KAZ
/
depollueur
3
1
Fork 0
Code Issues Pull Requests Projects Releases Activity
Browse Source

update

develop
François 2 years ago
parent
77c1bb84bd
commit
dbe0e45525
2 changed files with 81 additions and 129 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 206
      src/Jirafeau/a.php
  2. 4
      src/bash/filter.sh

206
src/Jirafeau/a.php
View File

@ -3,9 +3,14 @@
* Kaz addon (see https://git.kaz.bzh/KAZ/depollueur for information)
* create un archive for a set of file or update file deadline
a.php?u=month&h=HHHHHHHH => deadline
a.php?r=email => track
a.php?p=email => period
a.php?u=month&h=HHHHHHHH => update deadline
a.php?g=l~k => zip
a.php?s=mel@domain.org => send status e-mail
a.php?time=month&key=password + POST file => upload
a.php?s=mel@domain.org => form
a.php?s=mel@domain.org&t=password + [action] => manage account
action: a=login a=logout a=r[on|off] a=p[minute|hour|day|week|month|quarter]
*/
use PHPMailer\PHPMailer\PHPMailer;
use PHPMailer\PHPMailer\SMTP;
@ -62,7 +67,7 @@ define ('M_SEND_TOKEN', "Vous allez recevoir un lien d'accès temporaire &
define ('M_INCONSISTENT_DATES',
" (dates incohéantes avec ___FILENAME___ : ___DIRTIME___ != ___FILETIME___)");
define ('A_ACTION', 'a'); // action : T_SEND, T_LOGOUT, A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter)
define ('A_ACTION', 'a'); // action : T_LOGIN, T_LOGOUT, A_RECORD+(on|off), A_PERIOD(minute|hour|day|week|month|quarter)
define ('A_GET', 'g'); // get archive
define ('A_HASH', 'h'); // file to update or delete
define ('A_OPEN_TOKEN', 'o'); // ask token
@ -85,8 +90,8 @@ define ('T_SIGN', 'sign');
define ('T_NOT_FOUND', 'not_found');
define ('T_OLD', 'old');
define ('T_RENAME', 'rename');
define ('T_SEND', 'send');
define ('T_LOGOUT', 'lougout');
define ('T_LOGIN', 'login');
define ('T_LOGOUT', 'logout');
define ('T_SENDER', 'sender');
define ('T_TIME', 'time');
define ('T_ID', 'id');
@ -113,6 +118,31 @@ $message = '';
/* Remove errors. */
@error_reporting (0);
// ========================================
if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
returnError (M_BAD_SENDER_NAME);
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
echo $content;
exit;
}
// ========================================
if (isset ($_REQUEST [A_PERIOD]) && !empty ($_REQUEST [A_PERIOD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_PERIOD]))
returnError (M_BAD_SENDER_NAME);
$content = getSenderPeriod ($_REQUEST [A_PERIOD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
echo $content;
exit;
}
// ========================================
$doUpdate = false;
if (isset ($_REQUEST [A_UPDATE]) && !empty ($_REQUEST [A_UPDATE])) {
$doUpdate = true;
@ -211,27 +241,46 @@ function period2seconds ($periodName) {
}
// ========================================
function setSenderFake ($error, $sender, $owner, $dirLink, $dirTime, $fileName, $fileTime) {
if (!$sender)
return;
function setSenderFake ($error, $sender, $owner, $dirLink, $fileLink) {
global $doLogout;
if (!file_exists (VAR_FAKE))
mkdir (VAR_FAKE, 0755);
file_put_contents (VAR_FAKE.$sender,
"time: ".time ().NL.
"date: ".date ("Y-m-d H:i:s").NL.
"error: ".$error.NL.
"sender: ".$sender.NL.
"owner: ".$owner.NL.
"dirLink: ".$dirLink.NL.
"dirTime: ".$dirTime.NL.
"fileTime: ".$fileTime.NL);
"fileName: ".$fileName.NL.
rmToken ($sender);
}
function getSenderFake ($sender) {
$dirTime = $fileTime = $fileName = $fileType = $ip = '';
if (count ($dirLink) != 0) {
$dirTime = $dirLink ['upload_date'].date (" Y-m-d H:i:s", $dirLink ['upload_date']);
$ip = $dirLink ['ip'];
}
if (!$sender)
return;
return file_exists (VAR_FAKE.$sender);
if (count ($fileLink) != 0) {
$fileTime = $fileLink ['upload_date'].date (" Y-m-d H:i:s", $fileLink ['upload_date']);
$fileName = $link ['file_name'];
$fileType = $link ['mime_type'];
}
$content =
"time : ".time ().NL.
"date : ".date ("Y-m-d H:i:s").NL.
"error : ".$error.NL.
"sender : <".$sender.">".NL.
"owner : <".$owner.">".NL.
"dirLink : <".$dirLink.">".NL.
"dirTime : ".$dirTime.NL.
"dirIp : ".$ip.NL.
"fileTime: ".$fileTime.NL.
"fileType: <".$fileType.">".NL.
"fileName: <".$fileName.">".NL;
$log = $ip.$sender;
if ($log)
file_put_contents (VAR_FAKE.$log, $content);
// $doLogout = true;
// rmToken ($sender);
}
function getSenderFake ($sender) {
return false;
// return $sender && file_exists (VAR_FAKE.$sender);
}
// ========================================
@ -594,7 +643,7 @@ if ($doDownload) {
if (false) {
// log
// debug
$message .= print_r ($archiveInfo, 1);
$message .= print_r ($archiveContent, 1);
@ -622,30 +671,6 @@ if ($doDownload) {
exit;
}
// ========================================
if (isset ($_REQUEST [A_RECORD]) && !empty ($_REQUEST [A_RECORD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_RECORD]))
returnError (M_BAD_SENDER_NAME);
$content = getSenderTrack ($_REQUEST [A_RECORD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
echo $content;
exit;
}
// ========================================
if (isset ($_REQUEST [A_PERIOD]) && !empty ($_REQUEST [A_PERIOD])) {
if (!preg_match ("/^([a-z0-9\+_\-]+)(\.[a-z0-9\+_\-]+)*@([a-z0-9\-]+\.)+[a-z]{2,6}$/i", $_REQUEST [A_PERIOD]))
returnError (M_BAD_SENDER_NAME);
$content = getSenderPeriod ($_REQUEST [A_PERIOD]).NL;
