From 501b26ef4cc1e36be6ceb994b3571eb0eff964e6 Mon Sep 17 00:00:00 2001 From: Alexander Sulfrian Date: Fri, 19 Feb 2010 03:21:07 +0100 Subject: some changes --- paste/remove.php | 65 ++++++++++++++++++++------------------------------------ 1 file changed, 23 insertions(+), 42 deletions(-) (limited to 'paste/remove.php') diff --git a/paste/remove.php b/paste/remove.php index 80e8bd6..783f339 100644 --- a/paste/remove.php +++ b/paste/remove.php @@ -32,46 +32,27 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - require('config.php'); - - function removePaste($pasteID) { - $errOld = error_reporting(0); - $return = 1; - - $resultDir = $_SERVER['DOCUMENT_ROOT'] . $Config['site_path'] . $Config['results_dir']; - - $filenameHTML = "$resultDir/$pasteID.html"; - - if (file_exists($filenameHTML)) { - - if (unlink($filenameHTML)) { - } else { - print "Failed to remove $filenameHTML
\n"; - $return = 0; - } - } - error_reporting($errOld); - return $return; - } - - print "Admin - Remove a paste\n"; - - $ipAddr = $_SERVER["REMOTE_ADDR"]; - if (isset($_REQUEST["p"]) && isset($_REQUEST["t"])) { - $pasteID = $_REQUEST["p"]; - $token = $_REQUEST["t"]; - $tokenMatch = sha1($pasteID . $ipAddr . $Config['token_salt']); - if ($token == $tokenMatch) { - $result = removePaste($pasteID); - if ($result) { - print "Your paste has been removed."; - } else { - print "Sorry, we encountered a problem trying to remove this paste."; - } - } else { - print "Sorry, you are not authorized to remove this paste."; - } - } - - +require('config.php'); + +// check config +if (!is_subclass_of($config['storage'], 'StorageEngine')) +{ + header('HTTP/1.0 503 Service Unavailable'); + die('Invalid config'); +} + +if (isset($_REQUEST["p"]) && isset($_REQUEST["t"])) { + $pid = $_REQUEST["p"]; + $token = $_REQUEST["t"]; + $tokenMatch = $config['storage']->generateToken($pid); + + if ($token == $tokenMatch) { + $config['storage']->delContent($pid); + echo 'Admin - Remove a pasteYour paste has been removed.'; + exit; + } +} + +echo 'Admin - Remove a pasteSorry, you are not authorized to remove this paste.'; + ?> -- cgit v1.2.3