3 Copyright(c)2011 Internet Archive. Software license AGPL version 3.
5 This file is part of BookReader.
7 BookReader is free software: you can redistribute it and/or modify
8 it under the terms of the GNU Affero General Public License as published by
9 the Free Software Foundation, either version 3 of the License, or
10 (at your option) any later version.
12 BookReader is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU Affero General Public License for more details.
17 You should have received a copy of the GNU Affero General Public License
18 along with BookReader. If not, see <http://www.gnu.org/licenses/>.
22 $uuid = $_POST['uuid'];
23 $token = $_POST['token'];
24 $bookPath = $_POST['bookPath'];
26 if (!preg_match('/^\d{10}-[0-9a-f]{32}$/', $token)) {
30 if (!preg_match('/^[0-9a-f]{32}$/', $uuid)) {
34 if (!preg_match('/^[a-zA-Z0-9][a-zA-Z0-9\.\-_]{1,100}$/', $id)) {
38 if (!preg_match("|^/stream/$id|", $bookPath)) {
42 setcookie('br-loan-' . $id, $uuid, 0, '/', '.archive.org');
43 setcookie('loan-' . $id, $token, 0, '/', '.archive.org');
45 header('Location: ' . $bookPath);
48 echo "Malformed request.";