]> git.p6c8.net - jirafeau_mojo42.git/blob - script.php
3905d2f4e16a963aa13fd612f991c3f41c711d7c
[jirafeau_mojo42.git] / script.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 /*
21 * This file permits to easyly script file sending, receiving, deleting, ...
22 * If you don't want this feature, you can simply delete this file from your
23 * web directory.
24 */
25
26 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
27
28 require (JIRAFEAU_ROOT . 'lib/config.original.php');
29 require (JIRAFEAU_ROOT . 'lib/settings.php');
30 require (JIRAFEAU_ROOT . 'lib/functions.php');
31 require (JIRAFEAU_ROOT . 'lib/lang.php');
32
33 global $script_langages;
34 $script_langages = array ('bash' => 'Bash');
35
36 /* Operations may take a long time.
37 * Be sure PHP's safe mode is off.
38 */
39 @set_time_limit(0);
40 /* Remove errors. */
41 @error_reporting(0);
42
43 if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
44 {
45 require (JIRAFEAU_ROOT . 'lib/template/header.php');
46 check_errors ($cfg);
47 if (has_error ())
48 {
49 show_errors ();
50 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
51 exit;
52 }
53 ?>
54 <div class="info">
55 <h2>Scripting interface</h2>
56 <p>This interface permits to script your uploads and downloads.</p>
57 <p>See <a href="https://gitlab.com/mojo42/Jirafeau/blob/master/script.php">source code</a> of this interface to get available calls :)</p>
58 <p>Alternatively, go to <a href="<?php echo $cfg['web_root'] . 'script.php?lang=bash'; ?>">this page</a> to download a bash script.</p>
59 </div>
60 <br />
61 <?php
62 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
63 exit;
64 }
65
66 /* Lets use interface now. */
67 header('Content-Type: text; charset=utf-8');
68
69 check_errors ($cfg);
70 if (has_error ())
71 {
72 echo 'Error 1';
73 exit;
74 }
75
76 /* Upload file */
77 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
78 && is_writable (VAR_LINKS))
79 {
80 if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
81 {
82 echo 'Error 2';
83 exit;
84 }
85
86 if (jirafeau_has_upload_password ($cfg) &&
87 (!isset ($_POST['upload_password']) ||
88 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
89 {
90 echo 'Error 3';
91 exit;
92 }
93
94 $key = '';
95 if (isset ($_POST['key']))
96 $key = $_POST['key'];
97
98 $time = time ();
99 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
100 {
101 echo 'Error 4: The parameter time is invalid.';
102 exit;
103 }
104 else
105 switch ($_POST['time'])
106 {
107 case 'minute':
108 $time += JIRAFEAU_MINUTE;
109 break;
110 case 'hour':
111 $time += JIRAFEAU_HOUR;
112 break;
113 case 'day':
114 $time += JIRAFEAU_DAY;
115 break;
116 case 'week':
117 $time += JIRAFEAU_WEEK;
118 break;
119 case 'month':
120 $time += JIRAFEAU_MONTH;
121 break;
122 case 'quarter':
123 $time += JIRAFEAU_QUARTER;
124 break;
125 case 'year':
126 $time += JIRAFEAU_YEAR;
127 break;
128 default:
129 $time = JIRAFEAU_INFINITY;
130 break;
131 }
132
133 // Check file size
