mirror_php/Jirafeau
1
0
Fork 0
mirror of https://gitlab.com/mojo42/Jirafeau.git synced 2025-01-17 21:08:20 +01:00
Code Issues Projects Releases Wiki Activity

Add option to set an upload password

Browse Source
This commit is contained in:
Jerome Jutteau 2013-08-01 19:30:11 +00:00
parent 8d0d50765b
commit 631048856d
4 changed files with 103 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
index.php
View File

@ -33,6 +33,62 @@ if (has_error ())
require (JIRAFEAU_ROOT . 'lib/template/footer.php'); require (JIRAFEAU_ROOT . 'lib/template/footer.php');
exit; exit;
} }
/* Ask password if upload password is set. */
if (strlen ($cfg['upload_password']) > 0)
{
session_start();
/* Unlog if asked. */
if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0))
$_SESSION['upload_auth'] = false;
/* Auth. */
if (isset ($_POST['upload_password']))
{
if (strcmp ($cfg['upload_password'], $_POST['upload_password']) == 0)
$_SESSION['upload_auth'] = true;
else
{
$_SESSION['admin_auth'] = false;
echo '<div class="error"><p>' . t('Wrong password.') . '</p></div>';
require (JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
}
}
/* Show auth page. */
if (!isset ($_SESSION['upload_auth']) || $_SESSION['upload_auth'] != true)
{
?>
<form action = "<?php echo basename(__FILE__); ?>" method = "post">
<fieldset>
<table>
<tr>
<td class = "label"><label for = "enter_password">
<?php echo t('Upload password') . ':';?></label>
</td>
<td class = "field"><input type = "password"
name = "upload_password" id = "upload_password"
size = "40" />
</td>
</tr>
<tr class = "nav">
<td></td>
<td class = "nav next">
<input type = "submit" name = "key" value =
"<?php echo t('Login'); ?>" />
</td>
</tr>
</table>
</fieldset>
</form>
<?php
require (JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
}
}
?> ?>
<div id="upload_finished"> <div id="upload_finished">
<p> <p>
@ -96,6 +152,8 @@ if (has_error ())
</tr> </tr>
<p id="max_file_size" class="config"></p> <p id="max_file_size" class="config"></p>
<p> <p>
<input type="hidden" id="upload_password" name="upload_password" value="<?php echo $cfg['upload_password']?>"/>
<input type="submit" id="send" value="<?php echo t('Send'); ?>" <input type="submit" id="send" value="<?php echo t('Send'); ?>"
onclick=" onclick="
document.getElementById('upload').style.display = 'none'; document.getElementById('upload').style.display = 'none';
@ -105,6 +163,19 @@ if (has_error ())
</p> </p>
</table> </table>
</div> </fieldset> </div> </fieldset>
<?php
if (strlen ($cfg['upload_password']) > 0)
{
?>
<form action = "<?php echo basename(__FILE__); ?>" method = "post">
<input type = "hidden" name = "action" value = "logout"/>
<input type = "submit" value = "<?php echo t('Logout'); ?>" />
</form>
<?php
}
?>
</div> </div>
<script lang="Javascript"> <script lang="Javascript">

2
lib/config.original.php
View File

@ -52,6 +52,8 @@ $cfg['enable_blocks'] = false;
$cfg['enable_crypt'] = false; $cfg['enable_crypt'] = false;
/* Split lenght of link refenrece. */ /* Split lenght of link refenrece. */
$cfg['link_name_lenght'] = 8; $cfg['link_name_lenght'] = 8;
/* Upload password. Empty string disable the password. */
$cfg['upload_password'] = '';
if ((basename (__FILE__) != 'config.local.php') if ((basename (__FILE__) != 'config.local.php')
&& file_exists (JIRAFEAU_ROOT.'lib/config.local.php')) && file_exists (JIRAFEAU_ROOT.'lib/config.local.php'))

