add admin
This commit is contained in:
parent
48937012ca
commit
0d5609501a
@ -27,7 +27,11 @@ define ('VAR_TOKENS', $cfg ['var_root'].'tokens/');
|
|||||||
define ('VAR_TRACKS', $cfg ['var_root'].'tracks/');
|
define ('VAR_TRACKS', $cfg ['var_root'].'tracks/');
|
||||||
define ('VAR_PERIOD', $cfg ['var_root'].'period/');
|
define ('VAR_PERIOD', $cfg ['var_root'].'period/');
|
||||||
define ('VAR_FAKE', $cfg ['var_root'].'fake/');
|
define ('VAR_FAKE', $cfg ['var_root'].'fake/');
|
||||||
define ('VAR_PRIVATE', $cfg ['var_root'].'private/');
|
define ('VAR_ADMIN', $cfg ['var_root'].'admin/');
|
||||||
|
|
||||||
|
$domain="kaz.local";
|
||||||
|
if (preg_match ("%^.*//([^/]*)/?.*$%", $cfg ['web_root'], $matches))
|
||||||
|
$domain = $matches [1];
|
||||||
|
|
||||||
define ('MAX_VALID_UPLOAD_TIME', 60);
|
define ('MAX_VALID_UPLOAD_TIME', 60);
|
||||||
define ('TOKEN_USE_LIMIT', "-2 hours");
|
define ('TOKEN_USE_LIMIT', "-2 hours");
|
||||||
@ -46,7 +50,7 @@ define ('M_TOO_LONG_LOGGED', "Temps de connexion dépassé.");
|
|||||||
define ('M_EMAIL_CONTENT', "Bonjour,<br/><br/>Ceci est un message automatique, car vous venez de cliquer sur une demande de consultation de vos pièces jointes.<br/><br/>!!! Si vous n'êtes pas à l'origine de cette demande, ne cliquez sur aucun lien de ce message. !!!<br/><br/>Le lien de connexion suivant est valable 15 minutes.<br/><a href=\"___LINK___\">___LINK___</a><br/><br/>Vous pouvez signaler des abus auprès de Kaz en faisant suivre ce message qui contient les traces de son émetteur (___IP___, ___DATE___).<br/><br/>Bonne navigation.<br/>.");
|
define ('M_EMAIL_CONTENT', "Bonjour,<br/><br/>Ceci est un message automatique, car vous venez de cliquer sur une demande de consultation de vos pièces jointes.<br/><br/>!!! Si vous n'êtes pas à l'origine de cette demande, ne cliquez sur aucun lien de ce message. !!!<br/><br/>Le lien de connexion suivant est valable 15 minutes.<br/><a href=\"___LINK___\">___LINK___</a><br/><br/>Vous pouvez signaler des abus auprès de Kaz en faisant suivre ce message qui contient les traces de son émetteur (___IP___, ___DATE___).<br/><br/>Bonne navigation.<br/>.");
|
||||||
define ('M_DOWNLOAD', "Télécharger");
|
define ('M_DOWNLOAD', "Télécharger");
|
||||||
define ('M_UPDATE', "Prolonger");
|
define ('M_UPDATE', "Prolonger");
|
||||||
define ('M_EMAIL_SUBJECT', "Lien de consultation des envois de pièces jointes.");
|
define ('M_EMAIL_SUBJECT', "Lien de consultation des envois sur ".$domain.".");
|
||||||
define ('M_FILE', " fichier.");
|
define ('M_FILE', " fichier.");
|
||||||
define ('M_FILES', " fichiers.");
|
define ('M_FILES', " fichiers.");
|
||||||
define ('M_FILES_NOT_FOUND', " fichiers sont expirés.");
|
define ('M_FILES_NOT_FOUND', " fichiers sont expirés.");
|
||||||
@ -64,7 +68,7 @@ define ('M_LOGOUT', 'Deconnecter');
|
|||||||
define ('M_REFRESH', 'Actualiser');
|
define ('M_REFRESH', 'Actualiser');
|
||||||
define ('M_LOGOUT_TOKEN', "Vous n'êtes plus connecté.");
|
define ('M_LOGOUT_TOKEN', "Vous n'êtes plus connecté.");
|
||||||
define ('M_SEND_TOKEN', "<br/><p>Vous allez recevoir un <b>lien d'accès temporaire</b> à vos données.</p>");
|
define ('M_SEND_TOKEN', "<br/><p>Vous allez recevoir un <b>lien d'accès temporaire</b> à vos données.</p>");
|
||||||
define ('M_WELCOME', "<p>Informations concernant le compte : <b>___SENDER___</b><br/>(page actualisée à ___DATE___)</p>");
|
