Beispiel #1
0

<?php 
if (isset($_GET['view'])) {
    if (substr($_GET['view'], 0, 2) != ".." && substr($_GET['view'], 0, 1) != "/" && $_GET['view'] != "./" && !stristr($_GET['view'], '../')) {
        $out = new FNOutput();
        $out->viewFile($_GET['view']);
    } else {
        // someone is poking around where they shouldn't be
        echo "Don't hack my shit yo.";
        exit;
    }
} else {
    if (isset($_GET['src'])) {
        if (substr($_GET['src'], 0, 2) != ".." && substr($_GET['src'], 0, 1) != "/" && $_GET['src'] != "./" && !stristr($_GET['src'], '../')) {
            $out = new FNOutput();
            $out->showSource($_GET['src']);
        } else {
            // someone is poking around where they shouldn't be
            echo "Don't hack my shit yo.";
            exit;
        }
    }
}
?>
 <ul id="root"> <?php 
// show file list
$list = new FNFileList();
if (isset($_POST['sstring'])) {
    $t = $_POST['sstring'];
    $sstring = ereg_replace("[\\'\")(;|`,<>]", "", $t);
Beispiel #2
0
 function getDirList($dir)
 {
     $this->folders = $this->getFolderArray($dir);
     $this->files = $this->getFilesArray($dir);
     $out = new FNOutput();
     $out->html .= $out->folderList($this->folders);
     $out->html .= $out->fileList($this->files);
     $out->sendOutput();
 }