require(JIRAFEAU_ROOT . 'lib/template/header.php');
/* Check if user is allowed to upload. */
-if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
+if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg)) ||
+ count($cfg['upload_ip']) == 0) {
/* Ask password if upload password is set. */
if (jirafeau_has_upload_password($cfg)) {
/* Show auth page. */
if (!isset($_SESSION['upload_auth']) || $_SESSION['upload_auth'] != true) {
?>
- <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+ <form method="post">
<fieldset>
<table>
<tr>
require(JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
}
+ } else {
+ echo '<div class="error"><p>' . t('Access denied') . '</p></div>';
+ require(JIRAFEAU_ROOT.'lib/template/footer.php');
+ exit;
}
-}
-
+}
+
?>
<div id="upload_finished">
<p><?php echo t('File uploaded !') ?></p>
<p><?php echo t('View link') ?>:</p>
<p><a id="preview_link" href=""></a></p>
</div>
- <?php
+ <?php
} ?>
<div id="upload_direct_download">
<?php
if (jirafeau_has_upload_password($cfg)) {
?>
- <form action = "<?php echo basename(__FILE__); ?>" method = "post">
+ <form method="post">
<input type = "hidden" name = "action" value = "logout"/>
<input type = "submit" value = "<?php echo t('Logout'); ?>" />
</form>
git.p6c8.net / jirafeau.git / blobdiff