X-Git-Url: https://git.p6c8.net/jirafeau/jirafeau.git/blobdiff_plain/51a3e59006cc2dbe80a20ea9a5031795249bb914..9e0eb7719c3ce8dd8052b4c29da5c60033fc1389:/lib/functions.php diff --git a/lib/functions.php b/lib/functions.php index 578276f..948a436 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -464,9 +464,9 @@ function jirafeau_handle_add_file_encryption($crypt_module_enabled, $file_path) error_log("PHP extension sodium not loaded, won't encrypt in Jirafeau"); } if ($crypt_module_enabled == true && extension_loaded('sodium') == true) { - $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'crypt'); + $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'.crypt'); if (strlen($crypt_key) > 0) { - if (rename($file_path.'crypt', $file_path) === true) { + if (rename($file_path.'.crypt', $file_path) === true) { $crypted = true; } } @@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, /* hash password or empty. */ $password = ''; if (!empty($key)) { - $password = md5($key); + $password = '[SHA256]' . hash('sha256', $key); } /* create link file */ @@ -554,7 +554,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $handle, $name . NL. $mime_type . NL. $size . NL. $password . NL. $time . NL . $hash. NL . ($one_time_download ? 'O' : 'R') . NL . time() . - NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C' : 'O') + NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C2' : 'O') ); fclose($handle); $hash_link = substr(base_16_to_64(md5_file($link_tmp_name)), 0, $link_name_length); @@ -1088,10 +1088,10 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip) $w_path = $p . $ref . '_data'; touch($w_path); - /* md5 password or empty */ + /* sha256 password or empty */ $password = ''; if (!empty($key)) { - $password = md5($key); + $password = '[SHA256]' . hash('sha256', $key); } /* Store information. */ @@ -1642,7 +1642,7 @@ function jirafeau_escape($string) function jirafeau_admin_session_start() { $_SESSION['admin_auth'] = true; - $_SESSION['admin_csrf'] = md5(uniqid(mt_rand(), true)); + $_SESSION['admin_csrf'] = hash('sha256', uniqid(mt_rand(), true)); } function jirafeau_session_end() @@ -1804,8 +1804,7 @@ function jirafeau_create_upload_finished_box($preview = true, $download_pass = n
- +