scratch
/.htaccess |
---|
@@ -1,5 +1,5 @@ |
Options -MultiViews |
RewriteEngine on |
RewriteRule ^delete/([A-Za-z0-9]+)$ delete.php?o=$1 [QSA,L] |
RewriteRule ^([A-Za-z0-9]+)$ file.php?o=$1 [QSA,L] |
RewriteRule ^([0-9]+?)/([A-Za-z0-9]+)$ delete.php?timestamp=$1&hash=$2 [QSA,L] |
RewriteRule ^([A-Za-z0-9]+)$ file.php?hash=$1 [QSA,L] |
RewriteRule ^$ index.html [L] |
/css/files/style.css |
---|
@@ -1,63 +1,54 @@ |
.fileupload-process { |
background: rgba(245, 245, 245, 1); border: 0px solid rgba(255, 255, 255, 1); border-radius: 4px; height: 20px; |
} |
background: whitesmoke; |
border: 0px solid white; |
border-radius: 4px; |
height: 20px; } |
.progress-bar-custom { |
background: #ff99ff; |
} |
background: #ff99ff; } |
#previews { |
display: table; |
} |
#previews .file-row { |
display: table-row; |
} |
#previews .file-row > div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; |
} |
#previews .file-row:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ |
} |
display: table; } |
#previews .file-row { |
display: table-row; } |
#previews .file-row > div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; } |
#previews .file-row:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ } |
#uploadpanel { |
min-height: 320px; |
border: 2px dashed #F78700; |
border-radius: 5px; |
box-sizing: border-box; |
/* outline-offset: -24px; */ |
background-image: url("../../img/blueprint.png"); |
background-repeat: repeat; |
} |
min-height: 320px; |
border: 2px dashed #F78700; |
border-radius: 5px; |
box-sizing: border-box; |
/* outline-offset: -24px; */ |
background-image: url("../../img/blueprint.png"); |
background-repeat: repeat; } |
#total-progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
background: #f5f5f5; |
padding: 0; |
margin: 0; |
} |
opacity: 0; |
transition: opacity 0.3s linear; |
background: #f5f5f5; |
padding: 0; |
margin: 0; } |
/* Hide the progress bar when finished */ |
#previews .file-row.dz-success .progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
opacity: 0; |
transition: opacity 0.3s linear; } |
#previews .file-row .remove { |
display: none; } |
#previews .file-row.dz-success .start, #previews .file-row.dz-success .cancel { |
opacity: 0.3; } |
#previews .file-row.dz-success .remove { |
display: block; } |
/* Hide the delete button initially */ |
#previews .file-row .remove { |
display: none; |
} |
/* Hide the start and cancel buttons and show the delete button */ |
/* Hide the start and cancel buttons and show the delete button */ |
#previews .file-row.dz-success .start, |
#previews .file-row.dz-success .cancel { |
opacity: 0.3; |
} |
#previews .file-row.dz-success .remove { |
display: block; |
} |
/*# sourceMappingURL=style.css.map */ |
/css/files/style.css.map |
---|
@@ -0,0 +1,7 @@ |
{ |
"version": 3, |
"mappings": "AAAA,mBAAoB;EAClB,UAAU,EAAE,UAAsB;EAClC,MAAM,EAAE,eAAgC;EACxC,aAAa,EAAE,GAAG;EAClB,MAAM,EAAE,IAAI;;AAGd,oBAAqB;EACnB,UAAU,EAAE,OAAO;;AAGrB,SAAU;EACR,OAAO,EAAE,KAAK;EAEd,mBAAU;IACR,OAAO,EAAE,SAAS;IAElB,yBAAM;MACJ,OAAO,EAAE,UAAU;MACnB,cAAc,EAAE,GAAG;MACnB,UAAU,EAAE,cAAc;MAC1B,OAAO,EAAE,GAAG;MACZ,UAAU,EAAE,OAAO;IAGrB,kCAAiB;MACf,UAAU,EAAE,OAAO;MAEnB,iCAAiC;;AAKvC,YAAa;EACX,UAAU,EAAE,KAAK;EACjB,MAAM,EAAE,kBAAkB;EAC1B,aAAa,EAAE,GAAG;EAClB,UAAU,EAAE,UAAU;EAEtB,4BAA4B;EAC5B,gBAAgB,EAAE,8BAA8B;EAChD,iBAAiB,EAAE,MAAM;;AAG3B,eAAgB;EACd,OAAO,EAAE,CAAC;EACV,UAAU,EAAE,mBAAmB;EAC/B,UAAU,EAAE,OAAO;EACnB,OAAO,EAAE,CAAC;EACV,MAAM,EAAE,CAAC;;AAGX,yCAAyC;AAGvC,wCAAuB;EACrB,OAAO,EAAE,CAAC;EACV,UAAU,EAAE,mBAAmB;AAGjC,2BAAQ;EACN,OAAO,EAAE,IAAI;AAIb,6EAAgB;EACd,OAAO,EAAE,GAAG;AAGd,sCAAQ;EACN,OAAO,EAAE,KAAK;;AAKpB,sCAAsC;AAEtC,kEAAkE", |
