]> git.p6c8.net - jirafeau_mojo42.git/blob - script.php
Fixes #15 admins can now choose an availability duration
[jirafeau_mojo42.git] / script.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 /*
21 * This file permits to easyly script file sending, receiving, deleting, ...
22 * If you don't want this feature, you can simply delete this file from your
23 * web directory.
24 */
25
26 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
27
28 require (JIRAFEAU_ROOT . 'lib/config.original.php');
29 require (JIRAFEAU_ROOT . 'lib/settings.php');
30 require (JIRAFEAU_ROOT . 'lib/functions.php');
31 require (JIRAFEAU_ROOT . 'lib/lang.php');
32
33 global $script_langages;
34 $script_langages = array ('bash' => 'Bash');
35
36 /* Operations may take a long time.
37 * Be sure PHP's safe mode is off.
38 */
39 @set_time_limit(0);
40 /* Remove errors. */
41 @error_reporting(0);
42
43 if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
44 {
45 require (JIRAFEAU_ROOT . 'lib/template/header.php');
46 check_errors ($cfg);
47 if (has_error ())
48 {
49 show_errors ();
50 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
51 exit;
52 }
53 echo '<div class="info">';
54 echo '<h2>' . t('Welcome to Jirafeau\'s query interface') . '</h2>';
55 echo '<p>';
56 echo t('This interface permits to script your uploads and downloads.') .
57 ' ' . t('The instructions above show how to query this interface.');
58 echo '</p>';
59
60 echo '<h3>' . t('Get Jirafeau\'s version') . ':</h3>';
61 echo '<p>';
62 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
63 echo '<br />';
64 echo t('Parameters') . ':<br />';
65 echo "<b>get_version=</b>1<i> (" . t('Required') . ")</i> <br />";
66 echo '</p>';
67 echo '<p>' . t('This will return brut text content.') . ' ' .
68 t('First line is the version number.') . '<br /></p>';
69 echo '<p>';
70 echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_version=1\">" . $web_root . "script.php?get_version=1</a> ";
71 echo '</p>';
72
73 echo '<h3>' . t('Get server capacity') . ':</h3>';
74 echo '<p>';
75 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
76 echo '<br />';
77 echo t('Parameters') . ':<br />';
78 echo "<b>get_capacity=</b>1<i> (" . t('Required') . ")</i> <br />";
79 echo '</p>';
80 echo '<p>' . t('This will return brut text content.') . ' ' .
81 t('First line is the server capacity (in Bytes).') . '<br /></p>';
82 echo '<p>';
83 echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> ";
84 echo '</p>';
85
86 echo '<h3>' . t('Upload a file') . ':</h3>';
87 echo '<p>';
88 echo t('Send a POST query to') . ': <i>' . $web_root . 'script.php</i><br />';
89 echo '<br />';
90 echo t('Parameters') . ':<br />';
91 echo "<b>file=</b>C:\\your\\file\\path<i> (" . t('Required') . ")</i> <br />";
92 echo "<b>time=</b>[minute|hour|day|week|month|year|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";
93 echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
94 echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
95 echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
96 echo '</p>';
97 echo '<p>' . t('This will return brut text content.') . ' ' .
