]> git.p6c8.net - jirafeau_project.git/blob - script.php
git.p6c8.net / jirafeau_project.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[BUGFIX] Bash script: return download link to web view
[jirafeau_project.git] / script.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2015 Jerome Jutteau <j.jutteau@gmail.com>
5 *
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as
8 * published by the Free Software Foundation, either version 3 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
15 *
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 /*
21 * This file permits to easyly script file sending, receiving, deleting, ...
22 * If you don't want this feature, you can simply delete this file from your
23 * web directory.
24 */
25
26 define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
27
28 require (JIRAFEAU_ROOT . 'lib/config.original.php');
29 require (JIRAFEAU_ROOT . 'lib/settings.php');
30 require (JIRAFEAU_ROOT . 'lib/functions.php');
31 require (JIRAFEAU_ROOT . 'lib/lang.php');
32
33 global $script_langages;
34 $script_langages = array ('bash' => 'Bash');
35
36 /* Operations may take a long time.
37 * Be sure PHP's safe mode is off.
38 */
39 @set_time_limit(0);
40 /* Remove errors. */
41 @error_reporting(0);
42
43 if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0)
44 {
45 require (JIRAFEAU_ROOT . 'lib/template/header.php');
46 check_errors ($cfg);
47 if (has_error ())
48 {
49 show_errors ();
50 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
51 exit;
52 }
53 ?>
54 <div class="info">
55 <h2>Scripting interface</h2>
56 <p>This interface permits to script your uploads and downloads.</p>
57 <p>See <a href="https://gitlab.com/mojo42/Jirafeau/blob/master/script.php">source code</a> of this interface to get available calls :)</p>
58 <p>Alternatively, go to <a href="<?php echo $cfg['web_root'] . 'script.php?lang=bash'; ?>">this page</a> to download a bash script.</p>
59 </div>
60 <br />
61 <?php
62 require (JIRAFEAU_ROOT . 'lib/template/footer.php');
63 exit;
64 }
65
66 /* Lets use interface now. */
67 header('Content-Type: text/plain; charset=utf-8');
68
69 check_errors ($cfg);
70 if (has_error ())
71 {
72 echo 'Error 1';
73 exit;
74 }
75
76 /* Upload file */
77 if (isset ($_FILES['file']) && is_writable (VAR_FILES)
78 && is_writable (VAR_LINKS))
79 {
80 if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
81 {
82 echo 'Error 2';
83 exit;
84 }
85
86 if (jirafeau_has_upload_password ($cfg) &&
87 (!isset ($_POST['upload_password']) ||
88 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
89 {
90 echo 'Error 3';
91 exit;
92 }
93
94 $key = '';
95 if (isset ($_POST['key']))
96 $key = $_POST['key'];
97
98 $time = time ();
99 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
100 {
101 echo 'Error 4: The parameter time is invalid.';
102 exit;
103 }
104 else
105 switch ($_POST['time'])
106 {
107 case 'minute':
108 $time += JIRAFEAU_MINUTE;
109 break;
110 case 'hour':
111 $time += JIRAFEAU_HOUR;
112 break;
113 case 'day':
114 $time += JIRAFEAU_DAY;
115 break;
116 case 'week':
117 $time += JIRAFEAU_WEEK;
118 break;
119 case 'month':
120 $time += JIRAFEAU_MONTH;
121 break;
122 case 'quarter':
123 $time += JIRAFEAU_QUARTER;
124 break;
125 case 'year':
126 $time += JIRAFEAU_YEAR;
127 break;
128 default:
129 $time = JIRAFEAU_INFINITY;
130 break;
131 }
132
133 // Check file size
134 if ($cfg['maximal_upload_size'] > 0 &&
135 $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024)
136 {
137 echo 'Error 5: Your file exceeds the maximum authorized file size.';
138 exit;
139 }
140
