// form data (claimID and claimPasscode) will provide the
// authorization.
//
// Also, once the pickup instance has been created, check for an AuthData
// record that matches the posted form data and IP it's being posted from.
// Unless they are an authenticated user, in which case don't check AuthData.
//
if ($theDropbox = new NSSDropbox($NSSDROPBOX_PREFS)) {
$theDropbox->SetupPage();
$thePickup = new NSSDropoff($theDropbox);
// If not an authenticated user, go and get their AuthData record from
// the posted hash. Even if they are presetnt, check the name matches
// their IP address.
// If anything fails, use NSSError to post an error message saying they
// have failed checks and should click again on the link they were sent.
if ($theDropbox->humanDownloads() && !$theDropbox->authorizedUser() && $theDropbox->captcha() !== 'disabled') {
// AYAH $theDropbox->recaptchaPrivateKey() !== 'disabled') {
$authIP = '';
$authEmail = '';
$authOrganization = '';
$authExpiry = 0;
$auth = $_POST['auth'] ? $_POST['auth'] : $_GET['auth'];
$result = $theDropbox->ReadAuthData($auth, $authIP, $authEmail, $authOrganization, $authExpiry);
if (!$result) {
$theDropbox->SetupPage();
NSSError($smarty->getConfigVariable('ErrorDownloadAuth'), "Authentication Failure");
$smarty->display('no_download.tpl');
exit;
}
if ($authExpiry < time()) {
$theDropbox->SetupPage();
require "../config/preferences.php";
require_once "ayah.php";
require "recaptchalib.php";
require_once NSSDROPBOX_LIB_DIR . "Smartyconf.php";
require_once NSSDROPBOX_LIB_DIR . "NSSDropoff.php";
//
// This is pretty straightforward; depending upon the form data coming
// into this PHP session, creating a new dropoff object will either
// display the claimID-and-claimPasscode "dialog" (no form data or
// missing/invalid passcode); display the selected dropoff if the
// claimID and claimPasscode are valid OR the recipient matches the
// authenticate user -- it's all built-into the NSSDropoff class.
//
if ($theDropbox = new NSSDropbox($NSSDROPBOX_PREFS)) {
// If they are an authorised user, just display the normal pickup page.
if ($theDropbox->authorizedUser() || !$theDropbox->humanDownloads() || ($theDropbox->captcha() == 'google' || $theDropbox->captcha() == '') && $theDropbox->recaptchaPrivateKey() == 'disabled' || $theDropbox->captcha() == 'disabled') {
$theDropbox->SetupPage();
// 2-line addition by Francois Conil to fix problems with no CAPTCHA
// and anonymous users who don't have a link to click on.
$auth = $theDropbox->WriteAuthData($_SERVER['REMOTE_ADDR'], '', '');
$smarty->assign('auth', $auth);
if ($thePickup = new NSSDropoff($theDropbox)) {
//
// Start the page and add some Javascript for automatically
// filling-in the download form and submitting it when the
// user clicks on a file in the displayed dropoff.
//
$theDropbox->SetupPage($thePickup->HTMLOnLoadJavascript());
$output = $thePickup->HTMLWrite();
}
$smarty->display($output ? $output : 'error.tpl');
