scratch – Diff between revs 94 and 96
?pathlinks?
Rev 94 | Rev 96 | |||
---|---|---|---|---|
Line 10... | Line 10... | |||
10 | |
10 | |
|
11 | ### Load configuration. |
11 | ### Load configuration. |
|
Line 12... | Line 12... | |||
12 | $config = spyc_load_file('config.yaml'); |
12 | $config = spyc_load_file('config.yaml'); |
|
13 | |
- | ||
14 | #### Script restrictions. |
- | ||
15 | if( |
- | ||
16 | ( |
- | ||
17 | !isset($_SERVER['HTTP_X_REQUESTED_WITH']) or |
- | ||
18 | empty($_SERVER['HTTP_X_REQUESTED_WITH']) or |
- | ||
19 | strtoupper($_SERVER['HTTP_X_REQUESTED_WITH']) != 'XMLHTTPREQUEST' |
- | ||
20 | ) |
- | ||
21 | or |
- | ||
22 | ( |
- | ||
23 | ( |
- | ||
24 | !isset($_SERVER['HTTP_REFERER']) or |
- | ||
25 | empty($_SERVER['HTTP_REFERER']) |
13 | |
|
26 | ) |
- | ||
27 | and |
14 | #### Script restrictions. |
|
28 | ( |
- | ||
29 | #strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'FILE.HTML') or |
- | ||
30 | strtoupper($_SERVER['HTTP_REFERER']) != strtoupper($config['URL_PATH'].'TEXT.HTML') |
- | ||
31 | ) |
- | ||
32 | ) |
- | ||
33 | ) |
15 | session_start(); |
|
34 | { |
16 | if (empty($_POST['token']) || !hash_equals($_SESSION['token'], $_POST['token'])) { |
|
35 | http_response_code(403); |
17 | http_response_code(403); |
|
Line 36... | Line 18... | |||
36 | die('Forbidden.'); |
18 | die('Forbidden.'); |