From: Weblate Date: Thu, 23 Feb 2017 17:34:39 +0000 (+0100) Subject: Merge remote-tracking branch 'origin/master' X-Git-Tag: 3.2.0~28 X-Git-Url: https://git.p6c8.net/jirafeau_project.git/commitdiff_plain/9a9c9a8bf83241c193c5bef6361d41893e72dfd3?hp=0a4f3d86b718987e4c25896a75df0b96947044b0 Merge remote-tracking branch 'origin/master' --- diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 9876a21..94bdac5 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -4,6 +4,8 @@ Hi, this document is made for newcomers in Jirafeau who are digging into the code. +If you have further questions, then just ask for help 🤓. + ## General principle Jirafeau is made in the [KISS](http://en.wikipedia.org/wiki/KISS_principle) way (Keep It Simple, Stupid). @@ -21,26 +23,32 @@ view only to show the most importants files and their role. ``` . -├── admin.php : adminitration interface, also permits to download files +├── admin.php : administration interface to manage links and files ├── f.php : permits to download files or show the download page -├── index.php : only provide a html/javascript client to interact with API -├── script.php : API interface and it's html documentation +├── index.php : provides a web interface to interact with API +├── script.php : API interface (all file actions happen here - upload, deletion, etc) ├── install.php : installation script -├── tos.php : terms of use the user may edit +├── tos.php : "Terms of Service" page ├── lib -│   ├── config.local.php : user's parameters -│   ├── config.original.php : default parameters with their documentation -│   ├── functions_*.js : javascript functions for html/javascript client -│   ├── functions.php : core functions and tools of jirafeau -│   ├── locales : langage folder, contain all langage files +│   ├── config.original.php : default parameters +│   ├── config.local.php : the users parameters (auto generated, not versionized) +│   ├── functions_*.js : JavaScript functions for index.php (AJAX etc) +│   ├── functions.php : core functions and tools of Jirafeau +│   ├── tos.original.txt : default text show on the ToS page +│   ├── tos.local.txt : a users alternative text show on the ToS page (not versionized) +│   ├── settings.php : core settings of Jirafeau, includes the configuration params automatically +│   ├── locales : language folder, contains all language files │   └── template -│   ├── footer.php -│   └── header.php +│   ├── footer.php : footer with links to source and ToS for all HTML views +│   └── header.php : header with logo and title for all HTML views ├── media : folder containing all skins -└── var-xxxxxxx : folder containing all data - ├── async : chunks of uploaded files - ├── files : all files that has been successfully uploaded - └── links : all links pointing to files with meta-informations +└── var-xxxxxxx : the users folder containing all data (auto generated, not versionized) + ├── async : chunks of uploaded files (not succressfull yet) + ├── files : all files that have been uploaded successfully + ├── [hashed file name] : the original file + ├── [hashed file name]_count : count many links to this file exist + └── links : all links, including meta-informations, pointing to files + ├── [link] : the link file, includes which original file should be used and some meta data like creation date, expiration time ``` ## Translations @@ -49,14 +57,41 @@ Translation may be add via [Jirafeau's Weblate](https://hosted.weblate.org/proje ## Coding style -- PHP function keywords are alone on a line -- Braces "{" must be put in a new line +- This project follows the [PSR-2](http://www.php-fig.org/psr/psr-2/) Coding Style - Files must be in UTF-8 without BOM and use Unix Line Endings (LF) -The whole project is not clean about that yet, feel free to fix :) +## Branches + +* ```master``` = latest release, e.g. 2.0.1 +* ```next-release``` = development branch - all new features are merged into this branch until the next version is released. So use this branch as base while developing new features or bugfixes. +* ```test``` = sandbox branch to test new features or merge requests, or run integration tests. The content of this branch may change at any time. ## Merge Requests Please create one branch for each feature and send one merge request for each branch. Dont squash several changes or commits into one merge request as this is hard to review. + +Please use ```next-release``` as base branch and send your merge request to this branch (not ```master```). + +Quick walktrough: + +* Create ticket for new feature +* Fork the original repository, clone the own repository, add the original repository as upstream +* Checkout »next-release« branch ```git checkout next-release``` +* Create a new branch on top of that one, e.g. »some-feature« ```git checkout -b some-feature``` +* Commit changes → push → send merge request ```git add -A; git commit; git push``` MR via GitLab (link shown in console) +* Feature is reviewed + * MR accepted: Reviewer checks out »next-release« branch and cherry-picks the commit ```git checkout next-release; git cherry-pick be4369641; git push``` + * MR declined: Reviewer add some notes, Developer rebases his branch, adds neccessary changes, force pushes the branch, ask a reviewer to review the changes in the merge request ticket (as Gitlab recognizes them automatically) ```git checkout some-feature; git rebase upstream/next-release``` …[add changes]… ```git add -A, git commit --amend; git push -f``` + +## New Releases + +* Compare the [»next-release« branch to »master«](https://gitlab.com/mojo42/Jirafeau/compare/master...next-release) +* Add a list of noteworthy features and bugfixes to the README +* Change the version, using [semantic versioning](http://semver.org/), in ```settings.php``` +* Merge »next-release« branch to »master« +* Update the demo page +* Tag the »master« with the new version +* Push branch and tag +* Dance a little diff --git a/README.md b/README.md index 9a09bd3..0ce6d12 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,11 @@ A demonstration of the latest version is available on [jirafeau.net](http://jira ![Screenshot1](http://i.imgur.com/TPjh48P.png) +Latest CI Status: +Master [![Build Status Master](https://gitlab.com/mojo42/Jirafeau/badges/master/build.svg)](https://gitlab.com/mojo42/Jirafeau/commits/master) +Next Release [![Build Status Next Release](https://gitlab.com/mojo42/Jirafeau/badges/test/build.svg)](https://gitlab.com/mojo42/Jirafeau/commits/master) +[All Branch Builds](https://gitlab.com/mojo42/Jirafeau/pipelines?scope=branches) + ## Main features - One upload → One download link & one delete link @@ -50,39 +55,55 @@ Jirafeau project won't evolve to a file manager and will focus to keep a very fe ## Installation -- [Download](https://gitlab.com/mojo42/Jirafeau/repository/archive.zip) the last version of Jirafeau from GitLab -- Upload files on your web server -- Don't forget to set owner of uploaded files if you need to -- Get your web browser and go to you install location (e.g. ```http://your-web-site.org/jirafeau/```) and follow instructions -- Some options are not configured from the minimal installation wizard, you may take a look at option documentation in ```lib/config.original.php``` and customize your ```lib/config.local.php``` - -Note that ```lib/config.local.php``` is auto-generated during the installation. +System requirements: +- PHP >= 5.6 +- Optional, but recommended: Git >= 2.7 +- No database required, no mail required -If you don't want to go through the installation wizard, you can just copy ```config.original.php``` to ```config.local.php``` and customize it. +Installation steps: +- Clone the [repository](https://gitlab.com/mojo42/Jirafeau/) or download the latest ([release](https://gitlab.com/mojo42/Jirafeau/tags) from GitLab onto your webserver +- Set owner & group according to your webserver +- A) Setup with the installation wizard (web): + - Open your browser and go to your installed location, eg. ```https://example.com/jirafeau/``` + - The script will redirect to you to a minimal installation wizard to set up all required options + - All optional parameters may be set in ```lib/config.local.php```, take a look at ```lib/config.original.php``` to see all default values +- B) Setup without the installation wizard (cli): + - Just copy ```config.original.php``` to ```config.local.php``` and customize it -## Update +## Upgrade -### General +### General procedure for all versions -1. Backup you Jirafeau installation +1. Backup your Jirafeau installation! 