KAZ/depollueur
3
1
Fork 0
Code Issues Pull Requests Projects Releases Activity

clean code

Browse Source
This commit is contained in:
François 2022-02-17 18:13:09 +01:00
parent bf06a130f6
commit d83b89b624
1 changed files with 387 additions and 256 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

637
src/Jirafeau/a.php
View File

@ -22,7 +22,9 @@ define ('VAR_TOKENS', $cfg ['var_root'].'tokens/');
define ('VAR_TRACKS', $cfg ['var_root'].'tracks/');
define ('VAR_PERIOD', $cfg ['var_root'].'period/');
define ('VAR_FAKE', $cfg ['var_root'].'fake/');
define ('VAR_PRIVATE', $cfg ['var_root'].'private/');
define ('MAX_VALID_UPLOAD_TIME', 60);
define ('TOKEN_USE_LIMIT', "-2 hours");
define ('TOKEN_LOGIN_LIMIT', "-15 minutes");
define ('TOKEN_LOGOUT_LIMIT', "-8 hours");
@ -50,12 +52,16 @@ define ('M_INTRO_FORM', "Quelles sont les informations me concernant ?");
define ('M_MEL', "votre mèl");
define ('M_NO_FILENAME', 'SansNom');
define ('M_NO_SENDER', 'kaz-');
define ('M_OLD_ATTACHEMENT_DIRNAME', "RappelHistorique");
define ('M_NEW_ATTACHEMENT_DIRNAME', "nouveau");
define ('M_OLD_ATTACHEMENT_DIRNAME', "ancien");
define ('M_SEND', "Connexion");
define ('M_LOGOUT', 'Deconnecter');
define ('M_REFRESH', 'Actualiser');
define ('M_LOGOUT_TOKEN', "Vous n'êtes plus connecté.");
define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'accès temporaire à vos données.");
define ('M_INCONSISTENT_DATES',
" (dates incohéantes avec ___FILENAME___ : ".___DIRTIME___." != ".___FILETIME___." / ".
date ("Y-m-d H:i:s", ___DIRTIME___)." != ".date ("Y-m-d H:i:s", ___DIRTIME___).")");
define ('A_ACTION', 'a'); // action : T_SEND, T_LOGOUT, A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter)
define ('A_GET', 'g'); // get archive
@ -76,13 +82,15 @@ define ('T_FILENAME', 'file_name');
define ('T_HASH', 'hash');
define ('T_LOGGED', "logged");
define ('T_NEW', 'new');
define ('T_SIGN', 'sign');
define ('T_NOT_FOUND', 'not_found');
define ('T_OLD', 'old');
define ('T_RENAME', 'rename');
define ('T_SEND', 'send');
define ('T_LOGOUT', 'lougout');
define ('T_SENDER', 'sender');
define ('T_TIMESTAMP', 'timestamp');
define ('T_TIME', 'time');
define ('T_ID', 'id');
define ('T_TOKEN', "token");
define ('T_WARNING_FILENAME', "-Avertissement.txt");
define ('T_ZIP_EXT', ".zip");
@ -106,18 +114,23 @@ $message = '';
/* Remove errors. */
@error_reporting (0);
$do_update = false;
$doUpdate = false;
if (isset ($_REQUEST [A_UPDATE]) && !empty ($_REQUEST [A_UPDATE])) {
$do_update = true;
$doUpdate = true;
}
$do_download = false;
$doDownload = false;
if (isset ($_REQUEST [A_GET]) && !empty ($_REQUEST [A_GET])) {
$do_download = true;
$doDownload = true;
}
$doUpload = false;
if (isset ($_FILES ['file'])) {
$doUpload = true;
}
// ========================================
function return_error ($msg) {
function returnError ($msg) {
require (JIRAFEAU_ROOT.'lib/template/header.php');
echo '<div class="error"><p>' . $msg . '</p></div>';
require (JIRAFEAU_ROOT.'lib/template/footer.php');
@ -125,52 +138,80 @@ function return_error ($msg) {
}
// ========================================
function setTrack ($sender) {
function setSenderTrack ($sender) {
if (!$sender)
return;
if (!file_exists (VAR_TRACKS))
mkdir (VAR_TRACKS, 0755);
touch (VAR_TRACKS.$sender);
}
function rmTrack ($sender) {
function rmSenderTrack ($sender) {
if (!$sender)
return;
if (file_exists (VAR_TRACKS.$sender))
unlink (VAR_TRACKS.$sender);
}
function getTrack ($sender) {
function getSenderTrack ($sender) {
if (!$sender)
return;
return file_exists (VAR_TRACKS.$sender);
}
// ========================================
function setPeriod ($sender, $period) {
function setSenderPeriod ($sender, $period) {
if (!$sender)
return;
if (!file_exists (VAR_PERIOD))
mkdir (VAR_PERIOD, 0755);
if (empty ($period) || DEFAULT_PERIOD == $period) {
if (file_exists (VAR_PERIOD.$sender))
unlink (VAR_PERIOD.$sender);
rmSenderPeriod ($sender);
} else
file_put_contents (VAR_PERIOD.$sender, $period.NL);
}
function rmPeriod ($sender) {
function rmSenderPeriod ($sender) {
if (!$sender)
return;
if (file_exists (VAR_PERIOD.$sender))
unlink (VAR_PERIOD.$sender);
}
function getPeriod ($sender) {
function getSenderPeriod ($sender) {
if (!$sender || !file_exists (VAR_PERIOD.$sender))
return DEFAULT_PERIOD;
return trim (file (VAR_PERIOD.$sender)[0]);
}
function period2seconds ($periodName) {
if (!$periodName)
return JIRAFEAU_MONTH;
switch ($periodName) {
case 'minute':
return JIRAFEAU_MINUTE;
break;
case 'hour':
return JIRAFEAU_HOUR;
break;
case 'day':
return JIRAFEAU_DAY;
break;
case 'week':
return JIRAFEAU_WEEK;
break;
case 'month':
return JIRAFEAU_MONTH;
break;
case 'quarter':
return JIRAFEAU_QUARTER;
break;
case 'year':
return JIRAFEAU_YEAR;
break;
default:
returnError (t ('ERR_OCC') . ' (periodName)');
}
}
// ========================================
function setFake ($sender, $dir_link, $dirTime) {
return;
function setSenderFake ($sender, $dirLink, $dirTime) {
if (!$sender)
return;
if (!file_exists (VAR_FAKE))
@ -178,8 +219,7 @@ function setFake ($sender, $dir_link, $dirTime) {
file_put_contents (VAR_FAKE.$sender, "time: ".$dirTime.NL."sender: ".$sender.NL);
rmToken ($sender);
}
function getFake ($sender) {
function getSenderFake ($sender) {
if (!$sender)
return;
return file_exists (VAR_FAKE.$sender);
@ -191,33 +231,70 @@ function isKazArchive ($link) {
@preg_match ("/".T_ARCHIVE_TITLE."/", jirafeau_escape ($link ['file_name'])) &&
jirafeau_escape ($link ['mime_type']) == T_ARCHIVE_MIME;
}
// ========================================
function readArchiveFromLink ($link) {
$p = s2p ($link ['hash']);
$lines = file (VAR_FILES . $p . $link ['hash']);
$archive = readArchiveFromLines ($lines);
return $archive;
}
function readArchiveFromLines ($lines) {
$archive = [];
$error = false;
foreach ($lines as $line) {
switch (true) {
case preg_match ("/^\s*id:\s*(\d++)\s*$/", $line, $matches):
$archive [T_ID] = $matches [1];
case preg_match ("/^\s*sender:\s*(([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6})\s*$/i", $line, $matches):
$archive [T_SENDER] = $matches [1];
break;
case preg_match ("/^\s*time:\s*(\d{4}([:-]\d{2}){5})\s*$/i", $line, $matches):
$archive [T_TIME] = $matches [1];
break;
case preg_match ("/^\s*new:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$archive [T_NEW][] = [$matches [1], $matches [2]];
break;
case preg_match ("/^\s*old:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$archive [T_OLD][] = [$matches [1], $matches [2]];
break;
case preg_match ("/^\s*sign:\s*([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$archive [T_SIGN] = $matches [1];
break;
default:
global $message;
$message .= "<p>error:".$line."</p>";
$error = true;
break;
}
}
return $error ? [] : $archive;
}
// ========================================
function getFileName ($hash) {
$p = s2p ($hash);
return VAR_FILES.$p.$hash;
}
function getTimeFile ($hash) {
$f = getFileName ($hash);
return file_exists ($f) ? filemtime ($f) : 0;
}
function valideTime ($t1, $t2) {
return true;
return abs ($t1 - $t2) < 60; // XXX delay
global $message;
return abs ($t1 - $t2) < MAX_VALID_UPLOAD_TIME;
}
// ========================================
/** Update link
* @param $link the link's name (hash)
* @param $update_period the periode (i.e in : "month")
* @param $update_period the period (i.e in : "month")
*/
function update_link ($link_name, $link, $update_period) {
function updateLink ($link_name, $link, $maxLimit) {
$time_max = $link ['time'];
$time_up = time () + $update_period;
$time_more = $time_up + JIRAFEAU_HOUR;
if ($time_max < 0 || $time_up < $time_max)
if ($time_max < 0 || $maxLimit < $time_max)
return $time_max;
$time_more = $maxLimit + JIRAFEAU_MINUTE;
$link ['time'] = $time_more;
$link_tmp_name = VAR_LINKS . $link ['hash'] . rand (0, 10000) . '.tmp';
$handle = fopen ($link_tmp_name, 'w');
@ -232,35 +309,7 @@ function update_link ($link_name, $link, $update_period) {
}
// ========================================
// read archive info
function read_archive_info ($link) {
$p = s2p ($link ['hash']);
$result = [];
$error=false;
foreach (file (VAR_FILES . $p . $link ['hash']) as $line) {
switch (true) {
case preg_match ("/^\s*src:\s*(([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6})\s*$/i", $line, $matches):
$result [T_SENDER] = $matches [1];
break;
case preg_match ("/^\s*time:\s*(\d{4}([:-]\d{2}){5})\s*$/i", $line, $matches):
$result [T_TIMESTAMP] = $matches [1];
break;
case preg_match ("/^\s*old:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$result [T_OLD][] = [$matches [1], $matches [2]];
break;
case preg_match ("/^\s*new:\s*([0-9a-zA-Z_-]+)\s+([0-9a-zA-Z_-]+)\s*$/", $line, $matches):
$result [T_NEW][] = [$matches [1], $matches [2]];
break;
default:
$error = true;
break;
}
}
return $error ? [] : $result;
}
// ========================================
function send_email ($receiver, $receiver_name, $subject, $body_string){
function sendEMail ($receiver, $receiver_name, $subject, $body_string){
try {
// SERVER SETTINGS
$mail = new PHPMailer (true);
@ -359,49 +408,50 @@ function getTimeToken ($sender) {
}
// ========================================
if ($do_update) {
$update_period = JIRAFEAU_MONTH;
switch ($_REQUEST [A_UPDATE]) {
case 'minute':
$update_period = JIRAFEAU_MINUTE;
break;
case 'hour':
$update_period = JIRAFEAU_HOUR;
break;
case 'day':
$update_period = JIRAFEAU_DAY;
break;
case 'week':
$update_period = JIRAFEAU_WEEK;
break;
case 'month':
$update_period = JIRAFEAU_MONTH;
break;
case 'quarter':
$update_period = JIRAFEAU_QUARTER;
break;
case 'year':
$update_period = JIRAFEAU_YEAR;
break;
default:
return_error (t ('ERR_OCC') . ' (update_period)');
if ($doUpload) {
$maxtime = time ()+period2seconds ($_REQUEST ['time']);
$key = isset ($_REQUEST ['key']) ? $_REQUEST ['key'] : '';
$ip = $_SERVER ['HTTP_X_REAL_IP']; // XXX
$res = jirafeau_upload (
$_FILES['file'],
isset ($_POST ['one_time_download']),
$key,
$maxtime,
$ip,
$cfg['enable_crypt'],
$cfg['link_name_length'],
$cfg['file_hash']
);
if (! count ($res ['error']) || $res['error']['has_error'])
$content = 'Error 6 ' . $res['error']['why'];
else
$content = $res ['link'].NL.$res ['delete_link'].NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
echo $content;
exit;
}
$link_name = $_REQUEST [A_HASH];
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
return_error (t ('FILE_404'));
$link = jirafeau_get_link ($link_name);
// ========================================
if ($doUpdate) {
$maxTime = time ()+period2seconds ($_REQUEST [A_UPDATE]);
$linkName = $_REQUEST [A_HASH];
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $linkName))
returnError (t ('FILE_404'));
$link = jirafeau_get_link ($linkName);
if (count ($link) == 0)
return_error (t ('FILE_404'));
$time = update_link ($link_name, $link, $update_period);
returnError (t ('FILE_404'));
$time = updateLink ($linkName, $link, $maxTime);
$content = '' . $time . NL;
if (isKazArchive ($link)) {
$archive_info = read_archive_info ($l);
if (count ($archive_info)) {
$archiveInfo = readArchiveFromLink ($l);
if (count ($archiveInfo)) {
foreach ([T_OLD, T_NEW] as $cat)
if (isset ($archive_info [$cat]))
foreach ($archive_info [$cat] as [$link_name, $crypt_key])
update_link ($link_name, jirafeau_get_link ($link_name), $update_period);
if (isset ($archiveInfo [$cat]))
foreach ($archiveInfo [$cat] as [$linkName, $cryptKey])
updateLink ($linkName, jirafeau_get_link ($linkName), $maxTime);
}
}
header ('HTTP/1.0 200 OK');
@ -423,98 +473,98 @@ if (isset ($_REQUEST [A_SENDER]) && !empty ($_REQUEST [A_SENDER])) {
}
// ========================================
if ($do_download) {
if ($doDownload) {
// check archive exist
$couple = explode ("~", $_REQUEST [A_GET], 2);
if (count ($couple) == 0)
return_error (E_BAD_ARCHIVE_NAME);
$link_name = $couple [0];
if (!$link_name || !preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
return_error (E_BAD_ARCHIVE_NAME);
$crypt_key = count ($couple) == 2 ? $couple [1] : "";
$link = jirafeau_get_link ($link_name);
returnError (E_BAD_ARCHIVE_NAME);
$linkName = $couple [0];
if (!$linkName || !preg_match ('/[0-9a-zA-Z_-]+$/', $linkName))
returnError (E_BAD_ARCHIVE_NAME);
$cryptKey = count ($couple) == 2 ? $couple [1] : "";
$link = jirafeau_get_link ($linkName);
if (count ($link) == 0)
return_error (t ('FILE_404'));
returnError (t ('FILE_404'));
$key = $link ['key'];
if ($key && (empty ($crypt_key) || $key != $crypt_key))
return_error (t ('BAD_PSW'));
if ($key && (empty ($cryptKey) || $key != $cryptKey))
returnError (t ('BAD_PSW'));
$archive_info = read_archive_info ($link);
$archiveInfo = readArchiveFromLink ($link);
// check entries
$archive_content = [];
$archiveContent = [];
$modif = false;
$single_name = [];
$singleName = [];
foreach ([T_OLD, T_NEW] as $cat)
if (isset ($archive_info [$cat]))
foreach ($archive_info [$cat] as [$link_name, $crypt_key]) {
$link = jirafeau_get_link ($link_name);
if (isset ($archiveInfo [$cat]))