16
lib/functions.js
View File

@ -73,7 +73,7 @@ function upload_failed (e)
alert ('Sorry, upload failed'); alert ('Sorry, upload failed');
} }
function classic_upload (url, file, time, password, one_time) function classic_upload (url, file, time, password, one_time, upload_password)
{ {
var req = new XMLHttpRequest (); var req = new XMLHttpRequest ();
req.upload.addEventListener ("progress", upload_progress, false); req.upload.addEventListener ("progress", upload_progress, false);
@ -118,6 +118,9 @@ function classic_upload (url, file, time, password, one_time)
form.append ("key", password); form.append ("key", password);
if (one_time) if (one_time)
form.append ("one_time_download", '1'); form.append ("one_time_download", '1');
if (upload_password.length > 0)
form.append ("upload_password", upload_password);
req.send (form); req.send (form);
} }
@ -136,7 +139,7 @@ var async_global_max_size = 0;
var async_global_time; var async_global_time;
var async_global_transfering = 0; var async_global_transfering = 0;
function async_upload_start (url, max_size, file, time, password, one_time) function async_upload_start (url, max_size, file, time, password, one_time, upload_password)
{ {
async_global_transfered = 0; async_global_transfered = 0;
async_global_url = url; async_global_url = url;
@ -171,6 +174,9 @@ function async_upload_start (url, max_size, file, time, password, one_time)
form.append ("key", password); form.append ("key", password);
if (one_time) if (one_time)
form.append ("one_time_download", '1'); form.append ("one_time_download", '1');
if (upload_password.length > 0)
form.append ("upload_password", upload_password);
req.send (form); req.send (form);
} }
@ -278,7 +284,8 @@ function upload (url, max_size)
document.getElementById('file_select').files[0], document.getElementById('file_select').files[0],
document.getElementById('select_time').value, document.getElementById('select_time').value,
document.getElementById('input_key').value, document.getElementById('input_key').value,
document.getElementById('one_time_download').checked document.getElementById('one_time_download').checked,
document.getElementById('upload_password').value
); );
} }
else else
@ -287,7 +294,8 @@ function upload (url, max_size)
document.getElementById('file_select').files[0], document.getElementById('file_select').files[0],
document.getElementById('select_time').value, document.getElementById('select_time').value,
document.getElementById('input_key').value, document.getElementById('input_key').value,
document.getElementById('one_time_download').checked document.getElementById('one_time_download').checked,
document.getElementById('upload_password').value
); );
} }
} }

18
script.php
View File

@ -263,6 +263,12 @@ if (has_error ())
if (isset ($_FILES['file']) && is_writable (VAR_FILES) if (isset ($_FILES['file']) && is_writable (VAR_FILES)
&& is_writable (VAR_LINKS)) && is_writable (VAR_LINKS))
{ {
if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
{
echo "Error";
exit;
}
$key = ''; $key = '';
if (isset ($_POST['key'])) if (isset ($_POST['key']))
$key = $_POST['key']; $key = $_POST['key'];
@ -523,6 +529,12 @@ fi
/* Initialize an asynchronous upload. */ /* Initialize an asynchronous upload. */
elseif (isset ($_GET['init_async'])) elseif (isset ($_GET['init_async']))
{ {
if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
{
echo "Error";
exit;
}
if (!isset ($_POST['filename'])) if (!isset ($_POST['filename']))
{ {
echo "Error"; echo "Error";
@ -591,6 +603,12 @@ elseif (isset ($_GET['end_async']))
/* Initialize block. */ /* Initialize block. */
elseif (isset ($_GET['init_block']) && $cfg['enable_blocks']) elseif (isset ($_GET['init_block']) && $cfg['enable_blocks'])
{ {
if (strlen ($cfg['upload_password']) > 0 && (!isset ($_POST['upload_password']) || $_POST['upload_password'] != $cfg['upload_password']))
{
echo "Error";
exit;
}
if (!isset ($_POST['size'])) if (!isset ($_POST['size']))
echo "Error"; echo "Error";
else else