define ('M_WELCOME', "<p>Informations concernant le compte : <b>___SENDER___</b>___ADMIN___<br/>(page actualisée à ___DATE___)</p>");
|
||||||
define ('M_INCONSISTENT_DATES',
|
define ('M_INCONSISTENT_DATES',
|
||||||
" (dates incohéantes avec ___FILENAME___ : ___DIRTIME___ != ___FILETIME___)");
|
" (dates incohéantes avec ___FILENAME___ : ___DIRTIME___ != ___FILETIME___)");
|
||||||
|
|
||||||
@ -126,7 +130,7 @@ if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
|
|||||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
|
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
|
||||||
$content = false.NL;
|
$content = false.NL;
|
||||||
else
|
else
|
||||||
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
|
$content = isSenderTrack ($_REQUEST [A_RECORD]).NL;
|
||||||
header ('HTTP/1.0 200 OK');
|
header ('HTTP/1.0 200 OK');
|
||||||
header ('Content-Length: ' . strlen ($content));
|
header ('Content-Length: ' . strlen ($content));
|
||||||
header ('Content-Type: text/plain');
|
header ('Content-Type: text/plain');
|
||||||
@ -185,7 +189,7 @@ function rmSenderTrack ($sender) {
|
|||||||
if (file_exists (VAR_TRACKS.$sender))
|
if (file_exists (VAR_TRACKS.$sender))
|
||||||
unlink (VAR_TRACKS.$sender);
|
unlink (VAR_TRACKS.$sender);
|
||||||
}
|
}
|
||||||
function getSenderTrack ($sender) {
|
function isSenderTrack ($sender) {
|
||||||
return $sender && file_exists (VAR_TRACKS.$sender);
|
return $sender && file_exists (VAR_TRACKS.$sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -211,7 +215,6 @@ function getSenderPeriod ($sender) {
|
|||||||
return trim (file (VAR_PERIOD.$sender)[0]);
|
return trim (file (VAR_PERIOD.$sender)[0]);
|
||||||
return DEFAULT_PERIOD;
|
return DEFAULT_PERIOD;
|
||||||
}
|
}
|
||||||
|
|
||||||
function period2seconds ($periodName) {
|
function period2seconds ($periodName) {
|
||||||
if (!$periodName)
|
if (!$periodName)
|
||||||
return JIRAFEAU_MONTH;
|
return JIRAFEAU_MONTH;
|
||||||
@ -326,12 +329,13 @@ function readArchiveFromLines ($lines) {
|
|||||||
$archive [T_SIGN] = $matches [1];
|
$archive [T_SIGN] = $matches [1];
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
global $message;
|
|
||||||
$message .= "<p>error:".$line."</p>";
|
|
||||||
$error = true;
|
$error = true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
global $message, $admin;
|
||||||
|
if ($error && $admin)
|
||||||
|
$message .= "readArchiveFromLines <pre>".print_r ($lines, true)."</pre>";
|
||||||
return $error ? [] : $archive;
|
return $error ? [] : $archive;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -386,8 +390,9 @@ function sendEMail ($receiver, $receiver_name, $subject, $body_string){
|
|||||||
$mail->charSet = "UTF-8";
|
$mail->charSet = "UTF-8";
|
||||||
$mail->ContentType = 'text/html';
|
$mail->ContentType = 'text/html';
|
||||||
|
|
||||||
|
global $domain;
|
||||||
//Recipients (change this for every project)
|
//Recipients (change this for every project)
|
||||||
$mail->setFrom ('no-reply@kaz.local', '');
|
$mail->setFrom ('no-reply@'.$domain, '');
|
||||||
$mail->addAddress ($receiver, $receiver_name);
|
$mail->addAddress ($receiver, $receiver_name);
|
||||||
|
|
||||||
//Content
|
//Content
|
||||||
@ -419,14 +424,12 @@ function cleanToken () {
|
|||||||
unlink ($file);
|
unlink ($file);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function rmToken ($sender) {
|
function rmToken ($sender) {
|
||||||
if (!$sender)
|
if (!$sender)
|
||||||
return;
|
return;
|
||||||
if (file_exists (VAR_TOKENS.$sender))
|
if (file_exists (VAR_TOKENS.$sender))
|
||||||
unlink (VAR_TOKENS.$sender);
|
unlink (VAR_TOKENS.$sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
function setToken ($sender) {
|
function setToken ($sender) {
|
||||||
if (!$sender)
|
if (!$sender)
|
||||||
return;
|
return;
|
||||||
@ -435,13 +438,11 @@ function setToken ($sender) {
|
|||||||
return $token;
|
return $token;
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function setLoggedToken ($sender, $token) {
|
function setLoggedToken ($sender, $token) {
|
||||||
if (!$sender || !$token)
|
if (!$sender || !$token)
|
||||||
return;
|
return;
|
||||||
file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL.T_LOGGED.": ok".NL);
|
file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL.T_LOGGED.": ok".NL);
|
||||||
}
|
}
|
||||||
|
|
||||||
function getTokenVar ($sender, $varName) {
|
function getTokenVar ($sender, $varName) {
|
||||||
if (!$sender)
|
if (!$sender)
|
||||||
return;
|
return;
|
||||||
@ -452,25 +453,162 @@ function getTokenVar ($sender, $varName) {
|
|||||||
return $matches [1];
|
return $matches [1];
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function getToken ($sender) {
|
function getToken ($sender) {
|
||||||
return getTokenVar ($sender, T_TOKEN,);
|
return getTokenVar ($sender, T_TOKEN,);
|
||||||
}
|
}
|
||||||
|
|
||||||
function getCreateToken ($sender) {
|
function getCreateToken ($sender) {
|
||||||
return getTokenVar ($sender, T_CREATE);
|
return getTokenVar ($sender, T_CREATE);
|
||||||
}
|
}
|
||||||
|
|
||||||
function getLoggedToken ($sender) {
|
function getLoggedToken ($sender) {
|
||||||
return getTokenVar ($sender, T_LOGGED);
|
return getTokenVar ($sender, T_LOGGED);
|
||||||
}
|
}
|
||||||
|
|
||||||
function getTimeToken ($sender) {
|
function getTimeToken ($sender) {
|
||||||
if (!$sender || !file_exists (VAR_TOKENS.$sender))
|
if (!$sender || !file_exists (VAR_TOKENS.$sender))
|
||||||
return false;
|
return false;
|
||||||
return filemtime (VAR_TOKENS.$sender);
|
return filemtime (VAR_TOKENS.$sender);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// ========================================
|
||||||
|
function setAdmin ($sender) {
|
||||||
|
if (!$sender)
|
||||||
|
return;
|
||||||
|
if (!file_exists (VAR_ADMIN))
|
||||||
|
mkdir (VAR_ADMIN, 0755);
|
||||||
|
touch (VAR_ADMIN.$sender);
|
||||||
|
}
|
||||||
|
function rmAdmin ($sender) {
|
||||||
|
if (!$sender)
|
||||||
|
return;
|
||||||
|
if (file_exists (VAR_ADMIN.$sender))
|
||||||
|
unlink (VAR_ADMIN.$sender);
|
||||||
|
}
|
||||||
|
function isAdmin ($sender) {
|
||||||
|
return $sender && file_exists (VAR_ADMIN.$sender);
|
||||||
|
}
|
||||||
|
|
||||||
|
// ========================================
|
||||||
|
function deleteAction ($linkName) {
|
||||||
|
global $sender, $token, $message, $doLogout;
|
||||||
|
|
||||||
|
$link = jirafeau_get_link ($linkName);
|
||||||
|
//$message .= "ln: ".$linkName." l: "."<pre>".print_r ($link, 1)."</pre> mt: ".getTimeFile ($link ['hash'])."</br>";
|
||||||
|
if (!count ($link))
|
||||||
|
return;
|
||||||
|
if (isKazArchive ($link)) {
|
||||||
|
$dirName = $linkName;
|
||||||
|
$dirLink = $link;
|
||||||
|
$dirTime = $dirLink ['upload_date'];
|
||||||
|
$archiveInfo = readArchiveFromLink ($dirLink);
|
||||||
|
if (! count ($archiveInfo))
|
||||||
|
return;
|
||||||
|
if ($sender != $archiveInfo [T_SENDER]) {
|
||||||
