git://git.jankratochvil.net / nethome.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
REMOTE_ADDR permit: +192.168.192.1,192.168.90.11
[nethome.git] / public_html / cgi-bin / postget.php
1 <?php
2         $getget=isset($HTTP_GET_VARS["_getget"]);
3         $wherename=($getget ? "_getget" : "_postget");
4         $where=$HTTP_GET_VARS[$wherename];
5         unset($HTTP_GET_VARS[$wherename]);
6
7         foreach ($HTTP_GET_VARS as $key=>$val) {
8                 if (ereg("^_priv_(postget.*)\$",$val,$matched)) {
9                         $permit=array("127.0.0.1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1);
10                         if (!$permit[$HTTP_SERVER_VARS["REMOTE_ADDR"]])
11                                 print("Forbidden:"
12                                                 ." REMOTE_ADDR=".htmlspecialchars($HTTP_SERVER_VARS["REMOTE_ADDR"])
13                                                 .",key=".htmlspecialchars($key)
14                                                 .",val=".htmlspecialchars($val)
15                                                 ."<br />"
16                                                 );
17                         else
18                                 $HTTP_GET_VARS[$key]=chop(join(" ",file("/home/short/priv/".$matched[1],false/*use_include_path*/)));
19                         }
20                 }
21
22         if ($getget) {
23                 $first='?';
24                 foreach ($HTTP_GET_VARS as $key=>$val) {
25                         $where.="${first}".urlencode($key)."=".urlencode($val);
26                         $first='&';
27                         }
28                 header("Location: $where");
29                 }
30         header("Content-type: text/html");
31         print('<?xml version="1.0" encoding="iso-8859-1"?>'."\n");
32 ?>
33 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
34 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
35 <head><title>postget</title></head>
36 <?php
37
38         if ($getget) {
39                 print(""
40                                 ."<body onload=\"window.location.href=document.links[0].href;\"><p>\n"
41                                 ."<a href=\"".htmlspecialchars($where)."\">get</a>\n"
42                                 ."</p></body>\n");
43                 }
44         else {
45                 print(""
46                                 ."<body onload=\"document.forms[0].submit();\">\n"
47                                 ."<form action=\"".htmlspecialchars($where)."\" method=\"post\"><p>\n");
48                 foreach ($HTTP_GET_VARS as $key=>$val)
49                         print("<input type=\"hidden\" name=\"".htmlspecialchars($key)."\" value=\"".htmlspecialchars($val)."\" />\n");
50                 print("<input type=\"submit\" />\n");
51                 print("</p></form></body>\n");
52                 }
53
54 ?>
55 </html>
Unnamed repository; edit this file 'description' to name the repository.