pub/lib/functions.php

   1 <?php
   2 /*
   3  *  Jyraphe, your web file repository
   4  *  Copyright (C) 2008  Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
   5  *
   6  *  This program is free software: you can redistribute it and/or modify
   7  *  it under the terms of the GNU Affero General Public License as
   8  *  published by the Free Software Foundation, either version 3 of the
   9  *  License, or (at your option) any later version.
  10  *
  11  *  This program is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14  *  GNU Affero General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Affero General Public License
  17  *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18  */
  19
  20 /**
  21  * transforms a php.ini string representing a value in an integer
  22  * @param $value the value from php.ini
  23  * @returns an integer for this value
  24  */
  25 function jyraphe_ini_to_bytes($value) {
  26   $modifier = substr($value, -1);
  27   $bytes = substr($value, 0, -1);
  28   switch(strtoupper($modifier)) {
  29   case 'P':
  30     $bytes *= 1024;
  31   case 'T':
  32     $bytes *= 1024;
  33   case 'G':
  34     $bytes *= 1024;
  35   case 'M':
  36     $bytes *= 1024;
  37   case 'K':
  38     $bytes *= 1024;
  39   default:
  40     break;
  41   }
  42   return $bytes;
  43 }
  44
  45 /**
  46  * gets the maximum upload size according to php.ini
  47  * @returns the maximum upload size
  48  */
  49 function jyraphe_get_max_upload_size() {
  50   return min(jyraphe_ini_to_bytes(ini_get('post_max_size')), jyraphe_ini_to_bytes(ini_get('upload_max_filesize')));
  51 }
  52
  53 /**
  54  * detects if a given filename is present in a directory and find an alternate filename
  55  * @param $name the initial filename
  56  * @param $dir the directory to explore (finishing with a '/')
  57  * @returns an alternate filename, possibly the initial filename
  58  */
  59 function jyraphe_detect_collision($name, $dir) {
  60   if(!file_exists($dir . $name)) {
  61     return $name;
  62   }
  63
  64   $dot = strpos($name, '.');
  65   $dot = ($dot === false) ? strlen($name) : $dot;
  66   $first = substr($name, 0, $dot);
  67   $second = substr($name, $dot);
  68   $i = 1;
  69   do {
  70     $new_name = $first . '-' . $i . $second;
  71     $i++;
  72   } while(file_exists($dir . $new_name));
  73
  74   return $new_name;
  75 }
  76
  77 /**
  78  * gets a string explaining the error
  79  * @param $code the error code
  80  * @returns a string explaining the error
  81  */
  82 function jyraphe_upload_errstr($code) {
  83   switch($code) {
  84   case UPLOAD_ERR_INI_SIZE:
  85   case UPLOAD_ERR_FORM_SIZE:
  86     return _('Your file exceeds the maximum authorized file size.');
  87     break;
  88
  89   case UPLOAD_ERR_PARTIAL:
  90   case UPLOAD_ERR_NO_FILE:
  91     return _('Your file was not uploaded correctly. You may succeed in retrying.');
  92     break;
  93
  94   case UPLOAD_ERR_NO_TMP_DIR:
  95   case UPLOAD_ERR_CANT_WRITE:
  96   case UPLOAD_ERR_EXTENSION:
  97     return _('Internal error. You may not succeed in retrying.');
  98     break;
  99
 100   default:
 101     break;
 102   }
 103   return _('Unknown error.');
 104 }
 105
 106 /**
 107  * handles an uploaded file
 108  * @param $file the file struct given by $_FILE[]
 109  * @param $one_time_download is the file a one time download ?
 110  * @param $key if not empty, protect the file with this key
 111  * @param $time the time of validity of the file
 112  * @param $cfg the current configuration
 113  * @returns an array containing some information
 114  *   'error' => information on possible errors
 115  *   'link' => the link name of the uploaded file
 116  */
 117 function jyraphe_upload($file, $one_time_download, $key, $time, $cfg) {
 118   if(!empty($file['tmp_name'])) {
 119
 120     if($file['name'] == '.htaccess') {
 121       return(array(
 122         'error' => array(
 123           'has_error' => true,
 124           'why' => _('This file is forbidden for security reasons.')),
 125         'link' => '')
 126       );
 127     }
 128
 129
 130     if(is_uploaded_file($file['tmp_name'])) {
 131
 132       /* array representing no error */
 133       $noerr = array('has_error' => false, 'why' => '');
 134
 135       /* we check if this file is already here */
 136       $md5 = md5_file($file['tmp_name']);
 137       $link_name = ($one_time_download ? 'O' : 'R') . $md5;
 138       if(file_exists(VAR_LINKS . $link_name)) {
 139         return(array('error' => $noerr, 'link' => $link_name));
 140       }
 141
 142       $mime_type = $file['type'];
 143       $final_name = trim($file['name']);
 144
 145       /* we prevent .php and make it a .phps for security reasons */
 146       if((strlen($final_name) >= 4) && (substr($final_name, -4) == '.php')) {
 147         $final_name .= 's';
 148         $mime_type = 'application/x-httpd-php-source';
 149       }
 150
 151       /* we check if there is a file with that name */
 152       $final_name = jyraphe_detect_collision($final_name, VAR_FILES);
 153
 154       /* we move it to the right place and create the link */
 155       if(move_uploaded_file($file['tmp_name'], VAR_FILES . $final_name)) {
 156         $handle = fopen(VAR_LINKS . $link_name, 'w');
 157         fwrite($handle, $final_name . NL . $mime_type . NL . $file['size'] . NL . $key . NL . $time . NL);
 158         fclose($handle);
 159
 160         return(array('error' => $noerr, 'link' => $link_name));
 161       }
 162     }
 163   }
 164
 165   return(array('error' => array('has_error' => true, 'why' => jyraphe_upload_errstr($file['error'])), 'link' => ''));
 166 }
 167
 168 /**
 169  * tells if a mime-type is viewable in a browser
 170  * @param $mime the mime type
 171  * @returns a boolean telling if a mime type is viewable
 172  */
 173 function jyraphe_is_viewable($mime) {
 174   if(!empty($mime)) {
 175     // actually, verify if mime-type is an image or a text
 176     $viewable = array('image', 'text');
 177     $decomposed = explode('/', $mime);
 178     return in_array($decomposed[0], $viewable);
 179   }
 180   return false;
 181 }
 182
 183
 184 // Error handling functions.
 185 //! Global array that contains all registered errors.
 186 $error_list = array ();
 187
 188 /**
 189  * Adds an error to the list of errors.
 190  * @param $title the error's title
 191  * @param $description is a human-friendly description of the problem.
 192  */
 193 function add_error ($title, $description) {
 194     global $error_list;
 195     $error_list[] = '<p>' . $title . '<br />' . $description . '</p>';
 196 }
 197
 198 /**
 199  * Informs whether any error has been registered yet.
 200  * @return true if there are errors.
 201  */
 202 function has_error () {
 203     global $error_list;
 204     return !empty ($error_list);
 205 }
 206
 207 /**
 208  * Displays all the errors.
 209  */
 210 function show_errors () {
 211     if (has_error ()) {
 212         global $error_list;
 213         echo '<div class="error">';
 214         foreach ($error_list as $error) {
 215             echo $error;
 216         }
 217         echo '</div>';
 218     }
 219 }
 220
 221 ?>