X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/85b1ac6414601717c4bb94b12ea724e10b78f2a6..37a47dbd255874bcdfc14f2e7a5dc1461ddd145e:/lib/functions.php?ds=sidebyside diff --git a/lib/functions.php b/lib/functions.php index 4991f23..9091af7 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -3,7 +3,7 @@ * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD * Copyright (C) 2015 Jerome Jutteau - * Copyright (C) 2015 Nicola Spanti (RyDroid) + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -93,7 +93,7 @@ function jirafeau_gen_random($l) return 42; } - $code=""; + $code = ''; for ($i = 0; $i < $l; $i++) { $code .= dechex(rand(0, 15)); } @@ -106,7 +106,7 @@ function jirafeau_gen_download_pass($length, $allowed_chars) if ($length <= 0) { return false; } - $pass=""; + $pass = ''; for ($i = 0; $i < $length; $i++) { $pass .= $allowed_chars[rand(0, strlen($allowed_chars) - 1)]; } @@ -143,10 +143,10 @@ function jirafeau_human_size($octets) // Convert UTC timestamp to a datetime field function jirafeau_get_datetimefield($timestamp) { - $ts = date_create("@" . $timestamp); + $ts = date_create('@' . $timestamp); $content = '' . date_format($ts, 'Y-m-d H:i') . ' (GMT)'; - + return $content; } @@ -397,7 +397,7 @@ function jirafeau_hash_file($method, $file_path) function jirafeau_md5_outside($file_path) { $out = false; - $handle = fopen($file_path, "r"); + $handle = fopen($file_path, 'r'); if ($handle === false) { return false; } @@ -450,12 +450,13 @@ function jirafeau_upload($file, $one_time_download, $key, $time, $ip, $crypt, $l } /** - * - * @param bool $crypt_module_enabled - * @param string $file_path + * + * @param bool $crypt_module_enabled + * @param string $file_path * @return array [bool, string] */ -function jirafeau_handle_add_file_encryption($crypt_module_enabled, $file_path) { +function jirafeau_handle_add_file_encryption($crypt_module_enabled, $file_path) +{ /* Crypt file if option is enabled. */ $crypted = false; $crypt_key = ''; @@ -501,7 +502,6 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $crypt_key = ''; list($crypted, $crypt_key) = jirafeau_handle_add_file_encryption($crypt, $file['tmp_name']); - /* file information */ $hash = jirafeau_hash_file($file_hash_method, $file['tmp_name']); $name = str_replace(NL, '', trim($file['name'])); @@ -513,12 +513,9 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $p = s2p("$hash"); if (file_exists(VAR_FILES . $p . $hash)) { $rc = unlink($file['tmp_name']); - } elseif ((file_exists(VAR_FILES . $p) || @mkdir(VAR_FILES . $p, 0755, true)) - && - //move_uploaded_file($file['tmp_name'], VAR_FILES . $p . $hash)) - $move_operation($file['tmp_name'], VAR_FILES . $p . $hash)) - { - + } elseif ( + (file_exists(VAR_FILES . $p) || @mkdir(VAR_FILES . $p, 0755, true)) && + $move_operation($file['tmp_name'], VAR_FILES . $p . $hash)) { $rc = true; } if (!$rc) { @@ -526,7 +523,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, 'error' => array('has_error' => true, 'why' => t('INTERNAL_ERROR_DEL')), - 'link' =>'', + 'link' => '', 'delete_link' => '')); } @@ -580,7 +577,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, 'error' => array('has_error' => true, 'why' => t('Internal error during file creation. ')), - 'link' =>'', + 'link' => '', 'delete_link' => ''); } return array( 'error' => $noerr, @@ -589,8 +586,8 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, 'crypt_key' => $crypt_key); } - -function jirafeau_admin_list_table ($name, $file_hash, $link_hash, $visitor_function = null) { +function jirafeau_admin_list_table($name, $file_hash, $link_hash, $visitor_function = null) +{ echo '
'; if (!empty($name)) { echo t('FILENAME') . ": " . jirafeau_escape($name); @@ -616,10 +613,6 @@ function jirafeau_admin_list_table ($name, $file_hash, $link_hash, $visitor_func echo '