foreach ($archiveInfo [$cat] as [$linkName, $cryptKey]) {
$link = jirafeau_get_link ($linkName);
if (count ($link) == 0) {
if (isset ($archive_content [T_NOT_FOUND]))
++$archive_content [T_NOT_FOUND];
if (isset ($archiveContent [T_NOT_FOUND]))
++$archiveContent [T_NOT_FOUND];
else
$archive_content [T_NOT_FOUND] = 1;
$archiveContent [T_NOT_FOUND] = 1;
$modif = true;
continue;
}
$key = $link ['key'];
if ($key && (empty ($crypt_key) || $key != $crypt_key)) {
if (isset ($archive_content [T_BAD_PASW]))
++$archive_content [T_BAD_PASW];
if ($key && (empty ($cryptKey) || $key != $cryptKey)) {
if (isset ($archiveContent [T_BAD_PASW]))
++$archiveContent [T_BAD_PASW];
else
$archive_content [T_BAD_PASW] = 1;
$archiveContent [T_BAD_PASW] = 1;
$modif = true;
continue;
}
$src_name = $dst_name = ($link ['file_name'] ? $link ['file_name'] : M_NO_FILENAME);
if (in_array ($src_name, $single_name))
$srcName = $dstName = ($link ['file_name'] ? $link ['file_name'] : M_NO_FILENAME);
if (in_array ($srcName, $singleName))
for ($i = 0; $i < 10000; ++$i) {
$dst_name = sprintf ("%s-%2d", $src_name, $i);
if (!in_array ($dst_name, $single_name)) {
if (isset ($archive_content [T_RENAME]))
++$archive_content [T_RENAME];
$dstName = sprintf ("%s-%2d", $srcName, $i);
if (!in_array ($dstName, $singleName)) {
if (isset ($archiveContent [T_RENAME]))
++$archiveContent [T_RENAME];
else
$archive_content [T_RENAME] = 1;
$archiveContent [T_RENAME] = 1;
$modif = true;
break;
}
}
$single_name [] = $dst_name;
$archive_content [$cat][T_ENTRIES][] = [T_HASH => $link ['hash'], T_FILENAME => $dst_name, T_CRYPT_KEY => $crypt_key, T_CRYPTED => $link ['crypted']];
$singleName [] = $dstName;
$archiveContent [$cat][T_ENTRIES][] = [T_HASH => $link ['hash'], T_FILENAME => $dstName, T_CRYPT_KEY => $cryptKey, T_CRYPTED => $link ['crypted']];
}
// build zip
$dirname = M_NO_SENDER.(isset ($archive_info [T_TIMESTAMP]) && !empty ($archive_info [T_TIMESTAMP])) ?
$archive_info [T_TIMESTAMP] : date ("Y-m-d-H:i:s");
$dirname = M_NO_SENDER.(isset ($archiveInfo [T_TIME]) && !empty ($archiveInfo [T_TIME])) ?
$archiveInfo [T_TIME] : date ("Y-m-d-H:i:s");
$dirname = str_replace (":", "_", $dirname);
$tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
$zip = new ZipArchive;
if (!$zip)
return_error (E_CREATE_ZIP);
returnError (E_CREATE_ZIP);
if ($zip->open ($tmpFileName.T_ZIP_EXT, ZipArchive::CREATE) !== TRUE)
return_error (E_OPEN_ZIP);
returnError (E_OPEN_ZIP);
// create info
if ($modif) {
$info = '';
if (isset ($archive_info [T_NOT_FOUND]))
$info .= $archive_info [T_NOT_FOUND]. ($archive_info [T_NOT_FOUND] ? M_FILE_NOT_FOUND : M_FILES_NOT_FOUND).NL;
if (isset ($archive_info [T_BAD_PASW]))
$info .= M_BAD_KEY. $archive_info [T_BAD_PASW]. ($archive_info [T_BAD_PASW] ? M_FILE : M_FILES).NL;
if (isset ($archive_info[T_RENAME]))
$info .= $archive_info[T_RENAME]. ($archive_info[T_RENAME] ? M_FILE_RENAMED : M_FILES_RENAMED).NL;
if (isset ($archiveInfo [T_NOT_FOUND]))
$info .= $archiveInfo [T_NOT_FOUND]. ($archiveInfo [T_NOT_FOUND] ? M_FILE_NOT_FOUND : M_FILES_NOT_FOUND).NL;
if (isset ($archiveInfo [T_BAD_PASW]))
$info .= M_BAD_KEY. $archiveInfo [T_BAD_PASW]. ($archiveInfo [T_BAD_PASW] ? M_FILE : M_FILES).NL;
if (isset ($archiveInfo[T_RENAME]))
$info .= $archiveInfo[T_RENAME]. ($archiveInfo[T_RENAME] ? M_FILE_RENAMED : M_FILES_RENAMED).NL;
$zip->addFromString ($dirname.T_WARNING_FILENAME, $info);
}
foreach ([T_OLD, T_NEW] as $cat)
if (isset ($archive_info [$cat])) {
$subdir = $dirname . ($cat == T_NEW ? "" : "/".M_OLD_ATTACHEMENT_DIRNAME);
foreach ($archive_content [$cat][T_ENTRIES] as $entry) {
if (isset ($archiveInfo [$cat])) {
$subdir = $dirname . "-".($cat == T_NEW ? M_NEW_ATTACHEMENT_DIRNAME : M_OLD_ATTACHEMENT_DIRNAME);
foreach ($archiveContent [$cat][T_ENTRIES] as $entry) {
$p = s2p ($entry [T_HASH]);
if ($entry [T_CRYPTED]) {
$m = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
$md5_key = md5 ($entry [T_CRYPT_KEY]);
$iv = jirafeau_crypt_create_iv ($md5_key, mcrypt_enc_get_iv_size ($m));
mcrypt_generic_init ($m, $md5_key, $iv);
$iv = jirafeau_crypt_create_iv ($md5Key, mcrypt_enc_get_iv_size ($m));
mcrypt_generic_init ($m, $md5Key, $iv);
$r = fopen (VAR_FILES . $p . $entry [T_HASH], 'r');
$content = "";
while (!feof ($r)) {
@ -534,21 +584,21 @@ if ($do_download) {
$zip->close ();