"sources": ["style.scss"], |
"names": [], |
"file": "style.css" |
} |
/css/files/style.scss |
---|
@@ -0,0 +1,78 @@ |
.fileupload-process { |
background: rgba(245, 245, 245, 1); |
border: 0px solid rgba(255, 255, 255, 1); |
border-radius: 4px; |
height: 20px; |
} |
.progress-bar-custom { |
background: #ff99ff; |
} |
#previews { |
display: table; |
.file-row { |
display: table-row; |
> div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; |
} |
&:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ |
} |
} |
} |
#uploadpanel { |
min-height: 320px; |
border: 2px dashed #F78700; |
border-radius: 5px; |
box-sizing: border-box; |
/* outline-offset: -24px; */ |
background-image: url("../../img/blueprint.png"); |
background-repeat: repeat; |
} |
#total-progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
background: #f5f5f5; |
padding: 0; |
margin: 0; |
} |
/* Hide the progress bar when finished */ |
#previews .file-row { |
&.dz-success .progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
.remove { |
display: none; |
} |
&.dz-success { |
.start, .cancel { |
opacity: 0.3; |
} |
.remove { |
display: block; |
} |
} |
} |
/* Hide the delete button initially */ |
/* Hide the start and cancel buttons and show the delete button */ |
/css/style.css |
---|
@@ -1,70 +1,58 @@ |
@font-face { |
font-family: 'Overdose Sunrise'; |
src: url('fonts/overdose_sunrise-webfont.woff2') format('woff2'), |
url('fonts/overdose_sunrise-webfont.woff') format('woff'); |
font-weight: normal; |
font-style: normal; |
} |
font-family: 'Overdose Sunrise'; |
src: url("fonts/overdose_sunrise-webfont.woff2") format("woff2"), url("fonts/overdose_sunrise-webfont.woff") format("woff"); |
font-weight: normal; |
font-style: normal; } |
@font-face { |
font-family: 'Rat Infested Mailbox'; |
src: url('fonts/rat_infested_mailbox-webfont.woff2') format('woff2'), |
url('fonts/rat_infested_mailbox-webfont.woff') format('woff'); |
font-weight: normal; |
font-style: normal; |
} |
font-family: 'Rat Infested Mailbox'; |
src: url("fonts/rat_infested_mailbox-webfont.woff2") format("woff2"), url("fonts/rat_infested_mailbox-webfont.woff") format("woff"); |
font-weight: normal; |
font-style: normal; } |
.paralax-background { |
background: url('/img/scratch-logo.svg') no-repeat center center; |
position: fixed; |
width: 100%; |
height: 480px; /*same height as jumbotron */ |
top:0; |
left:0; |
z-index: -1; |
background: url("/img/scratch-logo.svg") no-repeat center center; |
position: fixed; |
width: 100%; |
height: 480px; |
/*same height as jumbotron */ |
top: 0; |
left: 0; |
z-index: -1; |
box-shadow: inset 0px 0px 150px 60px rgba(0, 0, 0, 0.5); |
/* Blur. */ |
/*-webkit-filter: blur(1px); |
-moz-filter: blur(1px); |
-o-filter: blur(1px); |
-ms-filter: blur(1px); |
filter: blur(1px);*/ } |
box-shadow: inset 0px 0px 150px 60px rgba(0,0,0,0.5); |
/* Blur. */ |
/*-webkit-filter: blur(1px); |
-moz-filter: blur(1px); |
-o-filter: blur(1px); |
-ms-filter: blur(1px); |
filter: blur(1px);*/ |
} |
.jumbotron { |
height: 480px; |
color: red; |
padding-top: 120px; |
text-align: center; |
text-shadow: #EEEE00 0 0 10px; |
background: transparent; |
