Ejemplo n.º 1
0
 /**
  * Action called to display user details
  */
 public function showAction()
 {
     $this->secure('admin');
     set('EditUserRight', fz_config_get('app', 'user_factory_class') === "Fz_User_Factory_Database");
     set('user', Fz_Db::getTable('User')->findById(params('id')));
     return html('user/show.php');
 }
Ejemplo n.º 2
0
 /**
  * Retrieve a user corresponding to $username and $password.
  *
  * @param string $username
  * @param string $password
  * @return array            User attributes if user was found, null if not
  */
 protected function _findByUsernameAndPassword($username, $password)
 {
     $bindValues = array(':username' => $username, ':password' => $password);
     $sql = 'SELECT * FROM ' . $this->getOption('db_table') . ' WHERE ' . fz_config_get('user_factory_options', 'db_username_field') . '=:username AND ' . fz_config_get('user_factory_options', 'db_password_field') . '=';
     $algorithm = trim($this->getOption('db_password_algorithm'));
     if (empty($algorithm)) {
         if (fz_config_get('user_factory_options', 'db_table') == 'fz_user') {
             $sql .= 'SHA1(CONCAT(salt, :password))';
         } else {
             // Shame on you !
             $sql .= ':password';
         }
     } else {
         if ($algorithm == 'MD5') {
             $sql .= 'MD5(:password)';
         } else {
             if ($algorithm == 'SHA1') {
                 $sql .= 'SHA1(:password)';
             } else {
                 if (is_callable($algorithm)) {
                     if (strstr($algorithm, '::') !== false) {
                         $algorithm = explode('::', $algorithm);
                     }
                     $sql .= $this->getConnection()->quote(call_user_func($algorithm, $password));
                     unset($bindValues[':password']);
                 } else {
                     $sql .= $algorithm;
                     // Plain SQL
                 }
             }
         }
     }
     return $this->fetchOne($sql, $bindValues);
 }
Ejemplo n.º 3
0
 /**
  * Function used to encrypt the password
  *
  * @param string password
  */
 public function setPassword($password)
 {
     $algorithm = fz_config_get('user_factory_options', 'db_password_algorithm');
     $this->password = $password;
     $sql = null;
     if ($algorithm === null) {
         $sql = 'SHA1(CONCAT(:salt,:password))';
         $this->_updatedColumns[] = 'salt';
         // to force PDO::bindValue when updating
     } else {
         if ($algorithm == 'MD5') {
             $sql = 'MD5(:password)';
         } else {
             if ($algorithm == 'SHA1') {
                 $sql = 'SHA1(:password)';
             } else {
                 if (is_callable($algorithm)) {
                     if (strstr($algorithm, '::') !== false) {
                         $algorithm = explode('::', $algorithm);
                     }
                     $sql = Fz_Db::getConnection()->quote(call_user_func($algorithm, $password));
                 } else {
                     $sql = $algorithm;
                     // Plain SQL
                 }
             }
         }
     }
     if ($sql !== null) {
         $this->setColumnModifier('password', $sql);
     }
 }
Ejemplo n.º 4
0
 public function indexAction()
 {
     // Display the send_us_a_file.html page if the "Send us a file" feature is on and the user is not logged in.
     if (fz_config_get('app', 'send_us_a_file_feature') && false == $this->getUser()) {
         set('start_from', Zend_Date::now()->get(Zend_Date::DATE_SHORT));
         $maxUploadSize = min(Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('upload_max_filesize')), Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('post_max_size')));
         set('max_upload_size', $maxUploadSize);
         return html('send_us_a_file.html');
     }
     $this->secure();
     $user = $this->getUser();
     $freeSpaceLeft = max(0, Fz_Db::getTable('File')->getRemainingSpaceForUser($user));
     $maxUploadSize = min(Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('upload_max_filesize')), Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('post_max_size')), $freeSpaceLeft);
     $progressMonitor = fz_config_get('app', 'progress_monitor');
     $progressMonitor = new $progressMonitor();
     set('upload_id', md5(uniqid(mt_rand(), true)));
     set('start_from', Zend_Date::now()->get(Zend_Date::DATE_SHORT));
     set('refresh_rate', 1200);
     set('files', Fz_Db::getTable('File')->findByOwnerOrderByUploadDateDesc($user));
     set('use_progress_bar', $progressMonitor->isInstalled());
     set('upload_id_name', $progressMonitor->getUploadIdName());
     set('free_space_left', $freeSpaceLeft);
     set('max_upload_size', $maxUploadSize);
     set('sharing_destinations', fz_config_get('app', 'sharing_destinations', array()));
     set('disk_usage', array('space' => '<b id="disk-usage-value">' . bytesToShorthand(Fz_Db::getTable('File')->getTotalDiskSpaceByUser($user)) . '</b>', 'quota' => fz_config_get('app', 'user_quota')));
     return html('main/index.php');
 }
Ejemplo n.º 5
0
 /**
  * Action called to display user details
  */
 public function showAction()
 {
     $this->secure('admin');
     set('EditUserRight', fz_config_get('app', 'user_factory_class') === "Fz_User_Factory_Database");
     set('user', Fz_Db::getTable('User')->findById(params('id')));
     // Flash 'back_to' to come back here after a file deletion.
     flash('back_to', '/admin/users/' . params('id'));
     return html('user/show.php');
 }
Ejemplo n.º 6
0
 /**
  * Return a free slot id in the fz_file table
  * 
  * @return integer
  */
 public function getFreeId()
 {
     $min = fz_config_get('app', 'min_hash_size');
     $max = fz_config_get('app', 'max_hash_size');
     $id = null;
     do {
         $id = base_convert($this->generateRandomHash($min, $max), 36, 10);
     } while ($this->rowExists($id));
     return $id;
 }
Ejemplo n.º 7
0
 /**
  * Allows to download file with filez-1.x urls
  */
 public function downloadFzOneAction()
 {
     if (!fz_config_get('app', 'filez1_compat')) {
         halt(HTTP_FORBIDDEN);
     }
     $file = Fz_Db::getTable('File')->findByFzOneHash($_GET['ad']);
     if ($file === null) {
         halt(NOT_FOUND, __('There is no file for this code'));
     }
     set('file', $file);
     set('available', $file->isAvailable() || $file->isOwner($this->getUser()));
     set('uploader', $file->getUploader());
     return html('file/preview.php');
 }
Ejemplo n.º 8
0
 /**
  * Action called to clean expired files and send mail to those who will be
  * in the next 2 days. This action is meant to be called from a cron script.
  * It should not respond any output except PHP execution errors. Everything
  * else is logged in 'filez-cron.log' and 'filez-cron-errors.log' files in
  * the configured log directory.
  */
 public function checkFilesAction()
 {
     // Delete files whose lifetime expired
     Fz_Db::getTable('File')->deleteExpiredFiles();
     // Send mail for files which will be deleted in less than 2 days
     $days = fz_config_get('cron', 'days_before_expiration_mail');
     foreach (Fz_Db::getTable('File')->findFilesToBeDeleted($days) as $file) {
         if ($file->notify_uploader) {
             $file->del_notif_sent = true;
             $file->save();
             $this->notifyDeletionByEmail($file);
         }
     }
 }
Ejemplo n.º 9
0
 /**
  * Translate profile var name from their original name.
