scratch
/quickload/store-text.php |
@@ -0,0 +1,43 @@ |
<?php |
|
########################################################################### |
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
########################################################################### |
|
require_once('inc/pseudocrypt.php'); |
require_once('inc/functions.php'); |
require_once('config.php'); |
|
#### Retrieve uploaded file. |
if (!isset($_POST['data']) or empty($_POST['data']) or |
!isset($_POST['action']) or empty($_POST['action'])) |
return; |
|
#### Build the user path. |
$userPath = join( |
DIRECTORY_SEPARATOR, |
array( |
$STORE_FOLDER, |
$SHARED_EDITOR_FILE |
) |
); |
|
#### Check for path traversals |
$pathPart = pathinfo($userPath); |
if (strcasecmp( |
realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
return; |
|
$data = $_POST['data']; |
|
switch(strtoupper($_POST['action'])) { |
case 'SAVE': |
#### Store the file. |
atomized_put_contents($userPath, $data); |
break; |
case 'LOAD': |
header('Content-Type: text/html; charset=utf-8'); |
echo atomized_get_contents($userPath, $data); |
break; |
} |
|