tinymce-editor/copy_this/modules/bla/bla-tinymce/fileman/php/security.inc.php

33 lines
1.5 KiB
PHP
Raw Normal View History

2016-09-07 14:38:17 +02:00
<?php
/*
* bestlife AG - TinyMCE Editor for OXID eShop CE
2017-01-11 17:53:30 +01:00
* Copyright (C) 2017 bestlife AG
2016-09-07 14:38:17 +02:00
* info: oxid@bestlife.ag
*
* GNU GENERAL PUBLIC LICENSE
*
* This program is free software;
* you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation;
* either version 3 of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
* without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
* You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses/>
*/
2017-01-11 17:53:30 +01:00
//die(dirname(__FILE__).'/../../../../../bootstrap.php');
//define('OX_IS_ADMIN', true);
//require_once dirname(__FILE__).'/../../../../../bootstrap.php';
2016-09-07 14:38:17 +02:00
function checkAccess($action)
{
//if(!session_id()) die("Access Denied!");
//if(!session_id()) session_start();
//if(isset($_GET['akey'])) $_SESSION['akey'] = strip_tags(preg_replace( "/[^a-zA-Z0-9\._-]/", '', $_GET['akey']));
2017-01-11 17:53:30 +01:00
if($_COOKIE['filemanagerkey'] !== md5($_SERVER['DOCUMENT_ROOT'].$_COOKIE['admin_sid'])) die('Access Denied!!');
//oxRegistry::getConfig()->setAdminMode(true);
// var_dump(oxRegistry::getSession()->checkSessionChallenge());
// var_dump(count(oxRegistry::get("oxUtilsServer")->getOxCookie()));
// var_dump(oxRegistry::getUtils()->checkAccessRights());
2016-09-07 14:38:17 +02:00
}