* Copyright (C) 2015 Jerome Jutteau * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); require (JIRAFEAU_ROOT . 'lib/lang.php'); require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); if (!isset ($_GET['h']) || empty ($_GET['h'])) { header ('Location: ' . $cfg['web_root']); exit; } /* Operations may take a long time. * Be sure PHP's safe mode is off. */ @set_time_limit(0); /* Remove errors. */ @error_reporting(0); $link_name = $_GET['h']; if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } $link = jirafeau_get_link ($link_name); if (count ($link) == 0) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } $delete_code = ''; if (isset ($_GET['d']) && !empty ($_GET['d']) && $_GET['d'] != '1') $delete_code = $_GET['d']; $crypt_key = ''; if (isset ($_GET['k']) && !empty ($_GET['k'])) $crypt_key = $_GET['k']; $do_download = false; if (isset ($_GET['d']) && $_GET['d'] == '1') $do_download = true; $do_preview = false; if (isset ($_GET['p']) && !empty ($_GET['p'])) $do_preview = true; $p = s2p ($link['md5']); if (!file_exists (VAR_FILES . $p . $link['md5'])) { jirafeau_delete_link ($link_name); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'.t('File not available.'). '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } if (!empty ($delete_code) && $delete_code == $link['link_code']) { jirafeau_delete_link ($link_name); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'.t('File has been deleted.'). '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time']) { jirafeau_delete_link ($link_name); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'. t('The time limit of this file has expired.') . ' ' . t('File has been deleted.') . '

'; require (JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; } if (empty ($crypt_key) && $link['crypted']) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } $password_challenged = false; if (!empty ($link['key'])) { if (!isset ($_POST['key'])) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '
' . '
'; ?> ' . '' . t('Password protection') . '' . '' . '
' . t('Give the password of this file') . ' : ' . '' . '
' . t('By using our services, you accept of our'). ' ' . t('Term Of Service') . '' . '
'; ?>
'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } else { if ($link['key'] == md5 ($_POST['key'])) $password_challenged = true; else { header ("Access denied"); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Access denied') . '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } } } if ($cfg['download_page'] && !$password_challenged && !$do_download && !$do_preview) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '
' . '
'; ?> ' . $link['file_name'] . '' . '' . ''; echo '
' . t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . '
' . t('By using our services, you accept of our'). ' ' . t('Term Of Service') . ''; ?>
'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } header ('HTTP/1.0 200 OK'); header ('Content-Length: ' . $link['file_size']); if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $do_download) header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); header ('Content-Type: ' . $link['mime_type']); /* Read encrypted file. */ if ($link['crypted']) { /* Init module */ $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ $md5_key = md5 ($crypt_key); $iv = jirafeau_crypt_create_iv ($md5_key, mcrypt_enc_get_iv_size($m)); /* Init module. */ mcrypt_generic_init ($m, $md5_key, $iv); /* Decrypt file. */ $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); while (!feof ($r)) { $dec = mdecrypt_generic($m, fread ($r, 1024)); print $dec; ob_flush(); } fclose ($r); /* Cleanup. */ mcrypt_generic_deinit($m); mcrypt_module_close($m); } /* Read file. */ else { $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); while (!feof ($r)) { print fread ($r, 1024); ob_flush(); } fclose ($r); } if ($link['onetime'] == 'O') jirafeau_delete_link ($link_name); exit; ?>