2. Block access to Jirafeau -3. Checkout new version using the [tagged release](https://gitlab.com/mojo42/Jirafeau/tags) +3. Checkout the new version with Git using the [tagged release](https://gitlab.com/mojo42/Jirafeau/tags) + * If you have installed Jirafeau just by uploading files on your server, you can download the desired version, overwrite/remove all files and chown/chmod files if needed. Keep a backup of your local configuration file tough. 4. With you browser, go to your Jirafeau root page -5. Follow installation wizard, it should propose you the same data folder -7. Go in you lib/config.local.php and lib/config.original.php to check new options +5. Follow the installation wizard, it should propose you the same data folder or even update automatically +7. Check your ```/lib/config.local.php``` and compare it with the ```/lib/config.original.php``` to see if new configuration items are available ### From version 1.0 to 1.1 -1. Add a rewrite rule in your web server configuration to rename file.php to f.php to make old url work again -2. Eventually change skin in »lib/config.local.php« to 'courgette' +1. The download URL changed + * Add a rewrite rule in your web server configuration to rename ```file.php``` to ```f.php``` to make older, still existing links work again +1. The default skin changed + * Optionally change the skin in ```lib/config.local.php``` to »courgette« + +### From version 1.2.0 to 2.0.0 + +1. The "Terms of Service" text file changed + * To reuse previous changes to the ToS, move the old ```/tos_text.php``` file to ```/lib/tos.local.txt``` and remove all HTML und PHP Tags, leaving a regular text file + +### From version 2.0.0 to 3.0.0 -### From version 1.1 to 1.2.0 +1. No special change to upgrade to 3.0.0 -Nothing particular +### Troubleshooting -### from version 1.2.0 to 2.0.0. +If you have some troubles, consider the following cases -1. ToS text file changed → move file from "/tos_text.php" to "/lib/tos.local.txt" and remove all HTML and PHP Tags, leaving a regular text file +- Check your ```/lib/config.local.php``` file and compare it with ```/lib/config.original.php```, the configuration syntax or a parameter may have changed +- Check owner & permissions of your files ## Security @@ -126,12 +147,12 @@ In a next step, encryption will be made by the client (in javascript), see issue ## License -GNU Affero General Public License version 3 (AGPLv3). +GNU Affero General Public License v3 (AGPL-3.0). The GNU Affero General Public License can be found at https://www.gnu.org/licenses/agpl.html. Please note: If you decide do make adaptions to the source code and run a service with these changes incorporated, -you are required to provide a link to the source code of your version in order to obey the AGPLv3 license. +you are required to provide a link to the source code of your version in order to obey the AGPL-3.0 license. To do so please add a link to the source (eg. a public Git repository or a download link) to the Terms of Service page. Take a look at the FAQ to find out about how to change the ToS. @@ -161,17 +182,7 @@ We would like to thank all anonymous contributors on weblate. :) ### How do I upgrade my Jirafeau? -If you have installed Jirafeau using git, it's pretty simple: just make a git pull and chown/chmod files who have the owner changed. - -If you have installed Jirafeau just by uploading files on your server, you can take the [last version](https://gitlab.com/mojo42/Jirafeau/repository/archive.zip), overwrite files and chown/chmod files if needed. - -After upgrading, you can compare your ```lib/config.local.php``` and ```lib/config.original.php``` to see if new configuration items are available. - -If you have some troubles: -- It should probably come from your ```lib/config.local.php``` (configuration syntax may have changed). Just compare it with ```lib/config.original.php``` -- Check owner/permissions of your files. - -Anyway you should off-course make a backup of your current installation before doing anything. :) +See upgrade instructions above. ### How can I limit upload access? @@ -317,21 +328,36 @@ The very first version of Jirafeau after the fork of Jyraphe. ## Version 1.2.0 -- Change versioning semantic +- Link on API page to generate bash script +- More informative error codes for API +- Security Fix: Prevent authentication bypass for admin interface +- CLI script to remove expired files automatically with a cronjob +- SHA-256 hash the admin password +- New theme "elegantish" +- Fix for JavaScript MIME-Type, prevents blocking the resource on some servers +- Show download link for a file in admin interface +- Default time for expiration (set to 'month' by default) +- New expiration time: 'quarter' - A lof of translation contributions -- Fix javascript MIME type -- Show download in admin panel -- Default expiration date set to 'month' -- New expiration date: 'quarter' -- Small other fixes +- Code cleanups ## Version 2.0.0 -- ToS refactoring (see update notes !) -- You can now set a title to Jirafeau in options -- A lot of documentation improvements -- Code refactoring & bugfixes -- Add version to bash script -- A lot of documentation improvements -- Code refactoring & bug fixes +- Various documentation improvements +- Simplify automatic generation of local configuration file +- Set a custom title +- Bash Script: Enhanced help, show version, return link to web view as well +- »Terms of Service« refactored - Enable admin to overwrite the ToS, without changing existing source code → breaking, see upgrade notes + +## Version 3.0.0 + +- A lot of code cleaning +- Replace all domain depended links +- Better documentation +- Convert UTC dates to clients timezone +- Show readable date format +- Multiple UI glitch fixes +- Switch to PSR-2 +- Catch errors in upload form +- Can now use IP _or_ password authentification - diff --git a/admin.php b/admin.php index d602dcd..230c512 100644 --- a/admin.php +++ b/admin.php @@ -17,45 +17,38 @@ * along with this program. If not, see . */ -define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); +define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/settings.php'); -require (JIRAFEAU_ROOT . 'lib/functions.php'); -require (JIRAFEAU_ROOT . 'lib/lang.php'); +require(JIRAFEAU_ROOT . 'lib/settings.php'); +require(JIRAFEAU_ROOT . 'lib/functions.php'); +require(JIRAFEAU_ROOT . 'lib/lang.php'); /* Check if installation is OK. */ -if (file_exists (JIRAFEAU_ROOT . 'install.php') - && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php')) -{ +if (file_exists(JIRAFEAU_ROOT . 'install.php') + && !file_exists(JIRAFEAU_ROOT . 'lib/config.local.php')) { header('Location: install.php'); exit; } /* If called from CLI, no password or graphical interface */ if (php_sapi_name() == "cli") { - if ((count($argv)>1) && $argv[1]=="clean_expired") { - $total = jirafeau_admin_clean (); - echo "$total expired files deleted."; - } - elseif ((count($argv)>1) && $argv[1]=="clean_async") { - $total = jirafeau_admin_clean_async (); - echo "$total old unfinished transfers deleted."; - } - else - { - die("No command found. Should be admin.php ."); - } -} -else -{ - /* Disable admin interface if we have a empty admin password. */ - if (empty($cfg['admin_password']) && empty($cfg['admin_http_auth_user'])) - { - require (JIRAFEAU_ROOT . 'lib/template/header.php'); + if ((count($argv)>1) && $argv[1]=="clean_expired") { + $total = jirafeau_admin_clean(); + echo "$total expired files deleted."; + } elseif ((count($argv)>1) && $argv[1]=="clean_async") { + $total = jirafeau_admin_clean_async(); + echo "$total old unfinished transfers deleted."; + } else { + die("No command found. Should be admin.php ."); + } +} else { + /* Disable admin interface if we have a empty admin password. */ + if (empty($cfg['admin_password']) && empty($cfg['admin_http_auth_user'])) { + require(JIRAFEAU_ROOT . 'lib/template/header.php'); echo '

