X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/8adcdf2e61aa2746235d99202ad07b59d0198b04..38069302c9544b4fcc1eb2492138dbcbe83d7bd7:/script.php?ds=sidebyside
diff --git a/script.php b/script.php
old mode 100755
new mode 100644
index 45ca635..bb44562
--- a/script.php
+++ b/script.php
@@ -25,7 +25,7 @@
define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
-require (JIRAFEAU_ROOT . 'lib/config.php');
+require (JIRAFEAU_ROOT . 'lib/config.original.php');
require (JIRAFEAU_ROOT . 'lib/settings.php');
require (JIRAFEAU_ROOT . 'lib/functions.php');
require (JIRAFEAU_ROOT . 'lib/lang.php');
@@ -36,12 +36,14 @@ require (JIRAFEAU_ROOT . 'lib/lang.php');
/* Operations may take a long time.
* Be sure PHP's safe mode is off.
*/
- set_time_limit(0);
+@set_time_limit(0);
+/* Remove errors. */
+@error_reporting(0);
if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
{
require (JIRAFEAU_ROOT . 'lib/template/header.php');
- check_errors ();
+ check_errors ($cfg);
if (has_error ())
{
show_errors ();
@@ -90,6 +92,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
";
echo "password=your_password (" . t('Optional') . ")
";
echo "one_time_download=1 (" . t('Optional') . ")
";
+ echo "upload_password=your_upload_password (" . t('Optional') . ")
";
echo '';
echo '' . t('This will return brut text content.') . ' ' .
t('First line is the download reference and the second line the delete code.') . '
';
@@ -141,7 +144,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "$name: " . $web_root . "script.php?lang=$lang ";
echo '';
- echo '' . t('Initalize a asynchronous transfert') . ':
';
+ echo '' . t('Initalize an asynchronous transfert') . ':
';
echo '';
echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' ';
echo t('Chunks of data must be sent in order.');
@@ -155,6 +158,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "time=[minute|hour|day|week|month|none] (" . t('Optional') . ', '. t('default: none') . ")
";
echo "password=your_password (" . t('Optional') . ")
";
echo "one_time_download=1 (" . t('Optional') . ")
";
+ echo "upload_password=your_upload_password (" . t('Optional') . ")
";
echo '
';
echo '' . t('This will return brut text content.') . ' ' .
t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '
';
@@ -182,57 +186,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo '' . t('This will return brut text content.') . ' ' .
t('First line is the download reference and the second line the delete code.') . '
';
- if ($cfg['enable_blocks'])
- {
- echo '' . t('Create a data block') . ':
';
- echo '';
- echo t('This interface permits to create a block of data filled with zeros.') .
- ' ' . t('You can read selected parts, write (using a code) and delete the block.') .
- ' ' . t('Blocks may be removed after a month of non usage.');
- echo '
';
- echo '';
- echo t('Send a GET query to') . ': ' . $web_root . 'script.php?init_block
';
- echo '
';
- echo t('Parameters') . ':
';
- echo "size=size_in_bytes (" . t('Required') . ")
";
- echo '
';
- echo '' . t('This will return brut text content.') . ' ' .