  *
  * @param array   $profile
  * @return array            Translated profile
  */
 protected function buildUserProfile(array $profile)
 {
     $p = array();
     $translation = fz_config_get('user_attributes_translation', null, array());
     foreach ($translation as $key => $value) {
         if (array_key_exists($value, $profile)) {
             if (is_array($profile[$value])) {
                 $p[$key] = count($profile[$value]) > 0 ? $profile[$value][0] : null;
             } else {
                 $p[$key] = $profile[$value];
             }
         } else {
             fz_log('User_Factory: Missing attribute "' . $value . '" in user profile :', FZ_LOG_ERROR, $profile);
         }
     }
     return $p;
 }
Ejemplo n.º 10
0
 /**
  * Notify the owner of the file passed as parameter that its file is going
  * to be deleted
  *
  * @param App_Model_File $file
  */
 private function notifyDeletionByEmail(App_Model_File $file)
 {
     try {
         option('translate')->setLocale(fz_config_get('app', 'default_locale'));
         option('locale')->setLocale(fz_config_get('app', 'default_locale'));
         $mail = $this->createMail();
         $user = $file->getUploader();
         $subject = __r('[FileZ] Your file "%file_name%" is going to be deleted', array('file_name' => $file->file_name));
         $msg = __r('email_delete_notif (%file_name%, %file_url%, %filez_url%, %available_until%)', array('file_name' => $file->file_name, 'file_url' => $file->getDownloadUrl(), 'filez_url' => url_for('/'), 'available_until' => $file->getAvailableUntil()->toString(Zend_Date::DATE_FULL)));
         $mail->setBodyText($msg);
         $mail->setSubject($subject);
         $mail->addTo($user->email);
         $mail->send();
         fz_log('Delete notification sent to ' . $user->email, FZ_LOG_CRON);
     } catch (Exception $e) {
         fz_log('Can\'t send email to ' . $user->email . ' file_id:' . $file->id, FZ_LOG_CRON_ERROR);
     }
 }
Ejemplo n.º 11
0
 public function indexAction()
 {
     $this->secure();
     $user = $this->getUser();
     $freeSpaceLeft = max(0, Fz_Db::getTable('File')->getRemainingSpaceForUser($user));
     $maxUploadSize = min(Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('upload_max_filesize')), Fz_Db::getTable('File')->shorthandSizeToBytes(ini_get('post_max_size')), $freeSpaceLeft);
     $progressMonitor = fz_config_get('app', 'progress_monitor');
     $progressMonitor = new $progressMonitor();
     set('upload_id', md5(uniqid(mt_rand(), true)));
     set('start_from', Zend_Date::now()->get(Zend_Date::DATE_SHORT));
     set('refresh_rate', 1200);
     set('files', Fz_Db::getTable('File')->findByOwnerOrderByUploadDateDesc($user));
     set('use_progress_bar', $progressMonitor->isInstalled());
     set('upload_id_name', $progressMonitor->getUploadIdName());
     set('free_space_left', $freeSpaceLeft);
     set('max_upload_size', $maxUploadSize);
     return html('main/index.php');
 }
Ejemplo n.º 12
0
function fz_log($message, $type = null, $vars = null)
{
    if ($type == FZ_LOG_DEBUG && option('debug') !== true) {
        return;
    }
    if ($type !== null) {
        $type = '-' . $type;
    }
    $message = trim($message);
    if ($vars !== null) {
        $message .= var_export($vars, true) . "\n";
    }
    $message = str_replace("\n", "\n   ", $message);
    $message = '[' . strftime('%F %T') . '] ' . str_pad('[' . $_SERVER["REMOTE_ADDR"] . ']', 18) . $message . "\n";
    if (fz_config_get('app', 'log_dir') !== null) {
        $log_file = fz_config_get('app', 'log_dir') . '/filez' . $type . '.log';
        if (file_put_contents($log_file, $message, FILE_APPEND) === false) {
            trigger_error('Can\'t open log file (' . $log_file . ')', E_USER_WARNING);
        }
    }
    if (option('debug') === true) {
        debug_msg($message);
    }
}
Ejemplo n.º 13
0
 /**
  * Share a file url
  */
 public function shareAction()
 {
     $this->secure();
     $user = $this->getUser();
     $file = $this->getFile();
     $this->checkOwner($file, $user);
     set('sharing_destinations', fz_config_get('app', 'sharing_destinations'));
     set('downloadUrl', $file->getDownloadUrl());
     return html('file/_share_link.php');
 }
Ejemplo n.º 14
0
 /**
  * Create an instance of Zend_Mail, set the default transport and the sender
  * info.
