scratch – Diff between revs 91 and 93

Subversion Repositories:
Rev:
Show entire fileIgnore whitespace
Rev 91 Rev 93
Line 12... Line 12...
12 $config = spyc_load_file('config.yaml'); 12 $config = spyc_load_file('config.yaml');
Line 13... Line 13...
13   13  
14 #### POST -> upload / GET -> download 14 #### POST -> upload / GET -> download
15 switch ($_SERVER['REQUEST_METHOD']) { 15 switch ($_SERVER['REQUEST_METHOD']) {
-   16 case 'POST':
-   17 #### Script restrictions.
-   18 if(
-   19 (
-   20 !isset($_SERVER['HTTP_X_REQUESTED_WITH']) ||
-   21 empty($_SERVER['HTTP_X_REQUESTED_WITH']) ||
-   22 strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST'
-   23 )
-   24 ||
-   25 (
-   26 (
-   27 !isset($_SERVER['HTTP_REFERER']) ||
-   28 empty($_SERVER['HTTP_REFERER'])
-   29 )
-   30 &&
-   31 (
-   32 strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') ||
-   33 strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML')
-   34 )
-   35 )
-   36 )
-   37 {
-   38 http_response_code(403);
-   39 die('Forbidden.');
16 case 'POST': 40 }
17 #### Retrieve uploaded file. 41 #### Retrieve uploaded file.
18 if (!empty($_FILES['file']) and 42 if (!empty($_FILES['file']) and
19 is_uploaded_file($_FILES['file']['tmp_name'])) { 43 is_uploaded_file($_FILES['file']['tmp_name'])) {
20 if($_FILES['file']['size'] > $config['ALLOWED_ASSET_SIZE'] * 1048576) { 44 if($_FILES['file']['size'] > $config['ALLOWED_ASSET_SIZE'] * 1048576) {