KAZ/depollueur
7
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

reduce a.php and c.php

Browse Source 
change structure
This commit is contained in:
François
2025-01-26 13:47:33 +01:00
parent 68c5fa5b86
commit 61269d6ce3
15 changed files with 1317 additions and 348 deletions
Download Patch File Download Diff File Expand all files Collapse all files

416
src/Jirafeau/lib/attach-setup.php Normal file
View File

@@ -0,0 +1,416 @@
<?php
/*
* Kaz addon (see https://git.kaz.bzh/KAZ/depollueur for information)
* commun function for a.php and c.php
* version : 2.24 (2025-01-26)
*/
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
use PHPMailer\PHPMailer\Exception;
require 'vendor/autoload.php';
define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/../');
require (JIRAFEAU_ROOT . 'lib/settings.php');
require (JIRAFEAU_ROOT . 'lib/functions.php');
require (JIRAFEAU_ROOT . 'lib/lang.php');
// ========================================
// FILES
define ('VAR_TOKENS', $cfg ['var_root'].'tokens/');
define ('VAR_MODE', $cfg ['var_root'].'mode/');
define ('VAR_TRACKS', $cfg ['var_root'].'tracks/');
define ('VAR_PERIOD', $cfg ['var_root'].'period/');
define ('VAR_LANG', $cfg ['var_root'].'lang/');
define ('VAR_FAKE', $cfg ['var_root'].'fake/');
define ('VAR_ADMIN', $cfg ['var_root'].'admin/');
define ('VAR_CONFIG', $cfg ['var_root'].'config/');
define ('VAR_CLOUD', $cfg['var_root'].'cloud/');
define ('FILE_CONFIG', VAR_CONFIG.'default.php');
$domain="kaz.local";
if (preg_match ("%^.*//([^/]*)/?.*$%", $cfg ['web_root'], $matches)) {
$domain = $matches [1];
}
if (preg_match ("%^depot\.(.*)$%", $domain, $matches)) {
$domain = $matches [1];
}
// XXX
$DEFAULT_CLOUD="https://cloud.".$domain;
$CLOUD_APP="/index.php/apps/webtransfer";
$CLOUD_SEND_ZIP="/zipDrop?subUrl=";
$CLOUD_SEND_FILE="/zipDrop?subUrl=";
#getZipFile
// ========================================
// CONSTANTES
define ('MAX_VALID_UPLOAD_TIME', 60);
define ('TOKEN_USE_LIMIT', "-2 hours");
define ('TOKEN_LOGIN_LIMIT', "-15 minutes");
define ('TOKEN_LOGOUT_LIMIT', "-8 hours");
if (!file_exists (VAR_CONFIG))
mkdir (VAR_CONFIG, 0755);
if (!file_exists (FILE_CONFIG)) {
file_put_contents (FILE_CONFIG, "<?php".NL.
"/* if error with DEFAULT_MODE, DEFAULT_PERIOD or DEFAULT_LANG then remove this file. */".NL.
"define ('DEFAULT_MODE', 'footer');".NL.
"define ('DEFAULT_PERIOD', 'month');".NL.
"define ('DEFAULT_LANG', 'fr');".NL.NL);
define ('DEFAULT_MODE', 'footer');
define ('DEFAULT_PERIOD', 'month');
define ('DEFAULT_LANG', 'fr');
} else
require (FILE_CONFIG);
// ========================================
// ERRORS
define ('E_BAD_ARCHIVE_NAME', 'Bad archive name format');
define ('E_CREATE_ZIP', "Impossible de cr&eacute;er l'archive.");
define ('E_OPEN_ZIP', "Impossible d'ouvrir l'archive.");
// ========================================
// MESSAGES
define ('M_BAD_KEY', "Mauvaise clef pour ");
define ('M_BAD_SENDER_NAME', 'Votre m&eacute;l est incorrect');
define ('M_BAD_TOKEN', "Vous n'utilisez pas le bon jeton (consultez votre messagerie).");
define ('M_TOO_LONG_BEFORE_LOGGED', "Jeton de connexion trop ancien.");
define ('M_TOO_LONG_LOGGED', "Temps de connexion d&eacute;pass&eacute;.");
define ('M_EMAIL_CONTENT', "Bonjour,<br/><br/>Ceci est un message automatique, car vous venez de cliquer sur une demande de consultation de vos pi&egrave;ces jointes.<br/><br/>!!! Si vous n'&ecirc;tes pas &agrave; l'origine de cette demande, ne cliquez sur aucun lien de ce message. !!!<br/><br/>Le lien de connexion suivant est valable 15 minutes.<br/><a href=\"___LINK___\">___LINK___</a><br/><br/>Vous pouvez signaler des abus aupr&egrave;s de Kaz en faisant suivre ce message qui contient les traces de son &eacute;metteur (___IP___, ___DATE___).<br/><br/>Bonne navigation.<br/>.");
define ('M_DOWNLOAD', "T&eacute;l&eacute;charger");
define ('M_UPDATE', "Prolonger");
define ('M_EMAIL_SUBJECT', "Lien de consultation des envois sur ".$domain.".");
define ('M_FILE', " fichier.");
define ('M_FILES', " fichiers.");
define ('M_FILES_NOT_FOUND', " fichiers sont expirés.");
define ('M_FILES_RENAMED', " fichiers renommés.");
define ('M_FILE_NOT_FOUND', " fichier est expiré.");
define ('M_FILE_RENAMED', " fichier renommé.");
define ('M_MEL', "votre m&eacute;l");
define ('M_NO_FILENAME', 'SansNom');
define ('M_NO_SENDER', 'kaz-');
define ('M_NEW_ATTACHEMENT_DIRNAME', "nouveau");
define ('M_OLD_ATTACHEMENT_DIRNAME', "ancien");
define ('M_SEND', "Connexion");
define ('M_LOGOUT', 'Deconnecter');
define ('M_REFRESH', 'Actualiser');
define ('M_OPEN_PROFILE', "Cette liste d'espace de stockage est personnelle. Penser à vous retirer si vous n'êtes pas ");
define ('M_CLOSE_PROFILE', "Votre profile est referm&eacute;.");
define ('M_LOGOUT_TOKEN', "Vous n'&ecirc;tes plus connect&eacute;.");
define ('M_TIMEOUT_TOKEN', "Votre session est expir&eacute;e.");
define ('M_SEND_TOKEN', "<br/><p>Vous allez recevoir un <b>lien d'acc&egrave;s temporaire</b> &agrave; vos donn&eacute;es.</p>");
define ('M_WELCOME', "<p>Informations concernant le compte : <b>___SENDER___</b>___ADMIN___<br/>(page actualis&eacute;e &agrave; ___DATE___)</p>");
define ('M_INCONSISTENT_DATES',
" (dates incoh&eacute;antes avec ___FILENAME___ : ___DIRTIME___ != ___FILETIME___)");
define ('M_LOGIN_CONFIG', "<p>Pour personnaliser vos envoie de pièce jointes, indiquez votre mél. Vous recevrez un lien de connexion sécurisé.</p>");
define ('M_LOGIN_PROFILE', "<p>Pour personnaliser la liste de vos espaces de stockage, ou retrouver les votres, indiquez votre mél. Vous recevrez un lien de connexion sécurisé.</p>");
define ('M_LOGOUT_PROFILE', "Quand vous avez fini la personnalisation, pensez à vous déconnecter.");
define ('M_URL_ADDED', "<p>Le lien vient d'être ajouté</p>");
define ('M_LIST_URL', "Choisisez un nuage pour stoker vos pièces jointes");
define ('M_NEW_URL', "Ou saisissez en un nouveau");
define ('M_CUSTOM_URL', "Personalisez la liste de vos espaces de stockage de pièces jointes.");
// ========================================
// PARAMETERS
define ('A_ACTION', 'a'); // action : T_LOGIN, T_LOGOUT, A_MODE(none|footer|attachment|both), A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter|semester), A_LANG(fr|en|br)
define ('A_OPEN_TOKEN', 'o'); // ask token
define ('A_TOKEN', 't'); // session token
define ('A_UPDATE', 'u'); // update perriod for file or archive
define ('A_MODE', 'm'); // get mode status
define ('A_RECORD', 'r'); // get track status
define ('A_PERIOD', 'p'); // get period status
define ('A_LANG', 'l'); // get lang status
define ('A_DELETE', 'd'); // delete file ou archive + (sender+token)
define ('A_SENDER', 's'); // session sender
define ('A_GET', 'g'); // get archive
define ('A_HASH', 'h'); // file to update or delete
define ('A_KEY', 'k'); // keyfile to update or delete
define ('A_NAME', "name");
define ('A_URL', "url");
// ========================================
// TOKENS
define ('T_BAD_PASW', 'bad_psw');
define ('T_CRYPTED', 'crypted');
define ('T_CRYPT_KEY', 'crypt_key');
define ('T_ENTRIES', 'entries');
define ('T_FILENAME', 'file_name');
define ('T_HASH', 'hash');
define ('T_NEW', 'new');
define ('T_SIGN', 'sign');
define ('T_NOT_FOUND', 'not_found');
define ('T_OLD', 'old');
define ('T_RENAME', 'rename');
define ('T_FORGETME', 'forget_me');
define ('T_LOGIN', 'login');
define ('T_LOGOUT', 'logout');
define ('T_PROFILE', 'profile');
define ('T_SENDER', 'sender');
define ('T_TIME', 'time');
define ('T_ID', 'id');
define ('T_WARNING_FILENAME', "-Avertissement.txt");
define ('T_ZIP_EXT', ".zip");
define ('T_ARCHIVE_TITLE', "archive_content");
define ('T_ARCHIVE_MIME', "text/kaz_email_archive");
define ('T_TOKEN', "token");
define ('T_CREATE', "create");
define ('T_LOGGED', "logged");
define ('T_ADD_URL', "add_url");
define ('T_DEL_URL', "del_url");
define ('T_UP_URL', "up_url");
define ('T_DOWN_URL', "down_url");
define ('T_URLS', "urls");
define ('L_ADD_URL', "&#9989;");
define ('L_DEL_URL', "&#x274C;");
define ('L_UP_URL', "&#x2191;");
define ('L_DOWN_URL', "&#x2193;");
/* Operations may take a long time.
* Be sure PHP's safe mode is off.
*/
// @set_time_limit (0);
/* Remove errors. */
// @error_reporting (0);
require (JIRAFEAU_ROOT . 'lib/template/page.php');
// ========================================
/**
* Supprime les autorisations de modification de profile de plus de 2 heures.
*/
function cleanToken () {
if (!file_exists (VAR_TOKENS))
mkdir (VAR_TOKENS, 0755);
$d = dir (VAR_TOKENS);
$oldest = strtotime (TOKEN_USE_LIMIT);
foreach (glob (VAR_TOKENS."*") as $file) {
if (file_exists ($file) && filemtime ($file) <= $oldest)
unlink ($file);
}
}
/**
* Supprime une autorisation spécifique (déconnexion)
*/
function rmToken ($sender) {
if (!$sender)
return;
if (file_exists (VAR_TOKENS.$sender))
unlink (VAR_TOKENS.$sender);
}
function setToken ($sender) {
if (!$sender)
return;
$token = md5 (rand ());
if (file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL))
return $token;
return false;
}
function setLoggedToken ($sender, $token) {
if (!$sender || !$token)
return;
file_put_contents (VAR_TOKENS.$sender, T_CREATE.": ".time ().NL.T_TOKEN.": ".$token.NL.T_LOGGED.": ok".NL);
}
/**
* Récupère une variable spécifique d'un token.
*
* @param string $sender Nom du token.
* @param string $varName Nom de la variable.
* @return string|false La valeur ou false.
*/
function getTokenVar ($sender, $varName) {
if (!$sender)
return;
if (!file_exists (VAR_TOKENS.$sender))
return false;
$content = file_get_contents (VAR_TOKENS.$sender);
if (preg_match ("/\b".$varName.":\s*([^\s]+)\n/", $content, $matches))
return $matches [1];
return false;
}
function getToken ($sender) {
return getTokenVar ($sender, T_TOKEN);
}
function getCreateToken ($sender) {
return getTokenVar ($sender, T_CREATE);
}
function getLoggedToken ($sender) {
return getTokenVar ($sender, T_LOGGED);
}
function getTimeToken ($sender) {
if (!$sender || !file_exists (VAR_TOKENS.$sender))
return false;
return filemtime (VAR_TOKENS.$sender);
}
// ========================================
/**
* Outils en cas de fraude
*/
function setSenderFake ($error, $sender, $owner, $dirLink, $fileLink) {
global $doLogout;
if (!file_exists (VAR_FAKE))
mkdir (VAR_FAKE, 0755);
$dirTime = $fileTime = $fileName = $fileType = $ip = '';
if (count ($dirLink) != 0) {
$dirTime = $dirLink ['upload_date'].date (" Y-m-d H:i:s", $dirLink ['upload_date']);
$ip = $dirLink ['ip'];
}
if (!$sender)
return;
if (count ($fileLink) != 0) {
$fileTime = $fileLink ['upload_date'].date (" Y-m-d H:i:s", $fileLink ['upload_date']);
$fileName = $link ['file_name'];
$fileType = $link ['mime_type'];
}
$content =
"time : ".time ().NL.
"date : ".date ("Y-m-d H:i:s").NL.
"error : ".$error.NL.
"sender : <".$sender.">".NL.
"owner : <".$owner.">".NL.
"dirLink : <".$dirLink.">".NL.
"dirTime : ".$dirTime.NL.
"dirIp : ".$ip.NL.
"fileTime: ".$fileTime.NL.
"fileType: <".$fileType.">".NL.
"fileName: <".$fileName.">".NL;
$log = $ip.$sender;
if ($log)
file_put_contents (VAR_FAKE.$log, $content);
// $doLogout = true;
// rmToken ($sender);
}
function getSenderFake ($sender) {
return false;
// return $sender && file_exists (VAR_FAKE.$sender);
}
// ========================================
/**
* Envoie un e-mail via PHPMailer.
*
* @param string $receiver Destinataire.
* @param string $receiver_name Nom du destinataire.
* @param string $subject Sujet de l'e-mail.
* @param string $body_string Corps de l'e-mail.
* @return bool Succes de l'envoi.
*/
function sendEMail ($receiver, $receiver_name, $subject, $body_string){
try {
// SERVER SETTINGS
$mail = new PHPMailer (true);
$mail->isSMTP ();
$mail->Host = 'smtp';
$mail->SMTPAuth = false;
$mail->SMTPAutoTLS = false;
$mail->SMTPSecure = "none";
$mail->Port = 25;
$mail->charSet = "UTF-8";
$mail->ContentType = 'text/html';
global $domain;
//Recipients (change this for every project)
$mail->setFrom ('no-reply@'.$domain, '');
$mail->addAddress ($receiver, $receiver_name);
//Content
$mail->isHTML (true);
$mail->Subject = $subject;
$mail->Body = $body_string;
//send the message, check for errors
if (!$mail->send ()) {
//echo 'Mailer Error: ' . $mail->ErrorInfo;
return 0;
} else {
//echo 'Message sent!';
return 1;
}
} catch (Exception $e) {
return 0;
}
}
// ========================================
// setup
$message = '';
$sender = '';
$senderError = false;
if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_SENDER]))
$senderError = true;
else {
cleanToken ();
$sender = filter_var ($_REQUEST [A_SENDER], FILTER_VALIDATE_EMAIL);
}
}
$token = '';
if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
if (!preg_match ("/^([0-9a-zA-Z_-]+)$/", $_REQUEST [A_TOKEN]))
return false;
$token = $_REQUEST [A_TOKEN];
}
$refToken = getToken ($sender);
$urlBase = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGIN && $sender) {
displayHeadPage ("Erreur");
if (getSenderFake ($sender))
echo "Ce compte ne peut plus se connecter. Veuillez contacter les administrateurs.";
else {
$token = setToken ($sender);
// XXX test token
$url = $urlBase.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
if (isset ($_REQUEST [A_GET]))
$url .= "&".A_GET."=".$_REQUEST [A_GET];
if (isset ($_REQUEST [A_HASH]))
$url .= "&".A_HASH."=".$_REQUEST [A_HASH];
$result = sendEMail ($sender, "", M_EMAIL_SUBJECT,
str_replace (["___LINK___", "___IP___", "___DATE___"],
[$url, $_SERVER ['HTTP_X_REAL_IP'], date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
if ($result)
echo M_SEND_TOKEN;
else
echo
"Erreur dans l'envoi. V&eacute;ritiez votre m&eacute;l.";
}
echo "<br/><br/><br/>";
displayFootPage ();
exit;
}
function getHiddenToken () {
global $sender, $token;
return
' <input type="hidden" name="'.A_SENDER.'" value="'.$sender.'">'.NL.
' <input type="hidden" name="'.A_TOKEN.'" value="'.$token.'">'.NL;
}
function getHiddenLink () {
$result = '';
if (isset ($_REQUEST [A_GET]))
$result .=
' <input type="hidden" name="'.A_GET.'" value="'.htmlspecialchars ($_REQUEST [A_GET]).'" />'.NL;
if (isset ($_REQUEST [A_HASH]))
$result .=
' <input type="hidden" name="'.A_HASH.'" value="'.htmlspecialchars ($_REQUEST [A_HASH]).'" />'.NL;
return $result;
if (isset ($_REQUEST [A_KEY]))
$result .=
' <input type="hidden" name="'.A_KEY.'" value="'.htmlspecialchars ($_REQUEST [A_KEY]).'" />'.NL;
}

