]> git.p6c8.net - jirafeau_project.git/blob - index.php
git.p6c8.net / jirafeau_project.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[FEATURE] add LDAP authentication support for uploaders
[jirafeau_project.git] / index.php
1 <?php
2 /*
3 * Jirafeau, your web file repository
4 * Copyright (C) 2013
5 * Jerome Jutteau <jerome@jutteau.fr>
6 * Jimmy Beauvois <jimmy.beauvois@gmail.com>
7 *
8 * This program is free software: you can redistribute it and/or modify
9 * it under the terms of the GNU Affero General Public License as
10 * published by the Free Software Foundation, either version 3 of the
11 * License, or (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU Affero General Public License for more details.
17 *
18 * You should have received a copy of the GNU Affero General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
20 */
21 session_start();
22 define('JIRAFEAU_ROOT', dirname(__FILE__) . '/');
23
24 require(JIRAFEAU_ROOT . 'lib/settings.php');
25 require(JIRAFEAU_ROOT . 'lib/functions.php');
26 require(JIRAFEAU_ROOT . 'lib/lang.php');
27
28 check_errors($cfg);
29 if (has_error()) {
30 require(JIRAFEAU_ROOT . 'lib/template/header.php');
31 show_errors();
32 require(JIRAFEAU_ROOT . 'lib/template/footer.php');
33 exit;
34 }
35 require(JIRAFEAU_ROOT . 'lib/template/header.php');
36
37 // Logout action
38 if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) {
39 jirafeau_session_end();
40 }
41
42 /* Check if user is allowed to upload. */
43 // check if user already logged
44 if (jirafeau_user_session_logged()) {
45 }
46 // check of ldap authentication
47 elseif (jirafeau_has_ldap_auth($cfg)) {
48 if (isset($_POST['ldap_user']) and isset($_POST['ldap_password'])) {
49 $result = jirafeau_challenge_ldap_auth($cfg, $_POST['ldap_user'], $_POST['ldap_password']);
50 if (true === $result) {
51 jirafeau_user_session_start();
52 } else {
53 jirafeau_session_end();
54 jirafeau_non_fatal_error(t('BAD_PSW'));
55 }
56 }
57 // Show login form if user session is not authorized yet
58 if (!jirafeau_user_session_logged()) {
59 ?>
60 <form method="post" class="form login">
61 <fieldset>
62 <table>
63 <tr>
64 <td class = "label"><label for = "enter_user">
65 <?php echo t('UP_USER') . ':'; ?></label>
66 </td>
67 </tr><tr>
68 <td class = "field">
69 <input type="text" name="ldap_user" id="ldap_user" size="40" autocomplete="ldap-user"/>
70 </td>
71 </tr><tr>
72 <td class="label"><label for="enter_password">
73 <?php echo t('PASSWORD') . ':'; ?></label>
74 </td>
75 </tr><tr>
76 <td class="field">
77 <input type="password" name="ldap_password" id="ldap_password" size="40" autocomplete="ldap-password" />
78 </td>
79 </tr><tr class = "nav">
80 <td class = "nav next">
81 <input type="submit" name="key" value="<?php echo t('LOGIN'); ?>"/>
82 </td>
83 </tr>
84 </table>
85 </fieldset>
86 </form>
87 <?php
88 require(JIRAFEAU_ROOT.'lib/template/footer.php');
89 exit;
90 }
91 }
92 // Allow certains IP to upload with no password
93 elseif (true === jirafeau_challenge_upload_ip_without_password($cfg, get_ip_address($cfg))) {
94 jirafeau_user_session_start();
95 }
96 // Challenge by IP
97 elseif (true === jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) {
98 // Is an upload password required?
