T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/domains/soundstudiopro.com/private_html/utils/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/domains/soundstudiopro.com/private_html/utils/audiofiles_public.php
<?php
// Audio files handler - serves audio files securely
session_start(); // FIXED: Enable session for user verification

// Get the task ID from the URL
$taskId = $_GET['id'] ?? '';
if (empty($taskId)) {
    http_response_code(400);
    echo "Missing id parameter";
    exit;
}

// SECURITY: Validate task ID format (alphanumeric only)
if (!preg_match('/^[a-zA-Z0-9]+$/', $taskId)) {
    error_log("SECURITY: Invalid task_id format attempt: " . htmlspecialchars($taskId, ENT_QUOTES, 'UTF-8'));
    http_response_code(400);
    echo "Invalid id format";
    exit;
}

// Include database configuration
require_once 'config/database.php';

// Verify the user owns this track
$pdo = getDBConnection();
if (!$pdo) {
    http_response_code(500);
    echo "Database error";
    exit;
}

// SECURITY: Check if user is logged in
if (!isset($_SESSION['user_id'])) {
    http_response_code(401);
    echo "Unauthorized";
    exit;
}

$stmt = $pdo->prepare("SELECT audio_url FROM music_tracks WHERE task_id = ? AND user_id = ? AND status = 'complete'");
$stmt->execute([$taskId, $_SESSION['user_id']]);
$track = $stmt->fetch();

if (!$track) {
    http_response_code(404);
    echo "Track not found or access denied";
    exit;
}

$audioUrl = $track['audio_url'];

// SECURITY: Validate path before serving local files
if (strpos($audioUrl, '/audio_files/') === 0 || strpos($audioUrl, '/uploads/') === 0) {
    // Use file security utility to validate path
    require_once __DIR__ . '/../includes/file_security.php';
    $audio_validation = validateAudioUrl($audioUrl);
    
    if ($audio_validation['type'] === 'local' && $audio_validation['path']) {
        $localPath = $audio_validation['path'];
        
        if (file_exists($localPath)) {
            header('Content-Type: audio/mpeg');
            header('Content-Length: ' . filesize($localPath));
            header('Accept-Ranges: bytes');
            readfile($localPath);
            exit;
        }
    } else {
        // Path validation failed - security violation
        error_log("SECURITY: Invalid audio path in audiofiles_public.php: " . htmlspecialchars($audioUrl, ENT_QUOTES, 'UTF-8'));
        http_response_code(403);
        echo "Access denied";
        exit;
    }
}

// If it's an API BOX URL, stream it
if (strpos($audioUrl, 'api.box') !== false) {
    // Set headers for audio streaming
    header('Content-Type: audio/mpeg');
    header('Accept-Ranges: bytes');
    
    // Stream the audio from API BOX
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $audioUrl);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); // Stream directly to output
    curl_setopt($ch, CURLOPT_TIMEOUT, 60);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_WRITEFUNCTION, function($ch, $data) {
        echo $data;
        return strlen($data);
    });
    
    $httpCode = curl_exec($ch);
    curl_close($ch);
    
    if ($httpCode === false) {
        http_response_code(500);
        echo "Failed to stream audio";
    }
    exit;
}

// Fallback
http_response_code(404);
echo "Audio not available";
?>

CasperSecurity Mini