<?php if (isset($_GET['view'])) { if (substr($_GET['view'], 0, 2) != ".." && substr($_GET['view'], 0, 1) != "/" && $_GET['view'] != "./" && !stristr($_GET['view'], '../')) { $out = new FNOutput(); $out->viewFile($_GET['view']); } else { // someone is poking around where they shouldn't be echo "Don't hack my shit yo."; exit; } } else { if (isset($_GET['src'])) { if (substr($_GET['src'], 0, 2) != ".." && substr($_GET['src'], 0, 1) != "/" && $_GET['src'] != "./" && !stristr($_GET['src'], '../')) { $out = new FNOutput(); $out->showSource($_GET['src']); } else { // someone is poking around where they shouldn't be echo "Don't hack my shit yo."; exit; } } } ?> <ul id="root"> <?php // show file list $list = new FNFileList(); if (isset($_POST['sstring'])) { $t = $_POST['sstring']; $sstring = ereg_replace("[\\'\")(;|`,<>]", "", $t);
function getDirList($dir) { $this->folders = $this->getFolderArray($dir); $this->files = $this->getFilesArray($dir); $out = new FNOutput(); $out->html .= $out->folderList($this->folders); $out->html .= $out->fileList($this->files); $out->sendOutput(); }