<?php
/*
* Jirafeau, your web file repository
- * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
+ * Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
}
/* Test web password authentification. */
else if (!empty($cfg['admin_password']) && isset($_POST['admin_password'])) {
- if ($cfg['admin_password'] === $_POST['admin_password'] ||
- $cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) {
+ if ($cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) {
jirafeau_admin_session_start();
} else {
require(JIRAFEAU_ROOT . 'lib/template/header.php');
<td class = "label"><label for = "enter_password">
<?php echo t('ADMIN_PSW') . ':'; ?></label>
</td>
+ </tr>
+ <tr>
<td class = "field"><input type = "password"
name = "admin_password" id = "admin_password"
size = "40" />
</td>
</tr>
<tr class = "nav">
- <td></td>
<td class = "nav next">
<input type = "submit" name = "key" value =
"<?php echo t('LOGIN'); ?>" />
* Be sure PHP's safe mode is off.
*/
@set_time_limit(0);
- /* Remove errors. */
- @error_reporting(0);
/* Show admin interface if not downloading a file. */
if (!(isset($_POST['action']) && strcmp($_POST['action'], 'download') == 0)) {
</td>
</tr>
</form>
+ <form method="post">
+ <tr>
+ <input type = "hidden" name = "action" value = "size"/>
+ <?php echo jirafeau_admin_csrf_field() ?>
+ <td class = "info">
+ <?php echo t('SIZE_DATA'); ?>
+ </td>
+ <td></td>
+ <td>
+ <input type = "submit" value = "<?php echo t('SIZE'); ?>" />
+ </td>
+ </tr>
+ </form>
<form method="post">
<tr>
<input type = "hidden" name = "action" value = "search_by_name"/>
echo '<p>';
echo t('CLEANED_FILES_CNT') . ' : ' . $total;
echo '</p></div>';
+ } elseif (strcmp($_POST['action'], 'size') == 0) {
+ $size = jirafeau_dir_size($cfg['var_root']);
+ $human_size = jirafeau_human_size($size);
+ echo '<div class="message">' . NL;
+ echo '<p>' . t('SIZE_DATA') . ': ' . $human_size .'</p>';
+ echo '</div>';
} elseif (strcmp($_POST['action'], 'list') == 0) {
jirafeau_admin_list("", "", "");
} elseif (strcmp($_POST['action'], 'search_by_name') == 0) {
echo '<div class="message">' . NL;
echo '<p>' . t('LINK_DELETED') . '</p></div>';
} elseif (strcmp($_POST['action'], 'delete_file') == 0) {
- $count = jirafeau_delete_file($_POST['md5']);
+ $count = jirafeau_delete_file($_POST['hash']);
echo '<div class="message">' . NL;
echo '<p>' . t('DELETED_LINKS') . ' : ' . $count . '</p></div>';
} elseif (strcmp($_POST['action'], 'download') == 0) {
if (!count($l)) {
return;
}
- $p = s2p($l['md5']);
+ $p = s2p($l['hash']);
header('Content-Length: ' . $l['file_size']);
header('Content-Type: ' . $l['mime_type']);
header('Content-Disposition: attachment; filename="' .
$l['file_name'] . '"');
- if (file_exists(VAR_FILES . $p . $l['md5'])) {
- readfile(VAR_FILES . $p . $l['md5']);
+ if (file_exists(VAR_FILES . $p . $l['hash'])) {
+ $r = fopen(VAR_FILES . $p . $l['hash'], 'r');
+ while (!feof($r)) {
+ print fread($r, 1024);
+ }
+ fclose($r);
}
exit;
}