  *
  * @return Zend_Mail
  */
 protected function createMail()
 {
     if (self::$_mailTransportSet === false) {
         $config = fz_config_get('email');
         $config['name'] = 'filez';
         $transport = new Zend_Mail_Transport_Smtp($config['host'], $config);
         Zend_Mail::setDefaultTransport($transport);
         self::$_mailTransportSet = true;
     }
     $mail = new Zend_Mail('utf-8');
     $mail->setFrom($config['from_email'], $config['from_name']);
     return $mail;
 }
Ejemplo n.º 15
0
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel="shortcut icon" type="image/x-icon" href="/favicon.ico" />
    <link rel="stylesheet" href="<?php 
echo public_url_for('resources/css/html5-reset.css');
?>
" type="text/css" media="all" />
    <link rel="stylesheet" href="<?php 
echo public_url_for('resources/css/main.css');
?>
" type="text/css" media="all" />

    <?php 
if (fz_config_get('looknfeel', 'custom_css', '') != '') {
    ?>
      <link rel="stylesheet" href="<?php 
    echo public_url_for(fz_config_get('looknfeel', 'custom_css'));
    ?>
" type="text/css" media="all" />
    <?php 
}
?>

    <!--[if lte IE 8]>
    <script type="text/javascript" src="<?php 
echo public_url_for('resources/js/html5.js');
?>
"></script>
    <![endif]-->

  </head>
  <body>
Ejemplo n.º 16
0
        <?php 
if (fz_config_get('looknfeel', 'bug_report_href')) {
    ?>
          <a href="<?php 
    echo fz_config_get('looknfeel', 'bug_report_href');
    ?>
" class="bug"><?php 
    echo __('Report a bug');
    ?>
</a>
        <?php 
}
?>
      </div>

      <?php 
if (fz_config_get('looknfeel', 'show_credit')) {
    ?>
        <a href="http://gpl.univ-avignon.fr" target="#_blank"><?php 
    echo __('A free software from the University of Avignon');
    ?>
</a>
      <?php 
}
?>

      <?php 
echo check_cron();
?>
    </footer>
Ejemplo n.º 17
0
 /**
  * Return an instance of a table
  *
  * @param   string $table
  * @return  object 
  */
 public static function getTable($table)
 {
     if (!array_key_exists($table, self::$_tables)) {
         $dialect = fz_config_get('db', 'db_dialect');
         $prefix = 'App_Model_DbTable_';
         $tableClass = substr($table, 0, strlen($prefix)) == $prefix ? $table : $prefix . $table;
         $tableClass = "{$tableClass}{$dialect}";
         self::$_tables[$table] = new $tableClass();
     }
     return self::$_tables[$table];
 }
Ejemplo n.º 18
0
    <header>
      <h1>
        <?php 
if (fz_config_get('looknfeel', 'your_logo', '') != '') {
    ?>
          <span id="your-logo">
            <img src="<?php 
    echo public_url_for(fz_config_get('looknfeel', 'your_logo'));
    ?>
"/>
          </span>
        <?php 
}
?>
        <span id="filez-header">
          <a href="<?php 
echo public_url_for('/');
?>
" id="filez-logo">
            <img src="<?php 
echo public_url_for('resources/images/filez-logo.png');
?>
" title="filez" />
          </a>
          <?php 
echo __('Share files for a limited time.');
?>
        </span>
        <span style="display: block; clear: both;"></span>
      </h1>
Ejemplo n.º 19
0
 /**
  * Return remaining disk space available for user $user
  *
  * @param array     $user   User data
  * @return float            Size in bytes or string if $shorthand = true
