external-repos/pictshare
1
0
Fork 0
mirror of https://github.com/HaschekSolutions/pictshare.git synced 2025-11-16 13:08:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

added client subnet filter

Browse Source
This commit is contained in:
Anton Mitsengendler
2019-02-20 17:12:06 +03:00
parent 5f5b836a22
commit 8da3573ffb
4 changed files with 34 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/upload.php
View File

@@ -21,6 +21,10 @@ if(!isFolderWritable(ROOT.DS.'data'))
else if(!isFolderWritable(ROOT.DS.'tmp'))
exit(json_encode(array('status'=>'err','reason'=>'Temp directory not writable')));
// check if client has permission to upload
if(defined('ALLOWED_SUBNET') && !isIPInRange( getUserIP(), ALLOWED_SUBNET ))
exit(json_encode(array('status'=>'err','reason'=> 'Access denied')));
$hash = sanatizeString(trim($_REQUEST['hash']))?sanatizeString(trim($_REQUEST['hash'])):false;
// check for POST upload