From 56754d047e5a910fdd1aa2fe8ae3b4d1b80607fd Mon Sep 17 00:00:00 2001
From: FusionPBX <markjcrane@gmail.com>
Date: Mon, 8 Jul 2019 22:37:37 -0600
Subject: [PATCH] Update filesave.php

---
 app/edit/filesave.php | 67 ++++++++++++++++++++++++++-----------------
 1 file changed, 40 insertions(+), 27 deletions(-)

diff --git a/app/edit/filesave.php b/app/edit/filesave.php
index 25f68df698..89527c6172 100644
--- a/app/edit/filesave.php
+++ b/app/edit/filesave.php
@@ -17,56 +17,69 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	Portions created by the Initial Developer are Copyright (C) 2008-2019
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
 	Mark J Crane <markjcrane@fusionpbx.com>
 	James Rose <james.o.rose@gmail.com>
 */
-include "root.php";
-require_once "resources/require.php";
-require_once "resources/check_auth.php";
-if (permission_exists('script_editor_save')) {
-	//access granted
-}
-else {
-	echo "access denied";
-	exit;
-}
+
+//includes
+	include "root.php";
+	require_once "resources/require.php";
+	require_once "resources/check_auth.php";
+
+//check permissions
+	if (permission_exists('script_editor_save')) {
+		//access granted
+	}
+	else {
+		echo "access denied";
+		exit;
+	}
 
 //add multi-lingual support
 	$language = new text;
 	$text = $language->get();
 
-	$filepath = $_POST["filepath"];
-	if ($filepath != '') {
+//compare the tokens
+	$key_name = '/app/edit/'.$_POST['mode'];
+	$hash = hash_hmac('sha256', $key_name, $_SESSION['keys'][$key_name]);
+	if (!hash_equals($hash, $_POST['token'])) {
+		echo "access denied";
+		exit;
+	}
+
+//run the code if file path exists
+	$file_path = $_POST["filepath"];
+	if ($file_path != '') {
 
 		try {
 			//save file content
-				$filepath = realpath($filepath); //filepath
-				$filepath = str_replace ('//', '/', $filepath);
-				$filepath = str_replace ("\\", "/", $filepath);
-				$content = $_POST["content"];
-
-				$handle = fopen($filepath, 'wb');
-				if (!$handle) {
-					throw new Exception('Write Failed - Check File Owner & Permissions');
+				$file_path = realpath($file_path);
+				$file_path = str_replace ('//', '/', $file_path);
+				$file_path = str_replace ("\\", "/", $file_path);
+				if (file_exists($file_path)) {
+					$handle = fopen($file_path, 'wb');
+					if (!$handle) {
+						throw new Exception('Write Failed - Check File Owner & Permissions');
+					}
+					fwrite($handle, $_POST["content"]);
+					fclose($handle);
 				}
-				fwrite($handle, $content);
-				fclose($handle);
 
 			//set the reload_xml value to true
 				$_SESSION["reload_xml"] = true;
 
 			//alert user of success
-				echo "<script>alert('Changes Saved'); parent.focus_editor();</script>";
+				echo "Changes Saved";
 		}
 		catch(Exception $e) {
-		  //alert error
-		  echo "<script>alert('".$e->getMessage()."'); parent.focus_editor();</script>";
+			//alert error
+			echo $e->getMessage();
 		}
 
 	}
 
-?>
\ No newline at end of file
+?>