lib/uploadify/uploadify.swf.php

<?php
/**
 * Gallery - a web based photo album viewer and editor
 * Copyright (C) 2000-2013 Bharat Mediratta
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or (at
 * your option) any later version.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
 */

// Redirect the initial request to strip off any query parameters or URL fragments
// We know it's an initial request if the token is missing
if (empty($_GET["token"])) {
  // We have not yet redirected
  $rand = md5(rand());
  setcookie("uploadify_token", $rand);
  header("Location: uploadify.swf.php?token=$rand#.");
  exit;
}

// If the token exists but there's no cookie, then this is a bogus token
// or the user does not support cookies.  Ignore this request.
if (empty($_COOKIE["uploadify_token"])) {
  exit;
}

// If the token exists but it doesn't match our cookie, then this is a bogus
// request.  Ignore this request.
if ($_GET["token"] != $_COOKIE["uploadify_token"]) {
  exit;
}

// This is a legitimate request.  Serve it, but disallow caching.
header("Content-Type: application/x-shockwave-flash");
header("Cache-Control: no-cache, no-store, must-revalidate");
setcookie("uploadify_token", "", time() - 3600);
print base64_decode("Q1dTCaZ/AAB4nNy8B1hTSdc4PjckpNAhFBE0VEnoVUBBWmhSU0ClSIAAoQWTgIC6G1EUsAGCApall4AIrChYVuyI6FpAxbao6CKWteGq666/uQHRfd99vu/9/v/n+X7P8wuce8+dOefMzJmZc87MLUlAxQogZgAgCPBS0QIAfK/WKwPAQkF8gjPDy5uSnZaaLnSGVy76SSJRhrOl5cqVKy1W2lrwBYmW1k5OTpZWNpY2NuaQwlyYky7iZJunCw30XSlSCV5cYZyAlyHi8dMp6DUnlp8pctHXnxabnZYxIzZdaMGJ58dyLeL4aZbZnAxLawsrS1QOJHL2FHA5Ir6AxeenurqjVBTvVI4wieLJtKOECPgJXKEQFsFJXWj5r9Tf8HO9ILjaWFk5mVs5mtvYsqysnW3tnO0dza3mO1tZfcM7RTnFGsgVceI5Is4/Mds729l+y/w32ml2fjwvIec/Yv5KSVlo+S/a+8/0GR83o86MTEGqtI/i4yy5qdw0brpICFVqLVVpfJxzAl+QxhG5cjIyUnlxHFSgZba5MIkfl7KSk8U1T0DVu9DyK+H/1yrBlgUG/tednJb2pZ8DA6E4AS+LG+8t4KdJxWVwBEIuKyeD66LP4Ar5mYI4rr7lV2p+XCbaND8vV5hgEc+Ld/Z28LC1dfLw9KA7envRreEQdXBw97SysvX0dnLwtneQKvvvrF+k+aULRZz0OO60NN7/QNo3rF+kBQt4iTw4Jv9/1PEfRPxjP1hOz1ZXCvDEfP78+bi6HJzJCGDGcdO5FGsAjoMgaULS9HRHlNd3mqmeKKgwEmNAdFT0Zy8vL6Cs3lyhstVN+fJ5O0uwwJJvDHhtVeOyOofuuVlZ+slfAQuUt+sDrfgNWhidZkPwWfWYAwAYsB5R8OGLkjhplABeYpIICMBjMA5UEBdkP3ICsw57HHcdN0c2QbZLdkRWFq+Fp+IX4U0JfoQ3hF3EK8RtpItyT+X2KtxT/EvRWSlCaY3SXqWFyoaqS1RpahjyNvIh8gh5v/oN9SfqbI18jT0alzTeaoxpZmhlzZLRnjXbYfa+2Zdm43UW6HB0NujU6fTqDOtM6sjq6uhqzAFze+bWUrL1zutN6kcbfG9wweCjgbzhPUMfI6qx6rw/5nmbuFBrqHI0M1oCrYr2B41iijPTNPvDjGdeYP67OdFitoWfxUqLeos/LcIs2y1HLedb1VhdtkqyLbJttd1nO2mrDJQVto4Y780PeZJ6qajjyXa36LnaqTsD7UWGv/pfWPVn8zaD0nur/mzJGIWED5Tq/solX+Ae+dn//DvBsm16SeEBchdYPp/GmeY7fnMxnjdyPvVofk2UFaQdbznYsHpDSdK5/BdzVvcsrjtBBMtGCvKzlnruoGRRU/p5GpuzwhZD3GxBz57a7v7fj7xDhu4RfFeSsWG9c5q+63Pe1Wm7e79MV89elL3TXwfitbofb/6W7rv0Tmgo6eWxU8ej9jw/L7egiKbnBku8eDD7SsPq704/P08N3N3zOGlCh+b4eB11jpYViExbOgSUNZ5QQ7v9mcP0oNzh8h9FzKhDXopje02JmNd/qj6i1bqZnDuFaZ0rTwAqtmw6kBn3titTvag/tp+xTM5DbMhqxnh9xG/cQnfrXa30B63pt4KDz8cktw8lP7f6sWrvbvJRPOFTcbnPZXfiafm9drXh/P1IhlrxcEyWJ8D+lXyzHoTkrV3SYjzcqc9JDr0uH3s7d4d5t27isycHg3xarlaUG1nZ6PRdZTxWMKiI3P1UjdKYwSTuq2upuuXsmvOzerWpHyW3gOI4UZz0UIystGcxwCzZPjb5Gc6Fr9Tg0P85MNY64LphKCCLfrphaPZkLQVq5BnTtSIpQ4y7YFGz+rxKkfN6560mlAGvg/JAc3bYGQpmKEse570PiRjK1GjQ9eAOhVQa1oPQuYC8opdO4EXJPdIs/dDhWvauDs4Eh1aaGyaWjP+Y1/KX706a6pnzq+2al8tv6AEnEMGsYp+Q+0DucZTHh1IDciYhUyfEvawwVQtYOOwrcsM1P9MibVmGOdQ8Ye7vvP5Cc42Nny+odQUmnoIi5auHNQcsjd7ErKE+97kM9NPCWGLsaROlSRzzU4kFy2hT6XteyE+zFDKQPMw7AzcTapMb5l6af7rDvcGbpN0X1zkZZTVtCetDgrpTGYAqftzG2jJwk2fFNd6OGAa2+AeNLHYDjDYxJsiorN7DK6GYbpz0WeGMuu9jhhhZmtxVD8zS7ZpaxoqYFnMnBA8Ih9YX7YpfTBXDVq2yH/+8h1D54uAbcdCmA+/qixaNWniULprgiUHPbcaunEM/OmCabGMu+UW1PGR3AOa+CLKYFOPUqm4gOKgdMMuvvs9vQTKjxIFxGZBb+0AJkUt1LJlVr+JXtejUCjrDqawahC1rawFys7dQJ3L0yy5s/Li7J8+8RL/xnupADLBCx/TArlxOi4UYfHaorZcdebj+uNL8nqhuVr3q2Vxd9aXjIjewbpmECkgmawwkPnlWjt6l29fz1GIeN1gr4fqhiOgIj49Gqar3oTij1thiRNkMJ248Ep60BNAOV4PhvL2NTVQ3MGm/NATQ8vLS3Kp3zSI14F6XVduQTeTXtX2OER9za1pR1KFC3ZdUTeuuLWqIAY1GgLivm7p7du5I9ETao/fDZSf3LPUTY4uHO0MAo/PRcnuflu8UTuwrG+z/sLfF3mliKyB8QAsPJWR21ectW7evlLpwlp7/ChLrd1mOGFOeDVT7PsIay2TwqPNli2FTfPW9APE2m+4GJFpH+ezYmmMBerorM6+da/FgVTz1TQ6KL7YN+XFXn9VwRpcpf8Uo87s5uC7OnqFqiaLgfvTKrvw14n+2VqiZeK5R3i4Z+XRV/UbrlTM3xEgoqQ8JiR2Lyu36JSqHvfTT45Ryela2xY4jSt3RR5SqAU4pDOBI5JCP6mUhf/gVWOxcWC+Bcupv0jUOnE7qqa0wbqutsAK4VaYAl909so40OZKXsjDpSGV7q7qkuS//J7o6t5+uDNQnlwD1+3XrQ8PrDUPZS/p2vy5fAuWMKdM6V93TOnTn1SThxY59Z1ceODjau5umcleJ/tNvb2nPBPaXPgeE+ohceHKVJ5frPtfyefFEZNC0cPVPC+7N9o06kVS71c/vjubwTSjrwuDitS8P1+3QyNbvfJi10eDTK69TJ9S3hrfcz/QpmhdZrHb2WQwkK1h/VZsVVqt3y7mUWPfTma6xI1E2vMvNd00v+oKcpU/UmHtL7JJM76wgECDxyQuLP7xkX2iYe5S29UkPala26EF/4Y36i8PQX8CEJ+oUjZy5Pnfr6msUfa3f7tS+0QdTL7nkZraoi8G9Q4d3TOaoxW9o3mWjxTZ/UMOCUjqfR6gD3LZM7iH28I67nUsVAouKr7x+zt4acT5LjLCHgayncrnNLMWl3pNhA7NvhBnSo5Zs6wO7l7VJAPaButd3zWxVyp6tqmXP7uvoGzc/LFihBmSwuEtUZJLNBLhbaeXha7pn/bl2OPEdRmgfyx4cLgDk/NbYalC3tr5VsqG0fbMtQrMaVPQy39ui5lATJsY0LAPYAMOJEsIOecIniZXBp1kNC5sTyl4CjT/Y5W7g0J2e5mHBg7rEmr/Yezc+Wnn6DPuW6hkmkEWV9LC84fdVQ6OZu9+97XkxmFYnsA0OV9DVvP/Usgfm8hkZq1su8tTNT2YYFY34L2k/8/oeY7mFleTYUJHcHWD+iIJp4pvmBH3qGTFwZJba5jc/Grpt4RcDcOwAoCUOY8cirLgH+cLdmoe37wtQarhc/zEKe2Y3dfGsEwKBf9gNi6w+zE4roMUxa1iraijaSPUm+DaYk/wZZ4GCAZtOQQTCfPVgi5BZenRmKRm3JLzsulGOuvavuw5uy3v53ZHyv3KXnny0G8CaDq5AJiW+AHPQ7qTkwbW24h6L1KudrJSCisL1nQw9VcFZgDPVAibtev7ihz6ttoxsW2utg6xS02xA3YBaesLwTu09S/nmOzIaRxKJlZeolbsPU4Ci35OfcyIsqY3MnPvqeDOtt97qAz8tvKWzL9Py5RynPOvFFXoDLz8y9i
Get rid of the security preamble - we intend for these files to be directly accessible. 2013-05-09 20:09:15 -04:00			`<?php`
Add the proper Gallery preamble. 2013-05-09 16:01:57 -04:00			`/**`
			`* Gallery - a web based photo album viewer and editor`
			`* Copyright (C) 2000-2013 Bharat Mediratta`
			`*`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation; either version 2 of the License, or (at`
			`* your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful, but`
			`* WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU`
			`* General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.`
			`*/`