|
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, null);
|
||||||
|
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$fileToDelete = false;
|
||||||
|
if ($archiveInfo [T_NEW])
|
||||||
|
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
|
||||||
|
$fileLink = jirafeau_get_link ($fileName);
|
||||||
|
if (! count ($fileLink))
|
||||||
|
continue;
|
||||||
|
$fileTime = $fileLink ['upload_date'];
|
||||||
|
if (! valideTime ($dirTime, $fileTime)) {
|
||||||
|
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $fileLink);
|
||||||
|
$message .= "Cet envoi a été forgée".
|
||||||
|
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||||
|
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$fileToDelete = true;
|
||||||
|
}
|
||||||
|
$message .= "l'envoi ".$archiveInfo [T_TIME]." est supprimé";
|
||||||
|
if ($fileToDelete)
|
||||||
|
$message .= " avec<ul>";
|
||||||
|
if ($archiveInfo [T_NEW])
|
||||||
|
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
|
||||||
|
$fileLink = jirafeau_get_link ($fileName);
|
||||||
|
if (! count ($fileLink))
|
||||||
|
continue;
|
||||||
|
$message .= "<li>".jirafeau_escape ($fileLink ['file_name'])."</li>";
|
||||||
|
jirafeau_delete_link ($fileName);
|
||||||
|
}
|
||||||
|
jirafeau_delete_link ($dirName);
|
||||||
|
$message .= $fileToDelete ? "</ul>" : ".";
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
$fileName = $linkName;
|
||||||
|
$fileLink = $link;
|
||||||
|
$fileTime = $fileLink ['upload_date'];
|
||||||
|
$stack = array (VAR_LINKS);
|
||||||
|
while (($d = array_shift ($stack)) && $d != null) {
|
||||||
|
if (!file_exists ($d))
|
||||||
|
continue;
|
||||||
|
$dir = scandir ($d);
|
||||||
|
foreach ($dir as $dirName) {
|
||||||
|
if (strcmp ($dirName, '.') == 0 || strcmp ($dirName, '..') == 0 ||
|
||||||
|
preg_match ('/\.tmp/i', "$dirName")) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
if (is_dir ($d . $dirName)) {
|
||||||
|
$stack [] = $d . $dirName . '/';
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
$dirLink = jirafeau_get_link ($dirName);
|
||||||
|
//$dirTime = getTimeFile ($dirLink ['hash']);
|
||||||
|
$dirTime = $dirLink ['upload_date'];
|
||||||
|
if (!count ($dirLink))
|
||||||
|
continue;
|
||||||
|
if (!isKazArchive ($dirLink))
|
||||||
|
continue;
|
||||||
|
$archiveInfo = readArchiveFromLink ($dirLink);
|
||||||
|
if (! count ($archiveInfo))
|
||||||
|
return;
|
||||||
|
if ($archiveInfo [T_NEW])
|
||||||
|
foreach ($archiveInfo [T_NEW] as [$newName, $cryptKey]) {
|
||||||
|
if ($fileName != $newName)
|
||||||
|
continue;
|
||||||
|
if ($sender == $archiveInfo [T_SENDER]) {
|
||||||
|
if (valideTime ($dirTime, $fileTime)) {
|
||||||
|
jirafeau_delete_link ($fileName);
|
||||||
|
$message .= jirafeau_escape ($fileLink ['file_name'])." est supprimé";
|
||||||
|
// check empty dir
|
||||||
|
$empty = true;
|
||||||
|
foreach ([T_OLD, T_NEW] as $cat)
|
||||||
|
if ($empty && isset ($archiveInfo [$cat]))
|
||||||
|
foreach ($archiveInfo [$cat] as [$l, $c])
|
||||||
|
if (count (jirafeau_get_link ($l))) {
|
||||||
|
$empty = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if ($empty) {
|
||||||
|
$message .= " ainsi que l'envoie ".$archiveInfo [T_TIME]." qui est vide.";
|
||||||
|
jirafeau_delete_link ($dirName);
|
||||||
|
} else
|
||||||
|
$message .= ".";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $fileLink);
|
||||||
|
$message .= "Cet envoi a été forgée. ".
