-
Notifications
You must be signed in to change notification settings - Fork 0
/
ajax.php
73 lines (70 loc) · 2.56 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
/*
* Copyright 2020-2024 Anael MOBILIA
*
* This file is part of pdfWebExplorer
*
* pdfWebExplorer is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* pdfWebExplorer is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with pdfWebExplorer If not, see <http://www.gnu.org/licenses/>
*/
require "config.php";
// Vérification de la méthode demandée et de la qualité des paramètres
if (
!isset($_GET['action'], $_GET['filename'])
|| !in_array($_GET['action'], [ACTION_ARCHIVER, ACTION_RENOMMER], true)
|| strpos($_GET['filename'], '..') !== false
|| !(substr($_GET['filename'], -4) === '.pdf')
|| !file_exists(PATH_DATAS . $_GET['filename'])
|| ($_GET['action'] === ACTION_RENOMMER
&& (
empty($_GET['newName'])
|| strpos($_GET['newName'], '..') !== false
|| !(substr($_GET['newName'], -4) === '.pdf')
|| $_GET['newName'] === $_GET['filename']
)
)
) {
header('HTTP/2 400 Bad Request');
die();
}
if ($_GET['action'] === ACTION_ARCHIVER) {
// Calcul du nouveau nom
[, $name] = explode(SEPARATEUR_CATEGORIE, $_GET['filename'], 2);
$newName = CATEGORIE_ARCHIVES . SEPARATEUR_CATEGORIE . $name;
// Renommage du fichier s'il n'existe pas déjà
if (!file_exists(PATH_DATAS . $newName)) {
rename(PATH_DATAS . $_GET['filename'], PATH_DATAS . $newName);
header('HTTP/2 200 OK');
die();
}
header('HTTP/2 403 Forbidden');
die();
} elseif ($_GET['action'] === ACTION_RENOMMER) {
// Calcul du nouveau nom
//[$cat,] = explode(SEPARATEUR_CATEGORIE, $_GET['filename'], 2);
//$newName = $cat . SEPARATEUR_CATEGORIE . $_GET['newName'];
$newName = $_GET['newName'];
// Renommage du fichier s'il n'existe pas déjà
if (!file_exists(PATH_DATAS . $newName)) {
rename(PATH_DATAS . $_GET['filename'], PATH_DATAS . $newName);
header('HTTP/2 200 OK');
$forceFile = new ArrayObject();
$forceFile->append($newName);
foreach (getHtmlForFiles($forceFile) as $file) {
echo $file;
}
die();
}
header('HTTP/2 403 Forbidden');
die();
}