X-Git-Url: https://git.jankratochvil.net/?p=nethome.git;a=blobdiff_plain;f=public_html%2Fcgi-bin%2Fpostget.php;h=2975031f16d704fa1b04cbb5d07c416f9cdef1e5;hp=244f682cb1e04c83a2d1b65a65cbb5c8a3d06daf;hb=1318b941b2543ab09257b9b6d814bc087c1941da;hpb=951fcecb34c766ab1330f88efa8dd095618c0bf6
diff --git a/public_html/cgi-bin/postget.php b/public_html/cgi-bin/postget.php
index 244f682..2975031 100644
--- a/public_html/cgi-bin/postget.php
+++ b/public_html/cgi-bin/postget.php
@@ -1,27 +1,32 @@
$val) {
+ foreach ($_REQUEST as $key=>$val) {
if (ereg("^_priv_(postget.*)\$",$val,$matched)) {
- $permit=array("127.0.0.1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1);
- if (!$permit[$HTTP_SERVER_VARS["REMOTE_ADDR"]])
+ $permit=array("127.0.0.1"=>1,"::1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1,"192.168.90.12"=>1);
+ if (!$permit[$_SERVER["REMOTE_ADDR"]])
print("Forbidden:"
- ." REMOTE_ADDR=".htmlspecialchars($HTTP_SERVER_VARS["REMOTE_ADDR"])
+ ." REMOTE_ADDR=".htmlspecialchars($_SERVER["REMOTE_ADDR"])
.",key=".htmlspecialchars($key)
.",val=".htmlspecialchars($val)
."
"
);
+ elseif ($matched[1]=="postget.time()") {
+ // At least 2 - time slip?
+ $_REQUEST[$key]=time()-131-60;
+ }
else
- $HTTP_GET_VARS[$key]=chop(join(" ",file("/home/short/priv/".$matched[1],false/*use_include_path*/)));
+ $_REQUEST[$key]=chop(join(" ",file($path_priv.$matched[1],false/*use_include_path*/)));
}
}
if ($getget) {
$first='?';
- foreach ($HTTP_GET_VARS as $key=>$val) {
+ foreach ($_REQUEST as $key=>$val) {
$where.="${first}".urlencode($key)."=".urlencode($val);
$first='&';
}
@@ -45,7 +50,7 @@
print(""
."