X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/96707e02b8b24054e0827eaf169cc88504a1e78c..a1bcc5b88c09dcbbfb2f2ad0d509d32731ff04c3:/index.php diff --git a/index.php b/index.php index b8feabd..bb454af 100644 --- a/index.php +++ b/index.php @@ -18,6 +18,7 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ +session_start(); define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); require(JIRAFEAU_ROOT . 'lib/settings.php'); @@ -34,63 +35,60 @@ if (has_error()) { require(JIRAFEAU_ROOT . 'lib/template/header.php'); /* Check if user is allowed to upload. */ -if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { - echo '

' . t('Access denied') . '

'; - require(JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; -} - -/* Ask password if upload password is set. */ -if (jirafeau_has_upload_password($cfg)) { - session_start(); +// First check: Challenge by IP +if (true === jirafeau_challenge_upload_ip($cfg['upload_ip'], get_ip_address($cfg))) { + // Is an upload password required? + if (jirafeau_has_upload_password($cfg)) { + // Logout action + if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { + session_unset(); + } - /* Unlog if asked. */ - if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { - session_unset(); - } + // Challenge by password + // …save successful logins in session + if (isset($_POST['upload_password'])) { + if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { + $_SESSION['upload_auth'] = true; + $_SESSION['user_upload_password'] = $_POST['upload_password']; + } else { + $_SESSION['admin_auth'] = false; + jirafeau_fatal_error(t('Wrong password.'), $cfg); + } + } - /* Auth. */ - if (isset($_POST['upload_password'])) { - if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { - $_SESSION['upload_auth'] = true; - $_SESSION['user_upload_password'] = $_POST['upload_password']; - } else { - $_SESSION['admin_auth'] = false; - echo '

' . t('Wrong password.') . '

'; + // Show login form if user session is not authorized yet + if (true === empty($_SESSION['upload_auth'])) { + ?> +
+
+ + + + + + + + + +
+
+
+
+
+ -
-
- - - - - - - - - -
- -
-
-
- @@ -99,32 +97,46 @@ if (jirafeau_has_upload_password($cfg)) {

- - + + +

+ +

-

-

:

-

+

+ +

+ + +

-
-

:

-

+

+ +

+ + +

-
-

:

-

+
+

+ +

+ + +

-
+

:

@@ -237,7 +249,7 @@ if (jirafeau_has_upload_password($cfg)) { onclick=" document.getElementById('upload').style.display = 'none'; document.getElementById('uploading').style.display = ''; - upload ('', ); + upload (); "/>

@@ -246,7 +258,7 @@ if (jirafeau_has_upload_password($cfg)) { -
+
@@ -267,5 +279,10 @@ if (jirafeau_has_upload_password($cfg)) { document.getElementById('max_file_size').innerHTML = ''; + + addCopyListener('upload_link_button', 'upload_link'); + addCopyListener('preview_link_button', 'preview_link'); + addCopyListener('direct_link_button', 'direct_link'); + addCopyListener('delete_link_button', 'delete_link');