98 t('First line is the download reference and the second line the delete code.') . '<br /></p>';
99
100 echo '<h3>' . t('Get a file') . ':</h3>';
101 echo '<p>';
102 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
103 echo '<br />';
104 echo t('Parameters') . ':<br />';
105 echo "<b>h=</b>your_download_reference<i> (" . t('Required') . ")</i> <br />";
106 echo '</p>';
107 echo '<p>';
108 echo t('If a password has been set, send a POST request with it.');
109 echo '<br />';
110 echo t('Parameters') . ':<br />';
111 echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
112 echo '</p>';
113 echo '<p>';
114 echo t('Example') . ": <a href=\"" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU\">" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU</a> ";
115 echo '</p>';
116
117 echo '<h3>' . t('Delete a file') . ':</h3>';
118 echo '<p>';
119 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
120 echo '<br />';
121 echo t('Parameters') . ':<br />';
122 echo "<b>h=</b>your_download_reference<i> (" . t('Required') . ")</i> <br />";
123 echo "<b>d=</b>yout_delete_code<i> (" . t('Required') . ")</i> <br />";
124 echo '</p>';
125 echo '<p>' . t('This will return "Ok" if succeded, "Error" otherwhise.') . '<br /></p>';
126 echo '<p>';
127 echo t('Example') . ": <a href=\"" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952\">" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952</a> ";
128 echo '</p>';
129
130 echo '<h3>' . t('Get a generated scripts') . ':</h3>';
131 echo '<p>';
132 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
133 echo '<br />';
134 echo t('Parameters') . ':<br />';
135 echo "<b>lang=</b>[";
136 foreach ($script_langages as $lang => $name)
137 echo $lang;
138 echo "]<i> (" . t('Required') . ")</i> <br />";
139 echo '</p>';
140 echo '<p>' . t('This will return brut text content of the code.') . '<br /></p>';
141 echo '<p>';
142 echo t('Example') . ": <br />";
143 foreach ($script_langages as $lang => $name)
144 echo "$name: <a href=\"" . $web_root . "script.php?lang=$lang\">" . $web_root . "script.php?lang=$lang</a> ";
145 echo '</p>';
146
147 echo '<h3>' . t('Initalize an asynchronous transfert') . ':</h3>';
148 echo '<p>';
149 echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' ';
150 echo t('Chunks of data must be sent in order.');
151 echo '</p>';
152 echo '<p>';
153 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?init_async</i><br />';
154 echo '<br />';
155 echo t('Parameters') . ':<br />';
156 echo "<b>filename=</b>file_name.ext<i> (" . t('Required') . ")</i> <br />";
157 echo "<b>type=</b>MIME_TYPE<i> (" . t('Optional') . ")</i> <br />";
158 echo "<b>time=</b>[minute|hour|day|week|month|year|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";
159 echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
160 echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
161 echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
162 echo '</p>';
163 echo '<p>' . t('This will return brut text content.') . ' ' .
164 t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '<br /></p>';
165
166 echo '<h3>' . t('Push data during asynchronous transfert') . ':</h3>';
167 echo '<p>';
168 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?push_async</i><br />';
169 echo '<br />';
170 echo t('Parameters') . ':<br />';
171 echo "<b>ref=</b>async_reference<i> (" . t('Required') . ")</i> <br />";
172 echo "<b>data=</b>data_chunk<i> (" . t('Required') . ")</i> <br />";
173 echo "<b>code=</b>last_provided_code<i> (" . t('Required') . ")</i> <br />";
174 echo '</p>';
175 echo '<p>' . t('This will return brut text content.') . ' ' .
176 t('Returns the next code to use.') . '<br /></p>';
177
178 echo '<h3>' . t('Finalize asynchronous transfert') . ':</h3>';
179 echo '<p>';
180 echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?end_async</i><br />';
181 echo '<br />';
182 echo t('Parameters') . ':<br />';
183 echo "<b>ref=</b>async_reference<i> (" . t('Required') . ")</i> <br />";
184 echo "<b>code=</b>last_provided_code<i> (" . t('Required') . ")</i> <br />";
185 echo '</p>';
186 echo '<p>' . t('This will return brut text content.') . ' ' .
187 t('First line is the download reference and the second line the delete code.') . '<br /></p>';
188
189 echo '</div><br />';
190 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
191 exit;
192 }
193
194 /* Lets use interface now. */
195 header('Content-Type: text; charset=utf-8');
196
197 check_errors ($cfg);
198 if (has_error ())
199 {
200 echo "Error";
201 exit;
202 }
203
204 /* Upload file */
205 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
206 && is_writable (VAR_LINKS))
207 {
208 if (jirafeau_has_upload_password ($cfg) &&
209 (!isset ($_POST['upload_password']) ||
210 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
211 {
212 echo "Error";
213 exit;
214 }
215
216 $key = '';
217 if (isset ($_POST['key']))
218 $key = $_POST['key'];
219
220 $time = time ();