Strip URL fragments off of direct requests to uploadify SWF files. Fixes #2068. 2013-05-09 01:40:46 -04:00			`// Redirect the initial request to strip off any query parameters or URL fragments`
			`// We know it's an initial request if the token is missing`
			`if (empty($_GET["token"])) {`
			`// We have not yet redirected`
Rename uploadify SWF wrappers to end in .swf.php for consistency. 2013-06-08 16:34:16 -04:00			`$rand = md5(rand());`
Strip URL fragments off of direct requests to uploadify SWF files. Fixes #2068. 2013-05-09 01:40:46 -04:00			`setcookie("uploadify_token", $rand);`
Rename uploadify SWF wrappers to end in .swf.php for consistency. 2013-06-08 16:34:16 -04:00			`header("Location: uploadify.swf.php?token=$rand#.");`
Strip URL fragments off of direct requests to uploadify SWF files. Fixes #2068. 2013-05-09 01:40:46 -04:00			`exit;`
			`}`

			`// If the token exists but there's no cookie, then this is a bogus token`
			`// or the user does not support cookies. Ignore this request.`
			`if (empty($_COOKIE["uploadify_token"])) {`
			`exit;`
			`}`

			`// If the token exists but it doesn't match our cookie, then this is a bogus`
			`// request. Ignore this request.`
			`if ($_GET["token"] != $_COOKIE["uploadify_token"]) {`
			`exit;`
			`}`

