From de694b325c6e99a67ae6c98a220d5b5cc7238ae6 Mon Sep 17 00:00:00 2001 From: Julien Malik Date: Tue, 22 Mar 2016 11:58:21 +0100 Subject: [PATCH] [enh] Upgrade to upstream 6564589a --- conf/config.local.php | 22 +- sources/COPYING | 4 +- sources/NEWCOMER.txt | 11 +- sources/README.md | 240 +++++++++ sources/admin.php | 9 +- sources/f.php | 68 ++- sources/index.php | 45 +- sources/install.php | 13 +- sources/lib/config.original.php | 20 +- sources/lib/functions.js.php | 610 ++++++++++++++++++++++ sources/lib/functions.php | 388 ++++++++++++-- sources/lib/lang.php | 82 ++- sources/lib/locales/ar.json | 112 ++++ sources/lib/locales/bn_IN.json | 112 ++++ sources/lib/locales/cs.json | 112 ++++ sources/lib/locales/de.json | 112 ++++ sources/lib/locales/es.json | 112 ++++ sources/lib/locales/fi.json | 113 ++++ sources/lib/locales/fr.json | 113 ++++ sources/lib/locales/hi.json | 112 ++++ sources/lib/locales/hu.json | 112 ++++ sources/lib/locales/it.json | 113 ++++ sources/lib/locales/ja.json | 112 ++++ sources/lib/locales/ko.json | 112 ++++ sources/lib/locales/nl.json | 113 ++++ sources/lib/locales/pt.json | 112 ++++ sources/lib/locales/ro.json | 112 ++++ sources/lib/locales/ru.json | 112 ++++ sources/lib/locales/sk.json | 113 ++++ sources/lib/locales/sr.json | 113 ++++ sources/lib/locales/template.json | 115 ++++ sources/lib/locales/vi.json | 112 ++++ sources/lib/locales/zh.json | 112 ++++ sources/lib/settings.php | 6 +- sources/lib/template/footer.php | 7 +- sources/lib/template/header.php | 28 +- sources/media/courgette/email.png | Bin 0 -> 596 bytes sources/media/courgette/logo-jirafeau.svg | 1 - sources/media/courgette/pixel_bomb.png | Bin 0 -> 489 bytes sources/media/courgette/style.css.php | 134 ++++- sources/media/courgette/upload.svg | 5 +- sources/media/industrial/email.png | Bin 0 -> 596 bytes sources/media/industrial/style.css.php | 22 +- sources/media/jyraphe/email.png | Bin 0 -> 596 bytes sources/media/jyraphe/jirafeau.png | Bin 1345 -> 612 bytes sources/media/jyraphe/style.css.php | 65 ++- sources/media/modern/email.png | Bin 0 -> 596 bytes sources/media/modern/style.css.php | 49 +- sources/script.php | 310 +++++------ sources/tos.php | 17 + sources/tos_text.php | 2 +- 51 files changed, 4145 insertions(+), 374 deletions(-) create mode 100644 sources/README.md create mode 100644 sources/lib/functions.js.php create mode 100644 sources/lib/locales/ar.json create mode 100644 sources/lib/locales/bn_IN.json create mode 100644 sources/lib/locales/cs.json create mode 100644 sources/lib/locales/de.json create mode 100644 sources/lib/locales/es.json create mode 100644 sources/lib/locales/fi.json create mode 100644 sources/lib/locales/fr.json create mode 100644 sources/lib/locales/hi.json create mode 100644 sources/lib/locales/hu.json create mode 100644 sources/lib/locales/it.json create mode 100644 sources/lib/locales/ja.json create mode 100644 sources/lib/locales/ko.json create mode 100644 sources/lib/locales/nl.json create mode 100644 sources/lib/locales/pt.json create mode 100644 sources/lib/locales/ro.json create mode 100644 sources/lib/locales/ru.json create mode 100644 sources/lib/locales/sk.json create mode 100644 sources/lib/locales/sr.json create mode 100644 sources/lib/locales/template.json create mode 100644 sources/lib/locales/vi.json create mode 100644 sources/lib/locales/zh.json create mode 100644 sources/media/courgette/email.png create mode 100644 sources/media/courgette/pixel_bomb.png create mode 100644 sources/media/industrial/email.png create mode 100644 sources/media/jyraphe/email.png create mode 100644 sources/media/modern/email.png diff --git a/conf/config.local.php b/conf/config.local.php index 1425129..b827360 100644 --- a/conf/config.local.php +++ b/conf/config.local.php @@ -15,7 +15,7 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ /* @@ -35,10 +35,8 @@ $cfg['var_root'] = 'YNH_VAR_ROOT' . '/'; $cfg['lang'] = 'auto'; /* Select your style :) See media folder */ $cfg['style'] = 'courgette'; -/* Propose a preview link if file type is previewable is set to true. */ +/* Propose a preview link if file type is previewable. */ $cfg['preview'] = true; -/* Download page: propose a link to a download page is set to true. */ -$cfg['download_page'] = true; /* Encryption feature. disable it by default. * By enabling it, file-level deduplication won't work. */ @@ -52,6 +50,13 @@ $cfg['link_name_length'] = 8; * ... and so on */ $cfg['upload_password'] = array(YNH_UPLOAD_PASSWORD); +/* List of IP allowed to upload a file. + * If list is empty, then there is no upload restriction based on IP + * Elements of the list can be a single IP (e.g. "123.45.67.89") or + * an IP range (e.g. "123.45.0.0/16"). + * Note that CIDR notation is available for IPv4 only for the moment. + */ +$cfg['upload_ip'] = array(); /* An empty admin password will disable the classic admin password * authentication. */ @@ -84,8 +89,15 @@ $cfg['availabilities'] = array ('minute' => true, * 0 mean unlimited upload size. */ $cfg['maximal_upload_size'] = 0; +/* If your Jirafeau is behind some reverse proxies, you can set there IPs + * so Jirafeau get visitor's IP from HTTP_X_FORWARDED_FOR instead of + * REMOTE_ADDR. + * for example: + * $cfg['proxy_ip'] = array('12.34.56.78'); + */ +$cfg['proxy_ip'] = array(); /* Installation is done ? */ -$cfg['installation_done'] = false; +$cfg['installation_done'] = true; /* Try to include user's local configuration. */ if ((basename (__FILE__) != 'config.local.php') diff --git a/sources/COPYING b/sources/COPYING index dba13ed..c5a720e 100644 --- a/sources/COPYING +++ b/sources/COPYING @@ -1,7 +1,7 @@ GNU AFFERO GENERAL PUBLIC LICENSE Version 3, 19 November 2007 - Copyright (C) 2007 Free Software Foundation, Inc. + Copyright (C) 2007 Free Software Foundation, Inc. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -643,7 +643,7 @@ the "copyright" line and a pointer to where the full notice is found. GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . + along with this program. If not, see . Also add information on how to contact you by electronic and paper mail. diff --git a/sources/NEWCOMER.txt b/sources/NEWCOMER.txt index dbe5552..67bd4b9 100644 --- a/sources/NEWCOMER.txt +++ b/sources/NEWCOMER.txt @@ -18,7 +18,7 @@ view only to show the most importants files and their role. │   ├── config.original.php : default parameters with their documentation │   ├── functions_*.js : javascript functions for html/javascript client │   ├── functions.php : core functions and tools of jirafeau -│   ├── lang : langage folder, contain all langage files +│   ├── locales : langage folder, contain all langage files │   └── template │   ├── footer.php │   └── header.php @@ -28,3 +28,12 @@ view only to show the most importants files and their role. ├── files : all files that has been successfully uploaded └── links : all links pointing to files with meta-informations +Coding style: + +- PHP function keywords are alone on a line +- Braces "{" must are put in a new line +- Files must be in UTF-8 (without BOM) +- Uses LF (\n) for end of lines + +The whole project is not clean about that, feel free to fix :) + diff --git a/sources/README.md b/sources/README.md new file mode 100644 index 0000000..9751048 --- /dev/null +++ b/sources/README.md @@ -0,0 +1,240 @@ +# Introduction + +Welcome to the official Jirafeau project, an [Open-Source software](https://en.wikipedia.org/wiki/Open-source_software). + +Jirafeau is a web site permitting to upload a file in a simple way and give an unique link to it. + +A demonstration of the latest version is available on [jirafeau.net](http://jirafeau.net/) + +![Screenshot1](http://i.imgur.com/TPjh48P.png) + +**Main features**: +- One upload => One download link & One delete linkp +- Send any large files (thanks to HTML5) +- NO database, only use basic PHP +- Shows progression: speed, percentage and remaining upload time +- Preview content in browser (if possible) +- Optional Password protection (for uploading or downloading) +- Time limitation +- Option to self-destruct after reading +- Simple language support :gb: :fr: :de: :it: :nl: :ro: :sk: :hu: +- Small administration interface +- File level [Deduplication](http://en.wikipedia.org/wiki/Data_deduplication) for storage optimization +- A basic Terms Of Service which can be adapted to your needs +- Shortened URLs using base 64 encoding +- API interface +- Optional data encryption +- Skins +... + +Jirafeau is a fork of the original project [Jyraphe](http://home.gna.org/jyraphe/) based on the 0.5 (stable version) with a **lot** of modifications. + +As it's original project, Jirafeau is made in the [KISS](http://en.wikipedia.org/wiki/KISS_principle) way (Keep It Simple, Stupid). + +Jirafeau project won't evolve to a file manager and will focus to keep a very few dependencies. + +# Screenshots + +Here are some screenshots: +- [Installation part 1](http://i.imgur.com/hmpT1eN.jpg) +- [Installation part 2](http://i.imgur.com/2e0UGKE.jpg) +- [Installation part 3](http://i.imgur.com/ofAjLXh.jpg) +- [Installation part 4](http://i.imgur.com/WXqnfqJ.jpg) +- [Upload 1](http://i.imgur.com/SBmSwzJ.jpg) +- [Upload 2](http://i.imgur.com/wzPkb1Z.jpg) +- [Upload 3](http://i.imgur.com/i6n95kv.jpg) +- [Upload 4](http://i.imgur.com/P2oS1MY.jpg) + +# Installation +- [Download](https://gitlab.com/mojo42/Jirafeau/repository/archive.zip) the last version of Jirafeau from GitLab +- Upload files on your web server +- Don't forget to set owner of uploaded files if you need to +- Get your web browser and go to you install location (e.g. ```http://your-web-site.org/jirafeau/```) and follow instructions +- Some options are not configured from the minimal installation wizard, you may take a look at option documentation in ```lib/config.original.php``` and customize your ```lib/config.local.php``` + +Note that ```lib/config.local.php``` is auto-generated during the installation. + +If you don't want to go through the installation wizard, you can just copy ```config.original.php``` to ```config.local.php``` and customize it. + +# Security + +```var``` directory contain all files and links. It is randomly named to limit access but you may add better protection to prevent un-authorized access to it. +You have several options: +- Configure a ```.htaccess``` +- Move var folder to a place on your server which can't be directly accessed +- Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution) + +If you are using Apache, you can add the following lineto your configuration to prevent people to access to your ```var``` folder: + +```RedirectMatch 301 ^/var-.* http://my.service.jirafeau ``` + +You should also remove un-necessessary write access once the installation is done (ex: configuration file). +An other obvious basic security is to let access users to the site by HTTPS. + +# Few notes about server side encryption + +Data encryption can be activated in options. This feature makes the server encrypt data and send the decryt key to the user (inside download URL). +The decrypt key is not stored on the server so if you loose an url, you won't be able to retrieve file content. +In case of security troubles on the server, attacker won't be able to access files. + +By activating this feature, you have to be aware of few things: +- Data encryption has a cost (cpu) and it takes more time for downloads to complete once file sent. +- During the download, the server will decrypt on the fly (and use resource). +- This feature needs to have the mcrypt php module. +- File de-duplication will stop to work (as we can't compare two encrypted files). +- Be sure your server do not log client's requests. +- Don't forget to enable https. + +In a next step, encryption will be made by the client (in javascript), see issue #10. + +# FAQ + +### Can I add a new language in Jirafeau? + +Of-course ! Translations are easy to make and no technical knowledge is required. + +Simply go to [Jirafeau's Weblate](https://hosted.weblate.org/projects/jirafeau/master/). + +If you want to add a new language in the list, feel free to contact us or leave a comment in ticket #9. + +We would like to thanks to anonymous contributors on weblate. :) + +### How do I upgrade my Jirafeau? + +If you have installed Jirafeau using git, it's pretty simple: just make a git pull and chown/chmod files who have the owner changed. + +If you have installed Jirafeau just by uploading files on your server, you can take the [last version](https://gitlab.com/mojo42/Jirafeau/repository/archive.zip), overwrite files and chown/chmod files if needed. + +After upgrading, you can compare your ```lib/config.local.php``` and ```lib/config.original.php``` to see if new configuration items are available. + +If you have some troubles: +- It should probably come from your ```lib/config.local.php``` (configuration syntax may have changed). Just compare it with ```lib/config.original.php``` +- Check owner/permissions of your files. + +Anyway you should off-course make a backup of your current installation before doing anything. :) + +### How can I limit upload access? + +There are two ways to limit upload access (but not download): +- you can set one or more passwords in order to access the upload interface, or/and +- you can configure a list of authorized IP ([CIDR notation](https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing#CIDR_notation)) which are allowed to access to the upload page + +Check documentation of ```upload_password``` and ```upload_ip``` parameters in [lib/config.original.php](https://gitlab.com/mojo42/Jirafeau/blob/master/lib/config.original.php). + +### I have some troubles with IE + +If you have some strange behavior with IE, you may configure [compatibility mode](http://feedback.dominknow.com/knowledgebase/articles/159097-internet-explorer-ie8-ie9-ie10-and-ie11-compat). + +Anyway I would recommand you to use another web browser. :) + +### I found a bug, what should I do? + +Feel free to open a bug in the [GitLab's issues](https://gitlab.com/mojo42/Jirafeau/issues). + +### How to set maximum file size? + +If your browser supports HTML5 file API, you can send files as big as you want. + +For browsers who does not support HTML5 file API, the limitation come from PHP configuration. +You have to set [post_max_size](https://php.net/manual/en/ini.core.php#ini.post-max-size) and [upload_max_filesize](https://php.net/manual/en/ini.core.php#ini.upload-max-filesize) in your php configuration. + +If you don't want to allow unlimited upload size, you can still setup a maximal file size in Jirafeau's setting (see ```maximal_upload_size``` in your configuration) + +### How can I edit an option? + +Documentation of all default options are located in [lib/config.original.php](https://gitlab.com/mojo42/Jirafeau/blob/master/lib/config.original.php). +If you want to change an option, just edit your ```lib/config.local.php```. + +### How can I access the admin interface? + +Just go to ```/admin.php```. + +### How can I use the scripting interface (API)? + +Simply go to ```/script.php``` with your web browser. + +### My downloads are incomplete or my uploads fails + +Be sure your PHP installation is not using safe mode, it may cause timeouts. + +### Why forking? + +The original project seems not to be continued anymore and I prefer to add more features and increase security from a stable version. + +### What can we expect in the future? + +Check [issues](https://gitlab.com/mojo42/Jirafeau/issues) to check open bugs and incoming new stuff. :) + +### What is the Jirafeau's license? + +Jirafeau is licensed under [AGPLv3](https://gitlab.com/mojo42/Jirafeau/blob/master/COPYING). + +### How do I modify the TOS (terms of use)? + +Just edit ```tos.php``` and configure ```$org``` and ```$contact``` variables. + +### What about this file deduplication thing? + +Jirafeau use a very simple file level deduplication for storage optimization. + +This mean that if some people upload several times the same file, this will only store one time the file and increment a counter. + +If someone use his delete link or an admin cleans expired links, this will decrement the counter corresponding to the file. + +If the counter falls to zero, the file is destroyed. + +### What is the difference between "delete link" and "delete file and links" in admin interface? + +As explained in the previous question, files with the same md5 hash are not duplicated and a reference counter stores the number of links pointing to a single file. +So: +- The button "delete link" will delete the reference to the file but might not destroy the file. +- The button "delete file and links" will delete all references pointing to the file and will destroy the file. + +### How to contact someone from Jirafeau? + +Feel free to create an issue if you found a bug. + +# Release notes + +## Version 1.0 + +The very first version of Jirafeau after the fork of Jiraph. + +- Security fix +- Keep uploader's ip +- Delete link for each upload +- No more clear text password storage +- Simple langage support +- Add an admin interface +- New Design +- Add term of use +- New path system to manage large number of files +- New option to show a page at download time +- Add option to activate or not preview mode + +## Version 1.1 + +- New skins +- Add optional server side encryption +- Unlimited file size upload using HTML5 file API +- Show speed and estimated time during upload +- A lot of fixes +- A lot of new langages +- Small API to upload files +- Limit access to Jirafeau using IP, mask, passwords +- Manage (some) proxy headers +- Configure your maximal upload size +- Configure file's lifetime durations +- Preview URL +- Get Jirafeau's version in admin interface + +### Update from 1.0 to 1.1 + +1. Backup you Jirafeau installation +2. Block access to Jirafeau +3. Checkout new version using git tag 1.1 +4. With you browser, go to your Jirafeau root page +5. Follow installation wizard, it should propose you the same data folder +6. Add a rewrite rule in your web server configuration to rename file.php to f.php to make old url work again +7. Go in you lib/config.local.php and lib/config.original.php to check new options and eventually change skin to 'courgette' + diff --git a/sources/admin.php b/sources/admin.php index 555e76a..a0ae04b 100644 --- a/sources/admin.php +++ b/sources/admin.php @@ -53,7 +53,7 @@ if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0)) /* Check classic admin password authentification. */ if (isset ($_POST['admin_password']) && empty($cfg['admin_http_auth_user'])) { - if (strcmp ($cfg['admin_password'], $_POST['admin_password']) == 0) + if ($cfg['admin_password'] === $_POST['admin_password']) $_SESSION['admin_auth'] = true; else { @@ -128,8 +128,9 @@ if (!(isset ($_POST['action']) && strcmp ($_POST['action'], 'download') == 0)) { require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?>

