add an alias system to the API.

[jirafeau_mojo42.git] / script.php

diff --git a/script.php b/script.php
index 17173e949928af2e4cff84deec2c02adc19bdd89..d17978cf15f5778196ecc8baf575f4f733893f60 100644 (file)
--- a/script.php
+++ b/script.php
@@ -1,7 +1,7 @@
 <?php
 /*
  *  Jirafeau, your web file repository
 <?php
 /*
  *  Jirafeau, your web file repository

- *  Copyright (C) 2012  Jerome Jutteau <j.jutteau@gmail.com>
+ *  Copyright (C) 2015  Jerome Jutteau <j.jutteau@gmail.com>

  *
  *  This program is free software: you can redistribute it and/or modify
  *  it under the terms of the GNU Affero General Public License as
  *
  *  This program is free software: you can redistribute it and/or modify
  *  it under the terms of the GNU Affero General Public License as


@@ -82,6 +82,19 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
     echo '<p>';
     echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> ";
     echo '</p>';
     echo '<p>';
     echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> ";
     echo '</p>';

+
+    echo '<h3>' . t('Maximal allowed size of an uploaded file') . ':</h3>';
+    echo '<p>';
+    echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
+    echo '<br />';
+    echo t('Parameters') . ':<br />';
+    echo "<b>get_maximal_upload_size=</b>1<i> (" . t('Required') . ")</i> <br />";
+    echo '</p>';
+    echo '<p>' . t('This will return brut text content.') . ' ' .
+            t('First line returns size (in MB).') . '<br /></p>';
+    echo '<p>';
+    echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_maximal_upload_size=1\">" . $web_root . "script.php?get_maximal_upload_size=1</a> ";
+    echo '</p>';

     
     echo '<h3>' . t('Upload a file') . ':</h3>';
     echo '<p>';
     
     echo '<h3>' . t('Upload a file') . ':</h3>';
     echo '<p>';


@@ -89,7 +102,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
     echo '<br />';
     echo t('Parameters') . ':<br />';
     echo "<b>file=</b>C:\\your\\file\\path<i> (" . t('Required') . ")</i> <br />";
     echo '<br />';
     echo t('Parameters') . ':<br />';
     echo "<b>file=</b>C:\\your\\file\\path<i> (" . t('Required') . ")</i> <br />";

-    echo "<b>time=</b>[minute|hour|day|week|month|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";
+    echo "<b>time=</b>[minute|hour|day|week|month|year|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";

     echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";


@@ -122,12 +135,12 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
     echo "<b>h=</b>your_download_reference<i> (" . t('Required') . ")</i> <br />";
     echo "<b>d=</b>yout_delete_code<i> (" . t('Required') . ")</i> <br />";
     echo '</p>';
     echo "<b>h=</b>your_download_reference<i> (" . t('Required') . ")</i> <br />";
     echo "<b>d=</b>yout_delete_code<i> (" . t('Required') . ")</i> <br />";
     echo '</p>';

-    echo '<p>' . t('This will return "Ok" if succeded, "Error" otherwhise.') . '<br /></p>';
+    echo '<p>' . t('This will return "Ok" if succeeded, "Error" otherwhise.') . '<br /></p>';

     echo '<p>';
     echo t('Example') . ": <a href=\"" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952\">" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952</a> ";
     echo '</p>';
     
     echo '<p>';
     echo t('Example') . ": <a href=\"" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952\">" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&amp;d=0d210a952</a> ";
     echo '</p>';
     

-    echo '<h3>' . t('Get a generated scripts') . ':</h3>';
+    echo '<h3>' . t('Get a generated script') . ':</h3>';

     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
     echo '<br />';
     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
     echo '<br />';


@@ -144,9 +157,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
         echo "$name: <a href=\"" . $web_root . "script.php?lang=$lang\">" . $web_root . "script.php?lang=$lang</a> ";
     echo '</p>';
     
         echo "$name: <a href=\"" . $web_root . "script.php?lang=$lang\">" . $web_root . "script.php?lang=$lang</a> ";
     echo '</p>';
     

