File Lister
PHP Code Examples<?php
// This lists the indicated file, in one of various styles.
include("leccode/util.inc");
// Expand tabs. There has got to be standard version of this, but I can't
// find it.
function expand($st)
{
$ret = '';
while($st != '') {
$ch = $st[0];
$st = substr($st,1);
if($ch == '\t')
$ret .= substr(' ', strlen($ret) % 8);
else
$ret .= $ch;
}
return $ret;
}
// Substitute password in pg_connect statement.
function depass($line)
{
return preg_replace('/(pg_connect\s*\(' .
'[^(]*password\s*=\s*)([a-zA-Z0-9_\-+=@%&]*)/',
'$1XXXX', $line);
}
$fn = $_SERVER['PATH_INFO'];
if(! $fn)
whap('No file specified', "You must specify a file to list");
// Check that the file name form
while($fn[0] == '/') $fn = substr($fn,1);
if($fn[0] == '.' || strstr($fn, '..') ||
strlen($fn) != strcspn($fn,'"\?*:@|<>`~'."'"))
whap('Illegal File name', "The file name $fn is not allowed.");
// Get the permission file to see if we will allow this listing.
$blk = @fopen('.listperm', 'r');
if(!$blk)
whap('No Permission File', 'The script is unable to open the '.
'listing permission file. This is a sever-side error.');
// Now see if there is an entry which allows the listing.
$grant = 0;
$localonly = 0;
while(! feof($blk)) {
// Read a line and skip blanks and anything not starting with + or -.
$bfn = trim(fgets($blk, 1024));
if(strlen($bfn) == 0 || ($bfn[0] != '+' &&
$bfn[0] != '-' && $bfn[0] != '@'))
continue;
// Extract the first character.
$sign = $bfn[0];
$bfn = substr($bfn, 1);
if(strlen($bfn) < 1) continue;
// See if we have a match.
if($fn == $bfn || ($bfn[strlen($bfn)-1] == '/' &&
strpos($fn, $bfn) === 0)) {
$grant = ($sign != '-');
$localonly = ($sign == '@');
break;
}
}
fclose($blk);
if(!$grant)
whap('Forbidden File', "The file $fn may not be listed.");
if($localonly) {
list($first) = explode('.', $_SERVER["REMOTE_ADDR"]);
if($first != '10')
whap('Local Only', "The file $fn is local access only.");
}
// The request can indicate the display type of a correct response. OTW,
// text/plain.
$type = 'plain';
if($_REQUEST['type']) $type = $_REQUEST['type'];
// Okay, see if we can open the file itself.
$tolist = @fopen($fn, 'r');
if(!$tolist)
whap("Can't Read File", "Cannot read $fn.");
// Output the file.
if($type == 'fancy') {
// Formated html page.
$shortfn = strchr($fn, '/');
if(! $shortfn) $shortfn = $fn;
else $shortfn = substr($shortfn, 1);
// Document title.
$title = $shortfn;
if($_REQUEST['title']) $title = htmlspecialchars($_REQUEST['title']);
// Download link.
$link = $_SERVER['SCRIPT_NAME'] . "/$fn?type=bin";
if($_REQUEST['uplink'])
start($title, $_REQUEST['uptitle'] ?
$_REQUEST['uptitle'] : $_REQUEST['uplink'],
$_REQUEST['uplink']);
else
start($title);
echo <<<END
<div style="width: 100%; text-align: center;">[<a
href="$link"><span class="ltxt">Download</span></a>]
END;
if($_REQUEST['run']) {
// Get the run parms from the request.
$args = urldecode($_REQUEST['run']);
if($args == 'Y') $args = '';
else if($args[0] != '/') {
$args = str_ireplace(array('<','>','onerror'), '', $args);
$args = "?$args";
}
// Get the run URL.
$rurl = preg_replace('#dump.php$#', $fn,
$_SERVER['SCRIPT_NAME']);
echo " [<a href=\"$rurl$args\">".
'<span class="ltxt">Execute</span></a>]';
}
echo "</div><tt><pre>";
while(! feof($tolist))
echo htmlspecialchars(expand(depass(fgets($tolist, 1024))));
echo "</pre></tt>";
trats();
} else if($type == 'bin') {
// Binary download.
header("Content-type: text/plain");
header('Content-Disposition: attachment; filename="' .
basename($fn) . '"');
while(! feof($tolist))
echo depass(fgets($tolist, 1024));
} else if($type == 'plain') {
// Plain text.
header("Content-type: text/plain");
while(! feof($tolist))
echo expand(depass(fgets($tolist, 1024)));
}
fclose($tolist);
?>