scratch – Rev 28

?pathlinks?

Rev 27 – Rev 29 – Go to most recent revision – Blame – Compare with Previous – Last modification – View Log – Download

<?php

###########################################################################
##  Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3      ##
###########################################################################

require_once('inc/pseudocrypt.php');
require_once('inc/functions.php');
require_once('config.php');

#### Retrieve uploaded file.
if (!isset($_POST['data']) or empty($_POST['data']) or 
    !isset($_POST['action']) or empty($_POST['action']))
    return;

#### Build the user path.
$userPath = join(
    DIRECTORY_SEPARATOR,
    array(
        $STORE_FOLDER,
        $SHARED_EDITOR_FILE
    )
);

#### Check for path traversals
$pathPart = pathinfo($userPath);
if (strcasecmp(
    realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0)
    return;

$data = $_POST['data'];

switch(strtoupper($_POST['action'])) {
    case 'SAVE':
        #### Store the file.
        atomized_put_contents($userPath, $data);
        break;
    case 'LOAD':
        header('Content-Type: text/html; charset=utf-8');
        echo atomized_get_contents($userPath, $data);
        break;
}