X-Git-Url: https://git.p6c8.net/jirafeau/jirafeau.git/blobdiff_plain/51a3e59006cc2dbe80a20ea9a5031795249bb914..98e21efcfe3da0ff0794d40f7682899cf5d8ec91:/lib/functions.php
diff --git a/lib/functions.php b/lib/functions.php
index 578276f..6c8d56d 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -464,9 +464,9 @@ function jirafeau_handle_add_file_encryption($crypt_module_enabled, $file_path)
error_log("PHP extension sodium not loaded, won't encrypt in Jirafeau");
}
if ($crypt_module_enabled == true && extension_loaded('sodium') == true) {
- $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'crypt');
+ $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'.crypt');
if (strlen($crypt_key) > 0) {
- if (rename($file_path.'crypt', $file_path) === true) {
+ if (rename($file_path.'.crypt', $file_path) === true) {
$crypted = true;
}
}
@@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt,
/* hash password or empty. */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = '[SHA256]' . hash('sha256', $key);
}
/* create link file */
@@ -554,7 +554,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt,
$handle,
$name . NL. $mime_type . NL. $size . NL. $password . NL. $time .
NL . $hash. NL . ($one_time_download ? 'O' : 'R') . NL . time() .
- NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C' : 'O')
+ NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C2' : 'O')
);
fclose($handle);
$hash_link = substr(base_16_to_64(md5_file($link_tmp_name)), 0, $link_name_length);
@@ -947,6 +947,7 @@ function jirafeau_admin_bug_report($cfg)
$out .= "- version: " . JIRAFEAU_VERSION . "
";
$jirafeau_options = [
'debug',
+ 'debug_enforce_classic_upload',
'file_hash',
'litespeed_workaround',
'store_uploader_ip',
@@ -1088,10 +1089,10 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip)
$w_path = $p . $ref . '_data';
touch($w_path);
- /* md5 password or empty */
+ /* sha256 password or empty */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = '[SHA256]' . hash('sha256', $key);
}
/* Store information. */
@@ -1642,7 +1643,7 @@ function jirafeau_escape($string)
function jirafeau_admin_session_start()
{
$_SESSION['admin_auth'] = true;
- $_SESSION['admin_csrf'] = md5(uniqid(mt_rand(), true));
+ $_SESSION['admin_csrf'] = hash('sha256', uniqid(mt_rand(), true));
}
function jirafeau_session_end()
@@ -1804,8 +1805,7 @@ function jirafeau_create_upload_finished_box($preview = true, $download_pass = n