<?php
function files_in_directory($directory)
{
$get_examples = opendir($directory);
$return = array();
while ($file = readdir($get_examples))
{
if (substr($file, '-4') == '.php')
array_push($return, $directory . '/' . $file);
}
return $return;
}
$allowed_files = array(
"index.php",
"lectures/index.php",
"view-source.php",
"source.php"
);
$allowed_files = array_merge($allowed_files, files_in_directory('examples/php'));
$allowed_files = array_merge($allowed_files, files_in_directory('examples/mysql'));
$allowed_files = array_merge($allowed_files, files_in_directory('examples/ajax'));
$allowed_files = array_merge($allowed_files, files_in_directory('examples/libraries'));
$allowed_files = array_merge($allowed_files, files_in_directory('examples/security'));
$allowed_files = array_merge($allowed_files, files_in_directory('examples/templates'));
$base_url = "/srv/qxlp.net/public_html/cs337/";
$allowed_files = array_map(
function($url) {
global $base_url;
return $base_url . $url;
}, $allowed_files
);
if (!in_array($_GET['file'], $allowed_files))
die('Invalid file.');
$source = file_get_contents($_GET['file']);
$display_filename = substr($_GET['file'], strlen($base_url));
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css"></link>
<title>Source of <?=$_GET['file']?></title>
</head>
<body>
<h3><a href="/cs337/">CSc 337 - Web Programming</a>
> <a href="/cs337/<?=$display_filename?>"><?=$display_filename?></a>
> Source</h3>
<hr/>
<?=highlight_string($source,true)?>
<? include("source.php"); ?>
</body>
</html>