From 404c669c9226d66ca1189534ad4c1da8e2f165f9 Mon Sep 17 00:00:00 2001 From: Blackeye Date: Wed, 4 Feb 2026 01:47:30 +0100 Subject: [PATCH 01/16] pat pat - ci linting --- f.php | 2 +- lib/functions.php | 8 ++++---- script.php | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/f.php b/f.php index 92736f7..f0a3d12 100644 --- a/f.php +++ b/f.php @@ -171,7 +171,7 @@ if (!empty($link['key'])) { require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } else { - if (hash_equals($link['key'], hash('sha256',$_POST['key']))) { + if (hash_equals($link['key'], hash('sha256', $_POST['key']))) { $password_challenged = true; } else { sleep(2); diff --git a/lib/functions.php b/lib/functions.php index f55da7b..3811544 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, /* hash password or empty. */ $password = ''; if (!empty($key)) { - $password = hash('sha256',$key); + $password = hash('sha256', $key); } /* create link file */ @@ -1091,7 +1091,7 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip) /* sha256 password or empty */ $password = ''; if (!empty($key)) { - $password = hash('sha256',$key); + $password = hash('sha256', $key); } /* Store information. */ @@ -1379,7 +1379,7 @@ function jirafeau_decrypt_file_legacy($fp_src, $fp_dst, $k) $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ $crypt_key = $k; - $hash_key = hash('sha256',$crypt_key); + $hash_key = hash('sha256', $crypt_key); $iv = jirafeau_crypt_create_iv($hash_key, mcrypt_enc_get_iv_size($m)); /* Init module. */ mcrypt_generic_init($m, $hash_key, $iv); @@ -1642,7 +1642,7 @@ function jirafeau_escape($string) function jirafeau_admin_session_start() { $_SESSION['admin_auth'] = true; - $_SESSION['admin_csrf'] = hash('sha256',uniqid(mt_rand(), true)); + $_SESSION['admin_csrf'] = hash('sha256', uniqid(mt_rand(), true)); } function jirafeau_session_end() diff --git a/script.php b/script.php index d28bc02..301ebe8 100644 --- a/script.php +++ b/script.php @@ -183,7 +183,7 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES) echo 'Error 9'; exit; } - if (strlen($link['key']) > 0 && hash('sha256',$key) != $link['key']) { + if (strlen($link['key']) > 0 && hash('sha256', $key) != $link['key']) { sleep(2); echo 'Error 10'; exit; -- 2.43.0 From e9032b593d1da1fc2775c12e30a742c9cf9cf223 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Wed, 4 Feb 2026 12:36:38 +0100 Subject: [PATCH 02/16] Mentioned CVE-2026-1466 in CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ed7b741..5e614ec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,7 +19,7 @@ ## Version 4.7.1 -- Fixed another possibility to bypass the checks for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110), [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326) and [CVE-2025-7066](https://www.cve.org/CVERecord?id=CVE-2025-7066) (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled. +- Fixed another possibility to bypass the checks for [CVE-2022-30110](https://www.cve.org/CVERecord?id=CVE-2022-30110), [CVE-2024-12326](https://www.cve.org/CVERecord?id=CVE-2024-12326) and [CVE-2025-7066](https://www.cve.org/CVERecord?id=CVE-2025-7066) (prevent preview of SVG images and other critical files) by sending a manipulated HTTP request with a MIME type like "image". When doing the preview, the browser tries to automatically detect the MIME type resulting in detecting SVG and possibly executing JavaScript code. To prevent this, MIME sniffing is disabled. This issue has subsequently been reported as [CVE-2026-1466](https://www.cve.org/CVERecord?id=CVE-2026-1466). - The default value of `max_upload_chunk_size_bytes` was set to `5000000`. Higher values could trigger a bug Chromium-based browsers on servers with HTTP/3 enabled, causing asynchronous uploads to fail. - Docker image: Updated PHP to 8.3 and removed `mime-types.conf` from `lighttpd.conf` - Upgrade from 4.7.0: in-place upgrade, you also should set `max_upload_chunk_size_bytes` to `5000000` in your `config.local.php`! -- 2.43.0 From b2a6694cd0bb0d0e07610cd408e80698f62680c4 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 29 May 2026 15:13:29 +0200 Subject: [PATCH 03/16] Here we actually NEED MD5. This one affects only legacy files encrypted using mcrypt. --- lib/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/functions.php b/lib/functions.php index 3811544..bb0d251 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -1379,7 +1379,7 @@ function jirafeau_decrypt_file_legacy($fp_src, $fp_dst, $k) $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ $crypt_key = $k; - $hash_key = hash('sha256', $crypt_key); + $hash_key = md5($crypt_key); $iv = jirafeau_crypt_create_iv($hash_key, mcrypt_enc_get_iv_size($m)); /* Init module. */ mcrypt_generic_init($m, $hash_key, $iv); -- 2.43.0 From 84021524193bc4ac717bc06f901c5cd80fc5f0c8 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 29 May 2026 15:35:41 +0200 Subject: [PATCH 04/16] Prefixed SHA256 password hashes This way we can identify them and still compare to legacy MD5 hashes --- f.php | 5 ++++- lib/functions.php | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/f.php b/f.php index f0a3d12..25f6be3 100644 --- a/f.php +++ b/f.php @@ -171,7 +171,10 @@ if (!empty($link['key'])) { require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } else { - if (hash_equals($link['key'], hash('sha256', $_POST['key']))) { + if (strpos($link['key'], '[SHA256]') == 0 && hash_equals(substr($link['key'], 8), hash('sha256', $_POST['key']))) { + $password_challenged = true; + } + elseif (hash_equals($link['key'], md5($_POST['key']))) { $password_challenged = true; } else { sleep(2); diff --git a/lib/functions.php b/lib/functions.php index bb0d251..9ea7351 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, /* hash password or empty. */ $password = ''; if (!empty($key)) { - $password = hash('sha256', $key); + $password = '[SHA256]'.hash('sha256', $key); } /* create link file */ @@ -1091,7 +1091,7 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip) /* sha256 password or empty */ $password = ''; if (!empty($key)) { - $password = hash('sha256', $key); + $password = '[SHA256]'.hash('sha256', $key); } /* Store information. */ -- 2.43.0 From 09a404c9de4c90d1ab6e659d887b6e7dbb2e22c4 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 29 May 2026 15:48:02 +0200 Subject: [PATCH 05/16] Fixed linter error --- f.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/f.php b/f.php index 25f6be3..870b4bd 100644 --- a/f.php +++ b/f.php @@ -173,8 +173,7 @@ if (!empty($link['key'])) { } else { if (strpos($link['key'], '[SHA256]') == 0 && hash_equals(substr($link['key'], 8), hash('sha256', $_POST['key']))) { $password_challenged = true; - } - elseif (hash_equals($link['key'], md5($_POST['key']))) { + } elseif (hash_equals($link['key'], md5($_POST['key']))) { $password_challenged = true; } else { sleep(2); -- 2.43.0 From d9c69f9b8fa039888cd23e53c040df0e8ca8e56c Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 29 May 2026 16:57:14 +0200 Subject: [PATCH 06/16] Added config option to enforce legacy synchronous file upload This is useful for debugging, we use it for issue #48 --- lib/config.original.php | 4 ++++ lib/functions.js.php | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/lib/config.original.php b/lib/config.original.php index 6b7c342..e77684b 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -235,6 +235,10 @@ $cfg['installation_done'] = false; */ $cfg['debug'] = false; +/* Enable this debug flag to enforce the legacy (synchronous) file upload mechanism. + */ +$cfg['debug_enforce_legacy_upload'] = false; + /* Set Jirafeau's maximal upload chunk * When Jirafeau upload a large file, Jirafeau sends several data chunks to fit server's capabilities. * Jirafeau tries to upload each data chunk with the maximal size allowed by PHP (post_max_size and upload_max_filesize). diff --git