]> git.p6c8.net - jirafeau_mojo42.git/blobdiff - script.php
git.p6c8.net / jirafeau_mojo42.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
add optional IP authentication for uploaders
[jirafeau_mojo42.git] / script.php
diff --git a/script.php b/script.php
index 99c5ec0116a663661b5f8ee36ffe947d7f196a6f..93599c9763855bde705862aaec3c004270c12bea 100644 (file)
--- a/script.php
+++ b/script.php
@@ -218,6 +218,12 @@ if (has_error ())
 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
     && is_writable (VAR_LINKS))
 {
+    if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+    {
+        echo "Error";
+        exit;
+    }
+
     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
@@ -505,6 +511,12 @@ fi
 /* Initialize an asynchronous upload. */
 elseif (isset ($_GET['init_async']))
 {
+    if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+    {
+        echo "Error";
+        exit;
+    }
+
     if (jirafeau_has_upload_password ($cfg) &&
          (!isset ($_POST['upload_password']) ||
           !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
Mirror of mojo42's Git repository for the Jirafeau project; main repository at https://gitlab.com/mojo42/Jirafeau

patrick-canterino.de