function sendConfigData() { global $login, $rn, $maxfilesize, $resize_show, $resize_data, $resize_label, $resize_default, $allowed_file_extensions; global $forbidden_file_extensions, $show_delete, $enable_folder_browsing, $enable_folder_creation; global $enable_folder_deletion, $enable_file_download, $keep_file_extension, $show_preview, $show_big_preview; global $enable_file_rename, $enable_folder_rename, $enable_folder_move, $enable_file_copymove, $language_dropdown; global $preview_textfile_extensions, $edit_textfile_extensions; // optional settings global $reg_infos, $login_text, $relogin_text, $upload_file, $base_dir, $titel; global $warning_setting, $hide_remote_view, $directory_file_limit, $remote_label; global $preview_label, $show_full_url_for_selected_file, $upload_finished_js_url; global $preview_select_js_url, $delete_js_url, $js_change_folder, $js_create_folder; global $js_rename_folder, $js_delete_folder, $js_copymove, $queue_file_limit, $show_size; global $queue_file_limit_size, $split_extension, $hide_help_button, $direct_download; // the sessionid is mandatory because upload in flash and Firefox would create a new session otherwise - sessionhandled login would fail then! $output = "&session_id=" . session_id() . "&login="******"&maxfilesize=" . tfu_enc("" . $maxfilesize, $rn); // ; . "&dir=" . $folder; // folder not sent anymore - only session is used! $output .= "&resize_show=" . $resize_show . "&resize_data=" . $resize_data; $output .= "&resize_label=" . $resize_label . "&resize_default=" . $resize_default; $output .= "&allowed_file_extensions=" . tfu_enc($allowed_file_extensions, $rn) . "&forbidden_file_extensions=" . $forbidden_file_extensions; $output .= "&show_delete=" . $show_delete . "&enable_folder_browsing=" . $enable_folder_browsing; $output .= "&enable_folder_creation=" . $enable_folder_creation . "&enable_folder_deletion=" . $enable_folder_deletion; $output .= "&enable_file_download=" . $enable_file_download . "&keep_file_extension=" . $keep_file_extension; $output .= "&show_preview=" . $show_preview . "&show_big_preview=" . $show_big_preview; $output .= "&enable_file_rename=" . $enable_file_rename . "&enable_folder_rename=" . $enable_folder_rename; $output .= "&enable_folder_copy=" . $enable_folder_move . "&enable_file_copy=" . $enable_file_copymove; $output .= "&language_dropdown=" . $language_dropdown; $output .= "&preview_textfile_extensions=" . $preview_textfile_extensions . "&edit_textfile_extensions=" . $edit_textfile_extensions; // optional settings $output .= $reg_infos . "&login_text=" . $login_text; $output .= "&relogin_text=" . $relogin_text . "&upload_file=" . $upload_file; $output .= "&base_dir=" . $base_dir . "&titel=" . $titel; $output .= "&warning_setting=" . $warning_setting . "&hide_remote_view=" . $hide_remote_view; $output .= "&directory_file_limit=" . $directory_file_limit; $output .= "&remote_label=" . $remote_label . "&preview_label=" . $preview_label; $output .= "&show_full_url_for_selected_file=" . $show_full_url_for_selected_file; $output .= "&upload_finished_js_url=" . $upload_finished_js_url . "&preview_select_js_url" . $preview_select_js_url; $output .= "&delete_js_url=" . $delete_js_url . "&js_change_folder=" . $js_change_folder; $output .= "&js_create_folder=" . $js_create_folder . "&js_rename_folder=" . $js_rename_folder; $output .= "&js_delete_folder=" . $js_delete_folder . "&js_copymove=" . $js_copymove; $output .= "&queue_file_limit=" . $queue_file_limit . "&queue_file_limit_size=" . $queue_file_limit_size; $output .= "&split_extension=" . $split_extension . "&hide_help_button=" . $hide_help_button; $output .= "&direct_download=" . $direct_download . "&show_size=" . $show_size; echo $output; }
