X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/11e172891035764434fbf06bc4a6f1ff0b04fdca..38069302c9544b4fcc1eb2492138dbcbe83d7bd7:/script.php?ds=inline diff --git a/script.php b/script.php old mode 100755 new mode 100644 index 396538c..bb44562 --- a/script.php +++ b/script.php @@ -25,7 +25,7 @@ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/config.php'); +require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); @@ -33,10 +33,17 @@ require (JIRAFEAU_ROOT . 'lib/lang.php'); global $script_langages; $script_langages = array ('bash' => 'Bash'); +/* Operations may take a long time. + * Be sure PHP's safe mode is off. + */ +@set_time_limit(0); +/* Remove errors. */ +@error_reporting(0); + if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) { require (JIRAFEAU_ROOT . 'lib/template/header.php'); - check_errors (); + check_errors ($cfg); if (has_error ()) { show_errors (); @@ -85,6 +92,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
"; echo "password=your_password (" . t('Optional') . ")
"; echo "one_time_download=1 (" . t('Optional') . ")
"; + echo "upload_password=your_upload_password (" . t('Optional') . ")
"; echo '

'; echo '

' . t('This will return brut text content.') . ' ' . t('First line is the download reference and the second line the delete code.') . '

'; @@ -136,7 +144,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo "$name: " . $web_root . "script.php?lang=$lang "; echo '

'; - echo '

' . t('Initalize a asynchronous transfert') . ':

'; + echo '

' . t('Initalize an asynchronous transfert') . ':

'; echo '

'; echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' '; echo t('Chunks of data must be sent in order.'); @@ -150,6 +158,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
"; echo "password=your_password (" . t('Optional') . ")
"; echo "one_time_download=1 (" . t('Optional') . ")
"; + echo "upload_password=your_upload_password (" . t('Optional') . ")
"; echo '

'; echo '

' . t('This will return brut text content.') . ' ' . t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '

'; @@ -185,10 +194,25 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) /* Lets use interface now. */ header('Content-Type: text; charset=utf-8'); +check_errors ($cfg); +if (has_error ()) +{ + echo "Error"; + exit; +} + /* Upload file */ if (isset ($_FILES['file']) && is_writable (VAR_FILES) && is_writable (VAR_LINKS)) { + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo "Error"; + exit; + } + $key = ''; if (isset ($_POST['key'])) $key = $_POST['key']; @@ -220,7 +244,8 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES) } $res = jirafeau_upload ($_FILES['file'], isset ($_POST['one_time_download']), - $key, $time, $_SERVER['REMOTE_ADDR']); + $key, $time, $_SERVER['REMOTE_ADDR'], + $cfg['enable_crypt'], $cfg['link_name_lenght']); if (empty($res) || $res['error']['has_error']) { @@ -229,9 +254,12 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES) } /* Print direct link. */ echo $res['link']; - echo NL; /* Print delete link. */ + echo NL; echo $res['delete_link']; + /* Print decrypt key. */ + echo NL; + echo urlencode($res['crypt_key']); } elseif (isset ($_GET['h'])) { @@ -243,7 +271,7 @@ elseif (isset ($_GET['h'])) if (isset ($_GET['d'])) $d = $_GET['d']; - if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name)) + if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) { echo "Error"; exit; @@ -445,6 +473,14 @@ fi /* Initialize an asynchronous upload. */ elseif (isset ($_GET['init_async'])) { + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo "Error"; + exit; + } + if (!isset ($_POST['filename'])) { echo "Error"; @@ -456,8 +492,8 @@ elseif (isset ($_GET['init_async'])) $type = $_POST['type']; $key = ''; - if (isset ($_POST['password'])) - $key = $_POST['password']; + if (isset ($_POST['key'])) + $key = $_POST['key']; $time = time (); if (!isset ($_POST['time'])) @@ -508,7 +544,7 @@ elseif (isset ($_GET['end_async'])) || !isset ($_POST['code'])) echo "Error"; else - echo jirafeau_async_end ($_POST['ref'], $_POST['code']); + echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']); } else echo "Error";