(version )

+ ?>
@@ -212,8 +213,8 @@ if (!(isset ($_POST['action']) && strcmp ($_POST['action'], 'download') == 0))
- - + +
0) + $link = jirafeau_get_link ($alias["destination"]); +} +if (count ($link) == 0) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . @@ -125,7 +132,7 @@ if (!empty ($link['key'])) '

'; ?> + 'method = "post" id = "submit_post">'; ?> ' . '' . t('Password protection') . @@ -135,20 +142,27 @@ if (!empty ($link['key'])) '' . '' . t('By using our services, you accept our'). ' ' . t('Term Of Service') . '' . - '' . - ''; - ?>' . + t('Warning, this file will self-destruct after being read') . + ''; + } + + ?>

' . t('Access denied') . '

'; @@ -176,40 +190,50 @@ if (!empty ($link['key'])) } } -if ($cfg['download_page'] && !$password_challenged && !$do_download && !$do_preview) +if (!$password_challenged && !$do_download && !$do_preview) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '
' . ''; ?> + 'method = "post" id = "submit_post">'; ?> ' . $link['file_name'] . '' . + echo '
' . htmlspecialchars($link['file_name']) . '
' . '' . ''; + + if ($link['onetime'] == 'O') + { + echo ''; + } + + ?> + '; echo '
' . - t('You are about to download') . ' "' . $link['file_name'] . '" (' . jirafeau_human_size($link['file_size']) . ')' . + t('You are about to download') . ' "' . htmlspecialchars($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ')' . '
' . - t('By using our services, you accept our'). ' ' . t('Term Of Service') . ''; - ?>
' . t('Term Of Service') . '' . + '
' . + t('Warning, this file will self-destruct after being read') . + '
'; @@ -220,9 +244,11 @@ if ($cfg['download_page'] && !$password_challenged && !$do_download && !$do_prev header ('HTTP/1.0 200 OK'); header ('Content-Length: ' . $link['file_size']); if (!jirafeau_is_viewable ($link['mime_type']) || !$cfg['preview'] || $do_download) - header ('Content-Disposition: attachment; filename="' . - $link['file_name'] . '"'); + header ('Content-Disposition: attachment; filename="' . $link['file_name'] . '"'); +else + header ('Content-Disposition: filename="' . $link['file_name'] . '"'); header ('Content-Type: ' . $link['mime_type']); +header ('Content-MD5: ' . hex_to_base64($link['md5'])); /* Read encrypted file. */ if ($link['crypted']) diff --git a/sources/index.php b/sources/index.php index 1a5c6aa..f9eded5 100644 --- a/sources/index.php +++ b/sources/index.php @@ -16,7 +16,7 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); @@ -24,7 +24,6 @@ require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); require (JIRAFEAU_ROOT . 'lib/functions.php'); require (JIRAFEAU_ROOT . 'lib/lang.php'); -require (JIRAFEAU_ROOT . 'lib/template/header.php'); check_errors ($cfg); if (has_error ()) @@ -34,6 +33,16 @@ if (has_error ()) exit; } +require (JIRAFEAU_ROOT . 'lib/template/header.php'); + +/* Check if user is allowed to upload. */ +if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg))) +{ + echo '

' . t('Access denied') . '

'; + require (JIRAFEAU_ROOT.'lib/template/footer.php'); + exit; +} + /* Ask password if upload password is set. */ if (jirafeau_has_upload_password ($cfg)) { @@ -95,44 +104,36 @@ if (jirafeau_has_upload_password ($cfg)) ?>

-
-
- +

+ + +

-
-
- - -
-

:

-

-

:

-

:

-
+

:

-
- -

- : -

-

+
+ +
+

:

