From b12dbf0697c2aa007b3ff0cc51c405977912820d Mon Sep 17 00:00:00 2001 From: Thomas LEBEAU Date: Mon, 25 Aug 2014 12:11:51 +0200 Subject: [PATCH 01/16] add admin style Signed-off-by: Jerome Jutteau --- media/courgette/style.css.php | 186 +++++++++++++++++++--------------- 1 file changed, 102 insertions(+), 84 deletions(-) diff --git a/media/courgette/style.css.php b/media/courgette/style.css.php index b2c3e95..1978065 100644 --- a/media/courgette/style.css.php +++ b/media/courgette/style.css.php @@ -38,6 +38,7 @@ header("Content-type: text/css"); 3 = Options 4 = Upload 5 = Terms of service + 6 = Admin ========================================================================== */ @@ -45,12 +46,6 @@ header("Content-type: text/css"); 1 = Basic Style ========================================================================== */ -* { - -webkit-box-sizing: border-box; - -moz-box-sizing: border-box; - box-sizing: border-box; -} - body { background: #efebe9; font-family: Arial, sans-serif; @@ -66,6 +61,8 @@ h1 a { width: 194px; height: 185px; margin: 1em auto; + position: relative; + left: 0.4em; } h2 { @@ -77,10 +74,10 @@ fieldset { border: 0; padding: 1.5em; margin: 0 auto; - border-radius: 2px; - width: 25em; + border-radius: 8px; + width: 20em; border: 7px dashed #bcaaa4; - min-height: 17em; + min-height: 15em; position: relative; } @@ -94,6 +91,13 @@ legend { text-align: center; } +table a { color: #000;} + + table a:hover, + table a:focus { + text-decoration: none; + } + input[type="submit"] { background: #0D9CB2; border: 0; @@ -104,66 +108,25 @@ input[type="submit"] { cursor: pointer; } -input[type="submit"]:hover, -input[type="submit"]:focus { - border: 0; - position: relative; - top: 5px; - margin-bottom: 5px; -} - select, input[type="text"], input[type="password"] { border: 0; padding: 0.5em 1em; font-size: 1em; - width: 100%; -} - -label { - font-weight: bold; - color: #663D1C; + width: 89%; } -#upload_password { width: 80%; } - -.next input[type="submit"] { - position: relative; - margin-top: 0.5em; - padding: 0.4em 2.65em; -} +select { width: 127%; } -input[value="Déconnexion"] { - background: none; - color: #663D1C; - border: 0; - display: block; - margin: auto; - padding-left: 4em; - font-size: 1em; - font-style:italic; -} - -input[value="Déconnexion"]:hover, -input[value="Déconnexion"]:focus { - top: 0; - margin-bottom: 0; - text-decoration: underline; -} - -form[action="index.php"] .label { - width: 7em; -} - -form[action="index.php"] fieldset { +input[type="submit"]:hover, +input[type="submit"]:focus { border: 0; - background: #d7ccc8; - min-height: 5em; + position: relative; + top: 5px; + margin-bottom: 5px; } - - .inner { margin-top: 3em; } @@ -181,6 +144,11 @@ form[action="index.php"] fieldset { border-color: #663D1C; } +#upload > form { + text-align: center; + margin: 1em 0 0 3em; +} + #file_select { position: absolute; top: 0; @@ -201,6 +169,7 @@ form[action="index.php"] fieldset { text-align: center; font-size: 0.8em; color: #795548; + padding-left: 3em; } #copyright a { @@ -225,11 +194,7 @@ form[action="index.php"] fieldset { #options tr { height: 2.7em; } -#option_table tr:first-child td:first-child { - width: 12em; - font-weight: bold; - color: #663D1C; -} +#option_table tr:first-child td:first-child { width: 12em; } #option_table tr td:first-child { @@ -250,20 +215,16 @@ form[action="index.php"] fieldset { .error { text-align: center; color: #795548; + padding-left: 3em; } #upload_finished a, -#uploading a, -#submit a { +#uploading a { font-weight: bold; text-decoration: none; color: #795548; } -#submit a:before { - content: "› "; -} - #uploaded_percentage { font-size: 2em; font-weight: bold; @@ -272,9 +233,7 @@ form[action="index.php"] fieldset { #upload_finished a:hover, #uploading a:hover, #upload_finished a:focus, -#uploading a:focus, -#submit a:hover, -#submit a:focus { +#uploading a:focus { text-decoration: underline; } @@ -283,19 +242,6 @@ form[action="index.php"] fieldset { font-style: italic; } -#submit tr:first-child td:first-child { - font-weight: bold; - color: #795548; -} - -#submit tr + tr td { - padding-top: 1em; -} - -#submit td { - color: #795548; -} - /* ========================================================================== 5 = Terms of service ========================================================================== */ @@ -329,4 +275,76 @@ textarea[readonly="readonly"] + p + p a:hover, textarea[readonly="readonly"] + p a:focus, textarea[readonly="readonly"] + p + p a:focus { text-decoration: underline; +} + +/* ========================================================================== + 6 = Admin + ========================================================================== */ + +#install fieldset, +#install + fieldset { + width: auto; + max-width: 50em; + border: 0; +} + +#install table, +#install + fieldset table { + width: 100%; + border-collapse: collapse; + border-bottom: 2px solid #FFF; +} + +#install td, +#install + fieldset td { + padding: 0.5em 1em; + border: 2px solid #FFF; + border-bottom: 0; +} + +#install td:empty { + width: 13.1em; +} + +#install table form:nth-child(odd), +#install + fieldset tr:nth-child(odd) { + background: #bcaaa4; +} + +#install fieldset > form { + margin-top: 2em; + text-align: center; +} + +#install form { + display: table; + width: 100%; +} + +#install td:last-child { text-align: right; } + +#install .info { width: 19em; } + +#install input[type="submit"] { + min-width: 10.5em; +} + +#install + fieldset table { + font-size: 0.9em; +} + +#install + fieldset td:first-child input[type="submit"] { + background: none; + padding: 0; + color: #000; + font-weight: bold; + border-bottom: 0; + width: 12em; +} + +#install + fieldset td:first-child input[type="submit"]:hover, +#install + fieldset td:first-child input[type="submit"]:focus { + position: static; + margin: 0; + text-decoration: underline; } \ No newline at end of file -- 2.34.1 From 9fb59d5f9af3618e443aba9cc459f4bc682ccceb Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Fri, 30 Jan 2015 09:23:21 +0100 Subject: [PATCH 02/16] fix Jirafeau URL project in footer --- lib/template/footer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/template/footer.php b/lib/template/footer.php index a72decf..50f7b83 100644 --- a/lib/template/footer.php +++ b/lib/template/footer.php @@ -1,6 +1,6 @@
-- 2.34.1 From 6819d5cce7e781a81d04ef61c1c7aeff533f14d2 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Fri, 30 Jan 2015 09:54:12 +0100 Subject: [PATCH 03/16] fix include error in install.php --- install.php | 1 + 1 file changed, 1 insertion(+) diff --git a/install.php b/install.php index 87eaf60..8c39dd0 100755 --- a/install.php +++ b/install.php @@ -23,6 +23,7 @@ define ('QUOTE', "'"); define ('JIRAFEAU_CFG', JIRAFEAU_ROOT.'lib/config.local.php'); define ('JIRAFEAU_VAR_RAND_LENGTH', 15); +require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); require (JIRAFEAU_ROOT . 'lib/config.original.php'); -- 2.34.1 From 6b52bb03e76ab87c5dac34d986d1c5515cdba26d Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Fri, 30 Jan 2015 10:05:03 +0100 Subject: [PATCH 04/16] quick dirty patch to fix installation --- install.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/install.php b/install.php index 8c39dd0..8cae45c 100755 --- a/install.php +++ b/install.php @@ -135,11 +135,11 @@ if (!file_exists (JIRAFEAU_CFG)) exit; } } -else -{ - header('Location: index.php'); - exit; -} +#else +#{ +# header('Location: index.php'); +# exit; +#} if (!is_writable (JIRAFEAU_CFG) && !@chmod (JIRAFEAU_CFG, '0666')) { -- 2.34.1 From d8192d6d361c2d707bac679facce23c7167cb93b Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Fri, 30 Jan 2015 11:56:33 +0100 Subject: [PATCH 05/16] add variable in conf to check if installation is done --- index.php | 2 +- install.php | 12 +++++++----- lib/config.original.php | 3 +++ lib/functions.php | 4 ++-- script.php | 4 ++-- 5 files changed, 15 insertions(+), 10 deletions(-) diff --git a/index.php b/index.php index d267140..127d9e6 100755 --- a/index.php +++ b/index.php @@ -26,7 +26,7 @@ require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); require (JIRAFEAU_ROOT . 'lib/template/header.php'); -check_errors (); +check_errors ($cfg); if (has_error ()) { show_errors (); diff --git a/install.php b/install.php index 8cae45c..ca626ab 100755 --- a/install.php +++ b/install.php @@ -118,6 +118,12 @@ jirafeau_add_ending_slash ($path) return $path . ((substr ($path, -1) == '/') ? '' : '/'); } +if ($cfg['installation_done'] === true) +{ + header('Location: index.php'); + exit; +} + if (!file_exists (JIRAFEAU_CFG)) { /* We try to create an empty one. */ @@ -135,11 +141,6 @@ if (!file_exists (JIRAFEAU_CFG)) exit; } } -#else -#{ -# header('Location: index.php'); -# exit; -#} if (!is_writable (JIRAFEAU_CFG) && !@chmod (JIRAFEAU_CFG, '0666')) { @@ -170,6 +171,7 @@ if (isset ($_POST['step']) && isset ($_POST['next'])) case 3: $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); + $cfg['installation_done'] = true; jirafeau_export_cfg ($cfg); break; diff --git a/lib/config.original.php b/lib/config.original.php index 17de2bb..716675e 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -55,6 +55,9 @@ $cfg['link_name_lenght'] = 8; /* Upload password. Empty string disable the password. */ $cfg['upload_password'] = ''; +/* Installation is done ? */ +$cfg['installation_done'] = false; + if ((basename (__FILE__) != 'config.local.php') && file_exists (JIRAFEAU_ROOT.'lib/config.local.php')) { diff --git a/lib/functions.php b/lib/functions.php index f1f8965..c613d4a 100755 --- a/lib/functions.php +++ b/lib/functions.php @@ -503,10 +503,10 @@ show_errors () } } -function check_errors () +function check_errors ($cfg) { if (file_exists (JIRAFEAU_ROOT . 'install.php') - && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php')) + && !($cfg['installation_done'] === true)) { header('Location: install.php'); exit; diff --git a/script.php b/script.php index 19f14a8..3185de7 100755 --- a/script.php +++ b/script.php @@ -43,7 +43,7 @@ require (JIRAFEAU_ROOT . 'lib/lang.php'); if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) { require (JIRAFEAU_ROOT . 