-
Notifications
You must be signed in to change notification settings - Fork 0
/
pageretriever.php
77 lines (65 loc) · 1.71 KB
/
pageretriever.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?php
function getFileToInclude(string $requestUri)
{
$includePath = substr($requestUri, 1);
if (file_exists($includePath))
{
return $includePath;
}
$questionMarkPos = strpos($includePath, '?');
if ($questionMarkPos === false)
{
return '';
}
$filePath = substr($includePath, 0, $questionMarkPos);
$queryString = substr($requestUri, $questionMarkPos + 2);
$queryParts = explode('&', $queryString);
$newParts = [];
foreach ($queryParts as $queryPart)
{
$keyAndValue = explode('=', $queryPart);
if ($keyAndValue[0] !== 's')
{
$newParts[] = $queryPart;
}
}
$includePath = $filePath . '?' . implode('&', $newParts);
if (file_exists($includePath))
{
return $includePath;
}
return $filePath;
}
$requestUri = $_SERVER['REQUEST_URI'];
//echo var_dump($_GET);
$parts = explode('/', $requestUri);
foreach ($parts as $part)
{
if (strpos($part, '..') !== false)
die('t');
}
$last = end($parts);
$lastParts = explode('?', $last);
$origFile = $lastParts[0] ?? '';
$queryString = $lastParts[1] ?? '';
if (substr($origFile, -4) !== '.php')
die('e');
$includePath = getFileToInclude($requestUri);
if ($includePath === '')
{
http_response_code(404);
echo 'File not found. Might not have been archived!';
exit(1);
}
if (!file_exists($includePath))
{
http_response_code(404);
echo 'File ' . $includePath . ' not found. Might not have been archived!';
exit(1);
}
$contents = file_get_contents($includePath);
$contents = strtr($contents, [
'www.rctmart.com' => 'rctmart.rctspace.com',
'//rollercoastertycoon.com' => '//rctmart.rctspace.com',
]);
echo $contents;