]> git.p6c8.net - jirafeau_mojo42.git/blob - script.php
[BUGFIX] CI: Fix YAML indentations
[jirafeau_mojo42.git] / script.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 /* This file offer a kind of API for jirafeau. */
21
22 define('JIRAFEAU_ROOT', dirname(__FILE__) . '/');
23
24 require(JIRAFEAU_ROOT . 'lib/settings.php');
25 require(JIRAFEAU_ROOT . 'lib/functions.php');
26 require(JIRAFEAU_ROOT . 'lib/lang.php');
27
28 global $script_langages;
29 $script_langages = array('bash' => 'Bash');
30
31 /* Operations may take a long time.
32 * Be sure PHP's safe mode is off.
33 */
34 @set_time_limit(0);
35 /* Remove errors. */
36 @error_reporting(0);
37
38 if ($_SERVER['REQUEST_METHOD'] == "GET" && count($_GET) == 0) {
39 require(JIRAFEAU_ROOT . 'lib/template/header.php');
40 check_errors($cfg);
41 if (has_error()) {
42 show_errors();
43 require(JIRAFEAU_ROOT . 'lib/template/footer.php');
44 exit;
45 } ?>
46 <div class="info">
47 <h2>Scripting interface</h2>
48 <p>This interface permits to script your uploads and downloads.</p>
49 <p>See <a href="https://gitlab.com/mojo42/Jirafeau/blob/master/script.php">source code</a> of this interface to get available calls :)</p>
50 <p>You may download a preconfigured <a href="script.php?lang=bash">Bash Script</a> to easily send to and get files from the API via command line.</p>
51 </div>
52 <br />
53 <?php
54 require(JIRAFEAU_ROOT . 'lib/template/footer.php');
55 exit;
56 }
57
58 /* Lets use interface now. */
59 header('Content-Type: text/plain; charset=utf-8');
60
61 check_errors($cfg);
62 if (has_error()) {
63 echo 'Error 1';
64 exit;
65 }
66
67 /* Upload file */
68 if (isset($_FILES['file']) && is_writable(VAR_FILES)
69 && is_writable(VAR_LINKS)) {
70 if (isset ($_POST['upload_password'])) {
71 if (!jirafeau_challenge_upload($cfg, get_ip_address($cfg), $_POST['upload_password'])) {
72 echo 'Error 3: Invalid password';
73 exit;
74 }
75 } else {
76 if (!jirafeau_challenge_upload($cfg, get_ip_address($cfg), null)) {
77 echo 'Error 2: No password nor allowed IP';
78 exit;
79 }
80 }
81 $key = '';
82 if (isset($_POST['key'])) {
83 $key = $_POST['key'];
84 }
85
86 $time = time();
87 if (!isset($_POST['time']) || !$cfg['availabilities'][$_POST['time']]) {
88 echo 'Error 4: The parameter time is invalid.';
89 exit;
90 } else {
91 switch ($_POST['time']) {
92 case 'minute':
93 $time += JIRAFEAU_MINUTE;
94 break;
95 case 'hour':
96 $time += JIRAFEAU_HOUR;
97 break;
98 case 'day':
99 $time += JIRAFEAU_DAY;
100 break;
101 case 'week':
102 $time += JIRAFEAU_WEEK;
103 break;
104 case 'month':
105 $time += JIRAFEAU_MONTH;
106 break;
107 case 'quarter':
108 $time += JIRAFEAU_QUARTER;
109 break;
110 case 'year':
111 $time += JIRAFEAU_YEAR;
112 break;
113 default:
114 $time = JIRAFEAU_INFINITY;
115 break;
116 }
117 }
118
119 // Check file size
120 if ($cfg['maximal_upload_size'] > 0 &&
121 $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024) {
