X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/3d9792a36b5bb18d24216eea4b0ad402358db997..6c49ea194c030a04ce8b303aae2a51dce01c7382:/script.php diff --git a/script.php b/script.php old mode 100755 new mode 100644 index 1d420b6..d109d4a --- a/script.php +++ b/script.php @@ -36,12 +36,14 @@ require (JIRAFEAU_ROOT . 'lib/lang.php'); /* Operations may take a long time. * Be sure PHP's safe mode is off. */ - set_time_limit(0); +@set_time_limit(0); +/* Remove errors. */ +@error_reporting(0); if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) { require (JIRAFEAU_ROOT . 'lib/template/header.php'); - check_errors (); + check_errors ($cfg); if (has_error ()) { show_errors (); @@ -250,7 +252,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) /* Lets use interface now. */ header('Content-Type: text; charset=utf-8'); -check_errors (); +check_errors ($cfg); if (has_error ()) { echo "Error"; @@ -261,6 +263,14 @@ if (has_error ()) if (isset ($_FILES['file']) && is_writable (VAR_FILES) && is_writable (VAR_LINKS)) { + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo "Error"; + exit; + } + $key = ''; if (isset ($_POST['key'])) $key = $_POST['key']; @@ -521,6 +531,14 @@ fi /* Initialize an asynchronous upload. */ elseif (isset ($_GET['init_async'])) { + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo "Error"; + exit; + } + if (!isset ($_POST['filename'])) { echo "Error"; @@ -532,8 +550,8 @@ elseif (isset ($_GET['init_async'])) $type = $_POST['type']; $key = ''; - if (isset ($_POST['password'])) - $key = $_POST['password']; + if (isset ($_POST['key'])) + $key = $_POST['key']; $time = time (); if (!isset ($_POST['time'])) @@ -589,6 +607,14 @@ elseif (isset ($_GET['end_async'])) /* Initialize block. */ elseif (isset ($_GET['init_block']) && $cfg['enable_blocks']) { + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo "Error"; + exit; + } + if (!isset ($_POST['size'])) echo "Error"; else