scratch
/text.php |
@@ -12,26 +12,8 @@ |
$config = spyc_load_file('config.yaml'); |
|
#### Script restrictions. |
if( |
( |
!isset($_SERVER['HTTP_X_REQUESTED_WITH']) or |
empty($_SERVER['HTTP_X_REQUESTED_WITH']) or |
strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
) |
or |
( |
( |
!isset($_SERVER['HTTP_REFERER']) or |
empty($_SERVER['HTTP_REFERER']) |
) |
and |
( |
#strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or |
strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
) |
) |
) |
{ |
session_start(); |
if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) { |
http_response_code(403); |
die('Forbidden.'); |
} |