134 if ($cfg['maximal_upload_size'] > 0 &&
135 $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
136 {
137 echo 'Error 5: Your file exceeds the maximum authorized file size.';
138 exit;
139 }
140
141 $res = jirafeau_upload ($_FILES['file'],
142 isset ($_POST['one_time_download']),
143 $key, $time, get_ip_address($cfg),
144 $cfg['enable_crypt'], $cfg['link_name_length']);
145
146 if (empty($res) || $res['error']['has_error'])
147 {
148 echo 'Error 6 ' . $res['error']['why'];
149 exit;
150 }
151 /* Print direct link. */
152 echo $res['link'];
153 /* Print delete link. */
154 echo NL;
155 echo $res['delete_link'];
156 /* Print decrypt key. */
157 echo NL;
158 echo urlencode($res['crypt_key']);
159 }
160 elseif (isset ($_GET['h']))
161 {
162 $link_name = $_GET['h'];
163 $key = '';
164 if (isset ($_POST['key']))
165 $key = $_POST['key'];
166 $d = '';
167 if (isset ($_GET['d']))
168 $d = $_GET['d'];
169
170 if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
171 {
172 echo 'Error 7';
173 exit;
174 }
175
176 $link = jirafeau_get_link ($link_name);
177 if (count ($link) == 0)
178 {
179 echo 'Error 8';
180 exit;
181 }
182 if (strlen ($d) > 0 && $d == $link['link_code'])
183 {
184 jirafeau_delete_link ($link_name);
185 echo "Ok";
186 exit;
187 }
188 if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time'])
189 {
190 jirafeau_delete_link ($link_name);
191 echo 'Error 9';
192 exit;
193 }
194 if (strlen ($link['key']) > 0 && md5 ($key) != $link['key'])
195 {
196 sleep (2);
197 echo 'Error 10';
198 exit;
199 }
200 $p = s2p ($link['md5']);
201 if (!file_exists (VAR_FILES . $p . $link['md5']))
202 {
203 echo 'Error 11';
204 exit;
205 }
206
207 /* Read file. */
208 header ('Content-Length: ' . $link['file_size']);
209 header ('Content-Type: ' . $link['mime_type']);
210 header ('Content-Disposition: attachment; filename="' .
211 $link['file_name'] . '"');
212
213 $r = fopen (VAR_FILES . $p . $link['md5'], 'r');
214 while (!feof ($r))
215 {
216 print fread ($r, 1024);
217 ob_flush();
218 }
219 fclose ($r);
220
221 if ($link['onetime'] == 'O')
222 jirafeau_delete_link ($link_name);
223 exit;
224 }
225 elseif (isset ($_GET['get_capacity']))
226 {
227 echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
228 jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
229 }
230 elseif (isset ($_GET['get_maximal_upload_size']))
231 {
232 echo $cfg['maximal_upload_size'];
233 }
234 elseif (isset ($_GET['get_version']))
235 {
236 echo JIRAFEAU_VERSION;
237 }
238 elseif (isset ($_GET['lang']))
239 {
240 $l=$_GET['lang'];
241 if ($l == "bash")
242 {
243 ?>
244 #!/bin/bash
245
246 # This script has been auto-generated by Jirafeau but you can still edit options below.
247
248 # Config begin
249 proxy='' # Or set JIRAFEAU_PROXY.
250 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # Or set JIRAFEAU_URL.
251 time='<?php echo $cfg['availability_default']; ?>' # Or set JIRAFEAU_TIME.
252 one_time='' # Or set JIRAFEAU_ONE_TIME.
253 curl='' # Or set JIRAFEAU_CURL_PATH.