  */
 public function getRemainingSpaceForUser($user)
 {
     return $this->shorthandSizeToBytes(fz_config_get('app', 'user_quota')) - $this->getTotalDiskSpaceByUser($user);
 }
Ejemplo n.º 20
0
 /**
  * Function called on file upload error. A message corresponding to the error
  * code passed as parameter is return to the user. Error codes come from
  * $_FILES['userfile']['error'] plus a custom error code called
  * 'UPLOAD_ERR_QUOTA_EXCEEDED'
  *
  * @param integer $errorCode
  */
 private function onFileUploadError($errorCode = null)
 {
     $response['status'] = 'error';
     $response['statusText'] = __('An error occurred while uploading the file.') . ' ';
     if ($errorCode === null) {
         return $this->returnData($response);
     }
     switch ($errorCode) {
         case UPLOAD_ERR_NO_TMP_DIR:
             fz_log('upload error (Missing a temporary folder)', FZ_LOG_ERROR);
             break;
         case UPLOAD_ERR_CANT_WRITE:
             fz_log('upload error (Failed to write file to disk)', FZ_LOG_ERROR);
             break;
             // These errors come from the client side, let him know what's wrong
         // These errors come from the client side, let him know what's wrong
         case UPLOAD_ERR_INI_SIZE:
         case UPLOAD_ERR_FORM_SIZE:
             $response['statusText'] .= __('The uploaded file exceeds the max file size.') . ' : (' . ini_get('upload_max_filesize') . ')';
             break;
         case UPLOAD_ERR_PARTIAL:
             $response['statusText'] .= __('The uploaded file was only partially uploaded.');
             break;
         case UPLOAD_ERR_NO_FILE:
             $response['statusText'] .= __('No file was uploaded.');
             break;
         case UPLOAD_ERR_QUOTA_EXCEEDED:
             $response['statusText'] .= __r('You exceeded your disk space quota (%space%).', array('space' => fz_config_get('app', 'user_quota')));
         case UPLOAD_ERR_ALLOWED_EXTS:
             $response['statusText'] .= __r('The file is not allowed to be uploaded. Note that files allowed need to be %allowed_exts%.', array('allowed_exts' => fz_config_get('app', 'allowed_exts')));
     }
     return $this->returnData($response);
 }
Ejemplo n.º 21
0
 private function redirectHome()
 {
     return fz_redirect_to('/', fz_config_get('app', 'https') == 'always');
 }
Ejemplo n.º 22
0
/**
 * configuring Filez
 */
function before()
{
    if (fz_config_get('app', 'use_url_rewriting')) {
        option('base_uri', option('base_path'));
    }
    // error handling
    if (fz_config_get('app', 'debug', false)) {
        ini_set('display_errors', true);
        option('debug', true);
        option('env', ENV_DEVELOPMENT);
    } else {
        ini_set('display_errors', false);
        option('debug', false);
    }
    // I18N
    Zend_Locale::setDefault(fz_config_get('app', 'default_locale', 'fr'));
    $currentLocale = new Zend_Locale('auto');
    $translate = new Zend_Translate('gettext', option('root_dir') . DIRECTORY_SEPARATOR . 'i18n', $currentLocale, array('scan' => Zend_Translate::LOCALE_DIRECTORY));
    option('translate', $translate);
    option('locale', $currentLocale);
    Zend_Registry::set('Zend_Locale', $currentLocale);
    // Execute DB configuration only if Filez is configured