41
src/Jirafeau/lib/attach.js Normal file
View File

@@ -0,0 +1,41 @@
const toggleTheme = document.getElementById('toggle-theme');
const body = document.body;
toggleTheme.addEventListener('change', () => {
if (toggleTheme.checked) {
body.classList.remove('light-theme');
body.classList.add('dark-theme');
} else {
body.classList.remove('dark-theme');
body.classList.add('light-theme');
}
document.cookie = "theme=" + (toggleTheme.checked ? "dark-theme" : "light-theme") + "; path=/; max-age=" + (60 * 60 * 24 * 30);
});
function forwardQuerry (form, query) {
try {
var urlBase = new URL (form ["url"].value);
// XXX test host non vide
url = urlBase+query;
var link = document.createElement ('a');
link.href = url;
document.body.appendChild (link);
link.click ();
} catch (_) {
alert ("url incorrecte");
return false;
}
}
function actionUrl (button, check, name, value) {
if (check && ! confirm("Êtes-vous sûr de vouloir supprimer ?"))
return;
form = button.parentElement;
input = document.createElement ('input');
input.setAttribute ('name', name);
input.setAttribute ('value', value);
input.setAttribute ('type', 'hidden');
form.appendChild(input);
form.submit ();
}

201
src/Jirafeau/lib/config.original.php Normal file
View File

@@ -0,0 +1,201 @@
<?php
/*
* Jirafeau, your web file repository
* Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
* Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/**
* Default configuration
*
* To overwrite these settings copy the file,
* rename it to »config.local.php« and adapt the parameters.
**/
/* URL of installation, with traling slash (eg. »https://exmaple.com/jirafeau/«)
*/
$cfg['web_root'] = '';
/* Path to data directory, with trailing slash (eg. »/var/www/data/var_314159265358979323846264«
*/
$cfg['var_root'] = '';
/* Language - choice between 'auto' or any language located in the /lib/locales/ folder.
* The mode »auto« will cause the script to detect the user's browser information
* and offer a matching language, and use »en« if it is not available.
* Forcing to a specific lang lightly reduce lang computation.
*/
$cfg['lang'] = 'auto';
/* Select a theme - see media folder for available themes
*/
$cfg['style'] = 'courgette';
/* Name the organisation running this installation, eg. 'ACME'
*/
$cfg['organisation'] = 'ACME';
/* Provide a contact person for this installation, eg. 'John Doe <doe@example.com>'
*/
$cfg['contactperson'] = '';
/* Give the installation a title, eg. 'Datahub' or 'John Doe Filehost'
*/
$cfg['title'] = '';
/* Propose a preview link if file type is previewable
*/
$cfg['preview'] = true;
/* Enable the encryption feature
* By enabling it, file-level deduplication won't work anymore. See FAQ.
*/
$cfg['enable_crypt'] = false;
/* Length of link reference
*/
$cfg['link_name_length'] = 8;
/* Upload password(s).
* An empty array will disable the password authentification.
* $cfg['upload_password'] = array(); // No password
* $cfg['upload_password'] = array('psw1'); // One password
* $cfg['upload_password'] = array('psw1', 'psw2'); // Two passwords
*/
$cfg['upload_password'] = array();
/* List of IP allowed to upload a file.
* If the list is empty, then there is no upload restriction based on IP.
* Elements of the list can be a single IP (e.g. "123.45.67.89") or
* an IP range (e.g. "123.45.0.0/16").
* Note that CIDR notation is available for IPv4 only for the moment.
*/
$cfg['upload_ip'] = array();
/* List of IP allowed to upload a file without password.
* Elements of the list can be a single IP (e.g. "123.45.67.89") or
* an IP range (e.g. "123.45.0.0/16").
* Note that CIDR notation is available for IPv4 only for the moment.
*/
$cfg['upload_ip_nopassword'] = array();
/* Password for the admin interface.
* An empty password will disable the password authentification.
* The password is a sha256 hash of the original version.
*/
$cfg['admin_password'] = '';
/* If set, let the user be authenticated as administrator.
* The user provided here is the user authenticated by HTTP authentication.
* Note that Jirafeau does not manage the HTTP login part, it just checks
* that the provided user is logged in.
* If »admin_password« parameter is set, then the »admin_password« is ignored.
*/
$cfg['admin_http_auth_user'] = '';
/* Allow user to select different options for file expiration time.
* Possible values in array:
* 'minute': file is available for one minute
* 'hour': file available for one hour
* 'day': file available for one day
* 'week': file available for one week
* 'month': file is available for one month
* 'quarter': file is available for three months
* 'semester': file is available for six months
* 'year': file available for one year
* 'none': unlimited availability
*/
$cfg['availabilities'] = array(
'minute' => true,
'hour' => true,
'day' => true,
'week' => true,
'month' => true,
'quarter' => true,
'semester' => true,
'year' => false,
'none' => false
);
/* Set a default value for the expiration time.
* The value has to equal one of the enabled options in »availabilities«, e.g. »month«.
*/
$cfg['availability_default'] = 'month';
/* Give the uploading user the option to have the file
* deleted after the first download.
*/
$cfg['one_time_download'] = true;
/* Set maximal upload size expressed in MB.
* »0« means unlimited upload size.
*/
$cfg['maximal_upload_size'] = 0;
/* Proxy IP
* If the installation is behind some reverse proxies, it is possible to set
* the allowed proxy IP.
* $cfg['proxy_ip'] = array('12.34.56.78');
* Jirafeau will then get a visitor's IP from HTTP_X_FORWARDED_FOR
* instead of REMOTE_ADDR.
*/
$cfg['proxy_ip'] = array();
/* File hash
* In order to make file deduplication work, files can be hashed through different methods.
* By default, files are hashed through md5 but other methods are available.
*
* Possible values are 'md5', 'md5_outside' and 'random'.
*
* With 'md5' option, the whole file is hashed through md5. This is the default.
* With 'md5_outside', hash is computed using:
* - md5 of the first part of the file,
* - md5 of the last part of the file and
* - file's size.
* This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken.
* With 'random' option, file hash is set to a random value and file deduplication cannot work anymore but it is fast and safe.
*/
$cfg['file_hash'] = 'md5';
/* Work around that LiteSpeed truncates large files when downloading.
* Only for use with the LiteSpeed web server!
* An internal redirect is made using X-LiteSpeed-Location instead
* of streaming the file from PHP.
* Limitations:
* - The Jirafeau files folder has to be placed under the document root and should be
* protected from unauthorized access using rewrite rules.
* See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access
* - Incompatible with server side encryption.
* - Incompatible with one time download.
*/
$cfg['litespeed_workaround'] = false;
/* Store uploader's IP along with 'link' file.
* Depending of your legislation, you may have to adjust this parameter.
*/
$cfg['store_uploader_ip'] = true;
/* Required flag to test if the installation is already installed
* or needs to start the installation script
*/
$cfg['installation_done'] = false;
/* Enable this debug flag to allow eventual PHP error reporting.
* This is disabled by default permission misconfiguration might generate warnings or errors.
* Those warnings can break Jirafeau and also show path to var- folder in debug messages.
* var- folder should kept secret and accessing it may lead to data leak if unprotected.
*/
$cfg['debug'] = false;