+

+
@@ -242,7 +243,7 @@ if (jirafeau_has_upload_password ($cfg))
- +

diff --git a/sources/media/courgette/email.png b/sources/media/courgette/email.png new file mode 100644 index 0000000000000000000000000000000000000000..234a2290643cbda288a7b55a0967735fe3ffe5ac GIT binary patch literal 596 zcmV-a0;~OrP)WFU8GbZ8()Nlj2>E@cM*00Fp3L_t(I%bn9ZYt%s$ z#^Gnzgv4tbixDgY6SPPdn-R4zLIQ$?R(3Llg;>~FSXf9?8P@+&!s-Y zK)bo`&!v9CY0Rb=Mmvvsfg0O^SGbrZpI!T%e!Xij+p&a+TcYQvuz?OY zKjd64btc8I*v1-8;wi>+sSCaKugB_W67R>u6vF|mwNebL_}M@|ZXDDmY#oO&gLdcf iF1+aKmH&Y5#_AtRt+V~iZnE3}0000 - ]> diff --git a/sources/media/courgette/pixel_bomb.png b/sources/media/courgette/pixel_bomb.png new file mode 100644 index 0000000000000000000000000000000000000000..92c95ca9c1fed003e179162756f84e209abb88b1 GIT binary patch literal 489 zcmeAS@N?(olHy`uVBq!ia0vp^DIm!lvI6;RN#5=* z3>*y644HGcybuP8a29w(7Bet#1KHfdj105pNB{-dOFVsD+3&Nk@tK(9hhOJoU|>x1 zba4!+xb^myVjhztL)*oL3ptlDUA*#DDkFur!z+iE{e|wU>N>hD zsV!xb@taBCb1q+cH+|-xn@uA`S0G%hiK9uODZuIM_PrM)e{8w6^U%+*|U7VlylC1|FQk+)7Qb+0xX8rhchToVzD9`A2DWN1g81X*WP_0LnEf)P}yTudc8Ew$}gAm7242 zkNAN_n-osio~qm|S$o?$N+#;Xe9O`z>tl5!qk2=Rp0$!NkCDKwiA(u;Jn#_P;BEk-*^T>gTe~DWM4f DksH5n literal 0 HcmV?d00001 diff --git a/sources/media/courgette/style.css.php b/sources/media/courgette/style.css.php index 5cffb5a..f3d0879 100644 --- a/sources/media/courgette/style.css.php +++ b/sources/media/courgette/style.css.php @@ -16,7 +16,7 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ /* @@ -26,19 +26,21 @@ $dark = '#8B4513'; -header("Content-type: text/css"); +header('Content-type: text/css'); ?> /* ========================================================================== - Sommaire + Summary 1 = Basic Style 2 = Copyright 3 = Options 4 = Upload 5 = Terms of service - 6 = Admin + 6 = Install + 7 = Admin + 8 = Download page ========================================================================== */ @@ -92,12 +94,14 @@ legend { text-align: center; } -table a { color: #000;} +table a { + color: #000; +} - table a:hover, - table a:focus { - text-decoration: none; - } +table a:hover, +table a:focus { + text-decoration: none; +} input[type="submit"] { background: #0D9CB2; @@ -216,13 +220,27 @@ input[type="submit"]:focus { #upload_finished, #uploading, .message, +.info, .error { text-align: center; color: #795548; padding-left: 3em; } -#upload_finished a, +#upload_finished > p:nth-child(1) { + color: #0D9CB2; + font-weight: bold; +} + +#upload_finished div p:nth-child(1) { + font-weight: bold; +} + +#upload_finished a { + text-decoration: none; + color: #795548; +} + #uploading a { font-weight: bold; text-decoration: none; @@ -248,12 +266,16 @@ input[type="submit"]:focus { font-weight: bold; } +#upload_image_email { + padding-left: 20px; + margin-left: 10px; + background: url(email.png) no-repeat; +} + /* ========================================================================== 5 = Terms of service ========================================================================== */ - - textarea[readonly="readonly"] { border: 0; color: #795548; @@ -284,7 +306,7 @@ textarea[readonly="readonly"] + p + p a:focus { } /* ========================================================================== - 6 = Admin + 6 = Install ========================================================================== */ #install fieldset, @@ -298,13 +320,11 @@ textarea[readonly="readonly"] + p + p a:focus { #install + fieldset table { width: 100%; border-collapse: collapse; - border-bottom: 2px solid #FFF; } #install td, #install + fieldset td { padding: 0.5em 1em; - border: 2px solid #FFF; border-bottom: 0; } @@ -351,3 +371,87 @@ textarea[readonly="readonly"] + p + p a:focus { #install + fieldset td:first-child input[type="submit"]:focus { text-decoration: underline; } + +/* ========================================================================== + 7 = Admin + ========================================================================== */ + +#admin fieldset, +#admin + fieldset { + width: auto; + max-width: 50em; + border: 7px dashed #bcaaa4; +} + +#admin table, +#admin + fieldset table { + width: 100%; + border-collapse: collapse; + border-bottom: 2px solid #FFF; +} + +#admin td, +#admin + fieldset td { + padding: 0.5em 1em; + border: 2px solid #FFF; + border-bottom: 0; +} + +#admin td:empty { + width: 13.1em; +} + +#admin table form:nth-child(odd), +#admin + fieldset tr:nth-child(odd) { + background: #bcaaa4; +} + +#admin fieldset > form { + margin-top: 2em; + text-align: center; +} + +#admin form { + display: table; + width: 100%; +} + +#admin td:last-child { text-align: left; } + +#admin .info { width: 19em; } + +#admin input[type="submit"] { + min-width: 10.5em; +} + +#admin + fieldset table { + font-size: 0.9em; +} + +#admin + fieldset td:first-child input[type="submit"] { + background: none; + padding: 0; + color: #000; + font-weight: bold; + border-bottom: 0; +} + +#admin + fieldset td:first-child input[type="submit"]:hover, +#admin + fieldset td:first-child input[type="submit"]:focus { + text-decoration: underline; +} + +/* ========================================================================== + 8 = Download page + ========================================================================== */ + +#self_destruct { + font-weight: bold; + color: red; + background-image: url('pixel_bomb.png'); + background-size: 40px 40px; + background-repeat: no-repeat; + padding-left: 40px; + padding-top: 10px; + padding-bottom: 10px; +} diff --git a/sources/media/courgette/upload.svg b/sources/media/courgette/upload.svg index 5cd585c..b4c4e19 100644 --- a/sources/media/courgette/upload.svg +++ b/sources/media/courgette/upload.svg @@ -1,14 +1,11 @@ - ]> - - @@ -44,6 +44,7 @@ fieldset { border: 2px solid #02233f; -moz-border-radius: 10px; -webkit-border-radius: 10px; + border-radius: 10px; } fieldset legend { @@ -53,6 +54,7 @@ fieldset legend { padding: 1px 5px; -moz-border-radius: 5px; -webkit-border-radius: 5px; + border-radius: 5px; } h1 { @@ -99,9 +101,9 @@ input:hover { position: fixed; bottom: 0; right: 0; - height: 100px; + height: 100px; width: 100px; - clear:both; + clear:both; } #copyright { @@ -143,6 +145,7 @@ input:hover { border: 2px solid #02233f; -moz-border-radius: 10px; -webkit-border-radius: 