scratch – Diff between revs 52 and 53
?pathlinks?
Rev 52 | Rev 53 | |||
---|---|---|---|---|
Line 77... | Line 77... | |||
77 | if (!isset($_GET['o']) or empty($_GET['o'])) { |
77 | if (!isset($_GET['o']) or empty($_GET['o'])) { |
|
78 | http_response_code(404); |
78 | http_response_code(404); |
|
79 | return; |
79 | return; |
|
80 | } |
80 | } |
|
Line -... | Line 81... | |||
- | 81 | |
||
81 | |
82 | ### Find the requested file. |
|
82 | $file = array_shift( |
83 | $file = array_shift( |
|
83 | preg_grep( |
84 | preg_grep( |
|
84 | "/$_GET[o]/", |
85 | "/$_GET[o]/", |
|
85 | scandir($STORE_FOLDER) |
86 | scandir($STORE_FOLDER) |
|
86 | ) |
87 | ) |
|
Line 87... | Line 88... | |||
87 | ); |
88 | ); |
|
88 | |
89 | |
|
- | 90 | if (!isset($file) or empty($file)) |
||
- | 91 | return; |
||
- | 92 | |
||
Line 89... | Line 93... | |||
89 | if (!isset($file) or empty($file)) |
93 | ### Check the path for path traversals. |
|
- | 94 | $fileExtension = pathinfo($file, PATHINFO_EXTENSION); |
||
90 | return; |
95 | |
|
- | 96 | #### If the extension is not allowed then return. |
||
- | 97 | if (!isset($fileExtension) || |
||
- | 98 | !in_array(strtoupper($fileExtension), |
||
- | 99 | array_map('strtoupper', $ALLOWED_FILE_EXTENSIONS))) { |
||
- | 100 | header("HTTP/1.1 500 Internal Server Error", true, 500); |
||
- | 101 | return; |
||
- | 102 | } |
||
- | 103 | |
||
- | 104 | #### Build the user path. |
||
- | 105 | $userPath = join( |
||
91 | |
106 | DIRECTORY_SEPARATOR, |
|
- | 107 | array( |
||
- | 108 | $STORE_FOLDER, |
||
- | 109 | $file |
||
- | 110 | ) |
||
92 | ### Open MIME info database and send the content type. |
111 | ); |
|
- | 112 | |
||
- | 113 | #### Check for path traversals |
||
93 | $finfo = finfo_open(FILEINFO_MIME_TYPE); |
114 | $pathPart = pathinfo($userPath); |
|
94 | if (!$finfo) { |
115 | if (strcasecmp( |
|
95 | http_response_code(500); |
- | ||
96 | return; |
- | ||
97 | } |
- | ||
Line -... | Line 116... | |||
- | 116 | realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) { |
||
- | 117 | return; |
||
- | 118 | } |
||
- | 119 | |
||
- | 120 | ### Hook for HTML files to display properly. |
||
- | 121 | switch(strtoupper($fileExtension)) { |
||
- | 122 | case "HTML": |
||
- | 123 | case "HTM": |
||
- | 124 | header('Content-type: text/html'); |
||
- | 125 | break; |
||
- | 126 | break; |
||
- | 127 | default: |
||
- | 128 | ### Open MIME info database and send the content type. |
||
- | 129 | $finfo = finfo_open(FILEINFO_MIME_TYPE); |
||
- | 130 | if (!$finfo) { |
||
- | 131 | http_response_code(500); |
||
- | 132 | return; |
||
- | 133 | } |
||
- | 134 | |
||
- | 135 | header('Content-type: '.finfo_file($finfo, $userPath)); |
||
98 | |
136 | finfo_close($finfo); |
|
99 | header('Content-type: '.finfo_file($finfo, $STORE_FOLDER.'/'.$file)); |
137 | break; |
|
100 | finfo_close($finfo); |
138 | } |
|
- | 139 | |
||
101 | |
140 | ### Send the file along with the inline content disposition. |
|
102 | ### Send the file along with the inline content disposition. |
141 | header('Content-length: '.(int)get_file_size($userPath)); |
|
103 | header('Content-length: '.(int)get_file_size($STORE_FOLDER.'/'.$file)); |
142 | header('Content-Disposition: inline; filename="' . basename($userPath) . '"'); |