-
Notifications
You must be signed in to change notification settings - Fork 24
/
fileapi.php
98 lines (94 loc) · 5.02 KB
/
fileapi.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
header("Access-Control-Allow-Origin: ".$_SERVER['HTTP_REFERER']);
if(isset($_COOKIE['keyword'])){
if($_COOKIE['keyword']){
if(strpos($_COOKIE['keyword'], '.') !== false || strpos($_COOKIE['keyword'], '/') !== false){
// bad cookie. ignore it
unset($_COOKIE['keyword']);
}
}
}
ini_set("open_basedir", "./");
if(isset($_GET['id']) && isset($_GET['file']) && (isset($_GET['text']) || isset($_GET['delete']))/* && substr($_SERVER['HTTP_REFERER'], 0, 37) === 'https://aaron-os-mineandcraft12.c9.io'*/){
function error($errno, $errstr){
echo "Error - [" + $errno + '] ' + $errstr;
die();
}
set_error_handler("error");
if(strlen($_GET['text']) !== 0){
if(isset($_COOKIE['keyword'])){
if(is_dir('USERFILES/'.$_GET['id']) && strlen($_GET['id']) == 21 && $_COOKIE['keyword'] === $_GET['id']){
if(file_exists('USERFILES/'.$_GET['id'].'/aOSpassword.txt')){
if(isset($_COOKIE['password'])){
if(!password_verify($_COOKIE['password'], file_get_contents('USERFILES/'.$_GET['id'].'/aOSpassword.txt'))){
echo 'Error - User password is incorrect.';
die();
}
}else{
echo 'Error - User is not logged in. Have your user log in to aOS on this browser.';
die();
}
}else{
echo 'Error - User does not have a password. Have your user log into aOS and set a password.';
die();
}
if(strpos(strtolower($_GET['file']), '&') !== false || strpos(strtolower($_GET['file']), '%') !== false || strpos(strtolower($_GET['file']), 'aospassword') !== false || strpos(strtolower($_GET['file']), 'app_stn_trusted_servers') !== false || strpos(strtolower($_GET['file']), '/') !== false || strpos(strtolower($_GET['file']), ' ') !== false || strpos(strtolower($_GET['file']), 'app_bts_bootscript') !== false){
echo 'Error - Forbidden string or character used in filename.';
die();
}
if(strlen($_GET['file']) === 0){
echo 'Error - Filename cannot be empty.';
die();
}
if(file_exists('USERFILES/'.$_GET['id'].'/APP_STN_trusted_servers.txt')){
$trustedservers = explode('\n', file_get_contents('USERFILES/'.$_GET['id'].'/APP_STN_trusted_servers.txt'));
$trusted = 0;
foreach($trustedservers as $server){
if(strpos($_SERVER['HTTP_REFERER'], $server) === 0){
$trusted = 1;
}
}
if($trusted === 0){
echo 'Error - User has not permitted your access. Have the user add you to their trusted server list.';
die();
}
}else{
echo 'Error - User has not permitted your access. Have the user add you to their trusted server list.';
die();
}
if(isset($_GET['delete'])){
if($_GET['delete'] === 'true'){
$filepath = 'USERFILES/'.$_GET['id'].'/'.str_replace('.', 'X', $_GET['file']).'.txt';
if(file_exists($filepath)){
unlink($filepath);
echo "Success - File deleted.";
}else{
echo 'Error - File not found, cannot be deleted.';
}
die();
}else{
echo 'Error - You set the deletion variable but it is not "true".';
}
}
$filepath = 'USERFILES/'.$_GET['id'].'/'.str_replace('.', 'X', $_GET['file']).'.txt';
$file = fopen($filepath, 'w');
fwrite($file, str_replace("\\", "\\\\", $_GET['text']));
echo "Success - File written.";
fclose($file);
}else{
echo "Error - User not found, or user ID malformed, or user ID is incorrect.";
die();
}
}else{
echo 'Error - User is not logged in. Have your user log in to aOS on this browser.';
die();
}
}else{
echo 'Error - Text content is blank.';
die();
}
}else{
echo 'Error - One or more of these parameters not provided: id, file, text.';
die();
}
?>