From 0d601dd942a8b709adf5812045afcdc5873706c8 Mon Sep 17 00:00:00 2001 From: Jerome Jutteau Date: Mon, 31 Dec 2012 01:22:14 +0100 Subject: [PATCH 1/1] Added admin interface --- admin.php | 236 ++++++++++++++++++++++++++++++++++++++++++++++ file.php | 168 +++++++++++++++------------------ index.php | 16 ++-- install.php | 193 +++++++++++++++++++++++-------------- lib/config.php | 12 ++- lib/functions.php | 167 +++++++++++++++++++++++++++++++- lib/lang/fr.php | 41 +++++++- 7 files changed, 655 insertions(+), 178 deletions(-) create mode 100755 admin.php diff --git a/admin.php b/admin.php new file mode 100755 index 0000000..7aceff9 --- /dev/null +++ b/admin.php @@ -0,0 +1,236 @@ + + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); + +require (JIRAFEAU_ROOT . 'lib/config.php'); +require (JIRAFEAU_ROOT . 'lib/settings.php'); +require (JIRAFEAU_ROOT . 'lib/functions.php'); +require (JIRAFEAU_ROOT . 'lib/lang.php'); + +/* Check if installation is OK. */ +if (file_exists (JIRAFEAU_ROOT . 'install.php') + && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php')) +{ + header('Location: install.php'); + exit; +} + +/* Check if the install.php script is still in the directory. */ +if (file_exists (JIRAFEAU_ROOT . 'install.php')) +{ + require (JIRAFEAU_ROOT . 'lib/template/header.php'); + echo '

'. + _('Installer script still present') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + +/* Disable admin interface if we have a empty admin password. */ +if (!$cfg['admin_password']) +{ + require (JIRAFEAU_ROOT . 'lib/template/header.php'); + echo '

'. + _('Sorry, the admin interface is not enabled.') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + +/* Check session. */ +session_start(); + +/* Unlog if asked. */ +if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0)) + $_SESSION['admin_auth'] = false; + +/* Check password. */ +if (isset ($_POST['admin_password'])) +{ + if (strcmp ($cfg['admin_password'], $_POST['admin_password']) == 0) + $_SESSION['admin_auth'] = true; + else + { + $_SESSION['admin_auth'] = false; + require (JIRAFEAU_ROOT . 'lib/template/header.php'); + echo '

'. + _('Wrong password.') . '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } +} +/* Ask for password. */ +elseif (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true) +{ + require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?> +
+
+ + + + + + + + + +
+ +
+
+
+

+
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ + + +
+ + + +
+ + + + + +
+ + + + + +
+ + + + + +
+
+ + +
+
' . NL; + echo '

'; + echo _('Number of cleaned files') . ' : ' . $total; + echo '

'; + } + elseif (strcmp ($_POST['action'], 'list') == 0) + { + jirafeau_admin_list ("", "", ""); + } + elseif (strcmp ($_POST['action'], 'search_by_name') == 0) + { + jirafeau_admin_list ($_POST['name'], "", ""); + } + elseif (strcmp ($_POST['action'], 'search_by_file_hash') == 0) + { + jirafeau_admin_list ("", $_POST['hash'], ""); + } + elseif (strcmp ($_POST['action'], 'search_link') == 0) + { + jirafeau_admin_list ("", "", $_POST['link']); + } + elseif (strcmp ($_POST['action'], 'delete_link') == 0) + { + jirafeau_delete ($_POST['link']); + echo '
' . NL; + echo '

' . _('Link deleted') . '

'; + } + elseif (strcmp ($_POST['action'], 'delete_file') == 0) + { + $count = jirafeau_delete_file ($_POST['md5']); + echo '
' . NL; + echo '

' . _('Deleted links') . ' : ' . $count . '

'; + } +} + +require (JIRAFEAU_ROOT.'lib/template/footer.php'); + +?> \ No newline at end of file diff --git a/file.php b/file.php index cc3f163..8cd7000 100644 --- a/file.php +++ b/file.php @@ -34,118 +34,102 @@ if (isset ($_GET['h']) && !empty ($_GET['h'])) if (!preg_match ('/[0-9a-f]{32}$/', $link_name)) { - header ("HTTP/1.0 404 Not Found"); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

' . _('Sorry, the requested file is not found') . '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } + $link = jirafeau_get_link ($link_name); + if (count ($link) == 0) + { require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '

' . _('Error 404: Not Found') . '

'; + echo '

' . _('Sorry, the requested file is not found') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } + + if (!file_exists (VAR_FILES . $link['md5'])) + { + jirafeau_delete ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'._('File not available.'). + '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } - $link_file = VAR_LINKS.$link_name; - if (file_exists ($link_file)) + if (!empty ($delete_code) && $delete_code == $link['link_code']) { - $content = file ($link_file); - $file_name = trim ($content[0]); - $mime_type = trim ($content[1]); - $file_size = trim ($content[2]); - $key = trim ($content[3], NL); - $time = trim ($content[4]); - $md5 = trim ($content[5]); - $onetime = trim ($content[6]); - $link_code = trim ($content[9]); + jirafeau_delete ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'._('File has been deleted.'). + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } - if (!file_exists (VAR_FILES.$md5)) - { - jirafeau_delete ($link_name); - require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '

'._('File not available.'). - '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; - } + if ($link['time'] != JIRAFEAU_INFINITY && time ()> $link['time']) + { + jirafeau_delete ($link_name); + require (JIRAFEAU_ROOT.'lib/template/header.php'); + echo '

'. + _('The time limit of this file has expired.') . ' ' . + _('File has been deleted.') . + '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; + } - if (!empty ($delete_code) && $delete_code == $link_code) + if (!empty ($link['key'])) + { + if (!isset ($_POST['key'])) { - jirafeau_delete ($link_name); - require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '

'._('File has been deleted.'). - '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; + require (JIRAFEAU_ROOT.'lib/template/header.php'); + ?>
+
" method = + "post"> " />
+ +
" + />
+ $time) + else + { + if ($link['key'] != md5 ($_POST['key'])) { - jirafeau_delete ($link_name); + header ("Access denied"); + require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '

'. - _('The time limit of this file has expired.') . ' ' . - _('File has been deleted.') . - '

'; + echo '

' . _('Access denied') . + '

'; require (JIRAFEAU_ROOT.'lib/template/footer.php'); exit; } - - if (!empty ($key)) - { - if (!isset ($_POST['key'])) - { - require (JIRAFEAU_ROOT.'lib/template/header.php'); - ?>
-
" method = - "post"> " />
- -
" - />
-

' . _('Error 403: Forbidden') . - '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; - } - } - } - - header ('Content-Length: ' . $file_size); - header ('Content-Type: ' . $mime_type); - if (!jirafeau_is_viewable ($mime_type)) - { - header ('Content-Disposition: attachment; filename="' . - $file_name . '"'); } - readfile (VAR_FILES.$md5); - - if ($onetime == 'O') - jirafeau_delete ($link_name); - exit; } - else - { - header ("HTTP/1.0 404 Not Found"); - require (JIRAFEAU_ROOT.'lib/template/header.php'); - echo '

' . _('Error 404: Not Found') . - '

