scratch – Diff between revs 13 and 14

Subversion Repositories:
Rev:
Only display areas with differencesIgnore whitespace
Rev 13 Rev 14
1 <?php 1 <?php
2   2  
3 ########################################################################### 3 ###########################################################################
4 ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## 4 ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
5 ########################################################################### 5 ###########################################################################
6   6  
7 require_once('inc/pseudocrypt.php'); 7 require_once('inc/pseudocrypt.php');
8 require_once('inc/functions.php'); 8 require_once('inc/functions.php');
9 require_once('config.php'); 9 require_once('config.php');
10   10  
11 #### Retrieve uploaded file. 11 #### Retrieve uploaded file.
12 if (!empty($_FILES['file']) and 12 if (!empty($_FILES['file']) and
13 is_uploaded_file($_FILES['file']['tmp_name'])) { 13 is_uploaded_file($_FILES['file']['tmp_name'])) {
14 # Regular multipart/form-data upload. 14 # Regular multipart/form-data upload.
15 $name = $_FILES['file']['name']; 15 $name = $_FILES['file']['name'];
16 $data = file_get_contents($_FILES['file']['tmp_name']); 16 $data = file_get_contents($_FILES['file']['tmp_name']);
17 } else { 17 } else {
18 # Raw POST data. 18 # Raw POST data.
19 $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']); 19 $name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']);
20 $data = file_get_contents("php://input"); 20 $data = file_get_contents("php://input");
21 } 21 }
-   22  
22   23 #### Grab the file extension.
23 $fileExtension = pathinfo($name, PATHINFO_EXTENSION); 24 $fileExtension = pathinfo($name, PATHINFO_EXTENSION);
24   25  
25 #### Check that the file extension is allowed. 26 #### If the extension is not allowed then change it to a text extension.
26 if(!isset($fileExtension) || 27 if (!isset($fileExtension) ||
27 !in_array(strtoupper($fileExtension), $ALLOWED_FILE_EXTENSIONS)) 28 !in_array(strtoupper($fileExtension), $ALLOWED_FILE_EXTENSIONS))
28 return; 29 $fileExtension = 'txt';
29   -  
30 #### Hash filename and check storage in the upload folder. 30
31 $storePath = realpath($STORE_FOLDER); 31 #### Hash filename.
32 $file = strtolower( 32 $file = strtolower(
33 PseudoCrypt::hash( 33 PseudoCrypt::hash(
34 preg_replace( 34 preg_replace(
35 '/\D/', 35 '/\D/',
36 '', 36 '',
37 hash( 37 hash(
38 'sha512', 38 'sha512',
39 $name 39 $name
40 ) 40 )
41 ) 41 )
42 ). -  
43 '.'. 42 ). '.'.
44 $fileExtension 43 $fileExtension
45 ); 44 );
-   45  
-   46 #### Build the user path.
46 $userPath = join( 47 $userPath = join(
47 DIRECTORY_SEPARATOR, 48 DIRECTORY_SEPARATOR,
48 array( 49 array(
49 $STORE_FOLDER, 50 $STORE_FOLDER,
50 $file 51 $file
51 ) 52 )
52 ); 53 );
53   54  
54 #### Check for path traversals. 55 #### Check for path traversals
55 $pathPart = pathinfo($userPath); 56 $pathPart = pathinfo($userPath);
56 if (realpath($pathPart['dirname']) == $storePath) { 57 if (realpath($pathPart['dirname']) != realpath($STORE_FOLDER))
57 atomized_put_contents($userPath, $data); -  
58 $output = sprintf('%s/%s', trim($URL_PATH, '/'), $file); 58 return;
-   59  
-   60 #### Store the file.
59 } 61 atomized_put_contents($userPath, $data);
60   62  
61 ### Return the URL to the file. 63 ### Return the URL to the file.
62 header('Content-Type: text/plain; charset=utf-8'); 64 header('Content-Type: text/plain; charset=utf-8');
63 echo $output; 65 echo sprintf('%s/%s', trim($URL_PATH, '/'), $file);
64   66