I have this code that works but i need to know how to stop it from going beyond one directory lower than admin it is obviously part of a larger script however i cannot work out how to stop it navigating beyond the base directory
<?php
if (isset($HTTP_GET_VARS['fmdir'])){
$thefmdir = $HTTP_GET_VARS['fmdir'];
if (isset($HTTP_GET_VARS['fmfile'])){
$thefmfile = $HTTP_GET_VARS['fmfile'];
if (file_exists(".".$thefmdir."/".$thefmfile)){
if (isset($HTTP_GET_VARS['fmmode'])){
$fmfile = file_get_contents(".".$thefmdir."/".$thefmfile);
$fmmode=$HTTP_GET_VARS['fmmode'];
if (($fmmode !="edit") && ($fmmode !="view") &&($fmmode !="delete")){
echo "Invalid configuration mode!";
}
if (($fmmode =="edit") && ($fmmode =="view") &&($fmmode =="delete")){
echo "Cannot use more than one mode at once!";
}
if ($fmmode =="edit"){
echo "<center><br>\r\n";
if (!isset($_POST['updateddoc'])){
echo "<form method=POST action=".$myfullurl.">";
echo "<p><textarea rows=30 name=updateddoc cols=80>\r\n".$fmfile."\r\n</textarea></p>";
echo "<p><input type=submit value=Save name=B1><input type=reset value=Reset name=B2></p>";
echo "</form>";
}
if (isset($_POST['updateddoc'])){
$updatedfile = ($_POST['updateddoc']);
$fp = fopen(".".$thefmdir."/".$thefmfile, "w+");
fwrite($fp, $updatedfile);
fclose($fp);
echo "Configuration File Updated Click <a href=".$myfullurl.">here</a> to continue";
}
echo "</center><br>\r\n";
}
if ($fmmode =="view"){
echo "<center>\r\n<br>\r\n";
echo "<textarea rows=30 cols=80>\r\n".$fmfile."\r\n</textarea>\r\n";
echo "</center>\r\n<br>\r\n";
}
if ($fmmode =="delete"){
unlink(".".$thefmdir."/".$thefmfile);
echo "<center>\r\n<br>\r\n";
echo "Configuration File ".$thefmfile." Deleted Click <a href=".$_SERVER['HTTP_REFERER'].">here</a> to continue";
echo "</center>\r\n<br>\r\n";
}
}
if (!isset($HTTP_GET_VARS['fmmode'])){
echo "no mode specified";
}
}
if ((!file_exists(".".$thefmdir."/".$thefmfile)) && ($HTTP_GET_VARS['fmmode'] !=delete)){
echo "this is an invalid configuration file";
}
}
if (!isset($HTTP_GET_VARS['fmfile'])){
echo "<center>\r\n";
$fmabsolute_path = ".".$thefmdir;
$fmdir = opendir($fmabsolute_path);
while ($file = readdir($fmdir)){
if ((is_dir($fmabsolute_path."/".$file)) && ($file !=".") && ($file !="..")) {
$fmdirlist .= "<a href=".$myfullurl."/".$file.">".$file."</a>\r\n<br>\r\n";
}
if ($file =="..") {
$httpref = getenv ("HTTP_REFERER");
$fmdirlist .= "<a href=".$httpref.">".$file."</a>\r\n<br>\r\n";
}
if (is_file($fmabsolute_path."/".$file)) {
$fmfilelist .= $file."<a href=".$myfullurl."&fmfile=".$file."&fmmode=edit>[Edit]</a>\r\n"
."<a href=".$myfullurl."&fmfile=".$file."&fmmode=view>[View]</a>\r\n"
."<a href=".$myfullurl."&fmfile=".$file."&fmmode=delete>[Delete]</a><br>\r\n";
}
}
// $modulelist can be outputted in any format here or put into a custom format above
echo $fmdirlist;
echo $fmfilelist;
echo "</center>\r\n";
}
}
if (!isset($HTTP_GET_VARS['fmdir'])){
if (isset($HTTP_GET_VARS['fmfile'])){
$thefmfile = $HTTP_GET_VARS['fmfile'];
if (file_exists($thefmfile)){
if (isset($HTTP_GET_VARS['fmmode'])){
$fmfile = file_get_contents($thefmfile);
$fmmode=$HTTP_GET_VARS['fmmode'];
if (($fmmode !="edit") && ($fmmode !="view") &&($fmmode !="delete")){
echo "Invalid configuration mode!";
}
if (($fmmode =="edit") && ($fmmode =="view") &&($fmmode =="delete")){
echo "Cannot use more than one mode at once!";
}
if ($fmmode =="edit"){
echo "<center><br>\r\n";
if (!isset($_POST['updateddoc'])){
echo "<form method=POST action=".$myfullurl.">";
echo "<p><textarea rows=30 name=updateddoc cols=80>\r\n".$fmfile."\r\n</textarea></p>";
echo "<p><input type=submit value=Save name=B1><input type=reset value=Reset name=B2></p>";
echo "</form>";
}
if (isset($_POST['updateddoc'])){
$updatedfile = ($_POST['updateddoc']);
$fp = fopen($thefmfile, "w+");
fwrite($fp, $updatedfile);
fclose($fp);
echo "Configuration File Updated Click <a href=".$myfullurl.">here</a> to continue";
}
echo "</center><br>\r\n";
}
if ($fmmode =="view"){
echo "<center>\r\n<br>\r\n";
echo "<textarea rows=30 cols=80>\r\n".$fmfile."\r\n</textarea>\r\n";
echo "</center>\r\n<br>\r\n";
}
if ($fmmode =="delete"){
unlink($thefmfile);
echo "<center>\r\n<br>\r\n";
echo "Configuration File ".$thefmfile." Deleted Click <a href=".$_SERVER['HTTP_REFERER'].">here</a> to continue";
echo "</center>\r\n<br>\r\n";
}
}
if (!isset($HTTP_GET_VARS['fmmode'])){
echo "no mode specified";
}
}
if ((!file_exists($thefmfile)) && ($HTTP_GET_VARS['fmmode'] !=delete)){
echo "this is an invalid configuration file";
}
}
if (!isset($HTTP_GET_VARS['fmfile'])){
echo "<center>\r\n";
$fmabsolute_path = ".";
$fmdir = opendir($fmabsolute_path);
while ($file = readdir($fmdir)){
if ((is_dir($file)) && ($file !=".") && ($file !="..")){
$fmdirlist .= "<a href=".$myfullurl."&fmdir=/".$file.">".$file."</a>\r\n<br>\r\n";
}
if (is_file($file)) {
$fmfilelist .= $file."<a href=".$myfullurl."&fmfile=".$file."&fmmode=edit>[Edit]</a>\r\n"
."<a href=".$myfullurl."&fmfile=".$file."&fmmode=view>[View]</a>\r\n"
."<a href=".$myfullurl."&fmfile=".$file."&fmmode=delete>[Delete]</a><br>\r\n";
}
}
// $modulelist can be outputted in any format here or put into a custom format above
echo $fmdirlist;
echo $fmfilelist;
echo "</center>\r\n";
}
}
?>
i have had a thought that i do not know how to implement
basically an if statement so if the document variable $thefmdir = /whateverdir/.. then it would not echo reurn the .. on the page i think i may have typed the code wrong tho heres what i have so far
if (preg_match("./(.*)/..",$fmabsoute_path)){
//just tell it not to display the file with
if ($file ==".."){
}
}
I am running php 4.3.9 and apache 1.3.xxx
any ideas on modifying the code or getting preg_match statement to work😃