- t('First line is a block id the second line the edit/delete code.') . '
';
-
- echo '' . t('Read data in a block') . ':
';
- echo '';
- echo t('Send a GET query to') . ': ' . $web_root . 'script.php?read_block
';
- echo '
';
- echo t('Parameters') . ':
';
- echo "id=block_id (" . t('Required') . ")
";
- echo "start=byte_position_starting_from_zero (" . t('Required') . ")
";
- echo "length=length_to_read_in_bytes (" . t('Required') . ")
";
- echo '
';
- echo '' . t('This will return asked data or "Error" string.') . '
';
-
- echo '' . t('Write data in a block') . ':
';
- echo '';
- echo t('Send a GET query to') . ': ' . $web_root . 'script.php?write_block
';
- echo '
';
- echo t('Parameters') . ':
';
- echo "id=block_id (" . t('Required') . ")
";
- echo "code=block_code (" . t('Required') . ")
";
- echo "start=byte_position_starting_from_zero (" . t('Required') . ")
";
- echo "data=data_to_write (" . t('Required') . ")
";
- echo '
';
- echo '' . t('This will return "Ok" or "Error" string.') . '
';
-
- echo '' . t('Delete a block') . ':
';
- echo '';
- echo t('Send a GET query to') . ': ' . $web_root . 'script.php?delete_block
';
- echo '
';
- echo t('Parameters') . ':
';
- echo "id=block_id (" . t('Required') . ")
";
- echo "code=block_code (" . t('Required') . ")
";
- echo '
';
- echo '' . t('This will return "Ok" or "Error" string.') . '
';
- }
-
echo '
';
require (JIRAFEAU_ROOT . 'lib/template/footer.php');
exit;
@@ -241,10 +194,25 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
/* Lets use interface now. */
header('Content-Type: text; charset=utf-8');
+check_errors ($cfg);
+if (has_error ())
+{
+ echo "Error";
+ exit;
+}
+
/* Upload file */
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (jirafeau_has_upload_password ($cfg) &&
+ (!isset ($_POST['upload_password']) ||
+ !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
+ {
+ echo "Error";
+ exit;
+ }
+
$key = '';
if (isset ($_POST['key']))
$key = $_POST['key'];
@@ -276,7 +244,8 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
}
$res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']),
- $key, $time, $_SERVER['REMOTE_ADDR']);
+ $key, $time, $_SERVER['REMOTE_ADDR'],
+ $cfg['enable_crypt'], $cfg['link_name_lenght']);
if (empty($res) || $res['error']['has_error'])
{
@@ -285,9 +254,12 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
}
/* Print direct link. */
echo $res['link'];
- echo NL;
/* Print delete link. */
+ echo NL;
echo $res['delete_link'];
+ /* Print decrypt key. */
+ echo NL;
+ echo urlencode($res['crypt_key']);
}
elseif (isset ($_GET['h']))
{
@@ -299,7 +271,7 @@ elseif (isset ($_GET['h']))
if (isset ($_GET['d']))
$d = $_GET['d'];
- if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name))
+ if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
{
echo "Error";
exit;
@@ -501,6 +473,14 @@ fi
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (jirafeau_has_upload_password ($cfg) &&
+ (!isset ($_POST['upload_password']) ||
+ !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
+ {
+ echo "Error";
+ exit;
+ }
+
if (!isset ($_POST['filename']))
{
echo "Error";
@@ -512,8 +492,8 @@ elseif (isset ($_GET['init_async']))
$type = $_POST['type'];
$key = '';
- if (isset ($_POST['password']))
- $key = $_POST['password'];
+ if (isset ($_POST['key']))
+ $key = $_POST['key'];
$time = time ();
if (!isset ($_POST['time']))
@@ -564,45 +544,7 @@ elseif (isset ($_GET['end_async']))
|| !isset ($_POST['code']))
echo "Error";
else
- echo jirafeau_async_end ($_POST['ref'], $_POST['code']);
-}
-/* Initialize block. */
-elseif (isset ($_GET['init_block']) && $cfg['enable_blocks'])
-{
- if (!isset ($_POST['size']))
- echo "Error";
- else
- echo jirafeau_block_init ($_POST['size']);
-}
-/* Read data in block. */
-elseif (isset ($_GET['read_block']) && $cfg['enable_blocks'])
-{
- if (!isset ($_POST['id'])
- || !isset ($_POST['start'])
- || !isset ($_POST['length']))
- echo "Error";
- else
- jirafeau_block_read ($_POST['id'], $_POST['start'], $_POST['length']);
-}
-/* Write data in block. */
-elseif (isset ($_GET['write_block']) && $cfg['enable_blocks'])
-{
- if (!isset ($_POST['id'])
- || !isset ($_POST['start'])
- || !isset ($_FILES['data'])
- || !isset ($_POST['code']))
- echo "Error";
- else
- echo jirafeau_block_write ($_POST['id'], $_POST['start'], $_FILES['data'], $_POST['code']);
-}
-/* Delete block. */
-elseif (isset ($_GET['delete_block']) && $cfg['enable_blocks'])
-{
- if (!isset ($_POST['id'])
- || !isset ($_POST['code']))
- echo "Error";
- else
- echo jirafeau_block_delete ($_POST['id'], $_POST['code']);
+ echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
}
else
echo "Error";