if (!is_file ($tmpFileName.T_ZIP_EXT,))
return_error (E_OPEN_ZIP);
if (false) {
// log
$content = print_r ($archive_info, 1);
$content .= print_r ($archive_content, 1);
$message .= print_r ($archiveInfo, 1);
$message .= print_r ($archiveContent, 1);
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Length: ' . strlen ($message));
header ('Content-Type: text/plain');
echo $content;
echo $message;
exit;
}
if (!is_file ($tmpFileName.T_ZIP_EXT,))
returnError (E_OPEN_ZIP);
header ("Content-Type: application/zip");
header ('Content-Disposition: filename="'.$dirname.'.zip"');
$r = fopen ($tmpFileName.".zip", 'r');
@ -566,8 +616,8 @@ if ($do_download) {
// ========================================
if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
return_error (M_BAD_SENDER_NAME);
$content = getTrack ($_REQUEST [A_RECORD]).NL;
returnError (M_BAD_SENDER_NAME);
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
@ -578,8 +628,8 @@ if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
// ========================================
if (isset ($_REQUEST [A_PERIOD]) && !empty ($_REQUEST [A_PERIOD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_PERIOD]))
return_error (M_BAD_SENDER_NAME);
$content = getPeriod ($_REQUEST [A_PERIOD]).NL;
returnError (M_BAD_SENDER_NAME);
$content = getSenderPeriod ($_REQUEST [A_PERIOD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
@ -597,16 +647,16 @@ if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
}
$refToken = getToken ($sender);
$url_base = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
$urlBase = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
require (JIRAFEAU_ROOT . 'lib/template/header.php');
if (getFake ($sender))
if (getSenderFake ($sender))
echo "Ce compte ne peut plus se connecter. Veuillez contacter les administrateurs.";
else {
$token = setToken ($sender);
// XXX test token
$url = $url_base.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
$result = send_email ($sender, "", M_EMAIL_SUBJECT,
$url = $urlBase.$_SERVER ['SCRIPT_NAME']."?".A_SENDER."=".$sender."&".A_TOKEN."=".$token;
$result = sendEMail ($sender, "", M_EMAIL_SUBJECT,
str_replace (["___LINK___", "___IP___", "___DATE___"],
[$url, $_SERVER ['HTTP_X_REAL_IP'] , date ("Y-m-d H:i:s")], M_EMAIL_CONTENT));
if ($result)
@ -665,115 +715,126 @@ if (!getLoggedToken ($sender))
else
touch (VAR_TOKENS.$sender);
function deleteAction ($link_name) {
function deleteAction ($linkName) {
global $sender, $token, $message, $doLogout;
$link = jirafeau_get_link ($link_name);
//$message .= "ln: ".$link_name." l: "."<pre>".print_r ($link, 1)."</pre> mt: ".getTimeFile ($link ['hash'])."</br>";
$link = jirafeau_get_link ($linkName);
//$message .= "ln: ".$linkName." l: "."<pre>".print_r ($link, 1)."</pre> mt: ".getTimeFile ($link ['hash'])."</br>";
if (!count ($link))
return;
if (isKazArchive ($link)) {
$dir_name = $link_name;
$dir_link = $link;
$dirTime = getTimeFile ($dir_link ['hash']);
$archive_info = read_archive_info ($dir_link);
if (! count ($archive_info))
$dirName = $linkName;
$dirLink = $link;
$dirTime = $dirLink ['upload_date'];
$archiveInfo = readArchiveFromLink ($dirLink);
if (! count ($archiveInfo))
return;
if ($sender != $archive_info [T_SENDER]) {
setFake ($sender, $dir_link, $dirTime);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire. (F1 ".$sender." != ".$archive_info [T_SENDER].")";
//XXX $doLogout = true;
if ($sender != $archiveInfo [T_SENDER]) {
setSenderFake ($sender, $dirLink, $dirTime);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire. (".$sender." != ".$archiveInfo [T_SENDER].")";
$doLogout = true;
return;
}
if ($archive_info [T_NEW])
foreach ($archive_info [T_NEW] as [$file_name, $crypt_key]) {
$file_link = jirafeau_get_link ($file_name);
if (! count ($file_link))
$fileToDelete = false;
if ($archiveInfo [T_NEW])
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
$fileLink = jirafeau_get_link ($fileName);
if (! count ($fileLink))
continue;
$fileTime = getTimeFile ($file_link ['hash']);
$fileTime = $fileLink ['upload_date'];
if (! valideTime ($dirTime, $fileTime)) {
setFake ($sender, $dir_link, $dirTime);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e (dates incoh&eacute;antes). (F2 ".
getFileName ($dir_link ['hash'])." =? ".getFileName ($file_link ['hash'])." ".