|
||||||
|
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||||
|
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
if (valideTime ($dirTime, $fileTime)) {
|
||||||
|
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $fileLink);
|
||||||
|
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire.".
|
||||||
|
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
||||||
|
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $fileLink);
|
||||||
|
$message .= "Quelqu'un avétait revandiqué cet envoi. (".$sender." != ".$archiveInfo [T_SENDER].")";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// ========================================
|
// ========================================
|
||||||
if ($doUpload) {
|
if ($doUpload) {
|
||||||
$maxtime = time ()+period2seconds ($_REQUEST ['time']);
|
$maxtime = time ()+period2seconds ($_REQUEST ['time']);
|
||||||
@ -532,7 +670,7 @@ if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
|
|||||||
// XXX
|
// XXX
|
||||||
//if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER]))
|
//if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER]))
|
||||||
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER]))
|
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER]))
|
||||||
$senderError=true;
|
$senderError = true;
|
||||||
else {
|
else {
|
||||||
cleanToken ();
|
cleanToken ();
|
||||||
$sender = $_REQUEST [A_SENDER];
|
$sender = $_REQUEST [A_SENDER];
|
||||||
@ -700,8 +838,8 @@ if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGIN && $sender)
|
|||||||
// XXX test token
|
// XXX test token
|
||||||
$url = $urlBase.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
|
$url = $urlBase.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
|
||||||
$result = sendEMail ($sender, "", M_EMAIL_SUBJECT,
|
$result = sendEMail ($sender, "", M_EMAIL_SUBJECT,
|
||||||
str_replace (["___LINK___", "___IP___", "___DATE___"],
|
str_replace (["___LINK___", "___IP___", "___DATE___"],
|
||||||
[$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
|
[$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
|
||||||
if ($result)
|
if ($result)
|
||||||
echo M_SEND_TOKEN;
|
echo M_SEND_TOKEN;
|
||||||
else
|
else
|
||||||
@ -759,132 +897,12 @@ if (!getLoggedToken ($sender))
|
|||||||
else
|
else
|
||||||
touch (VAR_TOKENS.$sender);
|
touch (VAR_TOKENS.$sender);
|
||||||
|
|
||||||
function deleteAction ($linkName) {
|
|
||||||
global $sender, $token, $message, $doLogout;
|
|
||||||
|
|
||||||
$link = jirafeau_get_link ($linkName);
|
|
||||||
//$message .= "ln: ".$linkName." l: "."<pre>".print_r ($link, 1)."</pre> mt: ".getTimeFile ($link ['hash'])."</br>";
|
|
||||||
if (!count ($link))
|
|
||||||
return;
|
|
||||||
if (isKazArchive ($link)) {
|
|
||||||
$dirName = $linkName;
|
|
||||||
$dirLink = $link;
|
|
||||||
$dirTime = $dirLink ['upload_date'];
|
|
||||||
$archiveInfo = readArchiveFromLink ($dirLink);
|
|
||||||
if (! count ($archiveInfo))
|
|
||||||
return;
|
|
||||||
if ($sender != $archiveInfo [T_SENDER]) {
|
|
||||||
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, null);
|
|
||||||
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire";
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$fileToDelete = false;
|
|
||||||
if ($archiveInfo [T_NEW])
|
|
||||||
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
|
|
||||||
$fileLink = jirafeau_get_link ($fileName);
|
|
||||||
if (! count ($fileLink))
|
|
||||||
continue;
|
|
||||||
$fileTime = $fileLink ['upload_date'];
|
|
||||||
if (! valideTime ($dirTime, $fileTime)) {
|
|
||||||
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $fileLink);
|
|
||||||
$message .= "Cet envoi a été forgée".