font-family: 'Rat Infested Mailbox'; |
} |
height: 480px; |
color: red; |
padding-top: 120px; |
text-align: center; |
text-shadow: #EEEE00 0 0 10px; |
background: transparent; |
font-family: 'Rat Infested Mailbox'; } |
.trumbowyg-box { |
display: block; |
position: relative; |
height: 100%; |
margin: 0; |
border: 0; |
display: hidden; |
font-family: monospace; |
} |
display: block; |
position: relative; |
height: 100%; |
margin: 0; |
border: 0; |
display: hidden; |
font-family: monospace; } |
.trumbowyg-editor { |
border: 0; |
min-height: 480px; |
} |
border: 0; |
min-height: 480px; } |
#editorpanel { |
width: 100%; |
height: 100%; |
padding: 0; |
} |
width: 100%; |
height: 100%; |
padding: 0; } |
#box { |
border: 1px solid #ddd; |
} |
border: 1px solid #ddd; } |
/*# sourceMappingURL=style.css.map */ |
/css/style.css.map |
---|
@@ -0,0 +1,7 @@ |
{ |
"version": 3, |
"mappings": "AAAA,UAKC;EAJC,WAAW,EAAE,kBAAkB;EAC/B,GAAG,EAAE,sHAAsH;EAC3H,WAAW,EAAE,MAAM;EACnB,UAAU,EAAE,MAAM;AAGpB,UAKC;EAJC,WAAW,EAAE,sBAAsB;EACnC,GAAG,EAAE,8HAA8H;EACnI,WAAW,EAAE,MAAM;EACnB,UAAU,EAAE,MAAM;AAGpB,mBAAoB;EAClB,UAAU,EAAE,oDAAoD;EAChE,QAAQ,EAAE,KAAK;EACf,KAAK,EAAE,IAAI;EACX,MAAM,EAAE,KAAK;EAEb,6BAA6B;EAC7B,GAAG,EAAE,CAAC;EACN,IAAI,EAAE,CAAC;EACP,OAAO,EAAE,EAAE;EACX,UAAU,EAAE,2CAA2C;EAEvD,WAAW;EACX;;;;sBAIoB;;AAGtB,UAAW;EACT,MAAM,EAAE,KAAK;EACb,KAAK,EAAE,GAAG;EACV,WAAW,EAAE,KAAK;EAClB,UAAU,EAAE,MAAM;EAClB,WAAW,EAAE,gBAAgB;EAC7B,UAAU,EAAE,WAAW;EACvB,WAAW,EAAE,sBAAsB;;AAGrC,cAAe;EACb,OAAO,EAAE,KAAK;EACd,QAAQ,EAAE,QAAQ;EAClB,MAAM,EAAE,IAAI;EACZ,MAAM,EAAE,CAAC;EACT,MAAM,EAAE,CAAC;EACT,OAAO,EAAE,MAAM;EACf,WAAW,EAAE,SAAS;;AAGxB,iBAAkB;EAChB,MAAM,EAAE,CAAC;EACT,UAAU,EAAE,KAAK;;AAGnB,YAAa;EACX,KAAK,EAAE,IAAI;EACX,MAAM,EAAE,IAAI;EACZ,OAAO,EAAE,CAAC;;AAGZ,IAAK;EACH,MAAM,EAAE,cAAc", |
"sources": ["style.scss"], |
"names": [], |
"file": "style.css" |
} |
/css/style.scss |
---|
@@ -0,0 +1,68 @@ |
@font-face { |
font-family: 'Overdose Sunrise'; |
src: url('fonts/overdose_sunrise-webfont.woff2') format("woff2"), url('fonts/overdose_sunrise-webfont.woff') format("woff"); |
font-weight: normal; |
font-style: normal; |
} |
@font-face { |
font-family: 'Rat Infested Mailbox'; |
src: url('fonts/rat_infested_mailbox-webfont.woff2') format("woff2"), url('fonts/rat_infested_mailbox-webfont.woff') format("woff"); |
font-weight: normal; |
font-style: normal; |
} |
.paralax-background { |
background: url('/img/scratch-logo.svg') no-repeat center center; |
position: fixed; |
width: 100%; |
height: 480px; |
/*same height as jumbotron */ |
top: 0; |
left: 0; |
z-index: -1; |
box-shadow: inset 0px 0px 150px 60px rgba(0, 0, 0, 0.5); |
/* Blur. */ |
/*-webkit-filter: blur(1px); |
-moz-filter: blur(1px); |
-o-filter: blur(1px); |
-ms-filter: blur(1px); |
filter: blur(1px);*/ |
} |
.jumbotron { |
height: 480px; |
color: red; |
padding-top: 120px; |
text-align: center; |
text-shadow: #EEEE00 0 0 10px; |
background: transparent; |
font-family: 'Rat Infested Mailbox'; |
} |
.trumbowyg-box { |
display: block; |
position: relative; |
height: 100%; |
margin: 0; |
border: 0; |
display: hidden; |
font-family: monospace; |
} |
.trumbowyg-editor { |
border: 0; |
min-height: 480px; |
} |
#editorpanel { |
width: 100%; |
height: 100%; |
padding: 0; |
} |
#box { |
border: 1px solid #ddd; |
} |
/css/text/style.css |
---|
@@ -1,46 +1,36 @@ |
#previews { |
display: table; |
} |
#previews .file-row { |
display: table-row; |
