X-Git-Url: https://git.p6c8.net/jirafeau/jirafeau.git/blobdiff_plain/ea13ecd5272b130c028b76b91b2a05ea65fd565b..87c8c5de8a035e3336090758274d8384701e98e8:/lib/functions.php
diff --git a/lib/functions.php b/lib/functions.php
index 2843e29..f55da7b 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -446,7 +446,7 @@ function jirafeau_upload($file, $one_time_download, $key, $time, $ip, $crypt, $l
'link' => '',
'delete_link' => ''));
}
- jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $link_name_length, $file_hash_method);
+ return jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $link_name_length, $file_hash_method);
}
/**
@@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt,
/* hash password or empty. */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = hash('sha256',$key);
}
/* create link file */
@@ -623,7 +623,7 @@ function jirafeau_is_viewable($mime)
if (!empty($mime)) {
$viewable = array('image', 'video', 'audio');
$decomposed = explode('/', $mime);
- if (in_array($decomposed[0], $viewable) && strpos($mime, 'image/svg+xml') === false) {
+ if (in_array($decomposed[0], $viewable) && stripos($mime, 'image/svg+xml') === false && strpos($mime, ',') === false) {
return true;
}
$viewable = array('text/plain');
@@ -771,6 +771,9 @@ function jirafeau_admin_list($name, $file_hash, $link_hash)
if (!empty($link_hash) && $link_hash != $node) {
continue;
}
+
+ /* Get download statistics */
+ $ld = jirafeau_get_download_stats($node);
/* Print link information. */
echo '
';
echo '';
@@ -793,6 +796,11 @@ function jirafeau_admin_list($name, $file_hash, $link_hash)
if (strlen($l['ip']) > 0) {
echo t('ORIGIN') . ': ' . $l['ip'] . ' ';
}
+ echo t('DOWNLOAD_COUNT') . ': ' . $ld['count'] . ' ';
+ if ($ld['count'] > 0) {
+ echo t('DOWNLOAD_DATE') . ': ' . jirafeau_get_datetimefield($ld['date']) . ' ';
+ echo t('DOWNLOAD_IP') . ': ' . $ld['ip'] . ' ';
+ }
echo ' | ';
if (!$l['crypted'] && !$l['crypted_legacy']) {
@@ -1080,10 +1088,10 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip)
$w_path = $p . $ref . '_data';
touch($w_path);
- /* md5 password or empty */
+ /* sha256 password or empty */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = hash('sha256',$key);
}
/* Store information. */
@@ -1197,6 +1205,11 @@ function jirafeau_async_end($ref, $code, $crypt, $link_name_length, $file_hash_m
return "Error: referenced file does not exist";
}
+ /* Store filesize before encrypting the file */
+ /* Otherwise we would send the size of the encrypted file and the data of the unencrypted file */
+ /* This would break some browsers */
+ $size = filesize($p);
+
$crypted = false;
$crypt_key = '';
if ($crypt == true && extension_loaded('sodium') == true) {
@@ -1209,7 +1222,6 @@ function jirafeau_async_end($ref, $code, $crypt, $link_name_length, $file_hash_m
}
$hash = jirafeau_hash_file($file_hash_method, $p);
- $size = filesize($p);
$np = s2p($hash);
$delete_link_code = jirafeau_gen_random(5);
@@ -1367,7 +1379,7 @@ function jirafeau_decrypt_file_legacy($fp_src, $fp_dst, $k)
$m = mcrypt_module_open('rijndael-256', '', 'ofb', '');
/* Extract key and iv. */
$crypt_key = $k;
- $hash_key = md5($crypt_key);
+ $hash_key = hash('sha256',$crypt_key);
$iv = jirafeau_crypt_create_iv($hash_key, mcrypt_enc_get_iv_size($m));
/* Init module. */
mcrypt_generic_init($m, $hash_key, $iv);
@@ -1630,7 +1642,7 @@ function jirafeau_escape($string)
function jirafeau_admin_session_start()
{
$_SESSION['admin_auth'] = true;
- $_SESSION['admin_csrf'] = md5(uniqid(mt_rand(), true));
+ $_SESSION['admin_csrf'] = hash('sha256',uniqid(mt_rand(), true));
}
function jirafeau_session_end()
@@ -1775,7 +1787,7 @@ function jirafeau_write_download_stats($hash, $ip)
fclose($handle);
}
-function jirafeau_create_upload_finished_box($preview = true)
+function jirafeau_create_upload_finished_box($preview = true, $download_pass = null)
{
?>
@@ -1792,6 +1804,21 @@ function jirafeau_create_upload_finished_box($preview = true)
+
+
+
+
+
|