scratch – Diff between revs 93 and 94
?pathlinks?
| Rev 93 | Rev 94 | |||
|---|---|---|---|---|
| 1 | <?php |
1 | <?php |
|
| 2 | |
2 | |
|
| 3 | ########################################################################### |
3 | ########################################################################### |
|
| 4 | ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
4 | ## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ## |
|
| 5 | ########################################################################### |
5 | ########################################################################### |
|
| 6 | |
6 | |
|
| 7 | require_once('php/pseudocrypt.php'); |
7 | require_once('php/pseudocrypt.php'); |
|
| 8 | require_once('php/functions.php'); |
8 | require_once('php/functions.php'); |
|
| 9 | require_once('vendor/autoload.php'); |
9 | require_once('vendor/autoload.php'); |
|
| 10 | |
10 | |
|
| 11 | ### Load configuration. |
11 | ### Load configuration. |
|
| 12 | $config = spyc_load_file('config.yaml'); |
12 | $config = spyc_load_file('config.yaml'); |
|
| 13 | |
13 | |
|
| 14 | #### Script restrictions. |
14 | #### Script restrictions. |
|
| 15 | if( |
15 | if( |
|
| 16 | ( |
16 | ( |
|
| 17 | !isset($_SERVER['HTTP_X_REQUESTED_WITH']) || |
17 | !isset($_SERVER['HTTP_X_REQUESTED_WITH']) or |
|
| 18 | empty($_SERVER['HTTP_X_REQUESTED_WITH']) || |
18 | empty($_SERVER['HTTP_X_REQUESTED_WITH']) or |
|
| 19 | strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
19 | strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
|
| 20 | ) |
20 | ) |
|
| 21 | || |
21 | or |
|
| 22 | ( |
22 | ( |
|
| 23 | ( |
23 | ( |
|
| 24 | !isset($_SERVER['HTTP_REFERER']) || |
24 | !isset($_SERVER['HTTP_REFERER']) or |
|
| 25 | empty($_SERVER['HTTP_REFERER']) |
25 | empty($_SERVER['HTTP_REFERER']) |
|
| 26 | ) |
26 | ) |
|
| 27 | && |
27 | and |
|
| 28 | ( |
28 | ( |
|
| 29 | #strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') || |
29 | #strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or |
|
| 30 | strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
30 | strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
|
| 31 | ) |
31 | ) |
|
| 32 | ) |
32 | ) |
|
| 33 | ) |
33 | ) |
|
| 34 | { |
34 | { |
|
| 35 | http_response_code(403); |
35 | http_response_code(403); |
|
| 36 | die('Forbidden.'); |
36 | die('Forbidden.'); |
|
| 37 | } |
37 | } |
|
| - | 38 | |
||
| 38 | |
39 | #### Check if the fingerprint and action are set parameters. |
|
| - | 40 | if(!isset($_POST['fingerprint']) or empty($_POST['fingerprint']) or |
||
| 39 | if(!isset($_POST['fingerprint']) or empty($_POST['fingerprint']) or |
41 | !preg_match('/^[A-Za-z0-9]{32}$/', $_POST['fingerprint']) or |
|
| 40 | !isset($_POST['action']) or empty($_POST['action'])) { |
42 | !isset($_POST['action']) or empty($_POST['action'])) { |
|
| 41 | http_response_code(500); |
43 | http_response_code(500); |
|
| 42 | die('Internal server error.'); |
44 | die('Internal server error.'); |
|
| 43 | } |
45 | } |
|
| 44 | |
46 | |
|
| 45 | #### Check fingerprint consistency. |
47 | #### Check fingerprint consistency. |
|
| 46 | $fingerprint = strtoupper($_POST['fingerprint']); |
48 | $fingerprint = strtoupper($_POST['fingerprint']); |
|
| 47 | if(strlen($fingerprint) !== 32) { |
49 | if(strlen($fingerprint) !== 32) { |
|
| 48 | http_response_code(500); |
50 | http_response_code(500); |
|
| 49 | die('Internal server error.'); |
51 | die('Internal server error.'); |
|
| 50 | } |
52 | } |
|
| 51 | |
53 | |
|
| 52 | $action = strtoupper($_POST['action']); |
54 | $action = strtoupper($_POST['action']); |
|
| 53 | |
55 | |
|
| 54 | #### Data must be sent in order to save a file. |
56 | #### Data must be sent in order to save a file. |
|
| 55 | if($action === 'SAVE' and !isset($_POST['data'])) { |
57 | if($action === 'SAVE' and !isset($_POST['data'])) { |