$login = "******"; } } } // this setting are needed in the other php files too! setSessionVariables(); // sending and checking the registration infos - check is done in the flash therefore // we have to send all the registration infos to the flash too! $license_file = $install_path . "twg.lic.php"; if (file_exists($license_file)) { include $license_file; // we encrypt the license data since 1.7 to enhance security! $d = tfu_enc($d, $rn); $l = tfu_enc($l, $rn); $s = tfu_enc($s, $rn); $m = tfu_enc($m, $rn); $reg_infos = "&d=" . $d . "&s=" . $s . "&m=" . $m . "&l=" . $l; } else { $reg_infos = ""; // means freeware version! } // The following data is only sent enccypted: // - login - to disable unautorized access when the response is modified // - maxfilesize - to disable that bigger files can be uploaded when the response is modified // - allowed_file_extensions - to disable that other then the allowed extensions can be uploaded when the response is modified // - registration data - to secure your registration data that it can be monitored und used by someone else. // If you want to secure more of the sent parameters you have to change this here and in the flash sendConfigData(); } else { echo ' <style type="text/css">
/** * All parameters a sent to the flash * First I wanted to introduce a Config class but this is the only place where they * have to be passed globaly - therefore no class is used now. */ function sendConfigData() { global $login, $rn, $maxfilesize, $resize_show, $resize_data, $resize_label, $resize_default, $allowed_file_extensions; global $forbidden_file_extensions, $show_delete, $enable_folder_browsing, $enable_folder_creation; global $enable_folder_deletion, $enable_file_download, $keep_file_extension, $show_preview, $show_big_preview; global $enable_file_rename, $enable_folder_rename, $enable_folder_move, $enable_file_copymove, $language_dropdown; global $preview_textfile_extensions, $edit_textfile_extensions; //, $maxfilesize_split; // optional settings global $reg_infos, $login_text, $relogin_text, $upload_file, $base_dir, $titel; global $warning_setting, $hide_remote_view, $directory_file_limit, $remote_label; global $preview_label, $show_full_url_for_selected_file, $upload_finished_js_url; global $preview_select_js_url, $delete_js_url, $js_change_folder, $js_create_folder; global $js_rename_folder, $js_delete_folder, $js_copymove, $queue_file_limit, $show_size; global $queue_file_limit_size, $split_extension, $hide_help_button, $direct_download; global $description_mode_show_default, $description_mode, $download_multiple_files_as_zip; global $overwrite_files, $description_mode_mandatory, $post_upload_panel, $form_fields; global $big_progressbar, $img_progressbar, $img_progressbar_back, $img_progressbar_anim, $big_server_view; global $zip_file_pattern, $is_jfu_plugin, $has_post_processing, $directory_file_limit_size; global $show_server_date_instead_size, $enable_file_creation, $enable_file_creation_extensions; global $switch_sides, $date_format; // the sessionid is mandatory because upload in flash and Firefox would create a new session otherwise - sessionhandled login would fail then! $output = '&login='******'&maxfilesize=' . '' . $maxfilesize; // $output .= '&maxfilesize_split=' . tfu_enc('' . $maxfilesize_split, $rn); // $output .= '&maxfilesize_php=' . getMaximumUploadSize(); $output .= '&resize_show=' . $resize_show . '&resize_data=' . $resize_data; $output .= '&resize_label=' . urlencode($resize_label) . '&resize_default=' . $resize_default; $output .= '&allowed_file_extensions=' . $allowed_file_extensions . '&forbidden_file_extensions=' . $forbidden_file_extensions; $output .= '&show_delete=' . $show_delete . '&enable_folder_browsing=' . $enable_folder_browsing; $output .= '&enable_folder_creation=' . $enable_folder_creation . '&enable_folder_deletion=' . $enable_folder_deletion; $output .= '&enable_file_download=' . $enable_file_download . '&keep_file_extension=' . $keep_file_extension; $output .= '&show_preview=' . $show_preview . '&show_big_preview=' . $show_big_preview; $output .= '&enable_file_rename=' . $enable_file_rename . '&enable_folder_rename=' . $enable_folder_rename; $output .= '&enable_folder_copy=' . $enable_folder_move . '&enable_file_copy=' . $enable_file_copymove; $output .= '&language_dropdown=' . $language_dropdown; $output .= '&preview_textfile_extensions=' . $preview_textfile_extensions . '&edit_textfile_extensions=' . $edit_textfile_extensions; // optional settings $output .