upgrade Jirafeau 4.5
This commit is contained in:
parent
f51dc3f7a3
commit
f6db4af4fc
@ -89,6 +89,8 @@ if (!empty($delete_code) && $delete_code == $link['link_code']) {
|
||||
'</p></div>';
|
||||
} else { ?>
|
||||
<div>
|
||||
<form action="<?php echo 'f.php?h=' . $link_name . '&d=' . $delete_code; ?>" method="post" id="submit_delete_post" class="form login">
|
||||
<input type="hidden" name="do_delete" value="1" />
|
||||
<form action="f.php" method="post" id="submit_delete_post" class="form login">
|
||||
<input type="hidden" name="do_delete" value=1/>
|
||||
<fieldset>
|
||||
@ -102,8 +104,6 @@ if (!empty($delete_code) && $delete_code == $link['link_code']) {
|
||||
</td></tr>
|
||||
<tr><td>
|
||||
<input type="submit" id="submit_delete" value="<?php echo t('DELETE'); ?>"
|
||||
<?php $action_delete="'f.php?h=' . $link_name . '&d=' . $delete_code'; document.getElementById('submit_delete').submit ();"; ?>
|
||||
onclick="document.getElementById('submit_delete_post').action='<?php echo $action_delete; ?>" />
|
||||
</td></tr>
|
||||
</table>
|
||||
</fieldset></form></div><?php
|
||||
@ -145,7 +145,7 @@ if (!empty($link['key'])) {
|
||||
'<legend>' . t('PSW_PROTEC') .
|
||||
'</legend><table><tr><td>' .
|
||||
t('GIMME_PSW') . ' : ' .
|
||||
'<input type = "password" name = "key" />' .
|
||||
'<input type = "password" name = "key" autocomplete = "current-password"/>' .
|
||||
'</td></tr>' .
|
||||
'<tr><td>' .
|
||||
t('USING_SERVICE'). ' <a href="tos.php" target="_blank" rel="noopener noreferrer">' . t('TOS') . '</a>.' .
|
||||
@ -276,12 +276,17 @@ elseif ($link['crypted']) {
|
||||
}
|
||||
/* Read file. */
|
||||
else {
|
||||
if ($cfg['use_xsendfile']) {
|
||||
$file_web_path = preg_replace('#^' . $_SERVER['DOCUMENT_ROOT'] . '#', '', VAR_FILES);
|
||||
header('X-Sendfile: ' . $file_web_path . $p . $link['hash']);
|
||||
} else {
|
||||
$r = fopen(VAR_FILES . $p . $link['hash'], 'r');
|
||||
while (!feof($r)) {
|
||||
print fread($r, 1024);
|
||||
}
|
||||
fclose($r);
|
||||
}
|
||||
}
|
||||
|
||||
if ($link['onetime'] == 'O') {
|
||||
jirafeau_delete_link($link_name);
|
||||
|
@ -1,121 +0,0 @@
|
||||
<?php
|
||||
define ('JIRAFEAU_ROOT', dirname (__FILE__) . '/');
|
||||
|
||||
require (JIRAFEAU_ROOT . 'lib/settings.php');
|
||||
require (JIRAFEAU_ROOT . 'lib/functions.php');
|
||||
require (JIRAFEAU_ROOT . 'lib/lang.php');
|
||||
|
||||
@set_time_limit (0);
|
||||
/* Remove errors. */
|
||||
@error_reporting (0);
|
||||
|
||||
if (isset ($_REQUEST ['l']) && !empty ($_REQUEST ['l']))
|
||||
$linksPass = explode ("/", $_REQUEST ["l"]);
|
||||
else if (isset ($_REQUEST ['h']) && !empty ($_REQUEST ['h']))
|
||||
$linksPass = $_REQUEST ["h"];
|
||||
else
|
||||
die ("no links");
|
||||
|
||||
if (!is_array ($linksPass))
|
||||
die ("no list is given: ".$h);
|
||||
|
||||
$notFoundCount=0;
|
||||
$map = [];
|
||||
// First pass: check
|
||||
foreach ($linksPass as $line) {
|
||||
if (strpos ($line, '~') !== false)
|
||||
$couple = explode ("~", $line, 2);
|
||||
else
|
||||
$couple = explode ("/", $line, 2);
|
||||
if (count ($couple) == 0)