|
|
||||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
|
||||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$fileToDelete = true;
|
|
||||||
}
|
|
||||||
$message .= "l'envoi ".$archiveInfo [T_TIME]." est supprimé";
|
|
||||||
if ($fileToDelete)
|
|
||||||
$message .= " avec<ul>";
|
|
||||||
if ($archiveInfo [T_NEW])
|
|
||||||
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
|
|
||||||
$fileLink = jirafeau_get_link ($fileName);
|
|
||||||
if (! count ($fileLink))
|
|
||||||
continue;
|
|
||||||
$message .= "<li>".jirafeau_escape ($fileLink ['file_name'])."</li>";
|
|
||||||
jirafeau_delete_link ($fileName);
|
|
||||||
}
|
|
||||||
jirafeau_delete_link ($dirName);
|
|
||||||
$message .= $fileToDelete ? "</ul>" : ".";
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
$fileName = $linkName;
|
|
||||||
$fileLink = $link;
|
|
||||||
$fileTime = $fileLink ['upload_date'];
|
|
||||||
$stack = array (VAR_LINKS);
|
|
||||||
while (($d = array_shift ($stack)) && $d != null) {
|
|
||||||
if (!file_exists ($d))
|
|
||||||
continue;
|
|
||||||
$dir = scandir ($d);
|
|
||||||
foreach ($dir as $dirName) {
|
|
||||||
if (strcmp ($dirName, '.') == 0 || strcmp ($dirName, '..') == 0 ||
|
|
||||||
preg_match ('/\.tmp/i', "$dirName")) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
if (is_dir ($d . $dirName)) {
|
|
||||||
$stack [] = $d . $dirName . '/';
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
$dirLink = jirafeau_get_link ($dirName);
|
|
||||||
//$dirTime = getTimeFile ($dirLink ['hash']);
|
|
||||||
$dirTime = $dirLink ['upload_date'];
|
|
||||||
if (!count ($dirLink))
|
|
||||||
continue;
|
|
||||||
if (!isKazArchive ($dirLink))
|
|
||||||
continue;
|
|
||||||
$archiveInfo = readArchiveFromLink ($dirLink);
|
|
||||||
if (! count ($archiveInfo))
|
|
||||||
return;
|
|
||||||
if ($archiveInfo [T_NEW])
|
|
||||||
foreach ($archiveInfo [T_NEW] as [$newName, $cryptKey]) {
|
|
||||||
if ($fileName != $newName)
|
|
||||||
continue;
|
|
||||||
if ($sender == $archiveInfo [T_SENDER]) {
|
|
||||||
if (valideTime ($dirTime, $fileTime)) {
|
|
||||||
jirafeau_delete_link ($fileName);
|
|
||||||
$message .= jirafeau_escape ($fileLink ['file_name'])." est supprimé";
|
|
||||||
// check empty dir
|
|
||||||
$empty = true;
|
|
||||||
foreach ([T_OLD, T_NEW] as $cat)
|
|
||||||
if ($empty && isset ($archiveInfo [$cat]))
|
|
||||||
foreach ($archiveInfo [$cat] as [$l, $c])
|
|
||||||
if (count (jirafeau_get_link ($l))) {
|
|
||||||
$empty = false;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if ($empty) {
|
|
||||||
$message .= " ainsi que l'envoie ".$archiveInfo [T_TIME]." qui est vide.";
|
|
||||||
jirafeau_delete_link ($dirName);
|
|
||||||
} else
|
|
||||||
$message .= ".";
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $fileLink);
|
|
||||||
$message .= "Cet envoi a été forgée. ".
