scratch – Diff between revs 48 and 49

Subversion Repositories:
Rev:
Only display areas with differencesIgnore whitespace
Rev 48 Rev 49
1 <?php 1 <?php
2   2  
3 ########################################################################### 3 ###########################################################################
4 ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## 4 ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
5 ########################################################################### 5 ###########################################################################
6   6  
7 require_once('inc/pseudocrypt.php'); 7 require_once('inc/pseudocrypt.php');
8 require_once('inc/functions.php'); 8 require_once('inc/functions.php');
9 require_once('config.php'); 9 require_once('config.php');
10   10  
11 #### Retrieve uploaded file. 11 #### Retrieve uploaded file.
12 if (!empty($_FILES['file']) and 12 if (!empty($_FILES['file']) and
13 is_uploaded_file($_FILES['file']['tmp_name'])) { 13 is_uploaded_file($_FILES['file']['tmp_name'])) {
14 # Regular multipart/form-data upload. 14 # Regular multipart/form-data upload.
15 $name = $_FILES['file']['name']; 15 $name = $_FILES['file']['name'];
16 $data = file_get_contents($_FILES['file']['tmp_name']); 16 $data = file_get_contents($_FILES['file']['tmp_name']);
17 } else { 17 } else {
18 # Raw POST data. 18 # Raw POST data.
19 $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']); 19 $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']);
20 $data = file_get_contents("php://input"); 20 $data = file_get_contents("php://input");
21 } 21 }
22   22  
23 #### Grab the file extension. 23 #### Grab the file extension.
24 $fileExtension = pathinfo($name, PATHINFO_EXTENSION); 24 $fileExtension = pathinfo($name, PATHINFO_EXTENSION);
25   25  
26 #### If the extension is not allowed then change it to a text extension. 26 #### If the extension is not allowed then change it to a text extension.
27 if (!isset($fileExtension) || 27 if (!isset($fileExtension) ||
28 !in_array(strtoupper($fileExtension), 28 !in_array(strtoupper($fileExtension),
29 array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS))) { 29 array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS))) {
30 header("HTTP/1.1 500 Internal Server Error", true, 500); 30 header("HTTP/1.1 500 Internal Server Error", true, 500);
31 return; 31 return;
32 } 32 }
33 33
34 #### Hash filename. 34 #### Hash filename.
35 $file = strtolower( 35 $file = strtolower(
36 PseudoCrypt::hash( 36 PseudoCrypt::hash(
37 preg_replace( 37 preg_replace(
38 '/\D/', 38 '/\D/',
39 '', 39 '',
40 hash( 40 hash(
41 'sha512', 41 'sha512',
42 $data 42 $data
43 ) 43 )
44 ), 44 ),
45 $ASSET_HASH_SIZE 45 $ASSET_HASH_SIZE
46 ). 46 )
47 '.'. -  
48 $fileExtension -  
49 ); 47 );
50   48  
51 #### Build the user path. 49 #### Build the user path.
52 $userPath = join( 50 $userPath = join(
53 DIRECTORY_SEPARATOR, 51 DIRECTORY_SEPARATOR,
54 array( 52 array(
55 $STORE_FOLDER, 53 $STORE_FOLDER,
56 $file 54 $file
57 ) 55 )
58 ); 56 );
59   57  
60 #### Check for path traversals 58 #### Check for path traversals
61 $pathPart = pathinfo($userPath); 59 $pathPart = pathinfo($userPath.'.'.$fileExtension);
62 if (strcasecmp( 60 if (strcasecmp(
63 realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) 61 realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0)
64 return; 62 return;
65   63  
66 #### Store the file. 64 #### Store the file.
67 atomized_put_contents($userPath, $data); 65 atomized_put_contents($userPath.'.'.$fileExtension, $data);
68   66  
69 ### Return the URL to the file. 67 ### Return the URL to the file.
70 header('Content-Type: text/plain; charset=utf-8'); 68 header('Content-Type: text/plain; charset=utf-8');
71 echo sprintf('%s/%s', trim($URL_PATH, '/'), $file); 69 echo sprintf('%s/%s', trim($URL_PATH, '/'), $file);
72   70