a/lib/functions.js.php b/lib/functions.js.php index 29d50c1..4e95747 100644 --- a/lib/functions.js.php +++ b/lib/functions.js.php @@ -479,6 +479,13 @@ function classic_upload (file, time, password, one_time) function check_html5_file_api () { + + // Enforce legacy upload is enabled through config! + return false; + return window.File && window.FileReader && window.FileList && window.Blob; } -- 2.43.0 From 35b1450b75b61e0c19cc7b6ea98c7ec103475042 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Sun, 31 May 2026 15:07:50 +0200 Subject: [PATCH 07/16] Small refactoring --- lib/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/functions.php b/lib/functions.php index 9ea7351..833e21b 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -544,7 +544,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, /* hash password or empty. */ $password = ''; if (!empty($key)) { - $password = '[SHA256]'.hash('sha256', $key); + $password = '[SHA256]' . hash('sha256', $key); } /* create link file */ @@ -1091,7 +1091,7 @@ function jirafeau_async_init($filename, $type, $one_time, $key, $time, $ip) /* sha256 password or empty */ $password = ''; if (!empty($key)) { - $password = '[SHA256]'.hash('sha256', $key); + $password = '[SHA256]' . hash('sha256', $key); } /* Store information. */ -- 2.43.0 From 2a1d4d84d7ad3dd1ae11629ca0411fdd20cb6cb4 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Sun, 31 May 2026 15:29:37 +0200 Subject: [PATCH 08/16] Fixed file encryption in classic uploads Encrypted files uploaded using classic (synchronous) uploads were marked using "C" identifying legacy mcrypt encryption => changed to "C2" identifying Sodium encryption --- lib/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/functions.php b/lib/functions.php index 84bcea8..0d66066 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -554,7 +554,7 @@ function jirafeau_add_file($file, $one_time_download, $key, $time, $ip, $crypt, $handle, $name . NL. $mime_type . NL. $size . NL. $password . NL. $time . NL . $hash. NL . ($one_time_download ? 'O' : 'R') . NL . time() . - NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C' : 'O') + NL . $ip . NL. $delete_link_code . NL . ($crypted ? 'C2' : 'O') ); fclose($handle); $hash_link = substr(base_16_to_64(md5_file($link_tmp_name)), 0, $link_name_length); -- 2.43.0 From 249f5f73101449bcda4b4fdcbc549946f0d938c5 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Sun, 31 May 2026 15:30:50 +0200 Subject: [PATCH 09/16] Renamed cfg option debug_enforce_legacy_upload to debug_enforce_classic_upload --- lib/config.original.php | 4 ++-- lib/functions.js.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/config.original.php b/lib/config.original.php index e77684b..37c87eb 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -235,9 +235,9 @@ $cfg['installation_done'] = false; */ $cfg['debug'] = false; -/* Enable this debug flag to enforce the legacy (synchronous) file upload mechanism. +/* Enable this debug flag to enforce the classic (synchronous) file upload mechanism. */ -$cfg['debug_enforce_legacy_upload'] = false; +$cfg['debug_enforce_classic_upload'] = false; /* Set Jirafeau's maximal upload chunk * When Jirafeau upload a large file, Jirafeau sends several data chunks to fit server's capabilities. diff --git a/lib/functions.js.php b/lib/functions.js.php index 4e95747..3574891 100644 --- a/lib/functions.js.php +++ b/lib/functions.js.php @@ -480,8 +480,8 @@ function classic_upload (file, time, password, one_time) function check_html5_file_api () { - // Enforce legacy upload is enabled through config! + if (isset($cfg['debug_enforce_classic_upload']) && $cfg['debug_enforce_classic_upload']) { ?> + // Enforce classic upload is enabled through config! return false; Date: Sun, 31 May 2026 15:49:28 +0200 Subject: [PATCH 10/16] Fixed temporary filenames of encrypted files during classic upload --- lib/functions.