echo '<p>';
echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_capacity=1\">" . $web_root . "script.php?get_capacity=1</a> ";
echo '</p>';
+
+ echo '<h3>' . t('Maximal allowed size of an uploaded file') . ':</h3>';
+ echo '<p>';
+ echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
+ echo '<br />';
+ echo t('Parameters') . ':<br />';
+ echo "<b>get_maximal_upload_size=</b>1<i> (" . t('Required') . ")</i> <br />";
+ echo '</p>';
+ echo '<p>' . t('This will return brut text content.') . ' ' .
+ t('First line returns size (in MB).') . '<br /></p>';
+ echo '<p>';
+ echo t('Example') . ": <a href=\"" . $web_root . "script.php?get_maximal_upload_size=1\">" . $web_root . "script.php?get_maximal_upload_size=1</a> ";
+ echo '</p>';
echo '<h3>' . t('Upload a file') . ':</h3>';
echo '<p>';
echo "<b>h=</b>your_download_reference<i> (" . t('Required') . ")</i> <br />";
echo "<b>d=</b>yout_delete_code<i> (" . t('Required') . ")</i> <br />";
echo '</p>';
- echo '<p>' . t('This will return "Ok" if succeded, "Error" otherwhise.') . '<br /></p>';
+ echo '<p>' . t('This will return "Ok" if succeeded, "Error" otherwhise.') . '<br /></p>';
echo '<p>';
echo t('Example') . ": <a href=\"" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&d=0d210a952\">" . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&d=0d210a952</a> ";
echo '</p>';
- echo '<h3>' . t('Get a generated scripts') . ':</h3>';
+ echo '<h3>' . t('Get a generated script') . ':</h3>';
echo '<p>';
echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php</i><br />';
echo '<br />';
echo "$name: <a href=\"" . $web_root . "script.php?lang=$lang\">" . $web_root . "script.php?lang=$lang</a> ";
echo '</p>';
- echo '<h3>' . t('Initalize an asynchronous transfert') . ':</h3>';
+ echo '<h3>' . t('Initalize an asynchronous transfer') . ':</h3>';
echo '<p>';
- echo t('The goal is to permit to transfert big file, chunk by chunk.') . ' ';
+ echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' ';
echo t('Chunks of data must be sent in order.');
echo '</p>';
echo '<p>';
echo "<b>upload_password=</b>your_upload_password<i> (" . t('Optional') . ")</i> <br />";
echo '</p>';
echo '<p>' . t('This will return brut text content.') . ' ' .
- t('First line is the asynchronous transfert reference and the second line the code to use in the next operation.') . '<br /></p>';
+ t('First line is the asynchronous transfer reference and the second line the code to use in the next operation.') . '<br /></p>';
- echo '<h3>' . t('Push data during asynchronous transfert') . ':</h3>';
+ echo '<h3>' . t('Push data during asynchronous transfer') . ':</h3>';
echo '<p>';
echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?push_async</i><br />';
echo '<br />';
echo '<p>' . t('This will return brut text content.') . ' ' .
t('Returns the next code to use.') . '<br /></p>';
- echo '<h3>' . t('Finalize asynchronous transfert') . ':</h3>';
+ echo '<h3>' . t('Finalize asynchronous transfer') . ':</h3>';
echo '<p>';
echo t('Send a GET query to') . ': <i>' . $web_root . 'script.php?end_async</i><br />';
echo '<br />';
if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
$time = JIRAFEAU_INFINITY;
break;
}
+
+ // Check file size
+ if ($cfg['maximal_upload_size'] > 0 &&
+ $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
+ {
+ echo "Error";
+ exit;
+ }
+
$res = jirafeau_upload ($_FILES['file'],
isset ($_POST['one_time_download']),
$key, $time, $_SERVER['REMOTE_ADDR'],
- $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ $cfg['enable_crypt'], $cfg['link_name_length']);
if (empty($res) || $res['error']['has_error'])
{
echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
}
+elseif (isset ($_GET['get_maximal_upload_size']))
+{
+ echo $cfg['maximal_upload_size'];
+}
elseif (isset ($_GET['get_version']))
{
echo JIRAFEAU_VERSION;
/* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async']))
{
+ if (!jirafeau_challenge_upload_ip ($cfg, $_SERVER['REMOTE_ADDR']))
+ {
+ echo "Error";
+ exit;
+ }
+
if (jirafeau_has_upload_password ($cfg) &&
(!isset ($_POST['upload_password']) ||
!jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
|| (!isset ($_POST['code'])))
echo "Error";
else
- echo jirafeau_async_push ($_POST['ref'], $_FILES['data'], $_POST['code']);
+ {
+ echo jirafeau_async_push ($_POST['ref'],
+ $_FILES['data'],
+ $_POST['code'],
+ $cfg['maximal_upload_size']);
+ }
}
/* Finalize an asynchronous upload. */
elseif (isset ($_GET['end_async']))
|| !isset ($_POST['code']))
echo "Error";
else
- echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']);
+ echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
}
else
echo "Error";