scratch
/text.php |
@@ -14,19 +14,19 @@ |
#### Script restrictions. |
if( |
( |
!isset($_SERVER['HTTP_X_REQUESTED_WITH']) || |
empty($_SERVER['HTTP_X_REQUESTED_WITH']) || |
!isset($_SERVER['HTTP_X_REQUESTED_WITH']) or |
empty($_SERVER['HTTP_X_REQUESTED_WITH']) or |
strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
) |
|| |
or |
( |
( |
!isset($_SERVER['HTTP_REFERER']) || |
!isset($_SERVER['HTTP_REFERER']) or |
empty($_SERVER['HTTP_REFERER']) |
) |
&& |
and |
( |
#strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') || |
#strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or |
strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
) |
) |
@@ -36,7 +36,9 @@ |
die('Forbidden.'); |
} |
|
#### Check if the fingerprint and action are set parameters. |
if(!isset($_POST['fingerprint']) or empty($_POST['fingerprint']) or |
!preg_match('/^[A-Za-z0-9]{32}$/', $_POST['fingerprint']) or |
!isset($_POST['action']) or empty($_POST['action'])) { |
http_response_code(500); |
die('Internal server error.'); |