scratch – Diff between revs 94 and 96

Subversion Repositories:
Rev:
Show entire fileIgnore whitespace
Rev 94 Rev 96
Line 10... Line 10...
10   10  
11 ### Load configuration. 11 ### Load configuration.
Line 12... Line 12...
12 $config = spyc_load_file('config.yaml'); 12 $config = spyc_load_file('config.yaml');
13   -  
14 #### Script restrictions. -  
15 if( -  
16 ( -  
17 !isset($_SERVER['HTTP_X_REQUESTED_WITH']) or -  
18 empty($_SERVER['HTTP_X_REQUESTED_WITH']) or -  
19 strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' -  
20 ) -  
21 or -  
22 ( -  
23 ( -  
24 !isset($_SERVER['HTTP_REFERER']) or -  
25 empty($_SERVER['HTTP_REFERER']) 13  
26 ) -  
27 and 14 #### Script restrictions.
28 ( -  
29 #strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or -  
30 strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') -  
31 ) -  
32 ) -  
33 ) 15 session_start();
34 { 16 if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) {
35 http_response_code(403); 17 http_response_code(403);
Line 36... Line 18...
36 die('Forbidden.'); 18 die('Forbidden.');