X-Git-Url: https://git.jankratochvil.net/?p=nethome.git;a=blobdiff_plain;f=public_html%2Fcgi-bin%2Fpostget.php;h=2975031f16d704fa1b04cbb5d07c416f9cdef1e5;hp=8ebabc756ad7b96a1a503ec613a8f195c1f7f9fa;hb=8bea06d29fc431ffa0c97d7e0870956c39ac675b;hpb=932ed3e52b2766c7ccc06a9c04b2d36055494e9b diff --git a/public_html/cgi-bin/postget.php b/public_html/cgi-bin/postget.php index 8ebabc7..2975031 100644 --- a/public_html/cgi-bin/postget.php +++ b/public_html/cgi-bin/postget.php @@ -1,28 +1,32 @@ $val) { + foreach ($_REQUEST as $key=>$val) { if (ereg("^_priv_(postget.*)\$",$val,$matched)) { - $permit=array("127.0.0.1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1,"192.168.90.12"=>1); - if (!$permit[$HTTP_SERVER_VARS["REMOTE_ADDR"]]) + $permit=array("127.0.0.1"=>1,"::1"=>1,"192.168.192.1"=>1,"192.168.90.11"=>1,"192.168.90.12"=>1); + if (!$permit[$_SERVER["REMOTE_ADDR"]]) print("Forbidden:" - ." REMOTE_ADDR=".htmlspecialchars($HTTP_SERVER_VARS["REMOTE_ADDR"]) + ." REMOTE_ADDR=".htmlspecialchars($_SERVER["REMOTE_ADDR"]) .",key=".htmlspecialchars($key) .",val=".htmlspecialchars($val) ."
" ); + elseif ($matched[1]=="postget.time()") { + // At least 2 - time slip? + $_REQUEST[$key]=time()-131-60; + } else - $HTTP_GET_VARS[$key]=chop(join(" ",file($path_priv.$matched[1],false/*use_include_path*/))); + $_REQUEST[$key]=chop(join(" ",file($path_priv.$matched[1],false/*use_include_path*/))); } } if ($getget) { $first='?'; - foreach ($HTTP_GET_VARS as $key=>$val) { + foreach ($_REQUEST as $key=>$val) { $where.="${first}".urlencode($key)."=".urlencode($val); $first='&'; } @@ -46,7 +50,7 @@ print("" ."\n" ."

\n"); - foreach ($HTTP_GET_VARS as $key=>$val) + foreach ($_REQUEST as $key=>$val) print("\n"); print("\n"); print("

\n");