'; - require (JIRAFEAU_ROOT.'lib/template/footer.php'); - exit; + header ('Content-Length: ' . $link['file_size']); + header ('Content-Type: ' . $link['mime_type']); + if (!jirafeau_is_viewable ($link['mime_type'])) + { + header ('Content-Disposition: attachment; filename="' . + $link['file_name'] . '"'); } + readfile (VAR_FILES . $link['md5']); + + if ($link['onetime'] == 'O') + jirafeau_delete ($link_name); + exit; } else { diff --git a/index.php b/index.php index 912b1ef..a32af36 100644 --- a/index.php +++ b/index.php @@ -18,20 +18,25 @@ * along with this program. If not, see . */ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); -define ('DEBUG', true); require (JIRAFEAU_ROOT . 'lib/config.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); +if (file_exists (JIRAFEAU_ROOT . 'install.php') + && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php')) +{ + header('Location: install.php'); + exit; +} + /* check if the destination dirs are writable */ $writable = is_writable (VAR_FILES) && is_writable (VAR_LINKS); $res = array (); if ($writable && isset ($_POST['jirafeau'])) { - $key = $_POST['key']; $time = time (); @@ -62,13 +67,6 @@ if ($writable && isset ($_POST['jirafeau'])) $key, $time, $cfg, $_SERVER['REMOTE_ADDR']); } -if (file_exists (JIRAFEAU_ROOT . 'install.php') - && !file_exists (JIRAFEAU_ROOT . 'lib/config.local.php')) -{ - header('Location: install.php'); - exit; -} - require (JIRAFEAU_ROOT . 'lib/template/header.php'); /* Checking for errors. */ diff --git a/install.php b/install.php index ff4f1e2..838d749 100755 --- a/install.php +++ b/install.php @@ -155,6 +155,17 @@ if (isset ($_POST['step']) && isset ($_POST['next'])) break; case 2: + $cfg['admin_password'] = $_POST['admin_password']; + jirafeau_export_cfg ($cfg); + break; + + case 3: + $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); + $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); + jirafeau_export_cfg ($cfg); + break; + + case 4: $cfg['web_root'] = jirafeau_add_ending_slash ($_POST['web_root']); $cfg['var_root'] = jirafeau_add_ending_slash ($_POST['var_root']); jirafeau_export_cfg ($cfg); @@ -178,122 +189,166 @@ else if (isset ($_POST['retry'])) switch ($current) { -case 3: +case 1: +default: ?>

-
-

'.$err['why'].'
'.NL; - ?>

" />" />
- '; - } - else + _ + ('Jirafeau is internationalised. Choose a specific langage or ' . + 'choose Automatic (langage is provided by user\'s browser).'); + ?> + + + + + + + " /> +

" method = "post"> " />
+ + + + +
+

- - - -
+

- +
-
+ '.$item.''.NL; + echo '

'.$err['why'].'
'.NL; + ?>

" />" />
+
'; } - ?> - - - - - " /> -

' . + _('Jirafeau is now fully operational') . ':' . + '
' . + $cfg['web_root'].'

