scratch – Rev 28
?pathlinks?
<?php
###########################################################################
## Copyright (C) Wizardry and Steamworks 2017 - License: GNU GPLv3 ##
###########################################################################
require_once('inc/pseudocrypt.php');
require_once('inc/functions.php');
require_once('config.php');
#### Retrieve uploaded file.
if (!isset($_POST['data']) or empty($_POST['data']) or
!isset($_POST['action']) or empty($_POST['action']))
return;
#### Build the user path.
$userPath = join(
DIRECTORY_SEPARATOR,
array(
$STORE_FOLDER,
$SHARED_EDITOR_FILE
)
);
#### Check for path traversals
$pathPart = pathinfo($userPath);
if (strcasecmp(
realpath($pathPart['dirname']), realpath($STORE_FOLDER)) != 0)
return;
$data = $_POST['data'];
switch(strtoupper($_POST['action'])) {
case 'SAVE':
#### Store the file.
atomized_put_contents($userPath, $data);
break;
case 'LOAD':
header('Content-Type: text/html; charset=utf-8');
echo atomized_get_contents($userPath, $data);
break;
}