791
src/Jirafeau/lib/functions.js.php Normal file
View File

@@ -0,0 +1,791 @@
<?php
/*
* Jirafeau, your web file repository
* Copyright (C) 2015 Jerome Jutteau <jerome@jutteau.fr>
* Copyright (C) 2015 Nicola Spanti (RyDroid) <dev@nicola-spanti.info>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
header('Content-Type: text/javascript');
define('JIRAFEAU_ROOT', dirname(__FILE__) . '/../');
require(JIRAFEAU_ROOT . 'lib/settings.php');
require(JIRAFEAU_ROOT . 'lib/functions.php');
require(JIRAFEAU_ROOT . 'lib/lang.php');
?>
// @license magnet:?xt=urn:btih:0b31508aeb0634b347b8270c7bee4d411b5d4109&dn=agpl-3.0.txt AGPL-v3-or-Later
var web_root = "<?php echo $cfg['web_root']; ?>";
var lang_array = <?php echo json_lang_generator(null); ?>;
var lang_array_fallback = <?php echo json_lang_generator("en"); ?>;
function translate (expr) {
if (lang_array.hasOwnProperty(expr)) {
var e = lang_array[expr];
if (!isEmpty(e))
return e;
}
if (lang_array_fallback.hasOwnProperty(expr)) {
var e = lang_array_fallback[expr];
if (!isEmpty(e))
return e;
}
return "FIXME: " + expr;
}
function isEmpty(str) {
return (!str || 0 === str.length);
}
// Extend date object with format method
Date.prototype.format = function(format) {
format = format || 'YYYY-MM-DD hh:mm';
var zeropad = function(number, length) {
number = number.toString();
length = length || 2;
while(number.length < length)
number = '0' + number;
return number;
},
formats = {
YYYY: this.getFullYear(),
MM: zeropad(this.getMonth() + 1),
DD: zeropad(this.getDate()),
hh: zeropad(this.getHours()),
mm: zeropad(this.getMinutes()),
O: (function() {
localDate = new Date;
sign = (localDate.getTimezoneOffset() > 0) ? '-' : '+';
offset = Math.abs(localDate.getTimezoneOffset());
hours = zeropad(Math.floor(offset / 60));
minutes = zeropad(offset % 60);
return sign + hours + ":" + minutes;
})()
},
pattern = '(' + Object.keys(formats).join(')|(') + ')';
return format.replace(new RegExp(pattern, 'g'), function(match) {
return formats[match];
});
};
function dateFromUtcString(datestring) {
// matches »YYYY-MM-DD hh:mm«
var m = datestring.match(/(\d+)-(\d+)-(\d+)\s+(\d+):(\d+)/);
return new Date(Date.UTC(+m[1], +m[2] - 1, +m[3], +m[4], +m[5], 0));
}
function dateFromUtcTimestamp(datetimestamp) {
return new Date(parseInt(datetimestamp) * 1000)
}
function dateToUtcString(datelocal) {
return new Date(
datelocal.getUTCFullYear(),
datelocal.getUTCMonth(),
datelocal.getUTCDate(),
datelocal.getUTCHours(),
datelocal.getUTCMinutes(),
datelocal.getUTCSeconds()
).format();
}
function dateToUtcTimestamp(datelocal) {
return (Date.UTC(
datelocal.getUTCFullYear(),
datelocal.getUTCMonth(),
datelocal.getUTCDate(),
datelocal.getUTCHours(),
datelocal.getUTCMinutes(),
datelocal.getUTCSeconds()
) / 1000);
}
function convertAllDatetimeFields() {
datefields = document.getElementsByClassName('datetime')
for(var i=0; i<datefields.length; i++) {
dateUTC = datefields[i].getAttribute('data-datetime');
datefields[i].setAttribute('title', dateUTC + ' (GMT)');
datefields[i].innerHTML = dateFromUtcString(dateUTC).format('YYYY-MM-DD hh:mm (GMT O)');
}
}
function show_link (reference, delete_code, crypt_key, date)
{
// Upload finished
document.getElementById('uploading').style.display = 'none';
document.getElementById('upload').style.display = 'none';
document.getElementById('upload_finished').style.display = '';
document.title = "100% - <?php echo empty($cfg['title']) ? 'Jirafeau' : $cfg['title']; ?>";
// Download page
var download_link_href = 'f.php?h=' + reference;
if (crypt_key.length > 0)
{
download_link_href += '&k=' + crypt_key;
}
if (!!document.getElementById('upload_finished_download_page'))
{
document.getElementById('upload_link').href = download_link_href;
document.getElementById('upload_link_text').innerHTML = web_root + download_link_href;
}
// Email link
var filename = document.getElementById('file_select').files[0].name;
var b = encodeURIComponent("<?php echo t("DL"); ?> \"" + filename + "\":") + "%0D" + "%0A";
b += encodeURIComponent(web_root + download_link_href) + "%0D" + "%0A";
if (false == isEmpty(date))
{
b += "%0D" + "%0A" + encodeURIComponent("<?php echo t("VALID_UNTIL"); ?>: " + date.format('YYYY-MM-DD hh:mm (GMT O)')) + "%0D" + "%0A";
document.getElementById('upload_link_email').href = "mailto:?body=" + b + "&subject=" + encodeURIComponent(filename);
}
// Delete link
var delete_link_href = 'f.php?h=' + reference + '&d=' + delete_code;
document.getElementById('delete_link').href = delete_link_href;
document.getElementById('delete_link_text').innerHTML = web_root + delete_link_href;
// Validity date
if (isEmpty(date))
{
document.getElementById('date').style.display = 'none';
}
else {
document.getElementById('date').innerHTML = '<span class="datetime" title="'
+ dateToUtcString(date) + ' (GMT)">'
+ date.format('YYYY-MM-DD hh:mm (GMT O)')
+ '</span>';
document.getElementById('date').style.display = '';
}
// Preview link (if allowed)
if (!!document.getElementById('preview_link'))
{
document.getElementById('upload_finished_preview').style.display = 'none';
var preview_link_href = 'f.php?h=' + reference + '&p=1';
if (crypt_key.length > 0)
{
preview_link_href += '&k=' + crypt_key;
}
// Test if content can be previewed
type = document.getElementById('file_select').files[0].type;
if (type.indexOf("image") > -1 ||
type.indexOf("audio") > -1 ||
type.indexOf("text") > -1 ||
type.indexOf("video") > -1)
{
document.getElementById('preview_link').href = preview_link_href;
document.getElementById('preview_link_text').innerHTML = web_root + preview_link_href;
document.getElementById('upload_finished_preview').style.display = '';
}
}
// Direct download link
var direct_download_link_href = 'f.php?h=' + reference + '&d=1';
if (crypt_key.length > 0)
{
direct_download_link_href += '&k=' + crypt_key;
}
document.getElementById('direct_link').href = direct_download_link_href;
document.getElementById('direct_link_text').innerHTML = web_root + direct_download_link_href;
// Hide preview and direct download link if password is set
if (document.getElementById('input_key').value.length > 0)
{
if (!!document.getElementById('preview_link'))
document.getElementById('upload_finished_preview').style.display = 'none';
document.getElementById('upload_direct_download').style.display = 'none';
}
}
function show_upload_progression (percentage, speed, time_left)
{
document.getElementById('uploaded_percentage').innerHTML = percentage;
document.getElementById('uploaded_speed').innerHTML = speed;
document.getElementById('uploaded_time').innerHTML = time_left;
document.title = percentage + " - <?php echo empty($cfg['title']) ? 'Jirafeau' : $cfg['title']; ?>";
}
function hide_upload_progression ()
{
document.getElementById('uploaded_percentage').style.display = 'none';
document.getElementById('uploaded_speed').style.display = 'none';
document.getElementById('uploaded_time').style.display = 'none';