'. t('Sorry, the admin interface is not enabled.') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } @@ -63,36 +56,34 @@ else session_start(); /* Unlog if asked. */ - if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0)) + if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { $_SESSION['admin_auth'] = false; + } /* Check classic admin password authentification. */ - if (isset ($_POST['admin_password']) && empty($cfg['admin_http_auth_user'])) - { + if (isset($_POST['admin_password']) && empty($cfg['admin_http_auth_user'])) { if ($cfg['admin_password'] === $_POST['admin_password'] || - $cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) + $cfg['admin_password'] === hash('sha256', $_POST['admin_password'])) { $_SESSION['admin_auth'] = true; - else - { + } else { $_SESSION['admin_auth'] = false; - require (JIRAFEAU_ROOT . 'lib/template/header.php'); + require(JIRAFEAU_ROOT . 'lib/template/header.php'); echo '

'. t('Wrong password.') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } } /* Ask for classic admin password authentification. */ - elseif ((!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true) - && empty($cfg['admin_http_auth_user'])) - { - require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?> -
+ elseif ((!isset($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true) + && empty($cfg['admin_http_auth_user'])) { + require(JIRAFEAU_ROOT . 'lib/template/header.php'); ?> +
' . ''; - if ($link['onetime'] == 'O') - { + if ($link['onetime'] == 'O') { echo ''; - } - - ?>
+

