+ jirafeau_async_delete($ref);
+ return $md5_link . NL . $delete_link_code . NL . urlencode($crypt_key);
+}
+
+function jirafeau_crypt_create_iv($base, $size)
+{
+ $iv = '';
+ while (strlen($iv) < $size) {
+ $iv = $iv . $base;
+ }
+ $iv = substr($iv, 0, $size);
+ return $iv;
+}
+
+/**
+ * Crypt file and returns decrypt key.
+ * @param $fp_src file path to the file to crypt.
+ * @param $fp_dst file path to the file to write crypted file (could be the same).
+ * @return decrypt key composed of the key and the iv separated by a point ('.')
+ */
+function jirafeau_encrypt_file($fp_src, $fp_dst)
+{
+ $fs = filesize($fp_src);
+ if ($fs === false || $fs == 0 || !(extension_loaded('mcrypt') == true)) {
+ return '';
+ }
+
+ /* Prepare module. */
+ $m = mcrypt_module_open('rijndael-256', '', 'ofb', '');
+ /* Generate key. */
+ $crypt_key = jirafeau_gen_random(10);
+ $md5_key = md5($crypt_key);
+ $iv = jirafeau_crypt_create_iv($md5_key, mcrypt_enc_get_iv_size($m));
+ /* Init module. */
+ mcrypt_generic_init($m, $md5_key, $iv);
+ /* Crypt file. */
+ $r = fopen($fp_src, 'r');
+ $w = fopen($fp_dst, 'c');
+ while (!feof($r)) {
+ $enc = mcrypt_generic($m, fread($r, 1024));
+ if (fwrite($w, $enc) === false) {
+ return '';
+ }
+ }
+ fclose($r);
+ fclose($w);
+ /* Cleanup. */
+ mcrypt_generic_deinit($m);
+ mcrypt_module_close($m);
+ return $crypt_key;
+}
+
+/**
+ * Decrypt file.
+ * @param $fp_src file path to the file to decrypt.
+ * @param $fp_dst file path to the file to write decrypted file (could be the same).
+ * @param $k string composed of the key and the iv separated by a point ('.')
+ * @return key used to decrypt. a string of length 0 is returned if failed.
+ */
+function jirafeau_decrypt_file($fp_src, $fp_dst, $k)
+{
+ $fs = filesize($fp_src);
+ if ($fs === false || $fs == 0 || extension_loaded('mcrypt') == false) {
+ return false;
+ }
+
+ /* Init module */
+ $m = mcrypt_module_open('rijndael-256', '', 'ofb', '');
+ /* Extract key and iv. */
+ $crypt_key = $k;
+ $md5_key = md5($crypt_key);
+ $iv = jirafeau_crypt_create_iv($md5_key, mcrypt_enc_get_iv_size($m));
+ /* Decrypt file. */
+ $r = fopen($fp_src, 'r');
+ $w = fopen($fp_dst, 'c');
+ while (!feof($r)) {
+ $dec = mdecrypt_generic($m, fread($r, 1024));
+ if (fwrite($w, $dec) === false) {
+ return false;
+ }
+ }
+ fclose($r);
+ fclose($w);
+ /* Cleanup. */
+ mcrypt_generic_deinit($m);
+ mcrypt_module_close($m);
+ return true;
+}
+
+/**
+ * Check if Jirafeau is password protected for visitors.
+ * @return true if Jirafeau is password protected, false otherwise.
+ */
+function jirafeau_has_upload_password($cfg)
+{
+ return count($cfg['upload_password']) > 0;
+}
+
+/**
+ * Challenge password for a visitor.
+ * @param $password password to be challenged
+ * @return true if password is valid, false otherwise.
+ */
+function jirafeau_challenge_upload_password($cfg, $password)
+{
+ if (!jirafeau_has_upload_password($cfg)) {
+ return false;
+ }
+ foreach ($cfg['upload_password'] as $p) {
+ if ($password == $p) {
+ return true;
+ }
+ }
+ return false;
+}
+
+/**
+ * Test if visitor's IP is authorized to upload.
+ *
+ * @param $allowedIpList array of allowed IPs
+ * @param $challengedIp IP to be challenged
+ * @return true if IP is authorized, false otherwise.
+ */
+function jirafeau_challenge_upload_ip($allowedIpList, $challengedIp)
+{
+ // skip if list is empty = all IPs allowed
+ if (count($allowedIpList) == 0) {
+ return true;
+ }
+ // test given IP against each allowed IP
+ foreach ($allowedIpList as $i) {
+ if ($i == $challengedIp) {
+ return true;
+ }
+ // CIDR test for IPv4 only.