|
|
||||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
|
||||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
if (valideTime ($dirTime, $fileTime)) {
|
|
||||||
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $fileLink);
|
|
||||||
$message .= "Tentative de supprimer un envoi dont vous n'êtes pas le propriétaire.".
|
|
||||||
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
|
|
||||||
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $fileLink);
|
|
||||||
$message .= "Quelqu'un avétait revandiqué cet envoi. (".$sender." != ".$archiveInfo [T_SENDER].")";
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// ========================================
|
// ========================================
|
||||||
// sender OK, token OK
|
// sender OK, token OK
|
||||||
// ========================================
|
// ========================================
|
||||||
|
|
||||||
|
$admin = isAdmin ($sender);
|
||||||
|
|
||||||
// delete
|
// delete
|
||||||
if (isset ($_REQUEST [A_DELETE])) {
|
if (isset ($_REQUEST [A_DELETE])) {
|
||||||
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $_REQUEST [A_DELETE]))
|
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $_REQUEST [A_DELETE]))
|
||||||
@ -896,7 +914,9 @@ if (isset ($_REQUEST [A_DELETE])) {
|
|||||||
if ($doLogout || (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGOUT)) {
|
if ($doLogout || (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGOUT)) {
|
||||||
rmToken ($sender);
|
rmToken ($sender);
|
||||||
require (JIRAFEAU_ROOT . 'lib/template/header.php');
|
require (JIRAFEAU_ROOT . 'lib/template/header.php');
|
||||||
echo str_replace (["___SENDER___", "___DATE___"], [$sender, jirafeau_get_datetimefield (time ())], M_WELCOME);
|
echo str_replace (["___SENDER___", "___ADMIN___", "___DATE___"],
|
||||||
|
[$sender, ($admin ? " (admin)" : ""), jirafeau_get_datetimefield (time ())],
|
||||||
|
M_WELCOME);
|
||||||
if ($message)
|
if ($message)
|
||||||
echo "<p>Info : ".$message."</p>";
|
echo "<p>Info : ".$message."</p>";
|
||||||
echo M_LOGOUT;
|
echo M_LOGOUT;
|
||||||
@ -953,7 +973,9 @@ while ( ($d = array_shift ($stack)) && $d != null) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
require (JIRAFEAU_ROOT . 'lib/template/header.php');
|
require (JIRAFEAU_ROOT . 'lib/template/header.php');
|
||||||
echo str_replace (["___SENDER___", "___DATE___"], [$sender, jirafeau_get_datetimefield (time ())], M_WELCOME);
|
echo str_replace (["___SENDER___", "___ADMIN___", "___DATE___"],
|
||||||
|
[$sender, ($admin ? " (admin)" : ""), jirafeau_get_datetimefield (time ())],
|
||||||
|
M_WELCOME);
|
||||||
if ($message)
|
if ($message)
|
||||||
echo "<p>Info : ".$message."</p>";
|
echo "<p>Info : ".$message."</p>";
|
||||||
echo '<script type="text/javascript">';
|
echo '<script type="text/javascript">';
|
||||||
@ -1010,7 +1032,7 @@ div.frame {border: 1px; border-style: solid; padding: 1em; margin: 1em;}
|
|||||||
--></style>
|
--></style>
|
||||||
<?php
|
<?php
|
||||||
$defaultChecked = [];
|
$defaultChecked = [];
|
||||||
$defaultChecked [getSenderTrack ($sender) ? "on" : "off"] = ' checked="checked"';
|
$defaultChecked [isSenderTrack ($sender) ? "on" : "off"] = ' checked="checked"';
|
||||||
$defaultChecked [getSenderPeriod ($sender)] = ' selected="selected"';
|
$defaultChecked [getSenderPeriod ($sender)] = ' selected="selected"';
|
||||||
echo
|
echo
|
||||||
'<form method="post">'.
|
'<form method="post">'.
|
||||||
|
Loading…
Reference in New Issue
Block a user