122 echo 'Error 5: Your file exceeds the maximum authorized file size.';
123 exit;
124 }
125
126 // Check if one time download is enabled
127 if (!$cfg['one_time_download'] && isset($_POST['one_time_download'])) {
128 echo 'Error 26: One time download is disabled.';
129 exit;
130 }
131
132 $res = jirafeau_upload($_FILES['file'],
133 isset($_POST['one_time_download']),
134 $key, $time, get_ip_address($cfg),
135 $cfg['enable_crypt'], $cfg['link_name_length'],
136 $cfg['file_hash']);
137
138 if (empty($res) || $res['error']['has_error']) {
139 echo 'Error 6 ' . $res['error']['why'];
140 exit;
141 }
142 /* Print direct link. */
143 echo $res['link'];
144 /* Print delete link. */
145 echo NL;
146 echo $res['delete_link'];
147 /* Print decrypt key. */
148 echo NL;
149 echo urlencode($res['crypt_key']);
150 } elseif (isset($_GET['h'])) {
151 $link_name = $_GET['h'];
152 $key = '';
153 if (isset($_POST['key'])) {
154 $key = $_POST['key'];
155 }
156 $d = '';
157 if (isset($_GET['d'])) {
158 $d = $_GET['d'];
159 }
160
161 if (!preg_match('/[0-9a-zA-Z_-]+$/', $link_name)) {
162 echo 'Error 7';
163 exit;
164 }
165
166 $link = jirafeau_get_link($link_name);
167 if (count($link) == 0) {
168 echo 'Error 8';
169 exit;
170 }
171 if (strlen($d) > 0 && $d == $link['link_code']) {
172 jirafeau_delete_link($link_name);
173 echo "Ok";
174 exit;
175 }
176 if ($link['time'] != JIRAFEAU_INFINITY && time() > $link['time']) {
177 jirafeau_delete_link($link_name);
178 echo 'Error 9';
179 exit;
180 }
181 if (strlen($link['key']) > 0 && md5($key) != $link['key']) {
182 sleep(2);
183 echo 'Error 10';
184 exit;
185 }
186 $p = s2p($link['hash']);
187 if (!file_exists(VAR_FILES . $p . $link['hash'])) {
188 echo 'Error 11';
189 exit;
190 }
191
192 /* Read file. */
193 header('Content-Length: ' . $link['file_size']);
194 header('Content-Type: ' . $link['mime_type']);
195 header('Content-Disposition: attachment; filename="' .
196 $link['file_name'] . '"');
197
198 $r = fopen(VAR_FILES . $p . $link['hash'], 'r');
199 while (!feof($r)) {
200 print fread($r, 1024);
201 }
202 fclose($r);
203
204 if ($link['onetime'] == 'O') {
205 jirafeau_delete_link($link_name);
206 }
207 exit;
208 } elseif (isset($_GET['get_capacity'])) {
209 echo jirafeau_get_max_upload_size_bytes();
210 } elseif (isset($_GET['get_maximal_upload_size'])) {
211 echo $cfg['maximal_upload_size'];
212 } elseif (isset($_GET['get_version'])) {
213 echo JIRAFEAU_VERSION;
214 } elseif (isset($_GET['lang'])) {
215 $l=$_GET['lang'];
216 if ($l == "bash") {
217 ?>
218 #!/bin/bash
219
220 # This script has been auto-generated by Jirafeau but you can still edit options below.
221
222 # Config begin
223 proxy='' # Or set JIRAFEAU_PROXY.
224 url='<?php echo $cfg['web_root']; ?>' # Or set JIRAFEAU_URL.
225 time='<?php echo $cfg['availability_default']; ?>' # Or set JIRAFEAU_TIME.
226 one_time='' # Or set JIRAFEAU_ONE_TIME.
227 curl='' # Or set JIRAFEAU_CURL_PATH.
228 upload_password='' # Or set JIRAFEAU_UPLOAD_PASSWD
229 # Config end
230
231 if [ -n "$JIRAFEAU_PROXY" ]; then
232 proxy="$JIRAFEAU_PROXY"
233 fi
234
235 if [ -n "$JIRAFEAU_URL" ]; then
236 url="$JIRAFEAU_URL"
237 fi
238
239 if [ -z "$url" ]; then
240 echo "Please set url in script parameters or export JIRAFEAU_URL"
241 fi
242
243 if [ -n "$JIRAFEAU_TIME" ]; then
244 time="$JIRAFEAU_TIME"
245 fi
246
247 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
248 one_time='1'
249 fi
250
251 if [ -n "$UPLOAD_PASSWD" ]; then
252 upload_password="$JIRAFEAU_UPLOAD_PASSWORD"
253 fi
254
255 if [ -z "$curl" ]; then
256 curl="$JIRAFEAU_CURL_PATH"
257 fi
258
259 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
260 curl="/usr/bin/curl"
261 fi
262
263 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
264 curl="/bin/curl.exe"
265 fi
266
267 if [ -z "$curl" ]; then
268 echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
269 exit
270 fi
271
272 if [ -z "$2" ]; then
273 echo "Jirafeau Bash Script <?php echo JIRAFEAU_VERSION; ?>"
274 echo "--------------------------"
275 echo "Usage:"
276 echo " $0 OPTIONS"
277 echo
278 echo "Options:"
279 echo " $0 send FILE [PASSWORD]"
280 echo " $0 get URL [PASSWORD]"
281 echo " $0 delete URL"
282 echo
283 echo "Global variables to export:"
284 echo " JIRAFEAU_PROXY: Domain and port of proxy server, eg. »proxysever.example.com:3128«"
285 echo " JIRAFEAU_URL : URI to Jirafeau installation with trailing slash, eg. »https://example.com/jirafeau/«"
286 echo " JIRAFEAU_TIME : expiration time, eg. »minute«, »hour«, »day«, »week«, »month«, »quarter«, »year« or »none«"
287 echo " JIRAFEAU_ONE_TIME : self-destroy after first download, eg. »1« to enable or »« (empty) to disable"
288 echo " JIRAFEAU_CURL : alternative path to curl binary"
289 echo " JIRAFEAU_UPLOAD_PASSWD : upload password"
290
291 exit 0
292 fi
293
294 if [ -n "$proxy" ]; then
295 proxy="-x $proxy"
296 fi
297
298 options=''
299 if [ -n "$one_time" ]; then
300 options="$options -F one_time_download=1"
301 fi
302
303 if [ -n "$upload_password" ]; then
304 options="$options -F upload_password=$upload_password"
305 fi
306
307 password=''
308 if [ -n "$3" ]; then
309 password="$3"
310 options="$options -F key=$password"
311 fi
312
313 apipage='script.php'
314 downloadpage='f.php'
315
316 if [ "$1" == "send" ]; then
317 if [ ! -f "$2" ]; then
318 echo "File \"$2\" does not exists."
319 exit
320 fi
321
322 # Ret result
323 res=$($curl -X POST --http1.0 $proxy $options \
324 -F "time=$time" \
325 -F "file=@$2" \
326 $url$apipage)
327
328 if [[ "$res" == Error* ]]; then
329 echo "Error while uploading."