221 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
222 {
223 echo "Error";
224 exit;
225 }
226 else
227 switch ($_POST['time'])
228 {
229 case 'minute':
230 $time += JIRAFEAU_MINUTE;
231 break;
232 case 'hour':
233 $time += JIRAFEAU_HOUR;
234 break;
235 case 'day':
236 $time += JIRAFEAU_DAY;
237 break;
238 case 'week':
239 $time += JIRAFEAU_WEEK;
240 break;
241 case 'month':
242 $time += JIRAFEAU_MONTH;
243 break;
244 case 'year':
245 $time += JIRAFEAU_YEAR;
246 break;
247 default:
248 $time = JIRAFEAU_INFINITY;
249 break;
250 }
251 $res = jirafeau_upload ($_FILES['file'],
252 isset ($_POST['one_time_download']),
253 $key, $time, $_SERVER['REMOTE_ADDR'],
254 $cfg['enable_crypt'], $cfg['link_name_lenght']);
255
256 if (empty($res) || $res['error']['has_error'])
257 {
258 echo "Error";
259 exit;
260 }
261 /* Print direct link. */
262 echo $res['link'];
263 /* Print delete link. */
264 echo NL;
265 echo $res['delete_link'];
266 /* Print decrypt key. */
267 echo NL;
268 echo urlencode($res['crypt_key']);
269 }
270 elseif (isset ($_GET['h']))
271 {
272 $link_name = $_GET['h'];
273 $key = '';
274 if (isset ($_POST['key']))
275 $key = $_POST['key'];
276 $d = '';
277 if (isset ($_GET['d']))
278 $d = $_GET['d'];
279
280 if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
281 {
282 echo "Error";
283 exit;
284 }
285
286 $link = jirafeau_get_link ($link_name);
287 if (count ($link) == 0)
288 {
289 echo "Error";
290 exit;
291 }
292 if (strlen ($d) > 0 && $d == $link['link_code'])
293 {
294 jirafeau_delete_link ($link_name);
295 echo "Ok";
296 exit;
297 }
298 if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time'])
299 {
300 jirafeau_delete_link ($link_name);
301 echo "Error";
302 exit;
303 }
304 if (strlen ($link['key']) > 0 && md5 ($key) != $link['key'])
305 {
306 echo "Error";
307 exit;
308 }
309 $p = s2p ($link['md5']);
310 if (!file_exists (VAR_FILES . $p . $link['md5']))
311 {
312 echo "Error";
313 exit;
314 }
315
316 /* Read file. */
317 header ('Content-Length: ' . $link['file_size']);
318 header ('Content-Type: ' . $link['mime_type']);
319 header ('Content-Disposition: attachment; filename="' .
320 $link['file_name'] . '"');
321
322 $r = fopen (VAR_FILES . $p . $link['md5'], 'r');
323 while (!feof ($r))
324 {
325 print fread ($r, 1024);
326 ob_flush();
327 }
328 fclose ($r);
329
330 if ($link['onetime'] == 'O')
331 jirafeau_delete_link ($link_name);
332 exit;
333 }
334 elseif (isset ($_GET['get_capacity']))
335 {
336 echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
337 jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
338 }
339 elseif (isset ($_GET['get_version']))
340 {
341 echo JIRAFEAU_VERSION;
342 }
343 elseif (isset ($_GET['lang']))
344 {
345 $l=$_GET['lang'];
346 if ($l == "bash")
347 {
348 ?>
349 #!/bin/bash
350
351 # This script has been auto-generated by Jirafeau but you can still edit
352 # options below.
353
354 # Config
355 proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
356 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'
357 time='none' # minute, hour, day, week, month, year or none. Or set JIRAFEAU_TIME.
358 one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
359 curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
360 # End of config
361
362 if [ -n "$JIRAFEAU_PROXY" ]; then
363 proxy="$JIRAFEAU_PROXY"
364 fi
365
366 if [ -n "$JIRAFEAU_URL" ]; then
367 url="$JIRAFEAU_URL"
368 fi
369
370 if [ -z "$url" ]; then
371 echo "Please set url in script parameters or export JIRAFEAU_URL"
372 fi
373
374 if [ -n "$JIRAFEAU_TIME" ]; then
375 time="$JIRAFEAU_TIME"
376 fi
377
378 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
379 one_time='1'
380 fi
381
382 if [ -z "$curl" ]; then
383 curl="$JIRAFEAU_CURL_PATH"
384 fi
385
386 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
387 curl="/usr/bin/curl"
388 fi
389
390 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
391 curl="/bin/curl.exe"
392 fi
393
394 if [ -z "$curl" ]; then
395 echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
396 exit
397 fi
398
399 if [ -z "$2" ]; then
400 echo "man:"
401 echo " $0 send PATH [PASSWORD]"
402 echo " $0 get URL [PASSWORD]"
403 echo " $0 delete URL"
404 echo ""
405 echo "Global variables to export:"
406 echo " JIRAFEAU_PROXY : example: proxysever.test.com:3128"
407 echo " JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"
408 echo " JIRAFEAU_TIME : minute, hour, day, week, year, month or none"
409 echo " JIRAFEAU_ONE_TIME : set anything or set empty"
410 echo " JIRAFEAU_CURL : path to your curl binary"
411
412 exit 0
413 fi
414
415 if [ -n "$proxy" ]; then
416 proxy="-x $proxy"
417 fi
418
419 options=''
420 if [ -n "$one_time" ]; then
421 options="$options -F one_time_download=1"
422 fi
423
424 password=''
425 if [ -n "$3" ]; then
426 password="$3"
427 options="$options -F key=$password"
428 fi
429
430 if [ "$1" == "send" ]; then
431 if [ ! -f "$2" ]; then
432 echo "File \"$2\" does not exists."
