diff options
author | adam <adam@> | 2021-02-13 13:26:41 +0200 |
---|---|---|
committer | adam <adam@> | 2021-02-13 13:26:41 +0200 |
commit | 8b1393b3f06fdd86abc3dca396670965c42ba8c2 (patch) | |
tree | 95a167bcacb1eb9e9d6ac48bda3c7e8ef77c8ff9 /php | |
parent | 8f8d22109484308255d16f318cb488b3c8519885 (diff) | |
parent | 3ab8276b269b3d646d232cf093d13bb280e28bf7 (diff) | |
download | fileup-8b1393b3f06fdd86abc3dca396670965c42ba8c2.tar.gz |
Merge https://github.com/alexvitkov/india
Diffstat (limited to 'php')
-rw-r--r-- | php/readfile.php | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/php/readfile.php b/php/readfile.php index d978ffc..6e759d3 100644 --- a/php/readfile.php +++ b/php/readfile.php @@ -6,7 +6,7 @@ require_once "node.php"; require_once "misc.php"; session_start(); -if (!isset($_POST["filename"]) || !isset($_FILES["folder"])) { +if (!isset($_POST["filename"]) || !isset($_POST["folder"])) { error_log("/php/readfile.php - invalid request"); http_response_code(400); exit(1); @@ -19,7 +19,7 @@ $filename = $_POST["filename"]; $dir = get_directory($folder, $user); if (!$dir) { - error_log("i/php/readfile.php - invalid directory"); + error_log("/php/readfile.php - invalid directory"); http_response_code(409); exit(0); } @@ -30,7 +30,15 @@ $file_node = null; foreach ($contents_of_dir as $c) { if ($c['name'] == $filename) { $file_node = $c; + break; } } +if (!$file_node) { + error_log("/php/readfile.php - invalid filename"); + http_response_code(409); + exit(0); +} + +header("Content-type: $file_node[mimetype]"); -var_error_log($file_node); +readfile("$storage_root/$file_node[code]"); |