X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/8d0d50765bc4cd7b98fc28dbccbf4284d034d466..94819539182ec00e4a35ecc95a5d9ca886d903cf:/f.php?ds=inline diff --git a/f.php b/f.php index 6f8f836..0218602 100644 --- a/f.php +++ b/f.php @@ -2,7 +2,7 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org> - * Copyright (C) 2012 Jerome Jutteau <j.jutteau@gmail.com> + * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -49,6 +49,13 @@ if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) $link = jirafeau_get_link ($link_name); if (count ($link) == 0) +{ + /* Try alias. */ + $alias = jirafeau_get_alias (md5 ($link_name)); + if (count ($alias) > 0) + $link = jirafeau_get_link ($alias["destination"]); +} +if (count ($link) == 0) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '<div class="error"><p>' . t('Sorry, the requested file is not found') . @@ -58,20 +65,20 @@ if (count ($link) == 0) } $delete_code = ''; -if (isset ($_GET['d']) && !empty ($_GET['d'])) +if (isset ($_GET['d']) && !empty ($_GET['d']) && $_GET['d'] != '1') $delete_code = $_GET['d']; $crypt_key = ''; if (isset ($_GET['k']) && !empty ($_GET['k'])) $crypt_key = $_GET['k']; -$button_download = false; -if (isset ($_GET['bd']) && !empty ($_GET['bd'])) - $button_download = true; +$do_download = false; +if (isset ($_GET['d']) && $_GET['d'] == '1') + $do_download = true; -$button_preview = false; -if (isset ($_GET['bp']) && !empty ($_GET['bp'])) - $button_preview = true; +$do_preview = false; +if (isset ($_GET['p']) && !empty ($_GET['p'])) + $do_preview = true; $p = s2p ($link['md5']); if (!file_exists (VAR_FILES . $p . $link['md5'])) @@ -125,7 +132,7 @@ if (!empty ($link['key'])) '<form action = "'; echo $cfg['web_root'] . '/f.php'; echo '" ' . - 'method = "post" id = "submit">'; ?> + 'method = "post" id = "submit_post">'; ?> <input type = "hidden" name = "jirafeau" value = "<?php echo JIRAFEAU_VERSION ?>"/><?php echo '<fieldset>' . '<legend>' . t('Password protection') . @@ -134,27 +141,34 @@ if (!empty ($link['key'])) '<input type = "password" name = "key" />' . '</td></tr>' . '<tr><td>' . - t('By using our services, you accept of our'). ' <a href="' . $cfg['web_root'] . '/tos.php' . '">' . t('Term Of Service') . '</a>' . - '</td></tr>' . - '<tr><td>'; - ?><input type="submit" id = "submit_download" value="<?php echo t('Download'); ?>" - onclick="document.getElementById('submit').action=' + t('By using our services, you accept our'). ' <a href="' . $cfg['web_root'] . '/tos.php' . '">' . t('Term Of Service') . '</a>' . + '</td></tr>'; + + if ($link['onetime'] == 'O') + { + echo '<tr><td id="self_destruct">' . + t('Warning, this file will self-destruct after being read') . + '</td></tr>'; + } + + ?><tr><td><input type="submit" id = "submit_download" value="<?php echo t('Download'); ?>" + onclick="document.getElementById('submit_post').action=' <?php - echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&bd=1'; + echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&d=1'; if (!empty($crypt_key)) echo '&k=' . urlencode($crypt_key); ?>'; document.getElementById('submit_download').submit ();"/><?php - if ($cfg['download_page'] && $cfg['preview']) + if ($cfg['preview'] && jirafeau_is_viewable($link['mime_type'])) { ?><input type="submit" id = "submit_preview" value="<?php echo t('Preview'); ?>" - onclick="document.getElementById('submit').action=' -<?php - echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&bp=1'; - if (!empty($crypt_key)) - echo '&k=' . urlencode($crypt_key); -?>'; - document.getElementById('submit_preview').submit ();"/><?php + onclick="document.getElementById('submit_post').action=' + <?php + echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&p=1'; + if (!empty($crypt_key)) + echo '&k=' . urlencode($crypt_key); + ?