    if (!option('installing')) {
        // check log dir
        if (!is_writable(fz_config_get('app', 'log_dir'))) {
            trigger_error('Log dir is not writeable "' . fz_config_get('app', 'log_dir') . '"', E_USER_WARNING);
        }
        // check upload dir
        if (!is_writable(fz_config_get('app', 'upload_dir'))) {
            trigger_error('Upload dir is not writeable "' . fz_config_get('app', 'upload_dir') . '"', E_USER_ERROR);
        }
        // Database configuration
        try {
            $db = new PDO(fz_config_get('db', 'dsn'), fz_config_get('db', 'user'), fz_config_get('db', 'password'));
            $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
            $db->exec('SET NAMES \'utf8\'');
            option('db_conn', $db);
        } catch (Exception $e) {
            halt(SERVER_ERROR, 'Can\'t connect to the database');
        }
        // Initialise and save the user factory
        $factoryClass = fz_config_get('app', 'user_factory_class');
        $userFactory = new $factoryClass();
        $userFactory->setOptions(fz_config_get('user_factory_options', null, array()));
        option('userFactory', $userFactory);
        // Check the database version and migrate if necessary
        $dbSchema = new Fz_Db_Schema(option('root_dir') . '/config/db');
        if ($dbSchema->isOutdated()) {
            fz_log('Migration needed (db_version: ' . $dbSchema->getCurrentVersion() . '), executing the scripts...');
            $dbSchema->migrate();
        }
    }
}
Ejemplo n.º 23
0
    <label for="input-lastname"><?php 
echo __('Lastname');
?>
 :</label>
    <input type="text" id="input-lastname" name="lastname" value="" alt="<?php 
echo __('Lastname');
?>
" maxlength="20" />
  </div>
  <div id="quota">
    <label for="input-quota"><?php 
echo __('Quota');
?>
 :</label>
    <input type="text" id="input-quota" name="quota" value="<?php 
echo fz_config_get('app', 'user_quota');
?>
" alt="<?php 
echo __('Quota');
?>
" maxlength="20" />
  </div>

  <div id="upload">
    <input type="submit" id="start-new_user" name="new_user" class="awesome blue large" value="&raquo; <?php 
echo __('Create');
?>
" />
  </div>
  </form>
</section>
Ejemplo n.º 24
0
?>
" />
    </div>
  </div>
  <div id="lifetime">
    <label for="select-lifetime"><?php 
echo __('Lifetime');
?>
 :</label>
    <select id="select-lifetime" name="lifetime" alt="<?php 
echo __('Select a lifetime');
?>
">
      <?php 
$default = fz_config_get('app', 'default_file_lifetime', 10);
$max = fz_config_get('app', 'max_file_lifetime', 20);
for ($i = 1; $i <= $max; ++$i) {
    ?>
        <option value=<?php 
    echo "\"{$i}\"" . ($i == $default ? ' selected="selected" ' : '');
    ?>
>
          <?php 
    echo str_replace('%n%', $i, $i > 1 ? __('%n% days') : __('%n% day'));
    ?>
        </option>
      <?php 
}
?>
    </select>
  </div>
Ejemplo n.º 25
0
 /**
  * Action called to clean expired files and send mail to those who will be
  * in the next 2 days. This action is meant to be called from a cron script.
  * It should not respond any output except PHP execution errors. Everything
  * else is logged in 'filez-cron.log' and 'filez-cron-errors.log' files in
  * the configured log directory.