document.title = "<?php echo empty($cfg['title']) ? 'Jirafeau' : $cfg['title']; ?>";
}
function upload_progress (e)
{
if (e == undefined || e == null || !e.lengthComputable)
return;
// Init time estimation if needed
if (upload_time_estimation_total_size == 0)
upload_time_estimation_total_size = e.total;
// Compute percentage
var p = Math.round (e.loaded * 100 / e.total);
var p_str = ' ';
if (p != 100)
p_str = p.toString() + '%';
// Update estimation speed
upload_time_estimation_add(e.loaded);
// Get speed string
var speed_str = upload_time_estimation_speed_string();
speed_str = upload_speed_refresh_limiter(speed_str);
// Get time string
var time_str = chrono_update(upload_time_estimation_time());
show_upload_progression (p_str, speed_str, time_str);
}
function control_selected_file_size(max_size, error_str)
{
f_size = document.getElementById('file_select').files[0].size;
if (max_size > 0 && f_size > max_size * 1024 * 1024)
{
pop_failure(error_str);
document.getElementById('send').style.display = 'none';
}
else
{
// add class to restyle upload form in next step
document.getElementById('upload').setAttribute('class', 'file-selected');
// display options
document.getElementById('options').style.display = 'block';
document.getElementById('send').style.display = 'block';
document.getElementById('error_pop').style.display = 'none';
document.getElementById('send').focus();
}
}
function XHRErrorHandler(e)
{
var text = "${e.type}: ${e.loaded} bytes transferred"
console.log(text)
}
function pop_failure (e)
{
var text = "<p>An error occured";
if (typeof e !== 'undefined')
text += ": " + e;
text += "</p>";
document.getElementById('error_pop').innerHTML = e;
document.getElementById('uploading').style.display = 'none';
document.getElementById('error_pop').style.display = '';
document.getElementById('upload').style.display = '';
document.getElementById('send').style.display = '';
}
function add_time_string_to_date(d, time)
{
if(typeof(d) != 'object' || !(d instanceof Date))
{
return false;
}
if (time == 'minute')
{
d.setSeconds (d.getSeconds() + 60);
return true;
}
if (time == 'hour')
{
d.setSeconds (d.getSeconds() + 3600);
return true;
}
if (time == 'day')
{
d.setSeconds (d.getSeconds() + 86400);
return true;
}
if (time == 'week')
{
d.setSeconds (d.getSeconds() + 604800);
return true;
}
if (time == 'month')
{
d.setSeconds (d.getSeconds() + 2592000);
return true;
}
if (time == 'quarter')
{
d.setSeconds (d.getSeconds() + 7776000);
return true;
}
if (time == 'semester')
{
d.setSeconds (d.getSeconds() + 110678400);
return true;
}
if (time == 'year')
{
d.setSeconds (d.getSeconds() + 31536000);
return true;
}
return false;
}
function classic_upload (file, time, password, one_time, upload_password)
{
// Delay time estimation init as we can't have file size
upload_time_estimation_init(0);
var req = new XMLHttpRequest ();
req.upload.addEventListener ("progress", upload_progress, false);
req.addEventListener ("error", XHRErrorHandler, false);
req.addEventListener ("abort", XHRErrorHandler, false);
req.onreadystatechange = function ()
{
if (req.readyState == 4 && req.status == 200)
{
var res = req.responseText;
// if response starts with "Error" then show a failure
if (/^Error/.test(res))
{
pop_failure (res);
return;
}
res = res.split ("\n");
var expiryDate = '';
if (time != 'none')
{
// convert time (local time + selected expiry date)
var localDatetime = new Date();
if(!add_time_string_to_date(localDatetime, time))
{
pop_failure ('Error: Date can not be parsed');
return;
}
expiryDate = localDatetime;
}
show_link (res[0], res[1], res[2], expiryDate);
}
else
{
pop_failure ("<?php echo t("ERR_OCC"); ?>");
}
}
req.open ("POST", 'script.php' , true);
var form = new FormData();
form.append ("file", file);
if (time)
form.append ("time", time);
if (password)
form.append ("key", password);
if (one_time)
form.append ("one_time_download", '1');
if (upload_password.length > 0)
form.append ("upload_password", upload_password);
req.send (form);
}
function check_html5_file_api ()
{
return window.File && window.FileReader && window.FileList && window.Blob;
}
var async_global_transfered = 0;
var async_global_file;
var async_global_ref = '';
var async_global_max_size = 0;
var async_global_time;
var async_global_transfering = 0;
var async_global_last_code;
function async_upload_start (max_size, file, time, password, one_time, upload_password)
{
async_global_transfered = 0;
async_global_file = file;
async_global_max_size = max_size;
async_global_time = time;
var req = new XMLHttpRequest ();
req.addEventListener ("error", XHRErrorHandler, false);
req.addEventListener ("abort", XHRErrorHandler, false);
req.onreadystatechange = function ()
{
if (req.readyState == 4 && req.status == 200)
{
var res = req.responseText;
if (/^Error/.test(res))
{
pop_failure (res);
return;
}
res = res.split ("\n");
async_global_ref = res[0];
var code = res[1];
async_upload_push (code);
}
}
req.open ("POST", 'script.php?init_async' , true);
var form = new FormData();
form.append ("filename", async_global_file.name);
form.append ("type", async_global_file.type);
if (time)
form.append ("time", time);
if (password)
form.append ("key", password);
if (one_time)
form.append ("one_time_download", '1');
if (upload_password.length > 0)
form.append ("upload_password", upload_password);
// Start time estimation
upload_time_estimation_init(async_global_file.size);
req.send (form);
}
function async_upload_progress (e)
{
if (e == undefined || e == null || !e.lengthComputable && async_global_file.size != 0)
return;
// Compute percentage
var p = Math.round ((e.loaded + async_global_transfered) * 100 / (async_global_file.size));
var p_str = ' ';
if (p != 100)
p_str = p.toString() + '%';
// Update estimation speed
upload_time_estimation_add(e.loaded + async_global_transfered);
// Get speed string
var speed_str = upload_time_estimation_speed_string();
speed_str = upload_speed_refresh_limiter(speed_str);
// Get time string
var time_str = chrono_update(upload_time_estimation_time());
show_upload_progression (p_str, speed_str, time_str);
}
function async_upload_push (code)
{
async_global_last_code = code;
if (async_global_transfered == async_global_file.size)
{
hide_upload_progression ();
async_upload_end (code);
return;
}
var req = new XMLHttpRequest ();
req.upload.addEventListener ("progress", async_upload_progress, false);
req.addEventListener ("error", XHRErrorHandler, false);
req.addEventListener ("abort", XHRErrorHandler, false);
req.onreadystatechange = function ()
{
if (req.readyState == 4)
{
if (req.status == 200)
{
var res = req.responseText;
// This error may be triggered when Jirafeau does not receive any file in POST.
// This may be due to bad php configuration where post_max_size is too low
// comparing to upload_max_filesize. Let's retry with lower file size.
if (res === "Error 23")
{
async_global_max_size = Math.max(1, async_global_max_size - 500);
async_upload_push (async_global_last_code);