>'; + document.getElementById('submit_preview').submit ();"/><?php } echo '</td></tr></table></fieldset></form></div>'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); @@ -166,7 +180,7 @@ if (!empty ($link['key'])) $password_challenged = true; else { - header ("Access denied"); + sleep (2); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '<div class="error"><p>' . t('Access denied') . '</p></div>'; @@ -176,40 +190,50 @@ if (!empty ($link['key'])) } } -if ($cfg['download_page'] && !$password_challenged && !$button_download && !$button_preview) +if (!$password_challenged && !$do_download && !$do_preview) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '<div>' . '<form action = "'; echo $cfg['web_root'] . '/f.php'; echo '" ' . - 'method = "post" id = "submit">'; ?> + 'method = "post" id = "submit_post">'; ?> <input type = "hidden" name = "jirafeau" value = "<?php echo JIRAFEAU_VERSION ?>"/><?php - echo '<fieldset><legend>' . $link['file_name'] . '</legend><table>' . + echo '<fieldset><legend>' . htmlspecialchars($link['file_name']) . '</legend><table>' . '<tr><td>' . - t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . + t('You are about to download') . ' "' . htmlspecialchars($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ')' . '</td></tr>' . '<tr><td>' . - t('By using our services, you accept of our'). ' <a href="' . $cfg['web_root'] . '/tos.php' . '">' . t('Term Of Service') . '</a>'; - ?></td></tr><tr><td><input type="submit" id = "submit_download" value="<?php echo t('Download'); ?>" - onclick="document.getElementById('submit').action=' + t('By using our services, you accept our'). ' <a href="' . $cfg['web_root'] . '/tos.php' . '">' . t('Term Of Service') . '</a>' . + '</td></tr>'; + + if ($link['onetime'] == 'O') + { + echo '<tr><td id="self_destruct">' . + t('Warning, this file will self-destruct after being read') . + '</td></tr>'; + } + + ?> + <tr><td><input type="submit" id = "submit_download" value="<?php echo t('Download'); ?>" + onclick="document.getElementById('submit_post').action=' <?php - echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&bd=1'; + echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&d=1'; if (!empty($crypt_key)) echo '&k=' . urlencode($crypt_key); ?>'; - document.getElementById('submit_download').submit ();"/><?php + document.getElementById('submit_post').submit ();"/><?php - if ($cfg['download_page'] && $cfg['preview']) + if ($cfg['preview'] && jirafeau_is_viewable($link['mime_type'])) { ?><input type="submit" id = "submit_preview" value="<?php echo t('Preview'); ?>" - onclick="document.getElementById('submit').action=' + onclick="document.getElementById('submit_post').action=' <?php - echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&bp=1'; + echo $cfg['web_root'] . '/f.php?h=' . $link_name . '&p=1'; if (!empty($crypt_key)) echo '&k=' . urlencode($crypt_key); ?>'; - document.getElementById('submit_preview').submit ();"/><?php + document.getElementById('submit_post').submit ();"/><?php } echo '</td></tr>'; echo '</table></fieldset></form></div>'; @@ -219,11 +243,12 @@ if ($cfg['download_page'] && !$password_challenged && !$button_download && !$but header ('HTTP/1.0 200 OK'); header ('Content-Length: ' . $link['file_size']); -if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $button_download) - header ('Content-Disposition: attachment; filename="' . - $link['file_name'] . '"'); +if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $do_download) + header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); else - header ('Content-Type: ' . $link['mime_type']); + header ('Content-Disposition: filename="' . $link['file_name'] . '"'); +header ('Content-Type: ' . $link['mime_type']); +header ('Content-MD5: ' . hex_to_base64($link['md5'])); /* Read encrypted file. */ if ($link['crypted'])