date ("Y-m-d H:i:s", $dirTime)." != ".date ("Y-m-d H:i:s", $fileTime).")";
// XXX $doLogout = true;
setSenderFake ($sender, $dirLink, $dirTime);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
$doLogout = true;
return;
}
$fileToDelete = true;
}
if ($archive_info [T_NEW])
foreach ($archive_info [T_NEW] as [$file_name, $crypt_key]) {
$file_link = jirafeau_get_link ($file_name);
if (! count ($file_link))
$message .= "l'envoi ".$archiveInfo [T_TIME]." est supprim&eacute;";
if ($fileToDelete)
$message .= " avec<ul>";
if ($archiveInfo [T_NEW])
foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
$fileLink = jirafeau_get_link ($fileName);
if (! count ($fileLink))
continue;
jirafeau_delete_link ($file_name);
$message .= "<li>".jirafeau_escape ($fileLink ['file_name'])."</li>";
jirafeau_delete_link ($fileName);
}
jirafeau_delete_link ($dir_name);
jirafeau_delete_link ($dirName);
$message .= $fileToDelete ? "</ul>" : ".";
return;
}
$file_name = $link_name;
$file_link = $link;
$fileTime = getTimeFile ($file_name);
$fileName = $linkName;
$fileLink = $link;
$fileTime = $fileLink ['upload_date'];
$stack = array (VAR_LINKS);
while (($d = array_shift ($stack)) && $d != null) {
if (!file_exists ($d))
continue;
$dir = scandir ($d);
foreach ($dir as $dir_name) {
if (strcmp ($dir_name, '.') == 0 || strcmp ($dir_name, '..') == 0 ||
preg_match ('/\.tmp/i', "$dir_name")) {
foreach ($dir as $dirName) {
if (strcmp ($dirName, '.') == 0 || strcmp ($dirName, '..') == 0 ||
preg_match ('/\.tmp/i', "$dirName")) {
continue;
}
if (is_dir ($d . $dir_name)) {
/* Push new found directory. */
$stack [] = $d . $dir_name . '/';
if (is_dir ($d . $dirName)) {
$stack [] = $d . $dirName . '/';
continue;
}
/* Read link informations. */
$dir_link = jirafeau_get_link ($dir_name);
$dirTime = getTimeFile ($dir_link ['hash']);
if (!count ($dir_link))
$dirLink = jirafeau_get_link ($dirName);
//$dirTime = getTimeFile ($dirLink ['hash']);
$dirTime = $dirLink ['upload_date'];
if (!count ($dirLink))
continue;
if (!isKazArchive ($dir_link))
if (!isKazArchive ($dirLink))
continue;
$archive_info = read_archive_info ($dir_link);
if (! count ($archive_info))
$archiveInfo = readArchiveFromLink ($dirLink);
if (! count ($archiveInfo))
return;
if ($archive_info [T_NEW])
foreach ($archive_info [T_NEW] as [$new_name, $crypt_key]) {
if ($file_name != $new_name)
if ($archiveInfo [T_NEW])
foreach ($archiveInfo [T_NEW] as [$newName, $cryptKey]) {
if ($fileName != $newName)
continue;
if ($sender == $archive_info [T_SENDER]) {
if ($sender == $archiveInfo [T_SENDER]) {
if (valideTime ($dirTime, $fileTime)) {
jirafeau_delete_link ($file_name);
$message .= jirafeau_escape ($file_link ['file_name'])." est supprim&eacte;.";
jirafeau_delete_link ($fileName);
$message .= jirafeau_escape ($fileLink ['file_name'])." est supprim&eacute;";
// check empty dir
$empty = true;
foreach ([T_OLD, T_NEW] as $cat)
if ($empty && isset ($archive_info [$cat]))
foreach ($archive_info [$cat] as [$l, $c])
if ($empty && isset ($archiveInfo [$cat]))
foreach ($archiveInfo [$cat] as [$l, $c])
if (count (jirafeau_get_link ($l))) {
$empty = false;
break;
}
if ($empty) {
$message .= jirafeau_escape ($file_link ['dir_name'])." vide est &eacte;galement supprim&eacte;.";
jirafeau_delete_link ($dir_name);
}
$message .= " ainsi que l'envoie ".$archiveInfo [T_TIME]." qui est vide.";
jirafeau_delete_link ($dirName);
} else
$message .= ".";
break;
}
setFake ($sender, $dir_link, $dirTime);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e. (F3 ".date ("Y-m-d H:i:s", $dirTime)." != ".date ("Y-m-d H:i:s", $fileTime).")";
// XXX $dologout = true;
setSenderFake ($sender, $dirLink, $dirTime);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e. ".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
$dologout = true;
break;
}
if (valideTime ($dirTime, $fileTime)) {
setFake ($sender, $dir_link, $dirTime);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire. (F4 ".date ("Y-m-d H:i:s", $dirTime)." != ".date ("Y-m-d H:i:s", $fileTime).")";
// XXX $doLogout = true;
setSenderFake ($sender, $dirLink, $dirTime);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire.".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
$doLogout = true;
break;
}
setFake ($archive_info [T_SENDER], $dir_link, $dirTime);
$message .= "Quelqu'un av&eacute;tait revandiqu&eacute; cet envoi. (F5 ".$sender." != ".$archive_info [T_SENDER].")";
setSenderFake ($archiveInfo [T_SENDER], $dirLink, $dirTime);
$message .= "Quelqu'un av&eacute;tait revandiqu&eacute; cet envoi. (".$sender." != ".$archiveInfo [T_SENDER].")";