'. + if (!isset($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true) { + $_SESSION['admin_auth'] = false; + require(JIRAFEAU_ROOT . 'lib/template/header.php'); + echo '

'. t('Sorry, you are not authenticated on admin interface.') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; + require(JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; } /* Operations may take a long time. @@ -141,16 +131,14 @@ else @error_reporting(0); /* Show admin interface if not downloading a file. */ - if (!(isset ($_POST['action']) && strcmp ($_POST['action'], 'download') == 0)) - { - require (JIRAFEAU_ROOT . 'lib/template/header.php'); - ?>

(version )

-
+
- + - + - + - + - + - +
@@ -162,7 +150,7 @@ else
@@ -174,7 +162,7 @@ else
@@ -186,7 +174,7 @@ else
@@ -200,7 +188,7 @@ else
@@ -214,7 +202,7 @@ else
@@ -229,76 +217,61 @@ else
-
+
' . NL; echo '

'; echo t('Number of cleaned files') . ' : ' . $total; echo '

'; - } - elseif (strcmp ($_POST['action'], 'clean_async') == 0) - { - $total = jirafeau_admin_clean_async (); + } elseif (strcmp($_POST['action'], 'clean_async') == 0) { + $total = jirafeau_admin_clean_async(); echo '
' . NL; echo '

'; echo t('Number of cleaned files') . ' : ' . $total; echo '

'; - } - elseif (strcmp ($_POST['action'], 'list') == 0) - { - jirafeau_admin_list ("", "", ""); - } - elseif (strcmp ($_POST['action'], 'search_by_name') == 0) - { - jirafeau_admin_list ($_POST['name'], "", ""); - } - elseif (strcmp ($_POST['action'], 'search_by_file_hash') == 0) - { - jirafeau_admin_list ("", $_POST['hash'], ""); - } - elseif (strcmp ($_POST['action'], 'search_link') == 0) - { - jirafeau_admin_list ("", "", $_POST['link']); - } - elseif (strcmp ($_POST['action'], 'delete_link') == 0) - { - jirafeau_delete_link ($_POST['link']); + } elseif (strcmp($_POST['action'], 'list') == 0) { + jirafeau_admin_list("", "", ""); + } elseif (strcmp($_POST['action'], 'search_by_name') == 0) { + jirafeau_admin_list($_POST['name'], "", ""); + } elseif (strcmp($_POST['action'], 'search_by_file_hash') == 0) { + jirafeau_admin_list("", $_POST['hash'], ""); + } elseif (strcmp($_POST['action'], 'search_link') == 0) { + jirafeau_admin_list("", "", $_POST['link']); + } elseif (strcmp($_POST['action'], 'delete_link') == 0) { + jirafeau_delete_link($_POST['link']); echo '
' . NL; echo '

' . t('Link deleted') . '

