X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/c5571d92378b2dc0529d05b8f6ad3349b2d128cc..bfecca5f8803a850c74add1fe59fbb3987b82e4a:/script.php?ds=sidebyside
diff --git a/script.php b/script.php
index c7d847f..1c154b1 100644
--- a/script.php
+++ b/script.php
@@ -135,12 +135,12 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "h=your_download_reference (" . t('Required') . ")
";
echo "d=yout_delete_code (" . t('Required') . ")
";
echo '
' . t('This will return "Ok" if succeded, "Error" otherwhise.') . '
' . t('This will return "Ok" if succeeded, "Error" otherwhise.') . '
'; echo t('Example') . ": " . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&d=0d210a952 "; echo '
'; - echo '';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php
';
echo '
';
@@ -157,9 +157,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "$name: " . $web_root . "script.php?lang=$lang ";
echo '
'; - echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' '; + echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' '; echo t('Chunks of data must be sent in order.'); echo '
'; echo '';
@@ -174,9 +174,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo "upload_password=your_upload_password (" . t('Optional') . ")
";
echo '
' . t('This will return brut text content.') . ' ' .
- t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?push_async
';
echo '
';
@@ -188,7 +188,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
echo '
' . t('This will return brut text content.') . ' ' .
t('Returns the next code to use.') . '
';
echo t('Send a GET query to') . ': ' . $web_root . 'script.php?end_async
';
echo '
';
@@ -218,6 +218,12 @@ if (has_error ())
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -272,8 +278,8 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
$res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']),
- $key, $time, $_SERVER['REMOTE_ADDR'],
- $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ $key, $time, get_ip_address($cfg),
+ $cfg['enable_crypt'], $cfg['link_name_length']);
if (empty($res) || $res['error']['has_error'])
{
@@ -505,6 +511,12 @@ fi
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -563,7 +575,7 @@ elseif (isset ($_GET['init_async']))
isset ($_POST['one_time_download']),
$key,
$time,
- $_SERVER['REMOTE_ADDR']);
+ get_ip_address($cfg));
}
/* Continue an asynchronous upload. */
elseif (isset ($_GET['push_async']))
@@ -587,7 +599,7 @@ elseif (isset ($_GET['end_async']))
|| !isset ($_POST['code']))
echo "Error";
else
- echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
}
else
echo "Error";