From 66040941492d590fd7a93d6c85f5f095335355e8 Mon Sep 17 00:00:00 2001 From: adam Date: Sun, 14 Feb 2021 11:58:35 +0200 Subject: trash --- php/share.php | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) (limited to 'php/share.php') diff --git a/php/share.php b/php/share.php index 8f2aeaf..10f8d25 100644 --- a/php/share.php +++ b/php/share.php @@ -5,11 +5,16 @@ require_once "user.php"; session_start(); -$user=$_SESSION['user_object']; if($_SERVER["REQUEST_METHOD"] == "POST") { + if(!isset($_SESSION['user_object']) || !isset($_POST["folder"]) || !isset($_POST["filename"]) || !isset($_POST["users"]) || !isset($_POST["password"]) || !isset($_POST["premissions"]) ) + { + http_response_code(409); + exit(0); + } + $user=$_SESSION['user_object']; $path=$_POST["folder"]; /*this could be a directory as well*/ $filename=$_POST["filename"]; @@ -47,8 +52,19 @@ if($_SERVER["REQUEST_METHOD"] == "POST") exit(0); }else if($_SERVER["REQUEST_METHOD"]== "GET") { + if(!isset($_GET["file"])) + { + http_response_code(409); + exit(0); + } $code=$_GET["file"]; - $password=$_GET["password"]; + if(isset($_GET["password"])) + { + $password=$_GET["password"]; + }else + { + $password=""; + } $shared_node=$database->get_shared_node($code); if($shared_node==NULL || $shared_node->password!=$password) -- cgit v1.2.3