'; - } - elseif (strcmp ($_POST['action'], 'delete_file') == 0) - { - $count = jirafeau_delete_file ($_POST['md5']); + } elseif (strcmp($_POST['action'], 'delete_file') == 0) { + $count = jirafeau_delete_file($_POST['md5']); echo '
' . NL; echo '

' . t('Deleted links') . ' : ' . $count . '

'; - } - elseif (strcmp ($_POST['action'], 'download') == 0) - { - $l = jirafeau_get_link ($_POST['link']); - if (!count ($l)) + } elseif (strcmp($_POST['action'], 'download') == 0) { + $l = jirafeau_get_link($_POST['link']); + if (!count($l)) { return; - $p = s2p ($l['md5']); - header ('Content-Length: ' . $l['file_size']); - header ('Content-Type: ' . $l['mime_type']); - header ('Content-Disposition: attachment; filename="' . + } + $p = s2p($l['md5']); + header('Content-Length: ' . $l['file_size']); + header('Content-Type: ' . $l['mime_type']); + header('Content-Disposition: attachment; filename="' . $l['file_name'] . '"'); - if (file_exists(VAR_FILES . $p . $l['md5'])) - readfile (VAR_FILES . $p . $l['md5']); + if (file_exists(VAR_FILES . $p . $l['md5'])) { + readfile(VAR_FILES . $p . $l['md5']); + } exit; } } - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); } ?> diff --git a/f.php b/f.php index 67590eb..d94b55b 100644 --- a/f.php +++ b/f.php @@ -17,15 +17,14 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ -define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); +define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/settings.php'); -require (JIRAFEAU_ROOT . 'lib/functions.php'); -require (JIRAFEAU_ROOT . 'lib/lang.php'); +require(JIRAFEAU_ROOT . 'lib/settings.php'); +require(JIRAFEAU_ROOT . 'lib/functions.php'); +require(JIRAFEAU_ROOT . 'lib/lang.php'); -if (!isset ($_GET['h']) || empty ($_GET['h'])) -{ - header ('Location: ' . $cfg['web_root']); +if (!isset($_GET['h']) || empty($_GET['h'])) { + header('Location: ' . $cfg['web_root']); exit; } @@ -38,98 +37,94 @@ if (!isset ($_GET['h']) || empty ($_GET['h'])) $link_name = $_GET['h']; -if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) -{ - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if (!preg_match('/[0-9a-zA-Z_-]+$/', $link_name)) { + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } -$link = jirafeau_get_link ($link_name); -if (count ($link) == 0) -{ +$link = jirafeau_get_link($link_name); +if (count($link) == 0) { /* Try alias. */ - $alias = jirafeau_get_alias (md5 ($link_name)); - if (count ($alias) > 0) - $link = jirafeau_get_link ($alias["destination"]); + $alias = jirafeau_get_alias(md5($link_name)); + if (count($alias) > 0) { + $link = jirafeau_get_link($alias["destination"]); + } } -if (count ($link) == 0) -{ - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if (count($link) == 0) { + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } $delete_code = ''; -if (isset ($_GET['d']) && !empty ($_GET['d']) && $_GET['d'] != '1') +if (isset($_GET['d']) && !empty($_GET['d']) && $_GET['d'] != '1') { $delete_code = $_GET['d']; +} $crypt_key = ''; -if (isset ($_GET['k']) && !empty ($_GET['k'])) +if (isset($_GET['k']) && !empty($_GET['k'])) { $crypt_key = $_GET['k']; +} $do_download = false; -if (isset ($_GET['d']) && $_GET['d'] == '1') +if (isset($_GET['d']) && $_GET['d'] == '1') { $do_download = true; +} $do_preview = false; -if (isset ($_GET['p']) && !empty ($_GET['p'])) +if (isset($_GET['p']) && !empty($_GET['p'])) { $do_preview = true; +} -$p = s2p ($link['md5']); -if (!file_exists (VAR_FILES . $p . $link['md5'])) -{ - jirafeau_delete_link ($link_name); - require (JIRAFEAU_ROOT.'lib/template/header.php'); +$p = s2p($link['md5']); +if (!file_exists(VAR_FILES . $p . $link['md5'])) { + jirafeau_delete_link($link_name); + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'.t('File not available.'). '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } -if (!empty ($delete_code) && $delete_code == $link['link_code']) -{ - jirafeau_delete_link ($link_name); - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if (!empty($delete_code) && $delete_code == $link['link_code']) { + jirafeau_delete_link($link_name); + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'.t('File has been deleted.'). '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } -if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time']) -{ - jirafeau_delete_link ($link_name); - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if ($link['time'] != JIRAFEAU_INFINITY && time() > $link['time']) { + jirafeau_delete_link($link_name); + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

'. t('The time limit of this file has expired.') . ' ' . t('File has been deleted.') . '

'; - require (JIRAFEAU_ROOT . 'lib/template/footer.php'); + require(JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; } -if (empty ($crypt_key) && $link['crypted']) -{ - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if (empty($crypt_key) && $link['crypted']) { + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } $password_challenged = false; -if (!empty ($link['key'])) -{ - if (!isset ($_POST['key'])) - { - require (JIRAFEAU_ROOT.'lib/template/header.php'); +if (!empty($link['key'])) { + if (!isset($_POST['key'])) { + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '
' . '
'; ?> ' . '
' . - t('By using our services, you accept our'). ' ' . t('Terms of Service') . '.' . + t('By using our services, you accept our'). ' ' . t('Terms of Service') . '.' . '
' . t('Warning, this file will self-destruct after being read') . '
'; document.getElementById('submit_preview').submit ();"/>
'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; - } - else - { - if ($link['key'] == md5 ($_POST['key'])) + } else { + if ($link['key'] == md5($_POST['key'])) { $password_challenged = true; - else - { - sleep (2); - require (JIRAFEAU_ROOT.'lib/template/header.php'); + } else { + sleep(2); + require(JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Access denied') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + require(JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } } } -if (!$password_challenged && !$do_download && !$do_preview) -{ - require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '
' . - '
' . + ''; ?> ' . htmlspecialchars($link['file_name']) . '' . @@ -203,89 +189,82 @@ if (!$password_challenged && !$do_download && !$do_preview) t('You are about to download') . ' "' . htmlspecialchars($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ').' . '' . ''; - if ($link['onetime'] == 'O') - { - echo ''; - } - - ?> + } ?> '; - echo '
' . - t('By using our services, you accept our'). ' ' . t('Terms of Service') . '.' . + t('By using our services, you accept our'). ' ' . t('Terms of Service') . '.' . '
' . + if ($link['onetime'] == 'O') { + echo '
' . t('Warning, this file will self-destruct after being read') . '
'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; + echo ''; + echo ''; + require(JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; } -header ('HTTP/1.0 200 OK'); -header ('Content-Length: ' . $link['file_size']); -if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $do_download) - header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); -else - header ('Content-Disposition: filename="' . $link['file_name'] . '"'); -header ('Content-Type: ' . $link['mime_type']); -header ('Content-MD5: ' . hex_to_base64($link['md5'])); +header('HTTP/1.0 200 OK'); +header('Content-Length: ' . $link['file_size']); +if (!jirafeau_is_viewable($link['mime_type']) || !$cfg['preview'] || $do_download) { + header('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); +} else { + header('Content-Disposition: filename="' . $link['file_name'] . '"'); +} +header('Content-Type: ' . $link['mime_type']); +header('Content-MD5: ' . hex_to_base64($link['md5'])); /* Read encrypted file. */ -if ($link['crypted']) -{ +if ($link['crypted']) { /* Init module */ $m = mcrypt_module_open('rijndael-256', '', 'ofb', ''); /* Extract key and iv. */ - $md5_key = md5 ($crypt_key); - $iv = jirafeau_crypt_create_iv ($md5_key, mcrypt_enc_get_iv_size($m)); + $md5_key = md5($crypt_key); + $iv = jirafeau_crypt_create_iv($md5_key, mcrypt_enc_get_iv_size($m)); /* Init module. */ - mcrypt_generic_init ($m, $md5_key, $iv); + mcrypt_generic_init($m, $md5_key, $iv); /* Decrypt file. */ - $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); - while (!feof ($r)) - { - $dec = mdecrypt_generic($m, fread ($r, 1024)); + $r = fopen(VAR_FILES . $p . $link['md5'], 'r'); + while (!feof($r)) { + $dec = mdecrypt_generic($m, fread($r, 1024)); print $dec; ob_flush(); } - fclose ($r); + fclose($r); /* Cleanup. */ mcrypt_generic_deinit($m); mcrypt_module_close($m); } /* Read file. */ -else -{ - $r = fopen (VAR_FILES . $p . $link['md5'], 'r'); - while (!feof ($r)) - { - print fread ($r, 1024); +else { + $r = fopen(VAR_FILES . $p . $link['md5'], 'r'); + while (!feof($r)) { + print fread($r, 1024); ob_flush(); } - fclose ($r); + fclose($r); } -if ($link['onetime'] == 'O') - jirafeau_delete_link ($link_name); +if ($link['onetime'] == 'O') { + jirafeau_delete_link($link_name); +} exit; ?> diff --git a/index.php b/index.php index 2002ad7..6d1dc10 100644 --- a/index.php +++ b/index.php @@ -18,86 +18,76 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ -define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); +define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/settings.php'); -require (JIRAFEAU_ROOT . 'lib/functions.php'); -require (JIRAFEAU_ROOT . 'lib/lang.php'); +require(JIRAFEAU_ROOT . 'lib/settings.php'); +require(JIRAFEAU_ROOT . 'lib/functions.php'); +require(JIRAFEAU_ROOT . 'lib/lang.php'); -check_errors ($cfg); -if (has_error ()) -{ - show_errors (); - require (JIRAFEAU_ROOT . 'lib/template/footer.php'); +check_errors($cfg); +if (has_error()) { + show_errors(); + require(JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; } -require (JIRAFEAU_ROOT . 'lib/template/header.php'); +require(JIRAFEAU_ROOT . 'lib/template/header.php'); /* Check if user is allowed to upload. */ -if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg))) -{ - echo '