-    echo '<h3>' . t('Initalize an asynchronous transfert') . ':</h3>';
+    echo '<h3>' . t('Initalize an asynchronous transfer') . ':</h3>';

     echo '<p>';
     echo '<p>';

-    echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' ';
+    echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' ';

     echo t('Chunks of data must be sent in order.');
     echo '</p>';
     echo '<p>';
     echo t('Chunks of data must be sent in order.');
     echo '</p>';
     echo '<p>';


@@ -155,15 +168,15 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
     echo t('Parameters') . ':<br />';
     echo "<b>filename=</b>file_name.ext<i> (" . t('Required') . ")</i> <br />";
     echo "<b>type=</b>MIME_TYPE<i> (" . t('Optional') . ")</i> <br />";
     echo t('Parameters') . ':<br />';
     echo "<b>filename=</b>file_name.ext<i> (" . t('Required') . ")</i> <br />";
     echo "<b>type=</b>MIME_TYPE<i> (" . t('Optional') . ")</i> <br />";

-    echo "<b>time=</b>[minute|hour|day|week|month|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";
+    echo "<b>time=</b>[minute|hour|day|week|month|year|none]<i> (" . t('Optional') . ', '. t('default: none') . ")</i> <br />";

     echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
     echo '</p>';
     echo '<p>' . t('This will return brut text content.') . ' ' .
     echo "<b>password=</b>your_password<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>one_time_download=</b>1<i> (" . t('Optional') . ")</i> <br />";
     echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
     echo '</p>';
     echo '<p>' . t('This will return brut text content.') . ' ' .

-         t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '<br /></p>';
+         t('First line is the asynchronous transfer reference and the second line the code to use in the next operation.') . '<br /></p>';

 
 

-    echo '<h3>' . t('Push data during asynchronous transfert') . ':</h3>';
+    echo '<h3>' . t('Push data during asynchronous transfer') . ':</h3>';

     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?push_async</i><br />';
     echo '<br />';
     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?push_async</i><br />';
     echo '<br />';


@@ -175,7 +188,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
     echo '<p>' . t('This will return brut text content.') . ' ' .
          t('Returns the next code to use.') . '<br /></p>';
 
     echo '<p>' . t('This will return brut text content.') . ' ' .
          t('Returns the next code to use.') . '<br /></p>';
 

-    echo '<h3>' . t('Finalize asynchronous transfert') . ':</h3>';
+    echo '<h3>' . t('Finalize asynchronous transfer') . ':</h3>';

     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?end_async</i><br />';
     echo '<br />';
     echo '<p>';
     echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?end_async</i><br />';
     echo '<br />';


@@ -205,6 +218,12 @@ if (has_error ())
 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
     && is_writable (VAR_LINKS))
 {
 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
     && is_writable (VAR_LINKS))
 {

+    if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+    {
+        echo "Error";
+        exit;
+    }
+

     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))


@@ -218,8 +237,11 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
         $key = $_POST['key'];
 
     $time = time ();
         $key = $_POST['key'];
 
     $time = time ();

-    if (!isset ($_POST['time']))
-        $time = JIRAFEAU_INFINITY;
+    if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
+    {
+        echo "Error";
+        exit;
+    }

     else
         switch ($_POST['time'])
         {
     else
         switch ($_POST['time'])
         {


@@ -238,14 +260,26 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES)
             case 'month':
                 $time += JIRAFEAU_MONTH;
                 break;
             case 'month':
                 $time += JIRAFEAU_MONTH;
                 break;

-            default:
+            case 'year':
+                $time += JIRAFEAU_YEAR;
+                break;
+           default:

                 $time = JIRAFEAU_INFINITY;
                 break;
         }
                 $time = JIRAFEAU_INFINITY;
                 break;
         }