header ('HTTP/1.0 200 OK');
header ('Content-Length: ' . strlen ($content));
header ('Content-Type: text/plain');
echo $content;
exit;
}
// ========================================
// form
$token = '';
@ -657,7 +682,7 @@ if (isset ($_REQUEST [A_TOKEN]) && !empty ($_REQUEST [A_TOKEN])) {
$refToken = getToken ($sender);
$urlBase = $_SERVER ['HTTP_X_FORWARDED_PROTO']."://".$_SERVER ['HTTP_HOST'];
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_SEND && $sender) {
if (isset ($_REQUEST [A_ACTION]) && $_REQUEST [A_ACTION] == T_LOGIN && $sender) {
require (JIRAFEAU_ROOT . 'lib/template/header.php');
if (getSenderFake ($sender))
echo "Ce compte ne peut plus se connecter. Veuillez contacter les administrateurs.";
@ -707,7 +732,7 @@ if (! ($sender && $token && $token == $refToken &&
</tr>
<tr class="nav">
<td class="nav next">
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_SEND; ?>" />
<input type="hidden" name="<?php echo A_ACTION; ?>" value="<?php echo T_LOGIN; ?>" />
<input type="submit" value="<?php echo M_SEND; ?>" />
</td>
</tr>
@ -739,9 +764,8 @@ function deleteAction ($linkName) {
if (! count ($archiveInfo))
return;
if ($sender != $archiveInfo [T_SENDER]) {
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $dirTime, null, null);
setSenderFake ("rmdir: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, null);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire";
$doLogout = true;
return;
}
$fileToDelete = false;
@ -752,11 +776,10 @@ function deleteAction ($linkName) {
continue;
$fileTime = $fileLink ['upload_date'];
if (! valideTime ($dirTime, $fileTime)) {
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
setSenderFake ("rmdir: newfile not same time", $sender, null, $dirLink, $fileLink);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
//$doLogout = true;
return;
}
$fileToDelete = true;
@ -827,22 +850,20 @@ function deleteAction ($linkName) {
$message .= ".";
break;
}
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
setSenderFake ("rm: dir not same time", $sender, null, $dirLink, $fileLink);
$message .= "Cet envoi a &eacute;t&eacute; forg&eacute;e. ".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
//$dologout = true;
break;
}
if (valideTime ($dirTime, $fileTime)) {
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
setSenderFake ("rm: not owner", $sender, $archiveInfo [T_SENDER], $dirLink, $fileLink);
$message .= "Tentative de supprimer un envoi dont vous n'&ecirc;tes pas le propri&eacute;taire.".
str_replace (["___FILENAME___", "___DIRTIME___", "___FILETIME___"],
[$fileLink ['file_name'], $dirTime , $fileTime], M_INCONSISTENT_DATES);
//$doLogout = true;
break;
}
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $dirTime, $fileLink ['file_name'], $fileTime);
setSenderFake ("rm: find not owner", $archiveInfo [T_SENDER], $sender, $dirLink, $fileLink);
$message .= "Quelqu'un av&eacute;tait revandiqu&eacute; cet envoi. (".$sender." != ".$archiveInfo [T_SENDER].")";
break;
}
@ -1087,72 +1108,3 @@ require (JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
// ========================================
// // $count = count ($lines)-1;
// // $content = '';
// // for ($i = 0; $i < $count; $i++)
// // $content .= $lines [$i];
// // if (isset ($archive [T_SIGN]) && $archive [T_SIGN] == md5 ($content))
// // return $archive;
// // $message .= "bad signature <pre>".print_r ($lines, 1)."</pre>";
// // return [];
// function getSecret () {
// if (!file_exists (VAR_PRIVATE."secret")) {
// mkdir (VAR_PERIOD, 0700);
// for ($s = '', $i = 0, $z = strlen ($a = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789')-1;
// $i != 32;
// $x = rand (0, $z), $s .= $a{$x}, $i++);
// file_put_contents (VAR_PRIVATE."secret", $s.NL);
// }
// return trim (file (VAR_PERIOD."secret"));
// }
// function crea-teArchive ($archive, $key, $maxtime, $ip) {
// if (!count ($archive))
// return;
// $content = T_ID.': '.time ();
// if (isset ($archive [T_TIME]))
// $content .= "time: ".$archive [T_TIME].NL;
// if (isset ($archive [T_SENDER]))
// $content .= "src: ".$archive [T_SENDER].NL;
// foreach ([T_OLD, T_NEW] as $cat)
// if (isset ($archiveInfo [$cat]))
// foreach ($archiveInfo [$cat] as [$linkName, $cryptKey])
// $content .= $cat.": ".$linkName." ".$cryptKey;
// $content .= T_SIGN.": ".md5 ($content).NL;
// $tmpFileName = tempnam (sys_get_temp_dir (), date ("newArchive-Ymd-H:i:s")."-");
// file_put_contents ($tmpFileName, $content);
// $file ['name'] = $tmpFileName;
// $file ['tmp_name'] = T_ARCHIVE_TITLE;
// $file ['error'] = UPLOAD_ERR_OK;
// $file ['type'] = T_ARCHIVE_MIME;
// $file ['size'] = filesize ($file ['tmp_name']);
// $res = jirafeau_upload (
// $file,
// false,
// $key,
// $maxtime,
// $ip,
// $cfg ['enable_crypt'],
// $cfg ['link_name_length'],
// $cfg ['file_hash']
// );
// unlink ($tmpFileName);
// }
// function checkNewArchive ($archive) {
// if (isset ($archiveInfo [T_NEW]))
// foreach ($archiveInfo [T_NEW] as [$fileName, $cryptKey]) {
// $fileLink = jirafeau_get_link ($fileName);
// if (! count ($link))
// return false;
// //upload_date
// }
// // all new never download
// // all new mtime < 60s
// }
// function checkReadArchive ($archive) {
// // md5
// }
?>

