diff --git a/ChangeLog b/ChangeLog index e69de29..bcf4889 100644 --- a/ChangeLog +++ b/ChangeLog @@ -0,0 +1,91 @@ +2017-02-17 11:04 + + * [r13] debian/control.in: + backup + +2017-01-14 10:26 + + * [r12] debian/control.in: + build system updated + +2017-01-12 13:22 + + * [r11] ChangeLog, autogen.sh, ax_init_standard_project.m4, + bootstrap.sh, build-in-docker.conf, build-in-docker.sh, + debian/changelog.in, debian/control.in, resolve-debbuilddeps.sh, + resolve-rpmbuilddeps.sh: + update build system + +2016-09-30 21:55 + + * [r10] ChangeLog[ADD], autogen.sh[ADD], + ax_cxx_compile_stdcxx_11.m4, ax_init_standard_project.m4, + bootstrap.sh, build-in-docker.conf[ADD], build-in-docker.sh, + doc/footer.html.in[ADD], doc/header.html.in[ADD], + doc/plantuml.jar[ADD], doc/style.css[ADD], + mac-create-app-bundle.sh, makefile_test.inc.am[ADD], + resolve-debbuilddeps.sh, resolve-rpmbuilddeps.sh, + sharing-gallery.desktop.in[ADD], sql-to-dot.sed: + build fixed + +2016-04-04 09:47 + + * [r9] COPYING[DEL], ChangeLog[DEL], INSTALL[DEL]: + after migration to new svn server + +2015-11-16 12:38 marc + + * [r8] doc/doxyfile.in: + SVG must not be interactive for embedding in redmine + +2015-11-09 22:52 marc + + * [r7] COPYING[ADD], ChangeLog[ADD], INSTALL[ADD], + ax_init_standard_project.m4, bootstrap.sh, + resolve-debbuilddeps.sh, sql-to-dot.sed[ADD]: + build system updated + +2015-11-07 10:47 marc + + * [r6] bootstrap.sh, debian/control.in: + there is no qt4-default + +2015-11-07 09:23 marc + + * [r5] bootstrap.sh: + there is no qt4-default + +2015-11-07 00:25 marc + + * [r4] debian/control.in: + set Section + +2015-11-05 12:54 marc + + * [r3] bootstrap.sh, debian, debian/changelog.in[ADD], + debian/compat[ADD], debian/control.in[ADD], debian/docs[ADD], + debian/rules[ADD]: + updated build system + +2015-11-05 10:23 marc + + * [r2] .htaccess[DEL], AUTHORS[ADD], NEWS[ADD], README[ADD], + ax_check_qt.m4[ADD], ax_cxx_compile_stdcxx_11.m4[ADD], + ax_init_standard_project.m4[ADD], bootstrap.sh[ADD], + build-in-docker.sh[ADD], build-resource-file.sh[ADD], + configure.ac[ADD], debian[ADD], debian/changelog.in[ADD], + debian/compat[ADD], debian/control.in[ADD], debian/docs[ADD], + debian/rules[ADD], doc[ADD], doc/doxyfile.in[ADD], + doc/makefile.am[ADD], folder.png[DEL], html[ADD], + html/.htaccess[CPY], html/folder.png[CPY], html/index.php[CPY], + html/makefile.am[ADD], index.php[DEL], + mac-create-app-bundle.sh[ADD], makefile.am[ADD], + resolve-debbuilddeps.sh[ADD], resolve-rpmbuilddeps.sh[ADD], + sharing-gallery.spec.in[ADD]: + updated build system + +2015-03-29 15:24 marc + + * [r1] .[ADD], .htaccess[ADD], folder.png[ADD], index.php[ADD]: + initial files + diff --git a/etc/authentication.php b/etc/authentication.php index f6ce2cc..fe4a7d5 100644 --- a/etc/authentication.php +++ b/etc/authentication.php @@ -23,12 +23,11 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { ldap_start_tls($ldapconn) or error_die($ldapconn, "cannot start LDAP TLS"); if ($ldapbind = @ldap_bind($ldapconn, $checkuser.'='.$tstusername.','.$ldapbase, $password)) { - $search = ldap_search($ldapconn, $ldapbase, $checkuser.'='.$tstusername, array('mail\ -', 'cn')); + $search = ldap_search($ldapconn, $ldapbase, $checkuser.'='.$tstusername, array('mail', 'cn')); $data = ldap_get_entries($ldapconn, $search); ldap_close($ldapconn); $username = $tstusername; - $email = array('count' => 1, 0 => $username.'@'.$_SERVER[HTTP_HOST]); + $email = array('count' => 1, 0 => $username.'@'.$_SERVER['HTTP_HOST']); $fullname = $username; if ($data['count']==1) { if (isset($data[0]['mail'])) @@ -36,6 +35,7 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { if (isset($data[0]['cn'][0])) $fullname = $data[0]['cn'][0]; } + error_log(print_r($data, true)); } else { error_log("user login failed: ".$checkuser.'='.$tstusername.','.$ldapbase); error_log(ldap_error($ldapconn)); @@ -43,4 +43,4 @@ if (!isset($_SERVER['PHP_AUTH_USER'])) { basicAuth(); } } -?> \ No newline at end of file +?> diff --git a/etc/settings.php b/etc/settings.php index 82dc755..de34274 100644 --- a/etc/settings.php +++ b/etc/settings.php @@ -1,12 +1,12 @@ \ No newline at end of file +?> diff --git a/html/index.php b/html/index.php index e88f8a9..a6570fe 100644 --- a/html/index.php +++ b/html/index.php @@ -1,229 +1,231 @@
'.$reason.'
'); - } - require('configuration.php'); - function alt(&$p1 = NULL, &$p2 = NULL, &$p3 = NULL) { - if (isset($p1)) return $p1; - if (isset($p2)) return $p2; - return $p2; - } - function computeUnsignedChecksum($bytestring) { - $unsigned_chksum = 0; - for($i=0; $i<512; $i++) - $unsigned_chksum += ord($bytestring[$i]); - for($i=0; $i<8; $i++) - $unsigned_chksum -= ord($bytestring[148 + $i]); - $unsigned_chksum += ord(" ") * 8; - return $unsigned_chksum; - } - function tarHeader($Name, $Size, $information=NULL) { - if (strlen($Name)>99) { - $ext = preg_replace('/.*\./', '', $Name); - $Name = substr($Name, 0, 98-strlen($ext)).'.'.$ext; - } - $header = str_pad($Name,100,chr(0)); - $header .= str_pad("777",7,"0",STR_PAD_LEFT) . chr(0); - $header .= str_pad(decoct($information["user_id"]),7,"0",STR_PAD_LEFT) . chr(0); - $header .= str_pad(decoct($information["group_id"]),7,"0",STR_PAD_LEFT) . chr(0); - $header .= str_pad(decoct($Size),11,"0",STR_PAD_LEFT) . chr(0); - $header .= str_pad(decoct(time(0)),11,"0",STR_PAD_LEFT) . chr(0); - $header .= str_repeat(" ",8); - $header .= "0"; - $header .= str_repeat(chr(0),100); - $header .= str_pad("ustar",6,chr(32)); - $header .= chr(32) . chr(0); - $header .= str_pad($information["user_name"],32,chr(0)); - $header .= str_pad($information["group_name"],32,chr(0)); - $header .= str_repeat(chr(0),8); - $header .= str_repeat(chr(0),8); - $header .= str_repeat(chr(0),155); - $header .= str_repeat(chr(0),12); - $checksum = str_pad(decoct(computeUnsignedChecksum($header)),6,"0",STR_PAD_LEFT); - for($i=0; $i<6; $i++) { - $header[(148 + $i)] = substr($checksum,$i,1); - } - $header[154] = chr(0); - $header[155] = chr(32); - return $header; - } - function checkPath($pathToCheck) { - global $imagepath, $subpath; - $fullpath = $imagepath.'/'.$pathToCheck; - if ($fullpath==realpath($fullpath) && is_dir($fullpath)) { - $subpath=$pathToCheck; - $imagepath = $fullpath; - } else { - error_die('path not allowed: '.htmlentities($pathToCheck)); - } - } - function checkFile($fileToCheck, $thumb = false) { - global $imagepath, $file, $subpath, $thumbpath, $imgfile; - if (!preg_match('/\//', $fileToCheck) && is_file($imagepath.'/'.$fileToCheck)) { - $imgfile = $fileToCheck; - } else { - error_die('file not found', '404 Not Found'); - } - if ($thumb) { // image from thumbnail path - $file = $thumbpath.'/'.$subpath.'/'.$fileToCheck; - if (!is_dir($thumbpath.'/'.$subpath)) mkdir($thumbpath.'/'.$subpath, 0777, true); - if (!is_file($file)) { // create thumbnail - $image = new Imagick(); - $image->readImage($imagepath.'/'.$fileToCheck); - $image->thumbnailImage(200, 200, true); - $image->writeImage($file); - } - } else { - $file = $imagepath.'/'.$fileToCheck; - } - } - function returnFile($file) { - $ext=strtolower(preg_replace('/.*\./', '', $file)); - switch ($ext) { - case 'jpg': case 'jpeg': $type="image/jpeg"; break; - case 'tif': case 'tiff': $type="image/tiff"; break; - case 'gif': $type="image/gif"; break; - case 'png': $type="image/png"; break; - case 'bmp': $type="image/bmp"; break; - } - if (!is_file($file)) { - error_die('file does not exist', '404 Not Found'); - } - if (!isset($_REQUEST['view'])) { - header('Content-type: '.$type); - header('Content-Length: '.filesize($file)); - header('Content-Transfer-Encoding: binary'); - flush(); - readfile($file); - exit; - } - } - function extractDir($path) { - $res['dirs'] = array(); - $res['files'] = array(); - if ($d=opendir($path)) { - while (false!==($f=readdir($d))) - if (!preg_match('/^\./', $f) && is_dir($path.'/'.$f)) - $res['dirs'][] = $f; - elseif (!preg_match('/^\./', $f) && is_file($path.'/'.$f)) - switch (strtolower(preg_replace('/.*\./', '', $f))) { - case "jpg": case "jpeg": case "png": - $res['files'][] = $f; - } - } - closedir($d); - asort($res['dirs']); - asort($res['dirs']); - return $res; - } - /*function encrypt2($text) { - global $_REQUEST, $server_password; - return bin2hex(mcrypt_encrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, bzcompress(serialize($text)), MCRYPT_MODE_ECB)); +mb_internal_encoding("utf8"); +$subpath=""; +$file=""; +$username=""; +function error_die($reason, $status='500 Internal Server Error') { + header("Expires: Tue, 01 Jan 2000 00:00:00 GMT"); + header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); + header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); + header("Cache-Control: post-check=0, pre-check=0", false); + header("Pragma: no-cache"); + header('HTTP/1.0 '.$status); + die(''.$reason.'