'; } - - - - /** * Tells if a mime-type is viewable in a browser * @param $mime the mime type @@ -744,12 +737,12 @@ function jirafeau_get_link($hash) } /** - * List files ii folder in admin interface. + * List files in admin interface. */ function jirafeau_admin_list($name, $file_hash, $link_hash) { - $function = function($name, $file_hash, $link_hash) { - /* Get all links files. */ + $function = function ($name, $file_hash, $link_hash) { + /* Get all links files. */ $stack = array(VAR_LINKS); while (($d = array_shift($stack)) && $d != null) { $dir = scandir($d); @@ -780,25 +773,38 @@ function jirafeau_admin_list($name, $file_hash, $link_hash) } /* Print link information. */ echo ''; - echo '' . - '' . jirafeau_escape($l['file_name']) . '
'; + echo ''; + + if (!$l['crypted'] && !$l['crypted_legacy']) { + echo'' . jirafeau_escape($l['file_name']) . ''; + } else { + echo jirafeau_escape($l['file_name']); + } + + echo '
'; + echo t('TYPE') . ': ' . jirafeau_escape($l['mime_type']) . '
'; echo t('SIZE') . ': ' . jirafeau_human_size($l['file_size']) . '
'; echo t('EXPIRE') . ': ' . ($l['time'] == -1 ? '∞' : jirafeau_get_datetimefield($l['time'])) . '
'; - echo t('ONETIME') . ': ' . ($l['onetime'] == 'O' ? 'Yes' : 'No') . '
'; + echo t('ONETIME') . ': ' . ($l['onetime'] == 'O' ? t('YES') : t('NO')) . '
'; + echo t('ENCRYPTED') . ': ' . (($l['crypted'] || $l['crypted_legacy']) ? t('YES') : t('NO')) . '
'; echo t('UPLOAD_DATE') . ': ' . jirafeau_get_datetimefield($l['upload_date']) . '
'; if (strlen($l['ip']) > 0) { echo t('ORIGIN') . ': ' . $l['ip'] . '
'; } echo ''; + + if (!$l['crypted'] && !$l['crypted_legacy']) { + echo '
' . + '' . + '' . + jirafeau_admin_csrf_field() . + '' . + '
'; + } + echo '
' . - '' . - '' . - jirafeau_admin_csrf_field() . - '' . - '
' . - '
' . '' . '' . jirafeau_admin_csrf_field() . @@ -815,8 +821,9 @@ function jirafeau_admin_list($name, $file_hash, $link_hash) } } } - }; - jirafeau_admin_list_table($name, $file_hash, $link_hash, $function); + }; + + jirafeau_admin_list_table($name, $file_hash, $link_hash, $function); } /** @@ -1190,6 +1197,11 @@ function jirafeau_async_end($ref, $code, $crypt, $link_name_length, $file_hash_m return "Error: referenced file does not exist"; } + /* Store filesize before encrypting the file */ + /* Otherwise we would send the size of the encrypted file and the data of the unencrypted file */ + /* This would break some browsers */ + $size = filesize($p); + $crypted = false; $crypt_key = ''; if ($crypt == true && extension_loaded('sodium') == true) { @@ -1202,7 +1214,6 @@ function jirafeau_async_end($ref, $code, $crypt, $link_name_length, $file_hash_m } $hash = jirafeau_hash_file($file_hash_method, $p); - $size = filesize($p); $np = s2p($hash); $delete_link_code = jirafeau_gen_random(5); @@ -1327,7 +1338,7 @@ function jirafeau_decrypt_file($fp_src, $fp_dst, $k) for ($i = SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_HEADERBYTES; $i < $fs; $i += JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES) { $to_dec = fread($r, JIRAFEAU_SODIUM_CHUNKSIZE + SODIUM_CRYPTO_SECRETSTREAM_XCHACHA20POLY1305_ABYTES); [$dec, $crypt_tag] = sodium_crypto_secretstream_xchacha20poly1305_pull($crypt_state, $to_dec); - + if (fwrite($w, $dec) === false) { return false; } @@ -1744,7 +1755,7 @@ function jirafeau_get_download_stats($hash) $filename = VAR_LINKS . s2p("$hash") . $hash . '_download'; if (!file_exists($filename)) { - return array('count'=>0); + return array('count' => 0); } $c = file($filename); @@ -1768,7 +1779,8 @@ function jirafeau_write_download_stats($hash, $ip) fclose($handle); } -function jirafeau_create_upload_finished_box($preview = true) { +function jirafeau_create_upload_finished_box($preview = true) +{ ?>
@@ -1784,8 +1796,8 @@ function jirafeau_create_upload_finished_box($preview = true) {