break;
}
}
@ -787,7 +848,7 @@ function deleteAction ($link_name) {
// delete
if (isset ($_REQUEST [A_DELETE])) {
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $_REQUEST [A_DELETE]))
return_error (t ('FILE_404'));
returnError (t ('FILE_404'));
deleteAction ($_REQUEST [A_DELETE]);
}
@ -810,13 +871,13 @@ if (isset ($_REQUEST [A_ACTION])) {
switch (true) {
case preg_match ("/^".A_RECORD."(on|off)$/i", $_REQUEST [A_ACTION], $matches):
if ($matches [1] == "on")
setTrack ($sender);
setSenderTrack ($sender);
else
rmTrack ($sender);
rmSenderTrack ($sender);
$message .= "Votre suivi &agrave; &eacute;t&eacute; mise &agrave; jour.";
break;
case preg_match ("/^".A_PERIOD."(".implode ("|", array_keys ($periodText)).")$/i", $_REQUEST [A_ACTION], $matches):
setPeriod ($sender, $matches [1]);
setSenderPeriod ($sender, $matches [1]);
$message .= "Votre p&eacute;riode &agrave; &eacute;t&eacute; mise &agrave; jour.";
break;
}
@ -827,30 +888,30 @@ $archives = [];
$stack = array (VAR_LINKS);
while ( ($d = array_shift ($stack)) && $d != null) {
$dir = scandir ($d);
foreach ($dir as $dir_name) {
if (strcmp ($dir_name, '.') == 0 || strcmp ($dir_name, '..') == 0 ||
preg_match ('/\.tmp/i', "$dir_name")) {
foreach ($dir as $dirName) {
if (strcmp ($dirName, '.') == 0 || strcmp ($dirName, '..') == 0 ||
preg_match ('/\.tmp/i', "$dirName")) {
continue;
}
if (is_dir ($d . $dir_name)) {
if (is_dir ($d . $dirName)) {
/* Push new found directory. */
$stack [] = $d . $dir_name . '/';
$stack [] = $d . $dirName . '/';
continue;
}
/* Read link informations. */
$l = jirafeau_get_link ($dir_name);
$l = jirafeau_get_link ($dirName);
if (!count ($l))
continue;
if (!isKazArchive ($l))
continue;
$archive_info = read_archive_info ($l);
if ($sender != $archive_info [T_SENDER])
$archiveInfo = readArchiveFromLink ($l);
if ($sender != $archiveInfo [T_SENDER])
continue;
$archive_info ['link'] = $dir_name;
$archive_info ['key'] = $l ['key'];
$archive_info ['time'] = $l ['time'];
$archive_info ['hash'] = $l ['hash'];
$archives [] = $archive_info;
$archiveInfo ['link'] = $dirName;
$archiveInfo ['key'] = $l ['key'];
$archiveInfo ['maxtime'] = $l ['time'];
$archiveInfo ['hash'] = $l ['hash'];
$archives [] = $archiveInfo;
}
}
require (JIRAFEAU_ROOT . 'lib/template/header.php');
@ -864,7 +925,7 @@ echo '<script type="text/javascript">';
function getURI (uri, params) {
var form = document.createElement ('form');
form.setAttribute ('method', 'post');
form.setAttribute ('action', "<?php echo $url_base; ?>"+uri);
form.setAttribute ('action', "<?php echo $urlBase; ?>"+uri);
var hiddenField = document.createElement ('input');
for (var key in params) {
if (params.hasOwnProperty (key)) {
@ -882,10 +943,10 @@ function getKazArchive (l, k) {
getURI ("<?php echo $_SERVER ['SCRIPT_NAME']; ?>", {<?php echo A_GET; ?>:l+'~'+k});
}
function getKazFile (l, k) {
window.location.href = "<?php echo $url_base; ?>/f.php?h="+l+"&k="+k;
window.location.href = "<?php echo $urlBase; ?>/f.php?h="+l+"&k="+k;
}
function showLink (l, k) {
alert ("<?php echo $url_base;?>/f.php?h="+l+"&k="+k);
alert ("<?php echo $urlBase;?>/f.php?h="+l+"&k="+k);
}
function ajaxUpdate (period, hash) {
var xhr = new XMLHttpRequest ();
@ -913,8 +974,8 @@ div.frame {border: 1px; border-style: solid; padding: 1em; margin: 1em;}
--></style>
<?php
$defaultChecked = [];
$defaultChecked [getTrack ($sender) ? "on" : "off"] = ' checked="checked"';
$defaultChecked [getPeriod ($sender)] = ' selected="selected"';
$defaultChecked [getSenderTrack ($sender) ? "on" : "off"] = ' checked="checked"';
$defaultChecked [getSenderPeriod ($sender)] = ' selected="selected"';
echo
'<form method="post">'.
'Je veux que Kaz suive tous mes futurs envois: '.
@ -944,22 +1005,22 @@ echo
$userSise = 0;
$userTab = [];
if ($archives) {
foreach ($archives as $archive_info) {
foreach ($archives as $archiveInfo) {
$contentSize = 0;
$archContent = '';
foreach ([T_NEW, T_OLD] as $cat) {
$li_style = $cat == T_NEW ? "font-weight: bold;" : "font-style: italic;";
if (isset ($archive_info [$cat]))
foreach ($archive_info [$cat] as [$link_name, $crypt_key]) {
$link = jirafeau_get_link ($link_name);
$liStyle = $cat == T_NEW ? "font-weight: bold;" : "font-style: italic;";
if (isset ($archiveInfo [$cat]))
foreach ($archiveInfo [$cat] as [$linkName, $cryptKey]) {
$link = jirafeau_get_link ($linkName);
if (count ($link) == 0)
continue;
if ($cat == T_NEW )
$contentSize += $link ['file_size'];
$lf = $link_name;
$lf = $linkName;
$kf = $link ['key'];
$archContent .=
'<li style="list-style:none; '.$li_style.'">'.
