diff options
author | adam <adam@> | 2021-02-14 11:58:35 +0200 |
---|---|---|
committer | adam <adam@> | 2021-02-14 11:58:35 +0200 |
commit | 66040941492d590fd7a93d6c85f5f095335355e8 (patch) | |
tree | a06b764d773092926c1231ad07ae271bc5d937f9 /php/share.php | |
parent | 47a01771243568017a5aedfb948a7fb2bf9543f8 (diff) | |
download | fileup-66040941492d590fd7a93d6c85f5f095335355e8.tar.gz |
trash
Diffstat (limited to 'php/share.php')
-rw-r--r-- | php/share.php | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/php/share.php b/php/share.php index 8f2aeaf..10f8d25 100644 --- a/php/share.php +++ b/php/share.php @@ -5,11 +5,16 @@ require_once "user.php"; session_start(); -$user=$_SESSION['user_object']; if($_SERVER["REQUEST_METHOD"] == "POST") { + if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) ) + { + http_response_code(409); + exit(0); + } + $user=$_SESSION['user_object']; $path=$_POST["folder"]; /*this could be a directory as well*/ $filename=$_POST["filename"]; @@ -47,8 +52,19 @@ if($_SERVER["REQUEST_METHOD"] == "POST") exit(0); }else if($_SERVER["REQUEST_METHOD"]== "GET") { + if(!isset($_GET["file"])) + { + http_response_code(409); + exit(0); + } $code=$_GET["file"]; - $password=$_GET["password"]; + if(isset($_GET["password"])) + { + $password=$_GET["password"]; + }else + { + $password=""; + } $shared_node=$database->get_shared_node($code); if($shared_node==NULL || $shared_node->password!=$password) |