4
src/bash/filter.sh
View File

@ -105,7 +105,7 @@ mkdir -p "${REP_PIECE_JOINTE}/"
>"${ARCHIVE_CONTENT}"
# Etape de rafraichissement des anciens fichiers inclus
echo -e "time: ${DATE_TEMPS}\nid: $(date +%s)" > "${ARCHIVE_CONTENT}"
echo "time: ${DATE_TEMPS}\nid: $(date +%s)" > "${ARCHIVE_CONTENT}"
[ -n "${TRACK}" ] && echo "sender: ${MAIL_SOURCE}" >> "${ARCHIVE_CONTENT}"
LOG_FIC "${SHRINK_CMD} -u \"${INSPECT_DIR}/in.$$\" 2>> \"${FIC_LOG}\" > \"${OLD_LINKS}\""
@ -163,7 +163,7 @@ LOG_FIC "${SHRINK_CMD} -s ${MAX_KEEP_IN_MAIL} -d ${REP_PIECE_JOINTE} ${INSPECT_D
done
# Création de l'archive
NB_ATTACH=$(grep -e "^old: " -e "^new: " "${ARCHIVE_CONTENT}" | wc -l)
if [ -n "${TRACK}" ] || [ "${NB_ATTACH}" -gt 1 ]; then
if [ \( -n "${TRACK}" -a "${NB_ATTACH}" -gt 0 \) -o "${NB_ATTACH}" -gt 1 ]; then
PASSWORD=$(apg -n 1 -m 12)
PASSWORD_MD5=$(echo -n ${PASSWORD} | ${MD5_CMD} | cut -d \ -f 1)
LOG_FIC " - \"${JIRAFEAU_CMD}\" -f \"${JIRAFEAU_LOCAL}\" -s \"${MAX_UPLOAD_SIZE}\" -c \"${ARCHIVE_MIME}\" -n \"${ARCHIVE_TITLE}\" send \"${ARCHIVE_CONTENT}\" \"${PASSWORD}\" 2>> \"${FIC_LOG}\" > \"${ONE_LINK}\""

Write Preview
Loading…
Cancel
Save