script.php

   1 <?php
   2 /*
   3  *  Jirafeau, your web file repository
   4  *  Copyright (C) 2015  Jerome Jutteau <j.jutteau@gmail.com>
   5  *
   6  *  This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <https://www.gnu.org/licenses/>.
  18  */
  19
  20 /*
  21  * This file permits to easyly script file sending, receiving, deleting, ...
  22  * If you don't want this feature, you can simply delete this file from your
  23  * web directory.
  24  */
  25
  26 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
  27
  28 require (JIRAFEAU_ROOT . 'lib/config.original.php');
  29 require (JIRAFEAU_ROOT . 'lib/settings.php');
  30 require (JIRAFEAU_ROOT . 'lib/functions.php');
  31 require (JIRAFEAU_ROOT . 'lib/lang.php');
  32
  33  global $script_langages;
  34  $script_langages = array ('bash' => 'Bash');
  35
  36 /* Operations may take a long time.
  37  * Be sure PHP's safe mode is off.
  38  */
  39 @set_time_limit(0);
  40 /* Remove errors. */
  41 @error_reporting(0);
  42
  43 if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
  44 {
  45     require (JIRAFEAU_ROOT . 'lib/template/header.php');
  46     check_errors ($cfg);
  47     if (has_error ())
  48     {
  49         show_errors ();
  50         require (JIRAFEAU_ROOT . 'lib/template/footer.php');
  51         exit;
  52     }
  53     ?>
  54     <div class="info">
  55     <h2>Scripting interface</h2>
  56     <p>This interface permits to script your uploads and downloads.</p>
  57     <p>See <a href="https://gitlab.com/mojo42/Jirafeau/blob/master/script.php">source code</a> of this interface to get available calls :)</p>
  58     </div>
  59     <br />
  60     <?php
  61     require (JIRAFEAU_ROOT . 'lib/template/footer.php');
  62     exit;
  63 }
  64
  65 /* Lets use interface now. */
  66 header('Content-Type: text; charset=utf-8');
  67
  68 check_errors ($cfg);
  69 if (has_error ())
  70 {
  71     echo 'Error';
  72     exit;
  73 }
  74
  75 /* Upload file */
  76 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
  77     && is_writable (VAR_LINKS))
  78 {
  79     if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
  80     {
  81         echo 'Error';
  82         exit;
  83     }
  84
  85     if (jirafeau_has_upload_password ($cfg) &&
  86          (!isset ($_POST['upload_password']) ||
  87           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
  88     {
  89         echo 'Error';
  90         exit;
  91     }
  92
  93     $key = '';
  94     if (isset ($_POST['key']))
  95         $key = $_POST['key'];
  96
  97     $time = time ();
  98     if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
  99     {
 100         echo 'Error';
 101         exit;
 102     }
 103     else
 104         switch ($_POST['time'])
 105         {
 106             case 'minute':
 107                 $time += JIRAFEAU_MINUTE;
 108                 break;
 109             case 'hour':
 110                 $time += JIRAFEAU_HOUR;
 111                 break;
 112             case 'day':
 113                 $time += JIRAFEAU_DAY;
 114                 break;
 115             case 'week':
 116                 $time += JIRAFEAU_WEEK;
 117                 break;
 118             case 'month':
 119                 $time += JIRAFEAU_MONTH;
 120                 break;
 121             case 'year':
 122                 $time += JIRAFEAU_YEAR;
 123                 break;
 124            default:
 125                 $time = JIRAFEAU_INFINITY;
 126                 break;
 127         }