'lib/template/header.php'); - check_errors (); + check_errors ($cfg); if (has_error ()) { show_errors (); @@ -252,7 +252,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) /* Lets use interface now. */ header('Content-Type: text; charset=utf-8'); -check_errors (); +check_errors ($cfg); if (has_error ()) { echo "Error"; -- 2.34.1 From e95272d60f03ab1e62912ce9b99943ced8acb527 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Fri, 30 Jan 2015 12:04:50 +0100 Subject: [PATCH 06/16] adding courgette as default style --- lib/config.original.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/config.original.php b/lib/config.original.php index 716675e..bf1a578 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -32,7 +32,7 @@ $cfg['var_root'] = ''; user's langage is not available. */ $cfg['lang'] = 'auto'; -$cfg['style'] = 'modern'; +$cfg['style'] = 'courgette'; $cfg['rewrite'] = false; /* An empty admin password will disable the admin interface. */ $cfg['admin_password'] = ''; -- 2.34.1 From a6c1ba9e0d7305fc75eb216d1646d5a59d044986 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 17:48:18 +0100 Subject: [PATCH 07/16] fix bad permissions on files --- admin.php | 0 index.php | 0 install.php | 0 lib/functions.js | 0 lib/functions.php | 0 lib/lang.php | 0 lib/lang/fr.php | 0 media/industrial/bandeau.png | Bin media/industrial/error.png | Bin media/industrial/jyraphe.png | Bin media/industrial/ok.png | Bin media/industrial/style.css.php | 0 media/modern/bandeau.png | Bin media/modern/error.png | Bin media/modern/jyraphe.png | Bin media/modern/ok.png | Bin media/modern/style.css.php | 0 script.php | 0 tos.php | 0 tos_text.php | 0 20 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 admin.php mode change 100755 => 100644 index.php mode change 100755 => 100644 install.php mode change 100755 => 100644 lib/functions.js mode change 100755 => 100644 lib/functions.php mode change 100755 => 100644 lib/lang.php mode change 100755 => 100644 lib/lang/fr.php mode change 100755 => 100644 media/industrial/bandeau.png mode change 100755 => 100644 media/industrial/error.png mode change 100755 => 100644 media/industrial/jyraphe.png mode change 100755 => 100644 media/industrial/ok.png mode change 100755 => 100644 media/industrial/style.css.php mode change 100755 => 100644 media/modern/bandeau.png mode change 100755 => 100644 media/modern/error.png mode change 100755 => 100644 media/modern/jyraphe.png mode change 100755 => 100644 media/modern/ok.png mode change 100755 => 100644 media/modern/style.css.php mode change 100755 => 100644 script.php mode change 100755 => 100644 tos.php mode change 100755 => 100644 tos_text.php diff --git a/admin.php b/admin.php old mode 100755 new mode 100644 diff --git a/index.php b/index.php old mode 100755 new mode 100644 diff --git a/install.php b/install.php old mode 100755 new mode 100644 diff --git a/lib/functions.js b/lib/functions.js old mode 100755 new mode 100644 diff --git a/lib/functions.php b/lib/functions.php old mode 100755 new mode 100644 diff --git a/lib/lang.php b/lib/lang.php old mode 100755 new mode 100644 diff --git a/lib/lang/fr.php b/lib/lang/fr.php old mode 100755 new mode 100644 diff --git a/media/industrial/bandeau.png b/media/industrial/bandeau.png old mode 100755 new mode 100644 diff --git a/media/industrial/error.png b/media/industrial/error.png old mode 100755 new mode 100644 diff --git a/media/industrial/jyraphe.png b/media/industrial/jyraphe.png old mode 100755 new mode 100644 diff --git a/media/industrial/ok.png b/media/industrial/ok.png old mode 100755 new mode 100644 diff --git a/media/industrial/style.css.php b/media/industrial/style.css.php old mode 100755 new mode 100644 diff --git a/media/modern/bandeau.png b/media/modern/bandeau.png old mode 100755 new mode 100644 diff --git a/media/modern/error.png b/media/modern/error.png old mode 100755 new mode 100644 diff --git a/media/modern/jyraphe.png b/media/modern/jyraphe.png old mode 100755 new mode 100644 diff --git a/media/modern/ok.png b/media/modern/ok.png old mode 100755 new mode 100644 diff --git a/media/modern/style.css.php b/media/modern/style.css.php old mode 100755 new mode 100644 diff --git a/script.php b/script.php old mode 100755 new mode 100644 diff --git a/tos.php b/tos.php old mode 100755 new mode 100644 diff --git a/tos_text.php b/tos_text.php old mode 100755 new mode 100644 -- 2.34.1 From 3604041e53db6c82e175f0fb3b69414d147de8a2 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 18:07:50 +0100 Subject: [PATCH 08/16] fix installation bug --- install.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/install.php b/install.php index ca626ab..a1eac8d 100644 --- a/install.php +++ b/install.php @@ -171,7 +171,6 @@ if (isset ($_POST['step']) && isset ($_POST['next'])) case 3: $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); - $cfg['installation_done'] = true; jirafeau_export_cfg ($cfg); break; @@ -357,6 +356,8 @@ case 4: } else { + $cfg['installation_done'] = true; + jirafeau_export_cfg ($cfg); echo '