141 $res = jirafeau_upload ($_FILES['file'],
142 isset ($_POST['one_time_download']),
143 $key, $time, get_ip_address($cfg),
144 $cfg['enable_crypt'], $cfg['link_name_length']);
145
146 if (empty($res) || $res['error']['has_error'])
147 {
148 echo 'Error 6 ' . $res['error']['why'];
149 exit;
150 }
151 /* Print direct link. */
152 echo $res['link'];
153 /* Print delete link. */
154 echo NL;
155 echo $res['delete_link'];
156 /* Print decrypt key. */
157 echo NL;
158 echo urlencode($res['crypt_key']);
159 }
160 elseif (isset ($_GET['h']))
161 {
162 $link_name = $_GET['h'];
163 $key = '';
164 if (isset ($_POST['key']))
165 $key = $_POST['key'];
166 $d = '';
167 if (isset ($_GET['d']))
168 $d = $_GET['d'];
169
170 if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
171 {
172 echo 'Error 7';
173 exit;
174 }
175
176 $link = jirafeau_get_link ($link_name);
177 if (count ($link) == 0)
178 {
179 echo 'Error 8';
180 exit;
181 }
182 if (strlen ($d) > 0 && $d == $link['link_code'])
183 {
184 jirafeau_delete_link ($link_name);
185 echo "Ok";
186 exit;
187 }
188 if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time'])
189 {
190 jirafeau_delete_link ($link_name);
191 echo 'Error 9';
192 exit;
193 }
194 if (strlen ($link['key']) > 0 && md5 ($key) != $link['key'])
195 {
196 sleep (2);
197 echo 'Error 10';
198 exit;
199 }
200 $p = s2p ($link['md5']);
201 if (!file_exists (VAR_FILES . $p . $link['md5']))
202 {
203 echo 'Error 11';
204 exit;
205 }
206
207 /* Read file. */
208 header ('Content-Length: ' . $link['file_size']);
209 header ('Content-Type: ' . $link['mime_type']);
210 header ('Content-Disposition: attachment; filename="' .
211 $link['file_name'] . '"');
212
213 $r = fopen (VAR_FILES . $p . $link['md5'], 'r');
214 while (!feof ($r))
215 {
216 print fread ($r, 1024);
217 ob_flush();
218 }
219 fclose ($r);
220
221 if ($link['onetime'] == 'O')
222 jirafeau_delete_link ($link_name);
223 exit;
224 }
225 elseif (isset ($_GET['get_capacity']))
226 {
227 echo min (jirafeau_ini_to_bytes (ini_get ('post_max_size')),
228 jirafeau_ini_to_bytes (ini_get ('upload_max_filesize')));
229 }
230 elseif (isset ($_GET['get_maximal_upload_size']))
231 {
232 echo $cfg['maximal_upload_size'];
233 }
234 elseif (isset ($_GET['get_version']))
235 {
236 echo JIRAFEAU_VERSION;
237 }
238 elseif (isset ($_GET['lang']))
239 {
240 $l=$_GET['lang'];
241 if ($l == "bash")
242 {
243 ?>
244 #!/bin/bash
245
246 # This script has been auto-generated by Jirafeau but you can still edit options below.
247
248 # Config begin
249 proxy='' # Or set JIRAFEAU_PROXY.
250 url='<?php echo $cfg['web_root']; ?>' # Or set JIRAFEAU_URL.
251 time='<?php echo $cfg['availability_default']; ?>' # Or set JIRAFEAU_TIME.
252 one_time='' # Or set JIRAFEAU_ONE_TIME.
253 curl='' # Or set JIRAFEAU_CURL_PATH.
254 # Config end
255
256 if [ -n "$JIRAFEAU_PROXY" ]; then
257 proxy="$JIRAFEAU_PROXY"
258 fi
259
260 if [ -n "$JIRAFEAU_URL" ]; then
261 url="$JIRAFEAU_URL"
262 fi
263
264 if [ -z "$url" ]; then
265 echo "Please set url in script parameters or export JIRAFEAU_URL"
266 fi
267
268 if [ -n "$JIRAFEAU_TIME" ]; then
269 time="$JIRAFEAU_TIME"
270 fi
271
272 if [ -n "$JIRAFEAU_ONE_TIME" ]; then
273 one_time='1'
274 fi
275
276 if [ -z "$curl" ]; then
277 curl="$JIRAFEAU_CURL_PATH"
278 fi
279
280 if [ -z "$curl" ] && [ -e "/usr/bin/curl" ]; then
281 curl="/usr/bin/curl"
282 fi
283
284 if [ -z "$curl" ] && [ -e "/bin/curl.exe" ]; then
285 curl="/bin/curl.exe"
286 fi
287
288 if [ -z "$curl" ]; then
289 echo "Please set your curl binary path (by editing this script or export JIRAFEAU_CURL_PATH global variable)."
290 exit
291 fi
292
293 if [ -z "$2" ]; then
294 echo "Jirafeau Bash Script <?php echo JIRAFEAU_VERSION; ?>"
295 echo "--------------------------"
296 echo "Usage:"
297 echo " $0 OPTIONS"
298 echo
299 echo "Options:"
300 echo " $0 send FILE [PASSWORD]"
301 echo " $0 get URL [PASSWORD]"
302 echo " $0 delete URL"
303 echo
304 echo "Global variables to export:"
305 echo " JIRAFEAU_PROXY: Domain and port of proxy server, eg. »proxysever.example.com:3128«"
306 echo " JIRAFEAU_URL : URI to Jirafeau installation with trailing slash, eg. »https://example.com/jirafeau/«"
307 echo " JIRAFEAU_TIME : expiration time, eg. »minute«, »hour«, »day«, »week«, »month«, »quarter«, »year« or »none«"
308 echo " JIRAFEAU_ONE_TIME : self-destroy after first download, eg. »1« to enable or »« (empty) to disable"
309 echo " JIRAFEAU_CURL : alternative path to curl binary"
310
311 exit 0
312 fi
313
314 if [ -n "$proxy" ]; then
315 proxy="-x $proxy"
316 fi
317
318 options=''
319 if [ -n "$one_time" ]; then
320 options="$options -F one_time_download=1"
321 fi
322
323 password=''
324 if [ -n "$3" ]; then
325 password="$3"
326 options="$options -F key=$password"
327 fi
328
329 apipage='script.php'
330 downloadpage='f.php'
331
332 if [ "$1" == "send" ]; then
333 if [ ! -f "$2" ]; then
334 echo "File \"$2\" does not exists."
335 exit
336 fi
337
338 # Ret result
339 res=$($curl -X POST --http1.0 $proxy $options \
340 -F "time=$time" \
341 -F "file=@$2" \
342 $url$apipage)
343
344 if [[ "$res" == Error* ]]; then
345 echo "Error while uploading."
346 echo $res
347 exit
348 fi
349
350 # Not using head or tail to minimise command dependencies
351 code=$(cnt=0; echo "$res" | while read l; do
352 if [[ "$cnt" == "0" ]]; then
353 echo "$l"
354 fi
355 cnt=$(( cnt + 1 ))
356 done)
357 del_code=$(cnt=0; echo "$res" | while read l; do
358 if [[ "$cnt" == "1" ]]; then
359 echo "$l"
360 fi
361 cnt=$(( cnt + 1 ))
362 done)
363
364 echo
365 echo "Download page:"
366 echo " ${url}${downloadpage}?h=$code"
367 echo "Direct download:"
368 echo " ${url}${downloadpage}?h=$code&d=1"
369 echo "Delete link:"
370 echo " ${url}${downloadpage}?h=$code&d=$del_code"
371 echo
372 echo "Download via API:"
373 echo " ${0} get ${url}${apipage}?h=$code [PASSWORD}"
374 echo "Delete via API:"
375 echo " ${0} delete ${url}${downloadpage}?h=$code&d=$del_code"
376
377 elif [ "$1" == "get" ]; then
378 if [ -z "$password" ]; then
379 $curl $proxy -OJ "$2"
380 else
381 $curl $proxy -OJ -X POST -F key=$password "$2"
382 fi
383 elif [ "$1" == "delete" ]; then
384 $curl $proxy "$2"
385 fi
386 <?php
387 }
388 else
389 {
390 echo 'Error 12';
391 exit;
392 }
393 }
394 /* Create alias. */
395 elseif (isset ($_GET['alias_create']))
396 {
397 $ip = get_ip_address($cfg);
398 if (!jirafeau_challenge_upload_ip ($cfg, $ip))
399 {
400 echo 'Error 13';
401 exit;
402 }
403
404 if (jirafeau_has_upload_password ($cfg) &&
405 (!isset ($_POST['upload_password']) ||
406 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
407 {
408 echo 'Error 14';
409 exit;
410 }
411
412 if (!isset ($_POST['alias']) ||
413 !isset ($_POST['destination']) ||
414 !isset ($_POST['password']))
415 {
416 echo 'Error 15';
417 exit;
418 }
419
420 echo jirafeau_alias_create ($_POST['alias'],
421 $_POST['destination'],