} |
#previews .file-row > div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; |
} |
#previews .file-row:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ |
} |
display: table; } |
#previews .file-row { |
display: table-row; } |
#previews .file-row > div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; } |
#previews .file-row:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ } |
#editorpanel { |
border: 2pt solid #ecf0f1; |
} |
border: 2pt solid #ecf0f1; } |
#total-progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
opacity: 0; |
transition: opacity 0.3s linear; } |
/* Hide the progress bar when finished */ |
#previews .file-row.dz-success .progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
opacity: 0; |
transition: opacity 0.3s linear; } |
#previews .file-row .remove { |
display: none; } |
#previews .file-row.dz-success .start, #previews .file-row.dz-success .cancel { |
opacity: 0.3; } |
#previews .file-row.dz-success .remove { |
display: block; } |
/* Hide the delete button initially */ |
#previews .file-row .remove { |
display: none; |
} |
/* Hide the start and cancel buttons and show the delete button */ |
/* Hide the start and cancel buttons and show the delete button */ |
#previews .file-row.dz-success .start, |
#previews .file-row.dz-success .cancel { |
opacity: 0.3; |
} |
#previews .file-row.dz-success .remove { |
display: block; |
} |
/*# sourceMappingURL=style.css.map */ |
/css/text/style.css.map |
---|
@@ -0,0 +1,7 @@ |
{ |
"version": 3, |
"mappings": "AAAA,SAAU;EACR,OAAO,EAAE,KAAK;EAEd,mBAAU;IACR,OAAO,EAAE,SAAS;IAElB,yBAAM;MACJ,OAAO,EAAE,UAAU;MACnB,cAAc,EAAE,GAAG;MACnB,UAAU,EAAE,cAAc;MAC1B,OAAO,EAAE,GAAG;MACZ,UAAU,EAAE,OAAO;IAGrB,kCAAiB;MACf,UAAU,EAAE,OAAO;MAEnB,iCAAiC;;AAKvC,YAAa;EACX,MAAM,EAAE,iBAAiB;;AAG3B,eAAgB;EACd,OAAO,EAAE,CAAC;EACV,UAAU,EAAE,mBAAmB;;AAGjC,yCAAyC;AAGvC,wCAAuB;EACrB,OAAO,EAAE,CAAC;EACV,UAAU,EAAE,mBAAmB;AAGjC,2BAAQ;EACN,OAAO,EAAE,IAAI;AAIb,6EAAgB;EACd,OAAO,EAAE,GAAG;AAGd,sCAAQ;EACN,OAAO,EAAE,KAAK;;AAKpB,sCAAsC;AAEtC,kEAAkE", |
"sources": ["style.scss"], |
"names": [], |
"file": "style.css" |
} |
/css/text/style.scss |
---|
@@ -0,0 +1,57 @@ |
#previews { |
display: table; |
.file-row { |
display: table-row; |
> div { |
display: table-cell; |
vertical-align: top; |
border-top: 1px solid #ddd; |
padding: 1em; |
background: #f9f9f9; |
} |
&:nth-child(odd) { |
background: #f9f9f9; |
/* border-top: 1em solid #ddd; */ |
} |
} |
} |
#editorpanel { |
border: 2pt solid #ecf0f1; |
} |
#total-progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
/* Hide the progress bar when finished */ |
#previews .file-row { |
&.dz-success .progress { |
opacity: 0; |
transition: opacity 0.3s linear; |
} |
.remove { |
display: none; |
} |
&.dz-success { |
.start, .cancel { |
opacity: 0.3; |
} |
.remove { |
display: block; |
} |
} |
} |
/* Hide the delete button initially */ |
/* Hide the start and cancel buttons and show the delete button */ |
/delete.php |
---|
@@ -12,22 +12,28 @@ |
$config = spyc_load_file('config.yaml'); |
### If no file has been specified for download then return. |
if (!isset($_GET['o']) or empty($_GET['o'])) { |
header('File not found.', true, 404); |
return; |
if (!isset($_GET['hash']) or empty($_GET['hash'])) { |
http_response_code(404); |
die('File not found.'); |
} |
### If no timestamp has been provided then return. |
if (!isset($_GET['timestamp']) or empty($_GET['timestamp'])) { |