330 echo $res
331 exit
332 fi
333
334 # Not using head or tail to minimise command dependencies
335 code=$(cnt=0; echo "$res" | while read l; do
336 if [[ "$cnt" == "0" ]]; then
337 echo "$l"
338 fi
339 cnt=$(( cnt + 1 ))
340 done)
341 del_code=$(cnt=0; echo "$res" | while read l; do
342 if [[ "$cnt" == "1" ]]; then
343 echo "$l"
344 fi
345 cnt=$(( cnt + 1 ))
346 done)
347 key_code=$(cnt=0; echo "$res" | while read l; do
348 if [[ "$cnt" == "2" ]]; then
349 echo "$l"
350 fi
351 cnt=$(( cnt + 1 ))
352 done)
353
354 echo
355 echo "Download page:"
356 if [[ $key_code ]]; then
357 echo " ${url}${downloadpage}?h=$code&k=$key_code"
358 else
359 echo " ${url}${downloadpage}?h=$code"
360 fi
361 echo "Direct download:"
362 if [[ $key_code ]]; then
363 echo " ${url}${downloadpage}?h=$code&k=$key_code&d=1"
364 else
365 echo " ${url}${downloadpage}?h=$code&d=1"
366 fi
367 echo "Delete link:"
368 echo " ${url}${downloadpage}?h=$code&d=$del_code"
369 echo
370 echo "Download via API:"
371 if [[ $key_code ]]; then
372 echo " ${0} get ${url}${apipage}?h=$code&k=$key_code [PASSWORD}"
373 else
374 echo " ${0} get ${url}${apipage}?h=$code [PASSWORD}"
375 fi
376 echo "Delete via API:"
377 echo " ${0} delete ${url}${downloadpage}?h=$code&d=$del_code"
378
379 elif [ "$1" == "get" ]; then
380 if [ -z "$password" ]; then
381 $curl $proxy -OJ "$2"
382 else
383 $curl $proxy -OJ -X POST -F key=$password "$2"
384 fi
385 elif [ "$1" == "delete" ]; then
386 $curl $proxy "$2"
387 fi
388 <?php
389
390 } else {
391 echo 'Error 12';
392 exit;
393 }
394 }
395 /* Initialize an asynchronous upload. */
396 elseif (isset($_GET['init_async'])) {
397 if (isset($_POST['upload_password'])){
398 if (!jirafeau_challenge_upload($cfg, get_ip_address($cfg), $_POST['upload_password'])) {
399 echo 'Error 20: Invalid password';
400 exit;
401 }
402 } else {
403 if (!jirafeau_challenge_upload($cfg, get_ip_address($cfg), null)) {
404 echo 'Error 19: No password nor allowed IP';
405 exit;
406 }
407 }
408
409 if (!isset($_POST['filename'])) {
410 echo 'Error 21';
411 exit;
412 }
413
414 $type = '';
415 if (isset($_POST['type'])) {
416 $type = $_POST['type'];
417 }
418
419 $key = '';
420 if (isset($_POST['key'])) {
421 $key = $_POST['key'];
422 }
423
424 // Check if one time download is enabled
425 if (!$cfg['one_time_download'] && isset($_POST['one_time_download'])) {
426 echo 'Error 26: One time download is disabled.';
427 exit;
428 }
429
430 $time = time();
431 if (!isset($_POST['time']) || !$cfg['availabilities'][$_POST['time']]) {
432 echo 'Error 22';
433 exit;
434 } else {
435 switch ($_POST['time']) {
436 case 'minute':
437 $time += JIRAFEAU_MINUTE;
438 break;
439 case 'hour':
440 $time += JIRAFEAU_HOUR;
441 break;
442 case 'day':
443 $time += JIRAFEAU_DAY;
444 break;
445 case 'week':
446 $time += JIRAFEAU_WEEK;
447 break;
448 case 'month':
449 $time += JIRAFEAU_MONTH;
450 break;
451 case 'quarter':
452 $time += JIRAFEAU_QUARTER;
453 break;
454 case 'year':
455 $time += JIRAFEAU_YEAR;
456 break;
457 default:
458 $time = JIRAFEAU_INFINITY;
459 break;
460 }
461 }
462 echo jirafeau_async_init($_POST['filename'],
463 $type,
464 isset($_POST['one_time_download']),
465 $key,
466 $time,
467 get_ip_address($cfg));
468 }
469 /* Continue an asynchronous upload. */
470 elseif (isset($_GET['push_async'])) {
471 if ((!isset($_POST['ref']))
472 || (!isset($_FILES['data']))
473 || (!isset($_POST['code']))) {
474 echo 'Error 23';
475 } else {
476 echo jirafeau_async_push($_POST['ref'],
477 $_FILES['data'],
478 $_POST['code'],
479 $cfg['maximal_upload_size']);
480 }
481 }
482 /* Finalize an asynchronous upload. */
483 elseif (isset($_GET['end_async'])) {
484 if (!isset($_POST['ref'])
485 || !isset($_POST['code'])) {
486 echo 'Error 24';
487 } else {
488 echo jirafeau_async_end($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length'], $cfg['file_hash']);
489 }
490 } else {
491 echo 'Error 25';
492 }
493 exit;
494 ?>

patrick-canterino.de