' . t('Jirafeau is now fully operational') . ':' . '
' . -- 2.34.1 From 19047d45c1ce27cd5f3e4c4d3a1dfdd384bf8f0d Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 18:22:33 +0100 Subject: [PATCH 09/16] back to modern style for installation process TODO: fix courgette style for installation process --- install.php | 1 + lib/config.original.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/install.php b/install.php index a1eac8d..81a00cc 100644 --- a/install.php +++ b/install.php @@ -356,6 +356,7 @@ case 4: } else { + $cfg['style'] = 'courgette'; $cfg['installation_done'] = true; jirafeau_export_cfg ($cfg); echo '

' . diff --git a/lib/config.original.php b/lib/config.original.php index bf1a578..716675e 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -32,7 +32,7 @@ $cfg['var_root'] = ''; user's langage is not available. */ $cfg['lang'] = 'auto'; -$cfg['style'] = 'courgette'; +$cfg['style'] = 'modern'; $cfg['rewrite'] = false; /* An empty admin password will disable the admin interface. */ $cfg['admin_password'] = ''; -- 2.34.1 From 8ee528004ffcc1c82ee18ae95a8b3eba8b01bb00 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 18:33:38 +0100 Subject: [PATCH 10/16] fix mordern skin in installation process --- media/modern/style.css.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/media/modern/style.css.php b/media/modern/style.css.php index fa992e0..422b1a5 100644 --- a/media/modern/style.css.php +++ b/media/modern/style.css.php @@ -81,6 +81,12 @@ h1 a { color: #333; } +h2 { + text-decoration: none; + color: #333; + text-align: center; +} + fieldset p { margin-left: 25%; } -- 2.34.1 From 145950308252425226bcc5b97993550fefac3c15 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 19:03:11 +0100 Subject: [PATCH 11/16] Fixes #1 repair async upload password setting --- script.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/script.php b/script.php index 3185de7..44fe449 100644 --- a/script.php +++ b/script.php @@ -546,8 +546,8 @@ elseif (isset ($_GET['init_async'])) $type = $_POST['type']; $key = ''; - if (isset ($_POST['password'])) - $key = $_POST['password']; + if (isset ($_POST['key'])) + $key = $_POST['key']; $time = time (); if (!isset ($_POST['time'])) -- 2.34.1 From 794c20eff72e03a6af2fbdebb091560ed8b6f296 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 19:12:38 +0100 Subject: [PATCH 12/16] fix error on link encrypted parameters --- lib/functions.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/functions.php b/lib/functions.php index c613d4a..76ae4b0 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -555,6 +555,8 @@ jirafeau_get_link ($hash) $out['link_code'] = trim ($c[9]); if (trim ($c[10]) == 'C') $out['crypted'] = true; + else + $out['crypted'] = false; return $out; } -- 2.34.1 From 4013663192eb94fd4519e22d0e6dc1fb61b15957 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Sun, 22 Feb 2015 23:56:45 +0100 Subject: [PATCH 13/16] Fixes #3 Content type should always be put in headers --- f.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/f.php b/f.php index 6f8f836..7faf028 100644 --- a/f.php +++ b/f.php @@ -222,8 +222,7 @@ header ('Content-Length: ' . $link['file_size']); if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $button_download) header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); -else - header ('Content-Type: ' . $link['mime_type']); +header ('Content-Type: ' . $link['mime_type']); /* Read encrypted file. */ if ($link['crypted']) -- 2.34.1 From 6c49ea194c030a04ce8b303aae2a51dce01c7382 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Mon, 23 Feb 2015 13:34:50 +0100 Subject: [PATCH 14/16] Closes #6 can use several upload passwords in options --- index.php | 27 +++++++++++++++++++++------ install.php | 3 +++ lib/config.original.php | 11 ++++++++--- lib/functions.php | 26 +++++++++++++++++++++++++- script.php | 12 +++++++++--- 5 files changed, 66 insertions(+), 13 deletions(-) diff --git a/index.php b/index.php index 127d9e6..81fca81 100644 --- a/index.php +++ b/index.php @@ -35,19 +35,22 @@ if (has_error ()) } /* Ask password if upload password is set. */ -if (strlen ($cfg['upload_password']) > 0) +if (jirafeau_has_upload_password ($cfg)) { session_start(); /* Unlog if asked. */ if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0)) - $_SESSION['upload_auth'] = false; + session_unset (); /* Auth. */ if (isset ($_POST['upload_password'])) { - if (strcmp ($cfg['upload_password'], $_POST['upload_password']) == 0) + if (jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])) + { $_SESSION['upload_auth'] = true; + $_SESSION['user_upload_password'] = $_POST['upload_password']; + } else { $_SESSION['admin_auth'] = false; @@ -152,8 +155,20 @@ if (strlen ($cfg['upload_password']) > 0)

