X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/0a1877c8b626bfed0d9d7f411695f80356d86258..bfecca5f8803a850c74add1fe59fbb3987b82e4a:/script.php
diff --git a/script.php b/script.php
index 17173e9..1c154b1 100644
--- a/script.php
+++ b/script.php
@@ -1,7 +1,7 @@
+ * Copyright (C) 2015 Jerome Jutteau ';
echo t('Example') . ": " . $web_root . "script.php?get_capacity=1 ";
echo ' ';
+ echo t('Send a GET query to') . ': ' . $web_root . 'script.php ' . t('This will return brut text content.') . ' ' .
+ t('First line returns size (in MB).') . ' ';
+ echo t('Example') . ": " . $web_root . "script.php?get_maximal_upload_size=1 ";
+ echo ' ';
@@ -89,7 +102,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo ' ' . t('This will return "Ok" if succeded, "Error" otherwhise.') . ' ' . t('This will return "Ok" if succeeded, "Error" otherwhise.') . ' ';
echo t('Example') . ": " . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&d=0d210a952 ";
echo ' ';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php ';
- echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' ';
+ echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' ';
echo t('Chunks of data must be sent in order.');
echo ' ';
@@ -155,15 +168,15 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo t('Parameters') . ': ' . t('This will return brut text content.') . ' ' .
- t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '' . t('Maximal allowed size of an uploaded file') . ':
';
+ echo '
';
+ echo '
';
+ echo t('Parameters') . ':
';
+ echo "get_maximal_upload_size=1 (" . t('Required') . ")
";
+ echo '' . t('Upload a file') . ':
';
echo '
';
echo t('Parameters') . ':
';
echo "file=C:\\your\\file\\path (" . t('Required') . ")
";
- echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
";
+ echo "time=[minute|hour|day|week|month|year|none] (" . t('Optional') . ', '. t('default: none') . ")
";
echo "password=your_password (" . t('Optional') . ")
";
echo "one_time_download=1 (" . t('Optional') . ")
";
echo "upload_password=your_upload_password (" . t('Optional') . ")
";
@@ -122,12 +135,12 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "h=your_download_reference (" . t('Required') . ")
";
echo "d=yout_delete_code (" . t('Required') . ")
";
echo '' . t('Get a generated scripts') . ':
';
+ echo '' . t('Get a generated script') . ':
';
echo '
';
echo '
';
@@ -144,9 +157,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "$name: " . $web_root . "script.php?lang=$lang ";
echo '' . t('Initalize an asynchronous transfert') . ':
';
+ echo '' . t('Initalize an asynchronous transfer') . ':
';
echo '
';
echo "filename=file_name.ext (" . t('Required') . ")
";
echo "type=MIME_TYPE (" . t('Optional') . ")
";
- echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
";
+ echo "time=[minute|hour|day|week|month|year|none] (" . t('Optional') . ', '. t('default: none') . ")
";
echo "password=your_password (" . t('Optional') . ")
";
echo "one_time_download=1 (" . t('Optional') . ")
";
echo "upload_password=your_upload_password (" . t('Optional') . ")
";
echo '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?push_async
';
echo '
';
@@ -175,7 +188,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo '
' . t('This will return brut text content.') . ' ' .
t('Returns the next code to use.') . '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?end_async
';
echo '
';
@@ -205,6 +218,12 @@ if (has_error ())
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -218,8 +237,11 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
$key = $_POST['key'];
$time = time ();
- if (!isset ($_POST['time']))
- $time = JIRAFEAU_INFINITY;
+ if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
+ {
+ echo "Error";
+ exit;
+ }
else
switch ($_POST['time'])
{
@@ -238,14 +260,26 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
case 'month':
$time += JIRAFEAU_MONTH;
break;
- default:
+ case 'year':
+ $time += JIRAFEAU_YEAR;
+ break;
+ default:
$time = JIRAFEAU_INFINITY;
break;
}
+
+ // Check file size
+ if ($cfg['maximal_upload_size'] > 0 &&
+ $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
+ {
+ echo "Error";
+ exit;
+ }
+
$res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']),
- $key, $time, $_SERVER['REMOTE_ADDR'],
- $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ $key, $time, get_ip_address($cfg),
+ $cfg['enable_crypt'], $cfg['link_name_length']);
if (empty($res) || $res['error']['has_error'])
{
@@ -330,6 +364,10 @@ elseif (isset ($_GET['get_capacity']))
echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
}
+elseif (isset ($_GET['get_maximal_upload_size']))
+{
+ echo $cfg['maximal_upload_size'];
+}
elseif (isset ($_GET['get_version']))
{
echo JIRAFEAU_VERSION;
@@ -348,7 +386,7 @@ elseif (isset ($_GET['lang']))
# Config
proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
url='' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'
-time='none' # minute, hour, day, week, month or none. Or set JIRAFEAU_TIME.
+time='none' # minute, hour, day, week, month, year or none. Or set JIRAFEAU_TIME.
one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
# End of config
@@ -399,7 +437,7 @@ if [ -z "$2" ]; then
echo "Global variables to export:"
echo " JIRAFEAU_PROXY : example: proxysever.test.com:3128"
echo " JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"
- echo " JIRAFEAU_TIME : minute, hour, day, week, month or none"
+ echo " JIRAFEAU_TIME : minute, hour, day, week, year, month or none"
echo " JIRAFEAU_ONE_TIME : set anything or set empty"
echo " JIRAFEAU_CURL : path to your curl binary"
@@ -473,6 +511,12 @@ fi
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -496,8 +540,11 @@ elseif (isset ($_GET['init_async']))
$key = $_POST['key'];
$time = time ();
- if (!isset ($_POST['time']))
- $time = JIRAFEAU_INFINITY;
+ if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
+ {
+ echo "Error";
+ exit;
+ }
else
switch ($_POST['time'])
{
@@ -516,6 +563,9 @@ elseif (isset ($_GET['init_async']))
case 'month':
$time += JIRAFEAU_MONTH;
break;
+ case 'year':
+ $time += JIRAFEAU_YEAR;
+ break;
default:
$time = JIRAFEAU_INFINITY;
break;
@@ -525,7 +575,7 @@ elseif (isset ($_GET['init_async']))
isset ($_POST['one_time_download']),
$key,
$time,
- $_SERVER['REMOTE_ADDR']);
+ get_ip_address($cfg));
}
/* Continue an asynchronous upload. */
elseif (isset ($_GET['push_async']))
@@ -535,7 +585,12 @@ elseif (isset ($_GET['push_async']))
|| (!isset ($_POST['code'])))
echo "Error";
else
- echo jirafeau_async_push ($_POST['ref'], $_FILES['data'], $_POST['code']);
+ {
+ echo jirafeau_async_push ($_POST['ref'],
+ $_FILES['data'],
+ $_POST['code'],
+ $cfg['maximal_upload_size']);
+ }
}
/* Finalize an asynchronous upload. */
elseif (isset ($_GET['end_async']))
@@ -544,9 +599,10 @@ elseif (isset ($_GET['end_async']))
|| !isset ($_POST['code']))
echo "Error";
else
- echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
}
else
echo "Error";
exit;
?>
+