|
||||
continue;
|
||||
$link_name = $couple [0];
|
||||
if (!$link_name)
|
||||
continue;
|
||||
$crypt_key = count ($couple) == 2 ? $couple [1] : "";
|
||||
if (!preg_match ('/[0-9a-zA-Z_-]+$/', $link_name))
|
||||
die ("bad link format : ".$link_name);
|
||||
$link = jirafeau_get_link ($link_name);
|
||||
if (count ($link) == 0) {
|
||||
++$notFoundCount;
|
||||
continue;
|
||||
}
|
||||
$key = $link['key'];
|
||||
if ($key) {
|
||||
preg_match ( '/[0-9a-zA-Z_-]+/', $link['key'], $matches);
|
||||
$key = $matches[1];
|
||||
}
|
||||
if ($key && (empty ($crypt_key) || $key != $crypt_key))
|
||||
die ("bad key for ".$link);
|
||||
$map [$link_name] = $crypt_key;
|
||||
}
|
||||
|
||||
// second pass: send
|
||||
if (isset ($_REQUEST ['n']) && !empty ($_REQUEST ['n']))
|
||||
$dirname=$_REQUEST ['n'];
|
||||
else
|
||||
$dirname="kaz-".date ("Ymd-His");
|
||||
$tmpFileName = tempnam (sys_get_temp_dir (), $dirname."-");
|
||||
$zip = new ZipArchive;
|
||||
if (!$zip)
|
||||
die ("can't create tmp");
|
||||
if ($zip->open ($tmpFileName.".zip", ZipArchive::CREATE) !== TRUE)
|
||||
die ("can't create tmp");
|
||||
|
||||
if ($notFoundCount) {
|
||||
$zip->addFromString ($dirname."-Avertissement.txt", $notFoundCount. ($notFoundCount ? " fichier est expiré." : " fichiers sont expirés."));
|
||||
}
|
||||
$single_name=[];
|
||||
foreach ($map as $link_name => $crypt_key) {
|
||||
$link = jirafeau_get_link ($link_name);
|
||||
$p = s2p ($link ['hash']);
|
||||
|
||||
$src_name = $dst_name = $link['file_name'];
|
||||
if (in_array ($src_name, $single_name))
|
||||
for ($i = 0; $i < 10000; ++$i) {
|
||||
$dst_name = sprintf ("%s-%2d", $src_name, $i);
|
||||
if (!in_array ($dst_name, $single_name))
|
||||
break;
|
||||
}
|
||||
$single_name[]=$dst_name;
|
||||
|
||||
// send
|
||||
if ($link['crypted']) {
|
||||
$m = mcrypt_module_open ('rijndael-256', '', 'ofb', '');
|
||||
$md5_key = md5 ($crypt_key);
|
||||
$iv = jirafeau_crypt_create_iv ($md5_key, mcrypt_enc_get_iv_size ($m));
|
||||
mcrypt_generic_init ($m, $md5_key, $iv);
|
||||
$r = fopen (VAR_FILES . $p . $link['hash'], 'r');
|
||||
$content = "";
|
||||
while (!feof ($r)) {
|
||||
$dec = mdecrypt_generic ($m, fread ($r, 1024));
|
||||
$content .= $dec;
|
||||
ob_flush ();
|
||||
}
|
||||
fclose ($r);
|
||||
$zip->addFromString ($dirname."/".$dst_name, $content);
|
||||
|
||||
mcrypt_generic_deinit ($m);
|
||||
mcrypt_module_close ($m);
|
||||
continue;
|
||||
}
|
||||
$zip->addFile (VAR_FILES . $p . $link['hash'], $dirname."/".$dst_name);
|
||||
}
|
||||
$zip->close ();
|
||||
|
||||
|
||||
if (!is_file ($tmpFileName.".zip"))
|
||||
die ("can't retreive tmp");
|
||||
|
||||
header ("HTTP/1.0 200 OK");
|
||||
header ("Content-Type: application/zip");
|
||||
header ('Content-Disposition: filename="'.$dirname.'.zip"');
|
||||
$r = fopen($tmpFileName.".zip", 'r');
|
||||
while (!feof ($r)) {
|
||||
print fread ($r, 1024);
|
||||
ob_flush ();
|
||||
}
|
||||
fclose ($r);
|
||||
|
||||
unlink ($tmpFileName.".zip");
|
||||
unlink ($tmpFileName);
|
Loading…
Reference in New Issue
Block a user