' . t('Access denied') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; -} +if (!jirafeau_challenge_upload_ip($cfg, get_ip_address($cfg))) { -/* Ask password if upload password is set. */ -if (jirafeau_has_upload_password ($cfg)) -{ - session_start(); + /* Ask password if upload password is set. */ + if (jirafeau_has_upload_password($cfg)) { + session_start(); - /* Unlog if asked. */ - if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0)) - session_unset (); + /* Unlog if asked. */ + if (isset($_POST['action']) && (strcmp($_POST['action'], 'logout') == 0)) { + session_unset(); + } - /* Auth. */ - if (isset ($_POST['upload_password'])) - { - if (jirafeau_challenge_upload_password ($cfg, $_POST['upload_password'])) - { - $_SESSION['upload_auth'] = true; - $_SESSION['user_upload_password'] = $_POST['upload_password']; + /* Auth. */ + if (isset($_POST['upload_password'])) { + if (jirafeau_challenge_upload_password($cfg, $_POST['upload_password'])) { + $_SESSION['upload_auth'] = true; + $_SESSION['user_upload_password'] = $_POST['upload_password']; + } else { + $_SESSION['admin_auth'] = false; + echo '

' . t('Wrong password.') . '

'; + require(JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } } - else - { - $_SESSION['admin_auth'] = false; - echo '

' . t('Wrong password.') . '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); + + /* Show auth page. */ + if (!isset($_SESSION['upload_auth']) || $_SESSION['upload_auth'] != true) { + ?> +
+
+ + + + + + + + + +
+ +
+ " /> +
+
+
+ -
-
- - - - - - - - - -
- -
- " /> -
-
-
- @@ -112,12 +102,14 @@ if (jirafeau_has_upload_password ($cfg))

- +

:

- +

:

@@ -137,7 +129,7 @@ if (jirafeau_has_upload_password ($cfg))

- +

@@ -154,7 +146,7 @@ if (jirafeau_has_upload_password ($cfg))

')"/> + onchange="control_selected_file_size(, '')"/>

@@ -206,59 +198,57 @@ if (jirafeau_has_upload_password ($cfg)) ) ); foreach ($expirationTimeOptions as $expirationTimeOption) { - $selected = ($expirationTimeOption['value'] === $cfg['availability_default'])? 'selected="selected"' : ''; - if(true === $cfg['availabilities'][$expirationTimeOption['value']]) { - echo ''; - } + } } ?> 0) - { - echo '

' . t ('File size is limited to'); - echo " " . $cfg['maximal_upload_size'] . " MB

"; + if ($cfg['maximal_upload_size'] > 0) { + echo '

' . t('File size is limited to'); + echo " " . $cfg['maximal_upload_size'] . " MB

"; } ?>

+ if (jirafeau_has_upload_password($cfg) && $_SESSION['upload_auth']) { + ?> + + } else { + ?>

-
+ if (jirafeau_has_upload_password($cfg)) { + ?> +
@@ -272,7 +262,7 @@ if (jirafeau_has_upload_password ($cfg)) document.getElementById('send').style.display = 'none'; if (!check_html5_file_api ()) document.getElementById('max_file_size').innerHTML = ''; - + diff --git a/install.php b/install.php index df4f106..9e05b8c 100644 --- a/install.php +++ b/install.php @@ -17,31 +17,28 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ -define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); -define ('NL', "\n"); -define ('QUOTE', "'"); -define ('JIRAFEAU_CFG', JIRAFEAU_ROOT . 'lib/config.local.php'); -define ('JIRAFEAU_VAR_RAND_LENGTH', 15); +define('JIRAFEAU_ROOT', dirname(__FILE__) . '/'); -require (JIRAFEAU_ROOT . 'lib/settings.php'); -require (JIRAFEAU_ROOT . 'lib/functions.php'); -require (JIRAFEAU_ROOT . 'lib/lang.php'); +define('JIRAFEAU_CFG', JIRAFEAU_ROOT . 'lib/config.local.php'); +define('JIRAFEAU_VAR_RAND_LENGTH', 15); + +require(JIRAFEAU_ROOT . 'lib/settings.php'); +require(JIRAFEAU_ROOT . 'lib/functions.php'); +require(JIRAFEAU_ROOT . 'lib/lang.php'); /** * Prepend used functions **/ -function -jirafeau_quoted ($str) +function jirafeau_quoted($str) { - return QUOTE . str_replace (QUOTE, "\'", $str) . QUOTE; + return QUOTE . str_replace(QUOTE, "\'", $str) . QUOTE; } -function -jirafeau_export_cfg ($cfg) +function jirafeau_export_cfg($cfg) { $content = ' true, + if (!jirafeau_mkdir($path) || !jirafeau_is_writable($path)) { + return array('has_error' => true, 'why' => $mkdir_str1 . '
' . $path . '
' . $solution_str . '
' . $mkdir_str2); + } - foreach (array ('files', 'links', 'async', 'alias') as $subdir) - { + foreach (array('files', 'links', 'async', 'alias') as $subdir) { $subpath = $path.$subdir; - if (!jirafeau_mkdir ($subpath) || !jirafeau_is_writable ($subpath)) - return array ('has_error' => true, + if (!jirafeau_mkdir($subpath) || !jirafeau_is_writable($subpath)) { + return array('has_error' => true, 'why' => $mkdir_str1 . '
' . $subpath . '
' . $solution_str . '
' . $mkdir_str2); + } } - return array ('has_error' => false, 'why' => ''); + return array('has_error' => false, 'why' => ''); } -function -jirafeau_add_ending_slash ($path) +function jirafeau_add_ending_slash($path) { - return $path . ((substr ($path, -1) == '/') ? '' : '/'); + return $path . ((substr($path, -1) == '/') ? '' : '/'); } -function -jirafeau_fatal_error($errorText) +function jirafeau_fatal_error($errorText) { echo '