= $reg_infos . '&login_text=' . $login_text; $output .= '&relogin_text=' . $relogin_text . '&upload_file=' . $upload_file; $output .= '&base_dir=' . $base_dir . '&titel=' . urlencode($titel); $output .= '&warning_setting=' . $warning_setting . '&hide_remote_view=' . $hide_remote_view; $output .= '&directory_file_limit=' . $directory_file_limit; $output .= '&remote_label=' . urlencode($remote_label) . '&preview_label=' . $preview_label; $output .= '&show_full_url_for_selected_file=' . $show_full_url_for_selected_file; $output .= '&upload_finished_js_url=' . urlencode($upload_finished_js_url) . '&preview_select_js_url=' . urlencode($preview_select_js_url); $output .= '&delete_js_url=' . urlencode($delete_js_url) . '&js_change_folder=' . urlencode($js_change_folder); $output .= '&js_create_folder=' . urlencode($js_create_folder) . '&js_rename_folder=' . urlencode($js_rename_folder); $output .= '&js_delete_folder=' . urlencode($js_delete_folder) . '&js_copymove=' . urlencode($js_copymove); $output .= '&queue_file_limit=' . $queue_file_limit . '&queue_file_limit_size=' . $queue_file_limit_size; $output .= '&split_extension=' . $split_extension . '&hide_help_button=' . $hide_help_button; $output .= '&direct_download=' . $direct_download . '&show_size=' . $show_size; $output .= '&description_mode=' . $description_mode . '&description_mode_show_default=' . $description_mode_show_default; $output .= '&multiple_zip_download=' . $download_multiple_files_as_zip; $output .= '&overwrite_files=' . $overwrite_files . '&description_mode_mandatory=' . $description_mode_mandatory; $output .= '&post_upload_panel=' . $post_upload_panel . '&form_fields=' . $form_fields; $output .= '&big_progressbar=' . $big_progressbar . '&img_progressbar=' . $img_progressbar; $output .= '&img_progressbar_back=' . $img_progressbar_back . '&img_progressbar_anim=' . $img_progressbar_anim; $output .= '&big_server_view=' . $big_server_view . '&zip_file_pattern=' . $zip_file_pattern; $output .= '&is_jfu_plugin=' . $is_jfu_plugin . '&has_post_processing=' . $has_post_processing; $output .= '&directory_file_limit_size=' . $directory_file_limit_size . '&show_server_date_instead_size=' . $show_server_date_instead_size; $output .= '&enable_file_creation=' . $enable_file_creation . '&enable_file_creation_extensions=' . $enable_file_creation_extensions; $output .= '&switch_sides=' . $switch_sides . '&date_format=' . $date_format; // all parameters are sent encrypted to the client. $parameters = "¶meters=" . urlencode(tfu_enc($output, $rn)); // we generate a nonce for this request // last=true is added for such websites who add their own code to each page! echo '&tfu_nonce=' . create_tfu_nonce() . $parameters . "&last=true"; }
/** * All parameters a sent to the flash * First I wanted to introduce a Config class but this is the only place where they * have to be passed globaly - therefore no class is used now. */ function sendConfigData() { global $login, $rn, $maxfilesize, $resize_show, $resize_data, $resize_label, $resize_default, $allowed_file_extensions; global $forbidden_file_extensions, $show_delete, $enable_folder_browsing, $enable_folder_creation; global $enable_folder_deletion, $enable_file_download, $keep_file_extension, $show_preview, $show_big_preview; global $enable_file_rename, $enable_folder_rename, $enable_folder_move, $enable_file_copymove, $language_dropdown; global $preview_textfile_extensions, $edit_textfile_extensions; //, $maxfilesize_split; // optional settings global $reg_infos, $login_text, $relogin_text, $upload_file, $base_dir, $titel; global $warning_setting, $hide_remote_view, $directory_file_limit, $remote_label; global $preview_label, $show_full_url_for_selected_file, $upload_finished_js_url; global $preview_select_js_url, $delete_js_url, $js_change_folder, $js_create_folder; global $js_rename_folder, $js_delete_folder, $js_copymove, $queue_file_limit, $show_size; global $queue_file_limit_size, $split_extension, $hide_help_button, $direct_download; global $description_mode_show_default, $description_mode, $download_multiple_files_as_zip; global $overwrite_files, $description_mode_mandatory; // the sessionid is mandatory because upload in flash and Firefox would create a new session otherwise - sessionhandled login would fail then! $output = '&session_id=' . session_id() . '&login='******'&maxfilesize=' . tfu_enc('' . $maxfilesize, $rn); // ; . '&dir=' . $folder; // folder not sent anymore - only session is used! // $output .= '&maxfilesize_split=' . tfu_enc('' . $maxfilesize_split, $rn); // $output .= '&maxfilesize_php=' . getMaximumUploadSize(); $output .= '&resize_show=' . $resize_show . '&resize_data=' . $resize_data; $output .= '&resize_label=' . $resize_label . '&resize_default=' . $resize_default; $output .= '&allowed_file_extensions=' . tfu_enc($allowed_file_extensions, $rn) . '&forbidden_file_extensions=' . $forbidden_file_extensions; $output .= '&show_delete=' . $show_delete . '&enable_folder_browsing=' . $enable_folder_browsing; $output .= '&enable_folder_creation=' . $enable_folder_creation . '&enable_folder_deletion=' . $enable_folder_deletion; $output .= '&enable_file_download=' . $enable_file_download . '&keep_file_extension=' . $keep_file_extension; $output .= '&show_preview=' . $show_preview . '&show_big_preview=' . $show_big_preview; $output .= '&enable_file_rename=' . $enable_file_rename . '&enable_folder_rename=' . $enable_folder_rename; $output .= '&enable_folder_copy=' . $enable_folder_move . '&enable_file_copy=' . $enable_file_copymove; $output .= '&language_dropdown=' . $language_dropdown; $output .= '&preview_textfile_extensions=' . $preview_textfile_extensions . '&edit_textfile_extensions=' . $edit_textfile_extensions; // optional settings $output .= $reg_infos . '&login_text=' . $login_text; $output .= '&relogin_text=' . $relogin_text . '&upload_file=' . $upload_file; $output .= '&base_dir=' . $base_dir . '&titel=' . $titel; $output .= '&warning_setting=' . $warning_setting . '&hide_remote_view=' . $hide_remote_view; $output .= '&directory_file_limit=' . $directory_file_limit; $output .= '&remote_label=' . $remote_label . '&preview_label=' . $preview_label; $output .= '&show_full_url_for_selected_file=' . $show_full_url_for_selected_file; $output .= '&upload_finished_js_url=' . $upload_finished_js_url . '&preview_select_js_url=' . $preview_select_js_url; $output .= '&delete_js_url=' . $delete_js_url . '&js_change_folder=' . $js_change_folder; $output .= '&js_create_folder=' . $js_create_folder . '&js_rename_folder=' . $js_rename_folder; $output .= '&js_delete_folder=' . $js_delete_folder . '&js_copymove=' . $js_copymove; $output .= '&queue_file_limit=' . $queue_file_limit . '&queue_file_limit_size=' . $queue_file_limit_size; $output .= '&split_extension=' . $split_extension . '&hide_help_button=' . $hide_help_button; $output .= '&direct_download=' . $direct_download . '&show_size=' . $show_size; $output .= '&description_mode=' . $description_mode . '&description_mode_show_default=' . $description_mode_show_default; $output .= '&multiple_zip_download=' . $download_multiple_files_as_zip; $output .= '&overwrite_files=' . $overwrite_files . '&description_mode_mandatory=' . $description_mode_mandatory; echo $output; }
$login = "******"; } } } /* Here the $login variable has to be finally set if you do your own authentification */ // some dynamic settings need to be stored in the session setSessionVariables(); // Sending and checking the registration infos - check is done in the flash therefore // we have to send part of the registration infos to the flash! $license_file = $install_path . "twg.lic.php"; if (file_exists($license_file)) { include $license_file; // we encrypt the license data since 1.7 to enhance security! $d = tfu_enc($d, $rn); $l = tfu_enc($l, $rn); $m = tfu_enc($m, $rn); $s = tfu_enc($s, $rn, 50); $reg_infos = "&d=" . $d . "&s=" . $s . "&m=" . $m . "&l=" . $l; } else { $reg_infos = ""; // means freeware version! } store_temp_session(); // send the config data to the flash sendConfigData(); } else { include $install_path . "tfu_config.php"; printServerInfo(); }