  */
 public function checkFilesAction()
 {
     // Delete files whose lifetime expired
     Fz_Db::getTable('File')->deleteExpiredFiles();
     // Send mail for files which will be deleted in less than 2 days
     $days = fz_config_get('cron', 'days_before_expiration_mail');
     foreach (Fz_Db::getTable('File')->findFilesToBeDeleted($days) as $file) {
         // TODO improve the SQL command to retrieve uploader email at the same time
         //      to reduce the # of request made by notifyDeletionByEmail
         if ($file->notify_uploader) {
             $file->del_notif_sent = true;
             $file->save();
             $this->notifyDeletionByEmail($file);
         }
     }
 }
Ejemplo n.º 26
0
?>
/email" class="awesome green share">
      <?php 
echo __('Share');
?>
    </a>
  </p>
</div>

<div class="file-attributes">
  <p class="availability"><?php 
echo __r('Available from %from% to %to%', array('from' => $file->getAvailableFrom()->get(Zend_Date::MONTH) == $file->getAvailableUntil()->get(Zend_Date::MONTH) ? $file->getAvailableFrom()->toString('d') : $file->getAvailableFrom()->toString('d MMMM'), 'to' => '<b>' . $file->getAvailableUntil()->toString('d MMMM') . '</b>'));
?>

    <?php 
if ($file->extends_count < fz_config_get('app', 'max_extend_count')) {
    ?>
      <a href="<?php 
    echo $file->getDownloadUrl();
    ?>
/extend" class="extend" title="<?php 
    echo __('Extend one more day');
    ?>
">
        <?php 
    echo __('Extend one more day');
    ?>
      </a>
    <?php 
}
?>
Ejemplo n.º 27
0
 /**
  * Notify the file's owner by email that its file has been downloaded
  *
  * @param App_Model_File $file
  */
 private function sendFileDownloadedMail(App_Model_File $file)
 {
     if (!$file->notify_uploader) {
         return;
     }
     // find user IP
     // TODO: extract this function to generic place
     $ipaddress = '';
     if ($_SERVER['HTTP_CLIENT_IP']) {
         $ipaddress = $_SERVER['HTTP_CLIENT_IP'];
     } else {
         if ($_SERVER['HTTP_X_FORWARDED_FOR']) {
             $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
         } else {
             if ($_SERVER['HTTP_X_FORWARDED']) {
                 $ipaddress = $_SERVER['HTTP_X_FORWARDED'];
             } else {
                 if ($_SERVER['HTTP_FORWARDED_FOR']) {
                     $ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
                 } else {
                     if ($_SERVER['HTTP_FORWARDED']) {
                         $ipaddress = $_SERVER['HTTP_FORWARDED'];
                     } else {
                         if ($_SERVER['REMOTE_ADDR']) {
                             $ipaddress = $_SERVER['REMOTE_ADDR'];
                         } else {
                             $ipaddress = 'UNKNOWN';
                         }
                     }
                 }
             }
         }
     }
     // Send confirmation mail
     $user = Fz_Db::getTable('User')->findById($file->created_by);
     // I don't get why $user = $this->getUser (); doesn't work ???
     $mail = $this->createMail();
     $mail->addTo($user->email);
     $mail->addTo($user->email, $user->firstname . ' ' . $user->lastname);
     $subject = __r('[FileZ] "%file_name%" downloaded', array('file_name' => $file->file_name));
     $msg = __r('email_file_downloaded (%file_name%, %file_url%, %sender%, %ip%)', array('file_name' => $file->file_name, 'file_url' => $file->getDownloadUrl(), 'sender' => $user, 'ip' => $ipaddress));
     $mail->setBodyText($msg);
     $mail->setSubject($subject);
     $mail->setReplyTo($user->email, $user);
     $mail->clearFrom();
     $mail->setFrom(fz_config_get('email', 'from_email'), fz_config_get('email', 'from_name'));
     try {
         $mail->send();
     } catch (Exception $e) {
         fz_log('Can\'t send email "File Downloaded" : ' . $e, FZ_LOG_ERROR);
     }
 }
Ejemplo n.º 28
0
    /**
     *
     */
    public function configureAction()
    {
        $config = fz_config_get();
        //
        $locales_choices = array();
        foreach (glob(option('root_dir') . '/i18n/*', GLOB_ONLYDIR) as $lc) {
            $locales_choices[basename($lc)] = basename($lc);
        }
        $errors = array();
        $notifs = array();
        // If request is post, check for errors
        if (request_is_post()) {
            // prevent unchecked input from being transformed to true when merging config
            $_POST['config']['looknfeel']['show_credit'] = array_key_exists('show_credit', $_POST['config']['looknfeel']) ? 1 : 0;
            $config = merge_config($_POST['config'], $config);
            // checking rights
            $this->checkRights($errors, $config);
            // Checking database connection
            $this->checkDatabaseConf($errors, $config);
            // If Upload monitoring lib is selected check if it's installed
            if ($config['app']['progress_monitor'] != '') {
                $progressMonitor = $config['app']['progress_monitor'];
                $progressMonitor = new $progressMonitor();
                if (!$progressMonitor->isInstalled()) {
                    $errors[] = array('title' => 'Your system is not configured for ' . get_class($progressMonitor), 'msg' => 'Read <a href="http://github.com/UAPV/FileZ/blob/master/doc/INSTALL.markdown" target="_blank">the INSTALL file</a> for help');
                }
            }
            // Is CAS authentication, check requirements
            if ($config['app']['auth_handler_class'] == 'Fz_Controller_Security_Cas' && !function_exists('curl_init')) {
                $errors[] = array('title' => 'PHP extension "cURL" is required for CAS authentication but is not installed', 'msg' => 'Use php5-curl on debian to install it');
            }
            // Checking User factory connection
            if ($config['app']['user_factory_class'] == 'Fz_User_Factory_Ldap') {
                $this->checkUserFactoryLdapConf($errors, $config);
            }
            // do not check user factory if database.