'; + } +break; } - require (JIRAFEAU_ROOT . 'lib/template/footer.php'); ?> diff --git a/lib/config.php b/lib/config.php index 25b5620..23ed74c 100644 --- a/lib/config.php +++ b/lib/config.php @@ -16,18 +16,26 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ + /* * default configuration * if you want to change this, overwrite in a config.local.php file */ + global $cfg; + /* don't forget the ending '/' */ -global $cfg; $cfg['web_root'] = ''; $cfg['var_root'] = ''; + +/* Lang choice between 'auto', 'en' and 'fr'. + 'auto' mode will take the user's browser informations. Will take english if + user's langage is not available. + */ $cfg['lang'] = 'auto'; $cfg['style'] = 'default'; $cfg['rewrite'] = false; -$cfg['password'] = ''; +/* An empty admin password will disable the admin interface. */ +$cfg['admin_password'] = ''; if ((basename (__FILE__) != 'config.local.php') && file_exists (JIRAFEAU_ROOT.'lib/config.local.php')) diff --git a/lib/functions.php b/lib/functions.php index bb49079..10e9868 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -99,9 +99,9 @@ jirafeau_delete ($link) if (!file_exists ( VAR_LINKS . $link)) return; - $content = file ( VAR_LINKS . $link); + $content = file (VAR_LINKS . $link); $md5 = trim ($content[5]); - unlink ( VAR_LINKS . $link); + unlink (VAR_LINKS . $link); $counter = 1; if (file_exists ( VAR_FILES . $md5. '_count')) @@ -125,6 +125,36 @@ jirafeau_delete ($link) } } +/** + * Delete a file and it's links. + */ +function +jirafeau_delete_file ($md5) +{ + $count = 0; + $links_dir = scandir (VAR_LINKS); + + foreach ($links_dir as $link) + { + if (strcmp ($link, '.') == 0 || strcmp ($link, '..') == 0) + continue; + /* Read link informations. */ + $l = jirafeau_get_link ($link); + if ($l['md5'] == $md5) + { + $count++; + jirafeau_delete ($link); + } + } + + if (file_exists (VAR_FILES . $md5 . '_count')) + unlink (VAR_FILES . $md5. '_count'); + if (file_exists (VAR_FILES . $md5)) + unlink (VAR_FILES . $md5); + + return $count; +} + /** * handles an uploaded file * @param $file the file struct given by $_FILE[] @@ -302,4 +332,137 @@ show_errors () } } +/** + * Read link informations + * @return array containing informations. + */ +function +jirafeau_get_link ($hash) +{ + $out = array (); + $link = VAR_LINKS . $hash; + + if (!file_exists ($link)) + return $out; + + $c = file ($link); + $out['file_name'] = trim ($c[0]); + $out['mime_type'] = trim ($c[1]); + $out['file_size'] = trim ($c[2]); + $out['key'] = trim ($c[3], NL); + $out['time'] = trim ($c[4]); + $out['md5'] = trim ($c[5]); + $out['onetime'] = trim ($c[6]); + $out['upload_date'] = trim ($c[7]); + $out['ip'] = trim ($c[8]); + $out['link_code'] = trim ($c[9]); + + return $out; +} + +function +jirafeau_human_size ($octets) +{ + $u = array ('B', 'KB', 'MB', 'GB', 'TB'); + $o = max ($octets, 0); + $p = min (floor (($o ? log ($o) : 0) / log (1024)), count ($u) - 1); + $o /= pow (1024, $p); + return round ($o, 1) . $u[$p]; +} + +/** + * List files in admin interface. + */ +function +jirafeau_admin_list ($name, $file_hash, $link_hash) +{ + $links_dir = scandir (VAR_LINKS); + echo '
'; + if (!empty ($name)) + echo $name . ' '; + if (!empty ($file_hash)) + echo $file_hash . ' '; + if (!empty ($link_hash)) + echo $link_hash . ' '; + if (empty ($name) && empty ($file_hash) && empty ($link_hash)) + echo _('List all files'); + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + foreach ($links_dir as $link) + { + if (strcmp ($link, '.') == 0 || strcmp ($link, '..') == 0) + continue; + /* Read link informations. */ + $l = jirafeau_get_link ($link); + + /* Filter. */ + if (!empty ($name) && $name != $l['file_name']) + continue; + if (!empty ($file_hash) && $file_hash != $l['md5']) + continue; + if (!empty ($link_hash) && $link_hash != $link) + continue; + + /* Print link informations. */ + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + echo ''; + } + echo '
' . _('Filename') . '' . _('Type') . '' . _('Size') . '' . _('Expire') . '' . _('Onetime') . '' . _('Upload date') . '' . _('Origin') . '' . _('Action') . '
' . $l['file_name'] . '' . $l['mime_type'] . '' . jirafeau_human_size ($l['file_size']) . '' . ($l['time'] == -1 ? '' : strftime ('%c', $l['time'])) . + '' . $l['onetime'] . '' . strftime ('%c', $l['upload_date']) . '' . $l['ip'] . '' . + '
' . + '' . + '' . + '' . + '
' . + '
' . + '' . + '' . + '' . + '
' . + '
