X-Git-Url: https://git.p6c8.net/jirafeau_project.git/blobdiff_plain/ba6f06965a4d9846e23d99a0e9f74b1361c18c40..0a5462c3311b4541a858b8e719ae8548877c7a62:/file.php diff --git a/file.php b/file.php index 31c16da..d632beb 100644 --- a/file.php +++ b/file.php @@ -17,149 +17,250 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ +define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); -define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); +require (JIRAFEAU_ROOT . 'lib/lang.php'); +require (JIRAFEAU_ROOT . 'lib/config.php'); +require (JIRAFEAU_ROOT . 'lib/settings.php'); +require (JIRAFEAU_ROOT . 'lib/functions.php'); -require(JIRAFEAU_ROOT . 'lib/config.php'); -require(JIRAFEAU_ROOT . 'lib/settings.php'); -require(JIRAFEAU_ROOT . 'lib/functions.php'); +if (!isset ($_GET['h']) || empty ($_GET['h'])) +{ + header ('Location: ' . $cfg['web_root']); + exit; +} -if(isset($_GET['h']) && !empty($_GET['h'])) { - $link_name = $_GET['h']; +/* Operations may take a long time. + * Be sure PHP's safe mode is off. + */ +set_time_limit(0); - if(!ereg('[0-9a-f]{32}$', $link_name)) { - header("HTTP/1.0 404 Not Found"); +$link_name = $_GET['h']; - require(JIRAFEAU_ROOT . 'lib/template/header.php'); - echo '

Error 404: Not Found

'; - require(JIRAFEAU_ROOT . 'lib/template/footer.php'); +if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name)) +{ + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

' . t('Sorry, the requested file is not found') . '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; - } - - $link_file = VAR_LINKS . $link_name; - if(file_exists($link_file)) { - $content = file($link_file); - $file_name = trim($content[0]); - $mime_type = trim($content[1]); - $file_size = trim($content[2]); - $key = trim($content[3], NL); - $time = trim($content[4]); - $md5 = trim($content[5]); - $onetime = trim($content[6]); - - if(!file_exists(VAR_FILES . $md5)) { - if (file_exists(VAR_FILES . $md5 . '_count')) { - unlink(VAR_FILES . $md5 . '_count'); - } - unlink($link_file); - require(JIRAFEAU_ROOT . 'lib/template/header.php'); - echo '

' . _('File not available.') . '

'; - require(JIRAFEAU_ROOT . 'lib/template/footer.php'); +} + +$link = jirafeau_get_link ($link_name); +if (count ($link) == 0) +{ + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

' . t('Sorry, the requested file is not found') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; - } - - $counter = 1; - if (file_exists(VAR_FILES . $md5 . '_count')) { - $content = file(VAR_FILES . $md5 . '_count'); - $counter = trim($content[0], NL); - } - - if($time != JIRAFEAU_INFINITY) { - if(time() > $time) { - unlink($link_file); - - $counter--; - if ($counter >= 1) { - $handle = fopen(VAR_FILES . $md5 . '_count', 'w'); - fwrite($handle, $counter); - fclose($handle); - } - elseif ($counter == 0) { - if (file_exists(VAR_FILES . $md5 . '_count')) { - unlink(VAR_FILES . $md5 . '_count'); - } - $new_name = jirafeau_detect_collision($md5 . '_' . $file_name, VAR_TRASH); - rename(VAR_FILES . $md5, VAR_TRASH . $new_name); - } - - require(JIRAFEAU_ROOT . 'lib/template/header.php'); - echo '

' . _('The time limit of this file has expired. It has been deleted.') . '

'; - require(JIRAFEAU_ROOT . 'lib/template/footer.php'); - exit; - } - } +} - if(!empty($key)) { - if(!isset($_POST['key'])) { - require(JIRAFEAU_ROOT . 'lib/template/header.php'); -?> -
-
- -
- - - - - - - - -
-
-
-
+$delete_code = ''; +if (isset ($_GET['d']) && !empty ($_GET['d'])) + $delete_code = $_GET['d']; + +$crypt_key = ''; +if (isset ($_GET['k']) && !empty ($_GET['k'])) + $crypt_key = $_GET['k']; + +$button_download = false; +if (isset ($_GET['bd']) && !empty ($_GET['bd'])) + $button_download = true; + +$button_preview = false; +if (isset ($_GET['bp']) && !empty ($_GET['bp'])) + $button_preview = true; + +$p = s2p ($link['md5']); +if (!file_exists (VAR_FILES . $p . $link['md5'])) +{ + jirafeau_delete_link ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'.t('File not available.'). + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + +if (!empty ($delete_code) && $delete_code == $link['link_code']) +{ + jirafeau_delete_link ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'.t('File has been deleted.'). + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + +if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time']) +{ + jirafeau_delete_link ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'. + t('The time limit of this file has expired.') . ' ' . + t('File has been deleted.') . + '

