X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/17d5977bf8d24a1b0abb5f52a8453322f21a994d..f7cb4752610181cc8a30485fcd4187a86ac8426d:/script.php?ds=sidebyside diff --git a/script.php b/script.php index b861a47..95888b5 100644 --- a/script.php +++ b/script.php @@ -44,7 +44,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count($_GET) == 0) {

Scripting interface

This interface permits to script your uploads and downloads.

-

See source code of this interface to get available calls :)

+

See source code of this interface to get available calls :)

You may download a preconfigured Bash Script to easily send to and get files from the API via command line.


@@ -81,42 +81,22 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES) $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ + if (!preg_match($cfg['download_password_policy_regex'], $key)){ + echo 'Error 14: The download password is not complying to the security standards.'; + exit; + } + } + }elseif ($cfg['download_password_requirement'] !== 'optional'){ + echo 'Error 13: The parameter password is required.'; + exit; } - $time = time(); if (!isset($_POST['time']) || !$cfg['availabilities'][$_POST['time']]) { echo 'Error 4: The parameter time is invalid.'; exit; } else { - switch ($_POST['time']) { - case 'minute': - $time += JIRAFEAU_MINUTE; - break; - case 'hour': - $time += JIRAFEAU_HOUR; - break; - case 'day': - $time += JIRAFEAU_DAY; - break; - case 'week': - $time += JIRAFEAU_WEEK; - break; - case 'fortnight': - $time += JIRAFEAU_FORTNIGHT; - break; - case 'month': - $time += JIRAFEAU_MONTH; - break; - case 'quarter': - $time += JIRAFEAU_QUARTER; - break; - case 'year': - $time += JIRAFEAU_YEAR; - break; - default: - $time = JIRAFEAU_INFINITY; - break; - } + $time = jirafeau_datestr_to_int($_POST['time']); } // Check file size @@ -166,6 +146,15 @@ if (isset($_FILES['file']) && is_writable(VAR_FILES) $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ + if (!preg_match($cfg['download_password_policy_regex'], $key)){ + echo 'Error 14: The download password is not complying to the security standards.'; + exit; + } + } + }elseif ($cfg['download_password_requirement'] !== 'optional'){ + echo 'Error 13: The parameter password is required.'; + exit; } $d = ''; if (isset($_GET['d'])) { @@ -433,6 +422,15 @@ elseif (isset($_GET['init_async'])) { $key = ''; if (isset($_POST['key'])) { $key = $_POST['key']; + if ($cfg['download_password_requirement'] !== 'generated' && $cfg['download_password_policy'] === 'regex'){ + if (!preg_match($cfg['download_password_policy_regex'], $key)){ + echo 'Error 14: The download password is not complying to the security standards.'; + exit; + } + } + }elseif ($cfg['download_password_requirement'] !== 'optional'){ + echo 'Error 13: The parameter password is required.'; + exit; } // Check if one time download is enabled @@ -441,40 +439,11 @@ elseif (isset($_GET['init_async'])) { exit; } - $time = time(); if (!isset($_POST['time']) || !$cfg['availabilities'][$_POST['time']]) { echo 'Error 22'; exit; } else { - switch ($_POST['time']) { - case 'minute': - $time += JIRAFEAU_MINUTE; - break; - case 'hour': - $time += JIRAFEAU_HOUR; - break; - case 'day': - $time += JIRAFEAU_DAY; - break; - case 'week': - $time += JIRAFEAU_WEEK; - break; - case 'fortnight': - $time += JIRAFEAU_FORTNIGHT; - break; - case 'month': - $time += JIRAFEAU_MONTH; - break; - case 'quarter': - $time += JIRAFEAU_QUARTER; - break; - case 'year': - $time += JIRAFEAU_YEAR; - break; - default: - $time = JIRAFEAU_INFINITY; - break; - } + $time = jirafeau_datestr_to_int($_POST['time']); } if ($cfg['store_uploader_ip']) {