            //elseif ($config['app']['user_factory_class'] == 'Fz_User_Factory_Database')
            //    $this->checkUserFactoryDatabaseConf ($errors, $config);
            // Checking email
            $this->checkEmailConf($errors, $config);
            // If no errors or if the user ignored them, save the config and create
            // the database
            if (empty($errors) || array_key_exists('ignore_errors', $_POST)) {
                //$errors = array (); // Reset errors.
                // Try to save the file or display it
                $configFile = option('root_dir') . DIRECTORY_SEPARATOR . 'config' . DIRECTORY_SEPARATOR . 'filez.ini';
                if (!fz_config_save($config, $configFile)) {
                    $errors[] = array('title' => 'Can\'t save filez.ini.', 'msg' => 'Put the following code in the file "' . $configFile . '" :<textarea cols="60" rows="50">' . fz_serialize_ini_array($config, true) . '</textarea>');
                } else {
                    $notifs[] = 'Created file "' . $configFile . '"';
                }
                try {
                    $this->initDatabase();
                    $notifs[] = 'Database configured.<br/><br/>
A default admin account has been created. Login ("<tt>admin</tt>" / "<tt>filez</tt>") and choose a new password.';
                } catch (Exception $e) {
                    $errors[] = array('title' => 'Can\'t initialize the database (' . $e->getMessage() . ')', 'msg' => 'Check your database configuration in config/filez.ini and re-run the SQL script "' . $initDbScript . '".');
                }
                set('errors', $errors);
                set('notifs', $notifs);
                return html('install/finished.php');
            }
            if (!empty($errors)) {
                set('errors', $errors);
            }
        }
        set('config', $config);
        set('locales_choices', $locales_choices);
        return html('install/index.php');
    }
Ejemplo n.º 29
0
 /**
  * Return the absolute location of the file on disk
  * 
  * @return string
  */
 public function getOnDiskLocation()
 {
     if ($this->nom_physique != '' && fz_config_get('app', 'filez1_compat')) {
         return fz_config_get('app', 'upload_dir') . '/' . $this->nom_physique;
     } else {
         return fz_config_get('app', 'upload_dir') . '/' . $this->getHash();
     }
 }
Ejemplo n.º 30
0
        e.preventDefault();
      });

      // Show password box on checkbox click
      $('input.password').hide();
      $('#use-password, #option-use-password label').click (function () { // IE quirk fix
        if ($('#use-password').attr ('checked')) {
            $('input.password').show().focus();
        } else {
            $('input.password').val('').hide();
        }

      });
  <?php 
// Check file extensions
$matches = fz_config_get('app', 'allowed_extensions') ? fz_config_get('app', 'allowed_extensions') : '';
if ('' !== $matches) {
    ?>
     $("#upload-form").validate({
        rules: {
          'start-upload' : {
            required: true,
            accept: "<?php 
    echo $matches;
    ?>
"
          }
        }
     });
  <?php 
}