 128
 129     // Check file size
 130     if ($cfg['maximal_upload_size'] > 0 &&
 131         $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
 132     {
 133         echo 'Error';
 134         exit;
 135     }
 136
 137     $res = jirafeau_upload ($_FILES['file'],
 138                             isset ($_POST['one_time_download']),
 139                             $key, $time, get_ip_address($cfg),
 140                             $cfg['enable_crypt'], $cfg['link_name_length']);
 141
 142     if (empty($res) || $res['error']['has_error'])
 143     {
 144         echo 'Error';
 145         exit;
 146     }
 147     /* Print direct link. */
 148     echo $res['link'];
 149     /* Print delete link. */
 150     echo NL;
 151     echo $res['delete_link'];
 152     /* Print decrypt key. */
 153     echo NL;
 154     echo urlencode($res['crypt_key']);
 155 }
 156 elseif (isset ($_GET['h']))
 157 {
 158     $link_name = $_GET['h'];
 159     $key = '';
 160     if (isset ($_POST['key']))
 161         $key = $_POST['key'];
 162     $d = '';
 163     if (isset ($_GET['d']))
 164         $d = $_GET['d'];
 165
 166     if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
 167     {
 168         echo 'Error';
 169         exit;
 170     }
 171
 172     $link = jirafeau_get_link ($link_name);
 173     if (count ($link) == 0)
 174     {
 175         echo 'Error';
 176         exit;
 177     }
 178     if (strlen ($d) > 0 && $d == $link['link_code'])
 179     {
 180         jirafeau_delete_link ($link_name);
 181         echo "Ok";
 182         exit;
 183     }
 184     if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time'])
 185     {
 186         jirafeau_delete_link ($link_name);
 187         echo 'Error';
 188         exit;
 189     }
 190     if (strlen ($link['key']) > 0 && md5 ($key) != $link['key'])
 191     {
 192         sleep (2);
 193         echo 'Error';
 194         exit;
 195     }
 196     $p = s2p ($link['md5']);
 197     if (!file_exists (VAR_FILES . $p . $link['md5']))
 198     {
 199         echo 'Error';
 200         exit;
 201     }
 202
 203     /* Read file. */
 204     header ('Content-Length: ' . $link['file_size']);
 205     header ('Content-Type: ' . $link['mime_type']);
 206     header ('Content-Disposition: attachment; filename="' .
 207             $link['file_name'] . '"');
 208
 209     $r = fopen (VAR_FILES . $p . $link['md5'], 'r');
 210     while (!feof ($r))
 211     {
 212         print fread ($r, 1024);
 213         ob_flush();
 214     }
 215     fclose ($r);
 216
 217     if ($link['onetime'] == 'O')
 218         jirafeau_delete_link ($link_name);
 219     exit;
 220 }
 221 elseif (isset ($_GET['get_capacity']))
 222 {
 223     echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
 224               jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
 225 }
 226 elseif (isset ($_GET['get_maximal_upload_size']))
 227 {
 228     echo $cfg['maximal_upload_size'];
 229 }
 230 elseif (isset ($_GET['get_version']))
 231 {
 232     echo JIRAFEAU_VERSION;
 233 }
 234 elseif (isset ($_GET['lang']))
 235 {
 236     $l=$_GET['lang'];
 237     if ($l == "bash")
 238     {
 239 ?>
 240 #!/bin/bash
 241
 242 # This script has been auto-generated by Jirafeau but you can still edit
 243 # options below.
 244
 245 # Config
 246 proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
 247 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'
 248 time='none' # minute, hour, day, week, month, year or none. Or set JIRAFEAU_TIME.