99 if (jirafeau_has_upload_password($cfg)) {
100 // Challenge by password
101 if (isset($_POST['upload_password'])) {
102 if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) {
103 jirafeau_user_session_start();
104 } else {
105 jirafeau_session_end();
106 jirafeau_fatal_error(t('BAD_PSW'), $cfg);
107 }
108 }
109
110 // Show login form if user session is not authorized yet
111 if (!jirafeau_user_session_logged()) {
112 ?>
113 <form method="post" class="form login">
114 <fieldset>
115 <table>
116 <tr>
117 <td class = "label"><label for = "enter_password">
118 <?php echo t('UP_PSW') . ':'; ?></label>
119 </td>
120 </tr><tr>
121 <td class = "field"><input type = "password"
122 name = "upload_password" id = "upload_password"
123 size = "40" autocomplete = "current-password" />
124 </td>
125 </tr>
126 <tr class = "nav">
127 <td class = "nav next">
128 <input type = "submit" name = "key" value = "<?php echo t('LOGIN'); ?>" />
129 </td>
130 </tr>
131 </table>
132 </fieldset>
133 </form>
134 <?php
135 require(JIRAFEAU_ROOT.'lib/template/footer.php');
136 exit;
137 }
138 }
139 } else {
140 jirafeau_fatal_error(t('ACCESS_KO'), $cfg);
141 }
142
143 ?>
144 <div id="upload_finished">
145 <p><?php echo t('FILE_UP') ?></p>
146
147 <div id="upload_finished_download_page">
148 <p>
149 <a id="upload_link" href=""><?php echo t('DL_PAGE') ?></a>
150 <a id="upload_link_email" href=""><img id="upload_image_email"/></a>
151 </p><p>
152 <code id=upload_link_text></code>
153 <button id="upload_link_button">&#128203;</button>
154 </p>
155 </div>
156
157 <?php if ($cfg['preview'] == true) {
158 ?>
159 <div id="upload_finished_preview">
160 <p>
161 <a id="preview_link" href=""><?php echo t('VIEW_LINK') ?></a>
162 </p><p>
163 <code id=preview_link_text></code>
164 <button id="preview_link_button">&#128203;</button>
165 </p>
166 </div>
167 <?php
168 } ?>
169
170 <div id="upload_direct_download">
171 <p>
172 <a id="direct_link" href=""><?php echo t('DIRECT_DL') ?></a>
173 </p><p>
174 <code id=direct_link_text></code>
175 <button id="direct_link_button">&#128203;</button>
176 </p>
177 </div>
178
179 <div id="upload_delete">
180 <p>
181 <a id="delete_link" href=""><?php echo t('DELETE_LINK') ?></a>
182 </p><p>
183 <code id=delete_link_text></code>
184 <button id="delete_link_button">&#128203;</button>
185 </p>
186 </div>
187
188 <div id="upload_validity">
189 <p><?php echo t('VALID_UNTIL'); ?>:</p>
190 <p id="date"></p>
191 </div>
192 </div>
193
194 <div id="uploading">
195 <p>
196 <?php echo t('UP'); ?>
197 <div id="uploaded_percentage"></div>
198 <div id="uploaded_speed"></div>
199 <div id="uploaded_time"></div>
200 </p>
201 </div>
202
203 <div id="error_pop" class="error">
204 </div>
205
206 <div id="upload">
207 <fieldset>
208 <legend>
209 <?php echo t('SEL_FILE'); ?>
210 </legend>
211 <p>
212 <input type="file" id="file_select" size="30"
213 onchange="control_selected_file_size(<?php echo $cfg['maximal_upload_size'] ?>, '<?php
214 if ($cfg['maximal_upload_size'] >= 1024) {
215 echo t('2_BIG') . ', ' . t('FILE_LIM') . " " . number_format($cfg['maximal_upload_size']/1024, 2) . " GB.";
216 } elseif ($cfg['maximal_upload_size'] > 0) {
217 echo t('2_BIG') . ', ' . t('FILE_LIM') . " " . $cfg['maximal_upload_size'] . " MB.";
218 }
219 ?>')"/>
220 </p>
221
222 <div id="options">
223 <table id="option_table">
224 <?php
225 if ($cfg['one_time_download']) {
226 echo '<tr><td>' . t('ONE_TIME_DL') . ':</td>';
227 echo '<td><input type="checkbox" id="one_time_download" /></td></tr>';
228 }
229 ?>
230 <tr>
231 <td><label for="input_key"><?php echo t('PSW') . ':'; ?></label></td>
