]> git.p6c8.net - jirafeau_mojo42.git/blob - admin.php
[BUGFIX] Deliver JavaScript with correct MIME type
[jirafeau_mojo42.git] / admin.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
21
22 require (JIRAFEAU_ROOT . 'lib/config.original.php');
23 require (JIRAFEAU_ROOT . 'lib/settings.php');
24 require (JIRAFEAU_ROOT . 'lib/functions.php');
25 require (JIRAFEAU_ROOT . 'lib/lang.php');
26
27 /* Check if installation is OK. */
28 if (file_exists (JIRAFEAU_ROOT . 'install.php')
29 && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php'))
30 {
31 header('Location: install.php');
32 exit;
33 }
34
35 /* If called from CLI, no password or graphical interface */
36 if (php_sapi_name() == "cli") {
37 if ((count($argv)>1) && $argv[1]=="clean_expired") {
38 $total = jirafeau_admin_clean ();
39 echo "$total expired files deleted.";
40 }
41 elseif ((count($argv)>1) && $argv[1]=="clean_async") {
42 $total = jirafeau_admin_clean_async ();
43 echo "$total old unfinished transfers deleted.";
44 }
45 else
46 {
47 die("No command found. Should be admin.php <clean_expired|clean_async>.");
48 }
49 }
50 else
51 {
52 /* Disable admin interface if we have a empty admin password. */
53 if (empty($cfg['admin_password']) && empty($cfg['admin_http_auth_user']))
54 {
55 require (JIRAFEAU_ROOT . 'lib/template/header.php');
56 echo '<div class="error"><p>'.
57 t('Sorry, the admin interface is not enabled.') .
58 '</p></div>';
59 require (JIRAFEAU_ROOT.'lib/template/footer.php');
60 exit;
61 }
62
63 /* Check session. */
64 session_start();
65
66 /* Unlog if asked. */
67 if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0))
68 $_SESSION['admin_auth'] = false;
69
70 /* Check classic admin password authentification. */
71 if (isset ($_POST['admin_password']) && empty($cfg['admin_http_auth_user']))
72 {
73 if ($cfg['admin_password'] === $_POST['admin_password'] ||
74 $cfg['admin_password'] === hash('sha256', $_POST['admin_password']))
75 $_SESSION['admin_auth'] = true;
76 else
77 {
78 $_SESSION['admin_auth'] = false;
79 require (JIRAFEAU_ROOT . 'lib/template/header.php');
80 echo '<div class="error"><p>'.
81 t('Wrong password.') . '</p></div>';
82 require (JIRAFEAU_ROOT.'lib/template/footer.php');
83 exit;
84 }
85 }
86 /* Ask for classic admin password authentification. */
87 elseif ((!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
88 && empty($cfg['admin_http_auth_user']))
89 {
90 require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?>
91 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
92 <fieldset>
93 <table>
94 <tr>
95 <td class = "label"><label for = "enter_password">
96 <?php echo t('Administration password') . ':';?></label>
97 </td>
98 <td class = "field"><input type = "password"
99 name = "admin_password" id = "admin_password"
100 size = "40" />
101 </td>
102 </tr>
103 <tr class = "nav">
104 <td></td>
105 <td class = "nav next">
106 <input type = "submit" name = "key" value =
107 "<?php echo t('Login'); ?>" />
108 </td>
109 </tr>
110 </table>
111 </fieldset>
112 </form>
113 <?php
114 require (JIRAFEAU_ROOT.'lib/template/footer.php');
115 exit;
116 }
117 /* Check authenticated user if HTTP authentification is enable. */
118 elseif ((!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
119 && !empty($cfg['admin_http_auth_user']))
120 {
121 if ($cfg['admin_http_auth_user'] == $_SERVER['PHP_AUTH_USER'])
122 $_SESSION['admin_auth'] = true;
123 }
124
125 /* Be sure that no one can access further without admin_auth. */
126 if (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
127 {
128 $_SESSION['admin_auth'] = false;
129 require (JIRAFEAU_ROOT . 'lib/template/header.php');
130 echo '<div class="error"><p>'.
131 t('Sorry, you are not authenticated on admin interface.') .
132 '</p></div>';
133 require (JIRAFEAU_ROOT.'lib/template/footer.php');
134 exit;
135 }
136
137 /* Operations may take a long time.
138 * Be sure PHP's safe mode is off.