'; +} + +/** + * Clean expired files. + * @return number of cleaned files. + */ +function +jirafeau_admin_clean () +{ + $c = 0; + $links_dir = scandir (VAR_LINKS); + + foreach ($links_dir as $link) + { + if (strcmp ($link, '.') == 0 || strcmp ($link, '..') == 0) + continue; + /* Read link informations. */ + $l = jirafeau_get_link ($link); + if ($l['time'] > 0 && $l['time'] < time ()) + { + echo 'HAAAA' . $l['time'] . '-->' . time (); + jirafeau_delete ($link); + $c++; + } + } + return $c; +} ?> diff --git a/lib/lang/fr.php b/lib/lang/fr.php index e5dd12f..2864fb6 100755 --- a/lib/lang/fr.php +++ b/lib/lang/fr.php @@ -42,14 +42,14 @@ $tr = array ( 'This file is valid until the following date' => 'Ce fichier est valable jusqu\'à la date suivante', 'Keep the following URL to delete it at any moment' => 'Conservez le lien suivant pour le supprimer à n\'importe quel moment', /* file.php */ - 'Error 404: Not Found' => 'Erreur 404: La page que vous cherchez n\'existe pas ou n\'existe plus', + 'Sorry, the requested file is not found' => 'Désolé, le fichier que vous demandez n\'existe pas ou n\'existe plus', 'File not available.' => 'Fichier non disponible', 'File has been deleted.' => 'Le fichier a été supprimé.', 'The time limit of this file has expired.' => 'La limite de temps est dépassée.', 'Password protection' => 'Protection par mot de passe', 'Give the password of this file:' => 'Donnez le mot de passe pour ce fichier', 'I have the right to download this file' => 'J\'ai le droit de télécharger ce fichier', - 'Error 403: Forbidden' => 'Erreur 403: Accès interdit', + 'Access denied' => 'Accès interdit', /* install.hpp */ 'This file was generated by the install process. You can edit it. Please see config.php to understand the configuration items.' => 'Ce fichier a été généré par le processus d\'installation. Vous pouvez l\'éditer. Merci de se référer à config.php pour comprendre les éléments de configuration.', 'The following directory could not be created' => 'Le dossier suivant ne peut être créé', @@ -68,6 +68,7 @@ $tr = array ( 'Installation of Jirafeau' => 'Installation de Jirafeau', 'step' => 'étape', 'out of' => 'sur', + 'Administration password' => 'Mot de passe d\'administration', 'Finalisation' => 'Finalisation', 'Jirafeau is setting the website according to the configuration you provided.' => 'Jirafeau se configure selon les paramêtres donnés', 'Previous step' => 'Etape précedente', @@ -84,6 +85,38 @@ $tr = array ( => 'Jirafeau supporte plusieurs languages. Choisissez un langage spécific ou Automatic (la langue utilisée est alors fournie par le navigateur du visiteur).', 'Choose the default language' => 'Choissiez la langue par defaut', 'Next step' => 'Etape suivante', - ); - + 'Jirafeau has an administration interface (through admin.php). ' . + 'You can set a password to access the intercace or let it be empty ' . + 'to disable the interface.' => 'Jirafeau a une interface d\'administration (accessible via admin.php). Vous pouvez saisir un mot de passe pour y acceder ou ne pas en mettre pour désactiver l\'accès à l\'interface.', + 'Administration password' => 'Mot de passe d\'administration', + /* admin.php */ + 'Sorry, the admin interface is not enabled.' => 'Désolé, l\'interface d\'administration n\'est pas activée.', + 'Login' => 'Connexion', + 'Wrong password.' => 'Mot de passe invalide.', + 'Admin interface' => 'Interface d\'adminitration', + 'Clean expired files' => 'Nettoie les fichiers périmés', + 'Clean' => 'Nettoyage', + 'Search files by name' => 'Rechercher les fichiers par leur nom', + 'Search' => 'Rechercher', + 'List all files' => 'Lister tous les fichiers', + 'List' => 'Lister', + 'Actions' => 'Actions', + 'Search files by file hash' => 'Rechercher par empreinte de fichier', + 'Search a specific link' => 'Rechercher un lien particulier', + 'Number of cleaned files' => 'Nombre de fichiers nettoyés', + 'Logout' => 'Déconnection', + 'You are now Logout' => 'Vous êtes maintenant déconnecté', + 'Link deleted' => 'Lien supprimé', + 'Filename' => 'Nom', + 'Type' => 'Type', + 'Size' => 'Taille', + 'Expire' => 'Expiration', + 'Onetime' => 'Une fois', + 'Upload date' => 'Date d\'envoie', + 'Origin' => 'Origine', + 'Action' => 'Action', + 'Del link' => 'Suppr lien', + 'Del file and links' => 'Suppr fichier et liens', + 'Deleted links' => 'Liens supprimés', + ); ?> \ No newline at end of file -- 2.34.1