scratch – Diff between revs 48 and 49
?pathlinks?
Rev 48 | Rev 49 | |||
---|---|---|---|---|
1 | <?php |
1 | <?php |
|
2 | |
2 | |
|
3 | ########################################################################### |
3 | ########################################################################### |
|
4 | ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
4 | ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
|
5 | ########################################################################### |
5 | ########################################################################### |
|
6 | |
6 | |
|
7 | require_once('inc/pseudocrypt.php'); |
7 | require_once('inc/pseudocrypt.php'); |
|
8 | require_once('inc/functions.php'); |
8 | require_once('inc/functions.php'); |
|
9 | require_once('config.php'); |
9 | require_once('config.php'); |
|
10 | |
10 | |
|
11 | #### Retrieve uploaded file. |
11 | #### Retrieve uploaded file. |
|
12 | if (!empty($_FILES['file']) and |
12 | if (!empty($_FILES['file']) and |
|
13 | is_uploaded_file($_FILES['file']['tmp_name'])) { |
13 | is_uploaded_file($_FILES['file']['tmp_name'])) { |
|
14 | # Regular multipart/form-data upload. |
14 | # Regular multipart/form-data upload. |
|
15 | $name = $_FILES['file']['name']; |
15 | $name = $_FILES['file']['name']; |
|
16 | $data = file_get_contents($_FILES['file']['tmp_name']); |
16 | $data = file_get_contents($_FILES['file']['tmp_name']); |
|
17 | } else { |
17 | } else { |
|
18 | # Raw POST data. |
18 | # Raw POST data. |
|
19 | $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']); |
19 | $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']); |
|
20 | $data = file_get_contents("php://input"); |
20 | $data = file_get_contents("php://input"); |
|
21 | } |
21 | } |
|
22 | |
22 | |
|
23 | #### Grab the file extension. |
23 | #### Grab the file extension. |
|
24 | $fileExtension = pathinfo($name, PATHINFO_EXTENSION); |
24 | $fileExtension = pathinfo($name, PATHINFO_EXTENSION); |
|
25 | |
25 | |
|
26 | #### If the extension is not allowed then change it to a text extension. |
26 | #### If the extension is not allowed then change it to a text extension. |
|
27 | if (!isset($fileExtension) || |
27 | if (!isset($fileExtension) || |
|
28 | !in_array(strtoupper($fileExtension), |
28 | !in_array(strtoupper($fileExtension), |
|
29 | array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS))) { |
29 | array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS))) { |
|
30 | header("HTTP/1.1 500 Internal Server Error", true, 500); |
30 | header("HTTP/1.1 500 Internal Server Error", true, 500); |
|
31 | return; |
31 | return; |
|
32 | } |
32 | } |
|
33 | |
33 | |
|
34 | #### Hash filename. |
34 | #### Hash filename. |
|
35 | $file = strtolower( |
35 | $file = strtolower( |
|
36 | PseudoCrypt::hash( |
36 | PseudoCrypt::hash( |
|
37 | preg_replace( |
37 | preg_replace( |
|
38 | '/\D/', |
38 | '/\D/', |
|
39 | '', |
39 | '', |
|
40 | hash( |
40 | hash( |
|
41 | 'sha512', |
41 | 'sha512', |
|
42 | $data |
42 | $data |
|
43 | ) |
43 | ) |
|
44 | ), |
44 | ), |
|
45 | $ASSET_HASH_SIZE |
45 | $ASSET_HASH_SIZE |
|
46 | ). |
46 | ) |
|
47 | '.'. |
- | ||
48 | $fileExtension |
- | ||
49 | ); |
47 | ); |
|
50 | |
48 | |
|
51 | #### Build the user path. |
49 | #### Build the user path. |
|
52 | $userPath = join( |
50 | $userPath = join( |
|
53 | DIRECTORY_SEPARATOR, |
51 | DIRECTORY_SEPARATOR, |
|
54 | array( |
52 | array( |
|
55 | $STORE_FOLDER, |
53 | $STORE_FOLDER, |
|
56 | $file |
54 | $file |
|
57 | ) |
55 | ) |
|
58 | ); |
56 | ); |
|
59 | |
57 | |
|
60 | #### Check for path traversals |
58 | #### Check for path traversals |
|
61 | $pathPart = pathinfo($userPath); |
59 | $pathPart = pathinfo($userPath.'.'.$fileExtension); |
|
62 | if (strcasecmp( |
60 | if (strcasecmp( |
|
63 | realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
61 | realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
|
64 | return; |
62 | return; |
|
65 | |
63 | |
|
66 | #### Store the file. |
64 | #### Store the file. |
|
67 | atomized_put_contents($userPath, $data); |
65 | atomized_put_contents($userPath.'.'.$fileExtension, $data); |
|
68 | |
66 | |
|
69 | ### Return the URL to the file. |
67 | ### Return the URL to the file. |
|
70 | header('Content-Type: text/plain; charset=utf-8'); |
68 | header('Content-Type: text/plain; charset=utf-8'); |
|
71 | echo sprintf('%s/%s', trim($URL_PATH, '/'), $file); |
69 | echo sprintf('%s/%s', trim($URL_PATH, '/'), $file); |
|
72 | |
70 | |