254 # Config end
255
256 if [ -n "$JIRAFEAU_PROXY" ]; then
257 proxy="$JIRAFEAU_PROXY"
258 fi
259
260 if [ -n "$JIRAFEAU_URL" ]; then
261 url="$JIRAFEAU_URL"
262 fi
263
264 if [ -z "$url" ]; then
265 echo "Please set url in script parameters or export JIRAFEAU_URL"
266 fi
267
268 if [ -n "$JIRAFEAU_TIME" ]; then
269 time="$JIRAFEAU_TIME"
270 fi
271
272 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
273 one_time='1'
274 fi
275
276 if [ -z "$curl" ]; then
277 curl="$JIRAFEAU_CURL_PATH"
278 fi
279
280 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
281 curl="/usr/bin/curl"
282 fi
283
284 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
285 curl="/bin/curl.exe"
286 fi
287
288 if [ -z "$curl" ]; then
289 echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
290 exit
291 fi
292
293 if [ -z "$2" ]; then
294 echo "Jirafeau Bash Script <?php echo JIRAFEAU_VERSION; ?>"
295 echo "--------------------------"
296 echo "Usage:"
297 echo " $0 OPTIONS"
298 echo
299 echo "Options:"
300 echo " $0 send FILE [PASSWORD]"
301 echo " $0 get URL [PASSWORD]"
302 echo " $0 delete URL"
303 echo
304 echo "Global variables to export:"
305 echo " JIRAFEAU_PROXY: Domain and port of proxy server, eg. »proxysever.example.com:3128«"
306 echo " JIRAFEAU_URL : URI to Jirafeau installation and API page with trailing slash, eg. »https://example.com/jirafeau/script.php«"
307 echo " JIRAFEAU_TIME : expiration time, eg. »minute«, »hour«, »day«, »week«, »month«, »quarter«, »year« or »none«"
308 echo " JIRAFEAU_ONE_TIME : self-destroy after first download, eg. »1« to enable or »« (empty) to disable"
309 echo " JIRAFEAU_CURL : alternative path to curl binary"
310
311 exit 0
312 fi
313
314 if [ -n "$proxy" ]; then
315 proxy="-x $proxy"
316 fi
317
318 options=''
319 if [ -n "$one_time" ]; then
320 options="$options -F one_time_download=1"
321 fi
322
323 password=''
324 if [ -n "$3" ]; then
325 password="$3"
326 options="$options -F key=$password"
327 fi
328
329 if [ "$1" == "send" ]; then
330 if [ ! -f "$2" ]; then
331 echo "File \"$2\" does not exists."
332 exit
333 fi
334
335 # Ret result
336 res=$($curl -X POST --http1.0 $proxy $options \
337 -F "time=$time" \
338 -F "file=@$2" \
339 $url)
340
341 if [[ "$res" == Error* ]]; then
342 echo "Error while uploading."
343 echo $res
344 exit
345 fi
346
347 # Not using head or tail to minimise command dependencies
348 code=$(cnt=0; echo "$res" | while read l; do
349 if [[ "$cnt" == "0" ]]; then
350 echo "$l"
351 fi
352 cnt=$(( cnt + 1 ))
353 done)
354 del_code=$(cnt=0; echo "$res" | while read l; do
355 if [[ "$cnt" == "1" ]]; then
356 echo "$l"
357 fi
358 cnt=$(( cnt + 1 ))
359 done)
360 echo "Download link:"
361 echo "${url}?h=$code"
362 echo "Direct download link:"
363 echo "${url}?h=$code&d=1"
364 echo "Delete link:"
365 echo "${url}?h=$code&d=$del_code"
366 elif [ "$1" == "get" ]; then
367 if [ -z "$password" ]; then
368 $curl $proxy -OJ "$2"
369 else
370 $curl $proxy -OJ -X POST -F key=$password "$2"
371 fi
372 elif [ "$1" == "delete" ]; then
373 $curl $proxy "$2"
374 fi
375 <?php
376 }
377 else
378 {
379 echo 'Error 12';
380 exit;
381 }
382 }
383 /* Create alias. */
384 elseif (isset ($_GET['alias_create']))
385 {
386 $ip = get_ip_address($cfg);
387 if (!jirafeau_challenge_upload_ip ($cfg, $ip))
388 {
389 echo 'Error 13';
390 exit;
391 }
392
393 if (jirafeau_has_upload_password ($cfg) &&
394 (!isset ($_POST['upload_password']) ||
