scratch

Subversion Repositories:
Compare Path: Rev
With Path: Rev
?path1? @ 93  →  ?path2? @ 94
/text.php
@@ -14,19 +14,19 @@
#### Script restrictions.
if(
(
!isset($_SERVER['HTTP_X_REQUESTED_WITH']) ||
empty($_SERVER['HTTP_X_REQUESTED_WITH']) ||
!isset($_SERVER['HTTP_X_REQUESTED_WITH']) or
empty($_SERVER['HTTP_X_REQUESTED_WITH']) or
strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST'
)
||
or
(
(
!isset($_SERVER['HTTP_REFERER']) ||
!isset($_SERVER['HTTP_REFERER']) or
empty($_SERVER['HTTP_REFERER'])
)
&&
and
(
#strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') ||
#strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or
strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML')
)
)
@@ -36,7 +36,9 @@
die('Forbidden.');
}
 
#### Check if the fingerprint and action are set parameters.
if(!isset($_POST['fingerprint']) or empty($_POST['fingerprint']) or
!preg_match('/^[A-Za-z0-9]{32}$/', $_POST['fingerprint']) or
!isset($_POST['action']) or empty($_POST['action'])) {
http_response_code(500);
die('Internal server error.');