Now also _getget method supported (for _priv_postget* password fields)

diff --git a/public_html/cgi-bin/postget.php b/public_html/cgi-bin/postget.php
index a95466a..bc49678 100644 (file)
--- a/public_html/cgi-bin/postget.php
+++ b/public_html/cgi-bin/postget.php
@@ -1,14 +1,9 @@
 <?php
-       header("Content-type: text/html");
-       print('<?xml version="1.0" encoding="iso-8859-1"?>'."\n");
-?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-<head><title>postget</title></head><body onload="document.forms[0].submit();">
-<?php
+       $getget=isset($HTTP_GET_VARS["_getget"]);
+       $wherename=($getget ? "_getget" : "_postget");
+       $where=$HTTP_GET_VARS[$wherename];
+       unset($HTTP_GET_VARS[$wherename]);
 
-       print("<form action=\"".htmlspecialchars($HTTP_GET_VARS["_postget"])."\" method=\"post\"><p>\n");
-       unset($HTTP_GET_VARS["_postget"]);
        foreach ($HTTP_GET_VARS as $key=>$val) {
                if (ereg("^_priv_(postget.*)\$",$val,$matched)) {
                        if ($HTTP_SERVER_VARS["REMOTE_ADDR"]!="127.0.0.1")
@@ -19,12 +14,41 @@
                                                ."<br />"
                                                );
                        else
-                               $val=chop(join(" ",file("/home/short/priv/".$matched[1],false/*use_include_path*/)));
+                               $HTTP_GET_VARS[$key]=chop(join(" ",file("/home/short/priv/".$matched[1],false/*use_include_path*/)));
+                       }
+               }
+
+       if ($getget) {
+               $first='?';
+               foreach ($HTTP_GET_VARS as $key=>$val) {
+                       $where.="${first}$key=$val";
+                       $first='&';
                        }
-               print("<input type=\"hidden\" name=\"".htmlspecialchars($key)."\" value=\"".htmlspecialchars($val)."\" />\n");
+               header("Location: $where");
+               }
+       header("Content-type: text/html");
+       print('<?xml version="1.0" encoding="iso-8859-1"?>'."\n");
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head><title>postget</title></head>
+<?php
+
+       if ($getget) {
+               print(""
+                               ."<body onload=\"window.location.href=document.links[0].href;\"><p>\n"
+                               ."<a href=\"".htmlspecialchars($where)."\">get</a>\n"
+                               ."</p></body>\n");
+               }
+       else {
+               print(""
+                               ."<body onload=\"document.forms[0].submit();\">\n"
+                               ."<form action=\"".htmlspecialchars($where)."\" method=\"post\"><p>\n");
+               foreach ($HTTP_GET_VARS as $key=>$val)
+                       print("<input type=\"hidden\" name=\"".htmlspecialchars($key)."\" value=\"".htmlspecialchars($val)."\" />\n");
+               print("<input type=\"submit\" />\n");
+               print("</p></form></body>\n");
                }
-       print("<input type=\"submit\" />\n");
-       print("</p></form>\n");
 
 ?>
-</body></html>
+</html>