'; + require (JIRAFEAU_ROOT . 'lib/template/footer.php'); + exit; +} + +if (empty ($crypt_key) && $link['crypted']) +{ + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

' . t('Sorry, the requested file is not found') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + +$password_challenged = false; +if (!empty ($link['key'])) +{ + if (!isset ($_POST['key'])) + { + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '
' . + '
'; ?> + ' . + '' . t('Password protection') . + '' . + '' . + '
' . + t('Give the password of this file') . ' : ' . + '' . + '
' . + t('By using our services, you accept of our'). ' ' . t('Term Of Service') . '' . + '
'; + ?>
'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; - } else { - if($key != $_POST['key']) { - header("HTTP/1.0 403 Forbidden"); - - require(JIRAFEAU_ROOT . 'lib/template/header.php'); - echo '

Error 403: Forbidden

'; - require(JIRAFEAU_ROOT . 'lib/template/footer.php'); - exit; + } + else + { + if ($link['key'] == md5 ($_POST['key'])) + $password_challenged = true; + else + { + header ("Access denied"); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

' . t('Access denied') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; } - } } +} - header('Content-Length: ' . $file_size); - header('Content-Type: ' . $mime_type); - if(!jirafeau_is_viewable($mime_type)) { - header('Content-Disposition: attachment; filename="' . $file_name . '"'); - } - readfile(VAR_FILES . $md5); - - if($onetime == 'O') { - unlink($link_file); - - $counter--; - if ($counter >= 1) { - $handle = fopen(VAR_FILES . $md5 . '_count', 'w'); - fwrite($handle, $counter); - fclose($handle); - } - elseif ($counter == 0) { - if (file_exists(VAR_FILES . $md5 . '_count')) { - unlink(VAR_FILES . $md5 . '_count'); +if ($cfg['download_page'] && !$password_challenged && !$button_download && !$button_preview) +{ + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '
' . + '
'; ?> + ' . $link['file_name'] . '' . + '' . + ''; + echo '
' . + t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . + '
' . + t('By using our services, you accept of our'). ' ' . t('Term Of Service') . ''; + ?>
'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} - require(JIRAFEAU_ROOT . 'lib/template/header.php'); - echo '

Error 404: Not Found

'; - require(JIRAFEAU_ROOT . 'lib/template/footer.php'); - exit; - } -} else { - header('Location: ' . $cfg['web_root']); - exit; +header ('HTTP/1.0 200 OK'); +header ('Content-Length: ' . $link['file_size']); +if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $button_download) + header ('Content-Disposition: attachment; filename="' . + $link['file_name'] . '"'); +else + header ('Content-Type: ' . $link['mime_type']); + +/* Read encrypted file. */ +if ($link['crypted']) +{ + /* Extract key and iv. */ + $ex = explode (".", $crypt_key); + $key = $ex[0]; + $iv = base64_decode($ex[1]); + error_log ("crypt_key: " . $crypt_key . " iv: " . $v . " key: ". $key . "\n", 3, "debug.log"); + /* Init module */ + $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); + mcrypt_generic_init($m, $key, $iv); + /* Decrypt file. */ + $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); + while (!feof ($r)) + { + $dec = mdecrypt_generic($m, fread ($r, 1024)); + print $dec; + ob_flush(); + } + fclose ($r); + /* Cleanup. */ + mcrypt_generic_deinit($m); + mcrypt_module_close($m); } +/* Read file. */ +else +{ + $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); + while (!feof ($r)) + { + print fread ($r, 1024); + ob_flush(); + } + fclose ($r); +} + +if ($link['onetime'] == 'O') + jirafeau_delete_link ($link_name); +exit; ?>