139 */
140 @set_time_limit(0);
141 /* Remove errors. */
142 @error_reporting(0);
143
144 /* Show admin interface if not downloading a file. */
145 if (!(isset ($_POST['action']) && strcmp ($_POST['action'], 'download') == 0))
146 {
147 require (JIRAFEAU_ROOT . 'lib/template/header.php');
148 ?><h2><?php echo t('Admin interface'); ?></h2><?php
149 ?><h2>(version <?php echo JIRAFEAU_VERSION ?>)</h2><?php
150
151 ?><div id = "admin">
152 <fieldset><legend><?php echo t('Actions');?></legend>
153 <table>
154 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
155 <tr>
156 <input type = "hidden" name = "action" value = "clean"/>
157 <td class = "info">
158 <?php echo t('Clean expired files'); ?>
159 </td>
160 <td></td>
161 <td>
162 <input type = "submit" value = "<?php echo t('Clean'); ?>" />
163 </td>
164 </tr>
165 </form>
166 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
167 <tr>
168 <input type = "hidden" name = "action" value = "clean_async"/>
169 <td class = "info">
170 <?php echo t('Clean old unfinished transfers'); ?>
171 </td>
172 <td></td>
173 <td>
174 <input type = "submit" value = "<?php echo t('Clean'); ?>" />
175 </td>
176 </tr>
177 </form>
178 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
179 <tr>
180 <input type = "hidden" name = "action" value = "list"/>
181 <td class = "info">
182 <?php echo t('List all files'); ?>
183 </td>
184 <td></td>
185 <td>
186 <input type = "submit" value = "<?php echo t('List'); ?>" />
187 </td>
188 </tr>
189 </form>
190 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
191 <tr>
192 <input type = "hidden" name = "action" value = "search_by_name"/>
193 <td class = "info">
194 <?php echo t('Search files by name'); ?>
195 </td>
196 <td>
197 <input type = "text" name = "name" id = "name"/>
198 </td>
199 <td>
200 <input type = "submit" value = "<?php echo t('Search'); ?>" />
201 </td>
202 </tr>
203 </form>
204 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
205 <tr>
206 <input type = "hidden" name = "action" value = "search_by_file_hash"/>
207 <td class = "info">
208 <?php echo t('Search files by file hash'); ?>
209 </td>
210 <td>
211 <input type = "text" name = "hash" id = "hash"/>
212 </td>
213 <td>
214 <input type = "submit" value = "<?php echo t('Search'); ?>" />
215 </td>
216 </tr>
217 </form>
218 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
219 <tr>
220 <input type = "hidden" name = "action" value = "search_link"/>
221 <td class = "info">
222 <?php echo t('Search a specific link'); ?>
223 </td>
224 <td>
225 <input type = "text" name = "link" id = "link"/>
226 </td>
227 <td>
228 <input type = "submit" value = "<?php echo t('Search'); ?>" />
229 </td>
230 </tr>
231 </form>
232 </table>
233 <form action = "<?php echo basename(__FILE__); ?>" method = "post">
234 <input type = "hidden" name = "action" value = "logout" />
235 <input type = "submit" value = "<?php echo t('Logout'); ?>" />
236 </form>
237 </fieldset></div><?php
238 }
239
240 /* Check for actions */
241 if (isset ($_POST['action']))
242 {
243 if (strcmp ($_POST['action'], 'clean') == 0)
244 {
245 $total = jirafeau_admin_clean ();
246 echo '<div class="message">' . NL;
247 echo '<p>';
248 echo t('Number of cleaned files') . ' : ' . $total;
249 echo '</p></div>';
250 }
251 elseif (strcmp ($_POST['action'], 'clean_async') == 0)
252 {
253 $total = jirafeau_admin_clean_async ();
254 echo '<div class="message">' . NL;
255 echo '<p>';
256 echo t('Number of cleaned files') . ' : ' . $total;
257 echo '</p></div>';
258 }
259 elseif (strcmp ($_POST['action'], 'list') == 0)
260 {
261 jirafeau_admin_list ("", "", "");
262 }
263 elseif (strcmp ($_POST['action'], 'search_by_name') == 0)
264 {
265 jirafeau_admin_list ($_POST['name'], "", "");
266 }
267 elseif (strcmp ($_POST['action'], 'search_by_file_hash') == 0)
268 {
269 jirafeau_admin_list ("", $_POST['hash'], "");
270 }
271 elseif (strcmp ($_POST['action'], 'search_link') == 0)
272 {
273 jirafeau_admin_list ("", "", $_POST['link']);
274 }
275 elseif (strcmp ($_POST['action'], 'delete_link') == 0)
276 {
277 jirafeau_delete_link ($_POST['link']);
278 echo '<div class="message">' . NL;
279 echo '<p>' . t('Link deleted') . '</p></div>';
280 }
281 elseif (strcmp ($_POST['action'], 'delete_file') == 0)
282 {
283 $count = jirafeau_delete_file ($_POST['md5']);
284 echo '<div class="message">' . NL;
285 echo '<p>' . t('Deleted links') . ' : ' . $count . '</p></div>';
286 }
287 elseif (strcmp ($_POST['action'], 'download') == 0)
288 {
289 $l = jirafeau_get_link ($_POST['link']);
290 if (!count ($l))
291 return;
292 $p = s2p ($l['md5']);
293 header ('Content-Length: ' . $l['file_size']);
294 header ('Content-Type: ' . $l['mime_type']);
295 header ('Content-Disposition: attachment; filename="' .
296 $l['file_name'] . '"');
297 if (file_exists(VAR_FILES . $p . $l['md5']))
298 readfile (VAR_FILES . $p . $l['md5']);
299 exit;
300 }
301 }
302
303 require (JIRAFEAU_ROOT.'lib/template/footer.php');
304 }
305 ?>

patrick-canterino.de