'); +} +require('configuration.php'); +function alt(&$p1 = NULL, &$p2 = NULL, &$p3 = NULL) { + if (isset($p1)) return $p1; + if (isset($p2)) return $p2; + return $p2; +} +function computeUnsignedChecksum($bytestring) { + $unsigned_chksum = 0; + for($i=0; $i<512; $i++) + $unsigned_chksum += ord($bytestring[$i]); + for($i=0; $i<8; $i++) + $unsigned_chksum -= ord($bytestring[148 + $i]); + $unsigned_chksum += ord(" ") * 8; + return $unsigned_chksum; +} +function tarHeader($Name, $Size, $information=NULL) { + if (strlen($Name)>99) { + $ext = preg_replace('/.*\./', '', $Name); + $Name = substr($Name, 0, 98-strlen($ext)).'.'.$ext; + } + $header = str_pad($Name,100,chr(0)); + $header .= str_pad("777",7,"0",STR_PAD_LEFT) . chr(0); + $header .= str_pad(decoct($information["user_id"]),7,"0",STR_PAD_LEFT) . chr(0); + $header .= str_pad(decoct($information["group_id"]),7,"0",STR_PAD_LEFT) . chr(0); + $header .= str_pad(decoct($Size),11,"0",STR_PAD_LEFT) . chr(0); + $header .= str_pad(decoct(time(0)),11,"0",STR_PAD_LEFT) . chr(0); + $header .= str_repeat(" ",8); + $header .= "0"; + $header .= str_repeat(chr(0),100); + $header .= str_pad("ustar",6,chr(32)); + $header .= chr(32) . chr(0); + $header .= str_pad($information["user_name"],32,chr(0)); + $header .= str_pad($information["group_name"],32,chr(0)); + $header .= str_repeat(chr(0),8); + $header .= str_repeat(chr(0),8); + $header .= str_repeat(chr(0),155); + $header .= str_repeat(chr(0),12); + $checksum = str_pad(decoct(computeUnsignedChecksum($header)),6,"0",STR_PAD_LEFT); + for($i=0; $i<6; $i++) { + $header[(148 + $i)] = substr($checksum,$i,1); + } + $header[154] = chr(0); + $header[155] = chr(32); + return $header; +} +function checkPath($pathToCheck) { + global $imagepath, $subpath; + $fullpath = $imagepath.'/'.$pathToCheck; + if ($fullpath==realpath($fullpath) && is_dir($fullpath)) { + $subpath=$pathToCheck; + $imagepath = $fullpath; + } else { + error_die('path not allowed: '.htmlentities($pathToCheck)); + } +} +function checkFile($fileToCheck, $thumb = false) { + global $imagepath, $file, $subpath, $thumbpath, $imgfile; + if (!preg_match('/\//', $fileToCheck) && is_file($imagepath.'/'.$fileToCheck)) { + $imgfile = $fileToCheck; + } else { + error_die('file not found', '404 Not Found'); + } + if ($thumb) { // image from thumbnail path + $file = $thumbpath.'/'.$subpath.'/'.$fileToCheck; + if (!is_dir($thumbpath.'/'.$subpath)) mkdir($thumbpath.'/'.$subpath, 0777, true); + if (!is_file($file)) { // create thumbnail + $image = new Imagick(); + $image->readImage($imagepath.'/'.$fileToCheck); + $image->thumbnailImage(200, 200, true); + $image->writeImage($file); + } + } else { + $file = $imagepath.'/'.$fileToCheck; + } +} +function returnFile($file) { + $ext=strtolower(preg_replace('/.*\./', '', $file)); + switch ($ext) { + case 'jpg': case 'jpeg': $type="image/jpeg"; break; + case 'tif': case 'tiff': $type="image/tiff"; break; + case 'gif': $type="image/gif"; break; + case 'png': $type="image/png"; break; + case 'bmp': $type="image/bmp"; break; + } + if (!is_file($file)) { + error_die('file does not exist', '404 Not Found'); + } + if (!isset($_REQUEST['view'])) { + header('Content-type: '.$type); + header('Content-Length: '.filesize($file)); + header('Content-Transfer-Encoding: binary'); + flush(); + readfile($file); + exit; + } +} +function extractDir($path) { + $res['dirs'] = array(); + $res['files'] = array(); + if ($d=opendir($path)) { + while (false!