Error

' . $errorText . '

'; - require (JIRAFEAU_ROOT . 'lib/template/footer.php'); + require(JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; } @@ -122,24 +115,21 @@ jirafeau_fatal_error($errorText) // Is the installation process done already? // Then there is nothing to do here → redirect to the main page. -if ($cfg['installation_done'] === true) -{ - header('Location: index.php'); - exit; +if ($cfg['installation_done'] === true) { + header('Location: index.php'); + exit; } /** * Prepare installation process **/ -require (JIRAFEAU_ROOT . 'lib/template/header.php'); +require(JIRAFEAU_ROOT . 'lib/template/header.php'); // does the local configuration file exist? -if (!file_exists (JIRAFEAU_CFG)) -{ +if (!file_exists(JIRAFEAU_CFG)) { // show an error if it is not possible to create the file - if (!@touch (JIRAFEAU_CFG)) - { + if (!@touch(JIRAFEAU_CFG)) { jirafeau_fatal_error( t('The local configuration file could not be created. Create a ' . 'lib/config.local.php file and give the write ' . @@ -151,8 +141,7 @@ if (!file_exists (JIRAFEAU_CFG)) } // is the local configuration writable? -if (!is_writable (JIRAFEAU_CFG) && !@chmod (JIRAFEAU_CFG, '0666')) -{ +if (!is_writable(JIRAFEAU_CFG) && !@chmod(JIRAFEAU_CFG, '0666')) { jirafeau_fatal_error( t('The local configuration is not writable by the web server. ' . 'Give the write permission to the web server on the ' . @@ -164,66 +153,60 @@ if (!is_writable (JIRAFEAU_CFG) && !@chmod (JIRAFEAU_CFG, '0666')) * Run trough each installation step **/ -if (isset ($_POST['step']) && isset ($_POST['next'])) -{ - switch ($_POST['step']) - { +if (isset($_POST['step']) && isset($_POST['next'])) { + switch ($_POST['step']) { case 1: $cfg['lang'] = $_POST['lang']; - jirafeau_export_cfg ($cfg); + jirafeau_export_cfg($cfg); break; case 2: $cfg['admin_password'] = hash('sha256', $_POST['admin_password']); - jirafeau_export_cfg ($cfg); + jirafeau_export_cfg($cfg); break; case 3: - $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); - $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); - jirafeau_export_cfg ($cfg); + $cfg['web_root'] = jirafeau_add_ending_slash($_POST['web_root']); + $cfg['var_root'] = jirafeau_add_ending_slash($_POST['var_root']); + jirafeau_export_cfg($cfg); break; case 4: - $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); - $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); - jirafeau_export_cfg ($cfg); + $cfg['web_root'] = jirafeau_add_ending_slash($_POST['web_root']); + $cfg['var_root'] = jirafeau_add_ending_slash($_POST['var_root']); + jirafeau_export_cfg($cfg); break; } - } $current = 1; -if (isset ($_POST['next'])) +if (isset($_POST['next'])) { $current = $_POST['step'] + 1; -else if (isset ($_POST['previous'])) +} elseif (isset($_POST['previous'])) { $current = $_POST['step'] - 1; -else if (isset ($_POST['retry'])) +} elseif (isset($_POST['retry'])) { $current = $_POST['step']; +} -switch ($current) -{ +switch ($current) { case 1: default: - ?>

" method = "post">