X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/490704220365421ea0ea9d76ab3768a94b8ccd47..06b28c7f3516ae01041edf78a3298c73628322fb:/script.php?ds=inline diff --git a/script.php b/script.php index 99c5ec0..1c154b1 100644 --- a/script.php +++ b/script.php @@ -218,6 +218,12 @@ if (has_error ()) if (isset ($_FILES['file']) && is_writable (VAR_FILES) && is_writable (VAR_LINKS)) { + if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg))) + { + echo "Error"; + exit; + } + if (jirafeau_has_upload_password ($cfg) && (!isset ($_POST['upload_password']) || !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) @@ -272,7 +278,7 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES) $res = jirafeau_upload ($_FILES['file'], isset ($_POST['one_time_download']), - $key, $time, $_SERVER['REMOTE_ADDR'], + $key, $time, get_ip_address($cfg), $cfg['enable_crypt'], $cfg['link_name_length']); if (empty($res) || $res['error']['has_error']) @@ -505,6 +511,12 @@ fi /* Initialize an asynchronous upload. */ elseif (isset ($_GET['init_async'])) { + if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg))) + { + echo "Error"; + exit; + } + if (jirafeau_has_upload_password ($cfg) && (!isset ($_POST['upload_password']) || !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) @@ -563,7 +575,7 @@ elseif (isset ($_GET['init_async'])) isset ($_POST['one_time_download']), $key, $time, - $_SERVER['REMOTE_ADDR']); + get_ip_address($cfg)); } /* Continue an asynchronous upload. */ elseif (isset ($_GET['push_async']))