scratch – Diff between revs 48 and 49
?pathlinks?
Rev 48 | Rev 49 | |||
---|---|---|---|---|
Line 38... | Line 38... | |||
38 | 'sha512', |
38 | 'sha512', |
|
39 | $fingerprint, |
39 | $fingerprint, |
|
40 | ) |
40 | ) |
|
41 | ), |
41 | ), |
|
42 | $ASSET_HASH_SIZE |
42 | $ASSET_HASH_SIZE |
|
43 | ). |
43 | ) |
|
44 | '.html' |
- | ||
45 | ); |
44 | ); |
|
Line 46... | Line 45... | |||
46 | |
45 | |
|
47 | #### Build the user path. |
46 | #### Build the user path. |
|
48 | $userPath = join( |
47 | $userPath = join( |
|
Line 52... | Line 51... | |||
52 | $file |
51 | $file |
|
53 | ) |
52 | ) |
|
54 | ); |
53 | ); |
|
Line 55... | Line 54... | |||
55 | |
54 | |
|
56 | #### Check for path traversals |
55 | #### Check for path traversals |
|
57 | $pathPart = pathinfo($userPath); |
56 | $pathPart = pathinfo($userPath.'.html'); |
|
58 | if (strcasecmp( |
57 | if (strcasecmp( |
|
59 | realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
58 | realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0) |
|
Line 60... | Line 59... | |||
60 | return; |
59 | return; |
|
61 | |
60 | |
|
62 | switch($action) { |
61 | switch($action) { |
|
63 | case 'SAVE': |
62 | case 'SAVE': |
|
64 | #### Store the file. |
63 | #### Store the file. |
|
65 | atomized_put_contents($userPath, $_POST['data']); |
64 | atomized_put_contents($userPath.'.html', $_POST['data']); |
|
66 | break; |
65 | break; |
|
67 | case 'LOAD': |
66 | case 'LOAD': |
|
68 | if(!file_exists($userPath)) |
67 | if(!file_exists($userPath)) |
|
69 | return; |
68 | return; |
|
70 | echo atomized_get_contents($userPath); |
69 | echo atomized_get_contents($userPath.'.html'); |