==($f=readdir($d))) + if (!preg_match('/^\./', $f) && is_dir($path.'/'.$f)) + $res['dirs'][] = $f; + elseif (!preg_match('/^\./', $f) && is_file($path.'/'.$f)) + switch (strtolower(preg_replace('/.*\./', '', $f))) { + case "jpg": case "jpeg": case "png": + $res['files'][] = $f; + } + } + closedir($d); + asort($res['dirs']); + asort($res['dirs']); + return $res; +} +/*function encrypt2($text) { + global $_REQUEST, $server_password; + return bin2hex(mcrypt_encrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, bzcompress(serialize($text)), MCRYPT_MODE_ECB)); } function decrypt2($text) { - global $_REQUEST, $server_password; - return unserialize(bzdecompress(mcrypt_decrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, hex2bin($text), MCRYPT_MODE_ECB))); + global $_REQUEST, $server_password; + return unserialize(bzdecompress(mcrypt_decrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, hex2bin($text), MCRYPT_MODE_ECB))); }*/ - function encrypt($text, $password = NULL) { - global $_REQUEST, $server_password; - if (!$password) $password = $_REQUEST['password']; - return base64_encode(mcrypt_encrypt(MCRYPT_BLOWFISH, $password+$server_password, bzcompress(serialize($text)), MCRYPT_MODE_ECB)); - } - function decrypt($text) { - global $_REQUEST, $server_password; - $res = @unserialize(bzdecompress(mcrypt_decrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, base64_decode($text), MCRYPT_MODE_ECB))); - if (!$res) $res = @unserialize(bzdecompress(mcrypt_decrypt(MCRYPT_BLOWFISH, $_REQUEST['password']+$server_password, hex2bin($text), MCRYPT_MODE_ECB))); - return $res; - } - function makelink($link, $img, $filename, $style="") { - echo ''; - } - function linkorselect($link, $img, $filename) { - if (isset($_REQUEST['select'])) { - echo ''; - echo ''; - } else { - makelink($link, $img, $filename); - } - } - if (!isset($_REQUEST['secret'])) { - if ($username=="") error_die('not authorized', '403 Forbidden'); - if (isset($_REQUEST['path'])) checkPath($_REQUEST['path']); - if (isset($_REQUEST['folder']) && !preg_match('/\//', $_REQUEST['folder'])) { - $file = $thumbpath.'/folders/'.$subpath.'/'.$_REQUEST['folder'].'.png'; - $type="image/png"; - if (!is_dir($thumbpath.'/folders/'.$subpath)) mkdir($thumbpath.'/folders/'.$subpath, 0777, true); - if (!is_file($file)) { // create folder image - $txt = wordwrap(preg_replace('/ +/', ' ', preg_replace('/-/', ' - ', preg_replace('/_/', " ", $_REQUEST['folder']))), 16, "\n", true); - $image = new Imagick(); - $image->readImage('folder.png'); // read local template file - $draw = new ImagickDraw(); - $draw->setFillColor('black'); - $draw->setFont($font); - if (mb_strlen($txt)<2) { - $draw->setFontSize(60); - $x = 75; - } else { - $draw->setFontSize(15); - $x = 50; - } - $image->annotateImage($draw, 10, $x, 0, $txt); - $image->writeImage($file); - } - } elseif (isset($_REQUEST['file'])) checkFile($_REQUEST['file'], isset($_REQUEST['thumb'])); - if ($file!="") returnFile($file); - } else { - if (isset($_REQUEST['password'])) { - $secret = decrypt($_REQUEST['secret']) or error_die('bad password', '403 Forbidden'); - if (!isset($secret['valid-until'])) error_die('missing validation date'); - if (!isset($max_validity_days)) error_die('maximum validity days not set'); - if (strtotime($secret['valid-until'])>time()+((int)$max_validity_days)*86400) error_die('validity limitation not respected'); - if (strtotime($secret['valid-until'])