Dodaj walidację tokenów uploadu oraz zabezpieczenia dostępu w plikach dialog.php i upload-articles-*.php
This commit is contained in:
@@ -19,6 +19,21 @@ header( "Cache-Control: no-store, no-cache, must-revalidate" );
|
||||
header( "Cache-Control: post-check=0, pre-check=0", false );
|
||||
header( "Pragma: no-cache" );
|
||||
|
||||
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||
if (!isset($_SESSION['upload_tokens'][$upload_token])) {
|
||||
http_response_code(403);
|
||||
echo json_encode(['error' => 'Brak tokenu uploadu']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||
if ($tokenData['expires'] < time()) {
|
||||
unset($_SESSION['upload_tokens'][$upload_token]);
|
||||
http_response_code(403);
|
||||
echo json_encode(['error' => 'Token wygasł']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$fileDir = '/upload/article_files/tmp';
|
||||
$targetDir = '../..' . $fileDir;
|
||||
|
||||
@@ -34,14 +49,14 @@ $fileName = isset( $_REQUEST["name"] ) ? $_REQUEST["name"] : '';
|
||||
|
||||
$fileName = preg_replace( '/[^\w\._]+/', '_', $fileName );
|
||||
|
||||
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
{
|
||||
$ext = strrpos( $fileName, '.' );
|
||||
$fileName_a = substr( $fileName, 0, $ext );
|
||||
$fileName_b = substr( $fileName, $ext );
|
||||
|
||||
$count = 1;
|
||||
|
||||
|
||||
while ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b ) )
|
||||
$count++;
|
||||
|
||||
@@ -50,9 +65,9 @@ if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
|
||||
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
|
||||
|
||||
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
|
||||
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
|
||||
{
|
||||
while ( ( $file = readdir( $dir ) ) !== false )
|
||||
while ( ( $file = readdir( $dir ) ) !== false )
|
||||
{
|
||||
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
|
||||
|
||||
@@ -62,7 +77,7 @@ if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir )
|
||||
}
|
||||
|
||||
closedir($dir);
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}' );
|
||||
|
||||
@@ -72,40 +87,40 @@ if ( isset( $_SERVER["HTTP_CONTENT_TYPE"] ) )
|
||||
if ( isset( $_SERVER["CONTENT_TYPE"] ) )
|
||||
$contentType = $_SERVER["CONTENT_TYPE"];
|
||||
|
||||
if ( strpos( $contentType, "multipart" ) !== false )
|
||||
if ( strpos( $contentType, "multipart" ) !== false )
|
||||
{
|
||||
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
|
||||
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
|
||||
{
|
||||
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
|
||||
if ( $out )
|
||||
if ( $out )
|
||||
{
|
||||
$in = fopen( $_FILES['file']['tmp_name'], "rb" );
|
||||
|
||||
if ( $in )
|
||||
if ( $in )
|
||||
{
|
||||
while ( $buff = fread( $in, 4096 ) )
|
||||
fwrite($out, $buff);
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}' );
|
||||
fclose( $in );
|
||||
fclose( $out );
|
||||
@unlink( $_FILES['file']['tmp_name'] );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}' );
|
||||
}
|
||||
else
|
||||
}
|
||||
else
|
||||
{
|
||||
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
|
||||
if ( $out )
|
||||
{
|
||||
$in = fopen( "php://input", "rb" );
|
||||
|
||||
if ( $in )
|
||||
if ( $in )
|
||||
{
|
||||
while ( $buff = fread( $in, 4096 ) )
|
||||
fwrite( $out, $buff );
|
||||
@@ -115,20 +130,20 @@ else
|
||||
|
||||
fclose( $in );
|
||||
fclose( $out );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
|
||||
}
|
||||
|
||||
if ( !$chunks || $chunk == $chunks - 1 )
|
||||
if ( !$chunks || $chunk == $chunks - 1 )
|
||||
{
|
||||
rename( "{$filePath}.part", $filePath );
|
||||
|
||||
$mdb -> insert( 'pp_articles_files', [
|
||||
|
||||
$mdb -> insert( 'pp_articles_files', [
|
||||
'article_id' => null,
|
||||
'src' => substr( $filePath, 5, strlen( $filePath ) )
|
||||
] );
|
||||
|
||||
|
||||
$file_id = $mdb -> id();
|
||||
$file_name = explode( '/', $filePath );
|
||||
$file_name = $file_name[ count( $file_name ) - 1 ];
|
||||
|
||||
@@ -19,6 +19,21 @@ header( "Cache-Control: no-store, no-cache, must-revalidate" );
|
||||
