code/viewer.php
<!--
PobCode
Copyright 2022 Fabio DM <fadimatteo@gmail.com>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
MA 02110-1301, USA.
-->
<?php
require("conf.php");
$projectName=$_GET['p'];
$file=$ProjectsRoot.'/'.$projectName;
$realPath=realpath($ProjectsRoot.'/'.$projectName);
if (strpos($realPath, $ProjectsRoot) === FALSE)
{
echo 'Ops you are bad!';
die();
}
if(! isset($_GET['p']))
{
echo "Ops...";
die();
}
if (realpath($ProjectsRoot.'/'.$projectName)==false)
{
echo "Ops...file not found!";
die();
}
if(empty($_GET['p']))
{
echo "Ops...";
die();
}
if (strpos($projectName, '..') !== false)
{
echo "Ops...";
die();
}
if (strpos($projectName, './') !== false)
{
echo "Ops...";
die();
}
if (strpos($projectName, ',') !== false)
{
echo "Ops...";
die();
}
include ('header.php');
?>
<script type="text/javascript">
offset=160;
jQuery(function(){
$("textarea").height( $(window).height() - offset );
$(window).bind('ready resize ', function() {
$("textarea").height( $(window).height() - offset );
console.log("Resize...");
});
});
</script>
<div id="main" class="container">
<p class="h1"><?php echo $projectName ?></p>
<hr/>
<div class="container" style="margin-bottom:10px">
<a class="btn btn-success" href="index.php" role="button">Home</a>
<a class="btn btn-success" href="javascript:window.history.back()" role="button">Back</a>
</div>
<?php
$imgType = array("bmp", "png", "jpg","jpeg","gif");
$textType= array('txt','c','cc','cpp','py','rb','js', 'css', 'html','php','','md','bat','conf','pob','sh','xml','build','desktop','xpm');
$ext = pathinfo($file, PATHINFO_EXTENSION);
if (in_array($ext,$imgType))
{
echo '<img src="'.$weburl.'/'.$projectName.'" />';
}elseif (in_array($ext,$textType)||$projectName[0]=='.')
{
echo '<pre class="container" ><code>';
echo highlight_file($file,true);
echo '</code></pre>';
}else{
echo '<script>
window.open("'.$weburl.'/'.$projectName.'", "_blank");
window.history.back();
</script>';
}
?>
</div>
<?php include('footer.php');?>
</body>
</html>