X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/9ec4f08e55939cd9178c6548ba2c48842568e747..34eb26eb03c1d2915eccb43e3afdd7fdf7ebd0bf:/script.php diff --git a/script.php b/script.php index b4ab57c..93599c9 100644 --- a/script.php +++ b/script.php @@ -157,7 +157,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo "$name: " . $web_root . "script.php?lang=$lang "; echo '
'; - echo '';
echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' ';
echo t('Chunks of data must be sent in order.');
@@ -174,9 +174,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "upload_password=your_upload_password (" . t('Optional') . ")
";
echo '
' . t('This will return brut text content.') . ' ' .
- t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?push_async
';
echo '
';
@@ -188,7 +188,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo '
' . t('This will return brut text content.') . ' ' .
t('Returns the next code to use.') . '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?end_async
';
echo '
';
@@ -218,6 +218,12 @@ if (has_error ())
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -505,6 +511,12 @@ fi
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))