433 exit
434 fi
435
436 # Ret result
437 res=$($curl -X POST --http1.0 $proxy $options \
438 -F "time=$time" \
439 -F "file=@$2" \
440 $url)
441
442 if [[ "$res" == "Error" ]]; then
443 echo "Error while uploading."
444 exit
445 fi
446
447 # Not using head or tail to minimise command dependencies
448 code=$(cnt=0; echo "$res" | while read l; do
449 if [[ "$cnt" == "0" ]]; then
450 echo "$l"
451 fi
452 cnt=$(( cnt + 1 ))
453 done)
454 del_code=$(cnt=0; echo "$res" | while read l; do
455 if [[ "$cnt" == "1" ]]; then
456 echo "$l"
457 fi
458 cnt=$(( cnt + 1 ))
459 done)
460 echo "${url}?h=$code"
461 echo "${url}?h=$code&d=$del_code"
462 elif [ "$1" == "get" ]; then
463 if [ -z "$password" ]; then
464 $curl $proxy -OJ "$2"
465 else
466 $curl $proxy -OJ -X POST -F key=$password "$2"
467 fi
468 elif [ "$1" == "delete" ]; then
469 $curl $proxy "$2"
470 fi
471 <?php
472 }
473 else
474 {
475 echo "Error";
476 exit;
477 }
478 }
479 /* Initialize an asynchronous upload. */
480 elseif (isset ($_GET['init_async']))
481 {
482 if (jirafeau_has_upload_password ($cfg) &&
483 (!isset ($_POST['upload_password']) ||
484 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
485 {
486 echo "Error";
487 exit;
488 }
489
490 if (!isset ($_POST['filename']))
491 {
492 echo "Error";
493 exit;
494 }
495
496 $type = '';
497 if (isset ($_POST['type']))
498 $type = $_POST['type'];
499
500 $key = '';
501 if (isset ($_POST['key']))
502 $key = $_POST['key'];
503
504 $time = time ();
505 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
506 {
507 echo "Error";
508 exit;
509 }
510 else
511 switch ($_POST['time'])
512 {
513 case 'minute':
514 $time += JIRAFEAU_MINUTE;
515 break;
516 case 'hour':
517 $time += JIRAFEAU_HOUR;
518 break;
519 case 'day':
520 $time += JIRAFEAU_DAY;
521 break;
522 case 'week':
523 $time += JIRAFEAU_WEEK;
524 break;
525 case 'month':
526 $time += JIRAFEAU_MONTH;
527 break;
528 case 'year':
529 $time += JIRAFEAU_YEAR;
530 break;
531 default:
532 $time = JIRAFEAU_INFINITY;
533 break;
534 }
535 echo jirafeau_async_init ($_POST['filename'],
536 $type,
537 isset ($_POST['one_time_download']),
538 $key,
539 $time,
540 $_SERVER['REMOTE_ADDR']);
541 }
542 /* Continue an asynchronous upload. */
543 elseif (isset ($_GET['push_async']))
544 {
545 if ((!isset ($_POST['ref']))
546 || (!isset ($_FILES['data']))
547 || (!isset ($_POST['code'])))
548 echo "Error";
549 else
550 echo jirafeau_async_push ($_POST['ref'], $_FILES['data'], $_POST['code']);
551 }
552 /* Finalize an asynchronous upload. */
553 elseif (isset ($_GET['end_async']))
554 {
555 if (!isset ($_POST['ref'])
556 || !isset ($_POST['code']))
557 echo "Error";
558 else
559 echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
560 }
561 else
562 echo "Error";
563 exit;
564 ?>
565

patrick-canterino.de