 249 one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
 250 curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
 251 # End of config
 252
 253 if [ -n "$JIRAFEAU_PROXY" ]; then
 254     proxy="$JIRAFEAU_PROXY"
 255 fi
 256
 257 if [ -n "$JIRAFEAU_URL" ]; then
 258     url="$JIRAFEAU_URL"
 259 fi
 260
 261 if [ -z "$url" ]; then
 262     echo "Please set url in script parameters or export JIRAFEAU_URL"
 263 fi
 264
 265 if [ -n "$JIRAFEAU_TIME" ]; then
 266     time="$JIRAFEAU_TIME"
 267 fi
 268
 269 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
 270     one_time='1'
 271 fi
 272
 273 if [ -z "$curl" ]; then
 274     curl="$JIRAFEAU_CURL_PATH"
 275 fi
 276
 277 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
 278     curl="/usr/bin/curl"
 279 fi
 280
 281 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
 282     curl="/bin/curl.exe"
 283 fi
 284
 285 if [ -z "$curl" ]; then
 286     echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
 287     exit
 288 fi
 289
 290 if [ -z "$2" ]; then
 291     echo "man:"
 292     echo "    $0 send PATH [PASSWORD]"
 293     echo "    $0 get URL [PASSWORD]"
 294     echo "    $0 delete URL"
 295     echo ""
 296     echo "Global variables to export:"
 297     echo "    JIRAFEAU_PROXY : example: proxysever.test.com:3128"
 298     echo "    JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"
 299     echo "    JIRAFEAU_TIME : minute, hour, day, week, year, month or none"
 300     echo "    JIRAFEAU_ONE_TIME : set anything or set empty"
 301     echo "    JIRAFEAU_CURL : path to your curl binary"
 302
 303     exit 0
 304 fi
 305
 306 if [ -n "$proxy" ]; then
 307     proxy="-x $proxy"
 308 fi
 309
 310 options=''
 311 if [ -n "$one_time" ]; then
 312     options="$options -F one_time_download=1"
 313 fi
 314
 315 password=''
 316 if [ -n "$3" ]; then
 317     password="$3"
 318     options="$options -F key=$password"
 319 fi
 320
 321 if [ "$1" == "send" ]; then
 322     if [ ! -f "$2" ]; then
 323         echo "File \"$2\" does not exists."
 324         exit
 325     fi
 326
 327     # Ret result
 328     res=$($curl -X POST --http1.0 $proxy $options \
 329                   -F "time=$time" \
 330                   -F "file=@$2" \
 331                   $url)
 332
 333     if [[ "$res" == "Error" ]]; then
 334         echo "Error while uploading."
 335         exit
 336     fi
 337
 338     # Not using head or tail to minimise command dependencies
 339     code=$(cnt=0; echo "$res" | while read l; do
 340         if [[ "$cnt" == "0" ]]; then
 341             echo "$l"
 342         fi
 343         cnt=$(( cnt + 1 ))
 344         done)
 345     del_code=$(cnt=0; echo "$res" | while read l; do
 346         if [[ "$cnt" == "1" ]]; then
 347             echo "$l"
 348         fi
 349         cnt=$(( cnt + 1 ))
 350         done)
 351     echo "${url}?h=$code"
 352     echo "${url}?h=$code&d=$del_code"
 353 elif [ "$1" == "get" ]; then
 354     if [ -z "$password" ]; then
 355         $curl $proxy -OJ "$2"
 356     else
 357         $curl $proxy -OJ -X POST -F key=$password "$2"
 358     fi
 359 elif [ "$1" == "delete" ]; then
 360     $curl $proxy "$2"
 361 fi
 362 <?php
 363     }
 364     else
 365     {
 366         echo 'Error';
 367         exit;
 368     }
 369 }
 370 /* Create alias. */
 371 elseif (isset ($_GET['alias_create']))
 372 {
 373     $ip = get_ip_address($cfg);
 374     if (!jirafeau_challenge_upload_ip ($cfg, $ip))
 375     {
 376         echo 'Error';
 377         exit;
 378     }
 379
 380     if (jirafeau_has_upload_password ($cfg) &&
 381          (!isset ($_POST['upload_password']) ||
 382           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
 383     {
 384         echo 'Error';
 385         exit;
 386     }
 387
 388     if (!isset ($_POST['alias']) ||
 389         !isset ($_POST['destination']) ||
 390         !isset ($_POST['password']))
 391     {
 392         echo 'Error';
 393         exit;
 394     }
 395
 396     echo jirafeau_alias_create ($_POST['alias'],
 397                                 $_POST['destination'],
 398                                 $_POST['password'],
 399                                 $ip);
 400 }