http_response_code(403); |
die('Forbidden.'); |
} |
### Find the requested file. |
$file = array_shift( |
preg_grep( |
"/$_GET[o]/", |
"/".$_GET['hash']."/", |
scandir($config['STORE_FOLDER']) |
) |
); |
if (!isset($file) or empty($file)) { |
header('File not found.', true, 404); |
return; |
http_response_code(404); |
die('File not found.'); |
} |
### Check the path for path traversals. |
@@ -37,8 +43,8 @@ |
if (!isset($fileExtension) || |
!in_array(strtoupper($fileExtension), |
array_map('strtoupper', $config['ALLOWED_FILE_EXTENSIONS']))) { |
header('File extension not allowed.', true, 403); |
return; |
http_response_code(403); |
die('File extension not allowed.'); |
} |
#### Build the user path. |
@@ -54,13 +60,20 @@ |
$pathPart = pathinfo($userPath); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
#### Check if the file exists. |
if (!file_exists($userPath)) { |
header('File not found.', true, 404); |
return; |
http_response_code(404); |
die('File not found.'); |
} |
### Check if the timestamp matches. |
if (filemtime($userPath) != $_GET['timestamp']) { |
http_response_code(403); |
die('Forbidden.'); |
} |
unlink($userPath); |
/file.html |
---|
@@ -198,6 +198,9 @@ |
.style |
.opacity = "0"; |
}).on("success", (file, data) => { |
// Serialize JSON to object. |
data = JSON.parse(data); |
// Set the ID of the URL box. |
const boxURLID = '_' + Math |
.random() |
@@ -210,7 +213,7 @@ |
.concat("//") |
.concat(window.location.hostname) |
.concat("/") |
.concat(data); |
.concat(data.hash); |
file |
.previewElement |
@@ -228,9 +231,9 @@ |
.value = location.protocol.concat("//") |
.concat(window.location.hostname) |
.concat("/") |
.concat("delete") |
.concat(data.timestamp) |
.concat("/") |
.concat(data); |
.concat(data.hash); |
file |
.previewElement |
/file.php |
---|
@@ -18,8 +18,8 @@ |
if (!empty($_FILES['file']) and |
is_uploaded_file($_FILES['file']['tmp_name'])) { |
if($_FILES['file']['size'] > $config['ALLOWED_ASSET_SIZE'] * 1048576) { |
header('File size exceeds '.$config['ALLOWED_ASSET_SIZE'].'MiB.', true, 403); |
return; |
http_response_code(403); |
die('File size exceeds '.$config['ALLOWED_ASSET_SIZE'].'MiB.'); |
} |
# Regular multipart/form-data upload. |
$name = $_FILES['file']['name']; |
@@ -26,8 +26,8 @@ |
$data = atomized_get_contents($_FILES['file']['tmp_name']); |
} else { |
if((int)get_file_size("php://input") > $config['ALLOWED_ASSET_SIZE'] * 1048576) { |
header('File size exceeds '.$config['ALLOWED_ASSET_SIZE'].'MiB.', true, 403); |
return; |
http_response_code(403); |
die('File size exceeds '.$config['ALLOWED_ASSET_SIZE'].'MiB.'); |
} |
# Raw POST data. |
$name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']); |
@@ -41,8 +41,8 @@ |
if (!isset($fileExtension) || |
!in_array(strtoupper($fileExtension), |
array_map('strtoupper', $config['ALLOWED_FILE_EXTENSIONS']))) { |
header('File extension not allowed.', true, 403); |
return; |
http_response_code(403); |
die('File extension not allowed.'); |
} |
#### Hash filename. |
@@ -73,34 +73,41 @@ |
$pathPart = pathinfo($userPath.'.'.$fileExtension); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
#### Store the file. |
atomized_put_contents($userPath.'.'.$fileExtension, $data); |
$timestamp = atomized_put_contents($userPath.'.'.$fileExtension, $data); |
### Return the URL to the file. |
header('Content-Type: text/plain; charset=utf-8'); |