- +

@@ -1795,7 +1807,8 @@ function jirafeau_create_upload_finished_box($preview = true) {

+ } + ?>

@@ -1820,77 +1833,76 @@ function jirafeau_create_upload_finished_box($preview = true) {

- 'minute', - 'label' => '1_MIN' + 'value' => 'minute', + 'label' => '1_MIN' ), array( - 'value' => 'hour', - 'label' => '1_H' + 'value' => 'hour', + 'label' => '1_H' ), array( - 'value' => 'day', - 'label' => '1_D' + 'value' => 'day', + 'label' => '1_D' ), array( - 'value' => 'week', - 'label' => '1_W' + 'value' => 'week', + 'label' => '1_W' ), array( 'value' => 'fortnight', 'label' => '2_W' ), array( - 'value' => 'month', - 'label' => '1_M' + 'value' => 'month', + 'label' => '1_M' ), array( - 'value' => 'quarter', - 'label' => '1_Q' + 'value' => 'quarter', + 'label' => '1_Q' ), array( - 'value' => 'year', - 'label' => '1_Y' + 'value' => 'year', + 'label' => '1_Y' ), array( - 'value' => 'none', - 'label' => 'NONE' + 'value' => 'none', + 'label' => 'NONE' ) - ); + ); } +/** + * + * creates the time selection field + * @param mixed $cfg + * @return void + */ +function jirafeau_create_selection_array($cfg) +{ + echo ''; - - - $expirationTimeOptions = jirafeau_get_expiration_time_options(); - - foreach ($expirationTimeOptions as $expirationTimeOption) { - $selected = ($expirationTimeOption['value'] === $cfg['availability_default'])? 'selected="selected"' : ''; - if (true === $cfg['availabilities'][$expirationTimeOption['value']]) { - echo ''; - } + foreach ($expirationTimeOptions as $expirationTimeOption) { + $selected = ($expirationTimeOption['value'] === $cfg['availability_default']) ? 'selected="selected"' : ''; + if (true === $cfg['availabilities'][$expirationTimeOption['value']]) { + echo ''; } - echo ''; - } + } + + echo ''; +} - function jirafeau_datestr_to_int ($time_str) { +function jirafeau_datestr_to_int($time_str) +{ $time = time(); switch ($time_str) { case 'minute': @@ -1917,7 +1929,7 @@ function jirafeau_get_expiration_time_options() { case 'year': $time += JIRAFEAU_YEAR; break; - default: + default: $time = JIRAFEAU_INFINITY; break; } @@ -1928,10 +1940,10 @@ function jirafeau_get_expiration_time_options() { /** - * links or copy a local file + * links or copy a local file * TODO: boolean in config for linking - * @param string $filepath - * @param $one_time_download is the file a one time download ? + * @param string $filepath + * @param $one_time_download is the file a one time download? * @param $key if not empty, protect the file with this key * @param $time the time of validity of the file * @param $ip uploader's ip @@ -1942,21 +1954,20 @@ function jirafeau_get_expiration_time_options() { * 'link' => the link name of the uploaded file * 'delete_link' => the link code to delete file */ -function jirafeau_copy_local_file($local_file_path, $one_time_download, $key, $time, $ip, $crypt, $link_name_length, $file_hash_method) { - +function jirafeau_copy_local_file($local_file_path, $one_time_download, $key, $time, $ip, $crypt, $link_name_length, $file_hash_method) +{ if (!file_exists($local_file_path)) { return (array( 'error' => array('has_error' => true, 'why' => t('INTERNAL_ERROR_FILE_NOT_EXIST')), - 'link' =>'', + 'link' => '', 'delete_link' => '')); } - if( + if ( // sanity check if file can be opened - $file = fopen($local_file_path, "r") - ) - { + $file = fopen($local_file_path, 'r') + ) { // close file pointer - it's not needed here fclose($file); $time_in_int = jirafeau_datestr_to_int($time); @@ -1971,25 +1982,23 @@ function jirafeau_copy_local_file($local_file_path, $one_time_download, $key, $t $file_hash_method, false ); - } - else { + } else { return (array( 'error' => array('has_error' => true, 'why' => t('INTERNAL_ERROR_FP_OPEN_LOCAL')), - 'link' =>'', + 'link' => '', 'delete_link' => '')); } - } -function jirafeau_create_file_array($file_path) { - return - [ - 'type' => mime_content_type($file_path), - 'tmp_name' => $file_path, - 'name' => basename($file_path), - 'size' => filesize($file_path), +function jirafeau_create_file_array($file_path) +{ + return [ + 'type' => mime_content_type($file_path), + 'tmp_name' => $file_path, + 'name' => basename($file_path), + 'size' => filesize($file_path), ]; }