-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathget.php
More file actions
executable file
·147 lines (124 loc) · 4.11 KB
/
get.php
File metadata and controls
executable file
·147 lines (124 loc) · 4.11 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
<?php
$full_path = urldecode($_GET["p"]);
if ($full_path == '..' || strpos($full_path, '../') === 0 || strpos($full_path, '/../') !== false) die("don't be smart you are not allowed what you are trying to do.");
// echo getcwd() . DIRECTORY_SEPARATOR . $full_path;
if(!is_file(getcwd() . DIRECTORY_SEPARATOR . $full_path)) die("file is not exists");
//functions
/**
* get full path to file .md5 or /md5sum
* @param string $name filename without ext
* @return mixed
*/
function getMD5File($name){
global $path;
$ext = array("md5", "md5sum");
$base = getcwd() . DIRECTORY_SEPARATOR . $path;
$exts = array_filter($ext, function($e)use($name, $base){
$pathToFile = $base . DIRECTORY_SEPARATOR . $name . "." . $e;
// var_dump($pathToFile);
return (is_file($pathToFile));
});
if(empty($exts)) return false;
$ext = array_shift($exts);
return $base . DIRECTORY_SEPARATOR . $name . "." . $ext;
}
/**
* Return md5 if file exist
* @return mixed
*/
function getMD5(){
global $file;
$path = getMD5File($file);
if($path == false) return;
$content = array_shift(file($path));
return array_shift(explode(" ", $content));
}
/**
* return changeLog if file exists
* @return mixed
*/
function getChangeLog(){
global $file, $path;
$chLogPath = getcwd() . DIRECTORY_SEPARATOR . $path . DIRECTORY_SEPARATOR . $file . ".changelog";
return (is_file($chLogPath)) ? file_get_contents($chLogPath) : null;
}
//prepare variables
$temp = explode("/", $full_path);
$file = array_pop($temp);
$path = implode("/", $temp);
//geting filename
$temp = explode(".", $file);
$name = array_shift($temp);
//get additional info
$md5 = getMD5();
$changeLog = getChangeLog();
?>
<?php
/**
* Header
*/
print "<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.1//EN' 'http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en'>
<head>
<title>Details of /" .$full_path. "</title>
<style type='text/css'>
a, a:active {text-decoration: none; color: blue;}
a:visited {color: #48468F;}
a:hover, a:focus {text-decoration: underline; color: red;}
body {background-color: #F5F5F5; text-align: center}
h2 {margin-bottom: 12px;}
table {margin-left: 12px;}
th, td { font-family: 'Courier New', Courier, monospace; font-size: 10pt; text-align: left;}
th { font-weight: bold; padding-right: 14px; padding-bottom: 3px;}
td {padding-right: 14px;}
td.s, th.s {text-align: right;}
div.list { background-color: white; border-top: 1px solid #646464; border-bottom: 1px solid #646464; padding-top: 10px; padding-bottom: 14px;}
div.foot, div.script_title { font-family: 'Courier New', Courier, monospace; font-size: 10pt; color: #787878; padding-top: 4px;}
div.script_title {float:right;text-align:right;font-size:8pt;color:#999;}
textarea {width:640px; height:400px}
a.download{font-size: 20px; margin-bottom: 20px; display: block}
div.md5{margin-bottom: 10px}
div.md5 span{color: black}
</style>
</head>
<body>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-26888993-2', 'shantur.com');
ga('require', 'linkid', 'linkid.js');
ga('send', 'pageview', '/get.php?p=" . $full_path . "');
</script>";
?>
<?php
/**
* Content
*/
?>
<h2>File : <?php echo DIRECTORY_SEPARATOR . $full_path;?></h2>
<a class="download" href="/<?php echo $full_path;?>" onClick=\"ga('send', 'pageview', '<?php echo DIRECTORY_SEPARATOR . $full_path; ?>');\"?>Download</a>
<?php if($md5):?>
<div class="md5">
<span>MD5:</span> <?php echo $md5?>
</div>
<?php endif?>
<?php if($changeLog):?>
<div class="md5">
<span>Changelog</span>
</div>
<textarea><?php echo $changeLog?></textarea>
<?php endif?>
<a href="<?php echo DIRECTORY_SEPARATOR . $path?>" style="display:block;">back</a>
<?php
/**
* Footer
*/
// Print ending stuff
print "
<div class='foot'>". $_ENV['SERVER_SOFTWARE'] . "</div>
</body>
</html>";
?>