AvocadoAmber/AvocadoEdition_Light/plugin/editor/cheditor5/imageUpload/delete.php

<?php
require_once "config.php";

if (!function_exists('ft_nonce_is_valid')) {
  include_once "../editor.lib.php";
}

$filesrc = isset($_POST["filesrc"]) ? preg_replace("/[ #\&\+\-%@=\/\\\:;,\'\"\^`~|\!\?\*$#<>()\[\]\{\}]/", "", $_POST["filesrc"]) : '';

if (!$filesrc || !preg_match('=^[^/?*;:{}\\\\]+\.[^/?*;:{}\\\\]+$=', $filesrc) || !preg_match('/\.(gif|jpe?g|bmp|png)$/i', $filesrc)) {
  die(false);
}

$is_editor_upload = false;

$get_nonce = get_session('nonce_' . FT_NONCE_SESSION_KEY);

if ($get_nonce && ft_nonce_is_valid($get_nonce, 'cheditor')) {
  $is_editor_upload = true;
}

if (!$is_editor_upload) {
  die(false);
}

// ---------------------------------------------------------------------------

$file_arr = explode('_', $filesrc);

if ($file_arr[1] !== che_get_file_passname()) {
  die(false);
}

$filepath = SAVE_DIR . '/' . $filesrc;
$r = false;

if (class_exists('EventHandler') && method_exists('EventHandler', 'triggerEvent')) {
  EventHandler::triggerEvent("gnuboard.delete_editor_file", $filepath, $r);
}

if (file_exists($filepath)) {
  $r = unlink($filepath);
  if ($r) {
    $thumbPath = dirname($filepath) . DIRECTORY_SEPARATOR . "thumb_" . basename($filepath);
    if (file_exists($thumbPath)) {
      unlink($thumbPath);
    }
  }
}

echo $r ? true : false;
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`<?php`
eventhandler update 2024-09-28 13:03:15 +09:00			`require_once "config.php";`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00
eventhandler update 2024-09-28 13:03:15 +09:00			`if (!function_exists('ft_nonce_is_valid')) {`
			`include_once "../editor.lib.php";`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

update plugin/editor 2024-09-19 20:37:21 +09:00			$filesrc = isset($_POST["filesrc"]) ? preg_replace("/[ #\&\+\-%@=\/\\\:;,\'\"\^`~\|\!\?\*$#<>()\[\]\{\}]/", "", $_POST["filesrc"]) : '';
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00
eventhandler update 2024-09-28 13:03:15 +09:00			`if (!$filesrc \|\| !preg_match('=^[^/?;:{}\\\\]+\.[^/?;:{}\\\\]+$=', $filesrc) \|\| !preg_match('/\.(gif\|jpe?g\|bmp\|png)$/i', $filesrc)) {`
			`die(false);`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

			`$is_editor_upload = false;`

eventhandler update 2024-09-28 13:03:15 +09:00			`$get_nonce = get_session('nonce_' . FT_NONCE_SESSION_KEY);`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00
eventhandler update 2024-09-28 13:03:15 +09:00			`if ($get_nonce && ft_nonce_is_valid($get_nonce, 'cheditor')) {`
			`$is_editor_upload = true;`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

eventhandler update 2024-09-28 13:03:15 +09:00			`if (!$is_editor_upload) {`
			`die(false);`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

			`// ---------------------------------------------------------------------------`

eventhandler update 2024-09-28 13:03:15 +09:00			`$file_arr = explode('_', $filesrc);`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00
eventhandler update 2024-09-28 13:03:15 +09:00			`if ($file_arr[1] !== che_get_file_passname()) {`
			`die(false);`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

			`$filepath = SAVE_DIR . '/' . $filesrc;`
			`$r = false;`

eventhandler update 2024-09-28 13:03:15 +09:00			`if (class_exists('EventHandler') && method_exists('EventHandler', 'triggerEvent')) {`
			`EventHandler::triggerEvent("gnuboard.delete_editor_file", $filepath, $r);`
update plugin/editor 2024-09-19 20:37:21 +09:00			`}`

최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`if (file_exists($filepath)) {`
eventhandler update 2024-09-28 13:03:15 +09:00			`$r = unlink($filepath);`
			`if ($r) {`
			`$thumbPath = dirname($filepath) . DIRECTORY_SEPARATOR . "thumb_" . basename($filepath);`
			`if (file_exists($thumbPath)) {`
			`unlink($thumbPath);`
			`}`
			`}`
최초 배포 최초 배포 2022-09-17 20:50:50 +09:00			`}`

lint 2024-09-26 08:55:13 +09:00			`echo $r ? true : false;`