'<li style="list-style:none; '.$liStyle.'">'.
'<a data-tooltip="voir" href="javascript:getKazFile (\''.$lf.'\', \''.$kf.'\');"> &#128065; </a>'.
'<a data-tooltip="voir le lien" href="javascript:showLink (\''.$lf.'\', \''.$kf.'\');"> &#128279; </a>';
// foreach ($periodButton as $item => $bt)
@ -977,8 +1038,8 @@ if ($archives) {
}
$archEntry =
'<div class="frame" width="100%" >';
$la = $archive_info ['link'];
$ka = $archive_info ['key'];
$la = $archiveInfo ['link'];
$ka = $archiveInfo ['key'];
$archEntry .=
'<a data-tooltip="voir" href="javascript:getKazArchive (\''.$la.'\', \''.$ka.'\');"> &#128065; </a>'.
'<a data-tooltip="voir le lien" href="javascript:showLink (\''.$la.'\', \''.$ka.'\');"> &#128279; </a>';
@ -986,13 +1047,13 @@ if ($archives) {
$archEntry .=
'<a data-tooltip="'.$bt[1].'" href="javascript:ajaxUpdate (\''.$la.'\', \''.$ka.'\');"> '.$bt[0].' </a>';
$archEntry .=
'<strong>'.$archive_info [T_TIMESTAMP].' ('.jirafeau_human_size ($contentSize).')</strong>'.
'<strong>'.$archiveInfo [T_TIME].' ('.jirafeau_human_size ($contentSize).')</strong>'.
'<a data-tooltip="supprimer tous" href="javascript:rmFile (\''.$la.'\');"> &#9850; </a>'.
'<br/>=> '. ($archive_info ['time'] == -1 ? '∞' : jirafeau_get_datetimefield ($archive_info ['time'])).'<ul>'.
'<br/>=> '. ($archiveInfo ['maxtime'] == -1 ? '∞' : jirafeau_get_datetimefield ($archiveInfo ['maxtime'])).'<ul>'.
$archContent.
'</div>';
$userSise += $contentSize;
$userTab [getTimeFile ($archive_info ['hash'])] = $archEntry;
$userTab [getTimeFile ($archiveInfo ['hash'])] = $archEntry;
}
ksort ($userTab);
}
@ -1015,4 +1076,74 @@ if (count ($userTab)) {
require (JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
// ========================================
// // $count = count ($lines)-1;
// // $content = '';
// // for ($i = 0; $i < $count; $i++)
// // $content .= $lines [$i];
// // if (isset ($archive [T_SIGN]) && $archive [T_SIGN] == md5 ($content))
// // return $archive;
// // $message .= "bad signature <pre>".print_r ($lines, 1)."</pre>";
// // return [];
// function getSecret () {
// if (!file_exists (VAR_PRIVATE."secret")) {
// mkdir (VAR_PERIOD, 0700);
// for ($s = '', $i = 0, $z = strlen ($a = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')-1;
// $i != 32;
// $x = rand (0, $z), $s .= $a{$x}, $i++);
// file_put_contents (VAR_PRIVATE."secret", $s.NL);
// }
// return trim (file (VAR_PERIOD."secret"));
// }
// function crea-teArchive ($archive, $key, $maxtime, $ip) {
// if (!count ($archive))
// return;
// $content = T_ID.': '.time ();
// if (isset ($archive [T_TIME]))
// $content .= "time: ".$archive [T_TIME].NL;
// if (isset ($archive [T_SENDER]))
// $content .= "src: ".$archive [T_SENDER].NL;
// foreach ([T_OLD, T_NEW] as $cat)
// if (isset ($archiveInfo [$cat]))
// foreach ($archiveInfo [$cat] as [$linkName, $cryptKey])
// $content .= $cat.": ".$linkName." ".$cryptKey;
// $content .= T_SIGN.": ".md5 ($content).NL;
// $tmpFileName = tempnam (sys_get_temp_dir (), date ("newArchive-Ymd-H:i:s")."-");
// file_put_contents ($tmpFileName, $content);
// $file ['name'] = $tmpFileName;
// $file ['tmp_name'] = T_ARCHIVE_TITLE;
// $file ['error'] = UPLOAD_ERR_OK;
// $file ['type'] = T_ARCHIVE_MIME;
// $file ['size'] = filesize ($file ['tmp_name']);
// $res = jirafeau_upload (
// $file,
// false,
// $key,
// $maxtime,
// $ip,
// $cfg ['enable_crypt'],
// $cfg ['link_name_length'],
// $cfg ['file_hash']
// );
// unlink ($tmpFileName);
// }
// function checkNewArchive ($archive) {
// if (isset ($archiveInfo [T_NEW]))
// foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
// $fileLink = jirafeau_get_link ($fileName);
// if (! count ($link))
// return false;
// //upload_date
// }
// // all new never download
// // all new mtime < 60s
// }
// function checkReadArchive ($archive) {
// // md5
// }
?>