<?php
/* showsource.php
* Author : Nasir Simbolon <nasir@3wsi.com>,<http://debian.3wsi.net>
* From The cave 16th fl, World Trade Center, Jl. Jend. Sudirman
* Jakarta, Indonesia
*
*/
//set base directorys where is the file you want to show its source code.
unset($basedir);
$basedir[0]="/home/nasir/htdocs/";
$basedir[1]="/home/nasir/phpreactor1/";
//set your url here
$urlcore="http://debian.3wsi.net";
//set name of file that you dont want to view
//eg. file that contain account password in RDBMS
//separate file with '|' (for the purpose of RE)
$forbiddenfile="db.inc.php|investoz-apartment.inc.php|investoz-global.conf.php";
//get the name of this script
$temp=explode("/",getenv("SCRIPT_NAME"));
$thisscript=$temp[count($temp)-1];
echo "<br><br><center><a href=$urlcore/showsource.php?code=$thisscript>show this source</a></center><br><br>";
//security : replace name file that beginning with ../
$code=ereg_replace("(..)+","",$code);
echo "<hr>";
echo "<center>source code of $code</center><br>";
if(ereg($forbiddenfile,$code)) {
echo "The file that you want to show the source is not allowed";
exit;
}
//set flag
$fileexist=0;
//cek if file exist
for($idx=0;$idx<count($basedir);$idx++) {
if(file_exists($basedir[$idx].$code)) {
$filename=$basedir[$idx].$code;
$fileexist=1;
}
}
if($fileexist) {
//begin output buffering
ob_start();
show_source($filename);
//get content from buffer
$text = ob_get_contents();
ob_end_clean();
//create link to show source the file that included or requere in those file
$text=ereg_replace("([_a-zA-Z0-9-]+)+/([_a-zA-Z0-9-]+.)+php","<a href=$urlcore/showsource.php?code=\0>\0</a>",$text);
echo $text;
}
else
echo "could not open file $code";
?>
|
|
Store
Your email: