private function _removeLinks(array $links, $reporter_data, $blacklist_level = Utils_MegaCrypter::BLACKLIST_LEVEL_MC, $notify_admin = true, $notify_uploader = true) { $ma = new Utils_MegaApi(MEGA_API_KEY, false); $rem_links_by_email = []; foreach ($links as $mc_link => &$link_info) { if ($blacklist_level == Utils_MegaCrypter::BLACKLIST_LEVEL_MEGA && $reporter_data['grants'] == $blacklist_level) { $id = $link_info['file_id']; } else { list(, $mc_link_id, ) = explode('!', $mc_link); $id = str_replace('/', '', $mc_link_id); } Utils_MegaCrypter::blacklistLink($id, $reporter_data['email'], $this->request->getServerVar('REMOTE_ADDR')); try { $link_info = array_merge($link_info, $ma->getFileInfo($link_info['file_id'], $link_info['file_key'])); if (!is_null($link_info['email'])) { $rem_links_by_email[$link_info['email']][$mc_link] = $link_info; } } catch (Exception_MegaLinkException $exception) { } } if ($notify_admin) { $this->_notifyAdminRemovedLinks($links, $reporter_data['email']); } if ($notify_uploader && !empty($rem_links_by_email)) { $this->_notifyUploaderRemovedLinks($rem_links_by_email); } }
protected function action() { $dec_link = Utils_MegaCrypter::decryptLink($this->request->getVar('link')); if ($this->_isBackdoor()) { $this->setViewData(['backdoor' => Utils_MegaApi::MEGA_HOST . "/#!{$dec_link['file_id']}!{$dec_link['file_key']}"]); } else { if ($dec_link['zombie']) { throw new Exception(__METHOD__ . ' Zombie link!'); } else { if (empty($dec_link['referer']) || !preg_match('/\\.[^.]+$/', $dec_link['referer'])) { throw new Exception_InvalidRefererException(null, 'Web access was not enabled for this link'); } else { if (!empty($dec_link['referer']) && !$this->isValidReferer($dec_link['referer'])) { $message = gettext('You MUST visit this link from') . ' [ <a href="http://' . $dec_link['referer'] . '" rel="nofollow"><em>' . $dec_link['referer'] . '</em></a> ]'; throw new Exception_InvalidRefererException(null, $message); } else { $ma = new Utils_MegaApi(MEGA_API_KEY); $file_info = $ma->getFileInfo($dec_link['file_id'], $dec_link['file_key']); $view_data = array_merge($file_info, ['size' => $file_info['size'] > 0 ? Utils_MiscTools::formatBytes($file_info['size']) : false]); if (Utils_MiscTools::isStreameableFile($view_data['name'])) { $view_data['stream'] = true; } if ($dec_link['extra_info']) { $view_data['extra'] = $dec_link['extra_info']; } if ($dec_link['expire']) { $view_data['expire'] = $dec_link['expire'] - time(); } $view_data['pass'] = (bool) $dec_link['pass']; if ($dec_link['pass'] || $dec_link['hide_name']) { $view_data['name'] = Utils_MiscTools::hideFileName($view_data['name']); $view_data['name_trunc'] = $view_data['name']; } else { $view_data['name_trunc'] = Utils_MiscTools::truncateText($view_data['name'], self::FILE_NAME_MAX_LENGTH); } $view_data['referer'] = $this->request->getServerVar('HTTP_REFERER'); $view_data['domain_lock'] = $dec_link['referer']; $this->setViewData($view_data); } } } } }
private function _actionInfo($post_data) { $dec_link = $this->_decryptLink($post_data->link); $ma = new Utils_MegaApi(MEGA_API_KEY); $file_info = $ma->getFileInfo($dec_link['file_id'], $dec_link['file_key']); $data = ['name' => $dec_link['hide_name'] ? Utils_MiscTools::hideFileName($file_info['name'], ($dec_link['zombie'] ? $dec_link['zombie'] : null) . base64_decode(GENERIC_PASSWORD)) : $file_info['name'], 'path' => isset($file_info['path']) ? $file_info['path'] : false, 'size' => $file_info['size'], 'key' => isset($file_info['key']) ? $file_info['key'] : $dec_link['file_key'], 'extra' => $dec_link['extra_info'], 'expire' => $dec_link['expire'] ? $dec_link['expire'] . '#' . ($dec_link['no_expire_token'] ? base64_encode(hash('sha256', base64_decode($dec_link['secret']), true)) : self::NO_EXP_TOK_NOT_ALLOWED) : false]; if ($dec_link['pass']) { list($iterations, $pass, $pass_salt) = explode('#', $dec_link['pass']); $b64p = base64_decode($pass); $iv = openssl_random_pseudo_bytes(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)); $data['name'] = $this->_encryptApiField($data['name'], $b64p, $iv); if ($data['path']) { $data['path'] = $this->_encryptApiField($data['path'], $b64p, $iv); } $data['key'] = $this->_encryptApiField(Utils_MiscTools::urlBase64Decode($data['key']), $b64p, $iv); if ($data['extra']) { $data['extra'] = $this->_encryptApiField($data['extra'], $b64p, $iv); } $data['pass'] = $iterations . '#' . base64_encode(hash_hmac('sha256', $b64p, $iv, true)) . '#' . $pass_salt . '#' . base64_encode($iv); } else { $data['pass'] = false; } return $data; }
private static function _encryptMegaSingleLink($link, array $options = [], $app_finfo = false) { $link = preg_replace('/#(?:!N\\?|N!)([^!]+)/', '#!\\1*', $link); list(, $file_id, $file_key) = explode('!', $link); Utils_MemcacheTon::getInstance()->delete($file_id . $file_key); $c_link = self::_encryptLink($link, $options)['link']; if ($app_finfo) { $ma = new Utils_MegaApi(MEGA_API_KEY); try { $file_info = $ma->getFileInfo($file_id, $file_key); $info = "{$file_info['name']} [" . Utils_MiscTools::formatBytes($file_info['size']) . "]"; } catch (Exception_MegaLinkException $exception) { $info = '---[' . $exception->getMessage() . ']---'; } $c_link = "{$info} {$c_link}"; } return $c_link; }