422 $_POST['password'],
423 $ip);
424 }
425 /* Get alias. */
426 elseif (isset ($_GET['alias_get']))
427 {
428 if (!isset ($_POST['alias']))
429 {
430 echo 'Error 16';
431 exit;
432 }
433
434 echo jirafeau_alias_get ($_POST['alias']);
435 }
436 /* Update alias. */
437 elseif (isset ($_GET['alias_update']))
438 {
439 if (!isset ($_POST['alias']) ||
440 !isset ($_POST['destination']) ||
441 !isset ($_POST['password']))
442 {
443 echo 'Error 17';
444 exit;
445 }
446
447 $new_password = '';
448 if (isset ($_POST['new_password']))
449 $new_password = $_POST['new_password'];
450
451 echo jirafeau_alias_update ($_POST['alias'],
452 $_POST['destination'],
453 $_POST['password'],
454 $new_password,
455 get_ip_address($cfg));
456 }
457 /* Delete alias. */
458 elseif (isset ($_GET['alias_delete']))
459 {
460 if (!isset ($_POST['alias']) ||
461 !isset ($_POST['password']))
462 {
463 echo 'Error 18';
464 exit;
465 }
466
467 echo jirafeau_alias_delete ($_POST['alias'],
468 $_POST['password']);
469 }
470 /* Initialize an asynchronous upload. */
471 elseif (isset ($_GET['init_async']))
472 {
473 if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg)))
474 {
475 echo 'Error 19';
476 exit;
477 }
478
479 if (jirafeau_has_upload_password ($cfg) &&
480 (!isset ($_POST['upload_password']) ||
481 !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])))
482 {
483 echo 'Error 20';
484 exit;
485 }
486
487 if (!isset ($_POST['filename']))
488 {
489 echo 'Error 21';
490 exit;
491 }
492
493 $type = '';
494 if (isset ($_POST['type']))
495 $type = $_POST['type'];
496
497 $key = '';
498 if (isset ($_POST['key']))
499 $key = $_POST['key'];
500
501 $time = time ();
502 if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']])
503 {
504 echo 'Error 22';
505 exit;
506 }
507 else
508 switch ($_POST['time'])
509 {
510 case 'minute':
511 $time += JIRAFEAU_MINUTE;
512 break;
513 case 'hour':
514 $time += JIRAFEAU_HOUR;
515 break;
516 case 'day':
517 $time += JIRAFEAU_DAY;
518 break;
519 case 'week':
520 $time += JIRAFEAU_WEEK;
521 break;
522 case 'month':
523 $time += JIRAFEAU_MONTH;
524 break;
525 case 'quarter':
526 $time += JIRAFEAU_QUARTER;
527 break;
528 case 'year':
529 $time += JIRAFEAU_YEAR;
530 break;
531 default:
532 $time = JIRAFEAU_INFINITY;
533 break;
534 }
535 echo jirafeau_async_init ($_POST['filename'],
536 $type,
537 isset ($_POST['one_time_download']),
538 $key,
539 $time,
540 get_ip_address($cfg));
541 }
542 /* Continue an asynchronous upload. */
543 elseif (isset ($_GET['push_async']))
544 {
545 if ((!isset ($_POST['ref']))
546 || (!isset ($_FILES['data']))
547 || (!isset ($_POST['code'])))
548 echo 'Error 23';
549 else
550 {
551 echo jirafeau_async_push ($_POST['ref'],
552 $_FILES['data'],
553 $_POST['code'],
554 $cfg['maximal_upload_size']);
555 }
556 }
557 /* Finalize an asynchronous upload. */
558 elseif (isset ($_GET['end_async']))
559 {
560 if (!isset ($_POST['ref'])
561 || !isset ($_POST['code']))
562 echo 'Error 24';
563 else
564 echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']);
565 }
566 else
567 echo 'Error 25';
568 exit;
569 ?>
Fork of Jirafeau by a group of developers after mojo42 discontinued it; main repository at https://gitlab.com/jirafeau/Jirafeau

patrick-canterino.de