scratch – Diff between revs 91 and 93
?pathlinks?
Rev 91 | Rev 93 | |||
---|---|---|---|---|
Line 12... | Line 12... | |||
12 | $config = spyc_load_file('config.yaml'); |
12 | $config = spyc_load_file('config.yaml'); |
|
Line 13... | Line 13... | |||
13 | |
13 | |
|
14 | #### POST -> upload / GET -> download |
14 | #### POST -> upload / GET -> download |
|
15 | switch ($_SERVER['REQUEST_METHOD']) { |
15 | switch ($_SERVER['REQUEST_METHOD']) { |
|
- | 16 | case 'POST': |
||
- | 17 | #### Script restrictions. |
||
- | 18 | if( |
||
- | 19 | ( |
||
- | 20 | !isset($_SERVER['HTTP_X_REQUESTED_WITH']) || |
||
- | 21 | empty($_SERVER['HTTP_X_REQUESTED_WITH']) || |
||
- | 22 | strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
||
- | 23 | ) |
||
- | 24 | || |
||
- | 25 | ( |
||
- | 26 | ( |
||
- | 27 | !isset($_SERVER['HTTP_REFERER']) || |
||
- | 28 | empty($_SERVER['HTTP_REFERER']) |
||
- | 29 | ) |
||
- | 30 | && |
||
- | 31 | ( |
||
- | 32 | strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') || |
||
- | 33 | strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
||
- | 34 | ) |
||
- | 35 | ) |
||
- | 36 | ) |
||
- | 37 | { |
||
- | 38 | http_response_code(403); |
||
- | 39 | die('Forbidden.'); |
||
16 | case 'POST': |
40 | } |
|
17 | #### Retrieve uploaded file. |
41 | #### Retrieve uploaded file. |
|
18 | if (!empty($_FILES['file']) and |
42 | if (!empty($_FILES['file']) and |
|
19 | is_uploaded_file($_FILES['file']['tmp_name'])) { |
43 | is_uploaded_file($_FILES['file']['tmp_name'])) { |
|
20 | if($_FILES['file']['size'] > $config['ALLOWED_ASSET_SIZE'] * 1048576) { |
44 | if($_FILES['file']['size'] > $config['ALLOWED_ASSET_SIZE'] * 1048576) { |