+
+    // Check file size
+    if ($cfg['maximal_upload_size'] > 0 &&
+        $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
+    {
+        echo "Error";
+        exit;
+    }
+

     $res = jirafeau_upload ($_FILES['file'],
                             isset ($_POST['one_time_download']),
     $res = jirafeau_upload ($_FILES['file'],
                             isset ($_POST['one_time_download']),

-                            $key, $time, $_SERVER['REMOTE_ADDR'],
-                            $cfg['enable_crypt'], $cfg['link_name_lenght']);
+                            $key, $time, get_ip_address($cfg),
+                            $cfg['enable_crypt'], $cfg['link_name_length']);

     
     if (empty($res) || $res['error']['has_error'])
     {
     
     if (empty($res) || $res['error']['has_error'])
     {


@@ -330,6 +364,10 @@ elseif (isset ($_GET['get_capacity']))
     echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
               jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
 }
     echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
               jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
 }

+elseif (isset ($_GET['get_maximal_upload_size']))
+{
+    echo $cfg['maximal_upload_size'];
+}

 elseif (isset ($_GET['get_version']))
 {
     echo JIRAFEAU_VERSION;
 elseif (isset ($_GET['get_version']))
 {
     echo JIRAFEAU_VERSION;


@@ -348,7 +386,7 @@ elseif (isset ($_GET['lang']))
 # Config
 proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'
 # Config
 proxy='' # ex: proxy='proxysever.test.com:3128' or set JIRAFEAU_PROXY global variable
 url='<?php echo $cfg['web_root'] . 'script.php'; ?>' # or set JIRAFEAU_URL ex: url='http://mysite/jirafeau/script.php'

-time='none' # minute, hour, day, week, month or none. Or set JIRAFEAU_TIME.
+time='none' # minute, hour, day, week, month, year or none. Or set JIRAFEAU_TIME.

 one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
 curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
 # End of config
 one_time='' # ex: one_time="1" or set JIRAFEAU_ONE_TIME.
 curl='' # curl path to download or set JIRAFEAU_CURL_PATH.
 # End of config


@@ -399,7 +437,7 @@ if [ -z "$2" ]; then
     echo "Global variables to export:"
     echo "    JIRAFEAU_PROXY : example: proxysever.test.com:3128"
     echo "    JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"
     echo "Global variables to export:"
     echo "    JIRAFEAU_PROXY : example: proxysever.test.com:3128"
     echo "    JIRAFEAU_URL : example: http://mysite/jirafeau/script.php"

-    echo "    JIRAFEAU_TIME : minute, hour, day, week, month or none"
+    echo "    JIRAFEAU_TIME : minute, hour, day, week, year, month or none"

     echo "    JIRAFEAU_ONE_TIME : set anything or set empty"
     echo "    JIRAFEAU_CURL : path to your curl binary"
 
     echo "    JIRAFEAU_ONE_TIME : set anything or set empty"
     echo "    JIRAFEAU_CURL : path to your curl binary"
 