return;
}
else if (/^Error/.test(res))
{
pop_failure (res);
return;
}
res = res.split ("\n");
var code = res[0]
async_global_transfered = async_global_transfering;
async_upload_push (code);
return;
}
else
{
if (req.status == 413) // Request Entity Too Large
{
// lower async_global_max_size and retry
async_global_max_size = Math.max(1, parseInt (async_global_max_size * 0.8));
}
async_upload_push (async_global_last_code);
return;
}
}
}
req.open ("POST", 'script.php?push_async' , true);
var start = async_global_transfered;
var end = start + async_global_max_size;
if (end >= async_global_file.size)
end = async_global_file.size;
var blob = async_global_file.slice (start, end);
async_global_transfering = end;
var form = new FormData();
form.append ("ref", async_global_ref);
form.append ("data", blob);
form.append ("code", code);
req.send (form);
}
function async_upload_end (code)
{
var req = new XMLHttpRequest ();
req.addEventListener ("error", XHRErrorHandler, false);
req.addEventListener ("abort", XHRErrorHandler, false);
req.onreadystatechange = function ()
{
if (req.readyState == 4 && req.status == 200)
{
var res = req.responseText;
if (/^Error/.test(res))
{
pop_failure (res);
return;
}
res = res.split ("\n");
var expiryDate = '';
if (async_global_time != 'none')
{
// convert time (local time + selected expiry date)
var localDatetime = new Date();
if(!add_time_string_to_date(localDatetime, async_global_time)) {
pop_failure ('Error: Date can not be parsed');
return;
}
expiryDate = localDatetime;
}
show_link (res[0], res[1], res[2], expiryDate);
}
}
req.open ("POST", 'script.php?end_async' , true);
var form = new FormData();
form.append ("ref", async_global_ref);
form.append ("code", code);
req.send (form);
}
function upload (max_size)
{
var one_time_checkbox = document.getElementById('one_time_download');
var one_time = one_time_checkbox !== null ? one_time_checkbox.checked : false;
if (check_html5_file_api ())
{
async_upload_start (
max_size,
document.getElementById('file_select').files[0],
document.getElementById('select_time').value,
document.getElementById('input_key').value,
one_time,
document.getElementById('upload_password').value
);
}
else
{
classic_upload (
document.getElementById('file_select').files[0],
document.getElementById('select_time').value,
document.getElementById('input_key').value,
one_time,
document.getElementById('upload_password').value
);
}
}
var upload_time_estimation_total_size = 42;
var upload_time_estimation_transfered_size = 42;
var upload_time_estimation_transfered_date = 42;
var upload_time_estimation_moving_average_speed = 42;
function upload_time_estimation_init(total_size)
{
upload_time_estimation_total_size = total_size;
upload_time_estimation_transfered_size = 0;
upload_time_estimation_moving_average_speed = 0;
var d = new Date();
upload_time_estimation_transfered_date = d.getTime();
}
function upload_time_estimation_add(total_transfered_size)
{
// Let's compute the current speed
var d = new Date();
var speed = upload_time_estimation_moving_average_speed;
if (d.getTime() - upload_time_estimation_transfered_date != 0)
speed = (total_transfered_size - upload_time_estimation_transfered_size)
/ (d.getTime() - upload_time_estimation_transfered_date);
// Let's compute moving average speed on 30 values
var m = (upload_time_estimation_moving_average_speed * 29 + speed) / 30;
// Update global values
upload_time_estimation_transfered_size = total_transfered_size;
upload_time_estimation_transfered_date = d.getTime();
upload_time_estimation_moving_average_speed = m;
}
function upload_time_estimation_speed_string()
{
// speed ms -> s
var s = upload_time_estimation_moving_average_speed * 1000;
var res = 0;
var scale = '';
if (s <= 1000)
{
res = s.toString();
scale = "B/s";
}
else if (s < 1000000)
{
res = Math.floor(s/100) / 10;
scale = "KB/s";
}
else
{
res = Math.floor(s/100000) / 10;
scale = "MB/s";
}
if (res == 0)
return '';
return res.toString() + ' ' + scale;
}
function milliseconds_to_time_string (milliseconds)
{
function numberEnding (number) {
return (number > 1) ? translate ('PLURAL_ENDING') : '';
}
var temp = Math.floor(milliseconds / 1000);
var years = Math.floor(temp / 31536000);
if (years) {
return years + ' ' + translate ('YEAR') + numberEnding(years);
}
var days = Math.floor((temp %= 31536000) / 86400);
if (days) {
return days + ' ' + translate ('DAY') + numberEnding(days);
}
var hours = Math.floor((temp %= 86400) / 3600);
if (hours) {
return hours + ' ' + translate ('HOUR') + numberEnding(hours);
}
var minutes = Math.floor((temp %= 3600) / 60);
if (minutes) {
return minutes + ' ' + translate ('MINUTE') + numberEnding(minutes);
}
var seconds = temp % 60;
if (seconds) {
return seconds + ' ' + translate ('SECOND') + numberEnding(seconds);
}
return translate ('LESS_1_SEC');
}
function upload_time_estimation_time()
{
// Estimate remaining time
if (upload_time_estimation_moving_average_speed == 0)
return 0;
return (upload_time_estimation_total_size - upload_time_estimation_transfered_size)
/ upload_time_estimation_moving_average_speed;
}
var chrono_last_update = 0;
var chrono_time_ms = 0;
var chrono_time_ms_last_update = 0;
function chrono_update(time_ms)
{
var d = new Date();
var chrono = 0;
// Don't update too often
if (d.getTime() - chrono_last_update < 3000 &&
chrono_time_ms_last_update > 0)
chrono = chrono_time_ms;
else
{
chrono_last_update = d.getTime();
chrono_time_ms = time_ms;
chrono = time_ms;
chrono_time_ms_last_update = d.getTime();
}
// Adjust chrono for smooth estimation
chrono = chrono - (d.getTime() - chrono_time_ms_last_update);
// Let's update chronometer
var time_str = '';
if (chrono > 0)
time_str = milliseconds_to_time_string (chrono);
return time_str;
}
var upload_speed_refresh_limiter_last_update = 0;
var upload_speed_refresh_limiter_last_value = '';
function upload_speed_refresh_limiter(speed_str)
{
var d = new Date();
if (d.getTime() - upload_speed_refresh_limiter_last_update > 1500)
{
upload_speed_refresh_limiter_last_value = speed_str;
upload_speed_refresh_limiter_last_update = d.getTime();
}
return upload_speed_refresh_limiter_last_value;
}
// document.ready()
document.addEventListener('DOMContentLoaded', function(event) {
// Search for all datetime fields and convert the time to local timezone
convertAllDatetimeFields();
});
// Add copy event listeners
function copyLinkToClipboard(link_id) {
var focus = document.activeElement;
var e = document.getElementById(link_id);
var tmp = document.createElement("textarea");
document.body.appendChild(tmp);
tmp.textContent = e.href;
tmp.focus();
tmp.setSelectionRange(0, tmp.value.length);
document.execCommand("copy");
document.body.removeChild(tmp);
focus.focus();
}
function addCopyListener(button_id, link_id) {
if(document.getElementById(button_id)){
document.getElementById(button_id)
.addEventListener("click", function() {
copyLinkToClipboard(link_id);});
}
}
// @license-end