395 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
396 {
397 echo 'Error 14';
398 exit;
399 }
400
401 if (!isset ($_POST['alias']) ||
402 !isset ($_POST['destination']) ||
403 !isset ($_POST['password']))
404 {
405 echo 'Error 15';
406 exit;
407 }
408
409 echo jirafeau_alias_create ($_POST['alias'],
410 $_POST['destination'],
411 $_POST['password'],
412 $ip);
413 }
414 /* Get alias. */
415 elseif (isset ($_GET['alias_get']))
416 {
417 if (!isset ($_POST['alias']))
418 {
419 echo 'Error 16';
420 exit;
421 }
422
423 echo jirafeau_alias_get ($_POST['alias']);
424 }
425 /* Update alias. */
426 elseif (isset ($_GET['alias_update']))
427 {
428 if (!isset ($_POST['alias']) ||
429 !isset ($_POST['destination']) ||
430 !isset ($_POST['password']))
431 {
432 echo 'Error 17';
433 exit;
434 }
435
436 $new_password = '';
437 if (isset ($_POST['new_password']))
438 $new_password = $_POST['new_password'];
439
440 echo jirafeau_alias_update ($_POST['alias'],
441 $_POST['destination'],
442 $_POST['password'],
443 $new_password,
444 get_ip_address($cfg));
445 }
446 /* Delete alias. */
447 elseif (isset ($_GET['alias_delete']))
448 {
449 if (!isset ($_POST['alias']) ||
450 !isset ($_POST['password']))
451 {
452 echo 'Error 18';
453 exit;
454 }
455
456 echo jirafeau_alias_delete ($_POST['alias'],
457 $_POST['password']);
458 }
459 /* Initialize an asynchronous upload. */
460 elseif (isset ($_GET['init_async']))
461 {
462 if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
463 {
464 echo 'Error 19';
465 exit;
466 }
467
468 if (jirafeau_has_upload_password ($cfg) &&
469 (!isset ($_POST['upload_password']) ||
470 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
471 {
472 echo 'Error 20';
473 exit;
474 }
475
476 if (!isset ($_POST['filename']))
477 {
478 echo 'Error 21';
479 exit;
480 }
481
482 $type = '';
483 if (isset ($_POST['type']))
484 $type = $_POST['type'];
485
486 $key = '';
487 if (isset ($_POST['key']))
488 $key = $_POST['key'];
489
490 $time = time ();
491 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
492 {
493 echo 'Error 22';
494 exit;
495 }
496 else
497 switch ($_POST['time'])
498 {
499 case 'minute':
500 $time += JIRAFEAU_MINUTE;
501 break;
502 case 'hour':
503 $time += JIRAFEAU_HOUR;
504 break;
505 case 'day':
506 $time += JIRAFEAU_DAY;
507 break;
508 case 'week':
509 $time += JIRAFEAU_WEEK;
510 break;
511 case 'month':
512 $time += JIRAFEAU_MONTH;
513 break;
514 case 'quarter':
515 $time += JIRAFEAU_QUARTER;
516 break;
517 case 'year':
518 $time += JIRAFEAU_YEAR;
519 break;
520 default:
521 $time = JIRAFEAU_INFINITY;
522 break;
523 }
524 echo jirafeau_async_init ($_POST['filename'],
525 $type,
526 isset ($_POST['one_time_download']),
527 $key,
528 $time,
529 get_ip_address($cfg));
530 }
531 /* Continue an asynchronous upload. */
532 elseif (isset ($_GET['push_async']))
533 {
534 if ((!isset ($_POST['ref']))
535 || (!isset ($_FILES['data']))
536 || (!isset ($_POST['code'])))
537 echo 'Error 23';
538 else
539 {
540 echo jirafeau_async_push ($_POST['ref'],
541 $_FILES['data'],
542 $_POST['code'],
543 $cfg['maximal_upload_size']);
544 }
545 }
546 /* Finalize an asynchronous upload. */
547 elseif (isset ($_GET['end_async']))
548 {
549 if (!isset ($_POST['ref'])
550 || !isset ($_POST['code']))
551 echo 'Error 24';
552 else
553 echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
554 }
555 else
556 echo 'Error 25';
557 exit;
558 ?>

patrick-canterino.de