Tristan/OWE
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

archive file access restricted to data directory

Browse Source
This commit is contained in:
Tristan Schneider 2020-12-13 21:46:05 +01:00
parent 5709e182c6
commit 1e575c3a7f
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
archiv.php
View File

@ -7,11 +7,15 @@
<body> <body>
<h1>One Word Each Archiv</h1> <h1>One Word Each Archiv</h1>
<p><a href="./">Startseite</a></p> <p><a href="./">Startseite</a></p>
<p class="sentences">
<?php <?php
$filename = $_REQUEST["file"]; $filename = $_REQUEST["file"];
if (strcmp(pathinfo($filename)["dirname"], ".") != 0) {
die("nur das echte Archiv ist hier erreichbar");
}
$content = file_get_contents("./data/".$filename) or die("ungültiger Dateiname"); $content = file_get_contents("./data/".$filename) or die("ungültiger Dateiname");
?>
<p class="sentences">
<?php
print($content); print($content);
?> ?>
</p> </p>