From: gwunderlich Date: Fri, 2 Sep 2022 12:57:39 +0000 (+0200) Subject: add function to check or generate file download passwords X-Git-Tag: 4.6.0~14^2~24 X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/4823b32b6ce68f7a6a0949c225c808da4979506f?ds=sidebyside add function to check or generate file download passwords --- diff --git a/README.md b/README.md index 9105c7f..f48f4cc 100644 --- a/README.md +++ b/README.md @@ -20,6 +20,7 @@ See [jirafeau.net](https://jirafeau.net/) for a demo. - Shows progression: speed, percentage and remaining upload time - Preview content in browser (if possible) - Optional password protection (for uploading or downloading) +- option to require, check or generate file download passwords - Set expiration time for downloads - Option to self-destruct after first download - Shortened URLs using base 64 encoding diff --git a/docker/README.md b/docker/README.md index daf5302..8d367ea 100644 --- a/docker/README.md +++ b/docker/README.md @@ -52,6 +52,11 @@ Available options: - `UPLOAD_IP_NO_PASSWORD`: set one or more ip allowed to upload files without password (separated by comma). - `PROXY_IP`: set one or more proxy ip (separated by comma). - `STORE_UPLOADER_IP`: set to 1 or 0 to enable or disable keeping sender's IP with the _link_ file. +- `DOWNLOAD_PASSWORD_REQUIREMENT`: set to 'optional' (default), 'required' or 'generated' to make a password for downloading optional, required or generated +- `DOWNLOAD_PASSWORD_GEN_LEN`: set length of generated download passwords +- `DOWNLOAD_PASSWORD_GEN_CHARS`: set characters used for generated download passwords +- `DOWNLOAD_PASSWORD_POLICY`: set to 'regex' to use a regular expression to check user provided download passwords for complexity constraints +- `DOWNLOAD_PASSWORD_POLICY_REGEX`: regex to check against if password policy is set to regex Example: ``` diff --git a/docker/docker_config.php b/docker/docker_config.php index 6a03b73..8c63134 100644 --- a/docker/docker_config.php +++ b/docker/docker_config.php @@ -175,6 +175,11 @@ function run_setup(&$cfg) env_2_cfg_string_array($cfg, 'upload_ip_nopassword'); env_2_cfg_string_array($cfg, 'proxy_ip'); env_2_cfg_bool($cfg, 'store_uploader_ip'); + env_2_cfg_string($cfg, 'download_password_requirement'); + env_2_cfg_int($cfg, 'download_password_gen_len'); + env_2_cfg_string($cfg, 'download_password_gen_chars'); + env_2_cfg_string($cfg, 'download_password_policy'); + env_2_cfg_string($cfg, 'download_password_policy_regex'); if ($setup_ok) { $cfg['installation_done'] = true; diff --git a/index.php b/index.php index b6dac09..24ce25c 100644 --- a/index.php +++ b/index.php @@ -25,6 +25,10 @@ require(JIRAFEAU_ROOT . 'lib/settings.php'); require(JIRAFEAU_ROOT . 'lib/functions.php'); require(JIRAFEAU_ROOT . 'lib/lang.php'); +if ($cfg['download_password_requirement'] === "generated"){ + $download_pass = jirafeau_gen_download_pass(); +} + check_errors($cfg); if (has_error()) { require(JIRAFEAU_ROOT . 'lib/template/header.php'); @@ -108,6 +112,21 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {

+ +
+

+ +
+

+ '?> + +

+
+
+ +
@@ -176,15 +195,23 @@ elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
'; - echo ''; - } -?> - - - - + if ($cfg['one_time_download']) { + echo ''; + echo ''; + } + if ($cfg['download_password_requirement'] === 'generated'){ + echo ''; + }else{ + echo ''; + echo ''; + }?>
' . t('ONE_TIME_DL') . ':
' . t('ONE_TIME_DL') . ':