`~'."'")) whap('Illegal File name', "The file name $fn is not allowed."); // Get the permission file to see if we will allow this listing. $blk = @fopen('.listperm', 'r'); if(!$blk) whap('No Permission File', 'The script is unable to open the '. 'listing permission file. This is a sever-side error.'); // Now see if there is an entry which allows the listing. $grant = 0; $localonly = 0; while(! feof($blk)) { // Read a line and skip blanks and anything not starting with + or -. $bfn = trim(fgets($blk, 1024)); if(strlen($bfn) == 0 || ($bfn[0] != '+' && $bfn[0] != '-' && $bfn[0] != '@')) continue; // Extract the first character. $sign = $bfn[0]; $bfn = substr($bfn, 1); if(strlen($bfn) < 1) continue; // See if we have a match. if($fn == $bfn || ($bfn[strlen($bfn)-1] == '/' && strpos($fn, $bfn) === 0)) { $grant = ($sign != '-'); $localonly = ($sign == '@'); break; } } fclose($blk); if(!$grant) whap('Forbidden File', "The file $fn may not be listed."); if($localonly) { list($first) = explode('.', $_SERVER["REMOTE_ADDR"]); if($first != '10') whap('Local Only', "The file $fn is local access only."); } // The request can indicate the display type of a correct response. OTW, // text/plain. $type = 'plain'; if($_REQUEST['type']) $type = $_REQUEST['type']; // Okay, see if we can open the file itself. $tolist = @fopen($fn, 'r'); if(!$tolist) whap("Can't Read File", "Cannot read $fn."); // Output the file. if($type == 'fancy') { // Formated html page. $shortfn = strchr($fn, '/'); if(! $shortfn) $shortfn = $fn; else $shortfn = substr($shortfn, 1); // Document title. $title = $shortfn; if($_REQUEST['title']) $title = htmlspecialchars($_REQUEST['title']); // Download link. $link = $_SERVER['SCRIPT_NAME'] . "/$fn?type=bin"; if($_REQUEST['uplink']) start($title, $_REQUEST['uptitle'] ? $_REQUEST['uptitle'] : $_REQUEST['uplink'], $_REQUEST['uplink']); else start($title); echo <<[Download] END; if($_REQUEST['run']) { // Get the run parms from the request. $args = urldecode($_REQUEST['run']); if($args == 'Y') $args = ''; else if($args[0] != '/') { $args = str_ireplace(array('<','>','onerror'), '', $args); $args = "?$args"; } // Get the run URL. $rurl = preg_replace('#dump.php$#', $fn, $_SERVER['SCRIPT_NAME']); echo "   [". 'Execute]'; } echo "
";
	while(! feof($tolist))
		echo htmlspecialchars(expand(depass(fgets($tolist, 1024))));
	echo "
"; trats(); } else if($type == 'bin') { // Binary download. header("Content-type: text/plain"); header('Content-Disposition: attachment; filename="' . basename($fn) . '"'); while(! feof($tolist)) echo depass(fgets($tolist, 1024)); } else if($type == 'plain') { // Plain text. header("Content-type: text/plain"); while(! feof($tolist)) echo expand(depass(fgets($tolist, 1024))); } fclose($tolist); ?>