+ if (strpos($i, '/') !== false) {
+ list($subnet, $mask) = explode('/', $i);
+ if ((ip2long($challengedIp) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
+/**
+ * Test if visitor's IP is authorized or password is supplied and authorized
+ * @param $ip IP to be challenged
+ * @param $password password to be challenged
+ * @return true if access is valid, false otherwise.
+ */
+function jirafeau_challenge_upload ($cfg, $ip, $password)
+{
+ // Allow if no ip restrictaion and no password restriction
+ if ((count ($cfg['upload_ip']) == 0) and (count ($cfg['upload_password']) == 0)) {
+ return true;
+ }
+
+ // Allow if ip is in array
+ foreach ($cfg['upload_ip'] as $i) {
+ if ($i == $ip) {
+ return true;
+ }
+ // CIDR test for IPv4 only.
+ if (strpos ($i, '/') !== false)
+ {
+ list ($subnet, $mask) = explode('/', $i);
+ if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) {
+ return true;
+ }
+ }
+ }
+ if (!jirafeau_has_upload_password($cfg)) {
+ return false;
+ }
+
+ foreach ($cfg['upload_password'] as $p) {
+ if ($password == $p) {
+ return true;
+ }
+ }
+ return false;
+}
+
+/** Tell if we have some HTTP headers generated by a proxy */
+function has_http_forwarded()
+{
+ return
+ !empty($_SERVER['HTTP_X_FORWARDED_FOR']) ||
+ !empty($_SERVER['http_X_forwarded_for']);
+}
+
+/**
+ * Generate IP list from HTTP headers generated by a proxy
+ * @return array of IP strings
+ */
+function get_ip_list_http_forwarded()
+{
+ $ip_list = array();
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $l = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
+ if ($l === false) {
+ return array();
+ }
+ foreach ($l as $ip) {
+ array_push($ip_list, preg_replace('/\s+/', '', $ip));
+ }
+ }
+ if (!empty($_SERVER['http_X_forwarded_for'])) {
+ $l = explode(',', $_SERVER['http_X_forwarded_for']);
+ foreach ($l as $ip) {
+ // Separate IP from port
+ $ipa = explode(':', $ip);
+ if ($ipa === false) {
+ continue;
+ }
+ $ip = $ipa[0];
+ array_push($ip_list, preg_replace('/\s+/', '', $ip));
+ }
+ }
+ return $ip_list;
+}
+
+/**
+ * Get the ip address of the client from REMOTE_ADDR
+ * or from HTTP_X_FORWARDED_FOR if behind a proxy
+ * @returns the client ip address
+ */
+function get_ip_address($cfg)
+{
+ $remote = $_SERVER['REMOTE_ADDR'];
+ if (count($cfg['proxy_ip']) == 0 || !has_http_forwarded()) {
+ return $remote;
+ }
+
+ $ip_list = get_ip_list_http_forwarded();
+ if (count($ip_list) == 0) {
+ return $remote;
+ }
+
+ foreach ($cfg['proxy_ip'] as $proxy_ip) {
+ if ($remote != $proxy_ip) {
+ continue;
+ }
+ // Take the last IP (the one which has been set by the defined proxy).
+ return end($ip_list);
+ }
+ return $remote;
+}
+
+/**
+ * Convert hexadecimal string to base64
+ */
+function hex_to_base64($hex)
+{
+ $b = '';
+ foreach (str_split($hex, 2) as $pair) {
+ $b .= chr(hexdec($pair));
+ }
+ return base64_encode($b);
+}
+
+/**
+ * Read alias informations
+ * @return array containing informations.
+ */
+function jirafeau_get_alias($hash)
+{
+ $out = array();
+ $link = VAR_ALIAS . s2p("$hash") . $hash;
+
+ if (!file_exists($link)) {
+ return $out;
+ }
+
+ $c = file($link);
+ $out['md5_password'] = trim($c[0]);
+ $out['ip'] = trim($c[1]);
+ $out['update_date'] = trim($c[2]);
+ $out['destination'] = trim($c[3], NL);
+
+ return $out;
+}
+
+/** Create an alias to a jirafeau's link.
+ * @param $alias alias name
+ * @param $destination reference of the destination
+ * @param $password password to protect alias
+ * @param $ip client's IP
+ * @return a string containing the edit code of the alias or the string "Error"
+ */
+function jirafeau_alias_create($alias, $destination, $password, $ip)
+{
+ /* Check that alias and password are long enough. */
+ if (strlen($alias) < 8 ||
+ strlen($alias) > 32 ||
+ strlen($password) < 8 ||
+ strlen($password) > 32) {
+ return 'Error';
+ }
+
+ /* Check that destination exists. */
+ $l = jirafeau_get_link($destination);
+ if (!count($l)) {
+ return 'Error';
+ }
+
+ /* Check that alias does not already exists. */
+ $alias = md5($alias);
+ $p = VAR_ALIAS . s2p($alias);
+ if (file_exists($p)) {
+ return 'Error';
+ }
+
+ /* Create alias folder. */
+ @mkdir($p, 0755, true);
+ if (!file_exists($p)) {
+ return 'Error';
+ }
+
+ /* Generate password. */
+ $md5_password = md5($password);
+
+ /* Store informations. */
+ $p .= $alias;
+ $handle = fopen($p, 'w');
+ fwrite($handle,
+ $md5_password . NL .
