X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/8adcdf2e61aa2746235d99202ad07b59d0198b04..631048856d53591fed1253a61f63ab07c3772443:/script.php?ds=inline diff --git a/script.php b/script.php index 45ca635..19f14a8 100755 --- a/script.php +++ b/script.php @@ -25,7 +25,7 @@ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/config.php'); +require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); @@ -36,7 +36,9 @@ require (JIRAFEAU_ROOT . 'lib/lang.php'); /* Operations may take a long time. * Be sure PHP's safe mode is off. */ - set_time_limit(0); +@set_time_limit(0); +/* Remove errors. */ +@error_reporting(0); if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) { @@ -199,6 +201,15 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) echo '

' . t('This will return brut text content.') . ' ' . t('First line is a block id the second line the edit/delete code.') . '

'; + echo '

' . t('Get block size') . ':

'; + echo '

'; + echo t('Send a GET query to') . ': ' . $web_root . 'script.php?get_block_size
'; + echo '
'; + echo t('Parameters') . ':
'; + echo "id=block_id (" . t('Required') . ")
"; + echo '

'; + echo '

' . t('This will return asked data or "Error" string.') . '

'; + echo '

' . t('Read data in a block') . ':

'; echo '

'; echo t('Send a GET query to') . ': ' . $web_root . 'script.php?read_block
'; @@ -241,10 +252,23 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) /* Lets use interface now. */ header('Content-Type: text; charset=utf-8'); +check_errors (); +if (has_error ()) +{ + echo "Error"; + exit; +} + /* Upload file */ if (isset ($_FILES['file']) && is_writable (VAR_FILES) && is_writable (VAR_LINKS)) { + if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + { + echo "Error"; + exit; + } + $key = ''; if (isset ($_POST['key'])) $key = $_POST['key']; @@ -276,7 +300,8 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES) } $res = jirafeau_upload ($_FILES['file'], isset ($_POST['one_time_download']), - $key, $time, $_SERVER['REMOTE_ADDR']); + $key, $time, $_SERVER['REMOTE_ADDR'], + $cfg['enable_crypt'], $cfg['link_name_lenght']); if (empty($res) || $res['error']['has_error']) { @@ -285,9 +310,12 @@ if (isset ($_FILES['file']) && is_writable (VAR_FILES) } /* Print direct link. */ echo $res['link']; - echo NL; /* Print delete link. */ + echo NL; echo $res['delete_link']; + /* Print decrypt key. */ + echo NL; + echo urlencode($res['crypt_key']); } elseif (isset ($_GET['h'])) { @@ -299,7 +327,7 @@ elseif (isset ($_GET['h'])) if (isset ($_GET['d'])) $d = $_GET['d']; - if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name)) + if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) { echo "Error"; exit; @@ -501,6 +529,12 @@ fi /* Initialize an asynchronous upload. */ elseif (isset ($_GET['init_async'])) { + if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + { + echo "Error"; + exit; + } + if (!isset ($_POST['filename'])) { echo "Error"; @@ -564,16 +598,30 @@ elseif (isset ($_GET['end_async'])) || !isset ($_POST['code'])) echo "Error"; else - echo jirafeau_async_end ($_POST['ref'], $_POST['code']); + echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_lenght']); } /* Initialize block. */ elseif (isset ($_GET['init_block']) && $cfg['enable_blocks']) { + if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password'])) + { + echo "Error"; + exit; + } + if (!isset ($_POST['size'])) echo "Error"; else echo jirafeau_block_init ($_POST['size']); } +/* Get block size. */ +elseif (isset ($_GET['get_block_size']) && $cfg['enable_blocks']) +{ + if (!isset ($_POST['id'])) + echo "Error"; + else + echo jirafeau_block_get_size ($_POST['id']); +} /* Read data in block. */ elseif (isset ($_GET['read_block']) && $cfg['enable_blocks']) {