10px; + border-radius: 10px; } .info h2 { @@ -175,3 +178,14 @@ input:hover { border: 2px solid #02233f; margin: auto; } + +#self_destruct { + font-weight: bold; + color: red; +} + +#upload_image_email { + padding-left: 20px; + margin-left: 10px; + background: url(email.png) no-repeat; +} diff --git a/sources/media/jyraphe/email.png b/sources/media/jyraphe/email.png new file mode 100644 index 0000000000000000000000000000000000000000..234a2290643cbda288a7b55a0967735fe3ffe5ac GIT binary patch literal 596 zcmV-a0;~OrP)WFU8GbZ8()Nlj2>E@cM*00Fp3L_t(I%bn9ZYt%s$ z#^Gnzgv4tbixDgY6SPPdn-R4zLIQ$?R(3Llg;>~FSXf9?8P@+&!s-Y zK)bo`&!v9CY0Rb=Mmvvsfg0O^SGbrZpI!T%e!Xij+p&a+TcYQvuz?OY zKjd64btc8I*v1-8;wi>+sSCaKugB_W67R>u6vF|mwNebL_}M@|ZXDDmY#oO&gLdcf iF1+aKmH&Y5#_AtRt+V~iZnE3}00000dfN&2=tmLDrt}4|Nq)u&`j%0E)KB3E?7$W5}YN{p3mklIp^gfg$Mox^A~O} ze#>=L_;pFExS9#xMttrrH2;Sbu(Q zWbC~#z|4*Aa({^qM->DBqQb(BHm7xriHuel;J!37CM#iSB+^!4VP&ILYMlr!FzQ;c zWX6E-D(WZ=z#uo`M7zo!ZNhAJ%o+q7^pGorvg{E~)kRJNxoTsX z&@W{aTR_lF>6}WYb2-zXA0+<>Bq|Zw4I_6nZE)6bjDKJ^R=kdTMS7>7}N2%Rhhl zIT1-IJ6#EbxuxY_zWwU3UZWG%a3*{C<4+&oy+cIX`@Z^$@#mJ7*S~oHkY{ed;M2MD zhxHoo#1e6lh>Nk*5JMQIg$F5R*pvIs_I|S+_N4E*`T6U*nKn#IH`DmBv0++;`5V6H z4$_U_7v^sOVSj4!Oe&K}WinHfXY%vc4bvJ+4S|n#Vd@MKB{U&O933l`q?AMy_GGou z4ttV_s*QHVE*FZWi?i1Z)8gw5)7r2f;*@Tt*H`W{6&y^&#rVijA}*MgZl(*x5)dwS zC2j}8hW*emB@t=Ub00>6#J4ghEZ=i0c3G0Vx^Np*h=1r(@#e+ZYiew8e0*f6+GrCI zI0+#P(~>0NFgv3xap~A+BGR_kR`~*K2_Y(WIg*9(ks&aHLEs(W)o`TrByX3xwfxh7pLU)9n+{hFvC-pb=|2^`=t~yn~8e7D5Oi_bhp=5D|WeJm!*`PoKCl2ZM3V6cGGb{ z!}nZ`LrqGx;*3s2mdgsq_Icl(lv2nc#I z{?GHLwXMyw?_M@1rcP(a)8{WFbmOldf2eJ3HXWzem%YA>32N*;ot*igwzV0yg8IK9 zxH65f6=>K3U*B_w(-~FdC}+d8P;G@`$uKP`WuaKA*yZuA!@fecNiC{SK_c)DkSV+x zAAcFb6$lt>R$UqwHA?mBt=o}$C!#A0izp5*I|hZ~260tc(5s@ZHrf*z-S=G718Ww~ za7hCpRcQV|k>hDN(Yz1QVi%$k)b5i8iSMGPZ{bz0q2Is6(Bcr2en;05Gh$mm)!zq+0 zPs2;an`#t!XXAKB9PJYkiAQ&C5q}Y;1jpPkt@V}rkvhAwu=x1y9Vz8b?a04GTufwi z)j$ZrA8MRygeT&;@3}i`KS`pd<6sA}gPvlj-%huWIf|Jjgou1O`JM~Eg%Gcuk35Et za?z7OW&!fh#NX|;Ro`=)jsr7rU_Hgco&>~e(IX4)sv}%|tM*|KQjys=cruP=%Vw$@ vVNbp?eExUASN__Jge?-SlaOC)7J2>;fHsOeBOejm00000NkvXXu0mjf$TWpy diff --git a/sources/media/jyraphe/style.css.php b/sources/media/jyraphe/style.css.php index dbe946e..76c59c7 100644 --- a/sources/media/jyraphe/style.css.php +++ b/sources/media/jyraphe/style.css.php @@ -14,7 +14,7 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ /* @@ -24,10 +24,12 @@ $dark = '#8B4513'; -header("Content-type: text/css"); +header('Content-type: text/css'); ?> +@charset "UTF-8"; + body { text-align: center; font-family: sans-serif; @@ -176,3 +178,62 @@ h1 a { #install .navleft { float: left; } + +#admin { + width: 40em; + margin: 5ex auto; +} + +#admin table { + width: 100%; +} + +#admin label { + font-style: italic; +} + +#admin .info { + text-align: justify; + padding-bottom: 1ex; +} + +#admin .label { + text-align: justify; + vertical-align: top; +} + +#admin .field { + text-align: right; + vertical-align: bottom; +} + +#admin .nav { + padding-top: 2em; +} + +#admin .next { + text-align: right; +} + +#admin .previous { + text-align: left; +} + +#admin .navright { + float: right; +} + +#admin .navleft { + float: left; +} + +#self_destruct { + font-weight: bold; + color: red; +} + +#upload_image_email { + padding-left: 20px; + margin-left: 10px; + background: url(email.png) no-repeat; +} diff --git a/sources/media/modern/email.png b/sources/media/modern/email.png new file mode 100644 index 0000000000000000000000000000000000000000..234a2290643cbda288a7b55a0967735fe3ffe5ac GIT binary patch literal 596 zcmV-a0;~OrP)WFU8GbZ8()Nlj2>E@cM*00Fp3L_t(I%bn9ZYt%s$ z#^Gnzgv4tbixDgY6SPPdn-R4zLIQ$?R(3Llg;>~FSXf9?8P@+&!s-Y zK)bo`&!v9CY0Rb=Mmvvsfg0O^SGbrZpI!T%e!Xij+p&a+TcYQvuz?OY zKjd64btc8I*v1-8;wi>+sSCaKugB_W67R>u6vF|mwNebL_}M@|ZXDDmY#oO&gLdcf iF1+aKmH&Y5#_AtRt+V~iZnE3}0000. + * along with this program. If not, see . */ /* @@ -26,16 +26,16 @@ $dark = '#8B4513'; -header("Content-type: text/css"); +header('Content-type: text/css'); ?> body { -font-family:"Lucida Grande","Lucida Sans Unicode",Tahoma,sans-serif; -font-size: 100%; -color:#333333; -margin:0; -background:#e5e5e5; + font-family:"Lucida Grande","Lucida Sans Unicode",Tahoma,sans-serif; + font-size: 100%; + color:#333333; + margin:0; + background:#e5e5e5; } a, a:link, a:visited { @@ -50,25 +50,23 @@ fieldset { margin: auto; background: white; border: 2px solid #dbdbdb; --webkit-border-radius: 5px; - -moz-border-radius: 5px; - border-radius: 5px; + -webkit-border-radius: 5px; + -moz-border-radius: 5px; + border-radius: 5px; } fieldset legend { - color: white; font-size:130%; background: #cf3b19; border: 1px solid #A52E13; padding: 5px 20px; --webkit-border-radius: 5px; - -moz-border-radius: 5px; - border-radius: 5px; + -webkit-border-radius: 5px; + -moz-border-radius: 5px; + border-radius: 5px; } h1 { - font-size: 175%; width: 100%; text-align: center; @@ -134,13 +132,13 @@ text-align: center; padding-bottom: 1ex; border: #FB7373 2px solid; background-color: #FBB; - -webkit-border-radius: 5px; + -webkit-border-radius: 5px; -moz-border-radius: 5px; border-radius: 5px; } .error p:before { -text-align: center; + text-align: center; content: url('error.png'); padding-right: 1ex; -webkit-border-radius: 5px; @@ -153,7 +151,7 @@ text-align: center; padding: 1ex; border: #91C27C 2px solid; background-color: #BFB; - -webkit-border-radius: 5px; + -webkit-border-radius: 5px; -moz-border-radius: 5px; border-radius: 5px; } @@ -217,6 +215,17 @@ font-size:90%; border: 2px solid #91C27C; margin: auto; -webkit-border-radius: 5px; - -moz-border-radius: 5px; - border-radius: 5px; + -moz-border-radius: 5px; + border-radius: 5px; +} + +#self_destruct { + font-weight: bold; + color: red; +} + +#upload_image_email { + padding-left: 20px; + margin-left: 10px; + background: url(email.png) no-repeat; } diff --git a/sources/script.php b/sources/script.php index 99c5ec0..3e6668e 100644 --- a/sources/script.php +++ b/sources/script.php @@ -14,7 +14,7 @@ * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License - * along with this program. If not, see . + * along with this program. If not, see . */ /* @@ -50,156 +50,15 @@ if ($_SERVER['REQUEST_METHOD'] == "GET" && count ($_GET) == 0) require (JIRAFEAU_ROOT . 'lib/template/footer.php'); exit; } - echo '
'; - echo '

