From: Jerome Jutteau Date: Thu, 10 Jan 2013 13:44:39 +0000 (+0000) Subject: base_16_to_64 corrected and link url verification fixed X-Git-Tag: 1.1~227 X-Git-Url: https://git.p6c8.net/jirafeau.git/commitdiff_plain/17e768a21c3d6877746fca24440600a9fea4da89 base_16_to_64 corrected and link url verification fixed --- diff --git a/file.php b/file.php index ebb5cff..0a1554c 100644 --- a/file.php +++ b/file.php @@ -32,7 +32,7 @@ if (!isset ($_GET['h']) || empty ($_GET['h'])) $link_name = $_GET['h']; -if (!preg_match ('/[0-9a-fA-Z-_]*$/', $link_name)) +if (!preg_match ('/[0-9a-zA-Z_-]{22}$/', $link_name)) { require (JIRAFEAU_ROOT.'lib/template/header.php'); echo '

' . t('Sorry, the requested file is not found') . '

'; diff --git a/lib/functions.php b/lib/functions.php index 10fc0ab..e48534e 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -39,15 +39,34 @@ function base_16_to_64 ($num) { $m = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-_'; + $hex2bin = ['0000', # 0 + '0001', # 1 + '0010', # 2 + '0011', # 3 + '0100', # 4 + '0101', # 5 + '0110', # 6 + '0111', # 7 + '1000', # 8 + '1001', # 9 + '1010', # a + '1011', # b + '1100', # c + '1101', # d + '1110', # e + '1111']; # f $o = ''; $b = ''; $i = 0; + # Convert long hex string to bin. $size = strlen ($num); for ($i = 0; $i < $size; $i++) - $b .= base_convert ($num{$i}, 16, 2); - $size = strlen ($b); + $b .= $hex2bin{hexdec ($num{$i})}; + # Convert long bin to base 64. + $size *= 4; for ($i = $size - 6; $i >= 0; $i -= 6) $o = $m{bindec (substr ($b, $i, 6))} . $o; + # Some few bits remaining ? if ($i < 0 && $i > -6) $o = $m{bindec (substr ($b, 0, $i + 6))} . $o; return $o;