X-Git-Url: https://git.jankratochvil.net/?a=blobdiff_plain;ds=sidebyside;f=public_html%2Fcgi-bin%2Fpostget.php;h=2975031f16d704fa1b04cbb5d07c416f9cdef1e5;hb=1318b941b2543ab09257b9b6d814bc087c1941da;hp=5d5e7d59eaa199ddf6d0302690542d906d438780;hpb=a6b490e7f3ea6e866d1786d6e6307f0ba462561e;p=nethome.git
diff --git a/public_html/cgi-bin/postget.php b/public_html/cgi-bin/postget.php
index 5d5e7d5..2975031 100644
--- a/public_html/cgi-bin/postget.php
+++ b/public_html/cgi-bin/postget.php
@@ -1,21 +1,60 @@
$val) {
+ if (ereg("^_priv_(postget.*)\$",$val,$matched)) {
+ $permit=array("127.0.0.1"=>1,"::1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1,"192.168.90.12"=>1);
+ if (!$permit[$_SERVER["REMOTE_ADDR"]])
+ print("Forbidden:"
+ ." REMOTE_ADDR=".htmlspecialchars($_SERVER["REMOTE_ADDR"])
+ .",key=".htmlspecialchars($key)
+ .",val=".htmlspecialchars($val)
+ ."
"
+ );
+ elseif ($matched[1]=="postget.time()") {
+ // At least 2 - time slip?
+ $_REQUEST[$key]=time()-131-60;
+ }
+ else
+ $_REQUEST[$key]=chop(join(" ",file($path_priv.$matched[1],false/*use_include_path*/)));
+ }
+ }
+
+ if ($getget) {
+ $first='?';
+ foreach ($_REQUEST as $key=>$val) {
+ $where.="${first}".urlencode($key)."=".urlencode($val);
+ $first='&';
+ }
+ header("Location: $where");
+ }
header("Content-type: text/html");
print(''."\n");
?>
-
\n"); - unset($HTTP_GET_VARS["_postget"]); - foreach ($HTTP_GET_VARS as $key=>$val) { - if (ereg("^_priv_(postget.*)\$",$val,$matched)) - $val=chop(join(" ",file("/home/short/priv/".$matched[1],false/*use_include_path*/))); - print("\n"); + if ($getget) { + print("" + ."
\n" + ."get\n" + ."
\n"); + } + else { + print("" + ."\n" + ."\n"); } - print("\n"); - print("\n"); ?> - +