|
| 56 | http_response_code(500); |
58 | http_response_code(500); |
|
| 57 | die('Internal server error.'); |
59 | die('Internal server error.'); |
|
| 58 | } |
60 | } |
|
| 59 | |
61 | |
|
| 60 | #### Hash fingerprint. |
62 | #### Hash fingerprint. |
|
| 61 | $file = strtolower( |
63 | $file = strtolower( |
|
| 62 | PseudoCrypt::hash( |
64 | PseudoCrypt::hash( |
|
| 63 | preg_replace( |
65 | preg_replace( |
|
| 64 | '/\D/', |
66 | '/\D/', |
|
| 65 | '', |
67 | '', |
|
| 66 | hash( |
68 | hash( |
|
| 67 | 'sha512', |
69 | 'sha512', |
|
| 68 | $fingerprint |
70 | $fingerprint |
|
| 69 | ) |
71 | ) |
|
| 70 | ), |
72 | ), |
|
| 71 | $config['ASSET_HASH_SIZE'] |
73 | $config['ASSET_HASH_SIZE'] |
|
| 72 | ) |
74 | ) |
|
| 73 | ); |
75 | ); |
|
| 74 | |
76 | |
|
| 75 | #### Build the user path. |
77 | #### Build the user path. |
|
| 76 | $userPath = join( |
78 | $userPath = join( |
|
| 77 | DIRECTORY_SEPARATOR, |
79 | DIRECTORY_SEPARATOR, |
|
| 78 | array( |
80 | array( |
|
| 79 | $config['STORE_FOLDER'], |
81 | $config['STORE_FOLDER'], |
|
| 80 | $file |
82 | $file |
|
| 81 | ) |
83 | ) |
|
| 82 | ); |
84 | ); |
|
| 83 | |
85 | |
|
| 84 | #### Check for path traversals |
86 | #### Check for path traversals |
|
| 85 | $pathPart = pathinfo($userPath.'.html'); |
87 | $pathPart = pathinfo($userPath.'.html'); |
|
| 86 | if (strcasecmp( |
88 | if (strcasecmp( |
|
| 87 | realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
89 | realpath($pathPart['dirname']), realpath($config['STORE_FOLDER'])) != 0) { |
|
| 88 | http_response_code(500); |
90 | http_response_code(500); |
|
| 89 | die('Internal server error.'); |
91 | die('Internal server error.'); |
|
| 90 | } |
92 | } |
|
| 91 | |
93 | |
|
| 92 | switch($action) { |
94 | switch($action) { |
|
| 93 | case 'SAVE': |
95 | case 'SAVE': |
|
| 94 | #### Store the file. |
96 | #### Store the file. |
|
| 95 | atomized_put_contents($userPath.'.html', $_POST['data']); |
97 | atomized_put_contents($userPath.'.html', $_POST['data']); |
|
| 96 | break; |
98 | break; |
|
| 97 | case 'LOAD': |
99 | case 'LOAD': |
|
| 98 | if(!file_exists($userPath.'.html')) { |
100 | if(!file_exists($userPath.'.html')) { |
|
| 99 | ### If the file does not exist, present an empty file instead of 404. |
101 | ### If the file does not exist, present an empty file instead of 404. |
|
| 100 | echo ''; |
102 | echo ''; |
|
| 101 | return; |
103 | return; |
|
| 102 | } |
104 | } |
|
| 103 | ### Set no-cache |
105 | ### Set no-cache |
|
| 104 | header('Content-Type: text/html; charset=utf-8'); |
106 | header('Content-Type: text/html; charset=utf-8'); |
|
| 105 | header('Cache-Control: no-cache, no-store, must-revalidate'); |
107 | header('Cache-Control: no-cache, no-store, must-revalidate'); |
|
| 106 | header('Pragma: no-cache'); |
108 | header('Pragma: no-cache'); |
|
| 107 | header('Expires: 0'); |
109 | header('Expires: 0'); |
|
| 108 | ### Open MIME info database and send the content type. |
110 | ### Open MIME info database and send the content type. |
|
| 109 | header('Content-type: text/html'); |
111 | header('Content-type: text/html'); |
|
| 110 | ### Send the file along with the inline content disposition. |
112 | ### Send the file along with the inline content disposition. |
|
| 111 | header('Content-length: '.(int)get_file_size($userPath.'.html')); |
113 | header('Content-length: '.(int)get_file_size($userPath.'.html')); |
|
| 112 | header('Content-Disposition: inline; filename="' . basename($userPath.'.html') . '"'); |
114 | header('Content-Disposition: inline; filename="' . basename($userPath.'.html') . '"'); |
|
| 113 | header('X-Sendfile: '.$userPath.'.html'); |
115 | header('X-Sendfile: '.$userPath.'.html'); |
|
| 114 | break; |
116 | break; |
|
| 115 | } |
117 | } |
|
| 116 | |
118 | |
|
| 117 | |
119 | |
|