+ $ip . NL .
+ time() . NL .
+ $destination . NL);
+ fclose($handle);
+
+ return 'Ok';
+}
+
+/** Update an alias.
+ * @param $alias alias to update
+ * @param $destination reference of the new destination
+ * @param $password password to protect alias
+ * @param $new_password optional new password to protect alias
+ * @param $ip client's IP
+ * @return "Ok" or "Error" string
+ */
+function jirafeau_alias_update($alias, $destination, $password,
+ $new_password, $ip)
+{
+ $alias = md5($alias);
+ /* Check that alias exits. */
+ $a = jirafeau_get_alias($alias);
+ if (!count($a)) {
+ return 'Error';
+ }
+
+ /* Check that destination exists. */
+ $l = jirafeau_get_link($a["destination"]);
+ if (!count($l)) {
+ return 'Error';
+ }
+
+ /* Check password. */
+ if ($a["md5_password"] != md5($password)) {
+ return 'Error';
+ }
+
+ $p = $a['md5_password'];
+ if (strlen($new_password) >= 8 &&
+ strlen($new_password) <= 32) {
+ $p = md5($new_password);
+ } elseif (strlen($new_password) > 0) {
+ return 'Error';
+ }
+
+ /* Rewrite informations. */
+ $p = VAR_ALIAS . s2p($alias) . $alias;
+ $handle = fopen($p, 'w');
+ fwrite($handle,
+ $p . NL .
+ $ip . NL .
+ time() . NL .
+ $destination . NL);
+ fclose($handle);
+ return 'Ok';
+}
+
+/** Get an alias.
+ * @param $alias alias to get
+ * @return alias destination or "Error" string
+ */
+function jirafeau_alias_get($alias)
+{
+ $alias = md5($alias);
+ /* Check that alias exits. */
+ $a = jirafeau_get_alias($alias);
+ if (!count($a)) {
+ return 'Error';
+ }
+
+ return $a['destination'];
+}
+
+function jirafeau_clean_rm_alias($alias)
+{
+ $p = s2p("$alias");
+ if (file_exists(VAR_ALIAS . $p . $alias)) {
+ unlink(VAR_ALIAS . $p . $alias);
+ }
+ $parse = VAR_ALIAS . $p;
+ $scan = array();
+ while (file_exists($parse)
+ && ($scan = scandir($parse))
+ && count($scan) == 2 // '.' and '..' folders => empty.
+ && basename($parse) != basename(VAR_ALIAS)) {
+ rmdir($parse);
+ $parse = substr($parse, 0, strlen($parse) - strlen(basename($parse)) - 1);
+ }
+}
+
+/** Delete an alias.
+ * @param $alias alias to delete
+ * @param $password password to protect alias
+ * @return "Ok" or "Error" string
+ */
+function jirafeau_alias_delete($alias, $password)
+{
+ $alias = md5($alias);
+ /* Check that alias exits. */
+ $a = jirafeau_get_alias($alias);
+ if (!count($a)) {
+ return "Error";
+ }
+
+ /* Check password. */
+ if ($a["md5_password"] != md5($password)) {
+ return 'Error';
+ }
+
+ jirafeau_clean_rm_alias($alias);
+ return 'Ok';
+}
+
+/**
+ * Replace markers in templates.
+ *
+ * Available markers have the scheme "###MARKERNAME###".
+ *
+ * @param $content string Template text with markers
+ * @param $htmllinebreaks boolean Convert linebreaks to BR-Tags
+ * @return Template with replaced markers
+ */
+function jirafeau_replace_markers($content, $htmllinebreaks = false)
+{
+ $patterns = array(
+ '/###ORGANISATION###/',
+ '/###CONTACTPERSON###/',
+ '/###WEBROOT###/'
+ );
+ $replacements = array(
+ $GLOBALS['cfg']['organisation'],
+ $GLOBALS['cfg']['contactperson'],
+ $GLOBALS['cfg']['web_root']
+ );
+ $content = preg_replace($patterns, $replacements, $content);
+
+ if (true === $htmllinebreaks) {
+ $content = nl2br($content);
+ }
+
+ return $content;
git.p6c8.net / jirafeau / mojo42.git / blobdiff