119
src/Jirafeau/lib/locales/en.json Normal file
View File

@@ -0,0 +1,119 @@
{
"SIZE_DATA": "Data size",
"INCOMPATIBLE_OPTIONS_W": "The following configuration options are incompatible:",
"NO_BROWSER_SUPPORT": "Your browser may not support HTML5, so the maximum file size is ",
"PLURAL_ENDING": "s",
"JI_WEB_RE": "Jirafeau, your web file repository",
"SEL_FILE": "Select a file",
"SEND": "Send",
"UP": "Uploading …",
"ONE_TIME_DL": "One-time download",
"PSW": "Password",
"TIME_LIM": "Time limit",
"MAX_FILE_SIZE": "Maximum file size",
"POWERED_BY": "powered by the copyleft, libre software project Jirafeau",
"MADE_WITH": "Made with",
"JI_PROJECT": "Jirafeau Project",
"1_MIN": "One minute",
"1_H": "One hour",
"1_D": "One day",
"1_W": "One week",
"1_M": "One month",
"1_Q": "One quarter",
"1_S": "One semester",
"1_Y": "One year",
"NONE": "None",
"UP_PSW": "Upload password",
"2_BIG": "The file is too big",
"FILE_LIM": "File size limited to",
"FILE_DIR_W": "The file directory is not writable.",
"LINK_DIR_W": "The link directory is not writable.",
"ASYNC_DIR_W": "The async directory is not writable.",
"INSTALL_SCRIPT_HERE": "Installer script still present",
"ERR_OCC": "An error occurred.",
"FILE_UP": "File uploaded.",
"DL_PAGE": "Download page",
"VALID_UNTIL": "This file is valid until the following date",
"VIEW_LINK": "View link",
"DIRECT_DL": "Direct download link",
"DELETE_LINK": "Delete link",
"DL": "Download",
"PREVIEW": "Preview",
"FILE_404": "Sorry, the requested file is not found",
"FILE_NOT_AVAIL": "File not available.",
"CONFIRM_DEL": "Confirm deletion",
"GONNA_DEL": "You are about to delete",
"DELETE": "Delete",
"FILE_DELETED": "File has been deleted.",
"FILE_EXPIRED": "The time limit of this file has expired.",
"PSW_PROTEC": "Password protection",
"GIMME_PSW": "Supply password for this file",
"ACCESS_KO": "Access denied",
"NOW_DOWNLOADING": "You are about to download",
"USING_SERVICE": "By using our services, you accept our",
"TOS": "Terms of Service",
"AUTO_DESTRUCT": "Warning, this file will self-destruct after being read",
"INTERNAL_ERROR_DEL": "Internal error during file creation.",
"CONF_AUTOGEN_COMMENT": "This file was generated by the installation process. You can edit it. Please see config.original.php to understand the configuration items.",
"CANNOT_CREATE_DIR": "The following directory could not be created",
"MANUAL_CREATE": "You should create this directory manually.",
"DIR_NOT_W": "The following directory is not writable",
"GIMME_W": "You should give the write permission to the web server on this directory.",
"HERE_SOLUTION": "Here is a solution",
"CONF_SOLUTION": "The local configuration file could not be created. Create a <code>lib/config.local.php</code> file and grant write permission to the web server (preferred solution), or grant write permission to the web server in the <code>lib</code> directory.",
"CONF_SOLUTION_2": "The local configuration is not writable by the web server. Grant write permission to the web server in the '<code>lib/config.local.php</code>' file.",
"JI_INSTALL": "Installation of Jirafeau",
"STEP": "step",
"OUT_OF": "out of",
"ADMIN_PSW": "Admin password",
"FINALIZATION": "Finalisation",
"SETTING_UP": "Jirafeau is setting up the website according to the configuration you provided.",
"PREV_STEP": "Previous step",
"RETRY_STEP": "Retry this step",
"JI_FONCTIONAL": "Jirafeau is now fully operational",
"INFO": "Information",
"BASE_ADDR_INFO": "The base address of Jirafeau is the first part of the URL, until (and including) the last slash. For example: \"http://www.example.com/\". Do not forget the trailing slash!",
"BASE_ADDR": "Base address",
"DATA_DIR_EXPLAINATION": "The data directory is where your files and information about your files will be stored. You should put it outside your website, or at least restrict the access to this directory. Do not forget the trailing slash!",
"DATA_DIR": "Data directory",
"NEXT_STEP": "Next step",
"ADMIN_INTERFACE_INFO": "Jirafeau has an admin interface (through admin.php). You can set a password to access the interface or leave it empty to disable the interface.",
"NO_ADMIN": "Sorry, the admin interface is not enabled.",
"NO_ADMIN_AUTH": "Sorry, you have not logged onto the admin interface.",
"LOGIN": "Login",
"BAD_PSW": "Wrong password.",
"ADMIN_INTERFACE": "Admin interface",
"CLEAN_EXPIRED": "Clean expired files",
"CLEAN_INCOMPLETE": "Clean old unfinished transfers",
"CLEAN": "Clean",
"SEARCH_NAME": "Search for files by name",
"SEARCH": "Search",
"LS_FILES": "List all files",
"LIST": "List",
"ACTIONS": "Actions",
"SEARH_BY_HASH": "Search for files by file hash",
"SEARCH_LINK": "Search a specific link",
"CLEANED_FILES_CNT": "Number of cleaned files",
"LOGOUT": "Log out",
"NOW_LOGOUT": "You are now logged out",
"LINK_DELETED": "Link deleted",
"FILENAME": "Filename",
"FILE": "file",
"LINK": "link",
"TYPE": "Type",
"SIZE": "Size",
"EXPIRE": "Expire",
"ONETIME": "One-time",
"UPLOAD_DATE": "Upload date",
"ORIGIN": "Origin",
"ACTION": "Action",
"DEL_LINK": "Del link",
"DEL_FILE_LINKS": "Del file and links",
"DELETED_LINKS": "Deleted links",
"YEAR": "year",
"DAY": "day",
"MINUTE": "minute",
"HOUR": "hour",
"SECOND": "second",
"LESS_1_SEC": "less than a second"
}

