Update file_read.php
This commit is contained in:
FusionPBX
GitHub
parent
428d1e624d
commit
e776984c1d
|
|
@ -38,18 +38,83 @@
|
|||
exit;
|
||||
}
|
||||
|
||||
//get the file name
|
||||
//get the directory
|
||||
if (!isset($_SESSION)) { session_start(); }
|
||||
switch ($_SESSION["app"]["edit"]["dir"]) {
|
||||
case 'scripts':
|
||||
$edit_directory = $_SESSION['switch']['scripts']['dir'];
|
||||
break;
|
||||
case 'php':
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].'/'.PROJECT_PATH;
|
||||
break;
|
||||
case 'grammer':
|
||||
$edit_directory = $_SESSION['switch']['grammar']['dir'];
|
||||
break;
|
||||
case 'provision':
|
||||
switch (PHP_OS) {
|
||||
case "Linux":
|
||||
if (file_exists('/etc/fusionpbx/resources/templates/provision')) {
|
||||
$edit_directory = '/etc/fusionpbx/resources/templates/provision';
|
||||
}
|
||||
else {
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
}
|
||||
break;
|
||||
case "FreeBSD":
|
||||
if (file_exists('/usr/local/etc/fusionpbx/resources/templates/provision')) {
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
}
|
||||
else {
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
}
|
||||
break;
|
||||
case "NetBSD":
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
break;
|
||||
case "OpenBSD":
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
break;
|
||||
default:
|
||||
$edit_directory = $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/resources/templates/provision/";
|
||||
}
|
||||
break;
|
||||
case 'xml':
|
||||
$edit_directory = $_SESSION['switch']['conf']['dir'];
|
||||
break;
|
||||
}
|
||||
if (!isset($edit_directory)) {
|
||||
foreach ($_SESSION['editor']['path'] as $path) {
|
||||
if ($_SESSION["app"]["edit"]["dir"] == $path) {
|
||||
$edit_directory = $path;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//set the file variable
|
||||
$file_name = $_POST["file"];
|
||||
|
||||
//remove attempts to change the directory
|
||||
$file_name = str_replace('..', '', $file_name);
|
||||
$file_name = str_replace ("\\", "/", $file_name);
|
||||
|
||||
//get the contents of the file
|
||||
$handle = fopen($file_name, "r");
|
||||
if ($handle) {
|
||||
while (!feof($handle)) {
|
||||
$buffer = fgets($handle, 4096);
|
||||
echo $buffer;
|
||||
//break the path into an array
|
||||
$path_array = pathinfo($file_name);
|
||||
$path_prefix = substr($path_array['dirname'], 0, strlen($edit_directory));
|
||||
|
||||
//validate the path
|
||||
if ($path_prefix == $edit_directory) {
|
||||
|
||||
//get the contents of the file
|
||||
$handle = fopen($file_name, "r");
|
||||
if ($handle) {
|
||||
while (!feof($handle)) {
|
||||
$buffer = fgets($handle, 4096);
|
||||
echo $buffer;
|
||||
}
|
||||
fclose($handle);
|
||||
}
|
||||
fclose($handle);
|
||||
|
||||
}
|
||||
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue