aboutsummaryrefslogtreecommitdiffstats
path: root/php/share.php
diff options
context:
space:
mode:
authoradam <adam@>2021-02-14 11:58:35 +0200
committeradam <adam@>2021-02-14 11:58:35 +0200
commit66040941492d590fd7a93d6c85f5f095335355e8 (patch)
treea06b764d773092926c1231ad07ae271bc5d937f9 /php/share.php
parent47a01771243568017a5aedfb948a7fb2bf9543f8 (diff)
downloadfileup-66040941492d590fd7a93d6c85f5f095335355e8.tar.gz
trash
Diffstat (limited to 'php/share.php')
-rw-r--r--php/share.php20
1 files changed, 18 insertions, 2 deletions
diff --git a/php/share.php b/php/share.php
index 8f2aeaf..10f8d25 100644
--- a/php/share.php
+++ b/php/share.php
@@ -5,11 +5,16 @@ require_once "user.php";
session_start();
-$user=$_SESSION['user_object'];
if($_SERVER["REQUEST_METHOD"] == "POST")
{
+ if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) )
+ {
+ http_response_code(409);
+ exit(0);
+ }
+ $user=$_SESSION['user_object'];
$path=$_POST["folder"];
/*this could be a directory as well*/
$filename=$_POST["filename"];
@@ -47,8 +52,19 @@ if($_SERVER["REQUEST_METHOD"] == "POST")
exit(0);
}else if($_SERVER["REQUEST_METHOD"]== "GET")
{
+ if(!isset($_GET["file"]))
+ {
+ http_response_code(409);
+ exit(0);
+ }
$code=$_GET["file"];
- $password=$_GET["password"];
+ if(isset($_GET["password"]))
+ {
+ $password=$_GET["password"];
+ }else
+ {
+ $password="";
+ }
$shared_node=$database->get_shared_node($code);
if($shared_node==NULL || $shared_node->password!=$password)