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/functions.php b/lib/functions.php index 0d66066..e5a05b0 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -464,9 +464,9 @@ function jirafeau_handle_add_file_encryption($crypt_module_enabled, $file_path) error_log("PHP extension sodium not loaded, won't encrypt in Jirafeau"); } if ($crypt_module_enabled == true && extension_loaded('sodium') == true) { - $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'crypt'); + $crypt_key = jirafeau_encrypt_file($file_path, $file_path.'.crypt'); if (strlen($crypt_key) > 0) { - if (rename($file_path.'crypt', $file_path) === true) { + if (rename($file_path.'.crypt', $file_path) === true) { $crypted = true; } } -- 2.43.0 From f93cfddfd0fe0f6e78a8a27e05889d35db8a0dd4 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Sun, 31 May 2026 18:55:05 +0200 Subject: [PATCH 11/16] Fixed error message occuring on classic upload Changed handling of XHR responses --- lib/functions.js.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/functions.js.php b/lib/functions.js.php index 3574891..cafecaf 100644 --- a/lib/functions.js.php +++ b/lib/functions.js.php @@ -430,9 +430,9 @@ function classic_upload (file, time, password, one_time) req.upload.addEventListener ("progress", upload_progress, false); req.addEventListener ("error", XHRErrorHandler, false); req.addEventListener ("abort", XHRErrorHandler, false); - req.onreadystatechange = function () + req.onload = function () { - if (req.readyState == 4 && req.status == 200) + if (req.status === 200) { var res = req.responseText; -- 2.43.0 From ba336c598f3d55706b59f39975b6abc52c1995ec Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 5 Jun 2026 16:23:42 +0200 Subject: [PATCH 12/16] Applied patch by @Blackstareye from merge request !30 Now we have an eye button for toggling the password to clear text --- index.php | 35 +++++++++++++++++++++++++----- media/dark-courgette/style.css.php | 22 +++++++++++++++++++ 2 files changed, 52 insertions(+), 5 deletions(-) diff --git a/index.php b/index.php index 2b84013..82b3c8c 100644 --- a/index.php +++ b/index.php @@ -156,14 +156,15 @@ if ($cfg['download_password_requirement'] === 'generated') { echo ''; } else { echo ''; - echo ' '; + echo ' /> '; echo ''; }?> @@ -207,6 +208,20 @@ if ($cfg['maximal_upload_size'] >= 1024) { diff --git a/media/dark-courgette/style.css.php b/media/dark-courgette/style.css.php index 3657b87..3ba5e79 100644 --- a/media/dark-courgette/style.css.php +++ b/media/dark-courgette/style.css.php @@ -472,3 +472,25 @@ textarea[readonly="readonly"] + p + p a:focus { padding-top: 10px; padding-bottom: 10px; } + + + +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} -- 2.43.0 From fe7f410653b476ebb6a9fc1d381821a300a0e960 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 5 Jun 2026 16:31:44 +0200 Subject: [PATCH 13/16] Applied CSS for "show password box" to other themes --- media/courgette/style.css.php | 20 ++++++++++++++ media/dark-courgette/style.css.php | 44 ++++++++++++++---------------- media/elegantish/elegantish.css | 20 ++++++++++++++ media/industrial/style.css.php | 20 ++++++++++++++ media/jyraphe/style.css.php | 20 ++++++++++++++ media/modern/style.css.php | 20 ++++++++++++++ 6 files changed, 121 insertions(+), 23 deletions(-) diff --git a/media/courgette/style.css.php b/media/courgette/style.css.php index 4b75988..d6f1e09 100644 --- a/media/courgette/style.css.php +++ b/media/courgette/style.css.php @@ -286,6 +286,26 @@ input[type="submit"]:focus { background: url(email.png) no-repeat; } +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} + /* ========================================================================== 5 = Terms of service ========================================================================== */ diff --git a/media/dark-courgette/style.css.php b/media/dark-courgette/style.css.php index 3ba5e79..fc78d3c 100644 --- a/media/dark-courgette/style.css.php +++ b/media/dark-courgette/style.css.php @@ -289,6 +289,26 @@ input[type="submit"]:focus { background: url(email.png) no-repeat; } +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} + /* ========================================================================== 5 = Terms of service ========================================================================== */ @@ -471,26 +491,4 @@ textarea[readonly="readonly"] + p + p a:focus { padding-left: 40px; padding-top: 10px; padding-bottom: 10px; -} - - - -#show_password { - flex: 1 1 auto; - position: absolute; - right: 0%; - background: none; - border: none; - cursor: pointer; - opacity: 30%; -} -#show_password:hover { - opacity: 100%; -} - -.passwordcolumn { - display: flex; - position: relative; - align-items: center; - width: 100%; -} +} \ No newline at end of file diff --git a/media/elegantish/elegantish.css b/media/elegantish/elegantish.css index 7e04ac8..253bcd0 100644 --- a/media/elegantish/elegantish.css +++ b/media/elegantish/elegantish.css @@ -286,6 +286,26 @@ input[type="submit"]:focus { background: url(email.png) no-repeat; } +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} + /* ========================================================================== 5 = Terms of service ========================================================================== */ diff --git a/media/industrial/style.css.php b/media/industrial/style.css.php index 34d9990..e9d3090 100644 --- a/media/industrial/style.css.php +++ b/media/industrial/style.css.php @@ -193,3 +193,23 @@ input:hover { padding-bottom: 15px; background: url(email.png) no-repeat; } + +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} diff --git a/media/jyraphe/style.css.php b/media/jyraphe/style.css.php index 1a2b789..23b6f6d 100644 --- a/media/jyraphe/style.css.php +++ b/media/jyraphe/style.css.php @@ -241,3 +241,23 @@ h1 a { padding-left: 20px; background: url(email.png) no-repeat; } + +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} \ No newline at end of file diff --git a/media/modern/style.css.php b/media/modern/style.css.php index fcdf9ca..4d68928 100644 --- a/media/modern/style.css.php +++ b/media/modern/style.css.php @@ -233,3 +233,23 @@ font-size:90%; padding-left: 20px; background: url(email.png) no-repeat; } + +#show_password { + flex: 1 1 auto; + position: absolute; + right: 0%; + background: none; + border: none; + cursor: pointer; + opacity: 30%; +} +#show_password:hover { + opacity: 100%; +} + +.passwordcolumn { + display: flex; + position: relative; + align-items: center; + width: 100%; +} -- 2.43.0 From 0ed2d5528e2af3cac543a03c4914382d4846d7e8 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 5 Jun 2026 16:35:55 +0200 Subject: [PATCH 14/16] Modified copyright header of all themes --- media/courgette/style.css.php | 10 +++++----- media/dark-courgette/style.css.php | 10 +++++----- media/elegantish/style.css.php | 13 ++++--------- media/industrial/style.css.php | 9 +++------ media/jyraphe/style.css.php | 7 ++----- media/modern/style.css.php | 13 ++++--------- 6 files changed, 23 insertions(+), 39 deletions(-) diff --git a/media/courgette/style.css.php b/media/courgette/style.css.php index d6f1e09..7623cd5 100644 --- a/media/courgette/style.css.php +++ b/media/courgette/style.css.php @@ -1,9 +1,9 @@ - * Jimmy Beauvois + * Jirafeau, your web file repository + * Copyright (C) 2008 Julien "axolotl" BERNARD + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -20,7 +20,7 @@ */ /* - * This stylesheet is the default stylesheet for Jyraphe. + * This stylesheet is the default stylesheet for Jirafeau. * The content is dynamically generated for easier handling. */ diff --git a/media/dark-courgette/style.css.php b/media/dark-courgette/style.css.php index fc78d3c..7a577c9 100644 --- a/media/dark-courgette/style.css.php +++ b/media/dark-courgette/style.css.php @@ -1,9 +1,9 @@ - * Jimmy Beauvois + * Jirafeau, your web file repository + * Copyright (C) 