@@ -470,9 +508,91 @@ fi
         exit;
     }
 }
         exit;
     }
 }

+/* Create alias. */
+elseif (isset ($_GET['alias_create']))
+{
+    $ip = get_ip_address($cfg);
+    if (!jirafeau_challenge_upload_ip ($cfg, $ip))
+    {
+        echo "Error";
+        exit;
+    }
+
+    if (jirafeau_has_upload_password ($cfg) &&
+         (!isset ($_POST['upload_password']) ||
+          !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
+    {
+        echo "Error";
+        exit;
+    }
+
+    if (!isset ($_POST['alias']) ||
+        !isset ($_POST['destination']) ||
+        !isset ($_POST['password']))
+    {
+        echo "Error";
+        exit;
+    }
+
+    echo jirafeau_alias_create ($_POST['alias'],
+                                $_POST['destination'],
+                                $_POST['password'],
+                                $ip);
+}
+/* Get alias. */
+elseif (isset ($_GET['alias_get']))
+{
+    if (!isset ($_POST['alias']))
+    {
+        echo "Error";
+        exit;
+    }
+
+    echo jirafeau_alias_get ($_POST['alias']);
+}
+/* Update alias. */
+elseif (isset ($_GET['alias_update']))
+{
+    if (!isset ($_POST['alias']) ||
+        !isset ($_POST['destination']) ||
+        !isset ($_POST['password']))
+    {
+        echo "Error";
+        exit;
+    }
+
+    $new_password = '';
+    if (isset ($_POST['new_password']))
+        $new_password = $_POST['new_password'];
+
+    echo jirafeau_alias_update ($_POST['alias'],
+                                $_POST['destination'],
+                                $_POST['password'],
+                                $new_password,
+                                get_ip_address($cfg));
+}
+/* Delete alias. */
+elseif (isset ($_GET['alias_delete']))
+{
+    if (!isset ($_POST['alias']) ||
+        !isset ($_POST['password']))
+    {
+        echo "Error";
+        exit;
+    }
+
+    echo jirafeau_alias_delete ($_POST['alias'],
+                                $_POST['password']);
+}

 /* Initialize an asynchronous upload. */
 elseif (isset ($_GET['init_async']))
 {
 /* Initialize an asynchronous upload. */
 elseif (isset ($_GET['init_async']))
 {

+    if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
+    {
+        echo "Error";
+        exit;
+    }
+

     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))


@@ -496,8 +616,11 @@ elseif (isset ($_GET['init_async']))
         $key = $_POST['key'];
 
     $time = time ();
         $key = $_POST['key'];
 
     $time = time ();

-    if (!isset ($_POST['time']))
-        $time = JIRAFEAU_INFINITY;
+    if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
+    {
+        echo "Error";
+        exit;
+    }

     else
         switch ($_POST['time'])
         {
     else
         switch ($_POST['time'])
         {


@@ -516,6 +639,9 @@ elseif (isset ($_GET['init_async']))
             case 'month':
                 $time += JIRAFEAU_MONTH;
                 break;
             case 'month':
                 $time += JIRAFEAU_MONTH;
                 break;

+            case 'year':
+                $time += JIRAFEAU_YEAR;
+                break;

             default:
                 $time = JIRAFEAU_INFINITY;
                 break;
             default:
                 $time = JIRAFEAU_INFINITY;
                 break;


@@ -525,7 +651,7 @@ elseif (isset ($_GET['init_async']))
                               isset ($_POST['one_time_download']),
                               $key,
                               $time,
                               isset ($_POST['one_time_download']),
                               $key,
                               $time,

-                              $_SERVER['REMOTE_ADDR']);
+                              get_ip_address($cfg));

 }
 /* Continue an asynchronous upload. */
 elseif (isset ($_GET['push_async']))
 }
 /* Continue an asynchronous upload. */
 elseif (isset ($_GET['push_async']))


@@ -535,7 +661,12 @@ elseif (isset ($_GET['push_async']))
         || (!isset ($_POST['code'])))
         echo "Error";
     else
         || (!isset ($_POST['code'])))
         echo "Error";
     else

-        echo jirafeau_async_push ($_POST['ref'], $_FILES['data'], $_POST['code']);                                      
+    {
+        echo jirafeau_async_push ($_POST['ref'],
+                                  $_FILES['data'],
+                                  $_POST['code'],
+                                  $cfg['maximal_upload_size']);
+    }

 }
 /* Finalize an asynchronous upload. */
 elseif (isset ($_GET['end_async']))
 }
 /* Finalize an asynchronous upload. */
 elseif (isset ($_GET['end_async']))


@@ -544,9 +675,10 @@ elseif (isset ($_GET['end_async']))
         || !isset ($_POST['code']))
         echo "Error";
     else
         || !isset ($_POST['code']))
         echo "Error";
     else

-        echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
+        echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);

 }
 else
     echo "Error";
 exit;
 ?>
 }
 else
     echo "Error";
 exit;
 ?>

+