 401 /* Get alias. */
 402 elseif (isset ($_GET['alias_get']))
 403 {
 404     if (!isset ($_POST['alias']))
 405     {
 406         echo 'Error';
 407         exit;
 408     }
 409
 410     echo jirafeau_alias_get ($_POST['alias']);
 411 }
 412 /* Update alias. */
 413 elseif (isset ($_GET['alias_update']))
 414 {
 415     if (!isset ($_POST['alias']) ||
 416         !isset ($_POST['destination']) ||
 417         !isset ($_POST['password']))
 418     {
 419         echo 'Error';
 420         exit;
 421     }
 422
 423     $new_password = '';
 424     if (isset ($_POST['new_password']))
 425         $new_password = $_POST['new_password'];
 426
 427     echo jirafeau_alias_update ($_POST['alias'],
 428                                 $_POST['destination'],
 429                                 $_POST['password'],
 430                                 $new_password,
 431                                 get_ip_address($cfg));
 432 }
 433 /* Delete alias. */
 434 elseif (isset ($_GET['alias_delete']))
 435 {
 436     if (!isset ($_POST['alias']) ||
 437         !isset ($_POST['password']))
 438     {
 439         echo 'Error';
 440         exit;
 441     }
 442
 443     echo jirafeau_alias_delete ($_POST['alias'],
 444                                 $_POST['password']);
 445 }
 446 /* Initialize an asynchronous upload. */
 447 elseif (isset ($_GET['init_async']))
 448 {
 449     if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
 450     {
 451         echo 'Error';
 452         exit;
 453     }
 454
 455     if (jirafeau_has_upload_password ($cfg) &&
 456          (!isset ($_POST['upload_password']) ||
 457           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
 458     {
 459         echo 'Error';
 460         exit;
 461     }
 462
 463     if (!isset ($_POST['filename']))
 464     {
 465         echo 'Error';
 466         exit;
 467     }
 468
 469     $type = '';
 470     if (isset ($_POST['type']))
 471         $type = $_POST['type'];
 472
 473     $key = '';
 474     if (isset ($_POST['key']))
 475         $key = $_POST['key'];
 476
 477     $time = time ();
 478     if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
 479     {
 480         echo 'Error';
 481         exit;
 482     }
 483     else
 484         switch ($_POST['time'])
 485         {
 486             case 'minute':
 487                 $time += JIRAFEAU_MINUTE;
 488                 break;
 489             case 'hour':
 490                 $time += JIRAFEAU_HOUR;
 491                 break;
 492             case 'day':
 493                 $time += JIRAFEAU_DAY;
 494                 break;
 495             case 'week':
 496                 $time += JIRAFEAU_WEEK;
 497                 break;
 498             case 'month':
 499                 $time += JIRAFEAU_MONTH;
 500                 break;
 501             case 'year':
 502                 $time += JIRAFEAU_YEAR;
 503                 break;
 504             default:
 505                 $time = JIRAFEAU_INFINITY;
 506                 break;
 507         }
 508     echo jirafeau_async_init ($_POST['filename'],
 509                               $type,
 510                               isset ($_POST['one_time_download']),
 511                               $key,
 512                               $time,
 513                               get_ip_address($cfg));
 514 }
 515 /* Continue an asynchronous upload. */
 516 elseif (isset ($_GET['push_async']))
 517 {
 518     if ((!isset ($_POST['ref']))
 519         || (!isset ($_FILES['data']))
 520         || (!isset ($_POST['code'])))
 521         echo 'Error';
 522     else
 523     {
 524         echo jirafeau_async_push ($_POST['ref'],
 525                                   $_FILES['data'],
 526                                   $_POST['code'],
 527                                   $cfg['maximal_upload_size']);
 528     }
 529 }
 530 /* Finalize an asynchronous upload. */
 531 elseif (isset ($_GET['end_async']))
 532 {
 533     if (!isset ($_POST['ref'])
 534         || !isset ($_POST['code']))
 535         echo 'Error';
 536     else
 537         echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
 538 }
 539 else
 540     echo 'Error';
 541 exit;
 542 ?>