- - + + + + + " method = "post"> diff --git a/install.php b/install.php index 81a00cc..3bfbea8 100644 --- a/install.php +++ b/install.php @@ -52,6 +52,9 @@ jirafeau_export_cfg ($cfg) fwrite ($handle, jirafeau_quoted ($item)); else if (is_int ($item)) fwrite ($handle, $item); + else if (is_array ($item)) + fwrite ($handle, str_replace(array("\n", "\r"), "", + var_export ($item, true))); else fwrite ($handle, 'null'); fwrite ($handle, ';'.NL); diff --git a/lib/config.original.php b/lib/config.original.php index 716675e..d955d19 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -21,7 +21,7 @@ * default configuration * if you want to change this, overwrite in a config.local.php file */ - global $cfg; +global $cfg; /* don't forget the ending '/' */ $cfg['web_root'] = ''; @@ -52,8 +52,13 @@ $cfg['enable_blocks'] = false; $cfg['enable_crypt'] = false; /* Split lenght of link refenrece. */ $cfg['link_name_lenght'] = 8; -/* Upload password. Empty string disable the password. */ -$cfg['upload_password'] = ''; +/* Upload password(s). Empty array disable password authentification. + * $cfg['upload_password'] = array(); // No password + * $cfg['upload_password'] = array('psw1'); // One password + * $cfg['upload_password'] = array('psw1', 'psw2'); // Two passwords + * ... and so on + */ +$cfg['upload_password'] = array(); /* Installation is done ? */ $cfg['installation_done'] = false; diff --git a/lib/functions.php b/lib/functions.php index 76ae4b0..1e5b083 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -1385,4 +1385,28 @@ jirafeau_decrypt_file ($fp_src, $fp_dst, $k) return true; } -?> +/** + * Check if Jirafeau is password protected for visitors. + * @return true if Jirafeau is password protected, false otherwise. + */ +function jirafeau_has_upload_password ($cfg) +{ + return count ($cfg['upload_password']) > 0; +} + +/** + * Challenge password for a visitor. + * @param $password password to be challenged + * @return true if password is valid, false otherwise. + */ +function jirafeau_challenge_upload_password ($cfg, $password) +{ + if (!jirafeau_has_upload_password($cfg)) + return false; + forEach ($cfg['upload_password'] as $p) + if ($password == $p) + return true; + error_log("password not found $password"); + return false; +} + diff --git a/script.php b/script.php index 44fe449..d109d4a 100644 --- a/script.php +++ b/script.php @@ -263,7 +263,9 @@ if (has_error ()) if (isset ($_FILES['file']) && is_writable (VAR_FILES) && is_writable (VAR_LINKS)) { - if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) { echo "Error"; exit; @@ -529,7 +531,9 @@ fi /* Initialize an asynchronous upload. */ elseif (isset ($_GET['init_async'])) { - if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) { echo "Error"; exit; @@ -603,7 +607,9 @@ elseif (isset ($_GET['end_async'])) /* Initialize block. */ elseif (isset ($_GET['init_block']) && $cfg['enable_blocks']) { - if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) { echo "Error"; exit; -- 2.34.1 From 03d1001bce1a6d3ba0cce77199a6e1ad686e8273 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Mon, 23 Feb 2015 18:44:50 +0100 Subject: [PATCH 15/16] Closes #4 Remove block feature --- admin.php | 28 ---- install.php | 2 +- lib/config.original.php | 4 - lib/functions.php | 343 ---------------------------------------- lib/lang/fr.php | 11 -- lib/settings.php | 1 - script.php | 114 ------------- 7 files changed, 1 insertion(+), 502 deletions(-) diff --git a/admin.php b/admin.php index 80b18b1..a91d529 100644 --- a/admin.php +++ b/admin.php @@ -136,26 +136,6 @@ require (JIRAFEAU_ROOT . 'lib/template/header.php'); - -