79
src/Jirafeau/lib/settings.php Normal file
View File

@@ -0,0 +1,79 @@
<?php
/*
* Jirafeau, your web file repository
* Copyright (C) 2008 Julien "axolotl" BERNARD <axolotl@magieeternelle.org>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
global $cfg;
// Read config files
require(JIRAFEAU_ROOT . 'lib/config.original.php');
if (file_exists(JIRAFEAU_ROOT . 'lib/config.local.php')) {
// read local copy and merge with original values
$cfgOriginal = $cfg;
require(JIRAFEAU_ROOT . 'lib/config.local.php');
$cfg = array_merge($cfgOriginal, $cfg);
unset($cfgOriginal);
}
// Setup debug mode
if ($cfg['debug'] === true) {
@error_reporting(E_ALL);
} else {
@error_reporting(0);
}
// Set constants
/* Jirafeau package */
define('JIRAFEAU_PACKAGE', 'Jirafeau');
define('JIRAFEAU_VERSION', '4.3.0');
/* Directories. */
define('VAR_FILES', $cfg['var_root'] . 'files/');
define('VAR_LINKS', $cfg['var_root'] . 'links/');
define('VAR_ASYNC', $cfg['var_root'] . 'async/');
// helping variable to build absolute link to
// root of the domain without handling the URL scheme
$absPrefix = parse_url($cfg['web_root'], PHP_URL_PATH);
if (true === empty($absPrefix)) {
// fallback if installation isnt done yet: relative links to same level on the current page
$absPrefix = './';
}
define('JIRAFEAU_ABSPREFIX', $absPrefix);
/* Useful constants. */
if (!defined('NL')) {
define('NL', "\n");
}
if (!defined('QUOTE')) {
define('QUOTE', "'");
}
define('JIRAFEAU_INFINITY', -1);
define('JIRAFEAU_MINUTE', 60); // 60
define('JIRAFEAU_HOUR', 3600); // JIRAFEAU_MINUTE * 60
define('JIRAFEAU_DAY', 86400); // JIRAFEAU_HOUR * 24
define('JIRAFEAU_WEEK', 604800); // JIRAFEAU_DAY * 7
define('JIRAFEAU_MONTH', 2592000); // JIRAFEAU_DAY * 30
define('JIRAFEAU_QUARTER', 7776000); // JIRAFEAU_DAY * 90
define('JIRAFEAU_SEMESTER', 110678400); // JIRAFEAU_DAY * 183
define('JIRAFEAU_YEAR', 31536000); // JIRAFEAU_DAY * 365
// set UTC as default timezone for all date/time functions
date_default_timezone_set('UTC');

138
src/Jirafeau/lib/template/page.php Normal file
View File

@@ -0,0 +1,138 @@
<?php
function displayHeadPage ($title) {
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<title><?php echo $title; ?></title>
<link rel="stylesheet" href="media/kaz/attach.css">
</head>
<body class="<?php echo isset ($_COOKIE['theme']) ? htmlspecialchars ($_COOKIE['theme']) : 'light-theme'; ?>">
<div class="theme-toggle">
<input type="checkbox" id="toggle-theme" <?php echo (isset($_COOKIE['theme']) && $_COOKIE['theme'] === 'dark-theme') ? 'checked' : ''; ?>/>
<label for="toggle-theme" class="toggle-label">
<span class="toggle-dark">&#x1F319;</span>
<span class="toggle-light">&#x1F506;</span>
</label>
</div>
<div class="container">
<div class="main-box">
<div class="blocks">
<?php
}
function displayFootPage () { ?>
</div>
</div>
</div>
<script src="lib/attach.js"></script>
<div id="kaz"/>
</body>
</html>
<?php
}
function displayRefresh () { ?>
<form action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<?php echo getHiddenToken (); ?><?php echo getHiddenLink (); ?>
<input type="submit" value="<?php echo M_REFRESH; ?>">
</form>
<?php
}
function displayLogin ($msg) { ?>
<div class="block">
<div class="block-info"><p><?php echo $msg; ?></p></div>
<div class="table">
<form class="tr" action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<input type="email" name="<?php echo A_SENDER; ?>" size="40" value="<?php echo jirafeau_escape ($_REQUEST [A_SENDER]);?>" placeholder="Votre email" required="required"/>
<?php echo getHiddenLink (); ?>
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_LOGIN; ?>" />
<input type="submit" value="<?php echo M_SEND; ?>" />
</form>
</div>
</div>
<?php
}
function displayLogout ($msg) { ?>
<div class="block">
<div class="block-info"><p><?php echo $msg; ?></p></div>
<div class="table">
<form class="tr" action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_LOGOUT; ?>">
<?php echo getHiddenToken (); ?>
<?php echo getHiddenLink (); ?>
<button type="submit">D&eacute;connexion</button>
</form>
</div>
</div>
<?php
}
function displayProfileName ($msg) { ?>
<div class="block">
<div class="block-info"><p><?php echo $msg; ?></p></div>
<div class="table">
<form class="tr" action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_FORGETME; ?>">
<?php echo getHiddenLink (); ?>
<button type="submit">Oubliez-moi</button>
</form>
</div>
</div>
<?php
}
function displayListUrl ($query, $listUrl) {
global $DEFAULT_CLOUD;
?>
<div class="block">
<div class="block-info"><p><?php echo M_LIST_URL; ?></p></div>
<div class="management-table cloud-list">
<div class="tr">
</div><?php if (isset ($listUrl['urls'])) foreach ($listUrl['urls'] as $name => $url) { ?>
<div class="tr">
<span class="td"><a href="<?php echo $url.$query; ?>" class="cloud-item"><?php echo htmlspecialchars ($name);?></a><span class="comment"> (<?php echo htmlspecialchars ($url); ?>)</span></span>
</div><?php } ?>
<form class="tr" onsubmit="return forwardQuerry (this,<?php echo "'".$query."'"; ?>);">
<span class="td"><span class="comment"><?php echo M_NEW_URL; ?></span><input name="url" type="text" value="<?php echo $DEFAULT_CLOUD; ?>" placeholder="https://..."/></span>
</form>
</div>
</div>
<?php
}
function displayFormProfile ($listUrl) {
global $name, $url;
?>
<div class="block">
<div class="block-info"><p><?php echo M_CUSTOM_URL; ?></p></div>
<div class="table"><?php if (isset ($listUrl['urls'])) foreach ($listUrl['urls'] as $name2 => $url2) { ?>
<form class="tr" action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<span class="td">
<button class="btn btn-up" onclick="actionUrl (this, false, '<?php echo A_ACTION; ?>', '<?php echo T_UP_URL; ?>')" ><?php echo L_UP_URL; ?></button>
<button class="btn btn-down" onclick="actionUrl (this, false, '<?php echo A_ACTION; ?>', '<?php echo T_DOWN_URL; ?>')" ><?php echo L_DOWN_URL; ?></button>
</span>
<span class="td"><?php echo htmlspecialchars ($name2);?></span>
<span class="td"><?php echo htmlspecialchars ($url2);?></span>
<input name="<?php echo A_NAME;?>" type="hidden" value="<?php echo $name2;?>"/>
<?php echo getHiddenToken (); ?><?php echo getHiddenLink (); ?><span class="td">
<button class="btn btn-delete" onclick="actionUrl (this, true, '<?php echo A_ACTION; ?>', '<?php echo T_DEL_URL; ?>')" ><?php echo L_DEL_URL; ?></button>
</span>
</form><?php } ?>
<form class="tr" action="<?php echo $_SERVER ['SCRIPT_NAME']; ?>" method="POST">
<span class="td"></span>
<span class="td"><input name="<?php echo A_NAME;?>" type="text" value="<?php echo $name;?>" placeholder="Mon nuage"/></span>
<span class="td"><input name="<?php echo A_URL;?>" type="text" value="<?php echo $url;?>" placeholder="https://..."/></span>
<?php echo getHiddenToken (); ?><?php echo getHiddenLink (); ?>
<span class="td"><button class="btn btn-new" onclick="actionUrl (this, false, '<?php echo A_ACTION; ?>', '<?php echo T_ADD_URL; ?>')" ><?php echo L_ADD_URL; ?></button></span>
</form>
</div>
</div>
<?php
}