[BUGFIX] Disallow file preview for image/svg+xml files

[jirafeau.git] / script.php

diff --git a/script.php b/script.php
index b8c4bcf10e92e0bce463ada017e7ecb875fa7608..d31ce78ec7d708010b6fb952cc81b48e452f7bf4 100644 (file)
--- a/script.php
+++ b/script.php
@@ -127,12 +127,18 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES)
         exit;
     }
 
+    if ($cfg['store_uploader_ip']) {
+        $ip = get_ip_address($cfg);
+    } else {
+        $ip = "";
+    }
+    
     $res = jirafeau_upload(
         $_FILES['file'],
         isset($_POST['one_time_download']),
         $key,
         $time,
-        get_ip_address($cfg),
+        $ip,
         $cfg['enable_crypt'],
         $cfg['link_name_length'],
         $cfg['file_hash']
@@ -377,7 +383,7 @@ if [ "$1" == "send" ]; then
         echo "    ${0} get ${url}${apipage}?h=$code [PASSWORD}"
     fi
     echo "Delete via API:"
-    echo "    ${0} delete ${url}${downloadpage}?h=$code&d=$del_code"
+    echo "    ${0} delete \"${url}${downloadpage}?h=$code&d=$del_code\""
 
 elif [ "$1" == "get" ]; then
     if [ -z "$password" ]; then
@@ -386,7 +392,7 @@ elif [ "$1" == "get" ]; then
         $curl $proxy -OJ -X POST -F key=$password "$2"
     fi
 elif [ "$1" == "delete" ]; then
-    $curl $proxy "$2"
+    $curl $proxy "$2" --data-raw "do_delete=1%2F" | grep "div class" |sed -e "s/<[^>]\+>//g"
 fi
 <?php
     } else {
@@ -461,13 +467,20 @@ elseif (isset($_GET['init_async'])) {
                 break;
         }
     }
+
+    if ($cfg['store_uploader_ip']) {
+        $ip = get_ip_address($cfg);
+    } else {
+        $ip = "";
+    }
+    
     echo jirafeau_async_init(
         $_POST['filename'],
         $type,
         isset($_POST['one_time_download']),
         $key,
         $time,
-        get_ip_address($cfg)
+        $ip
     );
 }
 /* Continue an asynchronous upload. */