeau_ini_to_bytes(ini_get('upload_max_filesize')));
52 }
53
54 /**
55 * gets a string explaining the error
56 * @param $code the error code
57 * @returns a string explaining the error
58 */
59 function jirafeau_upload_errstr($code) {
60 switch($code) {
61 case UPLOAD_ERR_INI_SIZE:
62 case UPLOAD_ERR_FORM_SIZE:
63 return _('Your file exceeds the maximum authorized file size.');
64 break;
65
66 case UPLOAD_ERR_PARTIAL:
67 case UPLOAD_ERR_NO_FILE:
68 return _('Your file was not uploaded correctly. You may succeed in retrying.');
69 break;
70
71 case UPLOAD_ERR_NO_TMP_DIR:
72 case UPLOAD_ERR_CANT_WRITE:
73 case UPLOAD_ERR_EXTENSION:
74 return _('Internal error. You may not succeed in retrying.');
75 break;
76
77 default:
78 break;
79 }
80 return _('Unknown error.');
81 }
82
83 /** Remove link and it's file
84 * @param $link the link's name (hash)
85 */
86
87 function jirafeau_delete($link) {
88 if(!file_exists(VAR_LINKS . $link))
89 return;
90
91 $content = file(VAR_LINKS . $link);
92 $md5 = trim($content[5]);
93 unlink(VAR_LINKS . $link);
94
95 $counter = 1;
96 if (file_exists(VAR_FILES . $md5 . '_count')) {
97 $content = file(VAR_FILES . $md5 . '_count');
98 $counter = trim($content[0]);
99 }
100 $counter--;
101
102 if ($counter >= 1) {
103 $handle = fopen(VAR_FILES . $md5 . '_count', 'w');
104 fwrite($handle, $counter);
105 fclose($handle);
106 }
107
108 if ($counter == 0 && file_exists(VAR_FILES. $md5)) {
109 unlink (VAR_FILES . $md5);
110 unlink (VAR_FILES . $md5 . '_count');
111 }
112 }
113
114 /**
115 * handles an uploaded file
116 * @param $file the file struct given by $_FILE[]
117 * @param $one_time_download is the file a one time download ?
118 * @param $key if not empty, protect the file with this key
119 * @param $time the time of validity of the file
120 * @param $cfg the current configuration
121 * @param $ip uploader's ip
122 * @returns an array containing some information
123 * 'error' => information on possible errors
124 * 'link' => the link name of the uploaded file
125 * 'delete_link' => the link code to delete file
126 */
127 function jirafeau_upload($file, $one_time_download, $key, $time, $cfg, $ip) {
128 if(empty($file['tmp_name']) || !is_uploaded_file($file['tmp_name'])) {
129 return(array('error' => array('has_error' => true, 'why' => jirafeau_upload_errstr($file['error'])), 'link' => '', 'delete_link' => ''));
130 }
131
132 /* array representing no error */
133 $noerr = array('has_error' => false, 'why' => '');
134
135 /* file informations */
136 $md5 = md5_file($file['tmp_name']);
137 $name = trim($file['name']);
138 $mime_type = $file['type'];
139 $size = $file['size'];
140
141 /* does file already exist ? */
142 $rc = false;
143 if(file_exists(VAR_FILES . $md5)) {
144 $rc = unlink($file['tmp_name']);
145 }
146 elseif(move_uploaded_file($file['tmp_name'], VAR_FILES . $md5)) {
147 $rc = true;
148 }
149 if(!$rc)
150 {
151 return(array(
152 'error' => array(
153 'has_error' => true,
154 'why' => _('Internal error during file creation.')),
155 'link' => '',
156 'delete_link' => '')
157 );
158 }
159
160 /* increment or create count file */
161 $counter=0;
162 if(file_exists(VAR_FILES . $md5 . '_count')) {
163 $content = file(VAR_FILES . $md5 . '_count');
164 $counter = trim($content[0]);
165 }
166 $counter++;
167 $handle = fopen(VAR_FILES . $md5 . '_count', 'w');
168 fwrite($handle, $counter);
169 fclose($handle);
170
171 /* Create delete code. */
172 $delete_link_code = 0;
173 for ($i = 0; $i < 8; $i++)
174 $delete_link_code .= dechex(rand(0,16));
175
176 /* md5 password or empty */
177 $password = '';
178 if (!empty($key))
179 $password = md5($key);
180
181 /* create link file */
182 $link_tmp_name = VAR_LINKS . $md5 . rand(0, 10000) . '.tmp';
183 $handle = fopen($link_tmp_name, 'w');
184 fwrite($handle, $name . NL . $mime_type . NL . $size . NL . $password . NL . $time . NL . $md5 . NL . ($one_time_download ? 'O' : 'R') . NL . date('U') . NL . $ip . NL . $delete_link_code . NL);
185 fclose($handle);
186 $md5_link = md5_file($link_tmp_name);
187 if(!rename($link_tmp_name, VAR_LINKS . $md5_link)) {
188 unlink($link_tmp_name);
189 $counter--;
190 if ($counter >= 1) {
191 $handle = fopen(VAR_FILES . $md5 . '_count', 'w');
192 fwrite($handle, $counter);
193 fclose($handle);
194 }
195 else {
196 unlink(VAR_FILES . $md5 . '_count');
197 unlink(VAR_FILES . $md5);
198 }
199 return(array(
200 'error' => array(
201 'has_error' => true,
202 'why' => _('Internal error during file creation.')),
203 'link' => '',
204 'delete_link' => '')
205 );
206 }
207 return(array('error' => $noerr, 'link' => $md5_link, 'delete_link' => $delete_link_code));
208 }
209
210 /**
211 * tells if a mime-type is viewable in a browser
212 * @param $mime the mime type
213 * @returns a boolean telling if a mime type is viewable
214 */
215 function jirafeau_is_viewable($mime) {
216 if(!empty($mime)) {
217 // actually, verify if mime-type is an image or a text
218 $viewable = array('image', 'text');
219 $decomposed = explode('/', $mime);
220 return in_array($decomposed[0], $viewable);
221 }
222 return false;
223 }
224
225
226 // Error handling functions.
227 //! Global array that contains all registered errors.
228 $error_list = array ();
229
230 /**
231 * Adds an error to the list of errors.
232 * @param $title the error's title
233 * @param $description is a human-friendly description of the problem.
234 */
235 function add_error ($title, $description) {
236 global $error_list;
237 $error_list[] = '<p>' . $title . '<br />' . $description . '</p>';
238 }
239
240 /**
241 * Informs whether any error has been registered yet.
242 * @return true if there are errors.
243 */
244 function has_error () {
245 global $error_list;
246 return !empty ($error_list);
247 }
248
249 /**
250 * Displays all the errors.
251 */
252 function show_errors () {
253 if (has_error ()) {
254 global $error_list;
255 echo '<div class="error">';
256 foreach ($error_list as $error) {
257 echo $error;
258 }
259 echo '</div>';
260 }
261 }
262
263 ?>

patrick-canterino.de