232 <td><input type="password" name="key" id="input_key" autocomplete = "new-password"/></td>
233 </tr>
234 <tr>
235 <td><label for="select_time"><?php echo t('TIME_LIM') . ':'; ?></label></td>
236 <td><select name="time" id="select_time">
237 <?php
238 $expirationTimeOptions = array(
239 array(
240 'value' => 'minute',
241 'label' => '1_MIN'
242 ),
243 array(
244 'value' => 'hour',
245 'label' => '1_H'
246 ),
247 array(
248 'value' => 'day',
249 'label' => '1_D'
250 ),
251 array(
252 'value' => 'week',
253 'label' => '1_W'
254 ),
255 array(
256 'value' => 'fortnight',
257 'label' => '2_W'
258 ),
259 array(
260 'value' => 'month',
261 'label' => '1_M'
262 ),
263 array(
264 'value' => 'quarter',
265 'label' => '1_Q'
266 ),
267 array(
268 'value' => 'year',
269 'label' => '1_Y'
270 ),
271 array(
272 'value' => 'none',
273 'label' => 'NONE'
274 )
275 );
276 foreach ($expirationTimeOptions as $expirationTimeOption) {
277 $selected = ($expirationTimeOption['value'] === $cfg['availability_default'])? 'selected="selected"' : '';
278 if (true === $cfg['availabilities'][$expirationTimeOption['value']]) {
279 echo '<option value="' . $expirationTimeOption['value'] . '" ' .
280 $selected . '>' . t($expirationTimeOption['label']) . '</option>';
281 }
282 }
283 ?>
284 </select></td>
285 </tr>
286
287 <?php
288 if ($cfg['maximal_upload_size'] >= 1024) {
289 echo '<p class="config">' . t('FILE_LIM');
290 echo " " . number_format($cfg['maximal_upload_size'] / 1024, 2) . " GB.</p>";
291 } elseif ($cfg['maximal_upload_size'] > 0) {
292 echo '<p class="config">' . t('FILE_LIM');
293 echo " " . $cfg['maximal_upload_size'] . " MB.</p>";
294 } else {
295 echo '<p class="config"></p>';
296 }
297 ?>
298
299 <p id="max_file_size" class="config"></p>
300 <p>
301 <input type="submit" id="send" value="<?php echo t('SEND'); ?>"
302 onclick="
303 document.getElementById('upload').style.display = 'none';
304 document.getElementById('uploading').style.display = '';
305 upload (<?php echo jirafeau_get_max_upload_chunk_size_bytes($cfg['max_upload_chunk_size_bytes']); ?>);
306 "/>
307 </p>
308 </table>
309 </div> </fieldset>
310
311 <?php
312 if (jirafeau_user_session_logged()) {
313 ?>
314 <form method="post" class="form logout">
315 <input type = "hidden" name = "action" value = "logout"/>
316 <input type = "submit" value = "<?php echo t('LOGOUT'); ?>" />
317 </form>
318 <?php
319 }
320 ?>
321
322 </div>
323
324 <script type="text/javascript" lang="Javascript">
325 // @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
326 document.getElementById('error_pop').style.display = 'none';
327 document.getElementById('uploading').style.display = 'none';
328 document.getElementById('upload_finished').style.display = 'none';
329 document.getElementById('options').style.display = 'none';
330 document.getElementById('send').style.display = 'none';
331 if (!check_html5_file_api ())
332 document.getElementById('max_file_size').innerHTML = '<?php
333 $max_size = jirafeau_get_max_upload_size();
334 if ($max_size > 0) {
335 echo t('NO_BROWSER_SUPPORT') . $max_size;
336 }
337 ?>';
338
339 addCopyListener('upload_link_button', 'upload_link');
340 addCopyListener('preview_link_button', 'preview_link');
341 addCopyListener('direct_link_button', 'direct_link');
342 addCopyListener('delete_link_button', 'delete_link');
343 // @license-end
344 </script>
345 <?php require(JIRAFEAU_ROOT . 'lib/template/footer.php'); ?>
Fork of Jirafeau by a group of developers after mojo42 discontinued it; main repository at https://gitlab.com/jirafeau/Jirafeau

patrick-canterino.de