X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/bd23d65292b6eda5c00e85ddce27235b5529a565..d8192d6d361c2d707bac679facce23c7167cb93b:/script.php
diff --git a/script.php b/script.php
index a6b9457..3185de7 100755
--- a/script.php
+++ b/script.php
@@ -25,7 +25,7 @@
define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
-require (JIRAFEAU_ROOT . 'lib/config.php');
+require (JIRAFEAU_ROOT . 'lib/config.original.php');
require (JIRAFEAU_ROOT . 'lib/settings.php');
require (JIRAFEAU_ROOT . 'lib/functions.php');
require (JIRAFEAU_ROOT . 'lib/lang.php');
@@ -36,12 +36,14 @@ require (JIRAFEAU_ROOT . 'lib/lang.php');
/* Operations may take a long time.
* Be sure PHP's safe mode is off.
*/
- set_time_limit(0);
+@set_time_limit(0);
+/* Remove errors. */
+@error_reporting(0);
if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
{
require (JIRAFEAU_ROOT . 'lib/template/header.php');
- check_errors ();
+ check_errors ($cfg);
if (has_error ())
{
show_errors ();
@@ -250,7 +252,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
/* Lets use interface now. */
header('Content-Type: text; charset=utf-8');
-check_errors ();
+check_errors ($cfg);
if (has_error ())
{
echo "Error";
@@ -261,6 +263,12 @@ if (has_error ())
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
+ {
+ echo "Error";
+ exit;
+ }
+
$key = '';
if (isset ($_POST['key']))
$key = $_POST['key'];
@@ -292,7 +300,8 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
}
$res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']),
- $key, $time, $_SERVER['REMOTE_ADDR']);
+ $key, $time, $_SERVER['REMOTE_ADDR'],
+ $cfg['enable_crypt'], $cfg['link_name_lenght']);
if (empty($res) || $res['error']['has_error'])
{
@@ -301,9 +310,12 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
}
/* Print direct link. */
echo $res['link'];
- echo NL;
/* Print delete link. */
+ echo NL;
echo $res['delete_link'];
+ /* Print decrypt key. */
+ echo NL;
+ echo urlencode($res['crypt_key']);
}
elseif (isset ($_GET['h']))
{
@@ -315,7 +327,7 @@ elseif (isset ($_GET['h']))
if (isset ($_GET['d']))
$d = $_GET['d'];
- if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name))
+ if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
{
echo "Error";
exit;
@@ -517,6 +529,12 @@ fi
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (!isset ($_POST['filename']))
{
echo "Error";
@@ -580,11 +598,17 @@ elseif (isset ($_GET['end_async']))
|| !isset ($_POST['code']))
echo "Error";
else
- echo jirafeau_async_end ($_POST['ref'], $_POST['code']);
+ echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
}
/* Initialize block. */
elseif (isset ($_GET['init_block']) && $cfg['enable_blocks'])
{
+ if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (!isset ($_POST['size']))
echo "Error";
else