' . t('Welcome to Jirafeau\'s query interface') . '

'; - echo '

'; - echo t('This interface permits to script your uploads and downloads.') . - ' ' . t('The instructions above show how to query this interface.'); - echo '

'; - - echo '

' . t('Get Jirafeau\'s version') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "get_version=1 (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is the version number.') . '

'; - echo '

'; - echo t('Example') . ": " . $web_root . "script.php?get_version=1 "; - echo '

'; - - echo '

' . t('Get server capacity') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "get_capacity=1 (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is the server capacity (in Bytes).') . '

'; - echo '

'; - echo t('Example') . ": " . $web_root . "script.php?get_capacity=1 "; - echo '

'; - - echo '

' . t('Maximal allowed size of an uploaded file') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "get_maximal_upload_size=1 (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line returns size (in MB).') . '

'; - echo '

'; - echo t('Example') . ": " . $web_root . "script.php?get_maximal_upload_size=1 "; - echo '

'; - - echo '

' . t('Upload a file') . ':

'; - echo '

'; - echo t('Send a POST query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "file=C:\\your\\file\\path (" . t('Required') . ")
"; - echo "time=[minute|hour|day|week|month|year|none] (" . t('Optional') . ', '. t('default: none') . ")
"; - echo "password=your_password (" . t('Optional') . ")
"; - echo "one_time_download=1 (" . t('Optional') . ")
"; - echo "upload_password=your_upload_password (" . t('Optional') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is the download reference and the second line the delete code.') . '

'; - - echo '

' . t('Get a file') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "h=your_download_reference (" . t('Required') . ")
"; - echo '

'; - echo '

'; - echo t('If a password has been set, send a POST request with it.'); - echo '
'; - echo t('Parameters') . ':
'; - echo "password=your_password (" . t('Optional') . ")
"; - echo '

'; - echo '

'; - echo t('Example') . ": " . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU "; - echo '

'; - - echo '

' . t('Delete a file') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "h=your_download_reference (" . t('Required') . ")
"; - echo "d=yout_delete_code (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return "Ok" if succeeded, "Error" otherwhise.') . '

'; - echo '

'; - echo t('Example') . ": " . $web_root . "script.php?h=30ngy0hsDcpfrF8zR7x9iU&d=0d210a952 "; - echo '

'; - - echo '

' . t('Get a generated script') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "lang=["; - foreach ($script_langages as $lang => $name) - echo $lang; - echo "] (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content of the code.') . '

'; - echo '

'; - echo t('Example') . ":
"; - foreach ($script_langages as $lang => $name) - echo "$name: " . $web_root . "script.php?lang=$lang "; - echo '

'; - - echo '

' . t('Initalize an asynchronous transfer') . ':

'; - echo '

'; - echo t('The goal is to permit to transfer big file, chunk by chunk.') . ' '; - echo t('Chunks of data must be sent in order.'); - echo '

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?init_async
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "filename=file_name.ext (" . t('Required') . ")
"; - echo "type=MIME_TYPE (" . t('Optional') . ")
"; - echo "time=[minute|hour|day|week|month|year|none] (" . t('Optional') . ', '. t('default: none') . ")
"; - echo "password=your_password (" . t('Optional') . ")
"; - echo "one_time_download=1 (" . t('Optional') . ")
"; - echo "upload_password=your_upload_password (" . t('Optional') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is the asynchronous transfer reference and the second line the code to use in the next operation.') . '

'; - - echo '

' . t('Push data during asynchronous transfer') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?push_async
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "ref=async_reference (" . t('Required') . ")
"; - echo "data=data_chunk (" . t('Required') . ")
"; - echo "code=last_provided_code (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('Returns the next code to use.') . '

'; - - echo '

' . t('Finalize asynchronous transfer') . ':

'; - echo '

'; - echo t('Send a GET query to') . ': ' . $web_root . 'script.php?end_async
'; - echo '
'; - echo t('Parameters') . ':
'; - echo "ref=async_reference (" . t('Required') . ")
"; - echo "code=last_provided_code (" . t('Required') . ")
"; - echo '

'; - echo '

' . t('This will return brut text content.') . ' ' . - t('First line is the download reference and the second line the delete code.') . '

'; - - echo '

'; + ?> +
+

Scripting interface

+

This interface permits to script your uploads and downloads.

+

See source code of this interface to get available calls :)

+

Alternatively, go to this page to download a bash script.

