[TASK] rework user auth

[jirafeau_project.git] / lib / functions.php

diff --git a/lib/functions.php b/lib/functions.php
index 1444c1f6401e9b233fc61ecb3787e41b5c87730a..9672fe13deed1fe03f647363dc4decaa51e9043b 100644 (file)
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -190,6 +190,9 @@ function jirafeau_ini_to_bytes($value)
     $modifier = substr($value, -1);
     $bytes = substr($value, 0, -1);
     switch (strtoupper($modifier)) {
+    default:
+        return intval($value);
+        break;
     case 'P':
         $bytes *= 1024;
         // no break
@@ -229,6 +232,30 @@ function jirafeau_get_max_upload_size()
     return jirafeau_human_size(jirafeau_get_max_upload_size_bytes());
 }
 
+/**
+ * get the maximal upload size for a data chunk in async uploads
+ * @param max_upload_chunk_size_bytes
+ */
+function jirafeau_get_max_upload_chunk_size_bytes($max_upload_chunk_size_bytes = 0)
+{
+    if ($max_upload_chunk_size_bytes == 0) {
+        $size = jirafeau_get_max_upload_size_bytes();
+        // Jirafeau must choose an arbitrary number as PHP config does not give any limit nor $max_upload_chunk_size_bytes
+        if ($size == 0) {
+            return 10000000; // 10MB
+        }
+        return $size;
+    }
+    $size = min(
+        jirafeau_get_max_upload_size_bytes(),
+        $max_upload_chunk_size_bytes
+    );
+    if ($size == 0) {
+        return $max_upload_chunk_size_bytes;
+    }
+    return $size;
+}
+
 /**
  * gets a string explaining the error
  * @param $code the error code
@@ -564,13 +591,15 @@ function show_errors()
 
 function check_errors($cfg)
 {
-    if (file_exists(JIRAFEAU_ROOT . 'install.php')
-        && !($cfg['installation_done'] === true)) {
-        header('Location: install.php');
-        exit;
+    if (!($cfg['installation_done'] === true)) {
+        if (file_exists(JIRAFEAU_ROOT . 'install.php')) {
+            header('Location: install.php');
+            exit;
+        } else {
+            add_error(t('INSTALL_FILE_NOT_FOUND_TITLE'), t('INSTALL_FILE_NOT_FOUND_DESC'));
+        }
     }
 
-    /* Checking for errors. */
     if (!is_writable(VAR_FILES)) {
         add_error(t('FILE_DIR_W'), VAR_FILES);
     }
@@ -835,7 +864,8 @@ function jirafeau_admin_bug_report($cfg)
         'enable_crypt',
         'preview',
         'maximal_upload_size',
-        'store_uploader_ip'
+        'store_uploader_ip',
+        'max_upload_chunk_size_bytes'
     ];
     foreach ($jirafeau_options as &$o) {
         $v = $cfg[$o];
@@ -1008,6 +1038,11 @@ function jirafeau_async_push($ref, $data, $code, $max_file_size)
     if ($a['next_code'] != "$code") {
         return "Error: bad transfer code";
     }
+    if ($data['error'] != UPLOAD_ERR_OK) {
+        // Check error code in https://www.php.net/manual/en/features.file-upload.errors.php
+        $data_details = print_r($data, true);
+        return "Error: upload error: {$data_details}";
+    }
     if (empty($data['tmp_name'])) {
         return "Error: missing tmp_name";
     }
@@ -1441,7 +1476,7 @@ function jirafeau_admin_session_start()
     $_SESSION['admin_csrf'] = md5(uniqid(mt_rand(), true));
 }
 
-function jirafeau_admin_session_end()
+function jirafeau_session_end()
 {
     $_SESSION = array();
     session_destroy();
@@ -1461,6 +1496,17 @@ function jirafeau_admin_csrf_field()
     return "<input type='hidden' name='admin_csrf' value='". $_SESSION['admin_csrf'] . "'/>";
 }
 
+function jirafeau_user_session_start()
+{
+    $_SESSION['user_auth'] = true;
+}
+
+function jirafeau_user_session_logged()
+{
+    return isset($_SESSION['user_auth']) &&
+        $_SESSION['user_auth'] === true;
+}
+
 function jirafeau_dir_size($dir)
 {
     $size = 0;
@@ -1539,5 +1585,5 @@ function jirafeau_add_ending_slash($path)
 
 function jirafeau_default_web_root()
 {
-    return $_SERVER['HTTP_HOST'] . str_replace(basename(__FILE__), '', $_SERVER['REQUEST_URI']);
+    return $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']);
 }