header( "Cache-Control: post-check=0, pre-check=0", false );
|
||||
header( "Pragma: no-cache" );
|
||||
|
||||
$upload_token = $_REQUEST['upload_token'] ?? '';
|
||||
if (!isset($_SESSION['upload_tokens'][$upload_token])) {
|
||||
http_response_code(403);
|
||||
echo json_encode(['error' => 'Brak tokenu uploadu']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$tokenData = $_SESSION['upload_tokens'][$upload_token];
|
||||
if ($tokenData['expires'] < time()) {
|
||||
unset($_SESSION['upload_tokens'][$upload_token]);
|
||||
http_response_code(403);
|
||||
echo json_encode(['error' => 'Token wygasł']);
|
||||
exit;
|
||||
}
|
||||
|
||||
$fileDir = '/upload/article_images/tmp';
|
||||
$targetDir = '../..' . $fileDir;
|
||||
|
||||
@@ -34,14 +49,14 @@ $fileName = isset( $_REQUEST["name"] ) ? $_REQUEST["name"] : '';
|
||||
|
||||
$fileName = preg_replace( '/[^\w\._]+/', '_', $fileName );
|
||||
|
||||
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
{
|
||||
$ext = strrpos( $fileName, '.' );
|
||||
$fileName_a = substr( $fileName, 0, $ext );
|
||||
$fileName_b = substr( $fileName, $ext );
|
||||
|
||||
$count = 1;
|
||||
|
||||
|
||||
while ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b ) )
|
||||
$count++;
|
||||
|
||||
@@ -50,9 +65,9 @@ if ( file_exists( $targetDir . DIRECTORY_SEPARATOR . $fileName ) )
|
||||
|
||||
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
|
||||
|
||||
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
|
||||
if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir ) ) )
|
||||
{
|
||||
while ( ( $file = readdir( $dir ) ) !== false )
|
||||
while ( ( $file = readdir( $dir ) ) !== false )
|
||||
{
|
||||
$tmpfilePath = $targetDir . DIRECTORY_SEPARATOR . $file;
|
||||
|
||||
@@ -62,7 +77,7 @@ if ( $cleanupTargetDir && is_dir( $targetDir ) && ( $dir = opendir( $targetDir )
|
||||
}
|
||||
|
||||
closedir($dir);
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 100, "message": "Failed to open temp directory."}, "id" : "id"}' );
|
||||
|
||||
@@ -72,40 +87,40 @@ if ( isset( $_SERVER["HTTP_CONTENT_TYPE"] ) )
|
||||
if ( isset( $_SERVER["CONTENT_TYPE"] ) )
|
||||
$contentType = $_SERVER["CONTENT_TYPE"];
|
||||
|
||||
if ( strpos( $contentType, "multipart" ) !== false )
|
||||
if ( strpos( $contentType, "multipart" ) !== false )
|
||||
{
|
||||
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
|
||||
if ( isset( $_FILES['file']['tmp_name'] ) && is_uploaded_file( $_FILES['file']['tmp_name'] ) )
|
||||
{
|
||||
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
|
||||
if ( $out )
|
||||
if ( $out )
|
||||
{
|
||||
$in = fopen( $_FILES['file']['tmp_name'], "rb" );
|
||||
|
||||
if ( $in )
|
||||
if ( $in )
|
||||
{
|
||||
while ( $buff = fread( $in, 4096 ) )
|
||||
fwrite($out, $buff);
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 101, "message": "Failed to open input stream."}, "id" : "id"}' );
|
||||
fclose( $in );
|
||||
fclose( $out );
|
||||
@unlink( $_FILES['file']['tmp_name'] );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 103, "message": "Failed to move uploaded file."}, "id" : "id"}' );
|
||||
}
|
||||
else
|
||||
}
|
||||
else
|
||||
{
|
||||
$out = fopen( "{$filePath}.part", $chunk == 0 ? "wb" : "ab" );
|
||||
if ( $out )
|
||||
{
|
||||
$in = fopen( "php://input", "rb" );
|
||||
|
||||
if ( $in )
|
||||
if ( $in )
|
||||
{
|
||||
while ( $buff = fread( $in, 4096 ) )
|
||||
fwrite( $out, $buff );
|
||||
@@ -115,16 +130,16 @@ else
|
||||
|
||||
fclose( $in );
|
||||
fclose( $out );
|
||||
}
|
||||
}
|
||||
else
|
||||
die( '{"jsonrpc" : "2.0", "error" : {"code": 102, "message": "Failed to open output stream."}, "id" : "id"}' );
|
||||
}
|
||||
|
||||
if ( !$chunks || $chunk == $chunks - 1 )
|
||||
if ( !$chunks || $chunk == $chunks - 1 )
|
||||
{
|
||||
rename( "{$filePath}.part", $filePath );
|
||||
|
||||
$mdb -> insert( 'pp_articles_images', [
|
||||
|
||||
$mdb -> insert( 'pp_articles_images', [
|
||||
'article_id' => $_POST['article_id'] ? $_POST['article_id'] : null,
|
||||
'src' => substr( $filePath, 5, strlen( $filePath ) )
|
||||
] );
|
||||
|
||||
Reference in New Issue
Block a user