+
+
+ 0 && $_FILES['file']['size'] > $cfg['maximal_upload_size'] * 1024 * 1024) { - echo "Error"; + echo 'Error 5: Your file exceeds the maximum authorized file size.'; exit; } $res = jirafeau_upload ($_FILES['file'], isset ($_POST['one_time_download']), - $key, $time, $_SERVER['REMOTE_ADDR'], + $key, $time, get_ip_address($cfg), $cfg['enable_crypt'], $cfg['link_name_length']); - + if (empty($res) || $res['error']['has_error']) { - echo "Error"; + echo 'Error 6 ' . $res['error']['why']; exit; } /* Print direct link. */ @@ -298,17 +163,17 @@ elseif (isset ($_GET['h'])) $d = ''; if (isset ($_GET['d'])) $d = $_GET['d']; - + if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name)) { - echo "Error"; + echo 'Error 7'; exit; } - + $link = jirafeau_get_link ($link_name); if (count ($link) == 0) { - echo "Error"; + echo 'Error 8'; exit; } if (strlen ($d) > 0 && $d == $link['link_code']) @@ -320,18 +185,19 @@ elseif (isset ($_GET['h'])) if ($link['time'] != JIRAFEAU_INFINITY && time () > $link['time']) { jirafeau_delete_link ($link_name); - echo "Error"; + echo 'Error 9'; exit; } if (strlen ($link['key']) > 0 && md5 ($key) != $link['key']) { - echo "Error"; + sleep (2); + echo 'Error 10'; exit; } $p = s2p ($link['md5']); if (!file_exists (VAR_FILES . $p . $link['md5'])) { - echo "Error"; + echo 'Error 11'; exit; } @@ -374,7 +240,7 @@ elseif (isset ($_GET['lang'])) ?> #!/bin/bash -# This script has been auto-generated by Jirafeau but you can still edit +# This script has been auto-generated by Jirafeau but you can still edit # options below. # Config @@ -465,8 +331,9 @@ if [ "$1" == "send" ]; then -F "file=@$2" \ $url) - if [[ "$res" == "Error" ]]; then + if [[ "$res" == Error* ]]; then echo "Error while uploading." + echo $res exit fi @@ -483,7 +350,11 @@ if [ "$1" == "send" ]; then fi cnt=$(( cnt + 1 )) done) + echo "Download link:" echo "${url}?h=$code" + echo "Direct download link:" + echo "${url}?h=$code&d=1" + echo "Delete link:" echo "${url}?h=$code&d=$del_code" elif [ "$1" == "get" ]; then if [ -z "$password" ]; then @@ -498,31 +369,113 @@ fi } else { - echo "Error"; + echo 'Error 12'; exit; } } -/* Initialize an asynchronous upload. */ -elseif (isset ($_GET['init_async'])) +/* Create alias. */ +elseif (isset ($_GET['alias_create'])) { + $ip = get_ip_address($cfg); + if (!jirafeau_challenge_upload_ip ($cfg, $ip)) + { + echo 'Error 13'; + exit; + } + if (jirafeau_has_upload_password ($cfg) && (!isset ($_POST['upload_password']) || !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) { - echo "Error"; + echo 'Error 14'; + exit; + } + + if (!isset ($_POST['alias']) || + !isset ($_POST['destination']) || + !isset ($_POST['password'])) + { + echo 'Error 15'; + exit; + } + + echo jirafeau_alias_create ($_POST['alias'], + $_POST['destination'], + $_POST['password'], + $ip); +} +/* Get alias. */ +elseif (isset ($_GET['alias_get'])) +{ + if (!isset ($_POST['alias'])) + { + echo 'Error 16'; + exit; + } + + echo jirafeau_alias_get ($_POST['alias']); +} +/* Update alias. */ +elseif (isset ($_GET['alias_update'])) +{ + if (!isset ($_POST['alias']) || + !isset ($_POST['destination']) || + !isset ($_POST['password'])) + { + echo 'Error 17'; + exit; + } + + $new_password = ''; + if (isset ($_POST['new_password'])) + $new_password = $_POST['new_password']; + + echo jirafeau_alias_update ($_POST['alias'], + $_POST['destination'], + $_POST['password'], + $new_password, + get_ip_address($cfg)); +} +/* Delete alias. */ +elseif (isset ($_GET['alias_delete'])) +{ + if (!isset ($_POST['alias']) || + !isset ($_POST['password'])) + { + echo 'Error 18'; + exit; + } + + echo jirafeau_alias_delete ($_POST['alias'], + $_POST['password']); +} +/* Initialize an asynchronous upload. */ +elseif (isset ($_GET['init_async'])) +{ + if (!jirafeau_challenge_upload_ip ($cfg, get_ip_address($cfg))) + { + echo 'Error 19'; + exit; + } + + if (jirafeau_has_upload_password ($cfg) && + (!isset ($_POST['upload_password']) || + !jirafeau_challenge_upload_password ($cfg, $_POST['upload_password']))) + { + echo 'Error 20'; exit; } if (!isset ($_POST['filename'])) { - echo "Error"; + echo 'Error 21'; exit; } $type = ''; if (isset ($_POST['type'])) $type = $_POST['type']; - + $key = ''; if (isset ($_POST['key'])) $key = $_POST['key']; @@ -530,7 +483,7 @@ elseif (isset ($_GET['init_async'])) $time = time (); if (!isset ($_POST['time']) || !$cfg['availabilities'][$_POST['time']]) { - echo "Error"; + echo 'Error 22'; exit; } else @@ -563,7 +516,7 @@ elseif (isset ($_GET['init_async'])) isset ($_POST['one_time_download']), $key, $time, - $_SERVER['REMOTE_ADDR']); + get_ip_address($cfg)); } /* Continue an asynchronous upload. */ elseif (isset ($_GET['push_async'])) @@ -571,7 +524,7 @@ elseif (isset ($_GET['push_async'])) if ((!isset ($_POST['ref'])) || (!isset ($_FILES['data'])) || (!isset ($_POST['code']))) - echo "Error"; + echo 'Error 23'; else { echo jirafeau_async_push ($_POST['ref'], @@ -585,12 +538,11 @@ elseif (isset ($_GET['end_async'])) { if (!isset ($_POST['ref']) || !isset ($_POST['code'])) - echo "Error"; + echo 'Error 24'; else echo jirafeau_async_end ($_POST['ref'], $_POST['code'], $cfg['enable_crypt'], $cfg['link_name_length']); } else - echo "Error"; + echo 'Error 25'; exit; ?> - diff --git a/sources/tos.php b/sources/tos.php index d84704d..111916d 100644 --- a/sources/tos.php +++ b/sources/tos.php @@ -1,4 +1,21 @@ . + */ + define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/'); require (JIRAFEAU_ROOT . 'lib/config.original.php'); require (JIRAFEAU_ROOT . 'lib/settings.php'); diff --git a/sources/tos_text.php b/sources/tos_text.php index 818d00b..c19c243 100644 --- a/sources/tos_text.php +++ b/sources/tos_text.php @@ -1,6 +1,6 @@ http://opensource.org/ToS + * It has been based on this work: http://opensource.org/ToS */ $tos=" TERMS OF SERVICE