			`// This is a legitimate request. Serve it, but disallow caching.`
			`header("Content-Type: application/x-shockwave-flash");`
			`header("Cache-Control: no-cache, no-store, must-revalidate");`
Rename uploadify SWF wrappers to end in .swf.php for consistency. 2013-06-08 16:34:16 -04:00			`setcookie("uploadify_token", "", time() - 3600);`
Strip URL fragments off of direct requests to uploadify SWF files. Fixes #2068. 2013-05-09 01:40:46 -04:00			print base64_decode("Q1dTCaZ/AAB4nNy8B1hTSdc4PjckpNAhFBE0VEnoVUBBWmhSU0ClSIAAoQWTgIC6G1EUsAGCApall4AIrChYVuyI6FpAxbao6CKWteGq666/uQHRfd99vu/9/v/n+X7P8wuce8+dOefMzJmZc87MLUlAxQogZgAgCPBS0QIAfK/WKwPAQkF8gjPDy5uSnZaaLnSGVy76SSJRhrOl5cqVKy1W2lrwBYmW1k5OTpZWNpY2NuaQwlyYky7iZJunCw30XSlSCV5cYZyAlyHi8dMp6DUnlp8pctHXnxabnZYxIzZdaMGJ58dyLeL4aZbZnAxLawsrS1QOJHL2FHA5Ir6AxeenurqjVBTvVI4wieLJtKOECPgJXKEQFsFJXWj5r9Tf8HO9ILjaWFk5mVs5mtvYsqysnW3tnO0dza3mO1tZfcM7RTnFGsgVceI5Is4/Mds729l+y/w32ml2fjwvIec/Yv5KSVlo+S/a+8/0GR83o86MTEGqtI/i4yy5qdw0brpICFVqLVVpfJxzAl+QxhG5cjIyUnlxHFSgZba5MIkfl7KSk8U1T0DVu9DyK+H/1yrBlgUG/tednJb2pZ8DA6E4AS+LG+8t4KdJxWVwBEIuKyeD66LP4Ar5mYI4rr7lV2p+XCbaND8vV5hgEc+Ld/Z28LC1dfLw9KA7envRreEQdXBw97SysvX0dnLwtneQKvvvrF+k+aULRZz0OO60NN7/QNo3rF+kBQt4iTw4Jv9/1PEfRPxjP1hOz1ZXCvDEfP78+bi6HJzJCGDGcdO5FGsAjoMgaULS9HRHlNd3mqmeKKgwEmNAdFT0Zy8vL6Cs3lyhstVN+fJ5O0uwwJJvDHhtVeOyOofuuVlZ+slfAQuUt+sDrfgNWhidZkPwWfWYAwAYsB5R8OGLkjhplABeYpIICMBjMA5UEBdkP3ICsw57HHcdN0c2QbZLdkRWFq+Fp+IX4U0JfoQ3hF3EK8RtpItyT+X2KtxT/EvRWSlCaY3SXqWFyoaqS1RpahjyNvIh8gh5v/oN9SfqbI18jT0alzTeaoxpZmhlzZLRnjXbYfa+2Zdm43UW6HB0NujU6fTqDOtM6sjq6uhqzAFze+bWUrL1zutN6kcbfG9wweCjgbzhPUMfI6qx6rw/5nmbuFBrqHI0M1oCrYr2B41iijPTNPvDjGdeYP67OdFitoWfxUqLeos/LcIs2y1HLedb1VhdtkqyLbJttd1nO2mrDJQVto4Y780PeZJ6qajjyXa36LnaqTsD7UWGv/pfWPVn8zaD0nur/mzJGIWED5Tq/solX+Ae+dn//DvBsm16SeEBchdYPp/GmeY7fnMxnjdyPvVofk2UFaQdbznYsHpDSdK5/BdzVvcsrjtBBMtGCvKzlnruoGRRU/p5GpuzwhZD3GxBz57a7v7fj7xDhu4RfFeSsWG9c5q+63Pe1Wm7e79MV89elL3TXwfitbofb/6W7rv0Tmgo6eWxU8ej9jw/L7egiKbnBku8eDD7SsPq704/P08N3N3zOGlCh+b4eB11jpYViExbOgSUNZ5QQ7v9mcP0oNzh8h9FzKhDXopje02JmNd/qj6i1bqZnDuFaZ0rTwAqtmw6kBn3titTvag/tp+xTM5DbMhqxnh9xG/cQnfrXa30B63pt4KDz8cktw8lP7f6sWrvbvJRPOFTcbnPZXfiafm9drXh/P1IhlrxcEyWJ8D+lXyzHoTkrV3SYjzcqc9JDr0uH3s7d4d5t27isycHg3xarlaUG1nZ6PRdZTxWMKiI3P1UjdKYwSTuq2upuuXsmvOzerWpHyW3gOI4UZz0UIystGcxwCzZPjb5Gc6Fr9Tg0P85MNY64LphKCCLfrphaPZkLQVq5BnTtSIpQ4y7YFGz+rxKkfN6560mlAGvg/JAc3bYGQpmKEse570PiRjK1GjQ9eAOhVQa1oPQuYC8opdO4EXJPdIs/dDhWvauDs4Eh1aaGyaWjP+Y1/KX706a6pnzq+2al8tv6AEnEMGsYp+Q+0DucZTHh1IDciYhUyfEvawwVQtYOOwrcsM1P9MibVmGOdQ8Ye7vvP5Cc42Nny+odQUmnoIi5auHNQcsjd7ErKE+97kM9NPCWGLsaROlSRzzU4kFy2hT6XteyE+zFDKQPMw7AzcTapMb5l6af7rDvcGbpN0X1zkZZTVtCetDgrpTGYAqftzG2jJwk2fFNd6OGAa2+AeNLHYDjDYxJsiorN7DK6GYbpz0WeGMuu9jhhhZmtxVD8zS7ZpaxoqYFnMnBA8Ih9YX7YpfTBXDVq2yH/+8h1D54uAbcdCmA+/qixaNWniULprgiUHPbcaunEM/OmCabGMu+UW1PGR3AOa+CLKYFOPUqm4gOKgdMMuvvs9vQTKjxIFxGZBb+0AJkUt1LJlVr+JXtejUCjrDqawahC1rawFys7dQJ3L0yy5s/Li7J8+8RL/xnupADLBCx/TArlxOi4UYfHaorZcdebj+uNL8nqhuVr3q2Vxd9aXjIjewbpmECkgmawwkPnlWjt6l29fz1GIeN1gr4fqhiOgIj49Gqar3oTij1thiRNkMJ248Ep60BNAOV4PhvL2NTVQ3MGm/NATQ8vLS3Kp3zSI14F6XVduQTeTXtX2OER9za1pR1KFC3ZdUTeuuLWqIAY1GgLivm7p7du5I9ETao/fDZSf3LPUTY4uHO0MAo/PRcnuflu8UTuwrG+z/sLfF3mliKyB8QAsPJWR21ectW7evlLpwlp7/ChLrd1mOGFOeDVT7PsIay2TwqPNli2FTfPW9APE2m+4GJFpH+ezYmmMBerorM6+da/FgVTz1TQ6KL7YN+XFXn9VwRpcpf8Uo87s5uC7OnqFqiaLgfvTKrvw14n+2VqiZeK5R3i4Z+XRV/UbrlTM3xEgoqQ8JiR2Lyu36JSqHvfTT45Ryela2xY4jSt3RR5SqAU4pDOBI5JCP6mUhf/gVWOxcWC+Bcupv0jUOnE7qqa0wbqutsAK4VaYAl909so40OZKXsjDpSGV7q7qkuS//J7o6t5+uDNQnlwD1+3XrQ8PrDUPZS/p2vy5fAuWMKdM6V93TOnTn1SThxY59Z1ceODjau5umcleJ/tNvb2nPBPaXPgeE+ohceHKVJ5frPtfyefFEZNC0cPVPC+7N9o06kVS71c/vjubwTSjrwuDitS8P1+3QyNbvfJi10eDTK69TJ9S3hrfcz/QpmhdZrHb2WQwkK1h/VZsVVqt3y7mUWPfTma6xI1E2vMvNd00v+oKcpU/UmHtL7JJM76wgECDxyQuLP7xkX2iYe5S29UkPala26EF/4Y36i8PQX8CEJ+oUjZy5Pnfr6msUfa3f7tS+0QdTL7nkZraoi8G9Q4d3TOaoxW9o3mWjxTZ/UMOCUjqfR6gD3LZM7iH28I67nUsVAouKr7x+zt4acT5LjLCHgayncrnNLMWl3pNhA7NvhBnSo5Zs6wO7l7VJAPaButd3zWxVyp6tqmXP7uvoGzc/LFihBmSwuEtUZJLNBLhbaeXha7pn/bl2OPEdRmgfyx4cLgDk/NbYalC3tr5VsqG0fbMtQrMaVPQy39ui5lATJsY0LAPYAMOJEsIOecIniZXBp1kNC5sTyl4CjT/Y5W7g0J2e5mHBg7rEmr/Yezc+Wnn6DPuW6hkmkEWV9LC84fdVQ6OZu9+97XkxmFYnsA0OV9DVvP/Usgfm8hkZq1su8tTNT2YYFY34L2k/8/oeY7mFleTYUJHcHWD+iIJp4pvmBH3qGTFwZJba5jc/Grpt4RcDcOwAoCUOY8cirLgH+cLdmoe37wtQarhc/zEKe2Y3dfGsEwKBf9gNi6w+zE4roMUxa1iraijaSPUm+DaYk/wZZ4GCAZtOQQTCfPVgi5BZenRmKRm3JLzsulGOuvavuw5uy3v53ZHyv3KXnny0G8CaDq5AJiW+AHPQ7qTkwbW24h6L1KudrJSCisL1nQw9VcFZgDPVAibtev7ihz6ttoxsW2utg6xS02xA3YBaesLwTu09S/nmOzIaRxKJlZeolbsPU4Ci35OfcyIsqY3MnPvqeDOtt97qAz8tvKWzL9Py5RynPOvFFXoDLz8y9i