2008 Julien "axolotl" BERNARD + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -20,7 +20,7 @@ */ /* - * This stylesheet is the default stylesheet for Jyraphe. + * This stylesheet is the default dark mode stylesheet for Jirafeau. * The content is dynamically generated for easier handling. */ diff --git a/media/elegantish/style.css.php b/media/elegantish/style.css.php index 7107195..401b37a 100644 --- a/media/elegantish/style.css.php +++ b/media/elegantish/style.css.php @@ -1,9 +1,9 @@ - * Jimmy Beauvois + * Jirafeau, your web file repository + * Copyright (C) 2008 Julien "axolotl" BERNARD + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -19,11 +19,6 @@ * along with this program. If not, see . */ -/* - * This stylesheet is the default stylesheet for Jyraphe. - * The content is dynamically generated for easier handling. - */ - $dark = '#8B4513'; header('Content-type: text/css'); diff --git a/media/industrial/style.css.php b/media/industrial/style.css.php index e9d3090..f28921e 100644 --- a/media/industrial/style.css.php +++ b/media/industrial/style.css.php @@ -1,7 +1,9 @@ + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -17,11 +19,6 @@ * along with this program. If not, see . */ -/* - * This stylesheet is the default stylesheet for Jyraphe. - * The content is dynamically generated for easier handling. - */ - $dark = '#8B4513'; header('Content-type: text/css'); diff --git a/media/jyraphe/style.css.php b/media/jyraphe/style.css.php index 23b6f6d..517ae1c 100644 --- a/media/jyraphe/style.css.php +++ b/media/jyraphe/style.css.php @@ -2,6 +2,8 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -17,11 +19,6 @@ * along with this program. If not, see . */ -/* - * This stylesheet is the default stylesheet for Jirafeau. - * The content is dynamically generated for easier handling. - */ - $dark = '#8B4513'; header('Content-type: text/css'); diff --git a/media/modern/style.css.php b/media/modern/style.css.php index 4d68928..e40760a 100644 --- a/media/modern/style.css.php +++ b/media/modern/style.css.php @@ -1,9 +1,9 @@ - * Jimmy Beauvois + * Jirafeau, your web file repository + * Copyright (C) 2008 Julien "axolotl" BERNARD + * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2024 Jirafeau project (see AUTHORS.md) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -19,11 +19,6 @@ * along with this program. If not, see . */ -/* - * This stylesheet is the default stylesheet for Jyraphe. - * The content is dynamically generated for easier handling. - */ - $dark = '#8B4513'; header('Content-type: text/css'); -- 2.43.0 From cffb5d5b1fd755e60431cb361b796ba3c251426d Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Fri, 5 Jun 2026 16:49:58 +0200 Subject: [PATCH 15/16] Added TehPeGaSuS to the list of authors --- AUTHORS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS.md b/AUTHORS.md index 98e175b..9eaa5e5 100644 --- a/AUTHORS.md +++ b/AUTHORS.md @@ -104,6 +104,7 @@ This is a list of people who contributed to Jirafeau over the years. The list wa - Sven Dickert - Sylke Vicious - Szylu +- TehPeGaSuS - Thomas LEBEAU - Thomas Sontheimer - Tymofij Lytvynenko -- 2.43.0 From 53adb2263c5846e28b7054d13f394d858c1932b5 Mon Sep 17 00:00:00 2001 From: Patrick Canterino Date: Sat, 13 Jun 2026 15:35:26 +0200 Subject: [PATCH 16/16] Added "debug_enforce_classic_upload" to Docker options --- docker/docker_config.php | 1 + 1 file changed, 1 insertion(+) diff --git a/docker/docker_config.php b/docker/docker_config.php index 6037ec6..d814a8e 100644 --- a/docker/docker_config.php +++ b/docker/docker_config.php @@ -194,6 +194,7 @@ function run_setup(&$cfg) env_2_cfg_bool($cfg, 'one_time_download_preselected'); env_2_cfg_bool($cfg, 'enable_crypt'); env_2_cfg_bool($cfg, 'debug'); + env_2_cfg_bool($cfg, 'debug_enforce_classic_upload'); env_2_cfg_int($cfg, 'maximal_upload_size'); env_2_cfg_string_array($cfg, 'upload_password'); env_2_cfg_string_array($cfg, 'upload_ip'); -- 2.43.0