junior/ComicsViewer
junior/ComicsViewer
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Switch makePathSafe to use native realpath()

Browse Source
This commit is contained in:
Junior 2023-08-18 13:19:41 -04:00
parent 1d03eee56e
commit 7b4b4306a6
3 changed files with 9 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ajax/showcomic.php
View File

@ -5,16 +5,18 @@ require '../header.php';
require_login(); require_login();
if ( isset($_REQUEST['comic']) ) { if ( isset($_REQUEST['comic']) ) {
$comic = makePathSafe(base64_decode(urldecode(($_REQUEST['comic'])))); $comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic'])));
$comicfull = COMICSDIR . $comic; if ( $comicfull === false ) exit();
if ( substr($comicfull, 0, strlen(COMICSDIR)) != COMICSDIR ) exit();
$comic = substr($comicfull, strlen(COMICSDIR));
$comicoutputurl = "comics" . str_replace("#", "", $comic) . "/"; $comicoutputurl = "comics" . str_replace("#", "", $comic) . "/";
$comicoutputfull = "../" . EXTRACTSDIR . str_replace("#", "", $comic) . "/"; $comicoutputfull = "../" . EXTRACTSDIR . str_replace("#", "", $comic) . "/";
} else { } else {
exit(); exit();
} }
$ext = strtolower(substr($comic, -3)); $ext = strtolower(substr($comicfull, -3));
$_SESSION['comfile'] = basename($comic); $_SESSION['comfile'] = basename($comicfull);
$data = array(); $data = array();

5
downloadcomic.php
View File

@ -5,8 +5,9 @@ require 'header.php';
require_login(); require_login();
if ( isset($_REQUEST['comic']) ) { if ( isset($_REQUEST['comic']) ) {
$comic = makePathSafe(base64_decode(urldecode(($_REQUEST['comic'])))); $comicfull = realpath(COMICSDIR . base64_decode(urldecode($_REQUEST['comic'])));
$comicfull = COMICSDIR . $comic; if ( $comicfull === false ) exit();
if ( substr($comicfull, 0, strlen(COMICSDIR)) != COMICSDIR ) exit();
} else { } else {
exit(); exit();
} }

24
functions.php
View File

@ -5,30 +5,6 @@ function microtime_float() {
return ((float)$usec + (float)$sec); return ((float)$usec + (float)$sec);
} }
function makePathSafe($path = "") {
if ( $path == "" ) return "";
// Stick forward slashes on the ends to make matching more consistent
$path = "/" . $path . "/";
// Remove all instances of dots between forward slashes
while ( preg_match("/\/\.{0,}\//", $path) ) {
$path = preg_replace("/\/\.{0,}\//", "/", $path);
}
// Replace all instances of two consecutive forward slashes
while ( strpos($path, "//") !== false ) {
$path = str_replace("//", "/", $path);
}
// Remove all leading forward slashes
while ( substr($path, 0, 1) == '/' ) {
$path = substr($path, 1);
}
// Remove all trailing forward slashes
while ( substr($path, -1) == '/' ) {
$path = substr($path, 0, strlen($path)-1);
}
$path = "/" . $path;
return $path;
}
function makeThumb($item = "") { function makeThumb($item = "") {
if ( $item == "" ) { return false; } if ( $item == "" ) { return false; }
if ( is_dir($item) ) { if ( is_dir($item) ) {