forked from gitbot/uguu
Add a whitelist mode
This commit is contained in:
parent
362ecdf843
commit
e17b3539eb
@ -15,7 +15,11 @@ define("CONFIG_MAX_RETENTION_TIME", "60");
|
||||
define("CONFIG_MAX_RETENTION_TEXT", "1 hour");
|
||||
//Length of the random chain appended to the filename
|
||||
define("CONFIG_RANDOM_LENGTH", "12");
|
||||
//This is the list of blocked extensions, you can remove extensions or add to this list as you like
|
||||
define ("CONFIG_BLOCKED_EXTENSIONS", serialize(array("exe", "scr", "rar", "zip", "com", "vbs", "bat", "cmd", "html", "htm", "msi", "php", "php5")));
|
||||
//Operate on a BLACKLIST or a WHITELIST when blocking file extensions
|
||||
define("CONFIG_EXTENSION_BLOCKING_MODE", "BLACKLIST");
|
||||
//This is the list of blocked extensions in BLACKLIST mode (default mode), you can remove extensions or add to this list as you like
|
||||
define("CONFIG_BLOCKED_EXTENSIONS", serialize(array("exe", "scr", "rar", "zip", "com", "vbs", "bat", "cmd", "html", "htm", "msi", "php", "php5")));
|
||||
//This is the list of allowed extensions in WHITELIST mode, you can remove extensions or add to this list as you like
|
||||
define("CONFIG_ALLOWED_EXTENSIONS", serialize(array("txt", "pdf")));
|
||||
//https://wiki.gentoo.org/wiki/Handbook to set this string correctly, or just ignore it
|
||||
define("VERYLO_NG_STRING_THATDOESNTREALLYD_O_ANYTHING", "ok");
|
||||
|
@ -9,14 +9,7 @@ function save_file ($file, $name, $arg, $type){
|
||||
case 'random':
|
||||
$ext = pathinfo($file.$name, PATHINFO_EXTENSION);
|
||||
$ext = strtolower($ext);
|
||||
if(in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))){
|
||||
if($type==='normal'){
|
||||
include_once(CONFIG_ROOT_PATH.'error_meow.php');
|
||||
exit(0);
|
||||
}else{
|
||||
exit('File type not allowed.');
|
||||
}
|
||||
}
|
||||
verify_extension($ext, $type);
|
||||
$file_name = gen_name('random', $ext);
|
||||
while(file_exists(CONFIG_FILES_PATH.$file_name)){
|
||||
$file_name = gen_name('random', $ext);
|
||||
@ -28,14 +21,7 @@ function save_file ($file, $name, $arg, $type){
|
||||
$file_name = gen_name('custom_original', $name);
|
||||
$ext = pathinfo($file_name, PATHINFO_EXTENSION);
|
||||
$ext = strtolower($ext);
|
||||
if(in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS))){
|
||||
if($type==='normal'){
|
||||
include_once(CONFIG_ROOT_PATH.'error_meow.php');
|
||||
exit(0);
|
||||
}else{
|
||||
exit('File type not allowed.');
|
||||
}
|
||||
}
|
||||
verify_extension($ext, $type);
|
||||
while(file_exists(CONFIG_FILES_PATH.$file_name)){
|
||||
$file_name = gen_name('custom_original', $name);
|
||||
}
|
||||
@ -76,3 +62,21 @@ function gen_name($arg, $in){
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
//Verify that the extension is allowed
|
||||
function verify_extension($ext, $type){
|
||||
if(CONFIG_EXTENSION_BLOCKING_MODE == "WHITELIST") {
|
||||
$allowed = in_array($ext, unserialize(CONFIG_ALLOWED_EXTENSIONS));
|
||||
}else{
|
||||
$allowed = !in_array($ext, unserialize(CONFIG_BLOCKED_EXTENSIONS));
|
||||
}
|
||||
|
||||
if(!$allowed){
|
||||
if($type==='normal'){
|
||||
include_once(CONFIG_ROOT_PATH.'error_meow.php');
|
||||
exit(0);
|
||||
}else{
|
||||
exit('File type not allowed.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user