KAZ
/
depollueur
3
1
Fork 0
Code Issues Pull Requests Projects Releases Activity
Browse Source

upgrade Jirafeau 4.5

test-skip
François 1 year ago
parent
f51dc3f7a3
commit
f6db4af4fc
2 changed files with 20 additions and 136 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 35
      src/Jirafeau/f.php
  2. 121
      src/Jirafeau/t.php

35
src/Jirafeau/f.php
View File

@ -89,6 +89,8 @@ if (!empty($delete_code) && $delete_code == $link['link_code']) {
'</p></div>';
} else { ?>
<div>
<form action="<?php echo 'f.php?h=' . $link_name . '&amp;d=' . $delete_code; ?>" method="post" id="submit_delete_post" class="form login">
<input type="hidden" name="do_delete" value="1" />
<form action="f.php" method="post" id="submit_delete_post" class="form login">
<input type="hidden" name="do_delete" value=1/>
<fieldset>
@ -97,17 +99,15 @@ if (!empty($delete_code) && $delete_code == $link['link_code']) {
<tr><td>
<?php echo t('GONNA_DEL') . ' "' . jirafeau_escape($link['file_name']) . '" (' . jirafeau_human_size($link['file_size']) . ').' ?>
</td></tr>
<tr><td>
<tr><td>
<?php echo t('USING_SERVICE'). ' <a href="tos.php" target="_blank" rel="noopener noreferrer">' . t('TOS') . '</a>.' ?>
</td></tr>
<tr><td>
<input type="submit" id="submit_delete" value="<?php echo t('DELETE'); ?>"
<?php $action_delete="'f.php?h=' . $link_name . '&amp;d=' . $delete_code'; document.getElementById('submit_delete').submit ();"; ?>
onclick="document.getElementById('submit_delete_post').action='<?php echo $action_delete; ?>" />
</td></tr>
</table>
</fieldset></form></div><?php
}
</td></tr>
<tr><td>
<input type="submit" id="submit_delete" value="<?php echo t('DELETE'); ?>"
</td></tr>
</table>
</fieldset></form></div><?php
}
require(JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
}
@ -145,7 +145,7 @@ if (!empty($link['key'])) {
'<legend>' . t('PSW_PROTEC') .
'</legend><table><tr><td>' .
t('GIMME_PSW') . ' : ' .
'<input type = "password" name = "key" />' .
'<input type = "password" name = "key" autocomplete = "current-password"/>' .
'</td></tr>' .
'<tr><td>' .
t('USING_SERVICE'). ' <a href="tos.php" target="_blank" rel="noopener noreferrer">' . t('TOS') . '</a>.' .
@ -276,11 +276,16 @@ elseif ($link['crypted']) {
}
/* Read file. */
else {
$r = fopen(VAR_FILES . $p . $link['hash'], 'r');
while (!feof($r)) {
print fread($r, 1024);
if ($cfg['use_xsendfile']) {
$file_web_path = preg_replace('#^' . $_SERVER['DOCUMENT_ROOT'] . '#', '', VAR_FILES);
header('X-Sendfile: ' . $file_web_path . $p . $link['hash']);
} else {
$r = fopen(VAR_FILES . $p . $link['hash'], 'r');
while (!feof($r)) {
print fread($r, 1024);
}
fclose($r);
}
fclose($r);
}
if ($link['onetime'] == 'O') {

121
src/Jirafeau/t.php
View File

@ -1,121 +0,0 @@
<?php
define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
require (JIRAFEAU_ROOT . 'lib/settings.php');
require (JIRAFEAU_ROOT . 'lib/functions.php');
require (JIRAFEAU_ROOT . 'lib/lang.php');
@set_time_limit (0);
/* Remove errors. */
@error_reporting (0);
if (isset ($_REQUEST ['l']) && !empty ($_REQUEST ['l']))
$linksPass = explode ("/", $_REQUEST ["l"]);
else if (isset ($_REQUEST ['h']) && !empty ($_REQUEST ['h']))
$linksPass = $_REQUEST ["h"];
else
die ("no links");
if (!is_array ($linksPass))
die ("no list is given: ".$h);
$notFoundCount=0;
$map = [];
// First pass: check
foreach ($linksPass as $line) {
if (strpos ($line, '~') !== false)
$couple = explode ("~", $line, 2);
else
$couple = explode ("/", $line, 2);
if (count ($couple) == 0)
continue;
$link_name = $couple [0];
if (!$link_name)
continue;
$crypt_key = count ($couple) == 2 ? $couple [1] : "";
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
die ("bad link format : ".$link_name);
$link = jirafeau_get_link ($link_name);
if (count ($link) == 0) {
++$notFoundCount;
continue;
}
$key = $link['key'];
if ($key) {
preg_match ( '/[0-9a-zA-Z_-]+/', $link['key'], $matches);
$key = $matches[1];
}
if ($key && (empty ($crypt_key) || $key != $crypt_key))
die ("bad key for ".$link);
$map [$link_name] = $crypt_key;
}
// second pass: send
if (isset ($_REQUEST ['n']) && !empty ($_REQUEST ['n']))
$dirname=$_REQUEST ['n'];
else
$dirname="kaz-".date ("Ymd-His");
$tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
$zip = new ZipArchive;
if (!$zip)
die ("can't create tmp");
if ($zip->open ($tmpFileName.".zip", ZipArchive::CREATE) !== TRUE)
die ("can't create tmp");
if ($notFoundCount) {
$zip->addFromString ($dirname."-Avertissement.txt", $notFoundCount. ($notFoundCount ? " fichier est expiré." : " fichiers sont expirés."));
}
$single_name=[];
foreach ($map as $link_name => $crypt_key) {
$link = jirafeau_get_link ($link_name);
$p = s2p ($link ['hash']);
$src_name = $dst_name = $link['file_name'];
if (in_array ($src_name, $single_name))
for ($i = 0; $i < 10000; ++$i) {
$dst_name = sprintf ("%s-%2d", $src_name, $i);
if (!in_array ($dst_name, $single_name))
break;
}
$single_name[]=$dst_name;
// send
if ($link['crypted']) {
$m = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
$md5_key = md5 ($crypt_key);
$iv = jirafeau_crypt_create_iv ($md5_key, mcrypt_enc_get_iv_size ($m));
mcrypt_generic_init ($m, $md5_key, $iv);
$r = fopen (VAR_FILES . $p . $link['hash'], 'r');
$content = "";
while (!feof ($r)) {
$dec = mdecrypt_generic ($m, fread ($r, 1024));
$content .= $dec;
ob_flush ();
}
fclose ($r);
$zip->addFromString ($dirname."/".$dst_name, $content);
mcrypt_generic_deinit ($m);
mcrypt_module_close ($m);
continue;
}
$zip->addFile (VAR_FILES . $p . $link['hash'], $dirname."/".$dst_name);
}
$zip->close ();
if (!is_file ($tmpFileName.".zip"))
die ("can't retreive tmp");
header ("HTTP/1.0 200 OK");
header ("Content-Type: application/zip");
header ('Content-Disposition: filename="'.$dirname.'.zip"');
$r = fopen($tmpFileName.".zip", 'r');
while (!feof ($r)) {
print fread ($r, 1024);
ob_flush ();
}
fclose ($r);
unlink ($tmpFileName.".zip");
unlink ($tmpFileName);
Write Preview
Loading…
Cancel
Save