echo $file; |
echo json_encode( |
array( |
"hash" => $file, |
"timestamp" => $timestamp |
) |
); |
break; |
case 'GET': |
### If no file has been specified for download then return. |
if (!isset($_GET['o']) or empty($_GET['o'])) { |
header('File not found.', true, 404); |
return; |
if (!isset($_GET['hash']) or empty($_GET['hash'])) { |
http_response_code(404); |
die('File not found.'); |
} |
### Find the requested file. |
$file = array_shift( |
preg_grep( |
"/$_GET[o]/", |
'/'.$_GET['hash'].'/', |
scandir($config['STORE_FOLDER']) |
) |
); |
if (!isset($file) or empty($file)) |
return; |
if (!isset($file) or empty($file)) { |
http_response_code(404); |
die('File not found.'); |
} |
### Check the path for path traversals. |
$fileExtension = pathinfo($file, PATHINFO_EXTENSION); |
@@ -109,8 +116,8 @@ |
if (!isset($fileExtension) || |
!in_array(strtoupper($fileExtension), |
array_map('strtoupper', $config['ALLOWED_FILE_EXTENSIONS']))) { |
header('File extension not allowed.', true, 403); |
return; |
http_response_code(403); |
die('File extension not allowed.'); |
} |
#### Build the user path. |
@@ -126,8 +133,8 @@ |
$pathPart = pathinfo($userPath); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
### Hook for HTML files to display properly. |
@@ -141,8 +148,8 @@ |
### Open MIME info database and send the content type. |
$finfo = finfo_open(FILEINFO_MIME_TYPE); |
if (!$finfo) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
header('Content-type: '.finfo_file($finfo, $userPath)); |
finfo_close($finfo); |
@@ -149,6 +156,10 @@ |
break; |
} |
### Tell browser not to cache files. |
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); |
header("Cache-Control: post-check=0, pre-check=0", false); |
header("Pragma: no-cache"); |
### Send the file along with the inline content disposition. |
header('Content-length: '.(int)get_file_size($userPath)); |
header('Content-Disposition: inline; filename="' . basename($userPath) . '"'); |
/index.html |
---|
@@ -165,7 +165,7 @@ |
]; |
// Play the sounds. |
if(sound != 'off') { |
if(sound && sound != 'off') { |
createjs.Sound.onLoadComplete = |
(event) => createjs.Sound.play(event.src); |
createjs.Sound.addEventListener("fileload", |
/php/functions.php |
---|
@@ -10,9 +10,10 @@ |
return; |
ftruncate($f, 0); |
fwrite($f, $data, strlen($data)); |
$t = filemtime ($file); |
flock($f, LOCK_UN); |
fclose($f); |
return $data; |
return $t; |
} |
########################################################################### |
/text.php |
---|
@@ -13,15 +13,15 @@ |
if(!isset($_POST['fingerprint']) or empty($_POST['fingerprint']) or |
!isset($_POST['action']) or empty($_POST['action'])) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
#### Check fingerprint consistency. |
$fingerprint = strtoupper($_POST['fingerprint']); |
if(strlen($fingerprint) !== 32) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
$action = strtoupper($_POST['action']); |
@@ -28,8 +28,8 @@ |
#### Data must be sent in order to save a file. |
if($action === 'SAVE' and !isset($_POST['data'])) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
#### Hash fingerprint. |
@@ -60,8 +60,8 @@ |
$pathPart = pathinfo($userPath.'.html'); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
header('Internal server error.', true, 500); |
return; |
http_response_code(500); |
die('Internal server error.'); |
} |
switch($action) { |