- - - - - - - - - - -
- -
@@ -237,14 +217,6 @@ if (isset ($_POST['action'])) echo t('Number of cleaned files') . ' : ' . $total; echo '

'; } - elseif (strcmp ($_POST['action'], 'clean_block') == 0) - { - $total = jirafeau_admin_clean_block (); - echo '
' . NL; - echo '

'; - echo t('Number of cleaned files') . ' : ' . $total; - echo '

'; - } elseif (strcmp ($_POST['action'], 'list') == 0) { jirafeau_admin_list ("", "", ""); diff --git a/install.php b/install.php index 3bfbea8..41b25fc 100644 --- a/install.php +++ b/install.php @@ -101,7 +101,7 @@ jirafeau_check_var_dir ($path) $path . '
' . $solution_str . '
' . $mkdir_str2); - foreach (array ('files', 'links', 'async', 'block') as $subdir) + foreach (array ('files', 'links', 'async') as $subdir) { $subpath = $path.$subdir; diff --git a/lib/config.original.php b/lib/config.original.php index d955d19..fefd61e 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -43,10 +43,6 @@ $cfg['preview'] = true; * true: Will show a download page (with preview if permited and possible). * false: Will directly download file or preview (if permited and possible). */ $cfg['download_page'] = false; -/* Block feature: - The scripting interface can propose to create, read, write, delete blocks - of data. */ -$cfg['enable_blocks'] = false; /* Encryption feature. disable it by default. * By enabling it, file-level deduplication won't work. */ $cfg['enable_crypt'] = false; diff --git a/lib/functions.php b/lib/functions.php index 1e5b083..459587d 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -524,9 +524,6 @@ function check_errors ($cfg) if (!is_writable (VAR_ASYNC)) add_error (t('The async directory is not writable!'), VAR_ASYNC); - - if (!is_writable (VAR_BLOCK)) - add_error (t('The block directory is not writable!'), VAR_BLOCK); } /** @@ -960,346 +957,6 @@ jirafeau_async_end ($ref, $code, $crypt, $link_name_length) return $md5_link . NL . $delete_link_code . NL . urlencode($crypt_key); } -/** - * Delete a block. - * @param $id identifier of the block. - */ -function -jirafeau_block_delete_ ($id) -{ - $p = VAR_BLOCK . s2p ($id); - if (!file_exists ($p)) - return; - - if (file_exists ($p . $id)) - unlink ($p . $id); - if (file_exists ($p . $id . '_infos')) - unlink ($p . $id . '_infos'); - $parse = $p; - $scan = array(); - while (file_exists ($parse) - && ($scan = scandir ($parse)) - && count ($scan) == 2 // '.' and '..' folders => empty. - && basename ($parse) != basename (VAR_BLOCK)) - { - rmdir ($parse); - $parse = substr ($parse, 0, strlen($parse) - strlen(basename ($parse)) - 1); - } -} - -/** - * Create a file filled with zeros. - * @param $size size of the file. - * @return a string corresponding to an id or the string "Error" - */ -function -jirafeau_block_init ($size) -{ - if (!ctype_digit ($size) || $size <= 0) - return "Error"; - - /* Create folder. */ - $id; - do - { - $id = jirafeau_gen_random (32); - $p = VAR_BLOCK . s2p ($id); - } while (file_exists ($p)); - @mkdir ($p, 0755, true); - if (!file_exists ($p)) - { - echo "Error"; - return; - } - - /* Create block. */ - $p .= $id; - $h = fopen ($p, 'w'); - $fill = str_repeat ("\0", 1024); - for ($cnt = 0; $cnt < $size; $cnt += 1024) - { - if ($size - $cnt < 1024) - $fill = str_repeat ("\0", $size - $cnt); - if (fwrite ($h, $fill) === false) - { - fclose ($h); - jirafeau_block_delete_ ($id); - return "Error"; - } - } - fclose ($h); - - /* Generate a write/delete code. */ - $code = jirafeau_gen_random (12); - - /* Add block infos. */ - if (file_put_contents ($p . '_infos', date ('U') . NL . $size . NL . $code) === FALSE) - { - jirafeau_block_delete_ ($id); - return "Error"; - } - - return $id . NL . $code; -} - -/** Get block size in bytes. - * @param $id identifier of the block - * @return block size in bytes - */ -function -jirafeau_block_get_size ($id) -{ - $p = VAR_BLOCK . s2p ($id) . $id; - if (!file_exists ($p)) - return "Error"; - - /* Check date. */ - $f = file ($p . '_infos'); - $date = trim ($f[0]); - $block_size = trim ($f[1]); - $stored_code = trim ($f[2]); - /* Update date. */ - if (date ('U') - $date > JIRAFEAU_HOUR - && date ('U') - $date < JIRAFEAU_MONTH) - { - if (file_put_contents ($p . '_infos', date ('U') . NL . $block_size . NL . $stored_code) === FALSE) - { - jirafeau_block_delete_ ($id); - return "Error"; - } - } - /* Remove data. */ - elseif (date ('U') - $date >= JIRAFEAU_MONTH) - { - echo date ('U'). " $date "; - jirafeau_block_delete_ ($id); - return "Error"; - } - - return $block_size; -} - -/** - * Read some data in a block. - * @param $id identifier of the block - * @param $start where to read data (starting from zero). - * @param $length length to read. - * @return echo data - */ -function -jirafeau_block_read ($id, $start, $length) -{ - if (!ctype_digit ($start) || $start < 0 - || !ctype_digit ($length) || $length <= 0) - { - echo "Error"; - return; - } - - $p = VAR_BLOCK . s2p ($id) . $id; - if (!file_exists ($p)) - { - echo "Error"; - return; - } - - /* Check date. */ - $f = file ($p . '_infos'); - $date = trim ($f[0]); - $block_size = trim ($f[1]); - $stored_code = trim ($f[2]); - /* Update date. */ - if (date ('U') - $date > JIRAFEAU_HOUR - && date ('U') - $date < JIRAFEAU_MONTH) - { - if (file_put_contents ($p . '_infos', date ('U') . NL . $block_size . NL . $stored_code) === FALSE) - { - jirafeau_block_delete_ ($id); - echo "Error"; - return; - } - } - /* Remove data. */ - elseif (date ('U') - $date >= JIRAFEAU_MONTH) - { - echo date ('U'). " $date "; - jirafeau_block_delete_ ($id); - echo "Error"; - return; - } - - if ($start + $length > $block_size) - { - echo "Error"; - return; - } - - /* Read content. */ - header ('Content-Length: ' . $length); - header ('Content-Disposition: attachment'); - - $r = fopen ($p, 'r'); - if (fseek ($r, $start) != 0) - { - echo "Error"; - return; - } - $c = 1024; - for ($cnt = 0; $cnt < $length && !feof ($r); $cnt += 1024) - { - if ($length - $cnt < 1024) - $c = $length - $cnt; - print fread ($r, $c); - ob_flush(); - } - fclose ($r); -} - -/** - * Write some data in a block. - * @param $id identifier of the block - * @param $start where to writing data (starting from zero). - * @param $data data to write. - * @param $code code to allow writing. - * @return string "Ok" or string "Error". - */ -function -jirafeau_block_write ($id, $start, $data, $code) -{ - if (!ctype_digit ($start) || $start < 0 - || strlen ($code) == 0) - return "Error"; - - $p = VAR_BLOCK . s2p ($id) . $id; - if (!file_exists ($p)) - return "Error"; - - /* Check date. */ - $f = file ($p . '_infos'); - $date = trim ($f[0]); - $block_size = trim ($f[1]); - $stored_code = trim ($f[2]); - /* Update date. */ - if (date ('U') - $date > JIRAFEAU_HOUR - && date ('U') - $date < JIRAFEAU_MONTH) - { - if (file_put_contents ($p . '_infos', date ('U') . NL . $block_size . NL . $stored_code) === FALSE) - { - jirafeau_block_delete_ ($id); - return "Error"; - } - } - /* Remove data. */ - elseif (date ('U') - $date >= JIRAFEAU_MONTH) - { - jirafeau_block_delete_ ($id); - return "Error"; - } - - /* Check code. */ - if ($stored_code != $code) - { - echo "Error"; - return; - } - - /* Check data. */ - $size = $data['size']; - if ($size <= 0) - return "Error"; - if ($start + $size > $block_size) - return "Error"; - - /* Open data. */ - $r = fopen ($data['tmp_name'], 'r'); - - /* Open Block. */ - $w = fopen ($p, 'r+'); - if (fseek ($w, $start) != 0) - return "Error"; - - /* Write content. */ - $c = 1024; - for ($cnt = 0; $cnt <= $size && !feof ($w); $cnt += 1024) - { - if ($size - $cnt < 1024) - $c = $size - $cnt; - $d = fread ($r, $c); - fwrite ($w, $d); - } - fclose ($r); - fclose ($w); - unlink ($data['tmp_name']); - return "Ok"; -} - -/** - * Delete a block. - * @param $id identifier of the block. - * @param $code code to allow writing. - * @return string "Ok" or string "Error". - */ -function -jirafeau_block_delete ($id, $code) -{ - $p = VAR_BLOCK . s2p ($id) . $id; - - if (!file_exists ($p)) - return "Error"; - - $f = file ($p . '_infos'); - $date = trim ($f[0]); - $block_size = trim ($f[1]); - $stored_code = trim ($f[2]); - - if ($code != $stored_code) - return "Error"; - - jirafeau_block_delete_ ($id); - return "Ok"; -} - -/** - * Clean old unused blocks. - * @return number of cleaned blocks. - */ -function -jirafeau_admin_clean_block () -{ - $count = 0; - /* Get all blocks. */ - $stack = array (VAR_BLOCK); - while (($d = array_shift ($stack)) && $d != NULL) - { - $dir = scandir ($d); - - foreach ($dir as $node) - { - if (strcmp ($node, '.') == 0 || strcmp ($node, '..') == 0) - continue; - - if (is_dir ($d . $node)) - { - /* Push new found directory. */ - $stack[] = $d . $node . '/'; - } - elseif (is_file ($d . $node) && preg_match ('/\_infos/i', "$node")) - { - /* Read block informations. */ - $f = file ($d . $node); - $date = trim ($f[0]); - $block_size = trim ($f[1]); - if (date ('U') - $date >= JIRAFEAU_MONTH) - { - jirafeau_block_delete_ (substr($node, 0, -6)); - $count++; - } - } - } - } - return $count; -} - function jirafeau_crypt_create_iv($base, $size) { diff --git a/lib/lang/fr.php b/lib/lang/fr.php index 9dcb524..62bc164 100644 --- a/lib/lang/fr.php +++ b/lib/lang/fr.php @@ -80,7 +80,6 @@ $tr = array ( 'step' => 'étape', 'out of' => 'sur', 'Administration password' => 'Mot de passe d\'administration', - 'Clean unused blocks' => 'Nettoie les bloques inutilisés', 'Finalisation' => 'Finalisation', 'Jirafeau is setting the website according to the configuration you provided.' => 'Jirafeau se configure selon les paramêtres donnés', 'Previous step' => 'Etape précedente', @@ -163,16 +162,6 @@ $tr = array ( 'Push data during asynchronous transfert' => 'Envoyer des données pendant un transfert asynchrone', 'Returns the next code to use.' => 'Renvoie le prochain code à utiliser.', 'Finalize asynchronous transfert' => 'Finaliser un transfert asynchrone', - 'Create a data block' => 'Creer un bloque de données', - 'This interface permits to create a block of data filled with zeros.' => 'Cette interface permet de creer un bloque de données remplies de zeros.', - 'You can read selected parts, write (using a code) and delete the block.' => 'Vous pouvez lire, écrire (en utilisant un code) et supprimer le bloque.', - 'Blocks may be removed after a month of non usage.' => 'Les bloques non utilisés depuis plus d\'un mois seront probablement supprimés.', - 'Get block size' => 'Récupérer la taille d\'un bloque', - 'Read data in a block' => 'Lire des données dans un bloque', - 'Write data in a block' => 'Ecrire des données dans un bloque', - 'First line is a block id the second line the edit/delete code.' => 'La premiere ligne est l\'identifiant du bloque, la seconde est son code d\'écriture/suppression.', - 'This will return asked data or "Error" string.' => 'Retourne les données ou la chaine "Error".', - 'Delete a block' => 'Supprimer un bloque', 'This will return "Ok" or "Error" string.' => 'Retourn la chaine "Ok" ou "Error".', ); ?> diff --git a/lib/settings.php b/lib/settings.php index 133113d..74bf771 100644 --- a/lib/settings.php +++ b/lib/settings.php @@ -24,7 +24,6 @@ define ('JIRAFEAU_VERSION', '1.0'); define ('VAR_FILES', $cfg['var_root'] . 'files/'); define ('VAR_LINKS', $cfg['var_root'] . 'links/'); define ('VAR_ASYNC', $cfg['var_root'] . 'async/'); -define ('VAR_BLOCK', $cfg['var_root'] . 'block/'); /* Useful constants. */ if (!defined ('NL')) diff --git a/script.php b/script.php index d109d4a..09c7a8c 100644 --- a/script.php +++ b/script.php @@ -184,66 +184,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo '

' . t('This will return brut text content.') . ' ' . t('First line is the download reference and the second line the delete code.') . '

'; - if ($cfg['enable_blocks']) - { - echo '

' . t('Create a data block') . ':

'; - echo '

'; - echo t('This interface permits to create a block of data filled with zeros.') . - ' ' . t('You can read selected parts, write (using a code) and delete the block.') . - ' ' . t('Blocks may be removed after a month of non usage.'); - echo '

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?init_block
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "size=size_in_bytes (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is a block id the second line the edit/delete code.') . '

'; - - echo '

' . t('Get block size') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?get_block_size
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "id=block_id (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return asked data or "Error" string.') . '

'; - - echo '

' . t('Read data in a block') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?read_block
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "id=block_id (" . t('Required') . ")
"; - echo "start=byte_position_starting_from_zero (" . t('Required') . ")
"; - echo "length=length_to_read_in_bytes (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return asked data or "Error" string.') . '

'; - - echo '

' . t('Write data in a block') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?write_block
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "id=block_id (" . t('Required') . ")
"; - echo "code=block_code (" . t('Required') . ")
"; - echo "start=byte_position_starting_from_zero (" . t('Required') . ")
"; - echo "data=data_to_write (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return "Ok" or "Error" string.') . '

'; - - echo '

' . t('Delete a block') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?delete_block
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "id=block_id (" . t('Required') . ")
"; - echo "code=block_code (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return "Ok" or "Error" string.') . '

'; - } - echo '

'; require (JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; @@ -604,60 +544,6 @@ elseif (isset ($_GET['end_async'])) else echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']); } -/* Initialize block. */ -elseif (isset ($_GET['init_block']) && $cfg['enable_blocks']) -{ - if (jirafeau_has_upload_password ($cfg) && - (!isset ($_POST['upload_password']) || - !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) - { - echo "Error"; - exit; - } - - if (!isset ($_POST['size'])) - echo "Error"; - else - echo jirafeau_block_init ($_POST['size']); -} -/* Get block size. */ -elseif (isset ($_GET['get_block_size']) && $cfg['enable_blocks']) -{ - if (!isset ($_POST['id'])) - echo "Error"; - else - echo jirafeau_block_get_size ($_POST['id']); -} -/* Read data in block. */ -elseif (isset ($_GET['read_block']) && $cfg['enable_blocks']) -{ - if (!isset ($_POST['id']) - || !isset ($_POST['start']) - || !isset ($_POST['length'])) - echo "Error"; - else - jirafeau_block_read ($_POST['id'], $_POST['start'], $_POST['length']); -} -/* Write data in block. */ -elseif (isset ($_GET['write_block']) && $cfg['enable_blocks']) -{ - if (!isset ($_POST['id']) - || !isset ($_POST['start']) - || !isset ($_FILES['data']) - || !isset ($_POST['code'])) - echo "Error"; - else - echo jirafeau_block_write ($_POST['id'], $_POST['start'], $_FILES['data'], $_POST['code']); -} -/* Delete block. */ -elseif (isset ($_GET['delete_block']) && $cfg['enable_blocks']) -{ - if (!isset ($_POST['id']) - || !isset ($_POST['code'])) - echo "Error"; - else - echo jirafeau_block_delete ($_POST['id'], $_POST['code']); -} else echo "Error"; exit; -- 2.34.1 From e4f9c92ff84f6146aaf1244147082efd57e289f6 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Mon, 23 Feb 2015 18:44:59 +0100 Subject: [PATCH 16/16] error_log when crypt extension is not loaded and more checks --- lib/functions.php | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/lib/functions.php b/lib/functions.php index 459587d..b26d7b4 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -345,7 +345,9 @@ jirafeau_upload ($file, $one_time_download, $key, $time, $ip, $crypt, $link_name /* Crypt file if option is enabled. */ $crypted = false; $crypt_key = ''; - if ($crypt == true && extension_loaded('mcrypt')) + if ($crypt == true && !(extension_loaded('mcrypt') == true)) + error_log ("PHP extension mcrypt not loaded, won't encrypt in Jirafeau"); + if ($crypt == true && extension_loaded('mcrypt') == true) { $crypt_key = jirafeau_encrypt_file ($file['tmp_name'], $file['tmp_name']); if (strlen($crypt_key) > 0) @@ -908,7 +910,7 @@ jirafeau_async_end ($ref, $code, $crypt, $link_name_length) $crypted = false; $crypt_key = ''; - if ($crypt == true && extension_loaded('mcrypt')) + if ($crypt == true && extension_loaded('mcrypt') == true) { $crypt_key = jirafeau_encrypt_file ($p, $p); if (strlen($crypt_key) > 0) @@ -977,7 +979,7 @@ function jirafeau_encrypt_file ($fp_src, $fp_dst) { $fs = filesize ($fp_src); - if ($fs === false || $fs == 0 || !extension_loaded('mcrypt')) + if ($fs === false || $fs == 0 || !(extension_loaded('mcrypt') == true)) return ''; /* Prepare module. */ @@ -1016,7 +1018,7 @@ function jirafeau_decrypt_file ($fp_src, $fp_dst, $k) { $fs = filesize ($fp_src); - if ($fs === false || $fs == 0 || !extension_loaded('mcrypt')) + if ($fs === false || $fs == 0 || !(extension_loaded('mcrypt') == true)) return false; /* Init module */ @@ -1063,7 +1065,6 @@ function jirafeau_challenge_upload_password ($cfg, $password) forEach ($cfg['upload_password'] as $p) if ($password == $p) return true; - error_log("password not found $password"); return false; } -- 2.34.1