error_reporting(0); /* Locate images folder outside of webroot */ define('BITBUCKET_DIR', DIRECTORY_SEPARATOR . 'var' . DIRECTORY_SEPARATOR . 'bucket'); // /path/to/bitbucket /* Sanity checking */ function valid_path($root, $input) { $fullpath = $root . $input; $fullpath = realpath($fullpath); $root = realpath($root); $rl = strlen($root); return $root != substr($fullpath, 0, $rl) ? NULL : $fullpath; } /* Process request */ if (isset($_SERVER['REQUEST_URI'])) { $image = valid_path(BITBUCKET_DIR, substr($_SERVER['REQUEST_URI'], strlen($_SERVER['SCRIPT_NAME']))); if (!(($pi = pathinfo($image)) && preg_match('#^(jpg|jpeg|gif|png)$#i', $pi['extension']) && $image && is_file($image))) { die('^_^'); } $img['last_mod'] = filemtime($image); $img['date_fmt'] = 'D, d M Y H:i:s T'; $img['lm_date'] = date($img['date_fmt'], $img['last_mod']); $img['ex_date'] = date($img['date_fmt'], time() + 86400 * 7); $img['stop'] = false; if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { $img['since'] = explode(';', $_SERVER['HTTP_IF_MODIFIED_SINCE'], 2); $img['since'] = strtotime($img['since'][0]); if ($img['since'] == $img['last_mod']) { header($_SERVER['SERVER_PROTOCOL'] . ' 304 Not Modified'); $img['stop'] = true; }
} } function valid_path($path) { $p = explode('/', str_replace('\\', '/', $path)); foreach ($p as $pn) { if ($pn == '' || substr($pn, 0, 1) == '.') { return false; } } return true; } header('Content-Type: text/html; charset=utf-8'); print '<!DOCTYPE html><html><head>' . '<title>Source</title>' . "\n" . '<style type="text/css">/*<![CDATA[*/' . "\nhtml { background-color: #333; }\nbody { font-family: 'Trebuchet MS', serif; font-size: 0.9em; margin: 2em auto;\nwidth: 50em; padding: 2em; border: 3px solid #000; background-color: #EEE; }\na { color: blue; }\na:hover { color: #000033; }\n/*]]>*/</style></head>\n<body>\n"; if (isset($_GET['sauce'])) { if (!valid_path($_GET['sauce']) || !is_file($_GET['sauce'])) { print '<h1>YOR ISP MAC ADDRESS HAS BEEN REPORTING TO THE FBI!!!</h1>'; exit; } else { require_once '/home/ben/geshi/geshi.php'; $lang = ext($_GET['sauce']); switch ($lang) { case 'py': $lang = 'python'; break; } $geshi = new GeSHi(file_get_contents($_GET['sauce']), $lang); $geshi->set_header_type(GESHI_HEADER_PRE_VALID); $geshi->enable_classes(); //$geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS); $geshi->enable_keyword_links(false);