X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/53390fef42f7b3430b5ed5a65ace28921cb33a6a..3925dad48efc5ab9fa23e2ccdd2ffd1182b4ec40:/f.php?ds=sidebyside diff --git a/f.php b/f.php index e7d2241..0218602 100644 --- a/f.php +++ b/f.php @@ -2,7 +2,7 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD - * Copyright (C) 2012 Jerome Jutteau + * Copyright (C) 2015 Jerome Jutteau * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -20,7 +20,7 @@ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); require (JIRAFEAU_ROOT . 'lib/lang.php'); -require (JIRAFEAU_ROOT . 'lib/config.php'); +require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); @@ -33,7 +33,9 @@ if (!isset ($_GET['h']) || empty ($_GET['h'])) /* Operations may take a long time. * Be sure PHP's safe mode is off. */ -set_time_limit(0); +@set_time_limit(0); +/* Remove errors. */ +@error_reporting(0); $link_name = $_GET['h']; @@ -47,6 +49,13 @@ if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) $link = jirafeau_get_link ($link_name); if (count ($link) == 0) +{ + /* Try alias. */ + $alias = jirafeau_get_alias (md5 ($link_name)); + if (count ($alias) > 0) + $link = jirafeau_get_link ($alias["destination"]); +} +if (count ($link) == 0) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . @@ -56,20 +65,20 @@ if (count ($link) == 0) } $delete_code = ''; -if (isset ($_GET['d']) && !empty ($_GET['d'])) +if (isset ($_GET['d']) && !empty ($_GET['d']) && $_GET['d'] != '1') $delete_code = $_GET['d']; $crypt_key = ''; if (isset ($_GET['k']) && !empty ($_GET['k'])) $crypt_key = $_GET['k']; -$button_download = false; -if (isset ($_GET['bd']) && !empty ($_GET['bd'])) - $button_download = true; +$do_download = false; +if (isset ($_GET['d']) && $_GET['d'] == '1') + $do_download = true; -$button_preview = false; -if (isset ($_GET['bp']) && !empty ($_GET['bp'])) - $button_preview = true; +$do_preview = false; +if (isset ($_GET['p']) && !empty ($_GET['p'])) + $do_preview = true; $p = s2p ($link['md5']); if (!file_exists (VAR_FILES . $p . $link['md5'])) @@ -123,7 +132,7 @@ if (!empty ($link['key'])) '

'; ?> + 'method = "post" id = "submit_post">'; ?> ' . '' . t('Password protection') . @@ -132,27 +141,34 @@ if (!empty ($link['key'])) '' . '' . '' . - t('By using our services, you accept of our'). ' ' . t('Term Of Service') . '' . - '' . - ''; - ?>' . t('Term Of Service') . '' . + ''; + + if ($link['onetime'] == 'O') + { + echo '' . + t('Warning, this file will self-destruct after being read') . + ''; + } + + ?>'; + document.getElementById('submit_preview').submit ();"/>
'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); @@ -164,7 +180,7 @@ if (!empty ($link['key'])) $password_challenged = true; else { - header ("Access denied"); + sleep (2); require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Access denied') . '

'; @@ -174,40 +190,50 @@ if (!empty ($link['key'])) } } -if ($cfg['download_page'] && !$password_challenged && !$button_download && !$button_preview) +if (!$password_challenged && !$do_download && !$do_preview) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '
' . '
'; ?> + 'method = "post" id = "submit_post">'; ?> ' . $link['file_name'] . '' . + echo '
' . htmlspecialchars($link['file_name']) . '
' . '' . ''; + + if ($link['onetime'] == 'O') + { + echo ''; + } + + ?> + '; echo '
' . - t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . + t('You are about to download') . ' "' . htmlspecialchars($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ')' . '
' . - t('By using our services, you accept of our'). ' ' . t('Term Of Service') . ''; - ?>
' . t('Term Of Service') . '' . + '
' . + t('Warning, this file will self-destruct after being read') . + '
'; @@ -217,11 +243,12 @@ if ($cfg['download_page'] && !$password_challenged && !$button_download && !$but header ('HTTP/1.0 200 OK'); header ('Content-Length: ' . $link['file_size']); -if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $button_download) - header ('Content-Disposition: attachment; filename="' . - $link['file_name'] . '"'); +if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $do_download) + header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); else - header ('Content-Type: ' . $link['mime_type']); + header ('Content-Disposition: filename="' . $link['file_name'] . '"'); +header ('Content-Type: ' . $link['mime_type']); +header ('Content-MD5: ' . hex_to_base64($link['md5'])); /* Read encrypted file. */ if ($link['crypted'])